last executing test programs: 4m41.599499332s ago: executing program 32 (id=5236): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001540)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020816c2500000000e12020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000006fd6850000002d000000850000002300000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10) mq_notify(0xffffffffffffffff, 0x0) 3m56.738190026s ago: executing program 33 (id=7670): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) connect$pppl2tp(r0, &(0x7f0000000280)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x1, 0x0, 0x1, 0x0, {0xa, 0x4e23, 0x5a, @private0={0xfc, 0x0, '\x00', 0x1}, 0x5}}}, 0x3a) 3m2.466819243s ago: executing program 34 (id=10406): r0 = syz_open_dev$loop(&(0x7f0000000580), 0x9, 0x121000) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) ioctl$IOC_PR_PREEMPT(r0, 0x401870cb, 0x0) 2m52.528142537s ago: executing program 35 (id=11567): r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000000)=0x40b, 0x4) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000c80)=ANY=[@ANYBLOB="58040000", @ANYRES16=r1, @ANYBLOB="010000200000fcdbdf25230000008c"], 0x458}, 0x1, 0x0, 0x0, 0x24000815}, 0x40048c0) 2m40.941827194s ago: executing program 7 (id=12114): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$TOKEN_CREATE(0x24, &(0x7f0000000180), 0x8) r0 = socket$inet(0x2, 0x3, 0x8) setsockopt$inet_int(r0, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) 2m40.923267424s ago: executing program 7 (id=12116): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) utime(&(0x7f0000000200)='./file0\x00', 0x0) 2m40.871438654s ago: executing program 7 (id=12120): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@dellinkprop={0x28, 0x6d, 0x1, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x25020, 0x1000}, [@IFLA_NET_NS_PID={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040883}, 0x4004080) 2m40.795972145s ago: executing program 7 (id=12124): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x40505330, &(0x7f0000000bc0)={0x800100, 0x0, 0x0, 0x724f, 0x0, 0x55a}) 2m40.776177085s ago: executing program 7 (id=12127): r0 = socket$unix(0x1, 0x2, 0x0) r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000200)=0x10) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 2m40.760271545s ago: executing program 7 (id=12128): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x10) utimes(&(0x7f0000000040)='./file0/file0\x00', 0x0) 2m24.637696491s ago: executing program 36 (id=12128): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x10) utimes(&(0x7f0000000040)='./file0/file0\x00', 0x0) 2m7.161716725s ago: executing program 8 (id=13381): r0 = syz_io_uring_setup(0x3bda, &(0x7f0000000b40)={0x0, 0xcfb6, 0x8, 0x5, 0xfffffff7}, &(0x7f0000000800)=0x0, &(0x7f0000000440)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x7ff, 0x6000}) io_uring_enter(r0, 0x1c3e, 0x1aa5, 0x0, 0x0, 0x1a) 2m7.161425005s ago: executing program 8 (id=13382): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800cfa010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1], 0xb4}}, 0x0) 2m7.104845026s ago: executing program 8 (id=13386): r0 = socket(0x10, 0x3, 0x9) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000013c0)={{0x14, 0x453, 0x1, 0x0, 0x0, {0x5}}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x40000) 2m7.037011236s ago: executing program 8 (id=13388): r0 = socket$can_bcm(0x1d, 0x2, 0x2) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'geneve1\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000000080)={0x1d, r2}, 0x10) 2m6.977395486s ago: executing program 8 (id=13393): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10) r1 = syz_create_resource$binfmt(&(0x7f0000000080)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff) 2m6.940115297s ago: executing program 8 (id=13395): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x0, 0x3}}]}}}]}, 0x78}}, 0x0) 2m6.44817172s ago: executing program 9 (id=13420): r0 = syz_io_uring_setup(0x4174, &(0x7f0000000780)={0x0, 0x4f5e, 0x10100, 0x0, 0x84}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x40, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1, {0x0, r3}}) io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0) 2m6.41020582s ago: executing program 9 (id=13422): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') pread64(r0, &(0x7f0000003200)=""/4140, 0x102c, 0x7) 2m6.3803267s ago: executing program 9 (id=13425): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) statx(0xffffffffffffff9c, 0x0, 0x100, 0x10, 0x0) 2m6.34317582s ago: executing program 9 (id=13426): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_PLIMIT={0x8, 0x1, 0xcf9}, @TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x7}]}}]}, 0x40}}, 0x0) 2m6.309639761s ago: executing program 9 (id=13428): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10) r1 = syz_create_resource$binfmt(&(0x7f0000000080)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff) 2m6.245714031s ago: executing program 9 (id=13442): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) 1m50.878103182s ago: executing program 37 (id=13395): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x0, 0x3}}]}}}]}, 0x78}}, 0x0) 1m49.999809858s ago: executing program 38 (id=13442): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) 41.422099138s ago: executing program 6 (id=17375): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]}) linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) 41.377953698s ago: executing program 6 (id=17377): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x140, 0x1, 0x3, 0x5, 0x0, 0x8, 0x5d, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01dfffffff0000000000210000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x800) 41.234747439s ago: executing program 6 (id=17384): perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x3, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1f, 0x11, &(0x7f0000000580)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc) 41.1429819s ago: executing program 6 (id=17387): perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0x3, 0xffff, 0x0, 0x0, 0xfffffffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000180)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES64, @ANYRES16=0x0], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=") syz_clone(0xc2000, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x0) creat(&(0x7f0000000100)='./bus\x00', 0x0) 40.917775471s ago: executing program 6 (id=17396): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700"}, 0x48, 0xfffffffffffffffe) keyctl$search(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0) 40.695867113s ago: executing program 6 (id=17404): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000400)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) sendto$inet6(r1, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0x2, 0x4e24, 0x0, @local}, 0x1c) 40.668359253s ago: executing program 39 (id=17404): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000400)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) sendto$inet6(r1, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0x2, 0x4e24, 0x0, @local}, 0x1c) 16.637864161s ago: executing program 0 (id=18067): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x9, 0x0, 0xc0000000}, {0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x58}}, 0x0) 16.532617841s ago: executing program 0 (id=18072): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r0}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000001400048008000140000000000800024000000b002c000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xb4}}, 0x0) 16.367852122s ago: executing program 0 (id=18076): sendmsg$NL80211_CMD_GET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000540)=ANY=[], 0x1c}}, 0x24044010) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x62981) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x800000, 0x0, 'queue1\x00', 0x2}) writev(r0, &(0x7f0000000580)=[{&(0x7f0000000000)="238292", 0xfff6}], 0x2) 16.256687143s ago: executing program 0 (id=18079): syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x21000c, &(0x7f0000000040), 0xde, 0x529, &(0x7f00000008c0)="$eJzs3c1vHGcZAPBnxrvBaVzsAodSqR+iQUkF2Y1r2loc2iIQt0qgcg+WvbGsrLORd93GVoUc8QcgIQSVOHHigsSNCxLqn4CQKtE7AgRCkMKBAzBoZmdTZ5n1h7ofwf79pHf3nXd253nejXf2nY/MBHBuPRcRr0fEXES8EBGLZXtaljjol/x1H95/Zz0vefObf00iKdsiiuoDl8q3zfefKnX39m+ttdutnXK62du+0+zu7V/b2l7bbG22bq+sLL+8+srqS6vXx9LPvF+vfu2PP/zeT7/+6q+++Pbvbvz56nfypL9azh/0a3yKTy8+KB7r+WfxQC0idsYbbGbmyv7UZ50IAAAnko9SPxURnyvG/4sxV4zmCsNDuvnpZwcAAACMQ/baQvwricgAAACAM+u1iFiIJG2U5wIsRJo2Gv1zeD8Tj6XtTrf3hZud3dsb+byIpainN7farevlObVLUU/y6eWi/tH0i0PTKxHxRET8YPFiMd1Y77Q3Zr3zAwAAAM6JS0Pb//9Y7G//AwAAAGfM0qwTAAAAACZu1PZ/MuU8AAAAgMlx/B8AAADOtG+88UZessH9rzfe2tu91Xnr2kare6uxvbveWO/s3GlsdjqbxTX7to9aVj0i2p3OnS9F7N5t9lrdXrO7t39ju7N7u3djy/0DAQAAYFaeePa9D5KIOPjyxaLkLuQPcyPe4FwBODPS07z4D5PLA5i+UT/zJ3BhnHkA01ebdQLA7BzMOgFg1h661EfFoODwyTsP7TP49eRyAgAAxuvKZ6uP/9fK8/mBs+tUx/+BM+VjHP8H/s85/g/nV/1UI4B7E8wEmJXjbvUx8uIdVcf/K88MzrJjlwUAAEzUQlGeTRvlscCFSNNGI+Lx4r/615ObW+3W9Yj4ZET8drH+iXx6uXhn4vaAAAAAAAAAAAAAAAAAAAAAAAAAAHBCWZZEBgAAAJxpEemfkvL+X1cWLy8M7x+4kPxzMcpber394zd/dHet19tZztv/9qC9927Z/uIs9mAAAADAeVQ7cu5gO32wHQ8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4/Th/XfWB2Wacf/ylYhYqopfi/nieT7qEfHY35OoHXpfEhFzY4h/cC8inqyKn+RpxVKZxXD8NCIuTif+01mWVca/NIb4cJ69l69/Xq/6/qXxXPFc/f2vleXjemj9d+EXh+akD9Z/cyPWf4+fMMZT7/+8OTL+vYinatXrn0H8ZET856sWWPGhfPtb+/v/09hfeGQ/ibhS+fuTPBSr2du+0+zu7V/b2l7bbG22bq+sLL+8+srqS6vXmze32q3ysbKP33/6l/8Zavp31lf0P0bEXzqm/5fzSv1QYzYcpgz2/t37n+5X60OLKOJffb767+/JI+LnfxOfL38H8vlXBvWDfv2wZ372m2cqEyvjb4zo/3H//ldHLXTIC9/87u9P+FIAYAq6e/u31trt1s7EK+9mWTatWCevRHrSFxfDxal+YtOtDEZ3Ewsx/6j0dMqVy49GGqepjGPPFgAA8Kj5aNA/60wAAAAAAAAAAAAAAAAAAADg/OruRTrpy4kNxzyYTVcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI703wAAAP//4wvZIQ==") r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) mknod$loop(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40, 0x1) 16.214197434s ago: executing program 0 (id=18080): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}}, 0x0) 15.836236166s ago: executing program 0 (id=18091): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) futex(0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0, 0xb1004002) 15.825145456s ago: executing program 40 (id=18091): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) futex(0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0, 0xb1004002) 1.084843343s ago: executing program 4 (id=18422): syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000200)={[{@journal_dev}, {@nouid32}]}, 0xfe, 0x26d, &(0x7f0000001000)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEsRb0x5LL6GXlkJPaZtDeim0oYeGHtrDlt3ZLdtkQ9r92+58PrDMTN57896E+b4MQ2Y2gMyajIjZiMhHxFREFCMiaa3wZvqZbGxulLYXI6rVz24n9XrpdqrZbiIiKhHxQUShWba29dXe3Z1P3vlttfj2v1tflgZ1fK3293Y/Pfh7/tdTc++vXbx8cz6J2Sg3ylqPo5eSNj8rJBEv9aOzp0RSGPYIeBwLP/9/pZb7lyPirXr+i5FrRPb3lefOFeO9v45r+8etS68OcqxA71WrxdrfwEoVyJxcRJQjyU1HRLqey01Pp9fwV/PjuR+WV36a+n55dem7Yc9UQK+UI9n9+MzY6YlD+b+RT/MPjK5yxO7nC5vXausH+WGPBuib1rvtr6WLWv6nvll/N+QfMkf+IbvkH7JL/mEEdJjdHuS/3b+2Ac+AbvL/fJ/GBAyG638YYcXmSqVtsfxDdsk/jKh/Tr41J/+QXa35BwCypTo27CeQgWEZ9vwDAAAAAAAAAAAAAAAAAAActVHaXmx+BtXn+T8j9j+KiEK7/vP17yNuvm18/E5Sq/ZQkjbrytdvdLmDLv3Xs6evSx21euF6r/rvzIXX+7PfXx7dPPaXs74UUalVnikUjp5/SeP869yLJ5QXv+2ygyd0+K2AH34x2P4Pu7853P7ndiLO1uafmXbzTy5eqS/bzz/l1lcsd+jHe13uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIF5EAAA//9d9m3o") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000500)=""/173, 0xad) getdents(r0, 0x0, 0x0) 932.933484ms ago: executing program 3 (id=18414): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r0}, 0x9) syz_read_part_table(0x624, &(0x7f0000000640)="$eJzs2z+IHFUcB/Dv7mb/nKfZJlUazQWsAsEQO7cw4W4VFMLFIEgKlTTBVBEODl2yYooY4YgWwUawCcI1p+lioxg8IgQ7JVgowolpBO1UJCOzO7vuaUQwISB8PsXMm5nf733nMa+d8L9WT7M8NUYXPyTZ/+Kv7cz9WXBh9Kw7uSy63eytj8fDHFtfXPqtKIrimXZqOZ5m9lzd+WE74wmKmZyFJK0HJkHJpffu2zF59nDRPV9NmWHa2ZlkvnWbl21vG96ugntso5fU8sb8WnnRH2zdejb54KfFybc9fKI8Hu/kWnVj/J0/KSb7INNdUPvLzMU/h87P5m92h2dP99dWeyfLqd5Z/+6RW7v7k1k/PpCsTCPqMxmt2d303230Nhup8m/sr24ODu27vOviwdWPPl++2filGFnqTHvKt3jz6N1IBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgbutms/v62dP9tdXeyRv9wda5r64//ejKhceuzOV6UW8dPpF0yrpraW7re/lqI8lLeSGncmry6Iuk6JaD4eiY2qR650xnfTranWSjV+V//9TehX67auqvv1bVHKjOR6ZdcymKM5kbje+/4/Vv9DZnFjbYWtnz1nNvDw7tu7zr4sFPv8zyzXKZeXdbT3t0/D077jgdAAAAAAAAAAAAAAAAAAAAxhaXnnzoyOPLr5xLMuwk+fHVetJMMfrJvZZheeokC1X9N+Of31uXOsnw5yea618frbWe/+z8t+P7GaadZhqZf//KseTBac6ZvyXX7sXy+Bd/BAAA//+bBHhd") 628.056716ms ago: executing program 4 (id=18421): r0 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f00000005c0), 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r1}, 0x18) write$selinux_validatetrans(r0, 0x0, 0x87) 496.243057ms ago: executing program 3 (id=18428): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0xfc0, &(0x7f0000007940)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd606410a60f8a896adf660000000000001200ffffe0000012fe8000000000000000000000000000aa"], 0x0) 495.842207ms ago: executing program 4 (id=18429): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x192, 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendmsg$can_raw(r0, &(0x7f0000000440)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "000000000000000e"}, 0x10}, 0x1, 0x0, 0x0, 0x4048850}, 0x4004000) 430.163187ms ago: executing program 3 (id=18432): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 416.026087ms ago: executing program 2 (id=18433): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) writev(r1, &(0x7f0000001400)=[{0x0, 0x180}, {&(0x7f0000001280)="9f", 0x1}], 0x2) 370.812357ms ago: executing program 3 (id=18435): perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7, 0xfffffffffffffffc}, 0x103200, 0x1, 0x840000, 0xc, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) 366.770027ms ago: executing program 2 (id=18436): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000001495"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x400000001300, 0x400000001330], 0x0, 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="00000000000000000000000007000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000"]}, 0x108) 358.159758ms ago: executing program 1 (id=18437): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) name_to_handle_at(0xffffffffffffffff, &(0x7f00000005c0)='./file0\x00', 0x0, 0x0, 0x200) 332.070107ms ago: executing program 2 (id=18438): r0 = io_uring_setup(0x2553, &(0x7f0000000280)) r1 = epoll_create1(0x0) r2 = dup3(r1, r0, 0x0) epoll_pwait2(r2, &(0x7f0000000080)=[{}], 0x1, 0x0, 0x0, 0x0) 300.973148ms ago: executing program 5 (id=18440): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x0) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002) write$binfmt_aout(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="03070000b5"], 0xc8) dup3(r1, r0, 0x0) 298.462218ms ago: executing program 4 (id=18441): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000009f910000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) umount2(&(0x7f0000000280)='./file0\x00', 0x9) 283.020588ms ago: executing program 5 (id=18442): r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r0, 0x400, 0x1) openat$dir(0xffffff9c, &(0x7f0000000040)='./file1\x00', 0x801, 0x40) fcntl$getflags(r0, 0x401) 254.773888ms ago: executing program 5 (id=18443): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r0}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@getqdisc={0x24, 0x26, 0x705, 0x70bd29, 0x5, {0x0, 0x0, 0x0, 0x0, {0x1, 0xa}, {0x10, 0xd}, {0xfff2, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x0) 253.920349ms ago: executing program 2 (id=18444): syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000200)={[{@journal_dev}, {@nouid32}]}, 0xfe, 0x26d, &(0x7f0000001000)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEsRb0x5LL6GXlkJPaZtDeim0oYeGHtrDlt3ZLdtkQ9r92+58PrDMTN57896E+b4MQ2Y2gMyajIjZiMhHxFREFCMiaa3wZvqZbGxulLYXI6rVz24n9XrpdqrZbiIiKhHxQUShWba29dXe3Z1P3vlttfj2v1tflgZ1fK3293Y/Pfh7/tdTc++vXbx8cz6J2Sg3ylqPo5eSNj8rJBEv9aOzp0RSGPYIeBwLP/9/pZb7lyPirXr+i5FrRPb3lefOFeO9v45r+8etS68OcqxA71WrxdrfwEoVyJxcRJQjyU1HRLqey01Pp9fwV/PjuR+WV36a+n55dem7Yc9UQK+UI9n9+MzY6YlD+b+RT/MPjK5yxO7nC5vXausH+WGPBuib1rvtr6WLWv6nvll/N+QfMkf+IbvkH7JL/mEEdJjdHuS/3b+2Ac+AbvL/fJ/GBAyG638YYcXmSqVtsfxDdsk/jKh/Tr41J/+QXa35BwCypTo27CeQgWEZ9vwDAAAAAAAAAAAAAAAAAAActVHaXmx+BtXn+T8j9j+KiEK7/vP17yNuvm18/E5Sq/ZQkjbrytdvdLmDLv3Xs6evSx21euF6r/rvzIXX+7PfXx7dPPaXs74UUalVnikUjp5/SeP869yLJ5QXv+2ygyd0+K2AH34x2P4Pu7853P7ndiLO1uafmXbzTy5eqS/bzz/l1lcsd+jHe13uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIF5EAAA//9d9m3o") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000500)=""/173, 0xad) getdents(r0, 0x0, 0x0) 217.315339ms ago: executing program 3 (id=18445): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) setfsuid(0xee00) 200.437859ms ago: executing program 1 (id=18446): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000078000000030a01030000000000000000050000000900010073797a300000000008000540000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a3200000000280004800800024000000000140003007465616d5f736c6176655f3000000000080001400000000114000000020a090100000000000000000000000014000000110001"], 0xd4}}, 0x0) 199.999999ms ago: executing program 5 (id=18447): prlimit64(0x0, 0x2, &(0x7f0000000040)={0x0, 0xffffffffffffffff}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='mmap_lock_acquire_returned\x00', r0}, 0x18) brk(0x5d555ede6000) 157.908129ms ago: executing program 1 (id=18448): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) rmdir(0x0) 147.969699ms ago: executing program 2 (id=18449): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xf, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x7, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 132.363959ms ago: executing program 4 (id=18450): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0xe}]}}]}, 0x38}}, 0x0) 117.586679ms ago: executing program 4 (id=18451): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x8}, [], {0x95, 0x0, 0xff85}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 73.47782ms ago: executing program 1 (id=18452): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x0) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002) write$binfmt_aout(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="03070000b5"], 0xc8) dup3(r1, r0, 0x0) 72.027679ms ago: executing program 5 (id=18453): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000001495"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x400000001300, 0x400000001330], 0x0, 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="00000000000000000000000007000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000"]}, 0x108) 53.15203ms ago: executing program 2 (id=18454): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x192, 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendmsg$can_raw(r0, &(0x7f0000000440)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "000000000000000e"}, 0x10}, 0x1, 0x0, 0x0, 0x4048850}, 0x4004000) 41.69605ms ago: executing program 3 (id=18455): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x9752333b9a87418, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000340)='cpu\t~0&&\t') 28.638699ms ago: executing program 1 (id=18456): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r0}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@getqdisc={0x24, 0x26, 0x705, 0x70bd29, 0x5, {0x0, 0x0, 0x0, 0x0, {0x1, 0xa}, {0x10, 0xd}, {0xfff2, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x0) 25.74088ms ago: executing program 5 (id=18457): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) name_to_handle_at(0xffffffffffffffff, &(0x7f00000005c0)='./file0\x00', 0x0, 0x0, 0x200) 0s ago: executing program 1 (id=18458): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): thread 0... [ 351.315577][ T6732] IPVS: using max 2496 ests per chain, 124800 per kthread [ 351.364911][ T6649] 9pnet_fd: p9_fd_create_tcp (6649): problem connecting socket to 127.0.0.1 [ 351.434886][ T30] kauditd_printk_skb: 270 callbacks suppressed [ 351.434902][ T30] audit: type=1400 audit(332.765:20454): avc: denied { name_bind } for pid=6749 comm="syz.0.16186" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 351.473862][ T6752] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6752 comm=syz.1.16185 [ 351.505919][ T30] audit: type=1400 audit(332.821:20455): avc: denied { read } for pid=6750 comm="syz.1.16185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 351.559124][ T30] audit: type=1400 audit(332.868:20456): avc: denied { watch } for pid=6759 comm="syz.1.16190" path="/415" dev="tmpfs" ino=2140 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 351.580812][ T30] audit: type=1400 audit(332.877:20457): avc: denied { create } for pid=6761 comm="syz.4.16191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 351.600138][ T30] audit: type=1400 audit(332.877:20458): avc: denied { setopt } for pid=6761 comm="syz.4.16191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 351.679920][ T30] audit: type=1400 audit(332.943:20459): avc: denied { write } for pid=6761 comm="syz.4.16191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 351.743714][ T30] audit: type=1400 audit(333.055:20460): avc: denied { create } for pid=6779 comm="syz.1.16199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 351.783561][ T30] audit: type=1400 audit(333.055:20461): avc: denied { write } for pid=6779 comm="syz.1.16199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 351.807903][ T6789] SELinux: policydb version 0 does not match my version range 15-34 [ 351.817236][ T6789] SELinux: failed to load policy [ 351.822601][ T30] audit: type=1400 audit(333.120:20462): avc: denied { setopt } for pid=6786 comm="syz.0.16203" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 351.874493][ T30] audit: type=1326 audit(333.167:20463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6792 comm="syz.2.16206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 351.963206][ T6809] vxcan1 speed is unknown, defaulting to 1000 [ 351.986270][ T6812] loop2: detected capacity change from 0 to 2048 [ 352.029192][ T6812] Alternate GPT is invalid, using primary GPT. [ 352.035533][ T6812] loop2: p1 p2 p3 [ 352.151563][ T6822] loop6: detected capacity change from 0 to 512 [ 352.262851][ T6832] loop2: detected capacity change from 0 to 512 [ 352.311585][ T6832] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.16223: Failed to acquire dquot type 0 [ 352.648844][ T6868] loop6: detected capacity change from 0 to 512 [ 352.739473][ T6868] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.16239: bg 0: block 248: padding at end of block bitmap is not set [ 352.761745][ T6868] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.16239: Failed to acquire dquot type 1 [ 352.796820][ T6868] EXT4-fs (loop6): 1 truncate cleaned up [ 352.844021][T32120] EXT4-fs error (device loop6): ext4_release_dquot:6950: comm kworker/u8:25: Failed to release dquot type 1 [ 352.900545][ T6894] serio: Serial port ptm0 [ 353.023278][ T6915] bridge_slave_1: left allmulticast mode [ 353.029000][ T6915] bridge_slave_1: left promiscuous mode [ 353.034855][ T6915] bridge0: port 2(bridge_slave_1) entered disabled state [ 353.042959][ T6915] bridge_slave_0: left allmulticast mode [ 353.048675][ T6915] bridge_slave_0: left promiscuous mode [ 353.055134][ T6915] bridge0: port 1(bridge_slave_0) entered disabled state [ 353.143380][ T6928] loop2: detected capacity change from 0 to 1024 [ 353.167580][ T6928] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 353.184029][ T6928] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 28 [ 353.196238][ T6928] EXT4-fs (loop2): This should not happen!! Data will be lost [ 353.196238][ T6928] [ 353.205930][ T6928] EXT4-fs (loop2): Total free blocks count 0 [ 353.211923][ T6928] EXT4-fs (loop2): Free/Dirty block details [ 353.218071][ T6928] EXT4-fs (loop2): free_blocks=4293918720 [ 353.223810][ T6928] EXT4-fs (loop2): dirty_blocks=0 [ 353.228889][ T6928] EXT4-fs (loop2): Block reservation details [ 353.234880][ T6928] EXT4-fs (loop2): i_reserved_data_blocks=0 [ 354.069822][ T6972] __nla_validate_parse: 4 callbacks suppressed [ 354.069838][ T6972] netlink: 12 bytes leftover after parsing attributes in process `syz.1.16287'. [ 354.375712][ T7018] xt_hashlimit: max too large, truncated to 1048576 [ 354.398993][ T7021] loop6: detected capacity change from 0 to 512 [ 354.414016][ T7021] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 354.429536][ T7021] EXT4-fs (loop6): 1 truncate cleaned up [ 354.745930][ T7054] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check. [ 354.798339][ T7058] vxcan1 speed is unknown, defaulting to 1000 [ 354.902774][ T7018] Cannot find set identified by id 0 to match [ 354.955936][ T7068] netlink: 72 bytes leftover after parsing attributes in process `syz.4.16332'. [ 355.082061][ T7089] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16342'. [ 355.240453][ T7123] 0ªX¹¦D: left allmulticast mode [ 355.259309][ T7127] loop2: detected capacity change from 0 to 512 [ 355.263857][ T7123] syz_tun: left promiscuous mode [ 355.271396][ T7127] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 355.274605][ T7123] bridge0: port 2(batadv1) entered blocking state [ 355.287662][ T7123] bridge0: port 2(batadv1) entered forwarding state [ 355.294398][ T7123] bridge0: port 1(gretap0) entered blocking state [ 355.300828][ T7123] bridge0: port 1(gretap0) entered forwarding state [ 355.303117][ T7127] EXT4-fs (loop2): 1 truncate cleaned up [ 355.313112][ T7123] 8021q: adding VLAN 0 to HW filter on device bond0 [ 355.316090][ T7123] 8021q: adding VLAN 0 to HW filter on device team0 [ 355.332801][ T7123] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 355.412606][ T7138] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16364'. [ 355.700993][ T7170] 9pnet_fd: Insufficient options for proto=fd [ 355.729206][ T7174] veth0_virt_wifi: entered promiscuous mode [ 355.735153][ T7174] veth0_virt_wifi: entered allmulticast mode [ 355.802848][ T7182] netlink: 12 bytes leftover after parsing attributes in process `syz.4.16386'. [ 355.893500][ T7199] xt_hashlimit: max too large, truncated to 1048576 [ 355.901925][ T7199] xt_limit: Overflow, try lower: 0/0 [ 356.004110][ T7215] netlink: 16 bytes leftover after parsing attributes in process `syz.1.16402'. [ 356.091531][ T7231] loop6: detected capacity change from 0 to 164 [ 356.115900][ T7231] Unable to read rock-ridge attributes [ 356.135444][ T7231] Unable to read rock-ridge attributes [ 356.145573][ T7231] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 356.153175][ T7231] syz.6.16410: attempt to access beyond end of device [ 356.153175][ T7231] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 356.352348][ T7280] loop1: detected capacity change from 0 to 2048 [ 356.373996][ T7280] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 356.389908][ T7280] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 28 [ 356.402892][ T7280] EXT4-fs (loop1): This should not happen!! Data will be lost [ 356.402892][ T7280] [ 356.412549][ T7280] EXT4-fs (loop1): Total free blocks count 0 [ 356.418772][ T7280] EXT4-fs (loop1): Free/Dirty block details [ 356.424765][ T7280] EXT4-fs (loop1): free_blocks=2415919104 [ 356.428322][ T7290] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 356.430480][ T7280] EXT4-fs (loop1): dirty_blocks=16 [ 356.430551][ T7280] EXT4-fs (loop1): Block reservation details [ 356.430563][ T7280] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 356.442731][ T7290] EXT4-fs (loop1): This should not happen!! Data will be lost [ 356.442731][ T7290] [ 356.470573][ T7289] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 356.515600][ T7296] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 356.542480][ T7300] loop1: detected capacity change from 0 to 512 [ 356.650684][ T7322] SELinux: policydb version 0 does not match my version range 15-34 [ 356.658995][ T7322] SELinux: failed to load policy [ 356.788093][ T7345] loop1: detected capacity change from 0 to 256 [ 356.795666][ T30] kauditd_printk_skb: 272 callbacks suppressed [ 356.795680][ T30] audit: type=1400 audit(337.779:20731): avc: denied { mount } for pid=7343 comm="syz.1.16470" name="/" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 356.824332][ T30] audit: type=1326 audit(337.788:20732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.4.16460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 356.847477][ T30] audit: type=1326 audit(337.788:20733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.4.16460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 356.870575][ T30] audit: type=1326 audit(337.788:20734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.4.16460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 356.898252][ T30] audit: type=1326 audit(337.788:20735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.4.16460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 356.921334][ T30] audit: type=1326 audit(337.788:20736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.4.16460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 356.945188][ T30] audit: type=1326 audit(337.788:20737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.4.16460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 356.969623][ T30] audit: type=1326 audit(337.853:20738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.4.16460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 356.992687][ T30] audit: type=1326 audit(337.853:20739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.4.16460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 357.016322][ T30] audit: type=1326 audit(337.872:20740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.4.16460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 357.127940][ T7367] loop2: detected capacity change from 0 to 1024 [ 357.134978][ T7367] EXT4-fs: Ignoring removed bh option [ 357.142296][ T7367] EXT4-fs: inline encryption not supported [ 357.149778][ T7367] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 357.162871][ T7367] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 357.173997][ T7367] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #3: block 2: comm syz.2.16473: lblock 2 mapped to illegal pblock 2 (length 1) [ 357.189477][ T7367] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #3: block 48: comm syz.2.16473: lblock 0 mapped to illegal pblock 48 (length 1) [ 357.205631][ T7367] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.16473: Failed to acquire dquot type 0 [ 357.218218][ T7367] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5838: Corrupt filesystem [ 357.232891][ T7367] EXT4-fs error (device loop2): ext4_evict_inode:256: inode #11: comm syz.2.16473: mark_inode_dirty error [ 357.244414][ T7367] EXT4-fs warning (device loop2): ext4_evict_inode:259: couldn't mark inode dirty (err -117) [ 357.254656][ T7367] EXT4-fs (loop2): 1 orphan inode deleted [ 357.264463][ T7382] loop1: detected capacity change from 0 to 512 [ 357.270373][T32120] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:25: lblock 1 mapped to illegal pblock 1 (length 1) [ 357.285627][ T7382] EXT4-fs (loop1): unable to read superblock [ 357.291785][T32120] EXT4-fs error (device loop2): ext4_release_dquot:6950: comm kworker/u8:25: Failed to release dquot type 0 [ 357.304080][ T7367] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 357.415178][ T7400] netlink: 'syz.1.16485': attribute type 3 has an invalid length. [ 357.423906][ T7403] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check. [ 357.826261][ T7450] bond1: entered promiscuous mode [ 357.831404][ T7450] bond1: entered allmulticast mode [ 357.840639][ T7450] 8021q: adding VLAN 0 to HW filter on device bond1 [ 357.858719][ T7450] bond1 (unregistering): Released all slaves [ 357.872508][ T7464] loop6: detected capacity change from 0 to 512 [ 357.879570][ T7464] ext3: Unknown parameter 'appraise' [ 357.890961][ T7466] 9pnet_fd: Insufficient options for proto=fd [ 357.930625][ T7475] netlink: 'syz.0.16522': attribute type 2 has an invalid length. [ 358.044785][ T7493] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 358.066255][ T7493] SELinux: failed to load policy [ 358.186312][ T7515] netlink: 'syz.2.16541': attribute type 2 has an invalid length. [ 358.381817][ T7544] loop2: detected capacity change from 0 to 512 [ 358.449967][ T7544] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.16554: bg 0: block 248: padding at end of block bitmap is not set [ 358.487162][ T7544] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.16554: Failed to acquire dquot type 1 [ 358.561290][ T7544] EXT4-fs (loop2): 1 truncate cleaned up [ 358.655126][T32147] EXT4-fs error (device loop2): ext4_release_dquot:6950: comm kworker/u8:48: Failed to release dquot type 1 [ 358.719070][ T7571] netlink: 'syz.4.16576': attribute type 16 has an invalid length. [ 358.727027][ T7571] netlink: 'syz.4.16576': attribute type 17 has an invalid length. [ 358.788610][ T7571] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 358.840134][ T7579] loop1: detected capacity change from 0 to 2048 [ 358.910676][ T7579] Alternate GPT is invalid, using primary GPT. [ 358.917624][ T7579] loop1: p1 p2 p3 [ 358.979614][ T7600] loop1: detected capacity change from 0 to 128 [ 359.000538][ T7605] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16582'. [ 359.022184][ T7607] loop2: detected capacity change from 0 to 512 [ 359.033626][ T7609] loop6: detected capacity change from 0 to 512 [ 359.055976][ T7607] SELinux: Context system_u:object_r:initrc_var_run_t:s0 is not valid (left unmapped). [ 359.077091][ T7609] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.16584: Failed to acquire dquot type 0 [ 359.089237][ T7607] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 359.163659][ T7629] netlink: 168 bytes leftover after parsing attributes in process `syz.2.16590'. [ 359.178587][ T7628] vxcan1 speed is unknown, defaulting to 1000 [ 359.331595][ T7652] netlink: 9 bytes leftover after parsing attributes in process `syz.2.16600'. [ 359.341345][ T7652] 0·: renamed from hsr0 [ 359.347708][ T7652] 0·: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 359.358594][ T7652] 0·: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 359.371684][ T7652] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 359.395450][ T7656] program syz.1.16604 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 359.494856][ T7666] loop1: detected capacity change from 0 to 2048 [ 359.534582][ T7666] Alternate GPT is invalid, using primary GPT. [ 359.540848][ T7666] loop1: p1 p2 p3 [ 359.634750][ T7685] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.16618'. [ 359.779255][ T7710] serio: Serial port ptm0 [ 359.884940][ T7733] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16640'. [ 359.894354][ T7733] netlink: 'syz.4.16640': attribute type 2 has an invalid length. [ 359.984253][ T7751] team_slave_0: entered promiscuous mode [ 359.989942][ T7751] team_slave_1: entered promiscuous mode [ 360.012077][ T7750] team_slave_0: left promiscuous mode [ 360.017499][ T7750] team_slave_1: left promiscuous mode [ 360.041255][ T7765] netlink: 12 bytes leftover after parsing attributes in process `syz.6.16656'. [ 360.211169][ T7790] netlink: 56 bytes leftover after parsing attributes in process `syz.4.16666'. [ 360.220375][ T7790] tipc: Enabling of bearer rejected, failed to enable media [ 360.253250][ T7795] netlink: 168 bytes leftover after parsing attributes in process `syz.4.16671'. [ 360.280315][ T7797] netlink: 'syz.0.16672': attribute type 16 has an invalid length. [ 360.288335][ T7797] netlink: 'syz.0.16672': attribute type 17 has an invalid length. [ 360.323766][ T7797] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 360.401673][ T7806] xt_hashlimit: max too large, truncated to 1048576 [ 360.412693][ T7806] Cannot find set identified by id 0 to match [ 360.431593][ T7812] netlink: 72 bytes leftover after parsing attributes in process `syz.0.16688'. [ 360.444793][ T7814] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16679'. [ 360.653944][ T7859] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 360.710562][ T7871] vxcan1 speed is unknown, defaulting to 1000 [ 360.814262][ T7881] loop2: detected capacity change from 0 to 128 [ 361.056557][ T7897] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16724'. [ 361.094462][ T7904] 9pnet_fd: Insufficient options for proto=fd [ 361.214441][ T7930] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16731'. [ 361.676818][ T7962] 9pnet_fd: Insufficient options for proto=fd [ 361.711188][ T7967] loop6: detected capacity change from 0 to 512 [ 361.729642][ T7967] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 361.731378][ T7969] netlink: 9 bytes leftover after parsing attributes in process `syz.0.16748'. [ 361.738648][ T7967] EXT4-fs (loop6): orphan cleanup on readonly fs [ 361.753233][ T7969] 0·: renamed from hsr0 [ 361.758990][ T7969] 0·: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 361.769800][ T7969] 0·: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 361.770701][ T7967] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #16: comm syz.6.16747: casefold flag without casefold feature [ 361.780134][ T7969] 0·: entered allmulticast mode [ 361.794872][ T7967] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.16747: couldn't read orphan inode 16 (err -117) [ 361.797504][ T7969] hsr_slave_0: entered allmulticast mode [ 361.811293][ T7967] EXT4-fs mount: 46 callbacks suppressed [ 361.811367][ T7967] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 361.815590][ T7969] hsr_slave_1: entered allmulticast mode [ 361.818680][ T7969] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 361.855203][ T7967] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 361.875832][T21857] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.918448][ T3450] kernel write not supported for file bpf-prog (pid: 3450 comm: kworker/0:4) [ 362.038160][ T8004] loop4: detected capacity change from 0 to 512 [ 362.051893][ T8004] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 362.071260][ T8004] EXT4-fs (loop4): orphan cleanup on readonly fs [ 362.079490][ T8004] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #16: comm syz.4.16765: casefold flag without casefold feature [ 362.094286][ T8004] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.16765: couldn't read orphan inode 16 (err -117) [ 362.106869][ T8004] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 362.125557][ T8004] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 362.173648][ T30] kauditd_printk_skb: 238 callbacks suppressed [ 362.173664][ T30] audit: type=1400 audit(342.811:20971): avc: denied { create } for pid=8021 comm="syz.0.16773" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 362.205902][ T30] audit: type=1400 audit(342.839:20972): avc: denied { ioctl } for pid=8021 comm="syz.0.16773" path="socket:[124605]" dev="sockfs" ino=124605 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 362.254560][ T30] audit: type=1400 audit(342.876:20973): avc: denied { open } for pid=8027 comm="syz.2.16777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 362.274198][ T30] audit: type=1400 audit(342.876:20974): avc: denied { kernel } for pid=8027 comm="syz.2.16777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 362.321587][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.336228][ T8030] batadv1: left allmulticast mode [ 362.341281][ T8030] batadv1: left promiscuous mode [ 362.346388][ T8030] bridge0: port 1(batadv1) entered disabled state [ 362.357341][ T30] audit: type=1400 audit(342.942:20975): avc: denied { unmount } for pid=5807 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 362.377085][ T30] audit: type=1400 audit(342.961:20976): avc: denied { ioctl } for pid=8029 comm="syz.6.16779" path="socket:[125591]" dev="sockfs" ino=125591 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 362.401632][ T30] audit: type=1400 audit(342.970:20977): avc: denied { name_bind } for pid=8037 comm="syz.1.16783" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 362.427229][ T30] audit: type=1400 audit(342.970:20978): avc: denied { node_bind } for pid=8037 comm="syz.1.16783" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 362.447887][ T30] audit: type=1400 audit(343.017:20979): avc: denied { create } for pid=8041 comm="syz.2.16785" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 362.467726][ T30] audit: type=1400 audit(343.017:20980): avc: denied { write } for pid=8041 comm="syz.2.16785" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 362.519359][ T8049] loop1: detected capacity change from 0 to 512 [ 362.533159][ T8049] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 362.542331][ T8049] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 362.551952][ T8053] tipc: Started in network mode [ 362.556831][ T8053] tipc: Node identity 663a20300a74797, cluster identity 4711 [ 362.564441][ T8053] tipc: Enabling of bearer rejected, failed to enable media [ 362.611305][ T8049] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 362.640637][ T8049] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 362.662088][ T8049] System zones: 0-2, 18-18, 34-35 [ 362.670721][ T8065] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 362.686152][ T8049] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 362.764282][ T8071] loop4: detected capacity change from 0 to 2048 [ 362.772575][ T8049] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.16796: bg 0: block 353: padding at end of block bitmap is not set [ 362.811280][ T8075] vxcan1 speed is unknown, defaulting to 1000 [ 362.824899][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.837721][ T8071] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 362.857712][ T8071] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 362.874550][ T8071] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 28 [ 362.886740][ T8071] EXT4-fs (loop4): This should not happen!! Data will be lost [ 362.886740][ T8071] [ 362.896424][ T8071] EXT4-fs (loop4): Total free blocks count 0 [ 362.902466][ T8071] EXT4-fs (loop4): Free/Dirty block details [ 362.908359][ T8071] EXT4-fs (loop4): free_blocks=2415919104 [ 362.914826][ T8071] EXT4-fs (loop4): dirty_blocks=16 [ 362.920050][ T8071] EXT4-fs (loop4): Block reservation details [ 362.926053][ T8071] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 362.935564][ T8083] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 363.041122][ T8099] bridge_slave_1: left allmulticast mode [ 363.046788][ T8099] bridge_slave_1: left promiscuous mode [ 363.053122][ T8099] bridge0: port 2(bridge_slave_1) entered disabled state [ 363.061125][ T8099] bridge_slave_0: left allmulticast mode [ 363.067128][ T8099] bridge_slave_0: left promiscuous mode [ 363.072917][ T8099] bridge0: port 1(bridge_slave_0) entered disabled state [ 363.092091][ T8102] loop2: detected capacity change from 0 to 512 [ 363.110246][ T8102] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 363.125216][ T8102] EXT4-fs (loop2): orphan cleanup on readonly fs [ 363.132971][ T8102] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #16: comm syz.2.16808: casefold flag without casefold feature [ 363.150664][ T8102] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.16808: couldn't read orphan inode 16 (err -117) [ 363.168193][ T8102] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 363.199069][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.549617][ T8144] loop2: detected capacity change from 0 to 1024 [ 363.569919][ T8144] EXT4-fs: Ignoring removed nobh option [ 363.575644][ T8144] EXT4-fs: Ignoring removed bh option [ 363.605917][ T8144] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.668760][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.697338][ T8164] loop4: detected capacity change from 0 to 128 [ 363.709892][ T8166] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 363.724802][ T8164] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 363.748737][ T8164] EXT4-fs warning (device loop4): ext4_group_add:1736: No reserved GDT blocks, can't resize [ 363.750341][ T8169] syz.2.16833: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 363.774022][ T8169] CPU: 1 UID: 0 PID: 8169 Comm: syz.2.16833 Tainted: G W 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0 [ 363.774048][ T8169] Tainted: [W]=WARN [ 363.774055][ T8169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 363.774067][ T8169] Call Trace: [ 363.774075][ T8169] [ 363.774082][ T8169] dump_stack_lvl+0xf2/0x150 [ 363.774158][ T8169] dump_stack+0x15/0x1a [ 363.774176][ T8169] warn_alloc+0x145/0x1b0 [ 363.774199][ T8169] ? __schedule+0x75b/0x990 [ 363.774270][ T8169] ? __vmalloc_node_range_noprof+0x88/0xe70 [ 363.774305][ T8169] __vmalloc_node_range_noprof+0xaa/0xe70 [ 363.774336][ T8169] ? __pfx_futex_wake_mark+0x10/0x10 [ 363.774430][ T8169] ? __rcu_read_unlock+0x4e/0x70 [ 363.774527][ T8169] ? avc_has_perm_noaudit+0x1cc/0x210 [ 363.774545][ T8169] ? should_fail_ex+0x31/0x260 [ 363.774585][ T8169] ? xskq_create+0x36/0xd0 [ 363.774617][ T8169] ? should_failslab+0x8f/0xb0 [ 363.774646][ T8169] vmalloc_user_noprof+0x59/0x70 [ 363.774733][ T8169] ? xskq_create+0x79/0xd0 [ 363.774764][ T8169] xskq_create+0x79/0xd0 [ 363.774796][ T8169] xsk_init_queue+0x82/0xd0 [ 363.774848][ T8169] xsk_setsockopt+0x388/0x520 [ 363.774874][ T8169] ? __pfx_xsk_setsockopt+0x10/0x10 [ 363.774903][ T8169] __sys_setsockopt+0x187/0x200 [ 363.774931][ T8169] __x64_sys_setsockopt+0x66/0x80 [ 363.775024][ T8169] x64_sys_call+0x282e/0x2dc0 [ 363.775055][ T8169] do_syscall_64+0xc9/0x1c0 [ 363.775087][ T8169] ? clear_bhb_loop+0x55/0xb0 [ 363.775113][ T8169] ? clear_bhb_loop+0x55/0xb0 [ 363.775141][ T8169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.775185][ T8169] RIP: 0033:0x7fc8b1b6d169 [ 363.775201][ T8169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 363.775220][ T8169] RSP: 002b:00007fc8b01d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 363.775236][ T8169] RAX: ffffffffffffffda RBX: 00007fc8b1d85fa0 RCX: 00007fc8b1b6d169 [ 363.775246][ T8169] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 363.775290][ T8169] RBP: 00007fc8b1bee2a0 R08: 0000000000000004 R09: 0000000000000000 [ 363.775304][ T8169] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000000 [ 363.775317][ T8169] R13: 0000000000000000 R14: 00007fc8b1d85fa0 R15: 00007fffa8541928 [ 363.775336][ T8169] [ 363.775344][ T8169] Mem-Info: [ 364.011360][ T8169] active_anon:3613 inactive_anon:3 isolated_anon:0 [ 364.011360][ T8169] active_file:6421 inactive_file:2563 isolated_file:0 [ 364.011360][ T8169] unevictable:0 dirty:265 writeback:0 [ 364.011360][ T8169] slab_reclaimable:3333 slab_unreclaimable:24304 [ 364.011360][ T8169] mapped:28090 shmem:332 pagetables:1460 [ 364.011360][ T8169] sec_pagetables:0 bounce:0 [ 364.011360][ T8169] kernel_misc_reclaimable:0 [ 364.011360][ T8169] free:1804745 free_pcp:21716 free_cma:0 [ 364.056680][ T8169] Node 0 active_anon:14452kB inactive_anon:12kB active_file:25684kB inactive_file:10252kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:112360kB dirty:1060kB writeback:0kB shmem:1328kB writeback_tmp:0kB kernel_stack:4448kB pagetables:5840kB sec_pagetables:0kB all_unreclaimable? no [ 364.084789][ T8169] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 364.112212][ T8169] lowmem_reserve[]: 0 2885 7863 7863 [ 364.117663][ T8169] Node 0 DMA32 free:2950732kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2954364kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB [ 364.147028][ T8169] lowmem_reserve[]: 0 0 4978 4978 [ 364.152232][ T8169] Node 0 Normal free:4252888kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:14336kB inactive_anon:12kB active_file:25684kB inactive_file:10252kB unevictable:0kB writepending:1060kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:83368kB local_pcp:57144kB free_cma:0kB [ 364.183250][ T8169] lowmem_reserve[]: 0 0 0 0 [ 364.187804][ T8169] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 364.200492][ T8169] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 1*16kB (M) 3*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950732kB [ 364.217286][ T8169] Node 0 Normal: 62*4kB (UE) 96*8kB (UME) 62*16kB (UME) 531*32kB (UME) 480*64kB (UME) 269*128kB (UM) 120*256kB (M) 104*512kB (UM) 89*1024kB (UM) 74*2048kB (UME) 938*4096kB (UM) = 4252856kB [ 364.236018][ T8169] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 364.245293][ T8169] 9326 total pagecache pages [ 364.250476][ T8169] 11 pages in swap cache [ 364.254705][ T8169] Free swap = 122048kB [ 364.258850][ T8169] Total swap = 124996kB [ 364.262987][ T8169] 2097051 pages RAM [ 364.266848][ T8169] 0 pages HighMem/MovableOnly [ 364.271515][ T8169] 80068 pages reserved [ 364.281186][ T5807] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 364.395501][ T8192] sctp: [Deprecated]: syz.2.16847 (pid 8192) Use of int in maxseg socket option. [ 364.395501][ T8192] Use struct sctp_assoc_value instead [ 364.585925][ T8223] loop6: detected capacity change from 0 to 512 [ 364.604747][ T8223] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 364.613856][ T8223] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 364.670028][ T8223] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended [ 364.690815][ T8223] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 364.704009][ T8223] System zones: 0-2, 18-18, 34-35 [ 364.712602][ T8223] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 364.737688][ T8223] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.16862: bg 0: block 353: padding at end of block bitmap is not set [ 364.763796][ T8244] netlink: 'syz.2.16871': attribute type 2 has an invalid length. [ 364.777059][T21857] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.804268][ T8250] x_tables: duplicate entry at hook 2 [ 364.819355][ T8250] Cannot find del_set index 1 as target [ 364.885093][ T8263] loop4: detected capacity change from 0 to 512 [ 364.903961][ T8263] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.16880: bg 0: block 248: padding at end of block bitmap is not set [ 364.943933][ T8263] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.16880: Failed to acquire dquot type 1 [ 364.981943][ T8263] EXT4-fs (loop4): 1 truncate cleaned up [ 365.001030][ T8263] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 365.033295][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.044017][T32147] EXT4-fs error (device loop4): ext4_release_dquot:6950: comm kworker/u8:48: Failed to release dquot type 1 [ 365.066879][ T8283] __nla_validate_parse: 8 callbacks suppressed [ 365.066892][ T8283] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16889'. [ 365.082436][ T8283] IPVS: Error joining to the multicast group [ 365.162596][ T8294] loop4: detected capacity change from 0 to 512 [ 365.178723][ T8296] SELinux: syz.2.16896 (8296) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 365.195005][ T8294] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 365.215444][ T8294] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 365.240636][ T8294] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 31 with error 28 [ 365.253151][ T8294] EXT4-fs (loop4): This should not happen!! Data will be lost [ 365.253151][ T8294] [ 365.263481][ T8294] EXT4-fs (loop4): Total free blocks count 0 [ 365.269507][ T8294] EXT4-fs (loop4): Free/Dirty block details [ 365.275422][ T8294] EXT4-fs (loop4): free_blocks=65280 [ 365.280703][ T8294] EXT4-fs (loop4): dirty_blocks=31 [ 365.285837][ T8294] EXT4-fs (loop4): Block reservation details [ 365.291824][ T8294] EXT4-fs (loop4): i_reserved_data_blocks=31 [ 365.309533][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.353102][ T8312] loop6: detected capacity change from 0 to 1024 [ 365.360108][ T8312] EXT4-fs: Ignoring removed nobh option [ 365.365756][ T8312] EXT4-fs: Ignoring removed bh option [ 365.368096][ T8316] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16902'. [ 365.381163][ T8316] IPVS: Error joining to the multicast group [ 365.382581][ T8312] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 365.428205][T21857] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.439012][ T8324] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 365.480529][ T8326] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 365.507096][ T8334] loop4: detected capacity change from 0 to 512 [ 365.543671][ T8334] EXT4-fs error (device loop4): ext4_quota_enable:7101: comm syz.4.16912: inode #33554432: comm syz.4.16912: iget: illegal inode # [ 365.581153][ T8334] EXT4-fs error (device loop4): ext4_quota_enable:7104: comm syz.4.16912: Bad quota inode: 33554432, type: 2 [ 365.601256][ T8334] EXT4-fs warning (device loop4): ext4_enable_quotas:7145: Failed to enable quota tracking (type=2, err=-117, ino=33554432). Please run e2fsck to fix. [ 365.619406][ T8344] loop1: detected capacity change from 0 to 128 [ 365.647928][ T8334] EXT4-fs (loop4): mount failed [ 366.065647][ T8431] loop1: detected capacity change from 0 to 164 [ 366.221219][ T8452] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8452 comm=syz.4.16967 [ 366.233835][ T8452] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8452 comm=syz.4.16967 [ 366.412235][ T8478] netlink: 100 bytes leftover after parsing attributes in process `syz.4.16976'. [ 366.650925][ T8502] loop4: detected capacity change from 0 to 128 [ 366.658952][ T8502] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 366.674091][ T8502] SELinux: Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped). [ 366.692892][ T5807] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 367.036236][ T8523] netlink: 3 bytes leftover after parsing attributes in process `syz.4.16996'. [ 367.045469][ T8523] 0ªX¹¦À: renamed from caif0 [ 367.052644][ T8523] 0ªX¹¦À: entered allmulticast mode [ 367.057854][ T8523] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 367.116003][ T8529] loop4: detected capacity change from 0 to 256 [ 367.148063][ T8531] netlink: 'syz.4.17000': attribute type 3 has an invalid length. [ 367.226803][ T8541] loop1: detected capacity change from 0 to 512 [ 367.235634][ T8541] EXT4-fs (loop1): orphan cleanup on readonly fs [ 367.245115][ T8541] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.17005: bg 0: block 248: padding at end of block bitmap is not set [ 367.270520][ T8541] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.17005: Failed to acquire dquot type 1 [ 367.283670][ T8541] EXT4-fs (loop1): 1 truncate cleaned up [ 367.292080][ T8541] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 367.335844][ T8554] loop4: detected capacity change from 0 to 164 [ 367.405923][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.415074][ T8560] loop4: detected capacity change from 0 to 8192 [ 367.471805][ T8576] qrtr: Invalid version 191 [ 367.493180][ T8575] sd 0:0:1:0: device reset [ 367.498755][ T8572] vxcan1 speed is unknown, defaulting to 1000 [ 367.625654][ T30] kauditd_printk_skb: 161 callbacks suppressed [ 367.625738][ T30] audit: type=1400 audit(348.899:21137): avc: denied { write } for pid=8599 comm="syz.4.17035" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 367.653473][ T30] audit: type=1400 audit(348.908:21138): avc: denied { write } for pid=8600 comm="syz.0.17036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 367.672580][ T30] audit: type=1326 audit(348.918:21139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8601 comm="syz.6.17034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 367.696160][ T30] audit: type=1326 audit(348.918:21140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8601 comm="syz.6.17034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 367.719132][ T30] audit: type=1326 audit(348.918:21141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8601 comm="syz.6.17034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 367.742968][ T30] audit: type=1326 audit(348.918:21142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8601 comm="syz.6.17034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 367.765936][ T30] audit: type=1326 audit(348.918:21143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8601 comm="syz.6.17034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 367.789580][ T30] audit: type=1326 audit(348.918:21144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8601 comm="syz.6.17034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 367.867821][ T30] audit: type=1326 audit(349.133:21145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8611 comm="syz.2.17039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 367.891461][ T30] audit: type=1326 audit(349.133:21146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8611 comm="syz.2.17039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 368.107900][ T8661] loop6: detected capacity change from 0 to 128 [ 368.137707][ T8661] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 368.176121][T21857] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 368.409034][ T8696] netlink: 3 bytes leftover after parsing attributes in process `syz.6.17080'. [ 368.419702][ T8696] 0ªX¹¦À: renamed from caif0 [ 368.428784][ T8696] 0ªX¹¦À: entered allmulticast mode [ 368.434027][ T8696] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 368.507870][ T8713] IPVS: ip_vs_add_dest(): server weight less than zero [ 368.516936][ T3374] IPVS: starting estimator thread 0... [ 368.548512][ T8717] vxcan1 speed is unknown, defaulting to 1000 [ 368.632223][ T8715] IPVS: using max 2928 ests per chain, 146400 per kthread [ 368.640026][ T8728] vxcan1 speed is unknown, defaulting to 1000 [ 368.788283][ T8733] netlink: 3 bytes leftover after parsing attributes in process `syz.0.17095'. [ 368.809319][ T8733] 0ªX¹¦À: renamed from caif0 [ 368.854726][ T8733] 0ªX¹¦À: entered allmulticast mode [ 368.859954][ T8733] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 368.951894][ T8740] xt_hashlimit: max too large, truncated to 1048576 [ 369.037976][ T8752] netlink: 60 bytes leftover after parsing attributes in process `syz.1.17105'. [ 369.280380][ T8781] netlink: 'syz.6.17119': attribute type 7 has an invalid length. [ 369.388187][ T8798] netlink: 3 bytes leftover after parsing attributes in process `syz.2.17126'. [ 369.399345][ T8798] 0ªX¹¦À: renamed from caif0 [ 369.409312][ T8798] 0ªX¹¦À: entered allmulticast mode [ 369.414610][ T8798] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 369.473101][ T8807] netlink: 180900 bytes leftover after parsing attributes in process `syz.6.17131'. [ 369.500307][ T8807] netlink: zone id is out of range [ 369.505447][ T8807] netlink: zone id is out of range [ 369.516872][ T8807] netlink: zone id is out of range [ 369.531552][ T8811] loop2: detected capacity change from 0 to 512 [ 369.538626][ T8807] netlink: set zone limit has 8 unknown bytes [ 369.548894][ T8811] EXT4-fs (loop2): orphan cleanup on readonly fs [ 369.559100][ T8811] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.17133: bg 0: block 248: padding at end of block bitmap is not set [ 369.576548][ T8811] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.17133: Failed to acquire dquot type 1 [ 369.589627][ T8811] EXT4-fs (loop2): 1 truncate cleaned up [ 369.597435][ T8811] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 369.639079][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.648726][ T8818] netlink: 'syz.4.17136': attribute type 1 has an invalid length. [ 369.656610][ T8818] netlink: 16 bytes leftover after parsing attributes in process `syz.4.17136'. [ 369.687042][ T8824] loop2: detected capacity change from 0 to 1024 [ 369.689956][ T8828] loop6: detected capacity change from 0 to 128 [ 369.693848][ T8824] EXT4-fs: Ignoring removed orlov option [ 369.705927][ T8824] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 369.709382][ T8828] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 547) [ 369.724943][ T8828] FAT-fs (loop6): Filesystem has been set read-only [ 369.728187][ T8824] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #11: comm syz.2.17138: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 369.731795][ T8828] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 547) [ 369.751762][ T8824] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.17138: couldn't read orphan inode 11 (err -117) [ 369.773593][ T8824] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 369.786835][ T8828] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 547) [ 369.813448][ T8833] Invalid ELF header magic: != ELF [ 369.828181][ T8824] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.17138: Invalid block bitmap block 0 in block_group 0 [ 369.843401][ T8824] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.17138: Failed to acquire dquot type 0 [ 369.872985][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.885470][T32120] EXT4-fs error (device loop2): ext4_release_dquot:6950: comm kworker/u8:25: Failed to release dquot type 0 [ 369.990609][ T8856] lo: entered promiscuous mode [ 369.995422][ T8856] lo: entered allmulticast mode [ 370.026963][ T8849] loop6: detected capacity change from 0 to 8192 [ 370.142498][ T8883] vxcan1 speed is unknown, defaulting to 1000 [ 370.176449][ T8889] netlink: 'syz.6.17170': attribute type 1 has an invalid length. [ 370.314954][ T8900] loop1: detected capacity change from 0 to 8192 [ 370.346094][ T8916] loop4: detected capacity change from 0 to 512 [ 370.361628][ T8913] loop2: detected capacity change from 0 to 1024 [ 370.390449][ T8913] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 370.401943][ T8913] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 370.414342][ T8924] $Hÿ: (slave syz_tun): Releasing backup interface [ 370.428422][ T8916] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 370.433123][ T8913] JBD2: no valid journal superblock found [ 370.447194][ T8913] EXT4-fs (loop2): Could not load journal inode [ 370.504169][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.537462][ T8943] Invalid ELF header magic: != ELF [ 370.750417][ T8978] lo: entered promiscuous mode [ 370.755250][ T8978] lo: entered allmulticast mode [ 370.817298][ T8990] loop4: detected capacity change from 0 to 1024 [ 370.825159][ T8990] EXT4-fs: Ignoring removed orlov option [ 370.831306][ T8990] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 370.859743][ T8990] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #11: comm syz.4.17213: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 370.880414][ T8990] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.17213: couldn't read orphan inode 11 (err -117) [ 370.894076][ T8990] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 370.912672][ T8996] __nla_validate_parse: 3 callbacks suppressed [ 370.912685][ T8996] netlink: 12 bytes leftover after parsing attributes in process `syz.2.17214'. [ 370.919850][ T8995] xt_TPROXY: Can be used only with -p tcp or -p udp [ 370.935150][ T8990] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.17213: Invalid block bitmap block 0 in block_group 0 [ 370.951148][ T8990] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.17213: Failed to acquire dquot type 0 [ 371.004193][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.022872][T32141] EXT4-fs error (device loop4): ext4_release_dquot:6950: comm kworker/u8:43: Failed to release dquot type 0 [ 371.043718][ T9009] syz_tun (unregistering): left allmulticast mode [ 371.055488][ T9013] loop6: detected capacity change from 0 to 128 [ 371.062656][ T9009] bond0: (slave syz_tun): Releasing backup interface [ 371.078908][ T9013] FAT-fs (loop6): Directory bread(block 32) failed [ 371.085524][ T9013] FAT-fs (loop6): Directory bread(block 33) failed [ 371.092356][ T9013] FAT-fs (loop6): Directory bread(block 34) failed [ 371.099028][ T9013] FAT-fs (loop6): Directory bread(block 35) failed [ 371.105650][ T9013] FAT-fs (loop6): Directory bread(block 36) failed [ 371.114559][ T9019] netlink: 4 bytes leftover after parsing attributes in process `syz.4.17226'. [ 371.123602][ T9013] FAT-fs (loop6): Directory bread(block 37) failed [ 371.128785][ T9023] netlink: 'syz.1.17228': attribute type 46 has an invalid length. [ 371.130168][ T9013] FAT-fs (loop6): Directory bread(block 38) failed [ 371.138835][ T9023] netlink: 212868 bytes leftover after parsing attributes in process `syz.1.17228'. [ 371.145491][ T9013] FAT-fs (loop6): Directory bread(block 39) failed [ 371.160662][ T9013] FAT-fs (loop6): Directory bread(block 40) failed [ 371.209089][ T9028] netlink: 20 bytes leftover after parsing attributes in process `syz.4.17230'. [ 371.215999][ T9013] FAT-fs (loop6): Directory bread(block 41) failed [ 371.286425][ T9037] bond0: option resend_igmp: invalid value (37005) [ 371.293018][ T9037] bond0: option resend_igmp: allowed values 0 - 255 [ 371.299909][ T48] bond0: (slave bond_slave_0): interface is now down [ 371.306673][ T48] bond0: (slave bond_slave_1): interface is now down [ 371.316420][ T48] bond0: now running without any active interface! [ 371.328429][ T9013] syz.6.17224: attempt to access beyond end of device [ 371.328429][ T9013] loop6: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 371.343061][ T9013] FAT-fs (loop6): Filesystem has been set read-only [ 371.345809][ T9035] netlink: 'syz.1.17234': attribute type 13 has an invalid length. [ 371.353147][ T9013] FAT-fs (loop6): error, fat_free_clusters: deleting FAT entry beyond EOF [ 371.358303][ T9035] netlink: 152 bytes leftover after parsing attributes in process `syz.1.17234'. [ 371.410631][ T9044] netlink: 8 bytes leftover after parsing attributes in process `syz.4.17247'. [ 371.442947][ T9048] loop6: detected capacity change from 0 to 512 [ 371.548959][ T9048] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 371.646555][T21857] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.707276][ T9068] loop6: detected capacity change from 0 to 512 [ 371.755555][ T9068] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 371.864143][T21857] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.884312][ T9082] loop6: detected capacity change from 0 to 512 [ 371.932750][ T9078] netlink: 28 bytes leftover after parsing attributes in process `syz.2.17253'. [ 371.941917][ T9078] netlink: 28 bytes leftover after parsing attributes in process `syz.2.17253'. [ 371.954345][ T9082] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 371.989133][ T9082] EXT4-fs error (device loop6): ext4_do_update_inode:5154: inode #2: comm syz.6.17255: corrupted inode contents [ 372.053729][ T9082] EXT4-fs error (device loop6): ext4_dirty_inode:6042: inode #2: comm syz.6.17255: mark_inode_dirty error [ 372.097443][ T9082] EXT4-fs error (device loop6): ext4_do_update_inode:5154: inode #2: comm syz.6.17255: corrupted inode contents [ 372.127380][ T9082] EXT4-fs error (device loop6): __ext4_ext_dirty:207: inode #2: comm syz.6.17255: mark_inode_dirty error [ 372.187928][T21857] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 372.406504][ T9110] netlink: 28 bytes leftover after parsing attributes in process `syz.4.17268'. [ 372.415672][ T9110] netlink: 28 bytes leftover after parsing attributes in process `syz.4.17268'. [ 372.462626][ T9117] sctp: [Deprecated]: syz.2.17270 (pid 9117) Use of struct sctp_assoc_value in delayed_ack socket option. [ 372.462626][ T9117] Use struct sctp_sack_info instead [ 372.555034][ T9121] loop4: detected capacity change from 0 to 128 [ 372.722727][ T9125] vxcan1 speed is unknown, defaulting to 1000 [ 372.740122][ T9147] loop1: detected capacity change from 0 to 512 [ 372.756934][ T9147] EXT4-fs: Ignoring removed nobh option [ 372.762609][ T9147] EXT4-fs: Ignoring removed nobh option [ 372.784939][ T9147] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 372.802611][ T9147] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.17285: invalid indirect mapped block 4294967295 (level 2) [ 372.832210][ T9147] EXT4-fs (loop1): 1 truncate cleaned up [ 372.838087][ T9147] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 372.854353][ T9147] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.17285: Invalid block bitmap block 3 in block_group 0 [ 372.869429][ T9147] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 372.931201][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.685308][ T9177] 9pnet_fd: Insufficient options for proto=fd [ 373.786477][ T30] kauditd_printk_skb: 142 callbacks suppressed [ 373.786490][ T30] audit: type=1326 audit(354.670:21281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9187 comm="syz.6.17303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 373.832238][ T30] audit: type=1326 audit(354.698:21282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9187 comm="syz.6.17303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 373.926115][ T30] audit: type=1326 audit(354.792:21283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9187 comm="syz.6.17303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 373.949956][ T30] audit: type=1326 audit(354.792:21284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9187 comm="syz.6.17303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 373.973009][ T30] audit: type=1326 audit(354.801:21285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9187 comm="syz.6.17303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 373.996632][ T30] audit: type=1326 audit(354.801:21286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9187 comm="syz.6.17303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 374.020423][ T30] audit: type=1326 audit(354.801:21287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9187 comm="syz.6.17303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 374.252941][ T30] audit: type=1326 audit(355.017:21288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9206 comm="syz.6.17311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 374.276845][ T30] audit: type=1326 audit(355.017:21289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9206 comm="syz.6.17311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 374.299922][ T30] audit: type=1326 audit(355.017:21290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9206 comm="syz.6.17311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790995d169 code=0x7ffc0000 [ 374.683305][ T9247] loop2: detected capacity change from 0 to 128 [ 374.689863][ T9247] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 374.702208][ T9247] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 374.729945][ T3301] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 374.947785][ T9271] loop4: detected capacity change from 0 to 2048 [ 374.973239][ T9271] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 375.024790][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 375.714934][ T9318] loop6: detected capacity change from 0 to 256 [ 375.780836][ T9322] program syz.6.17363 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 376.150132][ T9360] loop1: detected capacity change from 0 to 2048 [ 376.178412][ T9360] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 376.207206][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 376.309649][ T9379] loop6: detected capacity change from 0 to 128 [ 376.397025][ T9391] loop2: detected capacity change from 0 to 128 [ 376.464670][ T9391] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 376.583849][ T3301] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 376.819743][ T9412] __nla_validate_parse: 5 callbacks suppressed [ 376.819760][ T9412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17405'. [ 376.972421][ T9421] vxcan1 speed is unknown, defaulting to 1000 [ 377.145199][ T9421] chnl_net:caif_netlink_parms(): no params data found [ 377.401982][ T9421] bridge0: port 1(bridge_slave_0) entered blocking state [ 377.409230][ T9421] bridge0: port 1(bridge_slave_0) entered disabled state [ 377.426342][ T9421] bridge_slave_0: entered allmulticast mode [ 377.445676][ T9421] bridge_slave_0: entered promiscuous mode [ 377.459430][ T9421] bridge0: port 2(bridge_slave_1) entered blocking state [ 377.467175][ T9421] bridge0: port 2(bridge_slave_1) entered disabled state [ 377.487229][ T9421] bridge_slave_1: entered allmulticast mode [ 377.498099][ T9421] bridge_slave_1: entered promiscuous mode [ 377.529337][ T9460] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 377.535935][ T9460] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 377.543712][ T9460] vhci_hcd vhci_hcd.0: Device attached [ 377.552909][ T9461] vhci_hcd: connection closed [ 377.553114][ T48] vhci_hcd: stop threads [ 377.562775][ T48] vhci_hcd: release socket [ 377.567276][ T48] vhci_hcd: disconnect device [ 377.581637][ T9421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 377.603279][ T9421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 377.637106][ T9421] team0: Port device team_slave_0 added [ 377.646916][ T9421] team0: Port device team_slave_1 added [ 377.690072][ T9421] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 377.697081][ T9421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 377.723662][ T9421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 377.740108][ T9421] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 377.747077][ T9421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 377.773694][ T9421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 377.907606][ T9475] SELinux: ebitmap: truncated map [ 377.920518][ T9475] SELinux: failed to load policy [ 377.959181][ T9421] hsr_slave_0: entered promiscuous mode [ 377.976122][ T9421] hsr_slave_1: entered promiscuous mode [ 378.009377][ T9483] netlink: 268 bytes leftover after parsing attributes in process `syz.2.17432'. [ 378.114425][ T9490] netlink: 332 bytes leftover after parsing attributes in process `syz.4.17435'. [ 378.128577][ T9490] netlink: 160 bytes leftover after parsing attributes in process `syz.4.17435'. [ 378.598082][ T9421] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 378.629483][ T9421] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 378.660715][ T9421] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 378.714106][ T9421] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 378.801421][ T9534] loop2: detected capacity change from 0 to 128 [ 378.811152][ T9421] 8021q: adding VLAN 0 to HW filter on device bond0 [ 378.841997][ T9421] 8021q: adding VLAN 0 to HW filter on device team0 [ 378.872170][T32149] bridge0: port 1(bridge_slave_0) entered blocking state [ 378.879366][T32149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 378.891918][ T9536] netlink: 'syz.4.17457': attribute type 21 has an invalid length. [ 378.900334][ T9536] netlink: 152 bytes leftover after parsing attributes in process `syz.4.17457'. [ 378.922327][ T9421] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 378.932796][ T9421] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 378.948690][T32149] bridge0: port 2(bridge_slave_1) entered blocking state [ 378.955768][T32149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 379.010306][ T9421] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 379.148735][ T9421] veth0_vlan: entered promiscuous mode [ 379.157154][ T9421] veth1_vlan: entered promiscuous mode [ 379.174944][ T9421] veth0_macvtap: entered promiscuous mode [ 379.184003][ T9421] veth1_macvtap: entered promiscuous mode [ 379.197206][ T9421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 379.207668][ T9421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.217585][ T9421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 379.228765][ T9421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.238689][ T9421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 379.249127][ T9421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.264571][ T9421] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 379.280750][ T9421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 379.291893][ T9421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.301826][ T9421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 379.312270][ T9421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.328146][ T9421] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 379.338054][ T9421] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.347082][ T9421] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.356533][ T9421] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.365272][ T9421] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.403042][ T30] kauditd_printk_skb: 74 callbacks suppressed [ 379.403057][ T30] audit: type=1400 audit(359.918:21365): avc: denied { mounton } for pid=9421 comm="syz-executor" path="/root/syzkaller.GAvE3Z/syz-tmp" dev="sda1" ino=1968 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 379.470340][ T30] audit: type=1400 audit(359.955:21366): avc: denied { mount } for pid=9421 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 379.492781][ T30] audit: type=1400 audit(359.955:21367): avc: denied { mounton } for pid=9421 comm="syz-executor" path="/root/syzkaller.GAvE3Z/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 379.519056][ T30] audit: type=1400 audit(359.965:21368): avc: denied { mounton } for pid=9421 comm="syz-executor" path="/root/syzkaller.GAvE3Z/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=130852 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 379.546899][ T30] audit: type=1400 audit(359.965:21369): avc: denied { mounton } for pid=9421 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=502 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 379.569309][ T30] audit: type=1400 audit(359.965:21370): avc: denied { mount } for pid=9421 comm="syz-executor" name="/" dev="gadgetfs" ino=4142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 379.687243][ T9578] loop1: detected capacity change from 0 to 512 [ 379.750986][ T9578] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 379.764628][ T9578] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.17462: invalid indirect mapped block 2683928664 (level 1) [ 379.779909][ T9578] EXT4-fs (loop1): 1 truncate cleaned up [ 379.788446][ T9578] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 379.806017][ T9589] netlink: 36 bytes leftover after parsing attributes in process `syz.0.17464'. [ 379.833621][ T9578] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.17462: Invalid block bitmap block 3 in block_group 0 [ 379.898273][ T30] audit: type=1400 audit(360.395:21371): avc: denied { create } for pid=9595 comm="syz.4.17474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 379.918858][ T30] audit: type=1400 audit(360.404:21372): avc: denied { write } for pid=9595 comm="syz.4.17474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 380.013863][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 380.070629][ T30] audit: type=1326 audit(360.545:21373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9599 comm="syz.0.17476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e738cd169 code=0x7ffc0000 [ 380.093740][ T30] audit: type=1326 audit(360.545:21374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9599 comm="syz.0.17476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e738cd169 code=0x7ffc0000 [ 380.183959][ T9611] loop1: detected capacity change from 0 to 512 [ 380.192595][ T9611] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 380.220538][ T9611] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 380.238102][ T9611] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 380.255838][ T9611] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 32768 with max blocks 1 with error 28 [ 380.268382][ T9611] EXT4-fs (loop1): This should not happen!! Data will be lost [ 380.268382][ T9611] [ 380.278082][ T9611] EXT4-fs (loop1): Total free blocks count 0 [ 380.284706][ T9611] EXT4-fs (loop1): Free/Dirty block details [ 380.290594][ T9611] EXT4-fs (loop1): free_blocks=39626 [ 380.295951][ T9611] EXT4-fs (loop1): dirty_blocks=1 [ 380.301045][ T9611] EXT4-fs (loop1): Block reservation details [ 380.307049][ T9611] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 380.479343][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 380.499079][ T9619] SELinux: security_context_str_to_sid () failed with errno=-22 [ 380.630980][ T9634] loop2: detected capacity change from 0 to 256 [ 381.182999][ T9682] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17514'. [ 381.556762][ T9719] netlink: 16 bytes leftover after parsing attributes in process `syz.4.17530'. [ 381.715325][ T9736] loop2: detected capacity change from 0 to 512 [ 381.756347][ T9734] loop4: detected capacity change from 0 to 8192 [ 381.764103][ T9736] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 381.793433][ T9734] syz.4.17537: attempt to access beyond end of device [ 381.793433][ T9734] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 381.838479][ T9734] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 381.846432][ T9734] FAT-fs (loop4): Filesystem has been set read-only [ 381.859471][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 381.880568][ T9734] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 381.891323][ T9744] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 6081 - 0 [ 381.900326][ T9744] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 6081 - 0 [ 381.908582][ T9744] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 6081 - 0 [ 381.916867][ T9744] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 6081 - 0 [ 381.932164][ T9734] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 381.943908][ T9744] geneve3: entered promiscuous mode [ 381.949195][ T9744] geneve3: entered allmulticast mode [ 381.988118][ T9744] netdevsim netdevsim0 eth0: unset [1, 1] type 2 family 0 port 6081 - 0 [ 381.997233][ T9744] netdevsim netdevsim0 eth1: unset [1, 1] type 2 family 0 port 6081 - 0 [ 382.005646][ T9744] netdevsim netdevsim0 eth2: unset [1, 1] type 2 family 0 port 6081 - 0 [ 382.014054][ T9744] netdevsim netdevsim0 eth3: unset [1, 1] type 2 family 0 port 6081 - 0 [ 382.102017][ T9754] netlink: 146340 bytes leftover after parsing attributes in process `syz.4.17544'. [ 382.116103][ T9754] netlink: zone id is out of range [ 382.121232][ T9754] netlink: zone id is out of range [ 382.174313][ T9754] netlink: del zone limit has 8 unknown bytes [ 382.230167][ T9762] loop4: detected capacity change from 0 to 512 [ 382.273566][ T9762] EXT4-fs warning (device loop4): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 382.308940][ T9762] EXT4-fs (loop4): mount failed [ 382.350959][ T9773] loop4: detected capacity change from 0 to 1024 [ 382.384827][ T9773] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 382.459210][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 383.177677][ T9841] loop4: detected capacity change from 0 to 128 [ 383.234091][ T9841] FAT-fs (loop4): Directory bread(block 162) failed [ 383.240717][ T9841] FAT-fs (loop4): Directory bread(block 163) failed [ 383.250368][ T9851] xt_CT: No such helper "pptp" [ 383.305400][ T9841] FAT-fs (loop4): Directory bread(block 164) failed [ 383.312311][ T9841] FAT-fs (loop4): Directory bread(block 165) failed [ 383.330761][ T9841] FAT-fs (loop4): Directory bread(block 166) failed [ 383.337404][ T9841] FAT-fs (loop4): Directory bread(block 167) failed [ 383.352823][ T9841] FAT-fs (loop4): Directory bread(block 168) failed [ 383.369003][ T9841] FAT-fs (loop4): Directory bread(block 169) failed [ 383.442046][ T9870] netlink: 104 bytes leftover after parsing attributes in process `syz.5.17595'. [ 383.494590][ T9841] FAT-fs (loop4): Directory bread(block 162) failed [ 383.523079][ T9841] FAT-fs (loop4): Directory bread(block 163) failed [ 383.547695][ T9841] syz.4.17583: attempt to access beyond end of device [ 383.547695][ T9841] loop4: rw=3, sector=226, nr_sectors = 6 limit=128 [ 383.603501][ T9841] syz.4.17583: attempt to access beyond end of device [ 383.603501][ T9841] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 383.759967][ T9882] netlink: 8 bytes leftover after parsing attributes in process `syz.4.17603'. [ 383.769053][ T9882] netlink: 'syz.4.17603': attribute type 21 has an invalid length. [ 384.193960][ T9898] loop4: detected capacity change from 0 to 8192 [ 384.442494][ T9915] netlink: 'syz.4.17618': attribute type 13 has an invalid length. [ 384.766797][ T9915] gretap0: refused to change device tx_queue_len [ 384.773317][ T9915] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 384.836266][ T9905] vxcan1 speed is unknown, defaulting to 1000 [ 384.918901][ T30] kauditd_printk_skb: 219 callbacks suppressed [ 384.918916][ T30] audit: type=1326 audit(365.081:21593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9923 comm="syz.0.17622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e738cd169 code=0x7ffc0000 [ 385.185197][ T30] audit: type=1326 audit(365.109:21594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9923 comm="syz.0.17622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e738cd169 code=0x7ffc0000 [ 385.208889][ T30] audit: type=1326 audit(365.109:21595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9923 comm="syz.0.17622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7f2e738cd169 code=0x7ffc0000 [ 385.231943][ T30] audit: type=1326 audit(365.109:21596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9923 comm="syz.0.17622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e738cd169 code=0x7ffc0000 [ 385.255871][ T30] audit: type=1326 audit(365.109:21597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9923 comm="syz.0.17622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e738cd169 code=0x7ffc0000 [ 385.480314][ T9937] loop2: detected capacity change from 0 to 256 [ 385.620441][ T30] audit: type=1326 audit(365.746:21598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9941 comm="syz.1.17630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1cfacd169 code=0x7ffc0000 [ 385.644216][ T30] audit: type=1326 audit(365.746:21599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9941 comm="syz.1.17630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff1cfacd169 code=0x7ffc0000 [ 385.793321][ T30] audit: type=1326 audit(365.764:21600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9941 comm="syz.1.17630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1cfacd169 code=0x7ffc0000 [ 385.816994][ T30] audit: type=1326 audit(365.764:21601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9941 comm="syz.1.17630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1cfacd169 code=0x7ffc0000 [ 385.840012][ T30] audit: type=1326 audit(365.764:21602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9941 comm="syz.1.17630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff1cfacd169 code=0x7ffc0000 [ 386.000068][ T9949] loop5: detected capacity change from 0 to 512 [ 386.010144][ T9957] netlink: 'syz.2.17638': attribute type 10 has an invalid length. [ 386.066924][ T9957] hsr_slave_0: left promiscuous mode [ 386.076197][ T9957] hsr_slave_1: left promiscuous mode [ 386.101001][ T9957] 0· (unregistering): left promiscuous mode [ 386.106952][ T9957] bridge0: port 3(70·) entered disabled state [ 386.145590][ T9949] EXT4-fs (loop5): too many log groups per flexible block group [ 386.153891][ T9949] EXT4-fs (loop5): failed to initialize mballoc (-12) [ 386.163449][ T9949] EXT4-fs (loop5): mount failed [ 386.865642][T10011] netlink: 16 bytes leftover after parsing attributes in process `syz.4.17661'. [ 387.512145][T10058] netlink: 16 bytes leftover after parsing attributes in process `syz.0.17682'. [ 387.703679][T10071] netlink: 132 bytes leftover after parsing attributes in process `syz.5.17688'. [ 387.830359][T10079] loop1: detected capacity change from 0 to 1024 [ 387.853756][T10081] netlink: 'syz.4.17694': attribute type 3 has an invalid length. [ 387.861595][T10081] netlink: 'syz.4.17694': attribute type 1 has an invalid length. [ 387.916430][T10079] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 387.928163][T10079] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 388.044489][T10079] EXT4-fs (loop1): stripe (8) is not aligned with cluster size (16), stripe is disabled [ 388.104392][T10079] EXT4-fs (loop1): invalid journal inode [ 388.150639][T10099] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17701'. [ 388.182081][T10099] batadv1: left allmulticast mode [ 388.188032][T10099] batadv1: left promiscuous mode [ 388.193052][T10099] bridge0: port 5(batadv1) entered disabled state [ 388.260623][T10099] gretap1: left promiscuous mode [ 388.265739][T10099] bridge0: port 4(gretap1) entered disabled state [ 388.397832][T10099] bridge_slave_1: left allmulticast mode [ 388.403506][T10099] bridge_slave_1: left promiscuous mode [ 388.409190][T10099] bridge0: port 2(bridge_slave_1) entered disabled state [ 388.445207][T10104] netlink: 1196 bytes leftover after parsing attributes in process `syz.4.17703'. [ 388.485160][T10099] bridge_slave_0: left allmulticast mode [ 388.490883][T10099] bridge_slave_0: left promiscuous mode [ 388.496537][T10099] bridge0: port 1(bridge_slave_0) entered disabled state [ 388.645780][T10110] vxcan1 speed is unknown, defaulting to 1000 [ 388.911652][T10130] loop2: detected capacity change from 0 to 128 [ 389.188785][T10130] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 389.249124][ T3301] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 389.336758][T10145] loop5: detected capacity change from 0 to 2048 [ 389.402942][T10145] loop5: p3 p4 < > [ 389.524039][T10158] loop1: detected capacity change from 0 to 1024 [ 389.573729][T10158] EXT4-fs: Ignoring removed bh option [ 389.579185][T10158] EXT4-fs: Ignoring removed oldalloc option [ 389.628250][T10158] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 390.048925][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.223199][T10209] netlink: 36 bytes leftover after parsing attributes in process `syz.4.17749'. [ 390.294776][T10212] loop1: detected capacity change from 0 to 128 [ 390.304548][ T30] kauditd_printk_skb: 47 callbacks suppressed [ 390.304562][ T30] audit: type=1400 audit(370.123:21650): avc: denied { create } for pid=10213 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 390.357329][T10215] vxcan1 speed is unknown, defaulting to 1000 [ 390.384055][T10218] lo: left allmulticast mode [ 390.408695][T10220] sctp: [Deprecated]: syz.0.17755 (pid 10220) Use of int in maxseg socket option. [ 390.408695][T10220] Use struct sctp_assoc_value instead [ 390.473598][ T30] audit: type=1400 audit(370.282:21651): avc: denied { create } for pid=10223 comm="syz.0.17757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 390.550843][T10228] 9pnet_fd: Insufficient options for proto=fd [ 390.573068][T10230] netlink: 'syz.1.17760': attribute type 6 has an invalid length. [ 390.581042][T10230] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.17760'. [ 390.666834][ T30] audit: type=1400 audit(370.460:21652): avc: denied { write } for pid=10233 comm="syz.4.17762" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 390.708857][ T30] audit: type=1400 audit(370.479:21653): avc: denied { bind } for pid=10231 comm="syz.0.17761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 390.763746][T10243] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17748'. [ 390.772891][T10243] netlink: 52 bytes leftover after parsing attributes in process `syz.2.17748'. [ 390.783880][T10243] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17748'. [ 390.815464][T10246] loop2: detected capacity change from 0 to 164 [ 390.822551][T10246] Unable to read rock-ridge attributes [ 390.832345][T10246] Unable to read rock-ridge attributes [ 390.910207][T10251] xt_hashlimit: max too large, truncated to 1048576 [ 390.997594][ T30] audit: type=1400 audit(370.759:21654): avc: denied { name_bind } for pid=10252 comm="syz.2.17769" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 391.087569][T10255] loop4: detected capacity change from 0 to 512 [ 391.128168][T10255] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 391.241007][T10255] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.17770: bg 0: block 64: padding at end of block bitmap is not set [ 391.270617][T10276] loop5: detected capacity change from 0 to 128 [ 391.285595][T10276] vfat: Unknown parameter 'u%f8' [ 391.310570][T10255] Quota error (device loop4): write_blk: dquota write failed [ 391.326683][T10255] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 391.360329][T10255] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.17770: Failed to acquire dquot type 0 [ 391.382558][ T30] audit: type=1326 audit(371.133:21655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10283 comm="syz.0.17782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e738cd169 code=0x7ffc0000 [ 391.406454][ T30] audit: type=1326 audit(371.133:21656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10283 comm="syz.0.17782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e738cd169 code=0x7ffc0000 [ 391.445884][ T30] audit: type=1326 audit(371.180:21657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10283 comm="syz.0.17782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f2e738cd169 code=0x7ffc0000 [ 391.505853][T10255] EXT4-fs (loop4): 1 truncate cleaned up [ 391.883115][T10320] loop2: detected capacity change from 0 to 128 [ 391.953178][T10316] tap0: tun_chr_ioctl cmd 1074025677 [ 391.995568][T10316] tap0: linktype set to 769 [ 392.044513][T10337] xt_hashlimit: max too large, truncated to 1048576 [ 392.297952][T10356] loop4: detected capacity change from 0 to 1764 [ 392.358814][T10366] loop4: detected capacity change from 0 to 1024 [ 392.376867][T10366] EXT4-fs: Ignoring removed nobh option [ 392.382452][T10366] EXT4-fs: Ignoring removed bh option [ 392.410185][T10370] dvmrp5: entered allmulticast mode [ 392.423627][T10370] pimreg: entered allmulticast mode [ 392.430658][T10370] pimreg: left allmulticast mode [ 392.435631][T10370] dvmrp5: left allmulticast mode [ 392.495529][T10366] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4115: comm syz.4.17822: Allocating blocks 497-513 which overlap fs metadata [ 392.586420][T10366] EXT4-fs (loop4): pa ffff88810a95bbd0: logic 256, phys. 385, len 8 [ 392.594792][T10366] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1 [ 392.633583][T10379] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 392.676025][T10385] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=10385 comm=syz.5.17828 [ 392.801052][T10398] loop5: detected capacity change from 0 to 128 [ 392.829495][T10402] netlink: 'syz.0.17839': attribute type 1 has an invalid length. [ 393.027423][T10411] netlink: 11562 bytes leftover after parsing attributes in process `syz.4.17837'. [ 393.409518][T10436] netlink: 28 bytes leftover after parsing attributes in process `syz.5.17854'. [ 393.419294][T10436] netlink: 28 bytes leftover after parsing attributes in process `syz.5.17854'. [ 394.192788][T10455] loop1: detected capacity change from 0 to 764 [ 394.473272][T10472] hugetlbfs: syz.4.17871 (10472): Using mlock ulimits for SHM_HUGETLB is obsolete [ 394.660663][T10486] loop1: detected capacity change from 0 to 1024 [ 394.705085][T10486] EXT4-fs: Ignoring removed bh option [ 394.748486][T10489] syz.4.17877: attempt to access beyond end of device [ 394.748486][T10489] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 394.785706][T10486] EXT4-fs mount: 8 callbacks suppressed [ 394.785726][T10486] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 394.825000][T10486] EXT4-fs error (device loop1): ext4_xattr_set_entry:1668: inode #15: comm syz.1.17876: corrupted xattr entries [ 394.872285][T10486] EXT4-fs error (device loop1): ext4_xattr_block_set:2218: inode #15: comm syz.1.17876: bad block 113 [ 394.991423][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 395.149577][T10504] loop4: detected capacity change from 0 to 512 [ 395.174351][T10504] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 395.200581][T10510] sctp: [Deprecated]: syz.1.17886 (pid 10510) Use of struct sctp_assoc_value in delayed_ack socket option. [ 395.200581][T10510] Use struct sctp_sack_info instead [ 395.231706][T10504] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 395.291734][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 395.751786][ T30] kauditd_printk_skb: 56 callbacks suppressed [ 395.751801][ T30] audit: type=1326 audit(375.211:21714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10536 comm="syz.2.17897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 395.885491][ T30] audit: type=1326 audit(375.211:21715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10536 comm="syz.2.17897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 395.909435][ T30] audit: type=1326 audit(375.248:21716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10536 comm="syz.2.17897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 395.933384][ T30] audit: type=1326 audit(375.248:21717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10536 comm="syz.2.17897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 395.958507][ T30] audit: type=1326 audit(375.248:21718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10536 comm="syz.2.17897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 395.982358][ T30] audit: type=1326 audit(375.248:21719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10536 comm="syz.2.17897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 396.006257][ T30] audit: type=1326 audit(375.248:21720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10536 comm="syz.2.17897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 396.030174][ T30] audit: type=1326 audit(375.248:21721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10536 comm="syz.2.17897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 396.054099][ T30] audit: type=1326 audit(375.248:21722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10536 comm="syz.2.17897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 396.077967][ T30] audit: type=1326 audit(375.248:21723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10536 comm="syz.2.17897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 396.273649][T10564] loop2: detected capacity change from 0 to 8192 [ 396.584741][T10610] netlink: 60 bytes leftover after parsing attributes in process `syz.2.17931'. [ 396.641249][T10619] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 396.705702][T10623] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.17937'. [ 396.789644][T10632] Invalid ELF header magic: != ELF [ 396.856562][T10640] loop1: detected capacity change from 0 to 1024 [ 396.878893][T10640] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (12806!=20869) [ 396.898084][T10640] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002] [ 396.907147][T10640] System zones: 0-1, 3-36 [ 396.911616][T10640] EXT4-fs (loop1): orphan cleanup on readonly fs [ 396.920794][T10640] EXT4-fs (loop1): 1 orphan inode deleted [ 396.928681][T10640] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 396.957663][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 397.208508][T10672] tun0: tun_chr_ioctl cmd 1074025677 [ 397.213928][T10672] tun0: linktype set to 768 [ 397.247853][T10677] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17964'. [ 397.293386][T10682] netlink: 'syz.0.17961': attribute type 1 has an invalid length. [ 398.052342][T10727] netlink: 'syz.5.17984': attribute type 10 has an invalid length. [ 398.091389][T10727] team0: Cannot enslave team device to itself [ 398.296042][T10747] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17993'. [ 398.305131][T10747] netlink: 12 bytes leftover after parsing attributes in process `syz.1.17993'. [ 398.497264][T10768] IPv6: addrconf: prefix option has invalid lifetime [ 398.565951][T10777] netlink: 'syz.5.18009': attribute type 9 has an invalid length. [ 398.630893][T10784] netlink: 'syz.0.18012': attribute type 3 has an invalid length. [ 398.639487][T10784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18012'. [ 398.841562][T10809] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 398.880542][T10811] loop5: detected capacity change from 0 to 512 [ 398.920538][T10811] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 398.955127][T10811] EXT4-fs (loop5): 1 truncate cleaned up [ 398.980409][T10811] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 399.191483][ T9421] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.331340][T10835] loop5: detected capacity change from 0 to 512 [ 399.341611][T10837] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.18033'. [ 399.360349][T10835] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 399.382302][T10835] EXT4-fs (loop5): orphan cleanup on readonly fs [ 399.411998][T10839] loop2: detected capacity change from 0 to 2048 [ 399.418261][T10835] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.18028: Failed to acquire dquot type 1 [ 399.420651][T10839] EXT4-fs: Ignoring removed bh option [ 399.479809][T10835] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.18028: bg 0: block 40: padding at end of block bitmap is not set [ 399.496238][T10835] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 399.505295][T10835] EXT4-fs (loop5): 1 truncate cleaned up [ 399.613625][T10835] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 399.643442][T10839] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 399.669367][T10847] netlink: 8 bytes leftover after parsing attributes in process `syz.4.18036'. [ 399.678480][T10847] netlink: 'syz.4.18036': attribute type 3 has an invalid length. [ 399.734333][ T9421] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.801068][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 400.130373][T10870] loop2: detected capacity change from 0 to 2048 [ 400.204958][T10876] loop5: detected capacity change from 0 to 512 [ 400.214013][T10870] Alternate GPT is invalid, using primary GPT. [ 400.224209][T10870] loop2: p1 p2 p3 [ 400.337046][T10876] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 400.346205][T10876] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 400.355819][T10876] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 400.363883][T10876] System zones: 0-2, 18-18, 34-34 [ 400.369372][T10876] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 400.385340][T10876] EXT4-fs (loop5): 1 truncate cleaned up [ 400.391575][T10876] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 400.426842][ T9421] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 400.438143][T10884] netlink: 12 bytes leftover after parsing attributes in process `syz.2.18053'. [ 400.555280][T10898] netlink: 'syz.0.18060': attribute type 11 has an invalid length. [ 400.798672][T10917] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 401.059340][T10932] loop4: detected capacity change from 0 to 512 [ 401.087242][T10932] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 401.104127][T10932] EXT4-fs (loop4): orphan cleanup on readonly fs [ 401.110800][T10932] __quota_error: 74 callbacks suppressed [ 401.110814][T10932] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated! [ 401.125487][T10932] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 401.135859][T10932] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.18074: Failed to acquire dquot type 1 [ 401.147923][T10932] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.18074: bg 0: block 40: padding at end of block bitmap is not set [ 401.210317][ T30] audit: type=1400 audit(380.319:21796): avc: denied { remount } for pid=10943 comm="syz.1.18082" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 401.261694][ T30] audit: type=1400 audit(380.375:21797): avc: denied { unmount } for pid=1673 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 401.340859][T10932] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 401.358210][T10932] EXT4-fs (loop4): 1 truncate cleaned up [ 401.386079][T10932] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 401.410073][T10951] loop1: detected capacity change from 0 to 1764 [ 401.421875][T10955] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 401.469282][T10955] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.476530][T10955] bridge0: port 1(bridge_slave_0) entered disabled state [ 401.508201][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 401.527357][T10961] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18090'. [ 401.782546][T32149] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 401.792431][T32149] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 402.153787][T32149] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 402.164525][T32149] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 402.198421][T10996] netlink: 'syz.4.18102': attribute type 13 has an invalid length. [ 402.230069][T10999] usb usb6: usbfs: process 10999 (syz.2.18103) did not claim interface 0 before use [ 402.259599][T10966] vxcan1 speed is unknown, defaulting to 1000 [ 402.311857][T32149] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 402.322313][T32149] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 402.585194][T11022] loop5: detected capacity change from 0 to 512 [ 402.659041][T11028] loop1: detected capacity change from 0 to 1024 [ 402.665750][T11028] EXT4-fs: Ignoring removed bh option [ 402.793942][T32149] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 402.803744][T32149] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0 [ 402.818180][T11022] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 402.844698][T11028] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 402.888378][T11028] EXT4-fs error (device loop1): ext4_xattr_set_entry:1668: inode #15: comm syz.1.18117: corrupted xattr entries [ 402.895120][ T30] audit: type=1400 audit(381.902:21798): avc: denied { create } for pid=11039 comm="syz.4.18121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 402.916041][T11028] EXT4-fs (loop1): Remounting filesystem read-only [ 402.936473][T11028] EXT4-fs warning (device loop1): ext4_xattr_block_set:2198: inode #18: comm syz.1.18117: dec ref error=-5 [ 402.971282][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.022010][T10966] chnl_net:caif_netlink_parms(): no params data found [ 403.139144][ T9421] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.163502][T32149] batadv1: left allmulticast mode [ 403.168547][T32149] batadv1: left promiscuous mode [ 403.174162][T32149] bridge0: port 2(batadv1) entered disabled state [ 403.180699][ T30] audit: type=1326 audit(382.145:21799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11045 comm="syz.2.18124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 403.204513][ T30] audit: type=1326 audit(382.145:21800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11045 comm="syz.2.18124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 403.227585][ T30] audit: type=1326 audit(382.145:21801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11045 comm="syz.2.18124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 403.251218][ T30] audit: type=1326 audit(382.145:21802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11045 comm="syz.2.18124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 403.299008][T32149] gretap0: left promiscuous mode [ 403.304123][T32149] bridge0: port 1(gretap0) entered disabled state [ 403.471229][ T30] audit: type=1400 audit(382.445:21803): avc: denied { write } for pid=11060 comm="syz.1.18129" path="socket:[128663]" dev="sockfs" ino=128663 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 403.585596][T32149] bond0 (unregistering): (slave bond3): Releasing backup interface [ 403.601434][T32149] bond0 (unregistering): Released all slaves [ 403.621448][T32149] bond1 (unregistering): Released all slaves [ 403.690736][T32149] bond2 (unregistering): Released all slaves [ 403.699672][T32149] bond3 (unregistering): Released all slaves [ 403.709860][T32149] bond4 (unregistering): Released all slaves [ 403.899587][T11086] loop4: detected capacity change from 0 to 1024 [ 403.906340][T11086] EXT4-fs: Ignoring removed orlov option [ 403.912033][T11086] EXT4-fs: Ignoring removed nomblk_io_submit option [ 403.931099][T11086] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 403.946220][T11086] EXT4-fs (loop4): shut down requested (2) [ 403.953029][T11086] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 403.961969][T11086] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 403.991172][T32149] tipc: Disabling bearer [ 403.997180][T32149] tipc: Disabling bearer [ 404.002423][T32149] tipc: Left network mode [ 404.012278][T10966] bridge0: port 1(bridge_slave_0) entered blocking state [ 404.019430][T10966] bridge0: port 1(bridge_slave_0) entered disabled state [ 404.029023][T10966] bridge_slave_0: entered allmulticast mode [ 404.035627][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 404.046457][T10966] bridge_slave_0: entered promiscuous mode [ 404.053751][T10966] bridge0: port 2(bridge_slave_1) entered blocking state [ 404.061496][T10966] bridge0: port 2(bridge_slave_1) entered disabled state [ 404.102291][T10966] bridge_slave_1: entered allmulticast mode [ 404.108895][T10966] bridge_slave_1: entered promiscuous mode [ 404.196939][T10966] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 404.223302][T11093] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11093 comm=syz.4.18141 [ 404.252386][T32149] hsr_slave_0: left promiscuous mode [ 404.259064][T32149] hsr_slave_1: left promiscuous mode [ 404.353051][T32135] smc: removing ib device syz! [ 404.401578][T32141] smc: removing ib device syz1 [ 404.430351][T11101] loop2: detected capacity change from 0 to 8192 [ 404.488512][T10966] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 404.507638][T11101] loop2: p1 p2 p3 [ 404.511410][T11101] loop2: p1 start 51379968 is beyond EOD, truncated [ 404.573566][T11117] loop4: detected capacity change from 0 to 512 [ 404.580564][T11101] loop2: p3 size 100663552 extends beyond EOD, truncated [ 404.604712][T10966] team0: Port device team_slave_0 added [ 404.626688][T10966] team0: Port device team_slave_1 added [ 404.809926][T11117] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 404.838455][T10966] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 404.845449][T10966] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 404.872511][T10966] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 404.911486][T11128] netlink: 'syz.5.18156': attribute type 1 has an invalid length. [ 404.958511][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 404.997884][T10966] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 405.004965][T10966] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 405.031593][T10966] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 405.045521][T11132] loop1: detected capacity change from 0 to 128 [ 405.343232][T10966] hsr_slave_0: entered promiscuous mode [ 405.354063][T10966] hsr_slave_1: entered promiscuous mode [ 405.360043][T10966] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 405.369195][T10966] Cannot create hsr debugfs directory [ 405.391501][T11149] __nla_validate_parse: 7 callbacks suppressed [ 405.391515][T11149] netlink: 844 bytes leftover after parsing attributes in process `syz.4.18166'. [ 405.470432][T32149] IPVS: stop unused estimator thread 0... [ 405.862979][T11174] program syz.2.18176 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 405.900332][T11174] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 406.154866][T11195] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 406.166869][T10966] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 406.783972][T10966] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 406.862442][T11209] netlink: 844 bytes leftover after parsing attributes in process `syz.1.18192'. [ 406.873385][T10966] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 406.901467][T10966] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 406.930691][T11217] netlink: 'syz.2.18203': attribute type 10 has an invalid length. [ 406.938677][T11217] netlink: 16 bytes leftover after parsing attributes in process `syz.2.18203'. [ 406.989228][T11223] loop1: detected capacity change from 0 to 1024 [ 407.004306][T11223] EXT4-fs: Ignoring removed orlov option [ 407.010742][T11223] EXT4-fs: Ignoring removed nomblk_io_submit option [ 407.046716][T10966] 8021q: adding VLAN 0 to HW filter on device bond0 [ 407.077291][T10966] 8021q: adding VLAN 0 to HW filter on device team0 [ 407.089414][T32141] bridge0: port 1(bridge_slave_0) entered blocking state [ 407.096480][T32141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 407.107004][T11223] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 407.138014][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 407.138027][ T30] audit: type=1326 audit(385.869:21817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11228 comm="syz.4.18198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 407.186170][T10966] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 407.196634][T10966] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 407.220883][T11223] EXT4-fs (loop1): shut down requested (2) [ 407.246192][T11223] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=15 [ 407.262595][T11223] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=15 [ 407.275405][ T30] audit: type=1326 audit(385.934:21818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11228 comm="syz.4.18198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 407.299115][ T30] audit: type=1326 audit(385.934:21819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11228 comm="syz.4.18198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 407.322342][ T30] audit: type=1326 audit(385.934:21820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11228 comm="syz.4.18198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 407.386756][T32141] bridge0: port 2(bridge_slave_1) entered blocking state [ 407.393973][T32141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 407.576699][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 407.630321][ T30] audit: type=1400 audit(386.299:21821): avc: denied { read } for pid=11240 comm="syz.5.18204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 407.802857][T10966] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 407.942652][T10966] veth0_vlan: entered promiscuous mode [ 407.983863][T11269] loop2: detected capacity change from 0 to 128 [ 408.006153][T10966] veth1_vlan: entered promiscuous mode [ 408.064786][T10966] veth0_macvtap: entered promiscuous mode [ 408.081443][T10966] veth1_macvtap: entered promiscuous mode [ 408.092523][T10966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.103031][T10966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.112858][T10966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.123405][T10966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.133275][T10966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.143782][T10966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.153645][T10966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.164160][T10966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.177131][T10966] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 408.188370][T10966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.198909][T10966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.208736][T10966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.219221][T10966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.229059][T10966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.239492][T10966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.255291][T10966] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 408.310527][T11279] loop2: detected capacity change from 0 to 512 [ 408.335083][T11279] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 408.350675][T10966] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 408.359503][T10966] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 408.368228][T10966] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 408.376964][T10966] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 408.404417][T11279] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 408.472937][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 408.727894][ T30] audit: type=1326 audit(387.347:21822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11301 comm="syz.2.18220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 408.751114][ T30] audit: type=1326 audit(387.347:21823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11301 comm="syz.2.18220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 408.774271][ T30] audit: type=1326 audit(387.347:21824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11301 comm="syz.2.18220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 409.020345][T11323] tun0: tun_chr_ioctl cmd 1074025677 [ 409.036544][T11323] tun0: linktype set to 768 [ 409.077450][T11325] netlink: 'syz.1.18242': attribute type 10 has an invalid length. [ 409.089148][T11329] loop2: detected capacity change from 0 to 512 [ 409.104247][T11329] EXT4-fs: Ignoring removed oldalloc option [ 409.165085][T11329] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.18233: Parent and EA inode have the same ino 15 [ 409.180964][T11325] team0: Cannot enslave team device to itself [ 409.220697][T11329] EXT4-fs (loop2): Remounting filesystem read-only [ 409.227218][T11329] EXT4-fs warning (device loop2): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 409.243520][T11329] EXT4-fs (loop2): 1 orphan inode deleted [ 409.249656][T11329] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 409.261773][T11329] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 409.315523][T11329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 409.414879][ T30] audit: type=1326 audit(387.992:21825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11344 comm="syz.3.18241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f864d169 code=0x7ffc0000 [ 409.438159][ T30] audit: type=1326 audit(387.992:21826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11344 comm="syz.3.18241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f864d169 code=0x7ffc0000 [ 409.603594][T11353] xt_hashlimit: max too large, truncated to 1048576 [ 409.954602][T11375] netlink: 'syz.3.18256': attribute type 10 has an invalid length. [ 410.002916][T11375] hsr_slave_0: left promiscuous mode [ 410.013177][T11378] loop4: detected capacity change from 0 to 1024 [ 410.020025][T11378] EXT4-fs: Ignoring removed bh option [ 410.034242][T11375] hsr_slave_1: left promiscuous mode [ 410.057634][T11378] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 410.105229][T11378] EXT4-fs error (device loop4): ext4_xattr_set_entry:1668: inode #15: comm syz.4.18258: corrupted xattr entries [ 410.208981][T11389] loop2: detected capacity change from 0 to 1024 [ 410.251306][T11378] EXT4-fs error (device loop4): ext4_xattr_block_set:2218: inode #15: comm syz.4.18258: bad block 113 [ 410.262671][T11389] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 410.273613][T11389] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 410.338686][T11389] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 410.358147][T11389] EXT4-fs (loop2): invalid journal inode [ 410.363864][T11389] EXT4-fs (loop2): can't get journal size [ 410.372533][T11389] EXT4-fs error (device loop2): ext4_protect_reserved_inode:182: inode #3: comm syz.2.18261: blocks 2-2 from inode overlap system zone [ 410.388094][T11389] EXT4-fs (loop2): failed to initialize system zone (-117) [ 410.395326][T11389] EXT4-fs (loop2): mount failed [ 410.419029][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 411.202815][T11433] batadv_slave_1: entered promiscuous mode [ 411.217397][T11432] batadv_slave_1: left promiscuous mode [ 411.545496][T11456] loop1: detected capacity change from 0 to 128 [ 411.563037][T11456] EXT4-fs warning (device loop1): ext4_init_metadata_csum:4624: metadata_csum and uninit_bg are redundant flags; please run fsck. [ 411.576583][T11456] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum. Run e2fsck? [ 411.985375][T11473] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18300'. [ 412.107575][T11481] netlink: 1068 bytes leftover after parsing attributes in process `syz.1.18304'. [ 412.147640][T11486] netlink: 12 bytes leftover after parsing attributes in process `syz.5.18307'. [ 412.301189][T11499] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18313'. [ 412.397552][T11507] netlink: 'syz.5.18327': attribute type 10 has an invalid length. [ 412.431545][T11507] hsr_slave_0: left promiscuous mode [ 412.439287][T11507] hsr_slave_1: left promiscuous mode [ 412.612255][T11518] loop3: detected capacity change from 0 to 512 [ 412.634700][T11518] EXT4-fs: Ignoring removed orlov option [ 412.656302][T11518] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 412.697265][T11518] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.18320: bg 0: block 248: padding at end of block bitmap is not set [ 412.718597][T11518] __quota_error: 59 callbacks suppressed [ 412.718610][T11518] Quota error (device loop3): write_blk: dquota write failed [ 412.731763][T11518] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 412.741881][T11518] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.18320: Failed to acquire dquot type 1 [ 412.757321][T11518] EXT4-fs (loop3): 1 truncate cleaned up [ 412.763982][T11518] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 412.779620][T11518] EXT4-fs: Ignoring removed orlov option [ 412.785521][T11518] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 412.794161][ T30] audit: type=1326 audit(391.164:21886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11533 comm="syz.4.18328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 412.817374][ T30] audit: type=1326 audit(391.164:21887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11533 comm="syz.4.18328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 412.840847][ T30] audit: type=1326 audit(391.201:21888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11533 comm="syz.4.18328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 412.916691][ T30] audit: type=1326 audit(391.229:21889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11533 comm="syz.4.18328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 412.939831][ T30] audit: type=1326 audit(391.229:21890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11533 comm="syz.4.18328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63f7f9d169 code=0x7ffc0000 [ 413.035077][T11518] EXT4-fs error (device loop3): __ext4_remount:6738: comm syz.3.18320: Abort forced by user [ 413.064110][T11518] EXT4-fs (loop3): Remounting filesystem read-only [ 413.070691][T11518] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 413.179418][T11553] netlink: 'syz.1.18336': attribute type 10 has an invalid length. [ 413.196223][T10966] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 413.216275][T11553] hsr_slave_0: left promiscuous mode [ 413.239596][T11553] hsr_slave_1: left promiscuous mode [ 413.270208][T11558] netlink: 1068 bytes leftover after parsing attributes in process `syz.3.18339'. [ 413.387827][T11567] 9pnet: Could not find request transport: 0xffffffffffffffff [ 413.595841][T11580] netlink: 40 bytes leftover after parsing attributes in process `syz.3.18351'. [ 413.619250][ T30] audit: type=1326 audit(391.931:21891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11581 comm="syz.2.18352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 413.642346][ T30] audit: type=1326 audit(391.931:21892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11581 comm="syz.2.18352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 413.665654][ T30] audit: type=1326 audit(391.931:21893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11581 comm="syz.2.18352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7fc8b1b6d169 code=0x7ffc0000 [ 414.217531][T11589] loop3: detected capacity change from 0 to 128 [ 414.224572][T11589] EXT4-fs warning (device loop3): ext4_init_metadata_csum:4624: metadata_csum and uninit_bg are redundant flags; please run fsck. [ 414.238040][T11589] EXT4-fs (loop3): VFS: Found ext4 filesystem with invalid superblock checksum. Run e2fsck? [ 414.251101][T11592] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 414.491915][T11616] program syz.3.18367 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 414.703006][T11629] loop4: detected capacity change from 0 to 512 [ 414.760747][T11629] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 414.908608][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 414.918679][T11641] netlink: 68 bytes leftover after parsing attributes in process `syz.3.18378'. [ 414.952270][T11647] loop2: detected capacity change from 0 to 512 [ 414.985730][T11647] EXT4-fs (loop2): 1 orphan inode deleted [ 414.991869][T11647] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 415.027078][T32141] EXT4-fs error (device loop2): ext4_release_dquot:6950: comm kworker/u8:43: Failed to release dquot type 1 [ 415.053745][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.176959][T11666] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 415.250726][T11668] loop1: detected capacity change from 0 to 512 [ 415.269931][T11668] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 415.313859][ T1673] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.338684][T11675] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18393'. [ 415.353997][T11677] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18392'. [ 415.382584][T11677] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18392'. [ 415.593852][T11702] loop4: detected capacity change from 0 to 512 [ 416.182987][T11702] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 416.478823][ T5807] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 416.515727][T11730] loop1: detected capacity change from 0 to 2048 [ 416.679467][T11738] loop4: detected capacity change from 0 to 128 [ 416.693577][T11729] loop3: detected capacity change from 0 to 2048 [ 416.747119][T11738] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 416.775519][ T5807] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 416.814981][T11729] loop3: p1 < > p4 < > [ 417.158921][T11788] loop2: detected capacity change from 0 to 128 [ 417.210930][T11788] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 417.262054][ T3301] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 417.408185][ C1] ================================================================== [ 417.416379][ C1] BUG: KCSAN: data-race in can_receive / can_stat_update [ 417.423416][ C1] [ 417.425740][ C1] read-write to 0xffff8881188e7ae8 of 8 bytes by interrupt on cpu 0: [ 417.433805][ C1] can_receive+0x62/0x1f0 [ 417.438140][ C1] canfd_rcv+0xe7/0x180 [ 417.442302][ C1] __netif_receive_skb+0x123/0x280 [ 417.447426][ C1] process_backlog+0x22e/0x440 [ 417.452205][ C1] __napi_poll+0x63/0x3c0 [ 417.456545][ C1] net_rx_action+0x3a1/0x7f0 [ 417.461149][ C1] handle_softirqs+0xbf/0x280 [ 417.465834][ C1] run_ksoftirqd+0x1c/0x30 [ 417.470261][ C1] smpboot_thread_fn+0x31c/0x4c0 [ 417.475205][ C1] kthread+0x4ae/0x520 [ 417.479284][ C1] ret_from_fork+0x4b/0x60 [ 417.483715][ C1] ret_from_fork_asm+0x1a/0x30 [ 417.488485][ C1] [ 417.490812][ C1] read to 0xffff8881188e7ae8 of 8 bytes by interrupt on cpu 1: [ 417.498484][ C1] can_stat_update+0x58d/0x7f0 [ 417.503255][ C1] call_timer_fn+0x3a/0x300 [ 417.507799][ C1] __run_timer_base+0x417/0x640 [ 417.512664][ C1] run_timer_softirq+0x31/0x70 [ 417.517439][ C1] handle_softirqs+0xbf/0x280 [ 417.522126][ C1] __irq_exit_rcu+0x3a/0xc0 [ 417.526647][ C1] sysvec_apic_timer_interrupt+0x73/0x80 [ 417.532301][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 417.538315][ C1] __tsan_read8+0x31/0x180 [ 417.542741][ C1] __memcg_kmem_charge_page+0x53/0x170 [ 417.548212][ C1] __alloc_frozen_pages_noprof+0x1bc/0x340 [ 417.554043][ C1] __alloc_pages_noprof+0x9/0x20 [ 417.559003][ C1] bpf_ringbuf_alloc+0xba/0x2f0 [ 417.563870][ C1] ringbuf_map_alloc+0x16b/0x1d0 [ 417.568816][ C1] map_create+0x850/0xb70 [ 417.573162][ C1] __sys_bpf+0x667/0x7a0 [ 417.577433][ C1] __x64_sys_bpf+0x43/0x50 [ 417.581857][ C1] x64_sys_call+0x2914/0x2dc0 [ 417.586546][ C1] do_syscall_64+0xc9/0x1c0 [ 417.591068][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.596970][ C1] [ 417.599314][ C1] value changed: 0x000000000001a947 -> 0x000000000001a948 [ 417.606428][ C1] [ 417.608748][ C1] Reported by Kernel Concurrency Sanitizer on: [ 417.614898][ C1] CPU: 1 UID: 0 PID: 11822 Comm: syz.1.18458 Tainted: G W 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0 [ 417.627233][ C1] Tainted: [W]=WARN [ 417.631038][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 417.641089][ C1] ==================================================================