last executing test programs: 3m56.823856812s ago: executing program 32 (id=1767): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = dup(r0) bind$l2tp(r1, &(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, 0x10) 3m37.646401132s ago: executing program 33 (id=2590): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) unshare(0x8020680) poll(&(0x7f0000000080)=[{r0, 0x8400}], 0x1, 0x6) 3m28.722478301s ago: executing program 34 (id=3615): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4ed, &(0x7f00000005c0)="$eJzs3d9rW28ZAPDnpM1st8526sUcuBVRtqFL2tVtxYttgujVQJ33XW3TUpo2pUm3tQzp8FoEERW90StvBP8AQfYniDDQ+yGiDNnmhRdq5CQnW79d0nYsafZtPx94+77nR87zvAk5yXvOaU4Ax9Z4RNyOiIGIuBwRo9n8XFZiu1nS9V6+eDSXliTq9bv/TCLJ5rW2lWT1qexhQxHxnW9GfC9JmjN2qG5uLc+Wy6X1bLpYW1krVje3riytzC6WFkurU1OT16dvTF+bnuhaX29+/W8//dFvvnHzD19+8GzmH5e+n+Y7ki3b2Y9uaj4n+cZz0TIYEeu9CNYHA1l/8gdZOel9PgAA7C39jv+piPh8RLz6Rb+zAQAAAHqhfmsk/pNE1AEAAIAjK9e4BjbJFbJrAUYilysUmtfwfiZuRblSrX1pobKxOt+8VnYs8rmFpXJpIrtWeCzySTo92Wi/mb66a3oqIs5ExE9GhxvThblKeb7fBz8AAADgmEjH+SO5Zjut/jXaHP8DAAAAR8xYvxMAAAAAes74HwAAAI6+t8f/480qGTz8ZAAAAIBu+9adO2mpt+5/PX9/c2O5cv/KfKm6XFjZmCvMVdbXCouVymLjN/tW9tteuVJZ+0qsbjws1krVWrG6uTWzUtlYrc007us9UzrQfaIBAACArjpz4clfkojY/upwo6ROZMuM1eFoy73b6kmv8gAO30C/EwD6xgW+cHwZ4wP7DeyHDikPAACgdy5+9vX5/+HYcf7/9DPHBuCoe8fz/8AR4vw/HF+7zv//ql95AIfPGB/Y7zhAx/P/f+x+LgAAQG+MNEqSK2RjgJHI5QqFiNON2wLkk4WlcmkiIj4ZEX8ezX8inZ7sd9IAAAAAAAAAAAAAAAAAAAAAAAAA8DFTrydRBwAAAI60iNzfk4hIYihi9Asju48PnEj+PdqoI+LBL+/+7OFsLSLupbNez6/9vDG/tn61DwcwAAAAgLe0xumN2o38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiyly8ezbXKYcZ9/rWIGGsXfzCGGvVQ5CPi5KskBnc8LomIgS7E334cEWfbxU/StGIsy2J3/FxEDPc5/qkuxIfj7Em6/7nd7v2Xi/FG3f79N5iV9/V8vNP+L/d6/zfQYf93ep9tn8jqc09/V+wY/3HEucH2+59W/OQ997/3vru11WlZ/dcRF9t+/iQfiVWsrawVq5tbV5ZWZhdLi6XVqanJ69M3pq9NTxQXlsql7G/bGD/+3O//t1f/T3aIP9ap/0kzp3q9/TYv7Jr+79OHLz7dbsUk4vkPs3ab1/9sp/jZc//F7HMgXX6x1d5utnc6/9s/nd+r//Md+r/f63+p00Z3ufztH/y12cof8BEAQC9VN7eWZ8vl0vpBG+mg98ArH2Ij7cwHkEYXG+MfRhoax7PR7z0TAADQbW++9Pc7EwAAAAAAAAAAAAAAAAAAADi+Wv//3/ot5178nNjOeEOtRpIcel8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPby/wAAAP//nXrOGw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, 0x0) 3m28.694193381s ago: executing program 35 (id=3035): keyctl$clear(0x3, 0xfffffffffffffffd) keyctl$set_reqkey_keyring(0xe, 0x4) request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)=')\x80', 0x0) 3m5.569665113s ago: executing program 8 (id=5215): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x67) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x10, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000010000b7080000000000007b8af8ff00000000ad080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0xe, 0x0, &(0x7f0000000080)="00faff0f0001eeff7f6faf9a1e4d", 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m4.983349121s ago: executing program 4 (id=5240): rt_sigaction(0xa, &(0x7f0000000140)={&(0x7f0000000500)="2437460f1c2bdfd5c4a2f10027460f38e7418f69d8909ca3000810ffa5c43b3bc4e211acf036fe0d4e486df513bb559a00000f75bed5370b1c2665d2950e000000dbf5", 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000300)) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r0, &(0x7f0000000340)=[{&(0x7f0000000180)=""/109, 0x6d}], 0x1, 0x0, 0x0) 3m4.921771423s ago: executing program 4 (id=5245): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='\xa3\xa3Q', &(0x7f0000000480)="e2", 0x1) 3m4.871765163s ago: executing program 4 (id=5249): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) r0 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x10, 0x1403, 0x1, 0x70bd2d}, 0x10}, 0x1, 0x0, 0x0, 0x854}, 0x0) 3m4.859240363s ago: executing program 4 (id=5250): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xffff, 0x0, "4ae23ae17df2e98c69ba36c4095c911abad88f"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x9) 3m4.730094475s ago: executing program 8 (id=5256): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmsg$inet6(r0, &(0x7f0000000440)={&(0x7f0000000240)={0xa, 0x4e22, 0x3, @remote, 0x1}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000340)="ce", 0x1}], 0x1}, 0x44044) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, 0x0, 0x0) 3m4.729629406s ago: executing program 4 (id=5260): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000006c0)=0x40) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x10) 3m4.729029756s ago: executing program 4 (id=5268): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020a0702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x393, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='sys_enter\x00', r0}, 0x18) getrandom(0x0, 0x0, 0x2) 3m4.675676596s ago: executing program 8 (id=5264): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000000)=0x800, 0x4) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x6, 0x8012, r0, 0x0) 3m4.551081048s ago: executing program 8 (id=5272): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_SET_FLAGS(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000700)={0x30, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x441c0) 3m4.546976448s ago: executing program 8 (id=5274): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000006c0)=0x40) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x10) 3m4.509910859s ago: executing program 8 (id=5275): iopl(0x3) sendmsg$inet(0xffffffffffffffff, 0x0, 0x44000) bpf$PROG_BIND_MAP(0x23, 0x0, 0x0) 2m59.520514057s ago: executing program 5 (id=5425): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0xb0000021}) 2m59.488375667s ago: executing program 5 (id=5427): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000001c0), 0x4) cachestat(r0, &(0x7f0000000040), &(0x7f0000000080), 0x0) 2m59.429795968s ago: executing program 5 (id=5431): mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x551083, 0x40) 2m59.379879449s ago: executing program 5 (id=5435): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0, 0xc}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000010c0)=ANY=[@ANYBLOB="b702000000004000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000000000006a0a00fe00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf0dd467b592f868ee30ad5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c7c56f0979bd10b6d0e196bf02f46c7953ab1abda45cbe8d0d24b5069f8a98f7dc8f76b74635fc9f9de9ca3c00cb9bf4e4fd8f36e15fdd97870f2bdf4000000000000b0c2940dd8e263aa743f0400000000000000b100400600e1ffff8816326d7d25c32aac1c5d5b5be399f6609876b5887437a172fbc02a74067529194e533583412dff048f0000000000000000b2728a0481e9d6da43bb6cfb851cd364ff19ffcafe3e64be033c9d2f002cc93c1c13caec04a347903420336bec88c24a9fb6a6991ddb737d527d6acb15426415b6e8b1cbf698fce63a4fdfa2c6e94bd0339454c13ad3e328a100000000b515a1000000000000000eb2e9c15b6c8f6198282df27badac8507bc7d202e0990e0000000008919b3efce02a602b4ad38098774d1feaf5f277a4462a2fff2d6ff4780f9a30a2a5f5f284c00ad35e0a6f6a0f9dae214546d24ff6a9b8ced90b508dc3b55a8259614b731af86503e5849dc87ab86ec0f6a48f0d32f0d4a5f6a03c33600000bb44f2d80363dee9163424ac31469266877942abdbbb3729fd59c0ff048ed3fb58c81b76100aeaa4619668a2c4ef4e159d4594396864965422fe5f8c8181309becc88091dd6641c2d7e5a68ecbe778f2aae1742b92dc6854de98da66f8e38d1eca95809b738c8ddcf4cf1693cf61c2ae0a9c27bd1a6f1e72550fbb1f1543a9bcd48de44e837db44e2be1c364f1cdb53a1ed4169434fc8f705e262fb793cf25bcd60310991f0b0634fa08308c7105e2378d42eb22e035a88305f8342834cba801f76f820ed6def799116ce2336cd308544fbd3b74e0600968fce3c425729a77e3d089356654680e715f4ce5c1a39e4a63d8a67d6dbe1d3c26affdb25cbe15923f62849392cf4fb0327877e22a4dc617a5541a7fb89223888c76d65850dd99997e727557a477a1131d06f6f7360cfcf137ccd2e0d516bb31be411b0c7bd1bd24d3dc2d8e3f4cdfa872b66d89332e313934e9e9a3471f7170832a753bb2a8e4aa6321b1a6546a56e4121231380b04eb55337c7edc66d6e3400b06fcb31b659be19cff61cfac6f1b771967a60efb51c206ea0cbab9bef181cc917fca894189514e85d6e1d9249f8caa701b4357ae5b9117225d1f5ca89a4bb7d49086ea61948926db5132f2e29bf45a1429c19ba1adc457e2963d1474d85aeb3cca158e3fd4b7a05250ceafd44f46af924916ce9ce9a8881aad996ddaaf3fbd52e636367e9f90ab1c773fa96e538e7f87a21206a804524e1dc9fea9772b009bc49a8d787a90e78badf58e37b3cf6f64861d416e859994e4deca6f39551e73c7e332de66be92ecb94e63ecbc07f8f799536be0da90fa824b3f4965caa19b5556907746aec5db9fea5e5e69de3bd13a70c1374683a0e63ff6f6f51136d16e04bbd8ba0c96e0b562f5425614d80de6ba5e901587bb5c1f83382aab6efcccef90fdbebcc4ffed3af40365583fb800cf5ec6496a2a47f2217c7160f88b192ddec89558140447ec86726db3bfe9d22390085b1638f9ebf3219b426dcb69ff80f5b5be82803555c8421c17c9d39f9c1de9e8e7dedf826b00fd8860046e36f790e8e6796db3b778ff4f0fc2b79a5ca96ff3907452ed76bc5e63218ea96866ae2b265ab11206301bfb909a7fd77653c73b6d46a242864f839e5646cc5ada07fba0d9cf6f840179c34de5e9aa58d5b1ca5327dc945267524b8c363b7f847491b5939cf608927c797af1300"/1426], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0xffff0002, 0xf0, 0xffffff87, &(0x7f0000001a40)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x48) 2m59.202813902s ago: executing program 5 (id=5440): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) 2m59.202297542s ago: executing program 5 (id=5442): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000080)={0x100, r1, 0x1, 0xff7fffff, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x1, 0xb, 0x4}, {0x6}, {0x5}, {0x6}, {0x8, 0xb, 0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x9}}, {0x8, 0xb, 0x82}, {0x6, 0x16, 0x1}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0xffff}, {0x8, 0xb, 0x2f}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x7}, {0x6, 0x16, 0xd3}, {0x5}, {0x6, 0x11, 0x800}, {0x8}}]}, 0x100}, 0x1, 0x0, 0x0, 0x20004090}, 0x0) 2m49.344775506s ago: executing program 36 (id=5275): iopl(0x3) sendmsg$inet(0xffffffffffffffff, 0x0, 0x44000) bpf$PROG_BIND_MAP(0x23, 0x0, 0x0) 2m49.306280837s ago: executing program 37 (id=5268): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020a0702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x393, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='sys_enter\x00', r0}, 0x18) getrandom(0x0, 0x0, 0x2) 2m44.113353437s ago: executing program 38 (id=5442): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000080)={0x100, r1, 0x1, 0xff7fffff, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x1, 0xb, 0x4}, {0x6}, {0x5}, {0x6}, {0x8, 0xb, 0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x9}}, {0x8, 0xb, 0x82}, {0x6, 0x16, 0x1}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0xffff}, {0x8, 0xb, 0x2f}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x7}, {0x6, 0x16, 0xd3}, {0x5}, {0x6, 0x11, 0x800}, {0x8}}]}, 0x100}, 0x1, 0x0, 0x0, 0x20004090}, 0x0) 55.531552923s ago: executing program 2 (id=12323): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x18}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000240)="b9ff03316844268cb89e14f00800", 0x0, 0x9, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 55.460331484s ago: executing program 2 (id=12326): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c0000001d00070f000000000000000007000000", @ANYRES32=r1, @ANYBLOB="0000520006000500010000000800", @ANYRES32=r1], 0x2c}}, 0x20008000) 54.419819421s ago: executing program 2 (id=12333): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x3c, 0x68, 0x1, 0xfcfd, 0x0, {0x2, 0x0, 0x0, 0x0, 0x4}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x4}, @NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @LWTUNNEL_IP6_TC={0x5}}, @NHA_ID={0x8, 0x6, 0xa00}, @NHA_OIF={0x8, 0x5, r1}]}, 0x3c}}, 0x0) 54.349114602s ago: executing program 2 (id=12340): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10) fchdir(0xffffffffffffffff) 54.329599662s ago: executing program 2 (id=12341): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000200)={0x10}) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000140)={0x0, 0x3, 0x890a, 0x3}) 54.299058582s ago: executing program 2 (id=12343): mkdir(&(0x7f0000000140)='./file0\x00', 0x12) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='debugfs\x00', 0x10040, 0x0) mount$tmpfs(0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x1830422, &(0x7f0000000000)={[{@mode={'mode', 0x3d, 0xb9c}}]}) 39.244287518s ago: executing program 39 (id=12343): mkdir(&(0x7f0000000140)='./file0\x00', 0x12) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='debugfs\x00', 0x10040, 0x0) mount$tmpfs(0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x1830422, &(0x7f0000000000)={[{@mode={'mode', 0x3d, 0xb9c}}]}) 19.606414304s ago: executing program 7 (id=14165): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0) 19.577732674s ago: executing program 7 (id=14169): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x1f8, 0x65, 0x2, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0x6}}, [@filter_kind_options=@f_bpf={{0x8}, {0xc4, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_FD={0x8}, @TCA_BPF_ACT={0x9c, 0x1, [@m_xt={0x98, 0xa, 0x0, 0x0, {{0x7}, {0x4}, {0x6d, 0x6, "b02aff89fcb734ba3a7e4bbe7dbf80c9a578cea6f50e70b62c55c42e0420d8c5c688a7cd0b82ff660cc3f662c705e961800970f1285c53934973ac141cc9f45366c1b500c5ef5cf4034b294d4651a863b0842a90625ee18c1d91b04ca14f29de60a80dd02807b5f522"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_route={{0xa}, {0xf4, 0x2, [@TCA_ROUTE4_POLICE={0x10, 0x5, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x8}]}, @TCA_ROUTE4_FROM={0x8, 0x3, 0xc7}, @TCA_ROUTE4_TO={0x8, 0x2, 0x5e}, @TCA_ROUTE4_ACT={0xb8, 0x6, [@m_skbmod={0xb4, 0x10, 0x0, 0x0, {{0xb}, {0x18, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x8}, @TCA_SKBMOD_SMAC={0xa, 0x4, @remote}]}, {0x71, 0x6, "7901b3fc3a31098ccc741994d7db7a507cbf22a1ff0285366899077d32faa55f59c3af121f3f1a3ae833a52c0446aab12aca4e1ec36703c61ad4b3cfaee575c7bde6f1bafa790c413614b03d5b1d4e608aae7142a7021a7f5fa9ccf9f39bccb465fd579a2c5f80ff4f3741ddac"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_TO={0x8, 0x2, 0x92}, @TCA_ROUTE4_CLASSID={0x8, 0x1, {0xa, 0x6}}]}}]}, 0x1f8}, 0x1, 0x0, 0x0, 0x81}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 19.529668515s ago: executing program 7 (id=14174): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) setrlimit(0x9, &(0x7f0000000000)) io_setup(0x2004, &(0x7f0000000680)) 19.493730345s ago: executing program 7 (id=14177): creat(&(0x7f00000000c0)='./file0\x00', 0x198) io_setup(0x1, &(0x7f00000012c0)=0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) io_submit(r0, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f0000000080)="4e8fc38e", 0xb, 0x200000000004}]) 19.434198956s ago: executing program 7 (id=14182): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) open(&(0x7f0000000140)='./file1\x00', 0x141242, 0x40) unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0) 19.396761398s ago: executing program 7 (id=14183): io_setup(0x281, &(0x7f0000000100)=0x0) io_pgetevents(r0, 0x1, 0x1, &(0x7f0000000000)=[{}], 0x0, 0x0) r1 = memfd_create(&(0x7f0000000600)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o84I\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HO\x00\x00\x00\x00R\xfc\xcb%u3\xec\xde%\x9d\xe4\x1d\rD\x82S\x17?\xd6\xb1\x9aF\xe2\xba[\xc7QR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11\x17\xd8\xda@4\x9f\xc5*T\x1e^\xf7o\xff\xff\xff\xffwI\x02\xf3\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\xa5\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\xae\xb8\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc99\t&\xbdq\x06`T\xc8\x92\xaf\xad\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\xf1\x1b\xe6\xb9\xe7\xff\xc5H\x04\x93\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94\xfe2.{\xc1\xbe\x9bth~\xcb\xb9E\x10W\xed\xed51[z\xb6>\xd3\xe7Y*\xdb\xa7h\nt\xddP\n\xc5\xeb\xb1ux\x94@\x00\x00g\x02D9\x83\xa7\x97\xf4\xb25wL\x97\xfb\xb9\xccj\xb3\x96\xc1@\xee`{\x87\xa8]\x96\x9cjF^+\xcc1l\xcbmA,5\xc4J\xcab\xa6\x91\xa0\xeaU\x92\x01\x1f,\xfa\x10\"+\x01\x00\x91\xe9\x1cz\xd1f\x901\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00o\"\x85Np\xba\x0e<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb8V\xe4\xa1C\x90\x17\xcc{\x9d\xf1\xbd\xb0\xca\x03\x96\x85h}\x8f\x1c)X\xc83rA\x90r\xb6\xba!;\x95\xaf\xe0\xcb\xec\xcd$\x02f\x8c4\x1aH\x8fC\xbfr\xd39\x92\x1fShu\x9e\b\xd4m\xa8\x16\xa6\xd5\xae\xcb\x03oFQ\"\xf7F\xb7\vp\xb6\xe5\x92\xe2O}.\x95A\x9bH\x8d\xa1\x80\x1b\x14u\xfdK\xce\xaf\x94i\xf1s\xf7\xb8Jq\xcb3=M\x84\x7f\x181/\x9bQ|4\xaf\xcf\r\xcfz Z\x19\xad_\x13\x99\xf7\xfdOD\xd3\x9d\x9d\xb8d5g\xf1\x84\xbd\xe5\xa2\xb3\xda\x82\x10n1\xed\xba\xe3\x96\x85\"\xb6\xa6n\xe7\xfd\xd4\a\x97\x85\x810/\xc4o\x11\xc8\x1b\xc0\f\xeec\xa4\x7f|P\x00\x00\x00\x000p\xaf\xfdk\xac\xcc\xac`\xc9\a<\xadIt\x9b\xeb\x8a\xfe\x9b\aO\xa5?h\xe1B\xa8C\x8e;/\xa8\x94\x1bs\xf0\xa9>\x9e\xff\xc9\xd2\x00h\xcb\xfb\xb6Y\xbfp\xd8\x90\x96\xec\x83N\x8bNnx\xb6\x16Y\xf8sU\xae\xa0\b\x8cLq\n\x1f\x99t\xb6\xffozu\xa0B(\xe9?\xcdA\xba\xa8\x13Qc\xda\x16?\xe8z\x8f\x862!\xbf\xa4\xb8\x9bC\xe9Od\xe8\xd32m\x06RX\x7f\xf7\xc2\n\x94\xe5P:l\xd9\xd5\xbd\rH6-\x8a\x12m\xff\xe9\xa0\r\tk\xda\xa4q(\xae\\\xb6\x14I\xf7\xe0z\xf10x0) io_pgetevents(r0, 0x1, 0x1, &(0x7f0000000000)=[{}], 0x0, 0x0) r1 = memfd_create(&(0x7f0000000600)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o84I\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HO\x00\x00\x00\x00R\xfc\xcb%u3\xec\xde%\x9d\xe4\x1d\rD\x82S\x17?\xd6\xb1\x9aF\xe2\xba[\xc7QR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11\x17\xd8\xda@4\x9f\xc5*T\x1e^\xf7o\xff\xff\xff\xffwI\x02\xf3\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\xa5\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\xae\xb8\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc99\t&\xbdq\x06`T\xc8\x92\xaf\xad\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\xf1\x1b\xe6\xb9\xe7\xff\xc5H\x04\x93\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94\xfe2.{\xc1\xbe\x9bth~\xcb\xb9E\x10W\xed\xed51[z\xb6>\xd3\xe7Y*\xdb\xa7h\nt\xddP\n\xc5\xeb\xb1ux\x94@\x00\x00g\x02D9\x83\xa7\x97\xf4\xb25wL\x97\xfb\xb9\xccj\xb3\x96\xc1@\xee`{\x87\xa8]\x96\x9cjF^+\xcc1l\xcbmA,5\xc4J\xcab\xa6\x91\xa0\xeaU\x92\x01\x1f,\xfa\x10\"+\x01\x00\x91\xe9\x1cz\xd1f\x901\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00o\"\x85Np\xba\x0e<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb8V\xe4\xa1C\x90\x17\xcc{\x9d\xf1\xbd\xb0\xca\x03\x96\x85h}\x8f\x1c)X\xc83rA\x90r\xb6\xba!;\x95\xaf\xe0\xcb\xec\xcd$\x02f\x8c4\x1aH\x8fC\xbfr\xd39\x92\x1fShu\x9e\b\xd4m\xa8\x16\xa6\xd5\xae\xcb\x03oFQ\"\xf7F\xb7\vp\xb6\xe5\x92\xe2O}.\x95A\x9bH\x8d\xa1\x80\x1b\x14u\xfdK\xce\xaf\x94i\xf1s\xf7\xb8Jq\xcb3=M\x84\x7f\x181/\x9bQ|4\xaf\xcf\r\xcfz Z\x19\xad_\x13\x99\xf7\xfdOD\xd3\x9d\x9d\xb8d5g\xf1\x84\xbd\xe5\xa2\xb3\xda\x82\x10n1\xed\xba\xe3\x96\x85\"\xb6\xa6n\xe7\xfd\xd4\a\x97\x85\x810/\xc4o\x11\xc8\x1b\xc0\f\xeec\xa4\x7f|P\x00\x00\x00\x000p\xaf\xfdk\xac\xcc\xac`\xc9\a<\xadIt\x9b\xeb\x8a\xfe\x9b\aO\xa5?h\xe1B\xa8C\x8e;/\xa8\x94\x1bs\xf0\xa9>\x9e\xff\xc9\xd2\x00h\xcb\xfb\xb6Y\xbfp\xd8\x90\x96\xec\x83N\x8bNnx\xb6\x16Y\xf8sU\xae\xa0\b\x8cLq\n\x1f\x99t\xb6\xffozu\xa0B(\xe9?\xcdA\xba\xa8\x13Qc\xda\x16?\xe8z\x8f\x862!\xbf\xa4\xb8\x9bC\xe9Od\xe8\xd32m\x06RX\x7f\xf7\xc2\n\x94\xe5P:l\xd9\xd5\xbd\rH6-\x8a\x12m\xff\xe9\xa0\r\tk\xda\xa4q(\xae\\\xb6\x14I\xf7\xe0z\xf10x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1}) io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0) 940.847256ms ago: executing program 0 (id=14828): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000003c0)='./file0\x00', 0x300001a, &(0x7f0000000500)=ANY=[], 0x1, 0x2b6, &(0x7f00000000c0)="$eJzs3UFrY1UUAODz0jSNukgRN4qLB7pwVaZu3bTKCGJXSgR1ocXpgCRhIIWAI5iZ1fwCl/4Pf4IbN/4Dwa3gri6qV17ee01iX9PS1hT1+1an995z73nvQrrKyeevjgYPHmXx9OTn6HazaO3FXvyZxXa0ovYk2nFe0xgA8G/we0rxW7pOZrt1+9UAAOtQ/v8v3XUtAMB6fPjxJ+/vHxzc/yDPu/Fy79mkn0XE6NmkX87vP4wvYxhHcS96cRqRzpTxu+8d3I92XtiO10fTSb/IHH32Y7X//q8Rs/zd6MV2c/5uXlrIn076m/F85LH/cLMutRcvNee/2ZAf/U688dpC/TvRi5++iEcxjAdR5M7zv9nN83fStydff1ocU+RnrehvzdbNpY113gsAAAAAAAAAAAAAAAAAAAAAAP9tO3mele17Zv17iqGq/87G6Wx+J69tL/fnKfOzeqOyP1CKqkXPNMV3dX+de3mep2rhPL8dr7T9iAAAAAAAAAAAAAAAAAAAAAAUjr96PDgcDo/GtxLU3QDqr/Vfd5+9+cjWUrkNi7euftZit4Gi1pWLo92O1RuepNLlz9WqD21e89zFUzcItuaX+1GUQX0xN9o5/e2Fv/h2+ffjwWFeralf8uAwu+ysbr3P94tTnbjpS0izCk/T8p12z0pdzurc0pvvvNA49UdK6Wr7vPVLeUfVSDZrsXG10zeroPEBi6B7/i5+uHjDCz8yNq75UQMAAAAAAAAAAAAAAAAAAFyi/K7vk6PxccPk05WprX+sKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYs/L3/4dH47OgGxHLI+eCaZW8ak0VdGJ8fMePCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/AXwEAAP//wZJM4A==") sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB='|'], 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) creat(&(0x7f00000000c0)='./bus\x00', 0x0) 864.370627ms ago: executing program 0 (id=14829): mmap(&(0x7f00004c7000/0x3000)=nil, 0x3000, 0x0, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0x7, 0x44, 0x0) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000)=0x2, 0x44, 0x0) mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) 795.983698ms ago: executing program 0 (id=14831): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000280)=ANY=[@ANYBLOB="1b0204"], 0x18) sendto$inet6(r0, 0x0, 0x0, 0x4000000, &(0x7f0000000000)={0xa, 0xd9, 0xfffffffc, @empty, 0x100000}, 0x1c) 775.317118ms ago: executing program 0 (id=14833): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r1}, 0x10) syncfs(r2) 690.310429ms ago: executing program 9 (id=14836): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x9, 0x3, 0x8, 0x4, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, [@call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000ac0)={{r0}, &(0x7f0000000a40), 0x0}, 0x20) 682.45052ms ago: executing program 0 (id=14837): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x4, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffff9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) syz_usb_disconnect(0xffffffffffffffff) 646.44978ms ago: executing program 9 (id=14838): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0) 523.971632ms ago: executing program 1 (id=14848): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001680)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffc01, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001c80)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) setxattr$security_selinux(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000040), &(0x7f0000000100)='system_u:object_r:tzdata_exec_t:s0\x00', 0x23, 0x0) 470.501433ms ago: executing program 1 (id=14850): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.numa_stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x6, 0x6}, 0x3c) 441.916423ms ago: executing program 1 (id=14851): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x1, 0x66c, 0x0, 'queue1\x00'}) poll(&(0x7f0000000100)=[{r0}], 0x1, 0x9d) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) 358.853095ms ago: executing program 3 (id=14857): ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0xa5d4}, 0x4c58, 0x0, 0x0, 0x1, 0x8, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) 264.417326ms ago: executing program 1 (id=14859): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) setgid(0xee01) 229.001517ms ago: executing program 3 (id=14860): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000000), 0x4) setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, 0x0, 0x0) setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000080)={@multicast2, @multicast2, 0x0, "b18c89f8ec85752dace37a71e337f670bfac54f9a317850eaa73a3eb92f19456", 0x8, 0x8, 0x8, 0x1ff}, 0x3c) 224.513477ms ago: executing program 6 (id=14861): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='kfree\x00', r1, 0x0, 0x80000001}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001a000000bca300000000000024030000c0feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000200000000002604fdffff02000014010000030000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 215.159996ms ago: executing program 1 (id=14862): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0) set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0) 206.744147ms ago: executing program 3 (id=14863): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) set_robust_list(&(0x7f0000000180)={0x0, 0x7}, 0x18) 174.711077ms ago: executing program 1 (id=14864): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20) syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0) read(r0, &(0x7f0000002240)=""/4107, 0x100b) 172.606627ms ago: executing program 3 (id=14865): r0 = syz_io_uring_setup(0x2f90, &(0x7f0000000180)={0x0, 0xc383, 0x3010, 0x2, 0x200004}, &(0x7f0000000100), &(0x7f0000000140)) r1 = epoll_create(0xaf2) epoll_pwait2(r1, &(0x7f0000000280)=[{}], 0x1, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0xe000200f}) 153.585518ms ago: executing program 6 (id=14866): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) write$selinux_validatetrans(r1, &(0x7f00000002c0)={'system_u:object_r:ipmi_device_t:s0', 0x20, 'system_u:object_r:init_var_run_t:s0', 0x20, 0x2, 0x20, 'system_u:system_r:kernel_t:s0\x00'}, 0x7a) 142.352148ms ago: executing program 6 (id=14867): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x34) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, @exit], {0x95, 0x0, 0xff85}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 122.801868ms ago: executing program 6 (id=14868): r0 = fsopen(&(0x7f00000000c0)='selinuxfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000000)='dirsync\x00', &(0x7f0000000040)='./file0\x00', r1) 111.454548ms ago: executing program 6 (id=14869): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) creat(&(0x7f00000000c0)='./file0\x00', 0xd4) truncate(&(0x7f00000002c0)='./file0\x00', 0x8) 95.246629ms ago: executing program 3 (id=14870): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x35) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc) 90.622929ms ago: executing program 6 (id=14871): r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r0, 0x400, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0) fcntl$setlease(r0, 0x400, 0x1) 0s ago: executing program 3 (id=14872): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000a00)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@multicast2, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}, {@in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x0, 0x32}, @in=@dev, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x4}, {}, 0x0, 0x3504, 0xa, 0x1}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0) kernel console output (not intermixed with test programs): root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 266.302593][T30531] loop7: detected capacity change from 0 to 2048 [ 266.380347][ T29] audit: type=1400 audit(2000262483.739:2720): avc: denied { unmount } for pid=15333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 266.533109][T30562] team0: Device gtp0 is of different type [ 266.564759][T30566] netlink: 'syz.7.12543': attribute type 29 has an invalid length. [ 266.590698][T30566] netlink: 'syz.7.12543': attribute type 29 has an invalid length. [ 266.626077][T30566] netlink: 'syz.7.12543': attribute type 29 has an invalid length. [ 266.634909][T30566] netlink: 'syz.7.12543': attribute type 29 has an invalid length. [ 266.649730][T30566] netlink: 'syz.7.12543': attribute type 29 has an invalid length. [ 266.658150][T30566] netlink: 'syz.7.12543': attribute type 29 has an invalid length. [ 266.669256][T30566] netlink: 'syz.7.12543': attribute type 29 has an invalid length. [ 266.677503][T30566] netlink: 'syz.7.12543': attribute type 29 has an invalid length. [ 266.703646][ T29] audit: type=1400 audit(2000262484.069:2721): avc: denied { lock } for pid=30575 comm="syz.3.12548" path="socket:[93710]" dev="sockfs" ino=93710 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 266.847341][ T29] audit: type=1400 audit(2000262484.209:2722): avc: denied { setcheckreqprot } for pid=30595 comm="syz.3.12557" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 266.898731][T30602] macsec0: left allmulticast mode [ 266.909404][T30602] macsec0: left promiscuous mode [ 266.979578][T30614] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 266.986115][T30614] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 266.995118][T30614] vhci_hcd vhci_hcd.0: Device attached [ 267.016655][T30615] vhci_hcd: connection closed [ 267.016819][ T41] vhci_hcd: stop threads [ 267.027154][ T41] vhci_hcd: release socket [ 267.031575][ T41] vhci_hcd: disconnect device [ 267.406775][T30651] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12584'. [ 267.415858][T30651] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12584'. [ 267.557216][ T29] audit: type=1400 audit(2000262484.919:2723): avc: denied { audit_read } for pid=30663 comm="syz.3.12590" capability=37 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 267.668711][T30667] loop3: detected capacity change from 0 to 8192 [ 267.831774][ T29] audit: type=1326 audit(2000262485.199:2724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30680 comm="syz.1.12597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a41ae169 code=0x7ffc0000 [ 267.855388][ T29] audit: type=1326 audit(2000262485.199:2725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30680 comm="syz.1.12597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a41ae169 code=0x7ffc0000 [ 268.363270][T30725] bond0: option mode: unable to set because the bond device has slaves [ 268.446132][T30729] loop9: detected capacity change from 0 to 128 [ 268.453010][T30729] FAT-fs (loop9): bogus logical sector size 0 [ 268.459199][T30729] FAT-fs (loop9): Can't find a valid FAT filesystem [ 268.471435][T30729] netlink: 16 bytes leftover after parsing attributes in process `syz.9.12621'. [ 268.510786][T30733] loop7: detected capacity change from 0 to 164 [ 269.307979][T30806] netlink: 36 bytes leftover after parsing attributes in process `syz.3.12658'. [ 269.348428][T30806] netlink: 36 bytes leftover after parsing attributes in process `syz.3.12658'. [ 269.631828][T30848] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12679'. [ 269.664433][T30854] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12682'. [ 269.692527][T30856] loop7: detected capacity change from 0 to 1024 [ 269.723503][T30856] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 269.751636][T30865] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12686'. [ 269.776211][T30871] rdma_op ffff88811c80dd80 conn xmit_rdma 0000000000000000 [ 269.805734][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 269.833494][T30879] loop3: detected capacity change from 0 to 128 [ 269.909669][T30889] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12698'. [ 269.985334][T30898] raw_sendmsg: syz.1.12702 forgot to set AF_INET. Fix it! [ 270.103433][T30913] loop7: detected capacity change from 0 to 1024 [ 270.125120][T30913] EXT4-fs: Ignoring removed orlov option [ 270.143427][T30913] EXT4-fs: Ignoring removed bh option [ 270.155187][T30913] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 270.189722][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.230948][T30929] loop9: detected capacity change from 0 to 128 [ 270.284008][T30935] loop7: detected capacity change from 0 to 764 [ 270.321991][T30935] rock: directory entry would overflow storage [ 270.328181][T30935] rock: sig=0x4654, size=5, remaining=4 [ 270.402354][T30947] loop3: detected capacity change from 0 to 1024 [ 270.409272][T30947] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (12806!=20869) [ 270.442797][T30947] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002] [ 270.460122][T30947] System zones: 0-1, 3-36 [ 270.467570][T30960] atomic_op ffff88811c799528 conn xmit_atomic 0000000000000000 [ 270.478790][T30947] EXT4-fs (loop3): orphan cleanup on readonly fs [ 270.489340][T30947] EXT4-fs (loop3): 1 orphan inode deleted [ 270.507074][T30947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 270.606702][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.665861][T30976] tipc: Enabling of bearer rejected, failed to enable media [ 270.757166][T30988] loop7: detected capacity change from 0 to 512 [ 270.796602][T30988] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.12746: bg 0: block 288: padding at end of block bitmap is not set [ 270.851943][T30988] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 270.876184][T30988] EXT4-fs error (device loop7): ext4_clear_blocks:876: inode #13: comm syz.7.12746: attempt to clear invalid blocks 1024 len 1 [ 270.912340][T30988] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.12746: invalid indirect mapped block 1819239214 (level 0) [ 270.927542][T30988] EXT4-fs (loop7): 1 truncate cleaned up [ 270.953570][T30988] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 270.989157][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.364558][T31051] loop7: detected capacity change from 0 to 1024 [ 271.392347][T31051] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002] [ 271.401141][T31051] System zones: 0-1, 3-12 [ 271.406240][T31051] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 271.454964][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.520040][T31064] __nla_validate_parse: 1 callbacks suppressed [ 271.520057][T31064] netlink: 52 bytes leftover after parsing attributes in process `syz.7.12780'. [ 271.589313][T31070] validate_nla: 24 callbacks suppressed [ 271.589328][T31070] netlink: 'syz.7.12783': attribute type 6 has an invalid length. [ 271.604157][T31070] netlink: 164 bytes leftover after parsing attributes in process `syz.7.12783'. [ 271.656517][T31072] pim6reg: entered allmulticast mode [ 271.679672][T31074] netlink: 48 bytes leftover after parsing attributes in process `syz.7.12785'. [ 271.877529][T31102] netlink: 'syz.9.12799': attribute type 1 has an invalid length. [ 271.886759][T31102] netlink: 92 bytes leftover after parsing attributes in process `syz.9.12799'. [ 272.152682][T31132] netlink: 172 bytes leftover after parsing attributes in process `syz.7.12815'. [ 272.176123][T31135] loop9: detected capacity change from 0 to 512 [ 272.186101][T31135] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=802c198, mo2=0002] [ 272.200761][T31135] EXT4-fs error (device loop9): ext4_iget_extra_inode:4693: inode #15: comm syz.9.12816: corrupted in-inode xattr: invalid ea_ino [ 272.222496][T31135] EXT4-fs error (device loop9): ext4_orphan_get:1395: comm syz.9.12816: couldn't read orphan inode 15 (err -117) [ 272.235171][T31135] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 272.269150][T15328] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.387554][T31164] netlink: 96 bytes leftover after parsing attributes in process `syz.1.12829'. [ 272.407922][T31164] vlan0: entered allmulticast mode [ 272.461462][T31173] netlink: 'syz.7.12833': attribute type 2 has an invalid length. [ 272.469373][T31173] netlink: 132 bytes leftover after parsing attributes in process `syz.7.12833'. [ 272.596263][ T29] kauditd_printk_skb: 16 callbacks suppressed [ 272.596278][ T29] audit: type=1400 audit(2000328255.017:2742): avc: denied { mount } for pid=31196 comm="syz.1.12843" name="/" dev="configfs" ino=1851 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 272.645569][ T29] audit: type=1400 audit(2000328255.047:2743): avc: denied { write } for pid=31196 comm="syz.1.12843" name="/" dev="configfs" ino=1851 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 272.673299][ T29] audit: type=1400 audit(2000328255.097:2744): avc: denied { unmount } for pid=3303 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 272.783158][T31218] netlink: 416 bytes leftover after parsing attributes in process `syz.3.12854'. [ 272.785770][ T29] audit: type=1400 audit(2000328255.177:2745): avc: denied { write } for pid=31212 comm="syz.7.12852" path="socket:[96272]" dev="sockfs" ino=96272 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 272.793656][T31218] netlink: 416 bytes leftover after parsing attributes in process `syz.3.12854'. [ 272.827688][T31221] netlink: 76 bytes leftover after parsing attributes in process `syz.7.12857'. [ 272.961027][T31240] 9pnet: Could not find request transport: f [ 273.048982][T31260] program syz.9.12875 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 273.104660][T31271] IPVS: Error connecting to the multicast addr [ 273.153938][T31278] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 273.160481][T31278] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 273.168534][T31278] vhci_hcd vhci_hcd.0: Device attached [ 273.196030][T31279] vhci_hcd: connection closed [ 273.196197][ T41] vhci_hcd: stop threads [ 273.206662][ T41] vhci_hcd: release socket [ 273.211123][ T41] vhci_hcd: disconnect device [ 273.274070][T31291] pim6reg: entered allmulticast mode [ 273.420501][ T29] audit: type=1400 audit(2000328255.827:2746): avc: granted { setsecparam } for pid=31308 comm="syz.7.12897" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 273.636148][ T29] audit: type=1400 audit(2000328256.057:2747): avc: denied { connect } for pid=31339 comm="syz.3.12912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 273.741570][T31351] loop3: detected capacity change from 0 to 512 [ 273.762949][T31351] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 273.796953][T31351] ext4 filesystem being mounted at /1517/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 273.825706][T31366] rtc_cmos 00:00: Alarms can be up to one day in the future [ 273.843271][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.969724][T31390] netlink: 'syz.3.12935': attribute type 2 has an invalid length. [ 273.978637][T31390] netlink: 'syz.3.12935': attribute type 2 has an invalid length. [ 273.986591][T31390] netlink: 'syz.3.12935': attribute type 1 has an invalid length. [ 273.995113][T31390] netlink: 'syz.3.12935': attribute type 1 has an invalid length. [ 274.107115][T31399] rtc_cmos 00:00: Alarms can be up to one day in the future [ 274.271581][T31419] loop3: detected capacity change from 0 to 128 [ 274.278106][T31419] vfat: Bad value for 'utf8' [ 274.336831][T31427] rtc_cmos 00:00: Alarms can be up to one day in the future [ 274.363503][ T29] audit: type=1400 audit(2000328256.787:2748): avc: granted { setsecparam } for pid=31432 comm="syz.1.12955" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 274.392503][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 274.400012][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 274.407579][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 274.415108][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 274.423598][ T10] rtc rtc0: __rtc_set_alarm: err=-22 [ 274.426911][T31428] loop9: detected capacity change from 0 to 8192 [ 274.490562][T31428] syz.9.12953: attempt to access beyond end of device [ 274.490562][T31428] loop9: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 274.509816][T31428] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000e1b1) [ 274.517729][T31428] FAT-fs (loop9): Filesystem has been set read-only [ 274.530182][T31428] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000e1b1) [ 274.546381][T31428] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000e1b1) [ 274.732418][T31480] loop9: detected capacity change from 0 to 256 [ 274.786244][T31480] FAT-fs (loop9): Directory bread(block 64) failed [ 274.794025][T31480] FAT-fs (loop9): Directory bread(block 65) failed [ 274.805482][T31489] loop7: detected capacity change from 0 to 1024 [ 274.811973][T31480] FAT-fs (loop9): Directory bread(block 66) failed [ 274.823275][T31489] EXT4-fs: Ignoring removed nobh option [ 274.828931][T31489] EXT4-fs: Ignoring removed bh option [ 274.838013][T31480] FAT-fs (loop9): Directory bread(block 67) failed [ 274.845941][T31480] FAT-fs (loop9): Directory bread(block 68) failed [ 274.846737][T31492] program syz.3.12985 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 274.853746][T31480] FAT-fs (loop9): Directory bread(block 69) failed [ 274.874638][T31480] FAT-fs (loop9): Directory bread(block 70) failed [ 274.881600][T31480] FAT-fs (loop9): Directory bread(block 71) failed [ 274.888532][T31480] FAT-fs (loop9): Directory bread(block 72) failed [ 274.898896][T31489] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.913532][T31480] FAT-fs (loop9): Directory bread(block 73) failed [ 274.969540][T31500] program syz.1.12997 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 275.003010][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.044242][T31506] netlink: 'syz.9.12999': attribute type 2 has an invalid length. [ 275.052126][T31507] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 275.052148][T31507] SELinux: failed to load policy [ 275.065231][T31506] netlink: 'syz.9.12999': attribute type 2 has an invalid length. [ 275.073272][T31506] netlink: 'syz.9.12999': attribute type 1 has an invalid length. [ 275.082131][T26960] tipc: Resetting bearer [ 275.082256][ T29] audit: type=1400 audit(2000328257.507:2749): avc: denied { mounton } for pid=31509 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 275.121103][T26960] tipc: Disabling bearer [ 275.130283][T26960] smc: removing net device syz_tun with user defined pnetid SYZ1 [ 275.186209][T31522] loop9: detected capacity change from 0 to 512 [ 275.217335][T31522] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 275.276588][T31522] ext4 filesystem being mounted at /1582/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 275.317904][T31509] chnl_net:caif_netlink_parms(): no params data found [ 275.329005][T15328] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.393117][T31554] loop9: detected capacity change from 0 to 1024 [ 275.399755][T31554] EXT4-fs: Ignoring removed orlov option [ 275.406386][T31554] EXT4-fs: Ignoring removed bh option [ 275.407933][T31509] bridge0: port 1(bridge_slave_0) entered blocking state [ 275.420823][T31509] bridge0: port 1(bridge_slave_0) entered disabled state [ 275.438945][T31554] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 275.461606][T31509] bridge_slave_0: entered allmulticast mode [ 275.468130][T31509] bridge_slave_0: entered promiscuous mode [ 275.475028][T31509] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.482267][T31509] bridge0: port 2(bridge_slave_1) entered disabled state [ 275.489683][T31509] bridge_slave_1: entered allmulticast mode [ 275.499044][T31509] bridge_slave_1: entered promiscuous mode [ 275.522708][T31509] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 275.533910][T31509] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 275.552725][T15328] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.568777][T31509] team0: Port device team_slave_0 added [ 275.577215][T31509] team0: Port device team_slave_1 added [ 275.601283][T31509] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 275.608256][T31509] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.634783][T31509] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 275.651930][T31509] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 275.658895][T31509] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.660236][ T29] audit: type=1326 audit(2000328258.077:2750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31578 comm="syz.9.13017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 275.685473][T31509] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 275.732950][ T29] audit: type=1326 audit(2000328258.147:2751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31578 comm="syz.9.13017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 275.762996][T31587] program syz.7.13016 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 275.772849][T31509] hsr_slave_0: entered promiscuous mode [ 275.781218][T31509] hsr_slave_1: entered promiscuous mode [ 275.796364][T31509] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 275.805401][T31509] Cannot create hsr debugfs directory [ 275.947346][T31509] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 275.998134][T31509] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.018661][T31617] vlan3: entered allmulticast mode [ 276.045657][T31625] loop3: detected capacity change from 0 to 512 [ 276.054276][T31625] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=802c198, mo2=0002] [ 276.063858][T31625] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.13040: corrupted in-inode xattr: invalid ea_ino [ 276.065227][T31509] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.078715][T31625] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.13040: couldn't read orphan inode 15 (err -117) [ 276.102251][T31625] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 276.148832][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.161059][T31509] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.227390][T31509] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 276.239043][T31509] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 276.248496][T31509] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 276.257495][T31509] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 276.295580][T31637] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(5) [ 276.302112][T31637] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 276.310153][T31637] vhci_hcd vhci_hcd.0: Device attached [ 276.316862][T31509] 8021q: adding VLAN 0 to HW filter on device bond0 [ 276.317069][T31638] vhci_hcd: connection closed [ 276.327260][ T1309] vhci_hcd: stop threads [ 276.331036][T31509] 8021q: adding VLAN 0 to HW filter on device team0 [ 276.332625][ T1309] vhci_hcd: release socket [ 276.347234][ T1309] vhci_hcd: disconnect device [ 276.349059][T31509] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 276.364036][T31509] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 276.377954][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 276.385128][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 276.396121][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 276.403237][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 276.475608][T31509] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 276.599398][T31509] veth0_vlan: entered promiscuous mode [ 276.617482][T31509] veth1_vlan: entered promiscuous mode [ 276.640212][T31509] veth0_macvtap: entered promiscuous mode [ 276.658976][T31509] veth1_macvtap: entered promiscuous mode [ 276.674754][T31509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 276.685304][T31509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.695869][T31509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 276.706350][T31509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.716198][T31509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 276.727475][T31509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.737481][T31509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 276.747926][T31509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.758398][T31509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 276.768917][T31509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.780252][T31509] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 276.805753][T31509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.816841][T31509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.826669][T31509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.837130][T31509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.847570][T31509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.858329][T31509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.868179][T31509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.879503][T31509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.889380][T31509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.899950][T31509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.911779][T31509] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 276.934442][T31509] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.943878][T31509] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.952817][T31509] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.961538][T31509] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.993274][T31692] loop7: detected capacity change from 0 to 1024 [ 277.002175][T31692] EXT4-fs: Ignoring removed oldalloc option [ 277.008104][T31692] EXT4-fs: Ignoring removed orlov option [ 277.033979][T31692] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 277.046271][T31692] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869) [ 277.059547][T31692] EXT4-fs error (device loop7): __ext4_iget:5025: inode #2: block 127754: comm syz.7.13063: invalid block [ 277.075780][T31692] EXT4-fs (loop7): no journal found [ 277.081033][T31692] EXT4-fs (loop7): can't get journal size [ 277.088866][T31692] EXT4-fs error (device loop7): __ext4_iget:5025: inode #2: block 127754: comm syz.7.13063: invalid block [ 277.106927][T31692] EXT4-fs (loop7): get root inode failed [ 277.112647][T31692] EXT4-fs (loop7): mount failed [ 277.148679][T31715] validate_nla: 1 callbacks suppressed [ 277.148695][T31715] netlink: 'syz.3.13070': attribute type 58 has an invalid length. [ 277.164115][T31715] __nla_validate_parse: 9 callbacks suppressed [ 277.164127][T31715] netlink: 20 bytes leftover after parsing attributes in process `syz.3.13070'. [ 277.213589][T31726] macsec0: left allmulticast mode [ 277.218970][T31728] netlink: 'syz.6.13078': attribute type 10 has an invalid length. [ 277.228817][T31728] netlink: 40 bytes leftover after parsing attributes in process `syz.6.13078'. [ 277.229247][T31726] macsec0: left promiscuous mode [ 277.244574][T31728] dummy0: entered promiscuous mode [ 277.250313][T31728] bridge0: port 3(dummy0) entered blocking state [ 277.258159][T31728] bridge0: port 3(dummy0) entered disabled state [ 277.269579][T31728] dummy0: entered allmulticast mode [ 277.276231][T31728] bridge0: port 3(dummy0) entered blocking state [ 277.282672][T31728] bridge0: port 3(dummy0) entered forwarding state [ 277.399142][T31757] bond0: Unable to set down delay as MII monitoring is disabled [ 277.578871][T31791] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13108'. [ 277.588072][T31791] netlink: 'syz.3.13108': attribute type 19 has an invalid length. [ 277.596164][T31791] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13108'. [ 277.708891][T31815] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22 [ 277.717770][T31815] netdevsim netdevsim6: Direct firmware load for . failed with error -22 [ 277.745446][ T29] kauditd_printk_skb: 11 callbacks suppressed [ 277.745458][ T29] audit: type=1326 audit(2000328260.167:2763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31820 comm="syz.9.13124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 277.745814][ T29] audit: type=1326 audit(2000328260.167:2764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31820 comm="syz.9.13124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 277.745975][ T29] audit: type=1326 audit(2000328260.167:2765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31820 comm="syz.9.13124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 277.746286][ T29] audit: type=1326 audit(2000328260.167:2766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31820 comm="syz.9.13124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 277.953233][T31843] bond0: option mode: unable to set because the bond device has slaves [ 277.963960][T31850] loop7: detected capacity change from 0 to 128 [ 277.979503][T31850] FAT-fs (loop7): bogus logical sector size 0 [ 277.987567][T31850] FAT-fs (loop7): Can't find a valid FAT filesystem [ 278.007303][T31850] netlink: 16 bytes leftover after parsing attributes in process `syz.7.13136'. [ 278.048023][T31855] loop6: detected capacity change from 0 to 8192 [ 278.060723][T31860] netlink: 24 bytes leftover after parsing attributes in process `syz.9.13142'. [ 278.081783][T31862] netlink: 60 bytes leftover after parsing attributes in process `syz.7.13153'. [ 278.096064][T31864] loop3: detected capacity change from 0 to 164 [ 278.206342][T31876] loop3: detected capacity change from 0 to 2048 [ 278.456462][T31916] loop3: detected capacity change from 0 to 512 [ 278.470049][T31916] EXT4-fs warning (device loop3): dx_probe:848: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 278.481649][T31916] EXT4-fs warning (device loop3): dx_probe:851: Enable large directory feature to access it [ 278.492388][T31916] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.13164: Corrupt directory, running e2fsck is recommended [ 278.514552][T31916] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 278.523655][T31916] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.13164: corrupted in-inode xattr: invalid ea_ino [ 278.538307][T31916] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.13164: couldn't read orphan inode 15 (err -117) [ 278.539116][ T29] audit: type=1400 audit(2000328260.957:2767): avc: denied { listen } for pid=31923 comm="syz.9.13168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 278.554842][T31916] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 278.623395][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.656359][T31934] loop6: detected capacity change from 0 to 512 [ 278.689559][T31934] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 278.704554][T31934] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 278.726498][T31509] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.873153][T31977] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 278.900779][T31981] loop6: detected capacity change from 0 to 256 [ 278.910214][T31983] netlink: 'syz.9.13196': attribute type 30 has an invalid length. [ 278.914733][T31981] FAT-fs (loop6): Directory bread(block 64) failed [ 278.932018][T31981] FAT-fs (loop6): Directory bread(block 65) failed [ 278.938652][T31981] FAT-fs (loop6): Directory bread(block 66) failed [ 278.945585][T31981] FAT-fs (loop6): Directory bread(block 67) failed [ 278.952879][T31981] FAT-fs (loop6): Directory bread(block 68) failed [ 278.961205][T31981] FAT-fs (loop6): Directory bread(block 69) failed [ 278.967800][T31981] FAT-fs (loop6): Directory bread(block 70) failed [ 278.975179][T31981] FAT-fs (loop6): Directory bread(block 71) failed [ 278.983200][T31981] FAT-fs (loop6): Directory bread(block 72) failed [ 278.989712][T31981] FAT-fs (loop6): Directory bread(block 73) failed [ 279.018094][T31981] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13195'. [ 279.027438][T31992] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13200'. [ 279.313189][T32056] tipc: Bearer : already 2 bearers with priority 10 [ 279.321441][T32056] tipc: Bearer : trying with adjusted priority [ 279.328498][T32056] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 279.352562][T32059] loop9: detected capacity change from 0 to 1024 [ 279.371694][T32059] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 279.409031][T15328] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.445320][T32074] loop9: detected capacity change from 0 to 2048 [ 279.457081][T32076] netlink: 12 bytes leftover after parsing attributes in process `syz.6.13241'. [ 279.480888][T32074] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 279.498634][ T29] audit: type=1400 audit(2000328261.917:2768): avc: denied { read } for pid=32073 comm="syz.9.13239" name="file0" dev="loop9" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 279.554124][T15328] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.576854][ T29] audit: type=1400 audit(2000328261.987:2769): avc: denied { name_bind } for pid=32088 comm="syz.3.13247" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 279.642088][T32098] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(5) [ 279.648683][T32098] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 279.656307][T32098] vhci_hcd vhci_hcd.0: Device attached [ 279.679307][T32103] vhci_hcd: connection closed [ 279.683989][ T41] vhci_hcd: stop threads [ 279.693696][ T41] vhci_hcd: release socket [ 279.698239][ T41] vhci_hcd: disconnect device [ 279.735329][T32122] loop3: detected capacity change from 0 to 256 [ 279.748844][T32124] netlink: 'syz.6.13262': attribute type 6 has an invalid length. [ 279.779014][ T29] audit: type=1400 audit(2000328262.197:2770): avc: denied { ioctl } for pid=32129 comm="syz.7.13265" path="socket:[99571]" dev="sockfs" ino=99571 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 279.808827][T32132] loop7: detected capacity change from 0 to 512 [ 279.826368][T32136] loop6: detected capacity change from 0 to 512 [ 279.830668][T32132] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 279.837779][T32136] EXT4-fs: Ignoring removed oldalloc option [ 279.846924][T32132] EXT4-fs (loop7): orphan cleanup on readonly fs [ 279.856549][T32132] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:517: comm syz.7.13266: Block bitmap for bg 0 marked uninitialized [ 279.870675][T32136] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 279.872654][T32132] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 279.889522][T32132] EXT4-fs (loop7): 1 orphan inode deleted [ 279.896058][T32132] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 279.910766][T32141] loop3: detected capacity change from 0 to 128 [ 279.919448][T32132] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended [ 279.931388][T32132] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 279.933911][T32136] EXT4-fs (loop6): 1 truncate cleaned up [ 279.946549][T32136] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 279.989485][T31509] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.000975][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.102848][T32173] loop6: detected capacity change from 0 to 256 [ 280.138167][ T29] audit: type=1400 audit(2000328262.557:2771): avc: denied { bind } for pid=32178 comm="syz.3.13289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 280.178927][T32183] netlink: 'syz.1.13291': attribute type 26 has an invalid length. [ 280.217203][ T29] audit: type=1400 audit(2000328262.637:2772): avc: denied { listen } for pid=32190 comm="syz.1.13295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 280.277127][T32198] loop9: detected capacity change from 0 to 512 [ 280.317590][T32198] EXT4-fs warning (device loop9): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 280.336270][T32198] EXT4-fs (loop9): mount failed [ 280.449033][T32235] 9pnet_fd: Insufficient options for proto=fd [ 280.498997][T32243] 9pnet: Could not find request transport: f [ 280.530163][T32256] gre0: left promiscuous mode [ 280.535097][T32256] gre0: left allmulticast mode [ 280.547594][T32256] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 280.616722][T32270] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0 [ 280.619439][T32264] batadv1: entered allmulticast mode [ 280.727351][T32292] loop7: detected capacity change from 0 to 2048 [ 280.766468][T32292] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.803197][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.868573][T32326] rdma_op ffff888137f25580 conn xmit_rdma 0000000000000000 [ 280.944868][T32345] loop9: detected capacity change from 0 to 256 [ 280.963236][T32345] FAT-fs (loop9): error, corrupted file size (i_pos 196, 2097162) [ 280.971800][T32345] FAT-fs (loop9): Filesystem has been set read-only [ 281.303873][T32408] loop9: detected capacity change from 0 to 512 [ 281.325184][T32410] loop3: detected capacity change from 0 to 1024 [ 281.333184][T32408] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.351080][T32410] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 281.354771][T32408] ext4 filesystem being mounted at /1645/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 281.374868][T32410] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 281.386445][T32408] EXT4-fs error (device loop9): ext4_validate_block_bitmap:432: comm syz.9.13399: bg 0: block 18: invalid block bitmap [ 281.391690][T32410] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 281.410280][T32421] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (255) [ 281.410551][T32410] EXT4-fs (loop3): orphan cleanup on readonly fs [ 281.429780][T32410] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 281.442883][T32410] EXT4-fs (loop3): Remounting filesystem read-only [ 281.449853][T32410] EXT4-fs (loop3): 1 orphan inode deleted [ 281.450244][T15328] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.468704][T32410] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 281.504423][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.522747][T32432] netlink: 'syz.6.13411': attribute type 5 has an invalid length. [ 281.639651][T32462] netlink: 'syz.3.13424': attribute type 15 has an invalid length. [ 281.652125][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.659603][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.667701][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.675117][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.684553][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.692073][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.699455][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.707510][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.716130][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.724208][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.731759][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.739133][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.748531][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.755956][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.764003][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.772686][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.780085][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.788089][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.795573][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.804877][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.812507][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.820080][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.828144][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.836789][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.844823][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.852246][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.855808][T32484] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 281.859617][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.876890][T32484] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 281.877176][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.894417][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.902539][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.909930][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.917456][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.926883][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.928127][T32487] loop3: detected capacity change from 0 to 4096 [ 281.934301][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.934365][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.934387][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.934408][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.934431][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.934454][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.934474][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.934543][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.934565][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.934597][ T3441] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0 [ 281.967202][T32488] loop6: detected capacity change from 0 to 8192 [ 281.981847][T32487] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.004111][ T3441] hid-generic 0000:0400:0000.0008: hidraw0: HID v0.00 Device [syz0] on syz0 [ 282.050651][T32469] Restarting kernel threads ... done. [ 282.051964][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.179025][T32519] __nla_validate_parse: 9 callbacks suppressed [ 282.179038][T32519] netlink: 12 bytes leftover after parsing attributes in process `syz.9.13450'. [ 282.199699][T32522] netlink: 'syz.3.13452': attribute type 5 has an invalid length. [ 282.209398][T32523] SELinux: failure in selinux_parse_skb(), unable to parse packet [ 282.259608][T32533] netlink: 76 bytes leftover after parsing attributes in process `syz.9.13457'. [ 282.274401][T32536] netlink: 48 bytes leftover after parsing attributes in process `syz.6.13458'. [ 282.653447][T32614] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 282.893198][T32633] netlink: 'syz.1.13504': attribute type 1 has an invalid length. [ 282.902425][T32633] netlink: 92 bytes leftover after parsing attributes in process `syz.1.13504'. [ 282.958777][T32643] netlink: 8 bytes leftover after parsing attributes in process `syz.7.13510'. [ 282.968388][T32643] netlink: 'syz.7.13510': attribute type 19 has an invalid length. [ 282.977542][T32643] netlink: 12 bytes leftover after parsing attributes in process `syz.7.13510'. [ 283.007331][T32648] loop7: detected capacity change from 0 to 128 [ 283.076813][T32664] bond0: Unable to set down delay as MII monitoring is disabled [ 283.244613][T32682] netlink: 24 bytes leftover after parsing attributes in process `syz.1.13529'. [ 283.255648][T32680] loop7: detected capacity change from 0 to 8192 [ 283.277099][T32680] FAT-fs (loop7): error, fat_free_clusters: deleting FAT entry beyond EOF [ 283.286341][T32680] FAT-fs (loop7): Filesystem has been set read-only [ 283.489953][T32692] loop7: detected capacity change from 0 to 512 [ 283.537868][T32702] loop3: detected capacity change from 0 to 1024 [ 283.546443][T32692] EXT4-fs warning (device loop7): dx_probe:848: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 283.558121][T32692] EXT4-fs warning (device loop7): dx_probe:851: Enable large directory feature to access it [ 283.565128][T32702] EXT4-fs: Ignoring removed nobh option [ 283.569472][T32692] EXT4-fs warning (device loop7): dx_probe:936: inode #2: comm syz.7.13543: Corrupt directory, running e2fsck is recommended [ 283.575017][T32702] EXT4-fs: Ignoring removed bh option [ 283.597888][T32692] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117 [ 283.616640][T32692] EXT4-fs error (device loop7): ext4_iget_extra_inode:4693: inode #15: comm syz.7.13543: corrupted in-inode xattr: invalid ea_ino [ 283.643708][T32702] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 283.663162][T32692] EXT4-fs error (device loop7): ext4_orphan_get:1395: comm syz.7.13543: couldn't read orphan inode 15 (err -117) [ 283.682515][T32692] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.731426][T32701] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 283.760409][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.793298][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.849535][T32723] loop7: detected capacity change from 0 to 128 [ 283.928819][T32728] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13547'. [ 283.984248][T32733] loop3: detected capacity change from 0 to 512 [ 283.993337][T32733] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 284.004966][ T29] kauditd_printk_skb: 33 callbacks suppressed [ 284.004998][ T29] audit: type=1400 audit(2000394031.418:2801): avc: denied { getopt } for pid=32729 comm="syz.6.13549" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1 [ 284.054632][T32733] EXT4-fs (loop3): orphan cleanup on readonly fs [ 284.063098][T32733] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.13548: Block bitmap for bg 0 marked uninitialized [ 284.065024][T32743] netlink: 8 bytes leftover after parsing attributes in process `syz.7.13554'. [ 284.091547][T32733] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 284.100862][T32733] EXT4-fs (loop3): 1 orphan inode deleted [ 284.107075][T32733] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 284.149391][T32733] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 284.165972][T32733] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 284.197110][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.258250][T32766] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 284.364770][ T328] netlink: 'syz.1.13577': attribute type 29 has an invalid length. [ 284.397253][ T328] netlink: 'syz.1.13577': attribute type 29 has an invalid length. [ 284.406603][ T328] netlink: 'syz.1.13577': attribute type 29 has an invalid length. [ 284.418258][ T328] netlink: 'syz.1.13577': attribute type 29 has an invalid length. [ 284.429563][ T328] netlink: 'syz.1.13577': attribute type 29 has an invalid length. [ 284.439131][ T337] netlink: 8 bytes leftover after parsing attributes in process `syz.9.13583'. [ 284.466767][ T340] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 284.485011][ T328] netlink: 'syz.1.13577': attribute type 29 has an invalid length. [ 284.510660][ T328] netlink: 'syz.1.13577': attribute type 29 has an invalid length. [ 284.531757][ T29] audit: type=1400 audit(2000394031.948:2802): avc: denied { shutdown } for pid=347 comm="syz.7.13588" lport=33713 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 284.676146][ T366] loop6: detected capacity change from 0 to 1024 [ 284.684494][ T366] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (12806!=20869) [ 284.711119][ T366] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002] [ 284.719382][ T366] System zones: 0-1, 3-36 [ 284.725807][ T366] EXT4-fs (loop6): orphan cleanup on readonly fs [ 284.747741][ T366] EXT4-fs (loop6): 1 orphan inode deleted [ 284.762176][ T366] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 284.804121][ T29] audit: type=1400 audit(2000394032.228:2803): avc: denied { create } for pid=380 comm="syz.9.13604" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_iscsi_socket permissive=1 [ 284.844090][T31509] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.879315][ T385] loop9: detected capacity change from 0 to 512 [ 284.891976][ T388] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 284.928599][ T385] EXT4-fs (loop9): 1 orphan inode deleted [ 284.936138][ T385] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 284.957414][ T385] ext4 filesystem being mounted at /1692/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 284.968111][ T1309] Quota error (device loop9): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 284.977960][ T1309] EXT4-fs error (device loop9): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 285.030059][T15328] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.096306][ T29] audit: type=1400 audit(2000394032.518:2804): avc: denied { map } for pid=422 comm="syz.9.13624" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 285.122138][ T29] audit: type=1400 audit(2000394032.518:2805): avc: denied { execute } for pid=422 comm="syz.9.13624" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 285.194042][ T438] loop6: detected capacity change from 0 to 512 [ 285.215439][ T440] loop3: detected capacity change from 0 to 512 [ 285.224604][ T438] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 285.228391][ T440] EXT4-fs: Ignoring removed oldalloc option [ 285.263734][ T438] EXT4-fs (loop6): 1 orphan inode deleted [ 285.269493][ T438] EXT4-fs (loop6): 1 truncate cleaned up [ 285.278133][ T438] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 285.282120][ T440] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.13631: Parent and EA inode have the same ino 15 [ 285.307706][ T440] EXT4-fs (loop3): Remounting filesystem read-only [ 285.314290][ T440] EXT4-fs warning (device loop3): ext4_evict_inode:262: couldn't mark inode dirty (err -30) [ 285.326479][T31509] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.335840][ T440] EXT4-fs (loop3): 1 orphan inode deleted [ 285.336140][ T440] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 285.356957][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.412075][ T29] audit: type=1400 audit(2000394032.828:2806): avc: denied { shutdown } for pid=460 comm="syz.9.13642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 285.468373][ T471] loop9: detected capacity change from 0 to 512 [ 285.483565][ T29] audit: type=1326 audit(2000394032.908:2807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=476 comm="syz.6.13644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 285.524513][ T471] EXT4-fs: Ignoring removed bh option [ 285.529977][ T471] EXT4-fs: Ignoring removed mblk_io_submit option [ 285.542846][ T483] loop3: detected capacity change from 0 to 512 [ 285.549729][ T483] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 285.558923][ T29] audit: type=1326 audit(2000394032.908:2808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=476 comm="syz.6.13644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 285.584279][ T29] audit: type=1326 audit(2000394032.938:2809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=476 comm="syz.6.13644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 285.615812][ T483] EXT4-fs (loop3): 1 truncate cleaned up [ 285.628749][ T483] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 285.653647][ T471] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 285.666305][ T471] ext4 filesystem being mounted at /1701/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 285.703676][ T471] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.13646: bg 0: block 289: padding at end of block bitmap is not set [ 285.734259][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.773258][T15328] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.923455][ T538] hub 2-0:1.0: USB hub found [ 285.938854][ T538] hub 2-0:1.0: 8 ports detected [ 286.256895][ T612] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=612 comm=syz.6.13712 [ 286.274659][ T615] tipc: Bearer : already 2 bearers with priority 10 [ 286.283805][ T615] tipc: Bearer : trying with adjusted priority [ 286.290730][ T615] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 286.478135][ T661] loop3: detected capacity change from 0 to 512 [ 286.495700][ T661] EXT4-fs: Ignoring removed mblk_io_submit option [ 286.541783][ T661] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.561393][ T661] ext4 filesystem being mounted at /1693/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 286.570253][ T678] usb usb8: usbfs: process 678 (syz.6.13742) did not claim interface 0 before use [ 286.588295][ T661] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 286.595859][ T678] usb usb8: selecting invalid altsetting 16777216 [ 286.624325][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.764865][ T709] loop6: detected capacity change from 0 to 4096 [ 286.789215][ T709] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.835641][T31509] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.955309][ T753] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 287.026093][ T771] loop6: detected capacity change from 0 to 512 [ 287.032695][ T771] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 287.068820][ T777] loop9: detected capacity change from 0 to 164 [ 287.179752][ T801] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 287.197760][ T801] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 287.289504][ T823] SELinux: security policydb version 18 (MLS) not backwards compatible [ 287.298054][ T821] loop9: detected capacity change from 0 to 2048 [ 287.305458][ T823] SELinux: failed to load policy [ 287.314633][ T821] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.353523][T15328] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.372222][ T835] __nla_validate_parse: 13 callbacks suppressed [ 287.372240][ T835] netlink: 192 bytes leftover after parsing attributes in process `syz.7.13814'. [ 287.397442][ T839] netlink: 24 bytes leftover after parsing attributes in process `syz.9.13815'. [ 287.513315][ T850] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 287.585999][ T860] hugetlbfs: Bad value for 'nr_inodes' [ 287.644698][ T871] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 287.652619][ T871] SELinux: failed to load policy [ 287.667649][ T873] loop7: detected capacity change from 0 to 2048 [ 287.684888][ T873] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.710240][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.794042][ T897] loop7: detected capacity change from 0 to 512 [ 287.801524][ T897] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 287.810336][ T897] EXT4-fs (loop7): invalid journal inode [ 287.817285][ T897] EXT4-fs (loop7): can't get journal size [ 287.828057][ T897] EXT4-fs (loop7): 1 truncate cleaned up [ 287.833886][ T899] loop9: detected capacity change from 0 to 1024 [ 287.834360][ T899] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 287.841103][ T897] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.865544][ T899] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 287.876960][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.877463][ T899] JBD2: no valid journal superblock found [ 287.893615][ T899] EXT4-fs (loop9): Could not load journal inode [ 288.127008][ T935] vhci_hcd: default hub control req: 010b v0000 i0000 l0 [ 288.278046][ T965] loop7: detected capacity change from 0 to 512 [ 288.306231][ T965] EXT4-fs (loop7): 1 orphan inode deleted [ 288.314160][ T965] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.318132][ T976] loop3: detected capacity change from 0 to 512 [ 288.327605][ T965] ext4 filesystem being mounted at /2078/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 288.353453][ T31] EXT4-fs error (device loop7): ext4_release_dquot:6971: comm kworker/u8:1: Failed to release dquot type 1 [ 288.374956][ T976] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 288.385611][ T976] EXT4-fs (loop3): orphan cleanup on readonly fs [ 288.394761][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.404158][ T976] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 288.424656][ T31] EXT4-fs error (device loop7): ext4_release_dquot:6971: comm kworker/u8:1: Failed to release dquot type 1 [ 288.437411][ T976] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 288.444812][ T976] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.13876: bg 0: block 40: padding at end of block bitmap is not set [ 288.463133][ T976] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 288.485524][ T976] EXT4-fs (loop3): 1 truncate cleaned up [ 288.495138][ T976] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 288.517822][ T976] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #16: comm syz.3.13876: corrupted xattr block 31: invalid header [ 288.536925][ T976] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=16 [ 288.555755][ T976] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #16: comm syz.3.13876: corrupted xattr block 31: invalid header [ 288.577554][ T976] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=16 [ 288.586958][ T976] EXT4-fs error (device loop3): ext4_get_link:106: inode #16: comm syz.3.13876: bad symlink. [ 288.630717][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.729369][ T1032] loop7: detected capacity change from 0 to 256 [ 288.769816][ T1042] loop6: detected capacity change from 0 to 256 [ 288.774614][ T1040] loop9: detected capacity change from 0 to 2048 [ 288.792322][ T1040] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.815264][T15328] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.839680][ T1048] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13911'. [ 288.947074][ T1070] loop7: detected capacity change from 0 to 512 [ 288.973145][ T1070] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.13921: bg 0: block 248: padding at end of block bitmap is not set [ 288.990008][ T1070] EXT4-fs error (device loop7): ext4_acquire_dquot:6935: comm syz.7.13921: Failed to acquire dquot type 1 [ 289.004534][ T1070] EXT4-fs (loop7): 1 truncate cleaned up [ 289.010404][ T1078] loop6: detected capacity change from 0 to 512 [ 289.011463][ T1070] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.017894][ T1070] ext4 filesystem being mounted at /2088/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.045442][ T1081] netlink: 588 bytes leftover after parsing attributes in process `syz.9.13934'. [ 289.070264][ T29] kauditd_printk_skb: 38 callbacks suppressed [ 289.070277][ T29] audit: type=1326 audit(2000394036.488:2843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1068 comm="syz.7.13921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a1b1e169 code=0x7ffc0000 [ 289.102168][ T29] audit: type=1326 audit(2000394036.528:2844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1068 comm="syz.7.13921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a1b1e169 code=0x7ffc0000 [ 289.152237][ T1078] EXT4-fs (loop6): 1 orphan inode deleted [ 289.158268][ T1078] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.172663][ T158] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 289.177466][ T29] audit: type=1326 audit(2000394036.528:2845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1068 comm="syz.7.13921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7fc9a1b1e169 code=0x7ffc0000 [ 289.182420][ T158] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 1 [ 289.214255][ T1078] ext4 filesystem being mounted at /186/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.219786][ T29] audit: type=1326 audit(2000394036.538:2846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1068 comm="syz.7.13921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a1b1e169 code=0x7ffc0000 [ 289.247014][ T1089] validate_nla: 27 callbacks suppressed [ 289.247029][ T1089] netlink: 'syz.9.13927': attribute type 29 has an invalid length. [ 289.255491][ T29] audit: type=1326 audit(2000394036.538:2847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1068 comm="syz.7.13921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a1b1e169 code=0x7ffc0000 [ 289.299032][ T1089] netlink: 'syz.9.13927': attribute type 29 has an invalid length. [ 289.311085][ T1089] netlink: 'syz.9.13927': attribute type 29 has an invalid length. [ 289.323511][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.328187][ T1089] netlink: 'syz.9.13927': attribute type 29 has an invalid length. [ 289.332953][ T1309] Quota error (device loop7): do_check_range: Getting block 0 out of range 1-5 [ 289.333026][ T1309] EXT4-fs error (device loop7): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 289.333995][T31509] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.344821][ T1089] netlink: 'syz.9.13927': attribute type 29 has an invalid length. [ 289.388170][ T1089] netlink: 'syz.9.13927': attribute type 29 has an invalid length. [ 289.442357][ T1089] netlink: 'syz.9.13927': attribute type 29 has an invalid length. [ 289.451808][ T1089] netlink: 'syz.9.13927': attribute type 29 has an invalid length. [ 289.457760][ T1109] loop7: detected capacity change from 0 to 512 [ 289.472388][ T1109] EXT4-fs: Ignoring removed orlov option [ 289.479191][ T1109] EXT4-fs error (device loop7): ext4_iget_extra_inode:4693: inode #15: comm syz.7.13937: corrupted in-inode xattr: invalid ea_ino [ 289.494007][ T1089] netlink: 'syz.9.13927': attribute type 29 has an invalid length. [ 289.502384][ T1109] EXT4-fs error (device loop7): ext4_orphan_get:1395: comm syz.7.13937: couldn't read orphan inode 15 (err -117) [ 289.514729][ T1089] netlink: 'syz.9.13927': attribute type 29 has an invalid length. [ 289.520955][ T1109] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.544103][ T1109] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.13937: bg 0: block 411: padding at end of block bitmap is not set [ 289.569540][ T1118] loop3: detected capacity change from 0 to 512 [ 289.577236][ T1118] EXT4-fs: Ignoring removed bh option [ 289.582708][ T1118] EXT4-fs: Ignoring removed mblk_io_submit option [ 289.590187][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.626715][ T1118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.639593][ T1118] ext4 filesystem being mounted at /1733/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 289.658780][ T1118] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.13942: bg 0: block 289: padding at end of block bitmap is not set [ 289.695264][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.768307][ T1152] loop7: detected capacity change from 0 to 512 [ 289.776096][ T1152] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 289.785864][ T1152] EXT4-fs (loop7): invalid journal inode [ 289.792341][ T1152] EXT4-fs (loop7): can't get journal size [ 289.799004][ T1152] EXT4-fs (loop7): 1 truncate cleaned up [ 289.805060][ T1152] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 289.820400][ T29] audit: type=1400 audit(2000394037.238:2848): avc: denied { read } for pid=1151 comm="syz.7.13958" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop7" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 289.867666][T11388] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.264444][ T1192] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13976'. [ 290.327688][ T1196] loop9: detected capacity change from 0 to 512 [ 290.354906][ T1196] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem [ 290.382969][ T1196] EXT4-fs (loop9): invalid journal inode [ 290.401643][ T1196] EXT4-fs (loop9): can't get journal size [ 290.421841][ T1196] EXT4-fs (loop9): 1 truncate cleaned up [ 290.423259][ T1200] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 290.466128][ T29] audit: type=1326 audit(2000394037.858:2849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1202 comm="syz.1.13981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a41ae169 code=0x7ffc0000 [ 290.490470][ T29] audit: type=1326 audit(2000394037.868:2850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1202 comm="syz.1.13981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a41ae169 code=0x7ffc0000 [ 290.514163][ T1200] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 291.205551][ T1272] loop6: detected capacity change from 0 to 128 [ 291.222510][ T1272] ext4 filesystem being mounted at /193/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 291.499901][ T1313] loop6: detected capacity change from 0 to 1024 [ 291.522416][ T1315] netlink: 268 bytes leftover after parsing attributes in process `syz.9.14037'. [ 291.544178][ T1313] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 291.556592][ T1313] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 291.589833][ T1313] JBD2: no valid journal superblock found [ 291.597065][ T1313] EXT4-fs (loop6): Could not load journal inode [ 291.628981][ T1319] loop7: detected capacity change from 0 to 764 [ 291.668518][ T1311] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 291.704740][ T1311] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 291.749351][ T1329] loop6: detected capacity change from 0 to 2048 [ 291.814047][ T1329] loop6: p1 < > p3 [ 291.818531][ T1329] loop6: p3 size 134217728 extends beyond EOD, truncated [ 291.914042][ T1340] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5) [ 291.920580][ T1340] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 291.928207][ T1340] vhci_hcd vhci_hcd.0: Device attached [ 291.954575][ T1341] vhci_hcd: connection closed [ 291.954711][ T1843] vhci_hcd: stop threads [ 291.963738][ T1843] vhci_hcd: release socket [ 291.968164][ T1843] vhci_hcd: disconnect device [ 291.986739][ T1347] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14042'. [ 292.305800][ T1374] netlink: 156 bytes leftover after parsing attributes in process `syz.3.14055'. [ 292.315029][ T1374] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14055'. [ 292.340044][ T1378] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 292.504954][ T1398] usb usb8: usbfs: process 1398 (syz.9.14067) did not claim interface 0 before use [ 292.558160][ T1398] vhci_hcd: default hub control req: 010b v0000 i0000 l0 [ 292.700715][ T1426] loop6: detected capacity change from 0 to 512 [ 292.709464][ T1426] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 292.774592][ T1435] loop3: detected capacity change from 0 to 1024 [ 292.798407][ T1440] loop9: detected capacity change from 0 to 128 [ 292.829122][ T1445] veth0_macvtap: left promiscuous mode [ 292.848823][ T1445] macvtap0: refused to change device tx_queue_len [ 292.866546][ T1447] lo: left promiscuous mode [ 292.872508][ T1447] lo: left allmulticast mode [ 293.385668][ T1490] loop9: detected capacity change from 0 to 512 [ 293.422980][ T1490] EXT4-fs (loop9): too many log groups per flexible block group [ 293.430779][ T1490] EXT4-fs (loop9): failed to initialize mballoc (-12) [ 293.437706][ T1490] EXT4-fs (loop9): mount failed [ 293.486531][ T1503] netlink: 830 bytes leftover after parsing attributes in process `syz.1.14108'. [ 293.553637][ T1509] hub 2-0:1.0: USB hub found [ 293.558324][ T1509] hub 2-0:1.0: 8 ports detected [ 293.704793][ T1544] loop3: detected capacity change from 0 to 128 [ 293.719321][ T1544] ext4 filesystem being mounted at /1758/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 293.884479][ T1563] netlink: 28 bytes leftover after parsing attributes in process `syz.3.14131'. [ 293.940117][ T1569] netlink: 28 bytes leftover after parsing attributes in process `syz.3.14133'. [ 293.975401][ T1575] netlink: 60 bytes leftover after parsing attributes in process `syz.3.14137'. [ 293.998184][ T1577] loop7: detected capacity change from 0 to 1024 [ 294.124293][ T1592] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14144'. [ 294.183854][ T1602] loop7: detected capacity change from 0 to 1024 [ 294.199074][ T1609] netlink: 340 bytes leftover after parsing attributes in process `syz.9.14152'. [ 294.322108][ T1627] loop9: detected capacity change from 0 to 512 [ 294.334235][ T1627] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 294.355397][ T1627] ext4 filesystem being mounted at /1832/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 294.380343][ T1627] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.14157: bg 0: block 304: padding at end of block bitmap is not set [ 294.469396][ T1627] EXT4-fs (loop9): Remounting filesystem read-only [ 294.517669][ T1309] __quota_error: 38 callbacks suppressed [ 294.517685][ T1309] Quota error (device loop9): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync! [ 294.539128][ T1309] Quota error (device loop9): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync! [ 294.620180][ T1657] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14170'. [ 295.407601][ T1707] xt_CT: You must specify a L4 protocol and not use inversions on it [ 295.407709][ T1709] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14198'. [ 295.757902][ T1753] validate_nla: 22 callbacks suppressed [ 295.757918][ T1753] netlink: 'syz.1.14219': attribute type 1 has an invalid length. [ 295.829938][ T1759] blktrace: Concurrent blktraces are not allowed on sg0 [ 295.856910][ T29] audit: type=1400 audit(2000394043.278:2889): avc: denied { watch watch_reads } for pid=1761 comm="syz.9.14223" path="/1853/file0" dev="tmpfs" ino=9473 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 296.115792][ T29] audit: type=1400 audit(2000394043.538:2890): avc: denied { ioctl } for pid=1792 comm="syz.3.14236" path="socket:[105159]" dev="sockfs" ino=105159 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 296.142938][ T1793] netlink: 12 bytes leftover after parsing attributes in process `syz.3.14236'. [ 296.223263][ T29] audit: type=1326 audit(2000394043.648:2891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1799 comm="syz.3.14240" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f993664e169 code=0x0 [ 296.318610][ T29] audit: type=1326 audit(2000394043.738:2892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1809 comm="syz.9.14244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 296.343456][ T29] audit: type=1326 audit(2000394043.738:2893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1809 comm="syz.9.14244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 296.367002][ T29] audit: type=1326 audit(2000394043.738:2894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1809 comm="syz.9.14244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 296.392042][ T29] audit: type=1326 audit(2000394043.738:2895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1809 comm="syz.9.14244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 296.415598][ T29] audit: type=1326 audit(2000394043.738:2896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1809 comm="syz.9.14244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 296.927430][ T1860] loop9: detected capacity change from 0 to 2048 [ 296.971756][ T1860] EXT4-fs (loop9): failed to initialize system zone (-117) [ 296.979196][ T1860] EXT4-fs (loop9): mount failed [ 297.073598][ T1878] blktrace: Concurrent blktraces are not allowed on sg0 [ 297.084248][ T1880] loop3: detected capacity change from 0 to 256 [ 297.109821][ T1884] can0: slcan on ptm0. [ 297.121767][ T1880] FAT-fs (loop3): Directory bread(block 64) failed [ 297.137389][ T1880] FAT-fs (loop3): Directory bread(block 65) failed [ 297.144183][ T1880] FAT-fs (loop3): Directory bread(block 66) failed [ 297.150970][ T1880] FAT-fs (loop3): Directory bread(block 67) failed [ 297.157692][ T1880] FAT-fs (loop3): Directory bread(block 68) failed [ 297.166207][ T1880] FAT-fs (loop3): Directory bread(block 69) failed [ 297.167838][ T1882] can0 (unregistered): slcan off ptm0. [ 297.172792][ T1880] FAT-fs (loop3): Directory bread(block 70) failed [ 297.172811][ T1880] FAT-fs (loop3): Directory bread(block 71) failed [ 297.172837][ T1880] FAT-fs (loop3): Directory bread(block 72) failed [ 297.172855][ T1880] FAT-fs (loop3): Directory bread(block 73) failed [ 297.246689][ T1893] loop9: detected capacity change from 0 to 1024 [ 297.271811][ T1895] netlink: 216 bytes leftover after parsing attributes in process `syz.3.14282'. [ 297.480938][ T1914] loop6: detected capacity change from 0 to 2048 [ 297.493929][ T1918] SELinux: syz.1.14291 (1918) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 297.627131][ T1932] loop3: detected capacity change from 0 to 2048 [ 297.765826][ T1943] loop6: detected capacity change from 0 to 1024 [ 297.800624][ T1947] netlink: 'syz.9.14304': attribute type 4 has an invalid length. [ 297.822421][ T1943] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 297.836214][ T1943] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 297.878877][ T1943] EXT4-fs (loop6): orphan cleanup on readonly fs [ 297.925846][ T1943] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 297.951757][ T1943] EXT4-fs error (device loop6): ext4_dirty_inode:6103: inode #3: comm syz.6.14302: mark_inode_dirty error [ 297.974762][ T1943] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.14302: Invalid block bitmap block 3 in block_group 0 [ 298.031033][ T1943] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.14302: Invalid block bitmap block 3 in block_group 0 [ 298.053209][ T1943] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.14302: Invalid block bitmap block 3 in block_group 0 [ 298.090003][ T1943] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 298.123809][ T1943] EXT4-fs error (device loop6): ext4_dirty_inode:6103: inode #3: comm syz.6.14302: mark_inode_dirty error [ 298.172643][ T1943] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 1: comm syz.6.14302: lblock 6 mapped to illegal pblock 1 (length 1) [ 298.210803][ T1943] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 48: comm syz.6.14302: lblock 0 mapped to illegal pblock 48 (length 1) [ 298.241299][ T1943] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.14302: Failed to acquire dquot type 0 [ 298.262180][ T1967] loop9: detected capacity change from 0 to 2048 [ 298.273676][ T1943] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 49: comm syz.6.14302: lblock 1 mapped to illegal pblock 49 (length 1) [ 298.304519][ T1967] EXT4-fs: Ignoring removed i_version option [ 298.321311][ T1943] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.14302: Failed to acquire dquot type 0 [ 298.336893][ T1967] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem [ 298.346377][ T1943] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 298.364582][ T1943] EXT4-fs error (device loop6): ext4_evict_inode:259: inode #15: comm syz.6.14302: mark_inode_dirty error [ 298.379947][ T1943] EXT4-fs warning (device loop6): ext4_evict_inode:262: couldn't mark inode dirty (err -117) [ 298.404145][ T1943] EXT4-fs (loop6): 1 orphan inode deleted [ 298.505287][ T1977] loop6: detected capacity change from 0 to 512 [ 298.538896][ T1977] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 298.551495][ T1979] IPv6: NLM_F_CREATE should be specified when creating new route [ 298.626113][ T1977] EXT4-fs (loop6): 1 truncate cleaned up [ 298.635272][ T1977] EXT4-fs (loop6): shut down requested (2) [ 298.643325][ T1982] serio: Serial port ptm0 [ 298.649382][ T1977] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=16 [ 298.689542][ T1977] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=16 [ 298.737071][ T1977] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=16 [ 298.869047][ T1993] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 298.906149][ T1996] __nla_validate_parse: 2 callbacks suppressed [ 298.906167][ T1996] netlink: 28 bytes leftover after parsing attributes in process `syz.3.14326'. [ 299.015721][ T1996] netlink: 28 bytes leftover after parsing attributes in process `syz.3.14326'. [ 299.347456][ T2024] netlink: 12 bytes leftover after parsing attributes in process `syz.9.14338'. [ 299.460310][ T2040] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 299.513402][ T2047] netlink: 48 bytes leftover after parsing attributes in process `syz.1.14349'. [ 299.544258][ T2050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14350'. [ 299.679424][ T29] kauditd_printk_skb: 35 callbacks suppressed [ 299.679438][ T29] audit: type=1326 audit(2000394128.096:2926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2063 comm="syz.1.14357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a41ae169 code=0x7ffc0000 [ 299.742066][ T29] audit: type=1326 audit(2000394128.096:2927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2063 comm="syz.1.14357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a41ae169 code=0x7ffc0000 [ 299.765794][ T29] audit: type=1326 audit(2000394128.106:2928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2063 comm="syz.1.14357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fa5a41ae169 code=0x7ffc0000 [ 299.790448][ T29] audit: type=1326 audit(2000394128.106:2929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2063 comm="syz.1.14357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a41ae169 code=0x7ffc0000 [ 299.806914][ T2066] loop3: detected capacity change from 0 to 1024 [ 299.815128][ T29] audit: type=1326 audit(2000394128.106:2930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2063 comm="syz.1.14357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5a41ae169 code=0x7ffc0000 [ 299.846706][ T2066] EXT4-fs: Ignoring removed i_version option [ 299.882736][ T2070] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14360'. [ 299.912069][ T2066] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: inode #11: comm syz.3.14358: missing EA_INODE flag [ 299.912280][ T29] audit: type=1400 audit(2000394128.336:2931): avc: denied { link } for pid=2065 comm="syz.3.14358" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 299.947779][ T2066] EXT4-fs (loop3): Remounting filesystem read-only [ 300.104521][ T2092] loop3: detected capacity change from 0 to 1024 [ 300.133987][ T2092] EXT4-fs: Ignoring removed nomblk_io_submit option [ 300.148870][ T2092] EXT4-fs (loop3): stripe (4) is not aligned with cluster size (16), stripe is disabled [ 300.327399][ T2108] loop9: detected capacity change from 0 to 128 [ 300.350687][ T2108] ext4 filesystem being mounted at /1911/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 300.399911][ T29] audit: type=1400 audit(2000394128.806:2932): avc: denied { setattr } for pid=2107 comm="syz.9.14377" name="file1" dev="loop9" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 300.446951][ T2115] loop9: detected capacity change from 0 to 512 [ 300.496706][ T2115] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended [ 300.511502][ T2115] EXT4-fs (loop9): orphan cleanup on readonly fs [ 300.517899][ T2115] EXT4-fs error (device loop9): ext4_ext_check_inode:524: inode #3: comm syz.9.14378: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 300.542545][ T2115] EXT4-fs error (device loop9): ext4_quota_enable:7129: comm syz.9.14378: Bad quota inode: 3, type: 0 [ 300.577965][ T2115] EXT4-fs warning (device loop9): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 300.593341][ T2115] EXT4-fs (loop9): Cannot turn on quotas: error -117 [ 300.610219][ T2115] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.14378: bg 0: block 64: padding at end of block bitmap is not set [ 300.684123][ T2133] netlink: 20 bytes leftover after parsing attributes in process `syz.1.14387'. [ 300.706763][ T2135] loop9: detected capacity change from 0 to 1024 [ 300.731910][ T2135] EXT4-fs (loop9): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 300.777454][ T2135] EXT4-fs error (device loop9): ext4_xattr_inode_iget:437: inode #11: comm syz.9.14386: missing EA_INODE flag [ 300.778942][ T2148] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14393'. [ 300.814952][ T2135] EXT4-fs (loop9): Remounting filesystem read-only [ 300.891268][ T29] audit: type=1326 audit(2000394129.306:2933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2156 comm="syz.6.14398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 300.916735][ T29] audit: type=1326 audit(2000394129.306:2934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2156 comm="syz.6.14398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 300.942268][ T29] audit: type=1326 audit(2000394129.306:2935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2156 comm="syz.6.14398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 301.059724][ T2179] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14409'. [ 301.073576][ T2179] macsec0: entered promiscuous mode [ 301.112417][ T2184] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14411'. [ 301.332034][ T2209] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 301.338057][ T2209] syzkaller0: linktype set to 769 [ 301.427169][ T2216] loop9: detected capacity change from 0 to 512 [ 301.448405][ T2216] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 301.470901][ T2216] EXT4-fs (loop9): orphan cleanup on readonly fs [ 301.479872][ T2216] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.14426: bg 0: block 248: padding at end of block bitmap is not set [ 301.500714][ T2216] EXT4-fs error (device loop9): ext4_acquire_dquot:6935: comm syz.9.14426: Failed to acquire dquot type 1 [ 301.542801][ T2216] EXT4-fs (loop9): 1 truncate cleaned up [ 301.589209][ T2231] xt_hashlimit: max too large, truncated to 1048576 [ 302.188175][ T2293] netlink: 'syz.9.14457': attribute type 10 has an invalid length. [ 302.197200][ T2293] lo: entered promiscuous mode [ 302.203989][ T2293] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 302.469856][ T2322] block device autoloading is deprecated and will be removed. [ 302.490625][ T2322] syz.9.14470: attempt to access beyond end of device [ 302.490625][ T2322] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 302.692779][ T2338] loop9: detected capacity change from 0 to 2048 [ 302.734532][ T2340] loop6: detected capacity change from 0 to 1024 [ 302.762064][ T2340] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 302.782988][ T2338] EXT4-fs error (device loop9): ext4_search_dir:1476: inode #2: block 16: comm syz.9.14478: bad entry in directory: inode out of bounds - offset=44, inode=185, rec_len=16, size=2048 fake=0 [ 302.824679][ T2340] EXT4-fs error (device loop6): ext4_xattr_inode_iget:437: inode #11: comm syz.6.14480: missing EA_INODE flag [ 302.856063][ T2340] EXT4-fs (loop6): Remounting filesystem read-only [ 302.926744][ T2358] program syz.3.14484 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 303.113329][ T2388] syzkaller0: tun_chr_ioctl cmd 1074812118 [ 303.154538][ T2396] loop9: detected capacity change from 0 to 1024 [ 303.175497][ T2396] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 303.227574][ T2396] EXT4-fs (loop9): revision level too high, forcing read-only mode [ 303.242710][ T2403] xt_HMARK: proto mask must be zero with L3 mode [ 303.246862][ T2396] EXT4-fs (loop9): orphan cleanup on readonly fs [ 303.274741][ T2396] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 303.310323][ T2396] EXT4-fs error (device loop9): ext4_dirty_inode:6103: inode #3: comm syz.9.14501: mark_inode_dirty error [ 303.384232][ T2396] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:483: comm syz.9.14501: Invalid block bitmap block 3 in block_group 0 [ 303.427649][ T2396] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:483: comm syz.9.14501: Invalid block bitmap block 3 in block_group 0 [ 303.447398][ T2396] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:483: comm syz.9.14501: Invalid block bitmap block 3 in block_group 0 [ 303.480329][ T2396] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 303.495061][ T2396] EXT4-fs error (device loop9): ext4_dirty_inode:6103: inode #3: comm syz.9.14501: mark_inode_dirty error [ 303.508826][ T2396] EXT4-fs error (device loop9): ext4_map_blocks:675: inode #3: block 1: comm syz.9.14501: lblock 6 mapped to illegal pblock 1 (length 1) [ 303.526409][ T2428] netlink: 'syz.3.14519': attribute type 4 has an invalid length. [ 303.526433][ T2396] EXT4-fs error (device loop9): ext4_map_blocks:675: inode #3: block 48: comm syz.9.14501: lblock 0 mapped to illegal pblock 48 (length 1) [ 303.553105][ T2396] EXT4-fs error (device loop9): ext4_acquire_dquot:6935: comm syz.9.14501: Failed to acquire dquot type 0 [ 303.565986][ T2396] EXT4-fs error (device loop9): ext4_map_blocks:675: inode #3: block 49: comm syz.9.14501: lblock 1 mapped to illegal pblock 49 (length 1) [ 303.589760][ T2396] EXT4-fs error (device loop9): ext4_acquire_dquot:6935: comm syz.9.14501: Failed to acquire dquot type 0 [ 303.606194][ T2396] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 303.616629][ T2396] EXT4-fs error (device loop9): ext4_evict_inode:259: inode #15: comm syz.9.14501: mark_inode_dirty error [ 303.632783][ T2396] EXT4-fs warning (device loop9): ext4_evict_inode:262: couldn't mark inode dirty (err -117) [ 303.655816][ T2396] EXT4-fs (loop9): 1 orphan inode deleted [ 303.837659][ T2449] netdevsim netdevsim3 netdevsim2: Unsupported IPsec algorithm [ 303.937869][ T2462] loop9: detected capacity change from 0 to 512 [ 303.993461][ T2462] EXT4-fs error (device loop9): ext4_acquire_dquot:6935: comm syz.9.14534: Failed to acquire dquot type 1 [ 304.020768][ T2462] EXT4-fs (loop9): 1 truncate cleaned up [ 304.034595][ T2462] ext4 filesystem being mounted at /1948/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 304.136769][ T2468] loop3: detected capacity change from 0 to 1024 [ 304.193137][ T2471] loop9: detected capacity change from 0 to 512 [ 304.211585][ T2468] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 304.223670][ T2471] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended [ 304.232819][ T2471] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem [ 304.252568][ T2468] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 304.273568][ T2468] EXT4-fs (loop3): orphan cleanup on readonly fs [ 304.281973][ T2468] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 304.301902][ T2471] EXT4-fs (loop9): warning: checktime reached, running e2fsck is recommended [ 304.311527][ T2468] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #3: comm syz.3.14536: mark_inode_dirty error [ 304.330632][ T2471] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 304.338910][ T2468] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.14536: Invalid block bitmap block 3 in block_group 0 [ 304.355893][ T2471] System zones: 0-2, 18-18, 34-34 [ 304.373086][ T2471] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 304.418330][ T2468] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.14536: Invalid block bitmap block 3 in block_group 0 [ 304.444504][ T2475] loop6: detected capacity change from 0 to 256 [ 304.451241][ T2471] EXT4-fs (loop9): 1 truncate cleaned up [ 304.468986][ T2468] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.14536: Invalid block bitmap block 3 in block_group 0 [ 304.491352][ T2468] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 304.534548][ T2468] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #3: comm syz.3.14536: mark_inode_dirty error [ 304.572723][ T2475] FAT-fs (loop6): Directory bread(block 64) failed [ 304.579334][ T2468] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 1: comm syz.3.14536: lblock 6 mapped to illegal pblock 1 (length 1) [ 304.596057][ T2475] FAT-fs (loop6): Directory bread(block 65) failed [ 304.618784][ T2475] FAT-fs (loop6): Directory bread(block 66) failed [ 304.631818][ T2475] FAT-fs (loop6): Directory bread(block 67) failed [ 304.638395][ T2468] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 48: comm syz.3.14536: lblock 0 mapped to illegal pblock 48 (length 1) [ 304.661113][ T2475] FAT-fs (loop6): Directory bread(block 68) failed [ 304.677897][ T2475] FAT-fs (loop6): Directory bread(block 69) failed [ 304.685249][ T2475] FAT-fs (loop6): Directory bread(block 70) failed [ 304.693106][ T2468] __quota_error: 56 callbacks suppressed [ 304.693117][ T2468] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 304.707541][ T2468] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.14536: Failed to acquire dquot type 0 [ 304.720243][ T2475] FAT-fs (loop6): Directory bread(block 71) failed [ 304.727432][ T2475] FAT-fs (loop6): Directory bread(block 72) failed [ 304.734765][ T2475] FAT-fs (loop6): Directory bread(block 73) failed [ 304.741934][ T2468] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 49: comm syz.3.14536: lblock 1 mapped to illegal pblock 49 (length 1) [ 304.774067][ T2468] Quota error (device loop3): do_insert_tree: Can't read tree quota block 1 [ 304.783447][ T2468] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 304.794050][ T2468] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.14536: Failed to acquire dquot type 0 [ 304.819820][ T2468] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 304.832501][ T2468] EXT4-fs error (device loop3): ext4_evict_inode:259: inode #15: comm syz.3.14536: mark_inode_dirty error [ 304.906827][ T29] audit: type=1400 audit(2000394133.326:2979): avc: denied { mounton } for pid=2491 comm="syz.9.14547" path="/proc/4038/cgroup" dev="proc" ino=108232 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 304.940499][ T2468] EXT4-fs warning (device loop3): ext4_evict_inode:262: couldn't mark inode dirty (err -117) [ 304.962641][ T2468] EXT4-fs (loop3): 1 orphan inode deleted [ 305.120059][ T2509] netlink: 'syz.3.14555': attribute type 21 has an invalid length. [ 305.134147][ T29] audit: type=1326 audit(2000394133.556:2980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2510 comm="syz.6.14557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 305.159706][ T29] audit: type=1326 audit(2000394133.556:2981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2510 comm="syz.6.14557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 305.183271][ T29] audit: type=1326 audit(2000394133.556:2982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2510 comm="syz.6.14557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 305.208735][ T29] audit: type=1326 audit(2000394133.556:2983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2510 comm="syz.6.14557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 305.234170][ T29] audit: type=1326 audit(2000394133.556:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2510 comm="syz.6.14557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 305.268587][ T29] audit: type=1326 audit(2000394133.686:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2510 comm="syz.6.14557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a730ee169 code=0x7ffc0000 [ 305.883613][ T2542] 9pnet_fd: Insufficient options for proto=fd [ 306.088050][ T2558] loop9: detected capacity change from 0 to 512 [ 306.113982][ T2558] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended [ 306.138730][ T2558] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 3: comm syz.9.14572: path /1974/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 306.275081][ T2567] EXT4-fs error (device loop9): ext4_do_update_inode:5211: inode #2: comm syz.9.14572: corrupted inode contents [ 306.317472][ T2567] EXT4-fs error (device loop9): ext4_dirty_inode:6103: inode #2: comm syz.9.14572: mark_inode_dirty error [ 306.356784][ T2567] EXT4-fs error (device loop9): ext4_do_update_inode:5211: inode #2: comm syz.9.14572: corrupted inode contents [ 306.391859][ T2574] loop6: detected capacity change from 0 to 256 [ 306.409628][ T2574] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 306.424021][ T2558] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 12: comm syz.9.14572: path /1974/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 306.498934][ T2558] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 13: comm syz.9.14572: path /1974/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 306.523642][ T2558] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 14: comm syz.9.14572: path /1974/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 306.564002][ T2558] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 15: comm syz.9.14572: path /1974/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 306.587309][ T2558] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 16: comm syz.9.14572: path /1974/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 306.620102][ T2558] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 17: comm syz.9.14572: path /1974/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 306.780083][ T2594] loop3: detected capacity change from 0 to 128 [ 307.105843][ T2628] __nla_validate_parse: 3 callbacks suppressed [ 307.105856][ T2628] netlink: 16 bytes leftover after parsing attributes in process `syz.9.14604'. [ 307.386307][ T2658] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 307.392838][ T2658] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 307.402440][ T2658] vhci_hcd vhci_hcd.0: Device attached [ 307.452545][ T2659] vhci_hcd: connection closed [ 307.452675][ T158] vhci_hcd: stop threads [ 307.463509][ T158] vhci_hcd: release socket [ 307.467935][ T158] vhci_hcd: disconnect device [ 307.483514][ T2669] netlink: 'syz.9.14622': attribute type 1 has an invalid length. [ 307.544419][ T2675] loop9: detected capacity change from 0 to 256 [ 307.599395][ T2675] FAT-fs (loop9): Directory bread(block 64) failed [ 307.616801][ T2675] FAT-fs (loop9): Directory bread(block 65) failed [ 307.624755][ T2675] FAT-fs (loop9): Directory bread(block 66) failed [ 307.633623][ T2675] FAT-fs (loop9): Directory bread(block 67) failed [ 307.640303][ T2675] FAT-fs (loop9): Directory bread(block 68) failed [ 307.647349][ T2675] FAT-fs (loop9): Directory bread(block 69) failed [ 307.657728][ T2675] FAT-fs (loop9): Directory bread(block 70) failed [ 307.668428][ T2675] FAT-fs (loop9): Directory bread(block 71) failed [ 307.678288][ T2675] FAT-fs (loop9): Directory bread(block 72) failed [ 307.687041][ T2675] FAT-fs (loop9): Directory bread(block 73) failed [ 307.710505][ T2690] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14633'. [ 307.719469][ T2690] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14633'. [ 308.117242][ T2722] syz.9.14646: attempt to access beyond end of device [ 308.117242][ T2722] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 308.148430][ T2725] netlink: 4 bytes leftover after parsing attributes in process `syz.9.14647'. [ 308.158037][ T2725] netlink: 4 bytes leftover after parsing attributes in process `syz.9.14647'. [ 308.177152][ T2725] netlink: 4 bytes leftover after parsing attributes in process `syz.9.14647'. [ 308.203738][ T2725] netlink: 4 bytes leftover after parsing attributes in process `syz.9.14647'. [ 308.213453][ T2725] netlink: 4 bytes leftover after parsing attributes in process `syz.9.14647'. [ 308.250527][ T2725] netlink: 4 bytes leftover after parsing attributes in process `syz.9.14647'. [ 308.313187][ T2725] netlink: 4 bytes leftover after parsing attributes in process `syz.9.14647'. [ 308.382559][ T2738] netlink: 'syz.3.14652': attribute type 10 has an invalid length. [ 308.411242][ T2738] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.419982][ T2738] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.428766][ T2738] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.439433][ T2738] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.451845][ T2738] team0: Port device geneve1 added [ 308.577283][ T2758] loop3: detected capacity change from 0 to 128 [ 308.598482][ T2758] EXT4-fs: Ignoring removed oldalloc option [ 308.604476][ T2758] EXT4-fs: Ignoring removed nobh option [ 308.635229][ T2762] loop9: detected capacity change from 0 to 1764 [ 308.647090][ T2758] EXT4-fs mount: 54 callbacks suppressed [ 308.647105][ T2758] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 308.673321][ T2758] ext4 filesystem being mounted at /1868/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 308.713540][ T2758] EXT4-fs warning (device loop3): ext4_group_extend:1862: can't shrink FS - resize aborted [ 308.724572][ T2768] loop6: detected capacity change from 0 to 8192 [ 308.751806][T15333] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 308.780838][ T2768] loop6: p1 p3 p4 [ 308.784655][ T2768] loop6: p1 size 3506438656 extends beyond EOD, truncated [ 308.800860][ T2768] loop6: p3 start 218103808 is beyond EOD, truncated [ 308.807565][ T2768] loop6: p4 size 50331648 extends beyond EOD, truncated [ 309.140028][ T2802] loop3: detected capacity change from 0 to 1024 [ 309.171734][ T2802] EXT4-fs: Ignoring removed nomblk_io_submit option [ 309.204300][ T2802] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 309.232172][ T2802] EXT4-fs (loop3): shut down requested (0) [ 309.239352][ T2802] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 309.258999][ T2802] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 309.299407][ T2802] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=12 [ 309.377859][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.438118][ T10] kernel write not supported for file /input/event2 (pid: 10 comm: kworker/0:1) [ 310.085948][ T29] kauditd_printk_skb: 56 callbacks suppressed [ 310.085963][ T29] audit: type=1326 audit(2000394138.506:3042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.9.14668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fdace169 code=0x7ffc0000 [ 310.132411][ T29] audit: type=1326 audit(2000394138.536:3043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.9.14668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fda6a359 code=0x7ffc0000 [ 310.157073][ T29] audit: type=1326 audit(2000394138.536:3044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.9.14668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fda6a359 code=0x7ffc0000 [ 310.181713][ T29] audit: type=1326 audit(2000394138.536:3045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.9.14668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fda6a359 code=0x7ffc0000 [ 310.205271][ T29] audit: type=1326 audit(2000394138.536:3046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.9.14668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fda6a359 code=0x7ffc0000 [ 310.230028][ T29] audit: type=1326 audit(2000394138.536:3047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.9.14668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fda6a359 code=0x7ffc0000 [ 310.254718][ T29] audit: type=1326 audit(2000394138.536:3048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.9.14668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fda6a359 code=0x7ffc0000 [ 310.278299][ T29] audit: type=1326 audit(2000394138.536:3049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.9.14668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fda6a359 code=0x7ffc0000 [ 310.303398][ T29] audit: type=1326 audit(2000394138.536:3050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.9.14668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fda6a359 code=0x7ffc0000 [ 310.326944][ T29] audit: type=1326 audit(2000394138.536:3051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.9.14668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fda6a359 code=0x7ffc0000 [ 310.393601][ T2855] chnl_net:caif_netlink_parms(): no params data found [ 310.420230][ T2894] program syz.6.14723 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 310.437743][ T2892] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0 [ 310.447897][ T2892] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0 [ 310.456801][ T2892] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0 [ 310.465708][ T2892] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0 [ 310.476108][ T2892] geneve2: entered promiscuous mode [ 310.481399][ T2892] geneve2: entered allmulticast mode [ 310.520910][ T2900] macsec1: entered promiscuous mode [ 310.560749][ T2855] bridge0: port 1(bridge_slave_0) entered blocking state [ 310.568037][ T2855] bridge0: port 1(bridge_slave_0) entered disabled state [ 310.577038][ T2855] bridge_slave_0: entered allmulticast mode [ 310.583726][ T2855] bridge_slave_0: entered promiscuous mode [ 310.590853][ T2855] bridge0: port 2(bridge_slave_1) entered blocking state [ 310.597894][ T2855] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.606553][ T2855] bridge_slave_1: entered allmulticast mode [ 310.622405][ T2855] bridge_slave_1: entered promiscuous mode [ 310.671565][ T2855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 310.704625][ T2855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 310.769442][ T2855] team0: Port device team_slave_0 added [ 310.782818][ T2855] team0: Port device team_slave_1 added [ 310.820968][ T2855] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 310.827954][ T2855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 310.855804][ T2855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 310.889501][ T2855] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 310.897072][ T2855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 310.925005][ T2855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 311.074814][ T2855] hsr_slave_0: entered promiscuous mode [ 311.085416][ T2855] hsr_slave_1: entered promiscuous mode [ 311.095829][ T2855] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 311.103543][ T2855] Cannot create hsr debugfs directory [ 311.116115][ T2961] loop6: detected capacity change from 0 to 136 [ 311.177623][ T2974] 9pnet_fd: Insufficient options for proto=fd [ 311.199772][ T2978] loop6: detected capacity change from 0 to 2048 [ 311.210396][ T2978] ext4: Unknown parameter 'noacl' [ 311.235023][ T2982] loop3: detected capacity change from 0 to 512 [ 311.243662][ T2985] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 311.253385][ T2985] vhci_hcd: default hub control req: 2314 v0008 i0002 l0 [ 311.258206][ T2982] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.14762: bg 0: block 131: padding at end of block bitmap is not set [ 311.276230][ T2982] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 311.287015][ T2982] EXT4-fs (loop3): 1 truncate cleaned up [ 311.293142][ T2982] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 311.312105][ T2855] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.352976][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.386917][ T2996] ip6gretap0: entered promiscuous mode [ 311.398036][ T2855] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.464390][ T2855] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.475492][ T3010] loop3: detected capacity change from 0 to 1024 [ 311.515686][ T3010] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 311.535604][ T3022] loop6: detected capacity change from 0 to 1024 [ 311.539386][ T3010] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 311.543169][ T3022] EXT4-fs: Ignoring removed bh option [ 311.565174][ T2855] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.576362][ T3010] EXT4-fs (loop3): Remounting filesystem read-only [ 311.593640][ T3022] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 311.618634][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.663544][ T3035] loop9: detected capacity change from 0 to 1024 [ 311.671592][ T3037] netlink: 'syz.3.14782': attribute type 21 has an invalid length. [ 311.682229][ T3022] EXT4-fs error (device loop6): __ext4_remount:6738: comm syz.6.14778: Abort forced by user [ 311.684724][ T3035] EXT4-fs: Ignoring removed bh option [ 311.703079][ T3022] EXT4-fs (loop6): Remounting filesystem read-only [ 311.709622][ T3022] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 311.718436][ T3035] EXT4-fs: inline encryption not supported [ 311.718466][ T3035] EXT4-fs: inline encryption not supported [ 311.718783][ T3035] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 311.720045][ T3035] EXT4-fs error (device loop9): ext4_map_blocks:709: inode #3: block 1: comm syz.9.14784: lblock 1 mapped to illegal pblock 1 (length 1) [ 311.763901][ T3035] EXT4-fs error (device loop9): ext4_acquire_dquot:6935: comm syz.9.14784: Failed to acquire dquot type 0 [ 311.776664][ T3035] EXT4-fs error (device loop9): ext4_free_blocks:6587: comm syz.9.14784: Freeing blocks not in datazone - block = 0, count = 4096 [ 311.778155][ T2855] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 311.794499][ T3035] EXT4-fs error (device loop9): ext4_read_inode_bitmap:139: comm syz.9.14784: Invalid inode bitmap blk 0 in block_group 0 [ 311.814097][ T41] EXT4-fs error (device loop9): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 311.829768][ T41] EXT4-fs error (device loop9): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 0 [ 311.846092][ T3035] EXT4-fs error (device loop9) in ext4_free_inode:361: Corrupt filesystem [ 311.849354][ T2855] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 311.867619][ T2855] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 311.876416][ T3035] EXT4-fs (loop9): 1 orphan inode deleted [ 311.889345][ T2855] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 311.896551][T31509] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.896821][ T3035] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 311.962749][ T3062] loop3: detected capacity change from 0 to 512 [ 312.003811][ T3035] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.004169][ T3062] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.14794: bg 0: block 393: padding at end of block bitmap is not set [ 312.015246][ T2855] 8021q: adding VLAN 0 to HW filter on device bond0 [ 312.052132][ T2855] 8021q: adding VLAN 0 to HW filter on device team0 [ 312.058933][ T3062] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 312.073125][ T158] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.080173][ T158] bridge0: port 1(bridge_slave_0) entered forwarding state [ 312.092949][ T3062] EXT4-fs (loop3): 2 truncates cleaned up [ 312.119747][ T158] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.126842][ T158] bridge0: port 2(bridge_slave_1) entered forwarding state [ 312.144540][ T3062] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 312.205314][ T2855] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 312.263474][ T3062] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.329315][ T2855] veth0_vlan: entered promiscuous mode [ 312.343743][ T2855] veth1_vlan: entered promiscuous mode [ 312.357040][ T3091] 9pnet: Could not find request transport: f [ 312.379051][ T2855] veth0_macvtap: entered promiscuous mode [ 312.397742][ T2855] veth1_macvtap: entered promiscuous mode [ 312.424933][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 312.435535][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.446641][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 312.457114][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.467090][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 312.478822][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.488703][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 312.499137][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.510138][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 312.520624][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.530469][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 312.542368][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.561171][ T2855] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 312.572808][ T3104] syzkaller0: tun_chr_ioctl cmd 1074025675 [ 312.578777][ T3104] syzkaller0: persist disabled [ 312.588257][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 312.598808][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.608771][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 312.620528][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.630343][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 312.641435][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.651934][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 312.662380][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.672913][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 312.683910][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.693854][ T2855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 312.704874][ T2855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.736141][ T2855] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 312.749306][ T2855] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.758122][ T2855] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.766873][ T2855] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.777108][ T2855] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.909103][ T3121] syz.3.14815: attempt to access beyond end of device [ 312.909103][ T3121] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 313.008285][ T3139] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 313.017271][ T3139] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 313.027927][ T3139] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 313.036757][ T3139] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 313.058164][ T3142] loop3: detected capacity change from 0 to 512 [ 313.076186][ T3142] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 313.107790][ T3142] EXT4-fs (loop3): 1 truncate cleaned up [ 313.121011][ T3142] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 313.185037][T15333] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.246165][ T3158] xt_CT: You must specify a L4 protocol and not use inversions on it [ 313.263570][ T3160] loop0: detected capacity change from 0 to 256 [ 313.587550][ T3188] __nla_validate_parse: 13 callbacks suppressed [ 313.587564][ T3188] netlink: 56 bytes leftover after parsing attributes in process `syz.3.14841'. [ 313.664141][ T3200] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14847'. [ 313.675095][ T3202] SELinux: Context system_u:object_r:tzdata_exec_t:s0 is not valid (left unmapped). [ 313.677435][ T3200] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 313.748770][ T3213] loop9: detected capacity change from 0 to 7 [ 313.757690][ T3213] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.766626][ T3213] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.775941][ T3213] loop9: unable to read partition table [ 313.785207][ T3213] loop_reread_partitions: partition scan of loop9 (被xڬdƤݡ [ 313.785207][ T3213] U) failed (rc=-5) [ 313.836587][ T3222] netlink: 'syz.3.14857': attribute type 10 has an invalid length. [ 313.844803][ T3222] netlink: 40 bytes leftover after parsing attributes in process `syz.3.14857'. [ 313.856174][ T3222] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 313.866429][ T3222] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 313.875520][ T3222] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 313.884532][ T3222] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 314.091735][ T3249] loop3: detected capacity change from 0 to 128 [ 314.099839][ T3249] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 314.113754][ T3249] ext4 filesystem being mounted at /1936/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 314.180991][T15333] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 314.199118][ C0] ================================================================== [ 314.207181][ C0] BUG: KCSAN: data-race in do_sys_poll / pollwake [ 314.213576][ C0] [ 314.215880][ C0] read to 0xffffc90005c53bd0 of 4 bytes by task 3182 on cpu 1: [ 314.223400][ C0] do_sys_poll+0x9f1/0xc80 [ 314.227787][ C0] __se_sys_ppoll+0x1b5/0x1f0 [ 314.232446][ C0] __x64_sys_ppoll+0x67/0x80 [ 314.237014][ C0] x64_sys_call+0x2c89/0x2e10 [ 314.241666][ C0] do_syscall_64+0xc9/0x1c0 [ 314.246167][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.252034][ C0] [ 314.254331][ C0] write to 0xffffc90005c53bd0 of 4 bytes by interrupt on cpu 0: [ 314.261936][ C0] pollwake+0xc1/0x110 [ 314.265984][ C0] __wake_up+0x65/0xb0 [ 314.270035][ C0] bpf_ringbuf_notify+0x22/0x30 [ 314.274863][ C0] irq_work_run+0xe1/0x2d0 [ 314.279275][ C0] __sysvec_irq_work+0x23/0x1a0 [ 314.284107][ C0] sysvec_irq_work+0x66/0x80 [ 314.288672][ C0] asm_sysvec_irq_work+0x1a/0x20 [ 314.293590][ C0] default_send_IPI_self+0x38/0x80 [ 314.298689][ C0] arch_irq_work_raise+0x48/0x50 [ 314.303623][ C0] __irq_work_queue_local+0x82/0x1d0 [ 314.308885][ C0] irq_work_queue+0x85/0x120 [ 314.313453][ C0] bpf_ringbuf_discard+0xcd/0xf0 [ 314.318370][ C0] bpf_prog_fe0ed97373b08409+0x47/0x4b [ 314.323812][ C0] bpf_trace_run3+0x10e/0x1d0 [ 314.328500][ C0] kmem_cache_free+0x243/0x2e0 [ 314.333250][ C0] __kfree_skb+0x102/0x150 [ 314.337650][ C0] consume_skb+0x49/0x160 [ 314.341964][ C0] netlink_broadcast_filtered+0xaea/0xbf0 [ 314.347664][ C0] xfrm_send_state_notify+0xd43/0xf90 [ 314.353016][ C0] km_state_notify+0x5f/0xa0 [ 314.357584][ C0] xfrm_add_sa+0x2562/0x2640 [ 314.362153][ C0] xfrm_user_rcv_msg+0x59d/0x6a0 [ 314.367081][ C0] netlink_rcv_skb+0x12f/0x230 [ 314.371820][ C0] xfrm_netlink_rcv+0x47/0x60 [ 314.376476][ C0] netlink_unicast+0x605/0x6c0 [ 314.381219][ C0] netlink_sendmsg+0x609/0x720 [ 314.385959][ C0] __sock_sendmsg+0x140/0x180 [ 314.390608][ C0] ____sys_sendmsg+0x350/0x4e0 [ 314.395354][ C0] __sys_sendmsg+0x1a0/0x240 [ 314.399922][ C0] __x64_sys_sendmsg+0x46/0x50 [ 314.404688][ C0] x64_sys_call+0x26f3/0x2e10 [ 314.409344][ C0] do_syscall_64+0xc9/0x1c0 [ 314.413833][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.419699][ C0] [ 314.421998][ C0] value changed: 0x00000001 -> 0x00000000 [ 314.427707][ C0] [ 314.430007][ C0] Reported by Kernel Concurrency Sanitizer on: [ 314.436149][ C0] CPU: 0 UID: 0 PID: 3255 Comm: syz.3.14872 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(voluntary) [ 314.448623][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 314.458654][ C0] ==================================================================