last executing test programs: 28.999963678s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xc}, 0x48) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_journal_start\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) unlink(&(0x7f0000000140)='./cgroup\x00') 5.209505434s ago: executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) ioctl$sock_inet_SIOCGIFPFLAGS(r2, 0x8935, 0x0) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x2, r1}) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) 4.671354496s ago: executing program 2: sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) gettid() syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001080), 0x1, 0x4e2, &(0x7f0000000b80)="$eJzs3c9vG1kdAPDvTOImm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7ZkLhRFDuOYmdpQiXS/wGJSpzgT+CAxAGpJ+7c4MalHJAKVKAGiYPRjCdpSOMkbRMb7M9HGs28eeP5vldr3nO/SfwCGFlXI2IvIq5ExMcRMVOcT4ot3u9u2XWPH91Z3n90ZzmJTuejvyV5fXYujrwm83Jxz8mI+N63I36YPB23tbO7vlSv17aKcqXd2Ky0dnZvrDWWVmurtY1qdWF+Ye7dm+9UL6yvbzR+9fBbax98/7e/+eKD3+9948dZs6aLuqP9uEjdrpcO42TGI+KDywg2AGNFf64MuiE8lzQiPhURb+bP/0yM5e/m+ZzwWAMA/wc6nZnozBwtAwDDLs1zYElaLnIB05Gm5XI3h/d6TKX1Zqt9/VZze2OlmyubjVJ6a61emytyhbNRSrLyfH78pFw9Vr4ZEa9FxE8nXsrL5eXz5xkAgIv18rH5/58T3fkfABhyk2ddsNifdgAA/XPm/A8ADB3zPwCMHvM/AIwe8z8AjB7zPwCMnmL+Hxt0OwCAvvjuhx9mW2e/+P7rlU92ttebn9xYqbXWy43t5fJyc2uzvNpsrtZr5eVm46z71ZvNzfm3Y/t2pV1rtSutnd3FRnN7o72Yf6/3Yq3Ul14BAKd57Y37f0wiYu+9l/ItjqzlYK6G4ZYOugHAwMj5w+jyLdwwuvwfHzhrLc+evyJ87zmCdX7yHC8CLtq1z8n/w6iS/4fRJf8Po0v+H0ZXp5P0WvM/PbwEABgqcvxAX3/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAENiOt+StFysBT4daVouR7wSEbNRSm6t1WtzEfFqRPxhojSRlecH3WgA4AWlf0mK9b+uzbw1fbz2SvKviXwfET/6+Uc/u73Ubm/NZ+f/fni+fa84Xx1E+wGAsxzM0wfz+IHHj+4sH2z9bM/Db3YXF83i7hdbt2Y8xvP9ZJQiYuofSVHuyj6vjF1A/L27EfHZk/qf5LmR2WLl0+Pxs9iv9DV++l/x07yuu8/+LT79DDHPWusVRsX9bPx5/6TnL42r+X7yxMWPJ/MR6sUdjH/7T41/6eH4N9Zj/Lt63hhv/+47PevuRnx+/KT4yWH8pEf8t84Z/09f+NKbveo6v4i4FifHPxqr0m5sVlo7uzfWGkurtdXaRrW6ML8w9+7Nd6qVPEddOchUP+2v711/9bT+T/WIP3lG/796aq87EwdHv/z3xz/48inxv/6Vk9//10+Jn82JXzs1/hNLU7/uuXx3Fn+l2/+7z/r+Xz9n/Ad/3l0556UAQB+0dnbXl+r12taFHpTigm945CC5pDY7GPKD7PP4i97nM0XK7H+gO5d9MOiRCbhsTx76QbcEAAAAAAAAAAAAAADo5dL/nCgddA8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZv8JAAD//wqryik=") r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000005c0)) creat(&(0x7f00000000c0)='./bus\x00', 0x0) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) write$binfmt_script(r2, &(0x7f0000000300)={'#! ', './file0'}, 0xb) lseek(r2, 0x10004e9, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x8400fffffffa) 3.627590055s ago: executing program 0: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000f40), 0x1a1082, 0x0) writev(r0, &(0x7f00000023c0)=[{&(0x7f0000000f80)="e2", 0x1}], 0x1) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xfffffffffffffffe) add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f00000000c0)={0x0, "ecc370e8806af2ff105fb4a2cc28211d9e09e43c63e48a6ee2c57286790d7d3a1b96ac1007848b2a4114cf258df5792da90e59da723285404e2189775f3df5ca", 0x2c}, 0x48, r1) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000002000)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) preadv(r2, &(0x7f0000001880)=[{&(0x7f000001aa80)=""/102395, 0x7ffff000}], 0x1, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) 3.525555931s ago: executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x360, 0x0, 0x4c, 0x1a, 0x0, 0x73, 0x290, 0x258, 0x258, 0x290, 0x258, 0x3, 0x0, {[{{@uncond, 0x0, 0x118, 0x160, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x20000000, 0x2, 0x0, 0x7}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 'bridge_slave_1\x00'}}}, {{@uncond, 0x0, 0xf8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@icmp6={{0x28}, {0x0, "e1f6"}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0) 2.973494025s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [], {{0x4, 0x1, 0x9, 0x8}, {0x6, 0x0, 0xc, 0x8, 0x0, 0x0, 0xffffffff}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 2.910184215s ago: executing program 2: r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x14, 0xf, &(0x7f0000000000)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x6}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xd00}, {0x85, 0x0, 0x0, 0x4d}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0xa}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 2.762127078s ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES64, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) 1.694200321s ago: executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0xc018aec0, &(0x7f00000000c0)={0x0, 0x2, 0x0, 0x20000000, &(0x7f0000001000/0x1000)=nil}) 1.672532694s ago: executing program 2: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) setpgid(0x0, r1) ioprio_set$pid(0x2, 0x0, 0x0) 1.657940527s ago: executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r3, @ANYBLOB="00000016010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0xe403, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_FLAGS={0x6}]}}}]}, 0x38}}, 0x0) 1.639773679s ago: executing program 2: sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) gettid() syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001080), 0x1, 0x4e2, &(0x7f0000000b80)="$eJzs3c9vG1kdAPDvTOImm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7ZkLhRFDuOYmdpQiXS/wGJSpzgT+CAxAGpJ+7c4MalHJAKVKAGiYPRjCdpSOMkbRMb7M9HGs28eeP5vldr3nO/SfwCGFlXI2IvIq5ExMcRMVOcT4ot3u9u2XWPH91Z3n90ZzmJTuejvyV5fXYujrwm83Jxz8mI+N63I36YPB23tbO7vlSv17aKcqXd2Ky0dnZvrDWWVmurtY1qdWF+Ye7dm+9UL6yvbzR+9fBbax98/7e/+eKD3+9948dZs6aLuqP9uEjdrpcO42TGI+KDywg2AGNFf64MuiE8lzQiPhURb+bP/0yM5e/m+ZzwWAMA/wc6nZnozBwtAwDDLs1zYElaLnIB05Gm5XI3h/d6TKX1Zqt9/VZze2OlmyubjVJ6a61emytyhbNRSrLyfH78pFw9Vr4ZEa9FxE8nXsrL5eXz5xkAgIv18rH5/58T3fkfABhyk2ddsNifdgAA/XPm/A8ADB3zPwCMHvM/AIwe8z8AjB7zPwCMnmL+Hxt0OwCAvvjuhx9mW2e/+P7rlU92ttebn9xYqbXWy43t5fJyc2uzvNpsrtZr5eVm46z71ZvNzfm3Y/t2pV1rtSutnd3FRnN7o72Yf6/3Yq3Ul14BAKd57Y37f0wiYu+9l/ItjqzlYK6G4ZYOugHAwMj5w+jyLdwwuvwfHzhrLc+evyJ87zmCdX7yHC8CLtq1z8n/w6iS/4fRJf8Po0v+H0ZXp5P0WvM/PbwEABgqcvxAX3/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAENiOt+StFysBT4daVouR7wSEbNRSm6t1WtzEfFqRPxhojSRlecH3WgA4AWlf0mK9b+uzbw1fbz2SvKviXwfET/6+Uc/u73Ubm/NZ+f/fni+fa84Xx1E+wGAsxzM0wfz+IHHj+4sH2z9bM/Db3YXF83i7hdbt2Y8xvP9ZJQiYuofSVHuyj6vjF1A/L27EfHZk/qf5LmR2WLl0+Pxs9iv9DV++l/x07yuu8/+LT79DDHPWusVRsX9bPx5/6TnL42r+X7yxMWPJ/MR6sUdjH/7T41/6eH4N9Zj/Lt63hhv/+47PevuRnx+/KT4yWH8pEf8t84Z/09f+NKbveo6v4i4FifHPxqr0m5sVlo7uzfWGkurtdXaRrW6ML8w9+7Nd6qVPEddOchUP+2v711/9bT+T/WIP3lG/796aq87EwdHv/z3xz/48inxv/6Vk9//10+Jn82JXzs1/hNLU7/uuXx3Fn+l2/+7z/r+Xz9n/Ad/3l0556UAQB+0dnbXl+r12taFHpTigm945CC5pDY7GPKD7PP4i97nM0XK7H+gO5d9MOiRCbhsTx76QbcEAAAAAAAAAAAAAADo5dL/nCgddA8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZv8JAAD//wqryik=") r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000005c0)) creat(&(0x7f00000000c0)='./bus\x00', 0x0) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) write$binfmt_script(r2, &(0x7f0000000300)={'#! ', './file0'}, 0xb) lseek(r2, 0x10004e9, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x8400fffffffa) 1.63575227s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [], {{0x4, 0x1, 0x9, 0x8}, {0x6, 0x0, 0xc, 0x8, 0x0, 0x0, 0xffffffff}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.587049647s ago: executing program 1: pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x4800) read$FUSE(r0, &(0x7f0000005040)={0x2020}, 0x2020) 1.535702085s ago: executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x28011, r0, 0x0) ftruncate(r0, 0xc17a) r1 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$bt_BT_SECURITY(r1, 0x10e, 0x9, 0x0, 0x20000000) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x2) ioctl$TCFLSH(r2, 0x40087101, 0x20001100) 1.482043743s ago: executing program 1: r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180)) ioctl$UFFDIO_CONTINUE(r0, 0x8010aa01, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000200000d7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0xf3e, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x26e1, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_GETMOUSEREPORTING(r7, 0x5414, &(0x7f00000000c0)=0x13) 1.474207415s ago: executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) ioctl$sock_inet_SIOCGIFPFLAGS(r2, 0x8935, 0x0) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x2, r1}) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) 401.598309ms ago: executing program 3: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$ARCH_SET_GS(0x4207, r1, 0x0, 0x1001) ptrace$getenv(0x4201, r1, 0x1f, &(0x7f0000000080)) 385.629151ms ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES64, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) 355.886135ms ago: executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x360, 0x0, 0x4c, 0x1a, 0x0, 0x73, 0x290, 0x258, 0x258, 0x290, 0x258, 0x3, 0x0, {[{{@uncond, 0x0, 0x118, 0x160, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x20000000, 0x2, 0x0, 0x7}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 'bridge_slave_1\x00'}}}, {{@uncond, 0x0, 0xf8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@icmp6={{0x28}, {0x0, "e1f6"}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0) 310.613413ms ago: executing program 1: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000f40), 0x1a1082, 0x0) writev(r0, &(0x7f00000023c0)=[{&(0x7f0000000f80)="e2", 0x1}], 0x1) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xfffffffffffffffe) add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f00000000c0)={0x0, "ecc370e8806af2ff105fb4a2cc28211d9e09e43c63e48a6ee2c57286790d7d3a1b96ac1007848b2a4114cf258df5792da90e59da723285404e2189775f3df5ca", 0x2c}, 0x48, r1) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000002000)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) preadv(r2, &(0x7f0000001880)=[{&(0x7f000001aa80)=""/102395, 0x7ffff000}], 0x1, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) 237.573273ms ago: executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000000)=0x39, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) 226.838625ms ago: executing program 3: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) setpgid(0x0, r1) ioprio_set$pid(0x2, 0x0, 0x0) 207.413958ms ago: executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0xc018aec0, &(0x7f00000000c0)={0x0, 0x2, 0x0, 0x20000000, &(0x7f0000001000/0x1000)=nil}) 194.88693ms ago: executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000a1b7"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x2000) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000069000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r2, 0xe0, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000740)=[0x0], 0x0, 0x90, &(0x7f0000000780)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000007c0), &(0x7f0000000800), 0x8, 0xa, 0x8, 0x8, &(0x7f0000000840)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x6, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x6a, &(0x7f00000006c0)=""/106, 0x100, 0x21, '\x00', r4, 0x1f, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000940)={0x2, 0x0, 0x9, 0x5}, 0x10, 0xffffffffffffffff, r2, 0x7, 0x0, &(0x7f0000000c00)=[{0x4, 0x1, 0x5, 0x5}, {0x5, 0x2, 0x5}, {0x5, 0x5, 0x2, 0xa}, {0x3, 0x4}, {0x3, 0x3, 0x2}, {0x3, 0x4, 0x2}, {0x0, 0x3, 0x80000001, 0xb}], 0x10, 0x4}, 0x90) openat$cgroup_ro(r0, &(0x7f0000000080)='pids.events\x00', 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x3, 0x20008, 0x8}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x15, &(0x7f0000000180)={{r5}, &(0x7f0000000040), 0x0}, 0x20) openat$cgroup_type(r0, &(0x7f0000000000), 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000980), 0x12) 188.992941ms ago: executing program 0: syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x548, &(0x7f0000000fc0)="$eJzs3c+PG1cdAPDvzP5smnYT6AEqIAEKAUWxs04bVb00uYBQVQlRcUAc0mXXWS2x4xB7S3dZie3fABJInOBP4IDEAaknDtw4InFASOWAFGAFyiKBZDTj2Y27axMTe22y/nykycybNzPf9+KM3/OzMy+AqXUxInYjYj4i3o6IpWJ/Uixxo7Nkxz3c21nd39tZTaLdfuuvSZ6f7YuuczLPFtdcjIivfTniW8nxuM2t7TsrtVr1fpEut+r3ys2t7Ssb9ZX16nr1bqVyffn61VevvVIZWV0v1H/+4Esbb3z9V7/85Ae/3f3i97JinS3yuusxSp2qzx3GycxGxBsnEWwCZor1fHvCBeGJpBHxkYj4TH7/L8VM/q8TADjN2u2laC91pwGA0y7Nx8CStBQRaVp0AkqdMbwX4kxaazRbl283Nu+udcbKzsVcenujVr16fuH338kPnkuy9HKel+fn6cqR9LWIOB8RP1x4Jk+XVhu1tcl0eQBg6j3b3f5HxD8W0rRUGujUHt/qAQBPjcVJFwAAGDvtPwBMH+0/AEyfAdr/4sv+3RMvCwAwHj7/A8D00f4DwPTR/gPAVPnqm29mS3u/eP712jtbm3ca71xZqzbvlOqbq6XVxv17pfVGYz1/Zk/9cderNRr3ll+OzXfLrWqzVW5ubd+qNzbvtm7lz/W+VZ0bS60AgP/m/IX3f5dExO5rz+RLFHOBRD5rBXCapZMuADAxM8OcrIMATzWzfcH0GqgJzzsJvznxsgCT0fNh3os9Nz/sx/9DEL8zgv8rlz4++Pj//NhLB5wk4/8wvZ5s/P/1kZcDGD/j/zC92u3k6Jz/84dZAMCpNMRP+NrfH1UnBJiox03mPZLv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCUORsR344kLeVzgafZn2mpFPFcRJyLueT2Rq16NSKejwsRMbeQpZcnXWgAYEjpn5Ni/q9LSy+dPZo7n/xzIV9HxHd/8taP3l1pte4vZ/v/drh/4WD6sMqj84aYVxAAGLG8/a4U664P8g/3dlYPlnGW58HN+HcxFfHq/t5OvnRyZiPbGbGY9yXO/D2J2eKcxYh4MSJmRhB/972I+Fiv+if52Mi5YubT7vhRxH5urPHTD8VP87zOOut8fXQEZYFp8/7NiLjR6/5L42K+7n3/L+bvUMN7cLNzsYP3vv2u+LNFpJke8bN7/uKgMV7+9VeO7WwvdfLei3hxtlf85DB+0if+SwPG/8MnPvWD1/vktX8acSl6x++OVW7V75WbW9tXNuor69X16t1K5fry9auvXnulUs7HqMsHI9XH/eW1y8/3K1tW/zN94i/2rP/84bmfG7D+P/vX29/89KPkwtH4X/hs79f/hZ7xO7I28fPHQ93oFX/lzC/6Tt+dxV/rU//Hvf6X+9Y42e1OffCn7bW+hwIAY9fc2r6zUqtV7w+1kX0KHcV1jm1kRRzs4IPu4nBB/xgnUYsn3Jg7qb/VE9+YPewrjvbK38iuOObqpCOvxVAbD8cVa3LvScB4PLrpJ10SAAAAAAAAAAAAAACgn3H816VJ1xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDT6z8BAAD//5WHzqg=") syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x28011, r0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000013000/0x18000)=nil, &(0x7f0000000540)=[@text16={0x10, &(0x7f0000000440)="660ffe4fd9debe0a000f0f1600000d660f3881070f353e0f01d166b9b309000066b81400000066ba000000000f30b819008ed8f30fc73766b80500000066b9068000000f01c1", 0x46}], 0x1, 0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b) 149.085417ms ago: executing program 4: pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x4800) read$FUSE(r0, &(0x7f0000005040)={0x2020}, 0x2020) 112.983713ms ago: executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x28011, r0, 0x0) ftruncate(r0, 0xc17a) r1 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$bt_BT_SECURITY(r1, 0x10e, 0x9, 0x0, 0x20000000) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x2) ioctl$TCFLSH(r2, 0x40087101, 0x20001100) 75.658668ms ago: executing program 4: capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000002500)=ANY=[@ANYBLOB="b7000000010003c3bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff0000000065040700000000ff2d400500000000004000000001ed00007b030000000000001d440000000000007a0a00fe00ffffffdb03000000000000b5000000000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc00eec36574a8f6456e2ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2400000000000000800643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d64364c82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f4720082f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eaeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c393e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691df8b4b7ecd27ce82f7df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd0000000069ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fd691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a3fbcc6eeb4268bf5a481d1d14f85c0f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2227db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680aa1af102d97681656bf56ff0674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ff6d4c5dbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884f90c91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b7236bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a049414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e140792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd61000000000000000000000000000000000000000000000000000000000000000000000000f637782e317d492b2392fd0ea81397a80227f271bad21d688af35a2bd02c15d20f3d62a50e20260642c25f304c8034a5f4d8e45e701dbd84294d1096e715662b8223e10e98c4c38451fc5c702084e3fa9b184e0d0fba44acf3bb8a846cf680dfbf312cddfdb2043288fa6b67fa762c8b75d4478756ef240f2b314e4d77a3afb4fcec92248327004d1dac7ac87a6f8cb04d82acc307d60e4713bd9a8f29091d3048c669a5f5439e0a906ce098d177b9579882586511cfe6a23e57c44d1654899f077b5636e4181f3de6b814bedcac5290ad8018bbe4424edc6d9b0e61b404bb7a2d48"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) 0s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@bloom_filter={0x1e, 0x0, 0x2000003, 0xe0, 0x1a60, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x10}, 0x48) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$tmpfs(0x0, 0x0, &(0x7f0000000180), 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00'}, 0x10) socketpair(0x18, 0x0, 0x2, &(0x7f0000004080)) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=@newsa={0x120, 0x10, 0xeac0e19b6999623b, 0x0, 0x0, {{@in6=@remote, @in=@remote}, {@in=@empty, 0x0, 0x2b}, @in=@private, {}, {}, {}, 0x0, 0x0, 0x2}, [@XFRMA_SET_MARK={0x8}, @XFRMA_SET_MARK_MASK={0x8}, @coaddr={0x14, 0xe, @in6=@remote}, @mark={0xc}]}, 0x120}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) kernel console output (not intermixed with test programs): [ 7.189611][ T23] audit: type=1400 audit(1718985812.410:29): avc: denied { getattr } for pid=184 comm="dbus-daemon" path="/run/messagebus.pid" dev="tmpfs" ino=9669 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 7.343890][ T23] audit: type=1400 audit(1718985812.600:30): avc: denied { search } for pid=198 comm="dhcpcd" name="/" dev="tmpfs" ino=9433 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 7.349445][ T23] audit: type=1400 audit(1718985812.600:31): avc: denied { write } for pid=198 comm="dhcpcd" name="/" dev="tmpfs" ino=9433 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 10.082065][ T165] udevd (165) used greatest stack depth: 22072 bytes left [ 15.130040][ T23] kauditd_printk_skb: 29 callbacks suppressed [ 15.130052][ T23] audit: type=1400 audit(1718985820.380:61): avc: denied { transition } for pid=287 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 15.136319][ T23] audit: type=1400 audit(1718985820.380:62): avc: denied { noatsecure } for pid=287 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 15.141552][ T23] audit: type=1400 audit(1718985820.390:63): avc: denied { write } for pid=287 comm="sh" path="pipe:[9803]" dev="pipefs" ino=9803 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 15.147541][ T23] audit: type=1400 audit(1718985820.390:64): avc: denied { rlimitinh } for pid=287 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 15.159679][ T23] audit: type=1400 audit(1718985820.390:65): avc: denied { siginh } for pid=287 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.77' (ED25519) to the list of known hosts. 2024/06/21 16:03:48 fuzzer started 2024/06/21 16:03:48 dialing manager at 10.128.0.163:30000 [ 23.116279][ T23] audit: type=1400 audit(1718985828.370:66): avc: denied { node_bind } for pid=345 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 23.136691][ T23] audit: type=1400 audit(1718985828.370:67): avc: denied { name_bind } for pid=345 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 23.176083][ T23] audit: type=1400 audit(1718985828.430:68): avc: denied { mounton } for pid=354 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1926 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 23.178072][ T354] cgroup1: Unknown subsys name 'net' [ 23.205699][ T354] cgroup1: Unknown subsys name 'net_prio' [ 23.211581][ T354] cgroup1: Unknown subsys name 'devices' [ 23.219677][ T23] audit: type=1400 audit(1718985828.430:69): avc: denied { mount } for pid=354 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 23.241980][ T23] audit: type=1400 audit(1718985828.460:70): avc: denied { setattr } for pid=358 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=9310 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 23.248128][ T360] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 23.265566][ T23] audit: type=1400 audit(1718985828.470:71): avc: denied { mounton } for pid=359 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 23.298083][ T23] audit: type=1400 audit(1718985828.470:72): avc: denied { mount } for pid=359 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 23.321037][ T23] audit: type=1400 audit(1718985828.470:73): avc: denied { unmount } for pid=354 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 23.340539][ T23] audit: type=1400 audit(1718985828.530:74): avc: denied { relabelto } for pid=360 comm="mkswap" name="swap-file" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 23.365723][ T23] audit: type=1400 audit(1718985828.530:75): avc: denied { write } for pid=360 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 23.365992][ T355] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 23.415819][ T354] cgroup1: Unknown subsys name 'hugetlb' [ 23.421529][ T354] cgroup1: Unknown subsys name 'rlimit' 2024/06/21 16:03:48 starting 5 executor processes [ 24.055235][ T372] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.062086][ T372] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.069781][ T372] device bridge_slave_0 entered promiscuous mode [ 24.078383][ T372] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.085264][ T372] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.092736][ T372] device bridge_slave_1 entered promiscuous mode [ 24.204659][ T374] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.211499][ T374] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.219011][ T374] device bridge_slave_0 entered promiscuous mode [ 24.230333][ T375] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.237376][ T375] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.244843][ T375] device bridge_slave_0 entered promiscuous mode [ 24.254123][ T374] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.260946][ T374] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.268441][ T374] device bridge_slave_1 entered promiscuous mode [ 24.286847][ T375] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.293912][ T375] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.301201][ T375] device bridge_slave_1 entered promiscuous mode [ 24.339032][ T376] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.345896][ T376] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.353418][ T376] device bridge_slave_0 entered promiscuous mode [ 24.379098][ T373] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.385968][ T373] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.393461][ T373] device bridge_slave_0 entered promiscuous mode [ 24.399956][ T376] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.406910][ T376] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.414315][ T376] device bridge_slave_1 entered promiscuous mode [ 24.437036][ T373] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.444310][ T373] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.451657][ T373] device bridge_slave_1 entered promiscuous mode [ 24.608582][ T372] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.615434][ T372] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.622632][ T372] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.629471][ T372] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.676887][ T374] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.683743][ T374] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.690869][ T374] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.697668][ T374] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.711699][ T376] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.718576][ T376] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.725710][ T376] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.732574][ T376] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.758519][ T373] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.765370][ T373] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.772573][ T373] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.779410][ T373] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.788716][ T375] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.795565][ T375] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.802730][ T375] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.809563][ T375] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.837147][ T124] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.844825][ T124] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.851863][ T124] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.859414][ T124] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.866591][ T124] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.874223][ T124] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.881202][ T124] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.888349][ T124] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.895433][ T124] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.902381][ T124] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.910354][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 24.918248][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.944267][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.952288][ T124] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.959134][ T124] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.966502][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.974928][ T124] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.981777][ T124] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.023185][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 25.031854][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.040402][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.062632][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 25.070868][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 25.079602][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.086573][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.094634][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 25.102928][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 25.111051][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.117933][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.125137][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 25.133569][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.141457][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 25.149546][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.193552][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 25.200858][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 25.209107][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 25.220094][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 25.229283][ T107] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.236144][ T107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.243674][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 25.251780][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 25.259946][ T107] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.266784][ T107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.274973][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 25.282259][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 25.289667][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 25.297610][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.305775][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 25.313846][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.321591][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 25.329927][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 25.337976][ T107] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.344807][ T107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.352092][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 25.360671][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 25.368924][ T107] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.375769][ T107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.383306][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 25.390611][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 25.402156][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.410605][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.425087][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 25.433493][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 25.441474][ T124] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.448322][ T124] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.462652][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.470871][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.487384][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 25.495887][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 25.504177][ T363] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.510990][ T363] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.518572][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.527515][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.536528][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 25.544509][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.562705][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.570522][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.578620][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.586576][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.607070][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.615560][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.623665][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 25.631549][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.640182][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 25.648445][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.656578][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 25.664570][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.686718][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.708213][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 25.716673][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.725024][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 25.733128][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.752932][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.761106][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.769534][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.777964][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.786460][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.799730][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.823530][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.831332][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.840645][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.851799][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.860304][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.868976][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.882645][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.890783][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.899575][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.907772][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.916135][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.924428][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.940700][ T397] loop0: p3 < > p4 < > [ 25.945477][ T397] loop0: partition table partially beyond EOD, truncated [ 25.952835][ T397] loop0: p3 start 4284289 is beyond EOD, truncated [ 25.961445][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.970401][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.988583][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.998025][ T162] loop0: p3 < > p4 < > [ 26.002006][ T162] loop0: partition table partially beyond EOD, truncated [ 26.011558][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 26.019917][ T162] loop0: p3 start 4284289 is beyond EOD, truncated [ 26.032794][ T397] syz-executor.0 (397) used greatest stack depth: 21176 bytes left [ 26.046275][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 26.055043][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 26.063692][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 26.072047][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 26.086095][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 26.094629][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 26.160529][ T406] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'. [ 26.207949][ T414] SELinux: Context $ is not valid (left unmapped). [ 26.334853][ T419] FAT-fs (loop0): Directory bread(block 64) failed [ 26.341969][ T419] FAT-fs (loop0): Directory bread(block 65) failed [ 26.349055][ T419] FAT-fs (loop0): Directory bread(block 66) failed [ 26.355564][ T419] FAT-fs (loop0): Directory bread(block 67) failed [ 26.363583][ T419] FAT-fs (loop0): Directory bread(block 68) failed [ 26.370591][ T419] FAT-fs (loop0): Directory bread(block 69) failed [ 26.377356][ T419] FAT-fs (loop0): Directory bread(block 70) failed [ 26.593499][ T419] FAT-fs (loop0): Directory bread(block 71) failed [ 26.600555][ T419] FAT-fs (loop0): Directory bread(block 72) failed [ 26.607418][ T419] FAT-fs (loop0): Directory bread(block 73) failed [ 27.594004][ T442] loop3: p3 < > p4 < > [ 27.599315][ T9] attempt to access beyond end of device [ 27.599315][ T9] loop0: rw=1, want=1832, limit=256 [ 27.618334][ T442] loop3: partition table partially beyond EOD, truncated [ 27.639268][ T9] attempt to access beyond end of device [ 27.639268][ T9] loop0: rw=1, want=5420, limit=256 [ 27.662641][ T442] loop3: p3 start 4284289 is beyond EOD, truncated [ 27.874796][ T415] udevd[415]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 27.933307][ T443] ====================================================== [ 27.933307][ T443] WARNING: the mand mount option is being deprecated and [ 27.933307][ T443] will be removed in v5.15! [ 27.933307][ T443] ====================================================== [ 28.014024][ T461] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro, [ 28.120277][ T443] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 28.128389][ T23] kauditd_printk_skb: 57 callbacks suppressed [ 28.128401][ T23] audit: type=1400 audit(1718985833.370:133): avc: denied { write } for pid=459 comm="syz-executor.1" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 28.156673][ T443] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 28.166878][ T23] audit: type=1400 audit(1718985833.370:134): avc: denied { add_name } for pid=459 comm="syz-executor.1" name="cpuacct.usage_sys" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 28.173044][ T443] F2FS-fs (loop4): invalid crc value [ 28.189025][ T23] audit: type=1400 audit(1718985833.370:135): avc: denied { create } for pid=459 comm="syz-executor.1" name="cpuacct.usage_sys" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 28.213691][ T443] F2FS-fs (loop4): Found nat_bits in checkpoint [ 28.216250][ T477] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 28.238505][ T469] F2FS-fs (loop3): invalid crc value [ 28.243767][ T468] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 28.251321][ T468] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 28.265444][ T469] F2FS-fs (loop3): Found nat_bits in checkpoint [ 28.286354][ T23] audit: type=1400 audit(1718985833.370:136): avc: denied { read append open } for pid=459 comm="syz-executor.1" path="/root/syzkaller-testdir160866138/syzkaller.D0Nwj9/7/file0/cpuacct.usage_sys" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 28.315814][ T23] audit: type=1400 audit(1718985833.380:137): avc: denied { write } for pid=459 comm="syz-executor.1" name="cpuacct.usage_sys" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 28.339194][ T23] audit: type=1400 audit(1718985833.380:138): avc: denied { mounton } for pid=459 comm="syz-executor.1" path="/root/syzkaller-testdir160866138/syzkaller.D0Nwj9/7/file0/bus" dev="loop1" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 28.366495][ T23] audit: type=1400 audit(1718985833.470:139): avc: denied { map } for pid=459 comm="syz-executor.1" path="/root/syzkaller-testdir160866138/syzkaller.D0Nwj9/7/file0/cpuacct.usage_sys" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 28.381449][ T443] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 28.395136][ T477] EXT4-fs (loop1): Remounting filesystem read-only [ 28.407763][ T477] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 28.422034][ T443] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 28.422977][ T477] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 28.429485][ T468] F2FS-fs (loop0): Found nat_bits in checkpoint [ 28.445142][ T477] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 28.464906][ T477] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 28.479627][ T477] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 28.494615][ T477] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 28.509521][ T477] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 28.526734][ T477] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 28.528743][ T469] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 28.543363][ T477] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 28.563271][ T468] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 28.570108][ T468] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 28.583069][ T23] audit: type=1400 audit(1718985833.840:140): avc: denied { ioctl } for pid=464 comm="syz-executor.0" path="/root/syzkaller-testdir599523573/syzkaller.kWc3kd/3/bus/file0" dev="loop0" ino=10 ioctlcmd=0x6614 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 28.684900][ T496] overlayfs: './bus' not a directory [ 28.692328][ T496] 9pnet: Insufficient options for proto=fd [ 28.698581][ T23] audit: type=1400 audit(1718985833.880:141): avc: denied { unmount } for pid=374 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 28.734219][ T497] attempt to access beyond end of device [ 28.734219][ T497] loop3: rw=2049, want=77952, limit=40427 [ 28.752464][ T23] audit: type=1400 audit(1718985833.940:142): avc: denied { mounton } for pid=495 comm="syz-executor.2" path="/root/syzkaller-testdir3661835831/syzkaller.EAnxgE/10/bus" dev="sda1" ino=1951 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=file permissive=1 [ 28.816947][ T375] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1048: inode #2: lblock 0: comm syz-executor.1: error -117 reading directory block [ 28.924661][ T376] attempt to access beyond end of device [ 28.924661][ T376] loop3: rw=2049, want=45104, limit=40427 [ 29.062641][ T375] syz-executor.1 (375) used greatest stack depth: 21144 bytes left [ 29.255340][ T516] FAT-fs (loop4): Directory bread(block 64) failed [ 29.261782][ T516] FAT-fs (loop4): Directory bread(block 65) failed [ 29.271394][ T516] FAT-fs (loop4): Directory bread(block 66) failed [ 29.285127][ T516] FAT-fs (loop4): Directory bread(block 67) failed [ 29.298106][ T516] FAT-fs (loop4): Directory bread(block 68) failed [ 29.309422][ T516] FAT-fs (loop4): Directory bread(block 69) failed [ 29.316090][ T516] FAT-fs (loop4): Directory bread(block 70) failed [ 29.322883][ T516] FAT-fs (loop4): Directory bread(block 71) failed [ 29.329326][ T516] FAT-fs (loop4): Directory bread(block 72) failed [ 29.335994][ T516] FAT-fs (loop4): Directory bread(block 73) failed [ 29.462284][ T514] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 29.470008][ T514] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 29.483584][ T514] F2FS-fs (loop0): Found nat_bits in checkpoint [ 29.524288][ T512] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.531479][ T512] bridge0: port 1(bridge_slave_0) entered disabled state [ 29.542995][ T512] device bridge_slave_0 entered promiscuous mode [ 29.661558][ T512] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.670403][ T512] bridge0: port 2(bridge_slave_1) entered disabled state [ 29.810610][ T514] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 29.815602][ T512] device bridge_slave_1 entered promiscuous mode [ 29.817645][ T514] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 29.938546][ T512] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.945522][ T512] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.952913][ T512] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.959756][ T512] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.977340][ T395] bridge0: port 1(bridge_slave_0) entered disabled state [ 29.994618][ T509] syz-executor.2 (509) used greatest stack depth: 21080 bytes left [ 30.019983][ T395] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.025869][ T534] overlayfs: './bus' not a directory [ 30.037820][ T534] 9pnet: Insufficient options for proto=fd [ 30.083025][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 30.090980][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 30.137913][ T7] device bridge_slave_1 left promiscuous mode [ 30.139224][ T9] attempt to access beyond end of device [ 30.139224][ T9] loop4: rw=1, want=1832, limit=256 [ 30.144845][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.163988][ T7] device bridge_slave_0 left promiscuous mode [ 30.165422][ T9] attempt to access beyond end of device [ 30.165422][ T9] loop4: rw=1, want=5420, limit=256 [ 30.170072][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.273480][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 30.281650][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 30.290292][ T393] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.297163][ T393] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.342705][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 30.351056][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 30.369506][ T548] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 30.371972][ T393] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.392143][ T393] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.430687][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 30.448919][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 30.467906][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 30.480399][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 30.524515][ T555] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 30.533405][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 30.547424][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 30.562775][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 30.571064][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 30.618732][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 30.622874][ T550] kvm: emulating exchange as write [ 30.627408][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 30.681299][ T544] F2FS-fs (loop4): invalid crc value [ 30.707075][ T544] F2FS-fs (loop4): Found nat_bits in checkpoint [ 30.710877][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 30.724789][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 30.728777][ T556] FAT-fs (loop0): Unrecognized mount option "00000000000000000007ÿÿÿÿÿÿÿÿ0xffffffffffffffffÿÿÿÿÿ18446744073709551615t‹ˆìä;×s™í·›nŒóÎE±sT]&QBÐç‡åÅÅ)A©êÏú Cô ß¾²Û\\nuâÐÕ–Ì\Udèڋõ„ŽNe Ñ&_œ&RÊF:Ü×\~NŠ‘" or missing value [ 30.805554][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 30.822768][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 30.839504][ T544] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 30.937493][ T566] tmpfs: Bad value for 'nr_blocks' [ 31.133097][ T577] attempt to access beyond end of device [ 31.133097][ T577] loop4: rw=2049, want=77952, limit=40427 [ 31.187692][ T579] overlayfs: './bus' not a directory [ 31.203070][ T579] 9pnet: Insufficient options for proto=fd [ 31.274039][ T372] attempt to access beyond end of device [ 31.274039][ T372] loop4: rw=2049, want=45104, limit=40427 [ 31.291393][ T571] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 31.299057][ T571] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 31.323595][ T571] F2FS-fs (loop3): Found nat_bits in checkpoint [ 31.388685][ T571] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 31.395602][ T571] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 31.409853][ T585] FAT-fs (loop1): Directory bread(block 64) failed [ 31.422527][ T585] FAT-fs (loop1): Directory bread(block 65) failed [ 31.443582][ T585] FAT-fs (loop1): Directory bread(block 66) failed [ 31.458966][ T585] FAT-fs (loop1): Directory bread(block 67) failed [ 31.465694][ T585] FAT-fs (loop1): Directory bread(block 68) failed [ 31.472083][ T585] FAT-fs (loop1): Directory bread(block 69) failed [ 31.478687][ T585] FAT-fs (loop1): Directory bread(block 70) failed [ 31.486026][ T585] FAT-fs (loop1): Directory bread(block 71) failed [ 31.492684][ T585] FAT-fs (loop1): Directory bread(block 72) failed [ 31.499073][ T585] FAT-fs (loop1): Directory bread(block 73) failed [ 31.580843][ T569] F2FS-fs (loop2): Found nat_bits in checkpoint [ 31.638528][ T569] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 31.656404][ T373] attempt to access beyond end of device [ 31.656404][ T373] loop2: rw=2049, want=45104, limit=40427 [ 32.255242][ T9] attempt to access beyond end of device [ 32.255242][ T9] loop1: rw=1, want=1832, limit=256 [ 32.412437][ T630] input: €3 as /devices/virtual/input/input4 [ 32.421888][ T625] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 32.438255][ T9] EXT4-fs error (device loop1): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 32.456208][ T9] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28 [ 32.473217][ T9] EXT4-fs (loop1): This should not happen!! Data will be lost [ 32.473217][ T9] [ 32.482740][ T9] EXT4-fs (loop1): Total free blocks count 0 [ 32.488486][ T9] EXT4-fs (loop1): Free/Dirty block details [ 32.494387][ T9] EXT4-fs (loop1): free_blocks=2415919104 [ 32.499863][ T9] EXT4-fs (loop1): dirty_blocks=48 [ 32.504852][ T9] EXT4-fs (loop1): Block reservation details [ 32.510629][ T9] EXT4-fs (loop1): i_reserved_data_blocks=3 [ 32.519710][ T625] EXT4-fs (loop1): re-mounted. Opts: [ 32.531881][ T625] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 32.538145][ T635] FAT-fs (loop2): Unrecognized mount option "00000000000000000007ÿÿÿÿÿÿÿÿ0xffffffffffffffffÿÿÿÿÿ18446744073709551615t‹ˆìä;×s™í·›nŒóÎE±sT]&QBÐç‡åÅÅ)A©êÏú Cô ß¾²Û\\nuâÐÕ–Ì\Udèڋõ„ŽNe Ñ&_œ&RÊF:Ü×\~NŠ‘" or missing value [ 32.563474][ T393] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 32.920955][ T639] F2FS-fs (loop0): invalid crc value [ 32.922935][ T393] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 32.936057][ T639] F2FS-fs (loop0): Found nat_bits in checkpoint [ 32.937878][ T393] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 32.953010][ T393] usb 5-1: New USB device found, idVendor=28bd, idProduct=0074, bcdDevice= 0.00 [ 32.961991][ T393] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 32.976313][ T652] FAT-fs (loop1): Directory bread(block 64) failed [ 32.990498][ T652] FAT-fs (loop1): Directory bread(block 65) failed [ 32.998272][ T393] usb 5-1: config 0 descriptor?? [ 33.004033][ T652] FAT-fs (loop1): Directory bread(block 66) failed [ 33.010626][ T652] FAT-fs (loop1): Directory bread(block 67) failed [ 33.017198][ T652] FAT-fs (loop1): Directory bread(block 68) failed [ 33.018965][ T639] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 33.023853][ T652] FAT-fs (loop1): Directory bread(block 69) failed [ 33.052118][ T652] FAT-fs (loop1): Directory bread(block 70) failed [ 33.072055][ T652] FAT-fs (loop1): Directory bread(block 71) failed [ 33.078790][ T652] FAT-fs (loop1): Directory bread(block 72) failed [ 33.086941][ T652] FAT-fs (loop1): Directory bread(block 73) failed [ 33.142350][ T662] handle_bad_sector: 1 callbacks suppressed [ 33.142364][ T662] attempt to access beyond end of device [ 33.142364][ T662] loop0: rw=2049, want=77952, limit=40427 [ 33.302697][ T374] attempt to access beyond end of device [ 33.302697][ T374] loop0: rw=2049, want=45104, limit=40427 [ 33.553629][ T661] F2FS-fs (loop3): invalid crc value [ 33.646272][ T494] attempt to access beyond end of device [ 33.646272][ T494] loop1: rw=1, want=1832, limit=256 [ 33.659028][ T393] uclogic 0003:28BD:0074.0001: interface is invalid, ignoring [ 33.677885][ T661] F2FS-fs (loop3): Found nat_bits in checkpoint [ 33.698591][ T494] attempt to access beyond end of device [ 33.698591][ T494] loop1: rw=1, want=5420, limit=256 [ 33.765498][ T661] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 33.772193][ T661] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 33.805811][ T23] kauditd_printk_skb: 23 callbacks suppressed [ 33.805822][ T23] audit: type=1400 audit(1718985839.060:166): avc: denied { create } for pid=660 comm="syz-executor.3" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 33.872770][ T23] audit: type=1400 audit(1718985839.130:167): avc: denied { write } for pid=660 comm="syz-executor.3" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 33.895343][ T107] usb 5-1: USB disconnect, device number 2 [ 33.930373][ T376] attempt to access beyond end of device [ 33.930373][ T376] loop3: rw=2049, want=45104, limit=40427 [ 33.951709][ T23] audit: type=1400 audit(1718985839.130:168): avc: denied { add_name } for pid=660 comm="syz-executor.3" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 33.990955][ T23] audit: type=1400 audit(1718985839.170:169): avc: denied { remove_name } for pid=660 comm="syz-executor.3" name="file0" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 34.102599][ T23] audit: type=1400 audit(1718985839.170:170): avc: denied { rename } for pid=660 comm="syz-executor.3" name="file0" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 34.216819][ T23] audit: type=1400 audit(1718985839.170:171): avc: denied { reparent } for pid=660 comm="syz-executor.3" name="file0" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 34.237349][ T684] FAT-fs (loop2): Unrecognized mount option "00000000000000000007ÿÿÿÿÿÿÿÿ0xffffffffffffffffÿÿÿÿÿ18446744073709551615t‹ˆìä;×s™í·›nŒóÎE±sT]&QBÐç‡åÅÅ)A©êÏú Cô ß¾²Û\\nuâÐÕ–Ì\Udèڋõ„ŽNe Ñ&_œ&RÊF:Ü×\~NŠ‘" or missing value [ 34.241720][ T23] audit: type=1400 audit(1718985839.170:172): avc: denied { remove_name } for pid=660 comm="syz-executor.3" name="file0" dev="loop3" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 34.283923][ T23] audit: type=1400 audit(1718985839.170:173): avc: denied { rmdir } for pid=660 comm="syz-executor.3" name="file0" dev="loop3" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 34.333850][ T677] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 34.341818][ T677] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 34.362660][ T677] F2FS-fs (loop1): invalid crc value [ 34.372244][ T677] F2FS-fs (loop1): Found nat_bits in checkpoint [ 34.420945][ T677] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 34.428195][ T677] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 34.612480][ T23] audit: type=1400 audit(1718985839.830:174): avc: denied { set_context_mgr } for pid=687 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 34.797842][ T23] audit: type=1326 audit(1718985840.050:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=703 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbebbe610a9 code=0x0 [ 34.824740][ T699] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 34.836521][ T699] File: /root/syzkaller-testdir3661835831/syzkaller.EAnxgE/32/bus PID: 699 Comm: syz-executor.2 [ 34.880300][ T512] attempt to access beyond end of device [ 34.880300][ T512] loop1: rw=2051, want=53248, limit=40427 [ 34.891421][ T512] attempt to access beyond end of device [ 34.891421][ T512] loop1: rw=2051, want=81920, limit=40427 [ 34.903456][ T512] F2FS-fs (loop1): Issue discard(6144, 6144, 512) failed, ret: -5 [ 34.903474][ T512] F2FS-fs (loop1): Issue discard(9728, 9728, 512) failed, ret: -5 [ 35.038217][ T707] F2FS-fs (loop2): invalid crc value [ 35.052957][ T707] F2FS-fs (loop2): Found nat_bits in checkpoint [ 35.094952][ T707] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 35.252575][ T718] attempt to access beyond end of device [ 35.252575][ T718] loop2: rw=2049, want=77952, limit=40427 [ 35.369600][ T373] attempt to access beyond end of device [ 35.369600][ T373] loop2: rw=2049, want=45104, limit=40427 [ 35.382513][ T717] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 35.390051][ T717] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 35.412152][ T717] F2FS-fs (loop1): Found nat_bits in checkpoint [ 35.458414][ T717] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 35.465523][ T717] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 35.509542][ T721] FAT-fs (loop0): Directory bread(block 64) failed [ 35.521805][ T721] FAT-fs (loop0): Directory bread(block 65) failed [ 35.535872][ T721] FAT-fs (loop0): Directory bread(block 66) failed [ 35.542725][ T721] FAT-fs (loop0): Directory bread(block 67) failed [ 35.549172][ T721] FAT-fs (loop0): Directory bread(block 68) failed [ 35.555630][ T721] FAT-fs (loop0): Directory bread(block 69) failed [ 35.583652][ T721] FAT-fs (loop0): Directory bread(block 70) failed [ 35.591846][ T721] FAT-fs (loop0): Directory bread(block 71) failed [ 35.612395][ T721] FAT-fs (loop0): Directory bread(block 72) failed [ 35.619533][ T721] FAT-fs (loop0): Directory bread(block 73) failed [ 36.110088][ T7] attempt to access beyond end of device [ 36.110088][ T7] loop0: rw=1, want=1832, limit=256 [ 36.173029][ T728] F2FS-fs (loop4): invalid crc value [ 36.213761][ T728] F2FS-fs (loop4): Found nat_bits in checkpoint [ 36.313542][ T750] tmpfs: Bad value for 'nr_blocks' [ 36.319802][ T728] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 37.312853][ T728] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 38.090004][ T775] syz-executor.3[775] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.090057][ T775] syz-executor.3[775] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.135204][ T748] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 38.154313][ T748] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 38.188945][ T778] 9pnet: p9_fd_create_unix (778): address too long: ./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 38.215610][ T748] F2FS-fs (loop0): invalid crc value [ 38.326781][ T748] F2FS-fs (loop0): Found nat_bits in checkpoint [ 38.550881][ T748] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 38.570017][ T748] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 38.818339][ T806] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 38.861102][ T494] EXT4-fs error (device loop3): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 38.901834][ T818] syz-executor.4[818] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.901890][ T818] syz-executor.4[818] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.903140][ T494] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28 [ 38.987442][ T494] EXT4-fs (loop3): This should not happen!! Data will be lost [ 38.987442][ T494] [ 39.008669][ T494] EXT4-fs (loop3): Total free blocks count 0 [ 39.050694][ T494] EXT4-fs (loop3): Free/Dirty block details [ 39.051290][ T374] handle_bad_sector: 3 callbacks suppressed [ 39.051303][ T374] attempt to access beyond end of device [ 39.051303][ T374] loop0: rw=2051, want=53248, limit=40427 [ 39.072438][ T494] EXT4-fs (loop3): free_blocks=2415919104 [ 39.090008][ T374] attempt to access beyond end of device [ 39.090008][ T374] loop0: rw=2051, want=81920, limit=40427 [ 39.092832][ T494] EXT4-fs (loop3): dirty_blocks=48 [ 40.185966][ T374] F2FS-fs (loop0): Issue discard(6144, 6144, 512) failed, ret: -5 [ 40.185986][ T374] F2FS-fs (loop0): Issue discard(9728, 9728, 512) failed, ret: -5 [ 40.211090][ T494] EXT4-fs (loop3): Block reservation details [ 40.265301][ T494] EXT4-fs (loop3): i_reserved_data_blocks=3 [ 40.305382][ T806] EXT4-fs (loop3): re-mounted. Opts: [ 40.454440][ T802] F2FS-fs (loop2): invalid crc value [ 40.497370][ T802] F2FS-fs (loop2): Found nat_bits in checkpoint [ 40.575295][ T802] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 40.581972][ T802] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 40.630760][ T806] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 40.646626][ T373] attempt to access beyond end of device [ 40.646626][ T373] loop2: rw=2049, want=45104, limit=40427 [ 40.764851][ T23] kauditd_printk_skb: 13 callbacks suppressed [ 40.764864][ T23] audit: type=1400 audit(1718985846.020:189): avc: denied { map } for pid=841 comm="syz-executor.1" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 40.811704][ T23] audit: type=1400 audit(1718985846.050:190): avc: denied { call } for pid=841 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 40.831299][ T23] audit: type=1400 audit(1718985846.050:191): avc: denied { transfer } for pid=841 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 41.047214][ T23] audit: type=1326 audit(1718985846.300:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=852 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f028b8af0a9 code=0x0 [ 41.113526][ T850] FAT-fs (loop0): Unrecognized mount option "00000000000000000007ÿÿÿÿÿÿÿÿ0xffffffffffffffffÿÿÿÿÿ18446744073709551615t‹ˆìä;×s™í·›nŒóÎE±sT]&QBÐç‡åÅÅ)A©êÏú Cô ß¾²Û\\nuâÐÕ–Ì\Udèڋõ„ŽNe Ñ&_œ&RÊF:Ü×\~NŠ‘" or missing value [ 41.263695][ T861] syz-executor.3[861] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 41.263754][ T861] syz-executor.3[861] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 41.276583][ T863] 9pnet: p9_fd_create_unix (863): address too long: ./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 41.602258][ T23] audit: type=1400 audit(1718985846.850:193): avc: denied { ioctl } for pid=871 comm="syz-executor.0" path="socket:[13767]" dev="sockfs" ino=13767 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 41.603588][ T873] process 'syz-executor.0' launched './file0' with NULL argv: empty string added [ 41.740484][ T858] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 41.762477][ T858] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 41.844214][ T858] F2FS-fs (loop1): invalid crc value [ 41.914666][ T858] F2FS-fs (loop1): Found nat_bits in checkpoint [ 42.014462][ T882] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000f53) [ 42.019409][ T23] audit: type=1400 audit(1718985847.260:194): avc: denied { mounton } for pid=881 comm="syz-executor.4" path="/root/syzkaller-testdir907670049/syzkaller.xdamut/15/file0/file0/bus" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1 [ 42.042375][ T882] FAT-fs (loop4): Filesystem has been set read-only [ 42.060152][ T858] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 42.070006][ T858] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 42.327455][ T372] syz-executor.4 (372) used greatest stack depth: 20344 bytes left [ 42.357372][ T512] attempt to access beyond end of device [ 42.357372][ T512] loop1: rw=2051, want=53248, limit=40427 [ 42.377635][ T23] audit: type=1400 audit(1718985847.630:195): avc: denied { mount } for pid=893 comm="syz-executor.0" name="/" dev="tmpfs" ino=14875 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 42.410117][ T512] attempt to access beyond end of device [ 42.410117][ T512] loop1: rw=2051, want=81920, limit=40427 [ 42.452807][ T512] F2FS-fs (loop1): Issue discard(6144, 6144, 512) failed, ret: -5 [ 42.452827][ T512] F2FS-fs (loop1): Issue discard(9728, 9728, 512) failed, ret: -5 [ 42.464692][ T23] audit: type=1400 audit(1718985847.640:196): avc: denied { execute } for pid=893 comm="syz-executor.0" path="/root/syzkaller-testdir599523573/syzkaller.kWc3kd/27/file0/bus" dev="tmpfs" ino=14876 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 42.602086][ T23] audit: type=1400 audit(1718985847.690:197): avc: denied { unmount } for pid=374 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 42.638377][ T23] audit: type=1326 audit(1718985847.850:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=900 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7730f5b0a9 code=0x0 [ 42.786737][ T902] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.802438][ T902] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.809983][ T902] device bridge_slave_0 entered promiscuous mode [ 42.818844][ T902] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.825902][ T902] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.833972][ T902] device bridge_slave_1 entered promiscuous mode [ 42.942885][ T866] F2FS-fs (loop3): Found nat_bits in checkpoint [ 43.022722][ T902] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.029671][ T902] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.036816][ T902] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.043657][ T902] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.053862][ T866] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 43.082148][ T451] device bridge_slave_1 left promiscuous mode [ 43.088384][ T451] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.103445][ T451] device bridge_slave_0 left promiscuous mode [ 43.119543][ T451] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.333576][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.342143][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.359111][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.380961][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 43.391023][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.413529][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 43.421519][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.458124][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 43.470536][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 43.569237][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 43.573526][ T925] FAT-fs (loop0): Unrecognized mount option "00000000000000000007ÿÿÿÿÿÿÿÿ0xffffffffffffffffÿÿÿÿÿ18446744073709551615t‹ˆìä;×s™í·›nŒóÎE±sT]&QBÐç‡åÅÅ)A©êÏú Cô ß¾²Û\\nuâÐÕ–Ì\Udèڋõ„ŽNe Ñ&_œ&RÊF:Ü×\~NŠ‘" or missing value [ 43.605176][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 43.720956][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 43.729432][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 43.767769][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 43.783373][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 43.801771][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 43.821968][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.369251][ T945] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0x1 [ 44.520843][ T928] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 44.559055][ T928] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 44.564309][ T949] SELinux: security_context_str_to_sid() failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 44.576349][ T928] F2FS-fs (loop1): invalid crc value [ 44.585504][ T949] ------------[ cut here ]------------ [ 44.590806][ T949] WARNING: CPU: 0 PID: 949 at fs/overlayfs/util.c:450 ovl_dir_modified+0x45c/0x570 [ 44.599884][ T949] Modules linked in: [ 44.603630][ T949] CPU: 0 PID: 949 Comm: syz-executor.0 Not tainted 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 44.613515][ T949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 44.623433][ T949] RIP: 0010:ovl_dir_modified+0x45c/0x570 [ 44.628883][ T949] Code: c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5c 3b ae ff 49 ff 45 00 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 34 56 7e ff <0f> 0b e9 91 fd ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 30 fc ff [ 44.648415][ T949] RSP: 0018:ffff8881e1917a48 EFLAGS: 00010283 [ 44.654411][ T949] RAX: ffffffff81e5e5ec RBX: 0000000000000000 RCX: 0000000000040000 [ 44.662218][ T949] RDX: ffffc90000b43000 RSI: 0000000000013812 RDI: 0000000000013813 [ 44.670033][ T949] RBP: ffff8881e78a0ee0 R08: ffffffff81e5e376 R09: ffffed103a5a86e9 [ 44.677841][ T949] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 44.685653][ T949] R13: ffff8881d2d436a0 R14: ffff8881d2d436f0 R15: ffff8881e78a0f10 [ 44.693467][ T949] FS: 00007f77302d56c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 44.702233][ T949] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.708656][ T949] CR2: 00007f7730fdf780 CR3: 00000001e492d000 CR4: 00000000003406b0 [ 44.716500][ T949] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.724274][ T949] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 44.732084][ T949] Call Trace: [ 44.735219][ T949] ? __warn+0x162/0x250 [ 44.739211][ T949] ? report_bug+0x3a1/0x4e0 [ 44.743555][ T949] ? ovl_dir_modified+0x45c/0x570 [ 44.748409][ T949] ? ovl_dir_modified+0x45c/0x570 [ 44.753269][ T949] ? do_invalid_op+0x6e/0x110 [ 44.757785][ T949] ? invalid_op+0x1e/0x30 [ 44.761962][ T949] ? ovl_dir_modified+0x1e6/0x570 [ 44.766809][ T949] ? ovl_dir_modified+0x45c/0x570 [ 44.771670][ T949] ? ovl_dir_modified+0x45c/0x570 [ 44.776526][ T949] ? ovl_dir_modified+0x45c/0x570 [ 44.781387][ T949] ? ovl_path_type+0x18e/0x2f0 [ 44.785988][ T949] ovl_do_remove+0x6f0/0xc80 [ 44.790425][ T949] ? ovl_set_redirect+0x5f0/0x5f0 [ 44.795278][ T949] ? security_inode_rmdir+0xca/0x110 [ 44.800480][ T949] vfs_rmdir+0x285/0x3c0 [ 44.804647][ T949] incfs_kill_sb+0x105/0x200 [ 44.809068][ T949] deactivate_locked_super+0xa8/0x110 [ 44.814277][ T949] vfs_get_tree+0x1b9/0x260 [ 44.818614][ T949] do_new_mount+0x292/0x570 [ 44.822967][ T949] ? do_move_mount_old+0x160/0x160 [ 44.827912][ T949] ? security_capable+0x86/0xb0 [ 44.832590][ T949] do_mount+0x688/0xe10 [ 44.836581][ T949] ? copy_mount_string+0x30/0x30 [ 44.841361][ T949] ? copy_mount_options+0x1c0/0x300 [ 44.846389][ T949] ? copy_mount_options+0x29a/0x300 [ 44.851857][ T949] ksys_mount+0xc2/0xf0 [ 44.855848][ T949] __x64_sys_mount+0xb1/0xc0 [ 44.860276][ T949] do_syscall_64+0xca/0x1c0 [ 44.864623][ T949] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 44.870343][ T949] RIP: 0033:0x7f7730f5b0a9 [ 44.874600][ T949] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 44.894122][ T949] RSP: 002b:00007f77302d50c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 44.902370][ T949] RAX: ffffffffffffffda RBX: 00007f7731091f80 RCX: 00007f7730f5b0a9 [ 44.910177][ T949] RDX: 00000000200004c0 RSI: 0000000020000440 RDI: 00000000200003c0 [ 44.918111][ T949] RBP: 00007f7730fca074 R08: 0000000020000dc0 R09: 0000000000000000 [ 44.926000][ T949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 44.933817][ T949] R13: 000000000000000b R14: 00007f7731091f80 R15: 00007ffe85c9ece8 [ 44.941651][ T949] ---[ end trace 581e90e1941c50c3 ]--- [ 44.961210][ T949] ------------[ cut here ]------------ [ 44.966500][ T949] WARNING: CPU: 1 PID: 949 at fs/overlayfs/util.c:450 ovl_dir_modified+0x45c/0x570 [ 44.975597][ T949] Modules linked in: [ 44.979337][ T949] CPU: 1 PID: 949 Comm: syz-executor.0 Tainted: G W 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 44.991052][ T949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 45.000961][ T949] RIP: 0010:ovl_dir_modified+0x45c/0x570 [ 45.006418][ T949] Code: c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5c 3b ae ff 49 ff 45 00 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 34 56 7e ff <0f> 0b e9 91 fd ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 30 fc ff [ 45.025861][ T949] RSP: 0000:ffff8881e1917a48 EFLAGS: 00010287 [ 45.031757][ T949] RAX: ffffffff81e5e5ec RBX: 0000000000000000 RCX: 0000000000040000 [ 45.039571][ T949] RDX: ffffc90000b43000 RSI: 0000000000021c3e RDI: 0000000000021c3f [ 45.047385][ T949] RBP: ffff8881e78a0ee0 R08: ffffffff81e5e376 R09: ffffed103a5a86e9 [ 45.055196][ T949] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 45.063005][ T949] R13: ffff8881d2d436a0 R14: ffff8881d2d436f0 R15: ffff8881e78a0f10 [ 45.070825][ T949] FS: 00007f77302d56c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 45.079580][ T949] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.086000][ T949] CR2: 0000000020032000 CR3: 00000001e492d000 CR4: 00000000003406a0 [ 45.093822][ T949] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.101712][ T949] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.109631][ T949] Call Trace: [ 45.112763][ T949] ? __warn+0x162/0x250 [ 45.116751][ T949] ? report_bug+0x3a1/0x4e0 [ 45.121096][ T949] ? ovl_dir_modified+0x45c/0x570 [ 45.125952][ T949] ? ovl_dir_modified+0x45c/0x570 [ 45.130816][ T949] ? do_invalid_op+0x6e/0x110 [ 45.135334][ T949] ? invalid_op+0x1e/0x30 [ 45.139498][ T949] ? ovl_dir_modified+0x1e6/0x570 [ 45.144352][ T949] ? ovl_dir_modified+0x45c/0x570 [ 45.149309][ T949] ? ovl_dir_modified+0x45c/0x570 [ 45.154211][ T949] ? ovl_dir_modified+0x45c/0x570 [ 45.159036][ T949] ? ovl_path_type+0x18e/0x2f0 [ 45.163630][ T949] ovl_do_remove+0x6f0/0xc80 [ 45.168159][ T949] ? ovl_set_redirect+0x5f0/0x5f0 [ 45.173019][ T949] ? security_inode_rmdir+0xca/0x110 [ 45.178131][ T949] vfs_rmdir+0x285/0x3c0 [ 45.182206][ T949] incfs_kill_sb+0x18d/0x200 [ 45.186644][ T949] deactivate_locked_super+0xa8/0x110 [ 45.191968][ T949] vfs_get_tree+0x1b9/0x260 [ 45.196309][ T949] do_new_mount+0x292/0x570 [ 45.200647][ T949] ? do_move_mount_old+0x160/0x160 [ 45.205621][ T949] ? security_capable+0x86/0xb0 [ 45.210281][ T949] do_mount+0x688/0xe10 [ 45.214372][ T949] ? copy_mount_string+0x30/0x30 [ 45.219141][ T949] ? copy_mount_options+0x1c0/0x300 [ 45.224178][ T949] ? copy_mount_options+0x29a/0x300 [ 45.229212][ T949] ksys_mount+0xc2/0xf0 [ 45.233212][ T949] __x64_sys_mount+0xb1/0xc0 [ 45.237718][ T949] do_syscall_64+0xca/0x1c0 [ 45.242060][ T949] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 45.247784][ T949] RIP: 0033:0x7f7730f5b0a9 [ 45.252038][ T949] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 45.271476][ T949] RSP: 002b:00007f77302d50c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 45.279818][ T949] RAX: ffffffffffffffda RBX: 00007f7731091f80 RCX: 00007f7730f5b0a9 [ 45.287619][ T949] RDX: 00000000200004c0 RSI: 0000000020000440 RDI: 00000000200003c0 [ 45.295434][ T949] RBP: 00007f7730fca074 R08: 0000000020000dc0 R09: 0000000000000000 [ 45.303247][ T949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 45.311056][ T949] R13: 000000000000000b R14: 00007f7731091f80 R15: 00007ffe85c9ece8 [ 45.318878][ T949] ---[ end trace 581e90e1941c50c4 ]--- [ 45.386673][ T928] F2FS-fs (loop1): Found nat_bits in checkpoint [ 45.631532][ T928] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 45.638539][ T928] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 45.734782][ T963] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.3'. [ 46.159207][ T512] attempt to access beyond end of device [ 46.159207][ T512] loop1: rw=2051, want=53248, limit=40427 [ 46.184842][ T512] attempt to access beyond end of device [ 46.184842][ T512] loop1: rw=2051, want=81920, limit=40427 [ 46.203277][ T512] F2FS-fs (loop1): Issue discard(6144, 6144, 512) failed, ret: -5 [ 46.203296][ T512] F2FS-fs (loop1): Issue discard(9728, 9728, 512) failed, ret: -5 [ 46.306097][ T982] SELinux: security_context_str_to_sid() failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 46.342834][ T982] ------------[ cut here ]------------ [ 46.348134][ T982] WARNING: CPU: 0 PID: 982 at fs/overlayfs/util.c:450 ovl_dir_modified+0x45c/0x570 [ 46.357231][ T982] Modules linked in: [ 46.360971][ T982] CPU: 0 PID: 982 Comm: syz-executor.0 Tainted: G W 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 46.372249][ T982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 46.382147][ T982] RIP: 0010:ovl_dir_modified+0x45c/0x570 [ 46.387611][ T982] Code: c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5c 3b ae ff 49 ff 45 00 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 34 56 7e ff <0f> 0b e9 91 fd ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 30 fc ff [ 46.407045][ T982] RSP: 0018:ffff8881e8b5fa48 EFLAGS: 00010287 [ 46.412949][ T982] RAX: ffffffff81e5e5ec RBX: 0000000000000000 RCX: 0000000000040000 [ 46.420760][ T982] RDX: ffffc90000b43000 RSI: 0000000000006e55 RDI: 0000000000006e56 [ 46.428572][ T982] RBP: ffff8881dadf5550 R08: ffffffff81e5e376 R09: ffffed103a5a845b [ 46.436389][ T982] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 46.444198][ T982] R13: ffff8881d2d42230 R14: ffff8881d2d42280 R15: ffff8881dadf5580 [ 46.452015][ T982] FS: 00007f77302d56c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 46.460783][ T982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.467282][ T982] CR2: 0000000020001000 CR3: 00000001d67e4000 CR4: 00000000003406b0 [ 46.475180][ T982] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 46.482990][ T982] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 46.490801][ T982] Call Trace: [ 46.493975][ T982] ? __warn+0x162/0x250 [ 46.497924][ T982] ? report_bug+0x3a1/0x4e0 [ 46.502694][ T982] ? ovl_dir_modified+0x45c/0x570 [ 46.507557][ T982] ? ovl_dir_modified+0x45c/0x570 [ 46.512420][ T982] ? do_invalid_op+0x6e/0x110 [ 46.516933][ T982] ? invalid_op+0x1e/0x30 [ 46.521098][ T982] ? ovl_dir_modified+0x1e6/0x570 [ 46.525955][ T982] ? ovl_dir_modified+0x45c/0x570 [ 46.530820][ T982] ? ovl_dir_modified+0x45c/0x570 [ 46.535679][ T982] ? ovl_dir_modified+0x45c/0x570 [ 46.540547][ T982] ? ovl_path_type+0x18e/0x2f0 [ 46.545138][ T982] ovl_do_remove+0x6f0/0xc80 [ 46.549580][ T982] ? ovl_set_redirect+0x5f0/0x5f0 [ 46.554432][ T982] ? security_inode_rmdir+0xca/0x110 [ 46.559546][ T982] vfs_rmdir+0x285/0x3c0 [ 46.563627][ T982] incfs_kill_sb+0x105/0x200 [ 46.568051][ T982] deactivate_locked_super+0xa8/0x110 [ 46.573261][ T982] vfs_get_tree+0x1b9/0x260 [ 46.577598][ T982] do_new_mount+0x292/0x570 [ 46.581941][ T982] ? do_move_mount_old+0x160/0x160 [ 46.586887][ T982] ? security_capable+0x86/0xb0 [ 46.591571][ T982] do_mount+0x688/0xe10 [ 46.595571][ T982] ? copy_mount_string+0x30/0x30 [ 46.600341][ T982] ? copy_mount_options+0x29a/0x300 [ 46.605458][ T982] ksys_mount+0xc2/0xf0 [ 46.609541][ T982] __x64_sys_mount+0xb1/0xc0 [ 46.613968][ T982] do_syscall_64+0xca/0x1c0 [ 46.618308][ T982] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 46.624035][ T982] RIP: 0033:0x7f7730f5b0a9 [ 46.628290][ T982] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 46.647994][ T982] RSP: 002b:00007f77302d50c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 46.656243][ T982] RAX: ffffffffffffffda RBX: 00007f7731091f80 RCX: 00007f7730f5b0a9 [ 46.664050][ T982] RDX: 00000000200004c0 RSI: 0000000020000440 RDI: 00000000200003c0 [ 46.671862][ T982] RBP: 00007f7730fca074 R08: 0000000020000dc0 R09: 0000000000000000 [ 46.679673][ T982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 46.687486][ T982] R13: 000000000000000b R14: 00007f7731091f80 R15: 00007ffe85c9ece8 [ 46.695386][ T982] ---[ end trace 581e90e1941c50c5 ]--- [ 46.743002][ T982] ------------[ cut here ]------------ [ 46.748308][ T982] WARNING: CPU: 1 PID: 982 at fs/overlayfs/util.c:450 ovl_dir_modified+0x45c/0x570 [ 46.757479][ T982] Modules linked in: [ 46.761298][ T982] CPU: 1 PID: 982 Comm: syz-executor.0 Tainted: G W 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 46.772504][ T982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 46.782511][ T982] RIP: 0010:ovl_dir_modified+0x45c/0x570 [ 46.787965][ T982] Code: c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5c 3b ae ff 49 ff 45 00 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 34 56 7e ff <0f> 0b e9 91 fd ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 30 fc ff [ 46.807668][ T982] RSP: 0018:ffff8881e8b5fa48 EFLAGS: 00010283 [ 46.813571][ T982] RAX: ffffffff81e5e5ec RBX: 0000000000000000 RCX: 0000000000040000 [ 46.821382][ T982] RDX: ffffc90000b43000 RSI: 0000000000011b2b RDI: 0000000000011b2c [ 46.829191][ T982] RBP: ffff8881dadf5550 R08: ffffffff81e5e376 R09: ffffed103a5a845b [ 46.837086][ T982] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 46.844897][ T982] R13: ffff8881d2d42230 R14: ffff8881d2d42280 R15: ffff8881dadf5580 [ 46.852811][ T982] FS: 00007f77302d56c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 46.861564][ T982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.867995][ T982] CR2: 0000001b32b35000 CR3: 00000001d67e4000 CR4: 00000000003406a0 [ 46.875800][ T982] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 46.883656][ T982] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 46.891428][ T982] Call Trace: [ 46.894552][ T982] ? __warn+0x162/0x250 [ 46.898719][ T982] ? report_bug+0x3a1/0x4e0 [ 46.903056][ T982] ? ovl_dir_modified+0x45c/0x570 [ 46.907915][ T982] ? ovl_dir_modified+0x45c/0x570 [ 46.912790][ T982] ? do_invalid_op+0x6e/0x110 [ 46.917373][ T982] ? invalid_op+0x1e/0x30 [ 46.921569][ T982] ? ovl_dir_modified+0x1e6/0x570 [ 46.926389][ T982] ? ovl_dir_modified+0x45c/0x570 [ 46.931262][ T982] ? ovl_dir_modified+0x45c/0x570 [ 46.936115][ T982] ? ovl_dir_modified+0x45c/0x570 [ 46.940973][ T982] ? ovl_path_type+0x18e/0x2f0 [ 46.945582][ T982] ovl_do_remove+0x6f0/0xc80 [ 46.950012][ T982] ? ovl_set_redirect+0x5f0/0x5f0 [ 46.954871][ T982] ? security_inode_rmdir+0xca/0x110 [ 46.959982][ T982] vfs_rmdir+0x285/0x3c0 [ 46.964151][ T982] incfs_kill_sb+0x18d/0x200 [ 46.968578][ T982] deactivate_locked_super+0xa8/0x110 [ 46.973800][ T982] vfs_get_tree+0x1b9/0x260 [ 46.978129][ T982] do_new_mount+0x292/0x570 [ 46.982469][ T982] ? do_move_mount_old+0x160/0x160 [ 46.987542][ T982] ? security_capable+0x86/0xb0 [ 46.992235][ T982] do_mount+0x688/0xe10 [ 46.996409][ T982] ? copy_mount_string+0x30/0x30 [ 47.001173][ T982] ? copy_mount_options+0x29a/0x300 [ 47.006207][ T982] ksys_mount+0xc2/0xf0 [ 47.010202][ T982] __x64_sys_mount+0xb1/0xc0 [ 47.014629][ T982] do_syscall_64+0xca/0x1c0 [ 47.018967][ T982] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 47.024692][ T982] RIP: 0033:0x7f7730f5b0a9 [ 47.028945][ T982] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 47.048403][ T982] RSP: 002b:00007f77302d50c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 47.056725][ T982] RAX: ffffffffffffffda RBX: 00007f7731091f80 RCX: 00007f7730f5b0a9 [ 47.064541][ T982] RDX: 00000000200004c0 RSI: 0000000020000440 RDI: 00000000200003c0 [ 47.072355][ T982] RBP: 00007f7730fca074 R08: 0000000020000dc0 R09: 0000000000000000 [ 47.080175][ T982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 47.087969][ T982] R13: 000000000000000b R14: 00007f7731091f80 R15: 00007ffe85c9ece8 [ 47.095877][ T982] ---[ end trace 581e90e1941c50c6 ]--- [ 47.189548][ T985] EXT4-fs (loop3): Ignoring removed bh option [ 47.224016][ T985] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 47.265179][ T985] EXT4-fs (loop3): 1 truncate cleaned up [ 47.270645][ T985] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,resgid=0x000000000000ee00,bh,noload,max_dir_size_kb=0x0000000000000001,usrjquota=,,errors=continue [ 47.346192][ T23] kauditd_printk_skb: 2 callbacks suppressed [ 47.346205][ T23] audit: type=1400 audit(1718985852.600:201): avc: denied { write } for pid=984 comm="syz-executor.3" name="event2" dev="devtmpfs" ino=9418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 47.920103][ T1008] hub 6-0:1.0: USB hub found [ 47.925983][ T1008] hub 6-0:1.0: 1 port detected [ 48.264111][ T999] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 48.271656][ T999] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 48.303073][ T999] F2FS-fs (loop1): invalid crc value [ 48.336216][ T999] F2FS-fs (loop1): Found nat_bits in checkpoint [ 48.439807][ T999] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 48.450987][ T999] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 48.686022][ T512] attempt to access beyond end of device [ 48.686022][ T512] loop1: rw=2051, want=53248, limit=40427 [ 48.722598][ T512] attempt to access beyond end of device [ 48.722598][ T512] loop1: rw=2051, want=81920, limit=40427 [ 48.742604][ T512] F2FS-fs (loop1): Issue discard(6144, 6144, 512) failed, ret: -5 [ 48.742624][ T512] F2FS-fs (loop1): Issue discard(9728, 9728, 512) failed, ret: -5 [ 48.804946][ T1026] EXT4-fs (loop0): Ignoring removed bh option [ 48.843114][ T1026] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 48.869557][ T1026] EXT4-fs (loop0): 1 truncate cleaned up [ 48.875707][ T1026] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,resgid=0x000000000000ee00,bh,noload,max_dir_size_kb=0x0000000000000001,usrjquota=,,errors=continue [ 49.716414][ T1015] F2FS-fs (loop3): Found nat_bits in checkpoint [ 49.870286][ T1065] hub 6-0:1.0: USB hub found [ 49.876083][ T1065] hub 6-0:1.0: 1 port detected [ 50.024645][ T1063] EXT4-fs (loop1): Ignoring removed bh option [ 50.044783][ T1063] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 50.061261][ T1015] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 50.088966][ T1063] EXT4-fs (loop1): 1 truncate cleaned up [ 50.104135][ T1063] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,resgid=0x000000000000ee00,bh,noload,max_dir_size_kb=0x0000000000000001,usrjquota=,,errors=continue [ 51.228472][ T1110] hub 6-0:1.0: USB hub found [ 51.234459][ T1110] hub 6-0:1.0: 1 port detected [ 51.399829][ T1107] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 51.421567][ T1107] ext4 filesystem being mounted at /root/syzkaller-testdir522739920/syzkaller.ynbvsr/35/bus supports timestamps until 2038 (0x7fffffff) [ 52.129479][ T1139] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 52.148431][ T1139] ext4 filesystem being mounted at /root/syzkaller-testdir2281309593/syzkaller.XiFy7i/45/bus supports timestamps until 2038 (0x7fffffff) [ 52.385820][ T1137] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 52.412427][ T1137] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 52.424275][ T1137] F2FS-fs (loop3): invalid crc value [ 52.427141][ T23] audit: type=1400 audit(1718985857.680:202): avc: denied { remove_name } for pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=842 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 52.479853][ T1137] F2FS-fs (loop3): Found nat_bits in checkpoint [ 52.512659][ T23] audit: type=1400 audit(1718985857.680:203): avc: denied { rename } for pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=842 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 52.572473][ T23] audit: type=1400 audit(1718985857.680:204): avc: denied { create } for pid=144 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 52.624239][ T1137] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 52.632732][ T23] audit: type=1400 audit(1718985857.770:205): avc: denied { name_bind } for pid=1158 comm="syz-executor.1" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 52.654767][ T1137] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 52.754003][ T1150] F2FS-fs (loop0): Unrecognized mount option "000000000000000000000xffffffffffffffff" or missing value [ 52.896606][ T376] attempt to access beyond end of device [ 52.896606][ T376] loop3: rw=2051, want=53248, limit=40427 [ 52.942502][ T376] attempt to access beyond end of device [ 52.942502][ T376] loop3: rw=2051, want=81920, limit=40427 [ 52.971837][ T376] F2FS-fs (loop3): Issue discard(6144, 6144, 512) failed, ret: -5 [ 52.971857][ T376] F2FS-fs (loop3): Issue discard(9728, 9728, 512) failed, ret: -5 [ 53.142917][ T1172] hub 6-0:1.0: USB hub found [ 53.156483][ T1172] hub 6-0:1.0: 1 port detected [ 53.426473][ T1150] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro, [ 53.519873][ T1177] EXT4-fs error (device loop0): ext4_map_blocks:617: inode #2: block 16: comm syz-executor.0: lblock 0 mapped to illegal pblock 16 (length 1) [ 53.552684][ T1177] EXT4-fs (loop0): Remounting filesystem read-only [ 53.574887][ T1150] EXT4-fs error (device loop0): __ext4_get_inode_loc:4710: comm syz-executor.0: Invalid inode table block 17950205685819571681 in block_group 0 [ 53.602898][ T1150] EXT4-fs error (device loop0): __ext4_get_inode_loc:4710: comm syz-executor.0: Invalid inode table block 17950205685819571681 in block_group 0 [ 53.641427][ T374] EXT4-fs error (device loop0): ext4_map_blocks:617: inode #2: block 16: comm syz-executor.0: lblock 0 mapped to illegal pblock 16 (length 1) [ 53.715436][ T374] EXT4-fs warning (device loop0): htree_dirblock_to_tree:1048: inode #2: lblock 0: comm syz-executor.0: error -117 reading directory block [ 53.938522][ T1187] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 53.948091][ T374] syz-executor.0 (374) used greatest stack depth: 19576 bytes left [ 53.963948][ T1187] ext4 filesystem being mounted at /root/syzkaller-testdir2281309593/syzkaller.XiFy7i/52/bus supports timestamps until 2038 (0x7fffffff) [ 54.351529][ T1185] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 54.368567][ T1194] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.376270][ T1185] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 54.384902][ T1194] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.395320][ T1185] F2FS-fs (loop3): invalid crc value [ 54.401293][ T1194] device bridge_slave_0 entered promiscuous mode [ 54.413829][ T1194] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.431037][ T1194] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.443788][ T1185] F2FS-fs (loop3): Found nat_bits in checkpoint [ 54.451933][ T1194] device bridge_slave_1 entered promiscuous mode [ 54.513533][ T494] device bridge_slave_1 left promiscuous mode [ 54.519511][ T494] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.553341][ T494] device bridge_slave_0 left promiscuous mode [ 54.559334][ T494] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.592772][ T1185] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 54.599625][ T1185] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 54.643497][ T23] audit: type=1400 audit(1718985859.900:206): avc: denied { mounton } for pid=1184 comm="syz-executor.3" path="/root/syzkaller-testdir522739920/syzkaller.ynbvsr/46/bus/bus" dev="loop3" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 54.694522][ T376] attempt to access beyond end of device [ 54.694522][ T376] loop3: rw=524288, want=45072, limit=40427 [ 54.707680][ T23] audit: type=1400 audit(1718985859.930:207): avc: denied { setattr } for pid=1184 comm="syz-executor.3" name="work" dev="loop3" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 54.751287][ T376] attempt to access beyond end of device [ 54.751287][ T376] loop3: rw=0, want=45072, limit=40427 [ 54.875199][ T821] attempt to access beyond end of device [ 54.875199][ T821] loop3: rw=2049, want=40992, limit=40427 [ 54.987653][ T1211] F2FS-fs (loop1): Unrecognized mount option "000000000000000000000xffffffffffffffff" or missing value [ 55.014372][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.022136][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.067727][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.083921][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.092206][ T393] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.099071][ T393] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.107471][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.115809][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.124505][ T393] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.131328][ T393] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.148957][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.157912][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.167213][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.184230][ T1211] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro, [ 55.202826][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.213014][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.253996][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 55.262265][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 55.312569][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 55.323938][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 55.343528][ T1217] EXT4-fs error (device loop1): ext4_map_blocks:617: inode #2: block 16: comm syz-executor.1: lblock 0 mapped to illegal pblock 16 (length 1) [ 55.382280][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 55.390911][ T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 55.398839][ T1218] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 55.413910][ T1217] EXT4-fs (loop1): Remounting filesystem read-only [ 55.439464][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 55.448109][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 55.472850][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 55.481347][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 55.513903][ T1218] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 55.604154][ T512] EXT4-fs error (device loop1): ext4_map_blocks:617: inode #2: block 16: comm syz-executor.1: lblock 0 mapped to illegal pblock 16 (length 1) [ 55.640402][ T512] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1048: inode #2: lblock 0: comm syz-executor.1: error -117 reading directory block [ 55.678328][ T23] audit: type=1326 audit(1718985860.930:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1225 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3de7a050a9 code=0x7ffc0000 [ 55.742465][ T23] audit: type=1326 audit(1718985860.930:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1225 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3de7a050a9 code=0x7ffc0000 [ 55.796348][ T23] audit: type=1326 audit(1718985860.930:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1225 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3de7a050a9 code=0x7ffc0000 [ 55.845503][ T23] audit: type=1326 audit(1718985860.930:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1225 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3de7a050a9 code=0x7ffc0000 [ 55.952697][ T1223] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.978931][ T1223] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.993231][ T1223] device bridge_slave_0 entered promiscuous mode [ 56.023436][ T1223] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.030283][ T1223] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.063861][ T1223] device bridge_slave_1 entered promiscuous mode [ 56.215246][ T1226] F2FS-fs (loop0): invalid crc value [ 56.264136][ T1226] F2FS-fs (loop0): Found nat_bits in checkpoint [ 56.313238][ T1231] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.320165][ T1231] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.351092][ T1231] device bridge_slave_0 entered promiscuous mode [ 56.357974][ T1226] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 56.365974][ T494] device bridge_slave_1 left promiscuous mode [ 56.371933][ T494] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.484462][ T494] device bridge_slave_0 left promiscuous mode [ 56.490428][ T494] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.587255][ T1241] attempt to access beyond end of device [ 56.587255][ T1241] loop0: rw=2049, want=45104, limit=40427 [ 56.601584][ T1241] attempt to access beyond end of device [ 56.601584][ T1241] loop0: rw=2049, want=45104, limit=40427 [ 56.836783][ T1194] attempt to access beyond end of device [ 56.836783][ T1194] loop0: rw=2049, want=45112, limit=40427 [ 56.858853][ T1231] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.892427][ T1231] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.899936][ T1231] device bridge_slave_1 entered promiscuous mode [ 56.968366][ T1223] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.975245][ T1223] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.020016][ T363] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.193090][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.200504][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.222985][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.231275][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.252996][ T395] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.259842][ T395] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.324080][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.332303][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.352894][ T395] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.359735][ T395] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.394745][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.415687][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.433195][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.441217][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.486957][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.495278][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.537010][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.564295][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.576094][ T535] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.582959][ T535] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.610580][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.612717][ T23] kauditd_printk_skb: 59 callbacks suppressed [ 57.612731][ T23] audit: type=1400 audit(1718985862.870:271): avc: denied { create } for pid=1250 comm="syz-executor.0" dev="anon_inodefs" ino=17137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 57.631101][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.673259][ T23] audit: type=1400 audit(1718985862.910:272): avc: denied { ioctl } for pid=1250 comm="syz-executor.0" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=17137 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 57.758686][ T535] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.765566][ T535] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.790966][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 57.813110][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.861637][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.060945][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.083689][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.091555][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.113158][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.121109][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.142834][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.162684][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.170805][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.213526][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.221721][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.231169][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 58.239625][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.248228][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.256746][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.293255][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.301137][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.343369][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.351505][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.598685][ T1263] hub 6-0:1.0: USB hub found [ 58.604497][ T1263] hub 6-0:1.0: 1 port detected [ 58.713505][ T1258] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 58.761944][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.786290][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.799820][ T1258] ext4 filesystem being mounted at /root/syzkaller-testdir3016788759/syzkaller.iCDKIj/0/bus supports timestamps until 2038 (0x7fffffff) [ 58.841935][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 58.856923][ T23] audit: type=1400 audit(1718985864.110:273): avc: denied { getopt } for pid=1268 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 58.886671][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.921722][ T23] audit: type=1400 audit(1718985864.170:274): avc: denied { create } for pid=1268 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 58.963790][ T23] audit: type=1400 audit(1718985864.170:275): avc: denied { block_suspend } for pid=1268 comm="syz-executor.0" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 59.092825][ T494] device bridge_slave_1 left promiscuous mode [ 59.099275][ T494] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.132462][ T494] device bridge_slave_0 left promiscuous mode [ 59.150880][ T494] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.452173][ T1284] mmap: syz-executor.3 (1284) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 59.476267][ T1273] F2FS-fs (loop0): Unrecognized mount option "000000000000000000000xffffffffffffffff" or missing value [ 59.712518][ T5] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 59.952491][ T5] usb 2-1: Using ep0 maxpacket: 8 [ 59.959577][ T1273] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro, [ 60.075071][ T1288] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 60.082615][ T5] usb 2-1: config 135 has an invalid interface number: 230 but max is 0 [ 60.082629][ T5] usb 2-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 60.082641][ T5] usb 2-1: config 135 has no interface number 0 [ 60.082678][ T5] usb 2-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 60.100991][ T1294] EXT4-fs error (device loop0): ext4_map_blocks:617: inode #2: block 16: comm syz-executor.0: lblock 0 mapped to illegal pblock 16 (length 1) [ 60.135410][ T1288] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 60.162467][ T1288] F2FS-fs (loop3): invalid crc value [ 60.182502][ T1296] EXT4-fs error (device loop0): __ext4_get_inode_loc:4710: comm syz-executor.0: Invalid inode table block 17950205685819571681 in block_group 0 [ 60.205572][ T1288] F2FS-fs (loop3): Found nat_bits in checkpoint [ 60.228379][ T1296] EXT4-fs (loop0): Remounting filesystem read-only [ 60.228503][ T1294] EXT4-fs (loop0): Remounting filesystem read-only [ 60.282534][ T5] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 60.285448][ T1296] EXT4-fs error (device loop0): __ext4_get_inode_loc:4710: comm syz-executor.0: Invalid inode table block 17950205685819571681 in block_group 0 [ 60.291375][ T5] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.352747][ T1288] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 60.357054][ T5] usb 2-1: Product: syz [ 60.363688][ T1288] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 60.382179][ T5] usb 2-1: Manufacturer: syz [ 60.401145][ T5] usb 2-1: SerialNumber: syz [ 60.407754][ T1194] EXT4-fs error (device loop0): ext4_map_blocks:617: inode #2: block 16: comm syz-executor.0: lblock 0 mapped to illegal pblock 16 (length 1) [ 60.426807][ T1194] EXT4-fs warning (device loop0): htree_dirblock_to_tree:1048: inode #2: lblock 0: comm syz-executor.0: error -117 reading directory block [ 60.474293][ T1223] attempt to access beyond end of device [ 60.474293][ T1223] loop3: rw=524288, want=45072, limit=40427 [ 60.523654][ T1223] attempt to access beyond end of device [ 60.523654][ T1223] loop3: rw=0, want=45072, limit=40427 [ 60.614691][ T494] attempt to access beyond end of device [ 60.614691][ T494] loop3: rw=2049, want=40992, limit=40427 [ 60.680094][ T535] usb 2-1: USB disconnect, device number 2 [ 60.830588][ T1301] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.837575][ T1301] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.845438][ T1301] device bridge_slave_0 entered promiscuous mode [ 60.873857][ T1301] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.880878][ T1301] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.898923][ T1301] device bridge_slave_1 entered promiscuous mode [ 61.041931][ T23] audit: type=1400 audit(1718985866.290:276): avc: denied { write } for pid=1301 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 61.103599][ T23] audit: type=1400 audit(1718985866.320:277): avc: denied { read } for pid=1301 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 61.159817][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.173464][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.243265][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 61.256730][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 61.273428][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.280298][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.305130][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 61.323270][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 61.331386][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.338343][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.408171][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 61.438591][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 61.452821][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 61.470967][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 61.516944][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 61.535287][ T821] device bridge_slave_1 left promiscuous mode [ 61.541332][ T821] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.561446][ T821] device bridge_slave_0 left promiscuous mode [ 61.586556][ T821] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.643065][ T1313] hub 6-0:1.0: USB hub found [ 61.648917][ T1313] hub 6-0:1.0: 1 port detected [ 61.944043][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 61.965176][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 61.998086][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 62.008174][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 62.070787][ T1309] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.087807][ T1309] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.108689][ T1309] device bridge_slave_0 entered promiscuous mode [ 62.123524][ T1309] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.140508][ T1309] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.151291][ T1309] device bridge_slave_1 entered promiscuous mode [ 62.190835][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 62.202129][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 62.310824][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 62.342909][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 62.351592][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 62.362484][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 62.435164][ T1321] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 62.457792][ T1321] ext4 filesystem being mounted at /root/syzkaller-testdir2456233559/syzkaller.zAND57/0/bus supports timestamps until 2038 (0x7fffffff) [ 62.622036][ T1331] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 62.755374][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.029548][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.036986][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.045281][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.054720][ T107] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.061562][ T107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.069179][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.077881][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.086497][ T107] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.093454][ T107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.100931][ T1260] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.137127][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.155110][ T535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.209064][ T1260] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 63.218449][ T1260] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 63.243114][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 63.250981][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 63.295259][ T1260] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 63.303899][ T1260] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 63.323290][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 63.331496][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 63.340148][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 63.348832][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 63.515735][ T1339] F2FS-fs (loop1): Unrecognized mount option "000000000000000000000xffffffffffffffff" or missing value [ 63.577648][ T1350] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'. [ 63.606342][ T821] device bridge_slave_1 left promiscuous mode [ 63.622872][ T821] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.630276][ T821] device bridge_slave_0 left promiscuous mode [ 63.664598][ T821] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.859903][ T23] audit: type=1400 audit(1718985869.110:278): avc: denied { ioctl } for pid=1353 comm="syz-executor.0" path="socket:[17962]" dev="sockfs" ino=17962 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 63.964687][ T1358] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 64.032639][ T1358] ext4 filesystem being mounted at /root/syzkaller-testdir2211669548/syzkaller.X7t9u5/2/file0 supports timestamps until 2038 (0x7fffffff) [ 64.310027][ T1369] hub 6-0:1.0: USB hub found [ 64.315765][ T1369] hub 6-0:1.0: 1 port detected [ 64.549708][ T1339] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro, [ 64.669599][ T1339] EXT4-fs error (device loop1): ext4_map_blocks:617: inode #2: block 16: comm syz-executor.1: lblock 0 mapped to illegal pblock 16 (length 1) [ 64.702740][ T1339] EXT4-fs (loop1): Remounting filesystem read-only [ 64.720679][ T1372] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 64.770759][ T1372] EXT4-fs error (device loop1): __ext4_get_inode_loc:4710: comm syz-executor.1: Invalid inode table block 17950205685819571681 in block_group 0 [ 64.859813][ T1231] EXT4-fs error (device loop1): ext4_map_blocks:617: inode #2: block 16: comm syz-executor.1: lblock 0 mapped to illegal pblock 16 (length 1) [ 64.919752][ T1231] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1048: inode #2: lblock 0: comm syz-executor.1: error -117 reading directory block [ 65.149267][ T1379] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 65.163623][ T1379] ext4 filesystem being mounted at /root/syzkaller-testdir2211669548/syzkaller.X7t9u5/5/bus supports timestamps until 2038 (0x7fffffff) [ 65.662641][ T1395] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.669529][ T1395] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.753020][ T1394] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.768545][ T1394] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.783808][ T1394] device bridge_slave_0 entered promiscuous mode [ 65.801593][ T1394] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.816212][ T1394] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.830275][ T1394] device bridge_slave_1 entered promiscuous mode [ 66.054724][ T821] device bridge_slave_1 left promiscuous mode [ 66.061832][ T821] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.078774][ T821] device bridge_slave_0 left promiscuous mode [ 66.124444][ T821] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.294205][ T1407] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'. [ 66.327354][ T1394] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.334331][ T1394] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.341431][ T1394] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.348204][ T1394] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.362752][ T24] cfg80211: failed to load regulatory.db [ 66.437204][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 66.445408][ T24] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.462760][ T24] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.493605][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 66.526874][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.533749][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.545625][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 66.555266][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.562095][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.701619][ T1416] hub 6-0:1.0: USB hub found [ 66.708449][ T1416] hub 6-0:1.0: 1 port detected [ 66.879340][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 67.111282][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.144767][ T1419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 67.153154][ T1419] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.185077][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 67.202841][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 67.229031][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 67.241163][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 67.346458][ T1427] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526 [ 67.347638][ T23] audit: type=1400 audit(1718985872.600:279): avc: denied { ioctl } for pid=1426 comm="syz-executor.0" path="socket:[18220]" dev="sockfs" ino=18220 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 67.380934][ T23] audit: type=1400 audit(1718985872.600:280): avc: denied { write } for pid=1426 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 67.413521][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 67.421578][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 67.429959][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 67.440259][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 67.483582][ T1429] syz-executor.0[1429] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 67.483642][ T1429] syz-executor.0[1429] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 67.590527][ T1419] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 67.606270][ T23] audit: type=1400 audit(1718985872.840:281): avc: denied { create } for pid=1428 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 67.610762][ T1419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 67.678705][ T1421] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.689869][ T23] audit: type=1400 audit(1718985872.840:282): avc: denied { write } for pid=1428 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 67.715003][ T1421] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.729296][ T1421] device bridge_slave_0 entered promiscuous mode [ 67.823105][ T1421] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.861052][ T1421] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.920916][ T1421] device bridge_slave_1 entered promiscuous mode [ 67.928427][ T1438] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 67.976594][ T23] audit: type=1326 audit(1718985873.230:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 68.004179][ T23] audit: type=1326 audit(1718985873.230:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 68.028957][ T1447] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'. [ 68.038916][ T23] audit: type=1326 audit(1718985873.260:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 68.128876][ T23] audit: type=1326 audit(1718985873.260:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 68.192146][ T1421] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.199005][ T1421] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.199357][ T23] audit: type=1326 audit(1718985873.260:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 68.206180][ T1421] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.206189][ T1421] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.299997][ T393] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.310480][ T393] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.327919][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 68.365335][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 68.461801][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 68.476785][ T563] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.483661][ T563] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.534508][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 68.553129][ T393] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.559992][ T393] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.579602][ T1449] F2FS-fs (loop0): invalid crc value [ 68.605379][ T1449] F2FS-fs (loop0): Found nat_bits in checkpoint [ 68.633659][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 68.641956][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 68.679639][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 68.693259][ T563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 68.731648][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 68.742055][ T393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 68.750692][ T1449] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 68.751685][ T821] device bridge_slave_1 left promiscuous mode [ 68.782610][ T821] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.798054][ T821] device bridge_slave_0 left promiscuous mode [ 68.804612][ T821] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.911052][ T23] kauditd_printk_skb: 57 callbacks suppressed [ 68.911073][ T23] audit: type=1326 audit(1718985874.160:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 68.941505][ T23] audit: type=1326 audit(1718985874.160:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 68.944223][ T13] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 68.991530][ T23] audit: type=1326 audit(1718985874.180:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 69.017686][ T23] audit: type=1326 audit(1718985874.180:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 69.045538][ T1466] attempt to access beyond end of device [ 69.045538][ T1466] loop0: rw=2049, want=45104, limit=40427 [ 69.065521][ T1466] attempt to access beyond end of device [ 69.065521][ T1466] loop0: rw=2049, want=45104, limit=40427 [ 69.130967][ T23] audit: type=1326 audit(1718985874.180:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 69.180824][ T23] audit: type=1326 audit(1718985874.190:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 69.217370][ T23] audit: type=1326 audit(1718985874.470:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 69.280649][ T23] audit: type=1326 audit(1718985874.470:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1448 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9146950a9 code=0x7ffc0000 [ 69.307935][ T1301] attempt to access beyond end of device [ 69.307935][ T1301] loop0: rw=2049, want=45112, limit=40427 [ 69.314872][ T1468] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526 [ 69.450040][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 69.459598][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 69.467737][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 69.491235][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 69.513079][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 69.521334][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 69.552830][ T13] usb 4-1: config index 0 descriptor too short (expected 55488, got 36) [ 69.564400][ T13] usb 4-1: config 0 has an invalid descriptor of length 216, skipping remainder of the config [ 69.578199][ T13] usb 4-1: config 0 has no interfaces? [ 69.584153][ T13] usb 4-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00 [ 69.595288][ T13] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.628807][ T13] usb 4-1: config 0 descriptor?? [ 69.743701][ T1482] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 69.772739][ T1482] ext4 filesystem being mounted at /root/syzkaller-testdir895504314/syzkaller.MG07fM/0/bus supports timestamps until 2038 (0x7fffffff) [ 69.965780][ T1260] usb 4-1: USB disconnect, device number 2 [ 70.233929][ T1497] hub 6-0:1.0: USB hub found [ 70.237219][ T1497] hub 6-0:1.0: 1 port detected [ 71.098497][ T1507] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 71.124952][ T1507] ext4 filesystem being mounted at /root/syzkaller-testdir895504314/syzkaller.MG07fM/1/file0 supports timestamps until 2038 (0x7fffffff) [ 71.304188][ T1516] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.311042][ T1516] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.321058][ T1516] device bridge_slave_0 entered promiscuous mode [ 71.343221][ T1516] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.362417][ T1516] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.370238][ T1516] device bridge_slave_1 entered promiscuous mode [ 71.491566][ T1516] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.498602][ T1516] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.505757][ T1516] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.512615][ T1516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.561111][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 71.569133][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.591952][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.628204][ T1260] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.655091][ T1260] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.661975][ T1260] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.672283][ T1260] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 71.680584][ T1260] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.687468][ T1260] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.698879][ T179] device bridge_slave_1 left promiscuous mode [ 71.705701][ T179] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.713430][ T179] device bridge_slave_0 left promiscuous mode [ 71.719469][ T179] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.880424][ T1544] hub 6-0:1.0: USB hub found [ 71.892647][ T1544] hub 6-0:1.0: 1 port detected [ 72.970819][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 72.999282][ T1574] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 73.010892][ T1574] ext4 filesystem being mounted at /root/syzkaller-testdir895504314/syzkaller.MG07fM/6/file0 supports timestamps until 2038 (0x7fffffff) [ 73.037734][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 73.049229][ T433] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 73.082751][ T1260] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 73.091044][ T1260] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 73.100262][ T1260] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 73.108298][ T1260] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 73.222643][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 73.230997][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 73.239637][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 73.278575][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 73.330933][ T1588] hub 6-0:1.0: USB hub found [ 73.336325][ T1588] hub 6-0:1.0: 1 port detected [ 73.806391][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 74.032161][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 74.188902][ T1595] xt_l2tp: v2 sid > 0xffff: 536870912 [ 74.385832][ T1609] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 74.398771][ T1609] ext4 filesystem being mounted at /root/syzkaller-testdir2456233559/syzkaller.zAND57/24/file0 supports timestamps until 2038 (0x7fffffff) [ 74.439321][ T1609] EXT4-fs error (device loop0) in ext4_do_update_inode:5534: error 27 [ 74.455726][ T1609] EXT4-fs error (device loop0) in ext4_do_update_inode:5534: error 27 [ 74.470738][ T23] audit: type=1400 audit(1718985879.720:353): avc: denied { map } for pid=1608 comm="syz-executor.0" path="/root/syzkaller-testdir2456233559/syzkaller.zAND57/24/file0/bus" dev="devtmpfs" ino=9212 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 74.503637][ T1609] ------------[ cut here ]------------ [ 74.509010][ T1609] kernel BUG at fs/ext4/ext4.h:2984! [ 74.527558][ T1609] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 74.533468][ T1609] CPU: 0 PID: 1609 Comm: syz-executor.0 Tainted: G W 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 74.544820][ T1609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 74.554738][ T1609] RIP: 0010:ext4_mb_find_by_goal+0xba1/0xbe0 [ 74.560533][ T1609] Code: fc ff ff 48 8b 4c 24 28 80 e1 07 80 c1 03 38 c1 0f 8c 22 fc ff ff 48 8b 7c 24 28 e8 99 74 c8 ff e9 13 fc ff ff e8 8f 8f 98 ff <0f> 0b e8 d8 44 6f ff e8 83 8f 98 ff 0f 0b e8 7c 8f 98 ff 0f 0b e8 [ 74.579971][ T1609] RSP: 0018:ffff8881e8be68e0 EFLAGS: 00010283 [ 74.585959][ T1609] RAX: ffffffff81cbac91 RBX: 0000000000000001 RCX: 0000000000040000 [ 74.593771][ T1609] RDX: ffffc90001f4d000 RSI: 00000000000004f3 RDI: 00000000000004f4 [ 74.601805][ T1609] RBP: ffff8881e8be69f0 R08: ffffffff81cba211 R09: ffffed103dbc067d [ 74.609605][ T1609] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 74.617401][ T1609] R13: ffff8881d6ed23f0 R14: 0000000000000001 R15: 1ffff1103adda47e [ 74.625305][ T1609] FS: 00007fa913a0f6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 74.634073][ T1609] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.640497][ T1609] CR2: 00007ffefacba588 CR3: 00000001f1ff3000 CR4: 00000000003406b0 [ 74.648310][ T1609] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.656233][ T1609] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.664110][ T1609] Call Trace: [ 74.667244][ T1609] ? __die+0xb4/0x100 [ 74.671059][ T1609] ? die+0x26/0x50 [ 74.674618][ T1609] ? do_trap+0x1e7/0x340 [ 74.678783][ T1609] ? ext4_mb_find_by_goal+0xba1/0xbe0 [ 74.683995][ T1609] ? ext4_mb_find_by_goal+0xba1/0xbe0 [ 74.689284][ T1609] ? do_invalid_op+0xfb/0x110 [ 74.693802][ T1609] ? ext4_mb_find_by_goal+0xba1/0xbe0 [ 74.699103][ T1609] ? invalid_op+0x1e/0x30 [ 74.703264][ T1609] ? ext4_mb_find_by_goal+0x121/0xbe0 [ 74.708645][ T1609] ? ext4_mb_find_by_goal+0xba1/0xbe0 [ 74.713853][ T1609] ? ext4_mb_find_by_goal+0xba1/0xbe0 [ 74.719061][ T1609] ? kmem_cache_alloc+0xd9/0x250 [ 74.723837][ T1609] ? ext4_mb_new_blocks+0x29f/0x2d10 [ 74.728953][ T1609] ? _ext4_get_block+0x21b/0x610 [ 74.733740][ T1609] ? ext4_mb_use_inode_pa+0x4b0/0x4b0 [ 74.738933][ T1609] ? ext4_file_write_iter+0x499/0x10e0 [ 74.744358][ T1609] ? __vfs_write+0x5d3/0x750 [ 74.748954][ T1609] ? vfs_write+0x206/0x4e0 [ 74.753209][ T1609] ? ksys_write+0x199/0x2c0 [ 74.757550][ T1609] ? do_syscall_64+0xca/0x1c0 [ 74.762069][ T1609] ext4_mb_regular_allocator+0x229/0x10d0 [ 74.767627][ T1609] ? ext4_mb_initialize_context+0x7bf/0xb80 [ 74.773434][ T1609] ? ext4_mb_normalize_request+0x27a/0x1250 [ 74.779161][ T1609] ? ext4_mb_normalize_request+0x1250/0x1250 [ 74.784986][ T1609] ext4_mb_new_blocks+0x59a/0x2d10 [ 74.789928][ T1609] ? memset+0x1f/0x40 [ 74.793817][ T1609] ? ext4_ext_check_overlap+0x180/0x5b0 [ 74.799126][ T1609] ? ext4_inode_to_goal_block+0x265/0x360 [ 74.804678][ T1609] ext4_ext_map_blocks+0x1e70/0x7450 [ 74.809810][ T1609] ? __unwind_start+0x708/0x890 [ 74.814489][ T1609] ? ext4_ext_release+0x10/0x10 [ 74.819605][ T1609] ? is_bpf_text_address+0x24c/0x260 [ 74.824728][ T1609] ? check_preemption_disabled+0x9f/0x320 [ 74.830286][ T1609] ? unwind_get_return_address+0x49/0x80 [ 74.835751][ T1609] ? debug_smp_processor_id+0x20/0x20 [ 74.841057][ T1609] ? arch_stack_walk+0xf5/0x140 [ 74.845738][ T1609] ? _raw_read_unlock+0x21/0x40 [ 74.850422][ T1609] ? ext4_es_lookup_extent+0x559/0x9d0 [ 74.855715][ T1609] ext4_map_blocks+0xa2f/0x1ba0 [ 74.860401][ T1609] ? ext4_issue_zeroout+0x150/0x150 [ 74.865438][ T1609] ? ext4_write_begin+0x419/0x1900 [ 74.870395][ T1609] ? vfs_write+0x206/0x4e0 [ 74.874641][ T1609] ? ksys_write+0x199/0x2c0 [ 74.879100][ T1609] ? do_syscall_64+0xca/0x1c0 [ 74.883586][ T1609] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 74.889483][ T1609] _ext4_get_block+0x21b/0x610 [ 74.894080][ T1609] ? ext4_get_block+0x40/0x40 [ 74.898681][ T1609] ? check_preemption_disabled+0x9f/0x320 [ 74.904233][ T1609] ? debug_smp_processor_id+0x20/0x20 [ 74.909441][ T1609] ext4_block_write_begin+0x68a/0x1390 [ 74.914741][ T1609] ? _raw_spin_trylock_bh+0x190/0x190 [ 74.919950][ T1609] ? ext4_es_is_delayed+0x40/0x40 [ 74.924819][ T1609] ? trace_android_fs_datawrite_start+0x200/0x200 [ 74.931278][ T1609] ? ext4_should_dioread_nolock+0x94/0x500 [ 74.936917][ T1609] ext4_write_begin+0x5ba/0x1900 [ 74.941714][ T1609] ? __generic_file_write_iter+0x159/0x530 [ 74.947333][ T1609] ? ext4_readpages+0x110/0x110 [ 74.952110][ T1609] ? kmem_cache_free+0x10b/0x2c0 [ 74.956872][ T1609] ext4_da_write_begin+0x4a3/0xfe0 [ 74.961847][ T1609] ? down_write_trylock+0x130/0x130 [ 74.966947][ T1609] ? ext4_set_page_dirty+0x190/0x190 [ 74.972059][ T1609] ? ext4_initxattrs+0x110/0x110 [ 74.976835][ T1609] ? __vfs_getxattr+0x600/0x6d0 [ 74.981528][ T1609] ? iov_iter_fault_in_readable+0x313/0x4c0 [ 74.987250][ T1609] ? asan.module_dtor+0x20/0x20 [ 74.991937][ T1609] ? ktime_get_coarse_real_ts64+0xcc/0xe0 [ 74.997503][ T1609] generic_perform_write+0x2c7/0x560 [ 75.002620][ T1609] ? grab_cache_page_write_begin+0x90/0x90 [ 75.008340][ T1609] ? file_remove_privs+0x640/0x640 [ 75.013367][ T1609] ? down_write_trylock+0xd7/0x130 [ 75.018319][ T1609] __generic_file_write_iter+0x224/0x530 [ 75.023795][ T1609] ext4_file_write_iter+0x499/0x10e0 [ 75.028917][ T1609] ? ext4_file_read_iter+0x140/0x140 [ 75.034036][ T1609] ? iov_iter_init+0x82/0x160 [ 75.038645][ T1609] __vfs_write+0x5d3/0x750 [ 75.042879][ T1609] ? __kernel_write+0x350/0x350 [ 75.047564][ T1609] ? check_preemption_disabled+0x9f/0x320 [ 75.053121][ T1609] ? debug_smp_processor_id+0x20/0x20 [ 75.058481][ T1609] ? selinux_file_permission+0x2be/0x530 [ 75.063937][ T1609] vfs_write+0x206/0x4e0 [ 75.068009][ T1609] ksys_write+0x199/0x2c0 [ 75.072171][ T1609] ? __ia32_sys_read+0x80/0x80 [ 75.076765][ T1609] ? __fdget+0x189/0x200 [ 75.080850][ T1609] do_syscall_64+0xca/0x1c0 [ 75.085186][ T1609] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 75.090915][ T1609] RIP: 0033:0x7fa9146950a9 [ 75.095165][ T1609] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 75.114691][ T1609] RSP: 002b:00007fa913a0f0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 75.123046][ T1609] RAX: ffffffffffffffda RBX: 00007fa9147cbf80 RCX: 00007fa9146950a9 [ 75.130862][ T1609] RDX: 000000000208e24b RSI: 0000000020000000 RDI: 0000000000000006 2024/06/21 16:04:40 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 75.136239][ T1631] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 75.138661][ T1609] RBP: 00007fa914704074 R08: 0000000000000000 R09: 0000000000000000 [ 75.138667][ T1609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.138682][ T1609] R13: 000000000000000b R14: 00007fa9147cbf80 R15: 00007ffda32000b8 [ 75.171405][ T1609] Modules linked in: [ 75.215867][ T1609] ---[ end trace 581e90e1941c50c7 ]--- [ 75.239994][ T1609] RIP: 0010:ext4_mb_find_by_goal+0xba1/0xbe0 [ 75.247009][ T1609] Code: fc ff ff 48 8b 4c 24 28 80 e1 07 80 c1 03 38 c1 0f 8c 22 fc ff ff 48 8b 7c 24 28 e8 99 74 c8 ff e9 13 fc ff ff e8 8f 8f 98 ff <0f> 0b e8 d8 44 6f ff e8 83 8f 98 ff 0f 0b e8 7c 8f 98 ff 0f 0b e8 [ 75.323740][ T1609] RSP: 0018:ffff8881e8be68e0 EFLAGS: 00010283 [ 75.329858][ T1609] RAX: ffffffff81cbac91 RBX: 0000000000000001 RCX: 0000000000040000 [ 75.338701][ T1609] RDX: ffffc90001f4d000 RSI: 00000000000004f3 RDI: 00000000000004f4 [ 75.346862][ T1609] RBP: ffff8881e8be69f0 R08: ffffffff81cba211 R09: ffffed103dbc067d [ 75.371458][ T1609] R10: 0