last executing test programs: 2.029500894s ago: executing program 1 (id=3167): r0 = creat(&(0x7f0000000340)='./file0\x00', 0x0) close(r0) perf_event_open(&(0x7f0000000380)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x4, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 1.135838926s ago: executing program 1 (id=3204): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x10042, &(0x7f00000003c0)) 1.085746501s ago: executing program 1 (id=3208): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x8, &(0x7f0000000180)=ANY=[], 0x1, 0x284, &(0x7f0000000680)="$eJzs3D1re1UYAPAn/+TfpgVJB6EogldcnEJbcXBrkRbEgKIEURwsNkXJrYUGCsnQl0W/hOI30NFVcBAXB7+ACFIFF7uJCJHmzTS9TWIhDdjfb7mHc5/nPOe+JDeB5Lz/zEF977Cxf3l5EcViLgq52Iy/IlbiUeQDAPg/+rPdjj/aXfOeCwBwPzz/AeDhyX7+F0bD3uhuTu9zagDAjPj+DwAPz1vvvPvaVqWy/WaSFCMOPj2uHlc726VewH58FGnUYi1K8XdEe6Db3nm1sr2WXPl1JaoHp7380+Nq99eDW/389SjFSlZ+bns96bqe/ziWe/k/LUctNqIUT2bX38jMX4gXnh+qX45S/PhBHEYae3GV+2/+yXqSvPJ6JYlCDOUvduI6ljJPnc9LAAAAAAAAAAAAAAAAAAAAAADcWTkZyFy/p1y+bX83f+v29YGK19cHGl2fpxBP31hmGAAAAAAAAAAAAAAAAAAAAB6mRrNV303T2tG4xsfff/ltxPiY5sUPZ29PGKfZqud6dScXnXXjied++ez2mPPc5POTm1Ai3xvjP07sm2dHet7LZ4/zaLgndzZFiWLv7E+eRn7CVL+7+PCpFxurL93c1a/R6Rk0RtIXZ3BNH4+7tX4vRWRmnd+hVnJ1MQY9X831Nu4f9dDrKzt49fPN3a9Pfv5t2pHv5e0HAAAAAAAAAAAAAAAAAAAY0vkb+VQ+eXnWcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAeWk0W/XdNK0tRLP1RaRp7ajfM7axM0XMoDHvYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH8CAAD//3GKiBo=") mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240), 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffff7) syz_read_part_table(0x5c4, &(0x7f0000000940)="$eJzs2zGrI1UUB/D/TDKTRFyijaUbsLFyC+vlrcrusmCxCNZ+BdlOEDJB0UatbCyshW22EKwEu0XwGwiPZ2cpYqEWemUmk7zk2RlEF36/4r17z5xzz0wyKU94ol3/4ptSMumXm8votK6r3Xr5R7J565Vkthr2zRjvE958ePvOvdX9qk0ZY1XyU5fUSdZjYps8vz84q3H19TQfP7z74SefvtumS3exfir5POmSMhtTylCbz9q/3fVv1XAW/7kXr3wN1f5Pr8szmQ+rG8n2Levfim6omaT94OT+j24+3pz1i7Jtumgvuye5dZxdZ/3C9gVu8vMmTb3aXxof42y46ytmSSmlOThm9ytoDrq9/O0P60zGK5OD2t75Inn7/I2XqoMzsvqnTw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL+ljMbNs/OkSqb97stXH3T9/3qX+1o73S5+7yuaseg0j24+Xr73/oM675RqG5n/kmSSG3efLrPZPm/snGa3q/9M8tzi1P5lbHF2HF71n0K+v15PUsryMt4MN/lV0uX1fS0AAAAAAAAAAAAAAAAAAACc6vade6v7dTKOsu9n/UvmSXU04D5J+bWUciulPTpikeS7i2Fg/sfspvi32mR5Lcnso7YeL3RJKdfmMTv/v/BXAAAA//8cYlts") 1.028424206s ago: executing program 0 (id=3211): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000400121001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000083850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) 787.935078ms ago: executing program 1 (id=3220): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x8, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 787.522908ms ago: executing program 1 (id=3221): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001800090000000000000000001c14"], 0x24}}, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r1, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) 738.461313ms ago: executing program 1 (id=3225): r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) close(r0) socket$inet_smc(0x2b, 0x1, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000006c0), 0x8) mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 636.945492ms ago: executing program 3 (id=3230): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000900)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@bh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@nogrpid}, {@nombcache}, {@inlinecrypt}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") unshare(0x22020400) unshare(0x2c060000) fchdir(r0) 605.596115ms ago: executing program 4 (id=3233): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001940)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c) 577.878128ms ago: executing program 4 (id=3235): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@nouid32}, {@jqfmt_vfsold}, {@norecovery}, {@block_validity}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x8004587d, &(0x7f0000000140)={0x1, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) readlink(&(0x7f00000000c0)='./file2\x00', &(0x7f0000000880)=""/202, 0xca) inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0xe5) 560.553109ms ago: executing program 3 (id=3237): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r0, &(0x7f0000000200)="03", 0x1, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) sendto$inet6(r0, &(0x7f0000000100)="a7", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x90) 397.428894ms ago: executing program 4 (id=3239): pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = epoll_create(0x6) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)) close_range(r0, 0xffffffffffffffff, 0x0) 396.368844ms ago: executing program 3 (id=3240): unshare(0x68040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000080)={'mangle\x00', 0x4, "d1a2d6e7"}, &(0x7f0000000180)=0x2c) 328.31415ms ago: executing program 4 (id=3242): syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x60, 0x0, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99eb, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30}}}, 0xb8}}, 0x0) 309.551952ms ago: executing program 4 (id=3243): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000015c0)={&(0x7f0000000140)='netlink_extack\x00', r0}, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x87}}]}, 0x4c}}, 0x0) 290.806884ms ago: executing program 4 (id=3244): r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x72f8, 0x13580, 0xfffffffc}, &(0x7f0000000040), &(0x7f00000001c0)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) syz_emit_ethernet(0x0, 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)) 244.759478ms ago: executing program 2 (id=3245): syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd, 0x0, 0x0, 0x79cd, 0x0, 0x0, {0x2}}) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) set_mempolicy(0x3, &(0x7f0000000040)=0x3, 0x3) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5393, &(0x7f0000000000)) 194.101863ms ago: executing program 2 (id=3246): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)={0x40, r2, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r3}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x40) 193.580423ms ago: executing program 0 (id=3247): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x2, {{0x43, 0x4}, 0x2}}, 0x10, 0x0}, 0x0) 186.393273ms ago: executing program 2 (id=3248): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000340)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x80000000, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x1c000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0xffffff1a, 0x2, 0x0, 0x0, 0xffffffff, 0x6, 0x0, 0x0, 0x0, 0x1]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xbb9c, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x1, 0x2, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x1, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0x2}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x810) 171.196825ms ago: executing program 3 (id=3250): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000880)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c") 114.92489ms ago: executing program 0 (id=3251): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x9) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r1 = syz_open_procfs(0x0, &(0x7f0000000340)='net/udplite6\x00') lseek(r1, 0x1, 0x0) 111.6341ms ago: executing program 2 (id=3252): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1000020, &(0x7f0000000380)={[{@mpol={'mpol', 0x3d, {'interleave', '=relative', @void}}}]}) 90.499542ms ago: executing program 0 (id=3253): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a32000000000900020073797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000180fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b806151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe080003400000800108000180fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2afd0fc8ef6982054cffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb648b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd080003400000000408000340fffffff908000180fffffffb0800034000000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf40e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc55275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c8e5956cf7efc9828438d340aa4bfe771769c6ddb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78f283bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30"], 0xb98}}, 0x0) 87.691203ms ago: executing program 2 (id=3254): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001800)={&(0x7f0000000580)='kfree\x00', r1}, 0x9) r2 = creat(&(0x7f0000001080)='./file0\x00', 0x0) fsetxattr(r2, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f00000001c0)=':yz1', 0x1001, 0x0) 62.739315ms ago: executing program 0 (id=3255): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa000000000000000000000000000000000400"], 0xa8}}, 0x0) 29.266948ms ago: executing program 0 (id=3256): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 18.846439ms ago: executing program 3 (id=3257): r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = inotify_init() open(&(0x7f0000000100)='.\x00', 0x0, 0x0) dup3(r1, r0, 0x0) 14.149569ms ago: executing program 2 (id=3258): unshare(0x68060200) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) syz_clone3(&(0x7f00000008c0)={0x14840000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 0s ago: executing program 3 (id=3259): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x0) kernel console output (not intermixed with test programs): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 84.175266][ T7552] loop2: detected capacity change from 0 to 128 [ 84.184431][ T7552] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.215321][ T7555] loop0: detected capacity change from 0 to 128 [ 84.223533][ T7555] FAT-fs (loop0): bogus number of FAT sectors [ 84.230079][ T7555] FAT-fs (loop0): Can't find a valid FAT filesystem [ 84.293183][ T7565] loop0: detected capacity change from 0 to 512 [ 84.313285][ T7565] ext4 filesystem being mounted at /250/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 84.359614][ T7577] loop2: detected capacity change from 0 to 2048 [ 84.367497][ T7577] EXT4-fs: Ignoring removed nobh option [ 84.376951][ T7575] loop3: detected capacity change from 0 to 512 [ 84.393966][ T7575] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c11c, mo2=0002] [ 84.402640][ T7577] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.410626][ T7575] System zones: 0-2, 18-18, 34-34 [ 84.429241][ T7575] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1736: bg 0: block 248: padding at end of block bitmap is not set [ 84.442957][ T7586] Process accounting resumed [ 84.468556][ T7575] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.1736: Failed to acquire dquot type 1 [ 84.486050][ T7575] EXT4-fs (loop3): 1 truncate cleaned up [ 84.493147][ T7575] ext4 filesystem being mounted at /385/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.506045][ T7597] netlink: 'syz.0.1744': attribute type 2 has an invalid length. [ 84.557270][ T7602] loop0: detected capacity change from 0 to 1024 [ 84.580789][ T7606] netlink: 'syz.2.1747': attribute type 6 has an invalid length. [ 84.635095][ T7612] loop4: detected capacity change from 0 to 2048 [ 84.652312][ T7620] syz.2.1755[7620] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.652411][ T7620] syz.2.1755[7620] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.668339][ T7620] syz.2.1755[7620] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.687045][ T7620] loop2: detected capacity change from 0 to 512 [ 84.713765][ T7620] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.745777][ T7612] Alternate GPT is invalid, using primary GPT. [ 84.752288][ T7612] loop4: p2 p3 p7 [ 84.762144][ T7632] tun0: tun_chr_ioctl cmd 1074025678 [ 84.767597][ T7632] tun0: group set to 0 [ 84.837417][ T7645] loop3: detected capacity change from 0 to 512 [ 84.878274][ T7645] ext4 filesystem being mounted at /394/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.898416][ T7659] loop1: detected capacity change from 0 to 2048 [ 84.912204][ T7657] loop0: detected capacity change from 0 to 512 [ 85.103250][ T7690] lo speed is unknown, defaulting to 1000 [ 85.319581][ T7724] SELinux: failed to load policy [ 85.351449][ T7729] loop2: detected capacity change from 0 to 1024 [ 85.365939][ T7731] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 85.380418][ T7735] loop4: detected capacity change from 0 to 512 [ 85.391175][ T7735] EXT4-fs: Ignoring removed bh option [ 85.404152][ T7741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 85.413889][ T7741] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 85.423484][ T7735] EXT4-fs error (device loop4): __ext4_iget:4952: inode #15: block 1803188595: comm syz.4.1807: invalid block [ 85.436366][ T7735] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1807: couldn't read orphan inode 15 (err -117) [ 85.524448][ T8] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4 [ 85.527464][ T7756] rdma_rxe: rxe_newlink: failed to add team0 [ 85.532412][ T8] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2 [ 85.532947][ T8] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x3 [ 85.533498][ T8] hid-generic 0000:3000000:0000.0002: hidraw0: HID v0.00 Device [sy] on syz0 [ 85.576180][ T7764] lo speed is unknown, defaulting to 1000 [ 85.708729][ T7775] 9pnet: Could not find request transport: f [ 85.751422][ T7782] netlink: 'syz.0.1828': attribute type 9 has an invalid length. [ 85.759581][ T7782] __nla_validate_parse: 6 callbacks suppressed [ 85.759600][ T7782] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1828'. [ 85.959954][ T7801] loop1: detected capacity change from 0 to 128 [ 85.979863][ T7801] ext4 filesystem being mounted at /84/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 86.085485][ T7809] netlink: 'syz.1.1838': attribute type 2 has an invalid length. [ 86.135055][ T7811] loop2: detected capacity change from 0 to 1024 [ 86.146662][ T7811] EXT4-fs: Ignoring removed nobh option [ 86.330998][ T7832] loop2: detected capacity change from 0 to 2048 [ 86.352417][ T7832] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 86.371470][ T7832] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 13 with max blocks 1 with error 28 [ 86.384518][ T7832] EXT4-fs (loop2): This should not happen!! Data will be lost [ 86.384518][ T7832] [ 86.395513][ T7832] EXT4-fs (loop2): Total free blocks count 0 [ 86.402569][ T7832] EXT4-fs (loop2): Free/Dirty block details [ 86.408604][ T7832] EXT4-fs (loop2): free_blocks=66060288 [ 86.414467][ T7832] EXT4-fs (loop2): dirty_blocks=16 [ 86.420357][ T7832] EXT4-fs (loop2): Block reservation details [ 86.427011][ T7832] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 86.449136][ T170] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 86.463632][ T170] EXT4-fs (loop2): This should not happen!! Data will be lost [ 86.463632][ T170] [ 86.580295][ T7858] loop2: detected capacity change from 0 to 512 [ 86.609781][ T7858] ext4 filesystem being mounted at /141/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 86.720299][ T7880] loop2: detected capacity change from 0 to 1024 [ 86.728048][ T7880] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869) [ 86.738268][ T7880] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 86.751955][ T7880] EXT4-fs (loop2): invalid journal inode [ 86.757876][ T7880] EXT4-fs (loop2): can't get journal size [ 86.772401][ T7880] EXT4-fs error (device loop2): ext4_protect_reserved_inode:182: inode #2: comm syz.2.1870: blocks 48-48 from inode overlap system zone [ 86.793064][ T7880] EXT4-fs (loop2): failed to initialize system zone (-117) [ 86.803782][ T7880] EXT4-fs (loop2): mount failed [ 86.908665][ T7897] loop2: detected capacity change from 0 to 8192 [ 86.918098][ T7897] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 86.920041][ T7909] loop4: detected capacity change from 0 to 128 [ 86.985998][ T7915] syz.2.1886[7915] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.986087][ T7915] syz.2.1886[7915] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.988804][ T3343] kernel write not supported for file /sysvipc/shm (pid: 3343 comm: kworker/1:5) [ 87.018633][ T7915] syz.2.1886[7915] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.156518][ T7934] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1895'. [ 87.177474][ T7934] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1895'. [ 87.188022][ T7937] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 87.190258][ T7934] macvlan0: entered promiscuous mode [ 87.202693][ T7934] batadv_slave_0: entered promiscuous mode [ 87.209208][ T7934] hsr1: Slave A (macvlan0) is not up; please bring it up to get a fully working HSR network [ 87.244811][ T7942] Option 'kÆvÏ4ì…ð' to dns_resolver key: bad/missing value [ 87.249046][ T7943] loop0: detected capacity change from 0 to 256 [ 87.329652][ T7955] Process accounting resumed [ 87.343436][ T7957] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1906'. [ 87.375474][ T7963] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 87.400408][ T7965] loop0: detected capacity change from 0 to 128 [ 87.402437][ T7969] loop2: detected capacity change from 0 to 128 [ 87.421760][ T7968] lo speed is unknown, defaulting to 1000 [ 87.429629][ T7965] ext4 filesystem being mounted at /290/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 87.534851][ T7979] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1916'. [ 87.610181][ T7991] syz.2.1922[7991] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.610304][ T7991] syz.2.1922[7991] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.622932][ T7991] syz.2.1922[7991] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.653793][ T7991] block device autoloading is deprecated and will be removed. [ 87.685005][ T7991] syz.2.1922: attempt to access beyond end of device [ 87.685005][ T7991] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 87.723559][ T29] kauditd_printk_skb: 200 callbacks suppressed [ 87.723574][ T29] audit: type=1400 audit(1862123436.731:1356): avc: denied { write } for pid=7999 comm="syz.2.1927" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 87.778481][ T29] audit: type=1326 audit(1862123436.781:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.2.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 87.806073][ T29] audit: type=1326 audit(1862123436.781:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.2.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 87.851912][ T29] audit: type=1326 audit(1862123436.811:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.2.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 87.879719][ T29] audit: type=1326 audit(1862123436.821:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.2.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 87.906915][ T29] audit: type=1326 audit(1862123436.821:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.2.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 87.934890][ T29] audit: type=1326 audit(1862123436.821:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.2.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 87.960021][ T29] audit: type=1326 audit(1862123436.821:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.2.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 87.984170][ T29] audit: type=1326 audit(1862123436.821:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.2.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 88.009446][ T29] audit: type=1326 audit(1862123436.821:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.2.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 88.062213][ T8016] loop0: detected capacity change from 0 to 512 [ 88.091962][ T8016] EXT4-fs (loop0): too many log groups per flexible block group [ 88.101108][ T8016] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 88.102361][ T8024] lo speed is unknown, defaulting to 1000 [ 88.115538][ T8016] EXT4-fs (loop0): mount failed [ 88.179809][ T8036] syz.4.1943[8036] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.179885][ T8036] syz.4.1943[8036] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.184252][ T8034] loop1: detected capacity change from 0 to 1024 [ 88.213205][ T8036] syz.4.1943[8036] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.238035][ T8038] loop0: detected capacity change from 0 to 1024 [ 88.269326][ T8038] EXT4-fs: Ignoring removed nomblk_io_submit option [ 88.278863][ T8038] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 88.315466][ T8046] syz.2.1946[8046] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.315582][ T8046] syz.2.1946[8046] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.328557][ T8046] syz.2.1946[8046] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.346859][ T8046] loop2: detected capacity change from 0 to 512 [ 88.385921][ T8046] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 88.421931][ T8046] EXT4-fs (loop2): 1 truncate cleaned up [ 88.496588][ T8065] loop1: detected capacity change from 0 to 512 [ 88.551345][ T8065] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.568539][ T8065] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 88.612113][ T8082] syz.2.1961[8082] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.615169][ T8065] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 88.642773][ T8065] EXT4-fs (loop1): This should not happen!! Data will be lost [ 88.642773][ T8065] [ 88.655566][ T8065] EXT4-fs (loop1): Total free blocks count 0 [ 88.664760][ T8065] EXT4-fs (loop1): Free/Dirty block details [ 88.673244][ T8065] EXT4-fs (loop1): free_blocks=65281 [ 88.679882][ T8065] EXT4-fs (loop1): dirty_blocks=23 [ 88.685768][ T8065] EXT4-fs (loop1): Block reservation details [ 88.692733][ T8065] EXT4-fs (loop1): i_reserved_data_blocks=33 [ 88.700345][ T8088] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 88.715042][ T8088] EXT4-fs (loop1): This should not happen!! Data will be lost [ 88.715042][ T8088] [ 88.732439][ T8092] loop2: detected capacity change from 0 to 764 [ 88.782821][ T8096] syz.0.1969: attempt to access beyond end of device [ 88.782821][ T8096] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 88.805257][ T8100] loop4: detected capacity change from 0 to 2048 [ 88.822305][ T8102] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22 [ 88.831765][ T8102] netdevsim netdevsim2: Direct firmware load for . failed with error -22 [ 88.836769][ T8100] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 88.856316][ T8100] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 13 with max blocks 1 with error 28 [ 88.869023][ T8100] EXT4-fs (loop4): This should not happen!! Data will be lost [ 88.869023][ T8100] [ 88.879023][ T8100] EXT4-fs (loop4): Total free blocks count 0 [ 88.885793][ T8100] EXT4-fs (loop4): Free/Dirty block details [ 88.892281][ T8100] EXT4-fs (loop4): free_blocks=66060288 [ 88.898274][ T8100] EXT4-fs (loop4): dirty_blocks=16 [ 88.903554][ T8100] EXT4-fs (loop4): Block reservation details [ 88.909809][ T8100] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 88.952630][ T170] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 88.965333][ T170] EXT4-fs (loop4): This should not happen!! Data will be lost [ 88.965333][ T170] [ 88.998483][ T8119] loop2: detected capacity change from 0 to 256 [ 89.008604][ T8121] loop1: detected capacity change from 0 to 512 [ 89.038139][ T8121] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 89.053713][ T8127] loop0: detected capacity change from 0 to 512 [ 89.062889][ T8129] netlink: '+}[@': attribute type 13 has an invalid length. [ 89.071915][ T8127] FAT-fs (loop0): bogus logical sector size 0 [ 89.072681][ T8121] EXT4-fs (loop1): 1 truncate cleaned up [ 89.078332][ T8127] FAT-fs (loop0): Can't find a valid FAT filesystem [ 89.092479][ T8129] gretap0: refused to change device tx_queue_len [ 89.318050][ T8172] loop2: detected capacity change from 0 to 128 [ 89.417073][ T8191] loop2: detected capacity change from 0 to 2048 [ 89.445279][ T8191] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 89.467659][ T8191] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 28 with error 28 [ 89.481508][ T8191] EXT4-fs (loop2): This should not happen!! Data will be lost [ 89.481508][ T8191] [ 89.491903][ T8191] EXT4-fs (loop2): Total free blocks count 0 [ 89.498718][ T8191] EXT4-fs (loop2): Free/Dirty block details [ 89.504773][ T8191] EXT4-fs (loop2): free_blocks=2415919104 [ 89.511303][ T8191] EXT4-fs (loop2): dirty_blocks=32 [ 89.516621][ T8191] EXT4-fs (loop2): Block reservation details [ 89.522757][ T8191] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 89.532006][ T8191] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 33 with error 28 [ 89.547607][ T8191] EXT4-fs (loop2): This should not happen!! Data will be lost [ 89.547607][ T8191] [ 89.812439][ T8243] loop0: detected capacity change from 0 to 512 [ 89.821505][ T8243] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 89.842772][ T8243] EXT4-fs (loop0): 1 truncate cleaned up [ 89.855514][ T8243] SELinux: Context system_u:object_r:crond_initrc_exec_t:s0 is not valid (left unmapped). [ 89.976808][ T8255] loop0: detected capacity change from 0 to 128 [ 89.985144][ T8255] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 90.116677][ T8261] loop2: detected capacity change from 0 to 512 [ 90.124489][ T8261] FAT-fs (loop2): bogus logical sector size 0 [ 90.132132][ T8261] FAT-fs (loop2): Can't find a valid FAT filesystem [ 90.224844][ T170] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.225077][ T8267] loop4: detected capacity change from 0 to 512 [ 90.285692][ T170] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.329127][ T8267] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.348449][ T170] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.420043][ T170] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.433758][ T8277] loop4: detected capacity change from 0 to 512 [ 90.480850][ T8277] EXT4-fs: Ignoring removed nobh option [ 90.498147][ T8269] lo speed is unknown, defaulting to 1000 [ 90.508028][ T170] bridge_slave_1: left allmulticast mode [ 90.513787][ T170] bridge_slave_1: left promiscuous mode [ 90.519660][ T170] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.528934][ T8277] EXT4-fs: Invalid want_extra_isize 348 [ 90.540650][ T170] bridge_slave_0: left allmulticast mode [ 90.547942][ T170] bridge_slave_0: left promiscuous mode [ 90.554062][ T170] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.575047][ T8289] loop4: detected capacity change from 0 to 512 [ 90.650270][ T8296] SELinux: Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped). [ 90.662437][ T8289] ext4 filesystem being mounted at /296/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.686568][ T8289] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 90.704804][ T8289] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 90.718065][ T8289] EXT4-fs (loop4): This should not happen!! Data will be lost [ 90.718065][ T8289] [ 90.727879][ T8289] EXT4-fs (loop4): Total free blocks count 0 [ 90.734339][ T8289] EXT4-fs (loop4): Free/Dirty block details [ 90.740295][ T8289] EXT4-fs (loop4): free_blocks=65281 [ 90.745709][ T8289] EXT4-fs (loop4): dirty_blocks=23 [ 90.751069][ T8289] EXT4-fs (loop4): Block reservation details [ 90.757349][ T8289] EXT4-fs (loop4): i_reserved_data_blocks=23 [ 90.765081][ T8301] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 90.777683][ T8301] EXT4-fs (loop4): This should not happen!! Data will be lost [ 90.777683][ T8301] [ 90.791525][ T170] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 90.813867][ T170] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 90.828803][ T170] bond0 (unregistering): Released all slaves [ 90.907564][ T170] macvlan0: left promiscuous mode [ 90.914276][ T170] batadv_slave_0: left promiscuous mode [ 90.984882][ T170] hsr_slave_0: left promiscuous mode [ 90.998817][ T170] hsr_slave_1: left promiscuous mode [ 91.005338][ T8315] netlink: 15999 bytes leftover after parsing attributes in process `syz.1.2065'. [ 91.019992][ T170] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 91.027480][ T170] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 91.063727][ T170] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 91.071408][ T170] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 91.101113][ T170] veth1_macvtap: left promiscuous mode [ 91.106858][ T170] veth0_macvtap: left promiscuous mode [ 91.112570][ T170] veth1_vlan: left promiscuous mode [ 91.118093][ T170] veth0_vlan: left promiscuous mode [ 92.066483][ T8333] loop2: detected capacity change from 0 to 512 [ 92.076650][ T170] pimreg3 (unregistering): left allmulticast mode [ 92.084513][ T8333] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 92.113159][ T8336] loop1: detected capacity change from 0 to 2048 [ 92.121641][ T8333] EXT4-fs (loop2): 1 truncate cleaned up [ 92.131734][ T170] team0 (unregistering): Port device team_slave_1 removed [ 92.144557][ T170] team0 (unregistering): Port device team_slave_0 removed [ 92.147001][ T8336] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 92.182105][ T8336] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 13 with max blocks 1 with error 28 [ 92.194640][ T8336] EXT4-fs (loop1): This should not happen!! Data will be lost [ 92.194640][ T8336] [ 92.205332][ T8336] EXT4-fs (loop1): Total free blocks count 0 [ 92.211400][ T8336] EXT4-fs (loop1): Free/Dirty block details [ 92.217406][ T8336] EXT4-fs (loop1): free_blocks=66060288 [ 92.223025][ T8336] EXT4-fs (loop1): dirty_blocks=16 [ 92.228132][ T8336] EXT4-fs (loop1): Block reservation details [ 92.234138][ T8336] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 92.242817][ T8269] chnl_net:caif_netlink_parms(): no params data found [ 92.269225][ T11] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 92.281688][ T11] EXT4-fs (loop1): This should not happen!! Data will be lost [ 92.281688][ T11] [ 92.299533][ T8344] loop4: detected capacity change from 0 to 512 [ 92.317910][ T8344] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 92.326425][ T8344] System zones: 0-2, 18-18, 34-34 [ 92.330698][ T8269] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.333909][ T8344] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2075: bg 0: block 248: padding at end of block bitmap is not set [ 92.338619][ T8269] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.355320][ T8344] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.2075: Failed to acquire dquot type 1 [ 92.371177][ T8269] bridge_slave_0: entered allmulticast mode [ 92.378287][ T8269] bridge_slave_0: entered promiscuous mode [ 92.378388][ T8344] EXT4-fs (loop4): 1 truncate cleaned up [ 92.391530][ T8269] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.398637][ T8269] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.406382][ T8344] ext4 filesystem being mounted at /304/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.413345][ T8269] bridge_slave_1: entered allmulticast mode [ 92.423979][ T8269] bridge_slave_1: entered promiscuous mode [ 92.443794][ T8269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.455155][ T8269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.483059][ T8269] team0: Port device team_slave_0 added [ 92.491958][ T8269] team0: Port device team_slave_1 added [ 92.530178][ T8269] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.537497][ T8269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.563700][ T8269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.590839][ T8269] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.598075][ T8269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.624772][ T8269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.663675][ T8370] program syz.4.2084 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 92.676248][ T8269] hsr_slave_0: entered promiscuous mode [ 92.683847][ T8269] hsr_slave_1: entered promiscuous mode [ 92.697549][ T8269] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.705338][ T8269] Cannot create hsr debugfs directory [ 92.732722][ T8376] loop4: detected capacity change from 0 to 256 [ 92.739502][ T8376] vfat: Bad value for 'fmask' [ 92.775746][ T29] kauditd_printk_skb: 551 callbacks suppressed [ 92.775761][ T29] audit: type=1400 audit(1862123441.781:1915): avc: denied { name_bind } for pid=8379 comm="syz.1.2089" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 92.794954][ T8383] lo speed is unknown, defaulting to 1000 [ 92.846611][ T29] audit: type=1400 audit(1862123441.851:1916): avc: denied { create } for pid=8382 comm="syz.4.2090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 92.869615][ T29] audit: type=1400 audit(1862123441.851:1917): avc: denied { setopt } for pid=8382 comm="syz.4.2090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 92.884294][ T8386] dccp_invalid_packet: P.Data Offset(10) too large [ 92.919854][ T8388] loop4: detected capacity change from 0 to 1024 [ 92.927534][ T8388] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 92.939980][ T8388] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.2092: Invalid block bitmap block 0 in block_group 0 [ 92.953835][ T8388] Quota error (device loop4): write_blk: dquota write failed [ 92.961340][ T8388] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 92.971405][ T8388] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.2092: Failed to acquire dquot type 0 [ 92.983240][ T8388] EXT4-fs error (device loop4): ext4_free_blocks:6589: comm syz.4.2092: Freeing blocks not in datazone - block = 0, count = 4096 [ 92.996950][ T8388] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.2092: Invalid inode bitmap blk 0 in block_group 0 [ 93.009776][ T8388] EXT4-fs error (device loop4) in ext4_free_inode:360: Corrupt filesystem [ 93.018583][ T2612] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-8 [ 93.027827][ T2612] EXT4-fs error (device loop4): ext4_release_dquot:6902: comm kworker/u8:7: Failed to release dquot type 0 [ 93.041459][ T8392] loop2: detected capacity change from 0 to 128 [ 93.050042][ T8388] EXT4-fs (loop4): 1 orphan inode deleted [ 93.069778][ T29] audit: type=1400 audit(1862123442.071:1918): avc: denied { mounton } for pid=8391 comm="syz.2.2093" path="/199/file1/file0" dev="loop2" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1 [ 93.094127][ T29] audit: type=1400 audit(1862123442.071:1919): avc: denied { mount } for pid=8391 comm="syz.2.2093" name="/" dev="ramfs" ino=20680 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 93.134149][ T8394] cgroup: Need name or subsystem set [ 93.136331][ T29] audit: type=1400 audit(1862123442.141:1920): avc: denied { mounton } for pid=8393 comm="syz.2.2094" path="/200/file0" dev="tmpfs" ino=1062 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 93.147052][ T8269] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.170278][ T29] audit: type=1400 audit(1862123442.151:1921): avc: denied { write } for pid=8269 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 93.194378][ T8396] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2095'. [ 93.204624][ T8396] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2095'. [ 93.215096][ T8269] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.224619][ T8269] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.236687][ T8269] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.262203][ T8269] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.269619][ T8269] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.277254][ T8269] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.284725][ T8269] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.315813][ T8269] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.328223][ T8269] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.337338][ T2102] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.347119][ T2102] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.360068][ T8408] rdma_op ffff88811f648180 conn xmit_rdma 0000000000000000 [ 93.375011][ T2102] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.382685][ T2102] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.396426][ T170] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.403558][ T170] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.424090][ T8269] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 93.434740][ T8269] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 93.490312][ T8269] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.559766][ T8269] veth0_vlan: entered promiscuous mode [ 93.568807][ T8269] veth1_vlan: entered promiscuous mode [ 93.585844][ T8269] veth0_macvtap: entered promiscuous mode [ 93.594017][ T8269] veth1_macvtap: entered promiscuous mode [ 93.605149][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.617295][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.627588][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.635280][ T8424] loop1: detected capacity change from 0 to 2048 [ 93.638516][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.656809][ T8269] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.669109][ T8423] Cannot find del_set index 0 as target [ 93.671342][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.685882][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.696374][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.707660][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.719354][ T8269] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.733213][ T8269] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.742569][ T8269] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.748008][ T8424] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, [ 93.752382][ T8269] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.752358][ T8424] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 93.752420][ T8269] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.772787][ T8424] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 28 with error 28 [ 93.803850][ T8424] EXT4-fs (loop1): This should not happen!! Data will be lost [ 93.803850][ T8424] [ 93.815277][ T8424] EXT4-fs (loop1): Total free blocks count 0 [ 93.821669][ T8424] EXT4-fs (loop1): Free/Dirty block details [ 93.829290][ T8424] EXT4-fs (loop1): free_blocks=2415919104 [ 93.836135][ T8424] EXT4-fs (loop1): dirty_blocks=32 [ 93.842611][ T8424] EXT4-fs (loop1): Block reservation details [ 93.849200][ T8424] EXT4-fs (loop1): i_reserved_data_blocks=2 [ 93.858386][ T8424] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 33 with error 28 [ 93.871232][ T8424] EXT4-fs (loop1): This should not happen!! Data will be lost [ 93.871232][ T8424] [ 93.936481][ T8439] netlink: 1812 bytes leftover after parsing attributes in process `syz.0.2050'. [ 94.020758][ T8450] netlink: 'syz.1.2114': attribute type 1 has an invalid length. [ 94.091078][ T8456] loop0: detected capacity change from 0 to 2048 [ 94.141095][ T8456] loop0: p1 < > p4 [ 94.148658][ T8456] loop0: p4 size 8388608 extends beyond EOD, truncated [ 94.328457][ T8484] bpf_get_probe_write_proto: 14 callbacks suppressed [ 94.328486][ T8484] syz.0.2131[8484] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.335781][ T8484] syz.0.2131[8484] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.347872][ T8484] syz.0.2131[8484] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.413926][ T8493] loop4: detected capacity change from 0 to 512 [ 94.432602][ T8493] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 94.444892][ T8493] EXT4-fs (loop4): 1 truncate cleaned up [ 94.562973][ T8513] loop4: detected capacity change from 0 to 2048 [ 94.575589][ T8519] syz.0.2145[8519] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.575681][ T8519] syz.0.2145[8519] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.588280][ T8519] syz.0.2145[8519] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.655938][ T8529] loop4: detected capacity change from 0 to 256 [ 94.725836][ T8534] loop0: detected capacity change from 0 to 1024 [ 94.733191][ T8534] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 94.745409][ T8534] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2151: Invalid block bitmap block 0 in block_group 0 [ 94.759172][ T8534] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.2151: Failed to acquire dquot type 0 [ 94.772385][ T8534] EXT4-fs error (device loop0): ext4_free_blocks:6589: comm syz.0.2151: Freeing blocks not in datazone - block = 0, count = 4096 [ 94.786583][ T8534] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.2151: Invalid inode bitmap blk 0 in block_group 0 [ 94.800441][ T8534] EXT4-fs error (device loop0) in ext4_free_inode:360: Corrupt filesystem [ 94.806592][ T11] EXT4-fs error (device loop0): ext4_release_dquot:6902: comm kworker/u8:0: Failed to release dquot type 0 [ 94.812017][ T8534] EXT4-fs (loop0): 1 orphan inode deleted [ 94.904329][ T8544] loop4: detected capacity change from 0 to 512 [ 94.918210][ T8544] EXT4-fs: Ignoring removed oldalloc option [ 94.940985][ T8544] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.2154: Parent and EA inode have the same ino 15 [ 94.969322][ T8544] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.2154: Parent and EA inode have the same ino 15 [ 94.992150][ T8544] EXT4-fs (loop4): 1 orphan inode deleted [ 95.062636][ T8557] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2161'. [ 95.071755][ T8557] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2161'. [ 95.469327][ T2102] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.548013][ T8585] lo speed is unknown, defaulting to 1000 [ 95.613388][ T8617] loop0: detected capacity change from 0 to 2048 [ 95.624236][ T2102] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.643381][ T8585] chnl_net:caif_netlink_parms(): no params data found [ 95.658663][ T2102] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.678307][ T8617] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 95.695815][ T8617] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 28 with error 28 [ 95.708602][ T8617] EXT4-fs (loop0): This should not happen!! Data will be lost [ 95.708602][ T8617] [ 95.719098][ T8617] EXT4-fs (loop0): Total free blocks count 0 [ 95.725500][ T8617] EXT4-fs (loop0): Free/Dirty block details [ 95.731909][ T8617] EXT4-fs (loop0): free_blocks=2415919104 [ 95.737785][ T8617] EXT4-fs (loop0): dirty_blocks=32 [ 95.743337][ T8617] EXT4-fs (loop0): Block reservation details [ 95.749758][ T8617] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 95.758752][ T8617] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 33 with error 28 [ 95.771343][ T8617] EXT4-fs (loop0): This should not happen!! Data will be lost [ 95.771343][ T8617] [ 95.786742][ T8638] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 95.795856][ T8638] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 95.819723][ T2102] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.832318][ T8585] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.840223][ T8585] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.863374][ T8645] loop0: detected capacity change from 0 to 512 [ 95.870526][ T8645] EXT4-fs: Ignoring removed i_version option [ 95.870960][ T8585] bridge_slave_0: entered allmulticast mode [ 95.877018][ T8645] EXT4-fs: Ignoring removed nobh option [ 95.890320][ T8585] bridge_slave_0: entered promiscuous mode [ 95.896847][ T8645] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 95.908212][ T8585] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.913022][ T8645] EXT4-fs (loop0): 1 truncate cleaned up [ 95.915344][ T8585] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.928947][ T8585] bridge_slave_1: entered allmulticast mode [ 95.936202][ T8585] bridge_slave_1: entered promiscuous mode [ 95.961224][ T8585] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.984172][ T8585] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.010377][ T8585] team0: Port device team_slave_0 added [ 96.017475][ T2102] bridge_slave_0: left allmulticast mode [ 96.023209][ T2102] bridge_slave_0: left promiscuous mode [ 96.028947][ T2102] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.109645][ T2102] batman_adv: batadv0: Removing interface: gretap1 [ 96.163578][ T2102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 96.174570][ T2102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 96.187066][ T2102] bond0 (unregistering): Released all slaves [ 96.197180][ T8585] team0: Port device team_slave_1 added [ 96.203595][ T8659] ip6tnl0: entered promiscuous mode [ 96.217717][ T8658] ip6tnl0: left promiscuous mode [ 96.229530][ T8585] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.236959][ T8585] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.263660][ T8585] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.283343][ T2102] hsr_slave_0: left promiscuous mode [ 96.290776][ T2102] hsr_slave_1: left promiscuous mode [ 96.296952][ T2102] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 96.304706][ T2102] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 96.314181][ T2102] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 96.321790][ T2102] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 96.331726][ T2102] veth1_macvtap: left promiscuous mode [ 96.337477][ T2102] veth0_macvtap: left promiscuous mode [ 96.343770][ T2102] veth1_vlan: left promiscuous mode [ 96.349583][ T2102] veth0_vlan: left promiscuous mode [ 96.471430][ T8682] loop1: detected capacity change from 0 to 2048 [ 96.510104][ T8682] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 96.525519][ T2102] team0 (unregistering): Port device team_slave_1 removed [ 96.526599][ T8682] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 512 with max blocks 1 with error 28 [ 96.545435][ T8682] EXT4-fs (loop1): This should not happen!! Data will be lost [ 96.545435][ T8682] [ 96.555176][ T8682] EXT4-fs (loop1): Total free blocks count 0 [ 96.561621][ T8682] EXT4-fs (loop1): Free/Dirty block details [ 96.567887][ T8682] EXT4-fs (loop1): free_blocks=2415919104 [ 96.574554][ T8682] EXT4-fs (loop1): dirty_blocks=32 [ 96.580004][ T8682] EXT4-fs (loop1): Block reservation details [ 96.586318][ T8682] EXT4-fs (loop1): i_reserved_data_blocks=2 [ 96.595743][ T2102] team0 (unregistering): Port device team_slave_0 removed [ 96.623454][ T36] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 96.636256][ T36] EXT4-fs (loop1): This should not happen!! Data will be lost [ 96.636256][ T36] [ 96.654687][ T8585] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.661924][ T8585] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.688949][ T8585] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.702269][ T8691] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2212'. [ 96.748580][ T8697] loop2: detected capacity change from 0 to 512 [ 96.750020][ T8585] hsr_slave_0: entered promiscuous mode [ 96.762375][ T8697] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 96.762867][ T8585] hsr_slave_1: entered promiscuous mode [ 96.773581][ T8697] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 96.788837][ T8697] EXT4-fs (loop2): orphan cleanup on readonly fs [ 96.789114][ T8585] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.798739][ T8697] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.2215: Invalid block bitmap block 0 in block_group 0 [ 96.803392][ T8585] Cannot create hsr debugfs directory [ 96.833422][ T8697] EXT4-fs (loop2): Remounting filesystem read-only [ 96.842381][ T8697] EXT4-fs (loop2): 1 orphan inode deleted [ 96.851646][ T8697] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 96.946672][ T8719] loop2: detected capacity change from 0 to 256 [ 96.954162][ T8719] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 96.968555][ T8719] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 96.977484][ T8719] FAT-fs (loop2): Filesystem has been set read-only [ 97.132302][ T8585] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 97.156289][ T8585] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 97.172312][ T8585] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 97.182099][ T8585] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 97.214638][ T8737] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2232'. [ 97.223983][ T8737] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2232'. [ 97.256976][ T8585] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.269264][ T8744] loop1: detected capacity change from 0 to 128 [ 97.286360][ T8585] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.300948][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.308175][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.345791][ T170] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.352961][ T170] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.448876][ T8585] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.454980][ T8770] syz.2.2243[8770] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 97.455828][ T8770] syz.2.2243[8770] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 97.485392][ T8770] syz.2.2243[8770] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 97.537233][ T8770] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2243'. [ 97.551940][ T8759] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2243'. [ 97.568859][ T8585] veth0_vlan: entered promiscuous mode [ 97.578403][ T8585] veth1_vlan: entered promiscuous mode [ 97.601683][ T8783] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 97.610052][ T8585] veth0_macvtap: entered promiscuous mode [ 97.617355][ T8783] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 97.623146][ T8585] veth1_macvtap: entered promiscuous mode [ 97.647074][ T8585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.659071][ T8585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.670012][ T8585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.682774][ T8585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.694337][ T8585] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.722831][ T8585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.733567][ T8585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.743653][ T8585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.754343][ T8585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.766124][ T8585] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.774935][ T8797] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2254'. [ 97.791444][ T8793] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2253'. [ 97.808174][ T8585] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.817490][ T8585] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.826808][ T8585] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.836530][ T8585] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.846019][ T29] kauditd_printk_skb: 113 callbacks suppressed [ 97.846038][ T29] audit: type=1400 audit(1862123446.841:2030): avc: denied { execute } for pid=8800 comm="syz.4.2257" path=2F6D656D66643A25202864656C6574656429 dev="hugetlbfs" ino=23573 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 97.965719][ T29] audit: type=1400 audit(1862123446.961:2031): avc: denied { write } for pid=8810 comm="syz.2.2261" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 98.001173][ T29] audit: type=1400 audit(1862123447.011:2032): avc: denied { create } for pid=8816 comm="syz.2.2264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 98.068588][ T29] audit: type=1400 audit(1862123447.041:2033): avc: denied { ioctl } for pid=8816 comm="syz.2.2264" path="socket:[23598]" dev="sockfs" ino=23598 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 98.096305][ T29] audit: type=1400 audit(1862123447.041:2034): avc: denied { connect } for pid=8816 comm="syz.2.2264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 98.117335][ T29] audit: type=1400 audit(1862123447.041:2035): avc: denied { write } for pid=8816 comm="syz.2.2264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 98.137703][ T29] audit: type=1326 audit(1862123447.071:2036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8823 comm="syz.2.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 98.163773][ T29] audit: type=1326 audit(1862123447.071:2037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8823 comm="syz.2.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 98.169001][ T8836] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2272'. [ 98.188739][ T29] audit: type=1326 audit(1862123447.071:2038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8823 comm="syz.2.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 98.188778][ T29] audit: type=1326 audit(1862123447.071:2039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8823 comm="syz.2.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54bccdff9 code=0x7ffc0000 [ 98.369103][ T8853] loop4: detected capacity change from 0 to 512 [ 98.384538][ T8859] binfmt_misc: register: failed to install interpreter file ./file0 [ 98.396732][ T8861] loop2: detected capacity change from 0 to 512 [ 98.418471][ T8853] EXT4-fs mount: 76 callbacks suppressed [ 98.418492][ T8853] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.427738][ T8861] EXT4-fs: Ignoring removed i_version option [ 98.441832][ T8853] ext4 filesystem being mounted at /366/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.446527][ T8861] EXT4-fs: Ignoring removed nobh option [ 98.461422][ T8870] netlink: 6312 bytes leftover after parsing attributes in process `syz.0.2287'. [ 98.484673][ T8861] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 98.525693][ T8861] EXT4-fs (loop2): 1 truncate cleaned up [ 98.542263][ T8861] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.558579][ T8879] netlink: 'syz.3.2291': attribute type 27 has an invalid length. [ 98.578503][ T4516] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.622445][ T6348] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.698235][ T8901] loop4: detected capacity change from 0 to 128 [ 98.704986][ T8901] vfat: Unknown parameter 'ÿÿ' [ 98.800331][ T8883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 98.809439][ T8883] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 99.016248][ T8908] lo speed is unknown, defaulting to 1000 [ 99.044629][ T8922] netlink: 'syz.1.2310': attribute type 34 has an invalid length. [ 99.092211][ T8928] syz.1.2312[8928] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 99.094137][ T8908] chnl_net:caif_netlink_parms(): no params data found [ 99.161483][ T8908] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.169573][ T8908] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.177623][ T8908] bridge_slave_0: entered allmulticast mode [ 99.184910][ T8908] bridge_slave_0: entered promiscuous mode [ 99.195880][ T8908] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.203449][ T8908] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.211457][ T8908] bridge_slave_1: entered allmulticast mode [ 99.218832][ T8908] bridge_slave_1: entered promiscuous mode [ 99.233721][ T8939] loop1: detected capacity change from 0 to 1024 [ 99.240869][ T8939] EXT4-fs: Ignoring removed orlov option [ 99.243588][ T8908] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.246892][ T8939] EXT4-fs: Ignoring removed nomblk_io_submit option [ 99.265041][ T8908] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.272131][ T8939] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842e018, mo2=0002] [ 99.285723][ T8939] System zones: 0-1, 3-12 [ 99.291854][ T8939] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.306536][ T8908] team0: Port device team_slave_0 added [ 99.314906][ T8908] team0: Port device team_slave_1 added [ 99.339494][ T6566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.349523][ T8908] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.356676][ T8908] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.384817][ T8908] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.398626][ T8908] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.405857][ T8908] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.433186][ T8908] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.475912][ T8908] hsr_slave_0: entered promiscuous mode [ 99.484977][ T8908] hsr_slave_1: entered promiscuous mode [ 99.491596][ T8908] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 99.511055][ T8908] Cannot create hsr debugfs directory [ 99.537854][ T8951] netlink: 'syz.1.2321': attribute type 10 has an invalid length. [ 99.546475][ T8955] sg_write: data in/out 28/14 bytes for SCSI command 0x0-- guessing data in; [ 99.546475][ T8955] program syz.0.2323 not setting count and/or reply_len properly [ 99.565196][ T8951] syz_tun: entered promiscuous mode [ 99.574656][ T8951] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 99.596248][ T8962] netlink: 'syz.0.2326': attribute type 1 has an invalid length. [ 99.625416][ T8967] loop0: detected capacity change from 0 to 1024 [ 99.637834][ T8964] dccp_invalid_packet: P.Data Offset(64) too large [ 99.672373][ T8967] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.685312][ T8967] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 99.697688][ T8908] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.721050][ T8269] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.795058][ T8985] loop1: detected capacity change from 0 to 1024 [ 99.803765][ T8985] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 99.816788][ T8908] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.828738][ T8985] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.863868][ T6566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.889398][ T8908] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.939943][ T8908] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.974933][ T9008] loop0: detected capacity change from 0 to 128 [ 100.016256][ T8908] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 100.026957][ T8908] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 100.038467][ T8908] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 100.063056][ T8908] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 100.137227][ T8908] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.154109][ T8908] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.179363][ T9032] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2357'. [ 100.179716][ T2102] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.196793][ T2102] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.206351][ T2102] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.213872][ T2102] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.334476][ T8908] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.367325][ T9049] hub 2-0:1.0: USB hub found [ 100.377041][ T9049] hub 2-0:1.0: 8 ports detected [ 100.548922][ T8908] veth0_vlan: entered promiscuous mode [ 100.567577][ T8908] veth1_vlan: entered promiscuous mode [ 100.591854][ T9090] loop3: detected capacity change from 0 to 128 [ 100.602263][ T8908] veth0_macvtap: entered promiscuous mode [ 100.616714][ T8908] veth1_macvtap: entered promiscuous mode [ 100.630894][ T8908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.642200][ T8908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.652755][ T8908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.665205][ T8908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.675881][ T8908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 100.687095][ T8908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.700400][ T8908] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.712049][ T8908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.722586][ T8908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.732455][ T8908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.743103][ T8908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.753164][ T8908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 100.763673][ T8908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.776566][ T8908] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.785710][ T8908] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.794799][ T8908] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.804857][ T8908] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.813957][ T8908] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.883044][ T9105] bpf_get_probe_write_proto: 2 callbacks suppressed [ 100.883067][ T9105] syz.4.2307[9105] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.890195][ T9105] syz.4.2307[9105] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.905583][ T9109] loop0: detected capacity change from 0 to 512 [ 100.910659][ T9105] syz.4.2307[9105] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.928997][ T9108] program syz.3.2383 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 100.933881][ T9109] EXT4-fs: Ignoring removed oldalloc option [ 100.962145][ T9109] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 100.976983][ T9109] EXT4-fs (loop0): 1 truncate cleaned up [ 100.983797][ T9109] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.078344][ T8269] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.229382][ T9135] loop0: detected capacity change from 0 to 512 [ 101.240512][ T9135] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 101.258599][ T9135] EXT4-fs (loop0): 1 truncate cleaned up [ 101.266481][ T9135] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.319073][ T8269] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.370755][ T9144] loop4: detected capacity change from 0 to 1024 [ 101.381256][ T9144] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 101.391438][ T9144] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 101.401534][ T9144] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 101.424081][ T9144] EXT4-fs error (device loop4): ext4_get_journal_inode:5762: inode #5: comm syz.4.2400: unexpected bad inode w/o EXT4_IGET_BAD [ 101.438122][ T9144] EXT4-fs (loop4): no journal found [ 101.443543][ T9144] EXT4-fs (loop4): can't get journal size [ 101.552389][ T9153] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=9153 comm=syz.0.2404 [ 101.567208][ T9144] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 101.600226][ T9144] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2400: bg 0: block 32: padding at end of block bitmap is not set [ 101.626843][ T8908] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.640114][ T9155] loop2: detected capacity change from 0 to 1024 [ 101.677678][ T9155] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.734924][ T6348] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.878972][ T9184] __nla_validate_parse: 2 callbacks suppressed [ 101.878989][ T9184] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2417'. [ 102.093920][ T9200] Invalid ELF header magic: != ELF [ 102.292016][ T9206] loop1: detected capacity change from 0 to 512 [ 102.303438][ T9206] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.318410][ T9206] ext4 filesystem being mounted at /220/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.368508][ T6566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.394076][ T9210] loop1: detected capacity change from 0 to 2048 [ 102.413377][ T9210] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.443060][ T6566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.580946][ T9227] Invalid ELF header magic: != ELF [ 102.590205][ T3341] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x4 [ 102.599387][ T3341] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x2 [ 102.610803][ T3341] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x3 [ 102.621735][ T3341] hid-generic 0000:3000000:0000.0003: hidraw0: HID v0.00 Device [sy] on syz0 [ 102.694659][ T9240] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2442'. [ 102.745573][ T9249] xt_hashlimit: max too large, truncated to 1048576 [ 102.897577][ T29] kauditd_printk_skb: 146 callbacks suppressed [ 102.897595][ T29] audit: type=1400 audit(1862123451.901:2186): avc: denied { watch_reads } for pid=9278 comm="syz.4.2462" path="/20" dev="tmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 102.897677][ T9279] loop1: detected capacity change from 0 to 128 [ 102.907187][ T29] audit: type=1400 audit(1862123451.911:2187): avc: denied { execute_no_trans } for pid=9278 comm="syz.4.2462" path="/20/file0" dev="tmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 102.965069][ T29] audit: type=1400 audit(1862123451.941:2188): avc: denied { unlink } for pid=6566 comm="syz-executor" name="file0" dev="tmpfs" ino=1201 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 103.021422][ C1] vxcan0: j1939_tp_rxtimer: 0xffff888111693c00: rx timeout, send abort [ 103.029922][ C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff888111693c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 103.033698][ T29] audit: type=1326 audit(1862123452.031:2189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.3.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48784ddff9 code=0x7ffc0000 [ 103.045186][ C1] ------------[ cut here ]------------ [ 103.045198][ C1] refcount_t: underflow; use-after-free. [ 103.045447][ C1] WARNING: CPU: 1 PID: 23 at lib/refcount.c:28 refcount_warn_saturate+0x1c6/0x230 [ 103.070476][ T29] audit: type=1326 audit(1862123452.031:2190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.3.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48784ddff9 code=0x7ffc0000 [ 103.076737][ C1] Modules linked in: [ 103.129470][ C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted 6.12.0-rc1-syzkaller-00042-gf23aa4c0761a #0 [ 103.141671][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 103.141698][ T29] audit: type=1326 audit(1862123452.091:2191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.3.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f48784ddff9 code=0x7ffc0000 [ 103.153992][ C1] RIP: 0010:refcount_warn_saturate+0x1c6/0x230 [ 103.154030][ C1] Code: 72 ff ff ff e8 7b 87 71 ff 48 c7 c7 3e d7 b2 86 e8 0f 6d 8a ff c6 05 a6 2d f4 04 01 90 48 c7 c7 bd a4 1b 86 e8 4b 4c 53 ff 90 <0f> 0b 90 90 e9 43 ff ff ff e8 4c 87 71 ff 48 c7 c7 3b d7 b2 86 e8 [ 103.154053][ C1] RSP: 0018:ffffc900000cf9d8 EFLAGS: 00010246 [ 103.154075][ C1] RAX: a01be8b49fb21200 RBX: ffff888103d9d2e4 RCX: ffff888100f92100 [ 103.182855][ T29] audit: type=1326 audit(1862123452.091:2192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.3.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48784ddff9 code=0x7ffc0000 [ 103.189703][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 103.212364][ T29] audit: type=1326 audit(1862123452.091:2193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.3.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48784ddff9 code=0x7ffc0000 [ 103.220709][ C1] RBP: 0000000000000003 R08: ffffffff8111f757 R09: 0000000000000000 [ 103.220742][ C1] R10: 0001ffffffffffff R11: 0001c900000cf8d0 R12: ffff888111693c68 [ 103.220755][ C1] R13: 0000000000000000 R14: ffff888103d9d2e4 R15: 0000000000000000 [ 103.230732][ T29] audit: type=1326 audit(1862123452.091:2194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.3.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f48784ddff9 code=0x7ffc0000 [ 103.256907][ C1] FS: 0000000000000000(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 103.256934][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.256952][ C1] CR2: ffffffffffff0000 CR3: 00000001114c4000 CR4: 00000000003506f0 [ 103.256971][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 103.256988][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 103.257003][ C1] Call Trace: [ 103.257010][ C1] [ 103.257020][ C1] ? __warn+0x141/0x350 [ 103.265447][ T29] audit: type=1326 audit(1862123452.091:2195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.3.2466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48784ddff9 code=0x7ffc0000 [ 103.294664][ C1] ? report_bug+0x315/0x420 [ 103.433818][ C1] ? refcount_warn_saturate+0x1c6/0x230 [ 103.439642][ C1] ? handle_bug+0x60/0x90 [ 103.444716][ C1] ? exc_invalid_op+0x1a/0x50 [ 103.450603][ C1] ? asm_exc_invalid_op+0x1a/0x20 [ 103.456419][ C1] ? __warn_printk+0x167/0x1b0 [ 103.462551][ C1] ? refcount_warn_saturate+0x1c6/0x230 [ 103.468620][ C1] ? refcount_warn_saturate+0x1c5/0x230 [ 103.474433][ C1] sk_skb_reason_drop+0xe9/0x290 [ 103.479750][ C1] j1939_session_put+0x157/0x2a0 [ 103.485480][ C1] j1939_xtp_rx_abort_one+0x9d/0x410 [ 103.493507][ C1] j1939_tp_recv+0x71e/0xa80 [ 103.498514][ C1] j1939_can_recv+0x45f/0x550 [ 103.503361][ C1] ? __pfx_j1939_can_recv+0x10/0x10 [ 103.510012][ C1] can_rcv_filter+0x225/0x4c0 [ 103.515363][ C1] can_receive+0x182/0x1f0 [ 103.519983][ C1] ? can_rcv+0xdc/0x180 [ 103.524563][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 103.529581][ C1] can_rcv+0xe7/0x180 [ 103.533645][ C1] ? __pfx_can_rcv+0x10/0x10 [ 103.538342][ C1] __netif_receive_skb+0x123/0x280 [ 103.543689][ C1] process_backlog+0x22e/0x440 [ 103.550522][ C1] __napi_poll+0x63/0x3c0 [ 103.556569][ C1] ? net_rx_action+0x376/0x7f0 [ 103.561560][ C1] net_rx_action+0x3a1/0x7f0 [ 103.567135][ C1] handle_softirqs+0xbf/0x280 [ 103.572721][ C1] ? __pfx_run_ksoftirqd+0x10/0x10 [ 103.578608][ C1] run_ksoftirqd+0x1c/0x30 [ 103.583456][ C1] smpboot_thread_fn+0x31c/0x4c0 [ 103.589051][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 103.595642][ C1] kthread+0x1d1/0x210 [ 103.600264][ C1] ? __pfx_kthread+0x10/0x10 [ 103.605452][ C1] ret_from_fork+0x4b/0x60 [ 103.612409][ C1] ? __pfx_kthread+0x10/0x10 [ 103.618206][ C1] ret_from_fork_asm+0x1a/0x30 [ 103.623405][ C1] [ 103.627018][ C1] ---[ end trace 0000000000000000 ]--- [ 103.636907][ T9299] siw: device registration error -23 [ 103.668949][ T9305] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 103.725456][ T9313] tipc: Started in network mode [ 103.730822][ T9313] tipc: Node identity 1, cluster identity 7 [ 103.737237][ T9313] tipc: Node number set to 1 [ 103.779261][ T9317] loop4: detected capacity change from 0 to 1024 [ 103.803614][ T9317] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.842976][ T9325] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2482'. [ 103.855869][ T8908] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.877925][ T9329] syz.4.2483[9329] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 103.878011][ T9329] syz.4.2483[9329] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 103.891406][ T9329] syz.4.2483[9329] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 103.915086][ T9333] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2486'. [ 103.949371][ T9333] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2486'. [ 103.984422][ T9333] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2486'. [ 104.085722][ T9361] Invalid ELF header magic: != ELF [ 104.172093][ T9376] sg_write: data in/out 231/14 bytes for SCSI command 0x0-- guessing data in; [ 104.172093][ T9376] program syz.2.2505 not setting count and/or reply_len properly [ 104.174344][ T9377] loop1: detected capacity change from 0 to 512 [ 104.208173][ T9377] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #2: comm syz.1.2506: corrupted xattr block 255: invalid header [ 104.224907][ T9377] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 104.233909][ T9377] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.254953][ T9377] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #2: comm syz.1.2506: corrupted xattr block 255: invalid header [ 104.269487][ T9377] SELinux: (dev loop1, type ext4) getxattr errno 117 [ 104.277022][ T9377] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.324891][ T9390] loop1: detected capacity change from 0 to 2048 [ 104.335002][ T9392] loop0: detected capacity change from 0 to 512 [ 104.352664][ T9390] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.367720][ T9390] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 104.368215][ T9392] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.396364][ T9392] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 104.408168][ T6566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.437197][ T8269] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.438097][ T9404] loop1: detected capacity change from 0 to 512 [ 104.453948][ T9404] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 104.478819][ T9404] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.501944][ T9404] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 104.521138][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2520'. [ 104.530812][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2520'. [ 104.549497][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2520'. [ 104.562880][ T6566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.615259][ T9426] tipc: Started in network mode [ 104.620907][ T9426] tipc: Node identity , cluster identity 4711 [ 104.627087][ T9426] tipc: Failed to obtain node identity [ 104.632747][ T9426] tipc: Enabling of bearer rejected, failed to enable media [ 104.715466][ T9435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2530'. [ 104.733943][ T9435] macsec1: entered allmulticast mode [ 104.739765][ T9435] veth1_macvtap: entered allmulticast mode [ 104.773805][ T9435] veth1_macvtap (unregistering): left allmulticast mode [ 104.816281][ T9442] tipc: Started in network mode [ 104.821779][ T9442] tipc: Node identity 1, cluster identity 7 [ 104.828514][ T9442] tipc: Node number set to 1 [ 104.935856][ T9449] lo speed is unknown, defaulting to 1000 [ 105.273308][ T9499] loop0: detected capacity change from 0 to 1024 [ 105.286523][ T9499] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 105.298714][ T9499] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 105.312442][ T9499] JBD2: no valid journal superblock found [ 105.319191][ T9499] EXT4-fs (loop0): Could not load journal inode [ 105.474886][ T9528] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 105.491634][ T9528] vlan2: entered promiscuous mode [ 105.506573][ T9528] netdevsim netdevsim4 netdevsim0: left promiscuous mode [ 105.539670][ T9538] tipc: Enabling of bearer rejected, failed to enable media [ 105.593787][ T9545] loop2: detected capacity change from 0 to 512 [ 105.614340][ T9545] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #12: comm syz.2.2579: corrupted in-inode xattr: invalid ea_ino [ 105.635212][ T9552] loop0: detected capacity change from 0 to 512 [ 105.639725][ T9545] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.2579: couldn't read orphan inode 12 (err -117) [ 105.659141][ T9545] EXT4-fs (loop2): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.682314][ T9545] EXT4-fs error (device loop2): ext4_add_entry:2437: inode #2: comm syz.2.2579: Directory hole found for htree leaf block 0 [ 105.685273][ T9552] EXT4-fs (loop0): too many log groups per flexible block group [ 105.705395][ T9552] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 105.713623][ T9552] EXT4-fs (loop0): mount failed [ 105.820122][ T9565] loop0: detected capacity change from 0 to 8192 [ 105.837572][ T6348] EXT4-fs (loop2): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 105.842386][ T9565] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 105.866669][ T9565] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 105.876877][ T9565] FAT-fs (loop0): Filesystem has been set read-only [ 105.886575][ T9565] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 105.913507][ T9565] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 105.929907][ T9565] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 105.943456][ T9565] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 105.953258][ T9575] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 106.133554][ T9591] loop1: detected capacity change from 0 to 2048 [ 106.190535][ T9591] loop1: p3 < > p4 < > [ 106.195081][ T9591] loop1: partition table partially beyond EOD, truncated [ 106.210838][ T9591] loop1: p3 start 4284289 is beyond EOD, truncated [ 106.221605][ T9601] siw: device registration error -23 [ 106.392939][ T9623] loop3: detected capacity change from 0 to 512 [ 106.423741][ T9623] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 106.440046][ T9623] EXT4-fs error (device loop3): ext4_orphan_get:1414: comm syz.3.2615: bad orphan inode 131083 [ 106.453543][ T9623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.471444][ T9623] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.472259][ T9633] siw: device registration error -23 [ 106.656298][ T9647] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 3, id = 0 [ 106.670101][ T9648] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 3, id = 1 [ 106.694657][ T9653] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 3, id = 2 [ 106.727522][ T9654] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 3, id = 3 [ 106.943107][ T9679] siw: device registration error -23 [ 106.953157][ T9676] loop2: detected capacity change from 0 to 2048 [ 106.997818][ T9676] Alternate GPT is invalid, using primary GPT. [ 107.005106][ T9676] loop2: p2 p3 p7 [ 107.320481][ T9702] __nla_validate_parse: 13 callbacks suppressed [ 107.320503][ T9702] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2647'. [ 115.919410][ T9709] lo speed is unknown, defaulting to 1000 [ 115.974192][ T9709] chnl_net:caif_netlink_parms(): no params data found [ 116.000705][ T2612] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.024816][ T9709] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.032122][ T9709] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.039361][ T9709] bridge_slave_0: entered allmulticast mode [ 116.046845][ T9709] bridge_slave_0: entered promiscuous mode [ 116.056651][ T2612] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.068461][ T9709] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.076084][ T9709] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.084058][ T9709] bridge_slave_1: entered allmulticast mode [ 116.090861][ T9709] bridge_slave_1: entered promiscuous mode [ 116.099838][ T2612] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.123632][ T9709] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 116.134789][ T9709] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 116.157728][ T2612] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.171006][ T9709] team0: Port device team_slave_0 added [ 116.178836][ T9709] team0: Port device team_slave_1 added [ 116.196489][ T9709] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 116.204317][ T9709] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 116.232293][ T9709] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 116.244190][ T9709] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 116.251280][ T9709] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 116.278627][ T9709] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 116.307482][ T9709] hsr_slave_0: entered promiscuous mode [ 116.313999][ T9709] hsr_slave_1: entered promiscuous mode [ 116.327982][ T29] kauditd_printk_skb: 156 callbacks suppressed [ 116.327998][ T29] audit: type=1326 audit(1862123465.331:2352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9726 comm="syz.1.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 116.335469][ T9709] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 116.359274][ T29] audit: type=1326 audit(1862123465.331:2353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9726 comm="syz.1.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 116.396996][ T29] audit: type=1326 audit(1862123465.341:2354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9726 comm="syz.1.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 116.422938][ T29] audit: type=1326 audit(1862123465.341:2355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9726 comm="syz.1.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 116.432755][ T9709] Cannot create hsr debugfs directory [ 116.446869][ T29] audit: type=1326 audit(1862123465.341:2356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9726 comm="syz.1.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 116.476921][ T29] audit: type=1326 audit(1862123465.371:2357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9726 comm="syz.1.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 116.501002][ T29] audit: type=1326 audit(1862123465.371:2358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9726 comm="syz.1.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 116.525084][ T29] audit: type=1326 audit(1862123465.371:2359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9726 comm="syz.1.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 116.549707][ T29] audit: type=1326 audit(1862123465.371:2360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9726 comm="syz.1.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 116.574233][ T29] audit: type=1326 audit(1862123465.401:2361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9726 comm="syz.1.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 116.624047][ T2612] bridge_slave_1: left allmulticast mode [ 116.630232][ T2612] bridge_slave_1: left promiscuous mode [ 116.636863][ T2612] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.651285][ T2612] bridge_slave_0: left allmulticast mode [ 116.657774][ T2612] bridge_slave_0: left promiscuous mode [ 116.665155][ T2612] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.754351][ T2612] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 116.768080][ T2612] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 116.780242][ T2612] bond0 (unregistering): Released all slaves [ 116.823395][ T2612] tipc: Left network mode [ 116.847900][ T2612] hsr_slave_0: left promiscuous mode [ 116.859464][ T2612] hsr_slave_1: left promiscuous mode [ 116.866777][ T2612] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 116.875414][ T2612] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 116.889233][ T2612] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 116.897341][ T2612] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 116.908610][ T2612] veth1_macvtap: left promiscuous mode [ 116.916024][ T2612] veth0_macvtap: left promiscuous mode [ 116.919330][ T9769] syz.2.2671: attempt to access beyond end of device [ 116.919330][ T9769] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 116.922346][ T2612] veth1_vlan: left promiscuous mode [ 116.940974][ T2612] veth0_vlan: left promiscuous mode [ 117.033437][ T9779] syz.2.2675[9779] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 117.033632][ T9779] syz.2.2675[9779] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 117.046163][ T9779] syz.2.2675[9779] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 117.088776][ T2612] team0 (unregistering): Port device team_slave_1 removed [ 117.113364][ T2612] team0 (unregistering): Port device team_slave_0 removed [ 117.235041][ T9794] loop0: detected capacity change from 0 to 512 [ 117.253317][ T9794] EXT4-fs (loop0): orphan cleanup on readonly fs [ 117.262141][ T9794] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2683: bg 0: block 248: padding at end of block bitmap is not set [ 117.277560][ T9794] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.2683: Failed to acquire dquot type 1 [ 117.289891][ T9794] EXT4-fs (loop0): 1 truncate cleaned up [ 117.298787][ T9794] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 117.313645][ T9802] lo speed is unknown, defaulting to 1000 [ 117.330008][ T8269] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.392596][ T9810] lo speed is unknown, defaulting to 1000 [ 117.523516][ T9709] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 117.556623][ T9709] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 117.571957][ T9709] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 117.607257][ T9709] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 117.756449][ T9709] 8021q: adding VLAN 0 to HW filter on device bond0 [ 117.768389][ T9709] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.819755][ T2102] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.827614][ T2102] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.837444][ T9840] netlink: 'syz.1.2701': attribute type 4 has an invalid length. [ 117.861925][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.869761][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.893533][ T9709] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 117.904442][ T9709] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 117.920611][ T9840] netlink: 'syz.1.2701': attribute type 17 has an invalid length. [ 117.969068][ T9844] loop3: detected capacity change from 0 to 128 [ 118.057781][ T9850] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 118.080860][ T9850] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 118.116179][ T9709] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 118.523931][ T9709] veth0_vlan: entered promiscuous mode [ 118.534879][ T9709] veth1_vlan: entered promiscuous mode [ 118.555106][ T9709] veth0_macvtap: entered promiscuous mode [ 118.563373][ T9709] veth1_macvtap: entered promiscuous mode [ 118.576745][ T9709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.587593][ T9709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.597788][ T9709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.609145][ T9709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.619830][ T9709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.630652][ T9709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.644320][ T9709] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 118.653398][ T9709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.664362][ T9709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.674455][ T9709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.685067][ T9709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.695008][ T9709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.705649][ T9709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.718772][ T9709] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 118.733639][ T9709] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.742691][ T9709] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.752135][ T9709] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.761168][ T9709] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.935263][ T9891] siw: device registration error -23 [ 118.979187][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x4 [ 118.987115][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x2 [ 118.998910][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.006977][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.015089][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.020570][ T9907] ebtables: ebtables: counters copy to user failed while replacing table [ 119.022963][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.039466][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.047388][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.055834][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.064019][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.072068][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.080245][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.088535][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.096776][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.103954][ T9918] loop0: detected capacity change from 0 to 1024 [ 119.104969][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.119812][ T3342] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 119.131497][ T3342] hid-generic 0000:3000000:0000.0004: hidraw0: HID v0.00 Device [sy] on syz0 [ 119.133712][ T9918] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.210252][ T8269] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.254509][ T9936] loop0: detected capacity change from 0 to 128 [ 119.299860][ T9944] loop2: detected capacity change from 0 to 128 [ 119.319030][ T9944] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 119.319223][ T9944] ext4 filesystem being mounted at /361/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 119.404217][ T9953] netlink: 'syz.1.2736': attribute type 2 has an invalid length. [ 119.425570][ T6348] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 119.463726][ T9961] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2741'. [ 119.544926][ T9976] serio: Serial port ptm0 [ 119.667022][ T9996] loop0: detected capacity change from 0 to 1024 [ 119.674356][ T9999] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 6 [ 119.725070][ T9996] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.753127][ T9996] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 119.768831][ T9996] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 16384 with max blocks 1 with error 28 [ 119.781810][ T9996] EXT4-fs (loop0): This should not happen!! Data will be lost [ 119.781810][ T9996] [ 119.792950][ T9996] EXT4-fs (loop0): Total free blocks count 0 [ 119.799102][ T9996] EXT4-fs (loop0): Free/Dirty block details [ 119.806081][ T9996] EXT4-fs (loop0): free_blocks=68451041280 [ 119.813021][ T9996] EXT4-fs (loop0): dirty_blocks=16 [ 119.818347][ T9996] EXT4-fs (loop0): Block reservation details [ 119.824489][ T9996] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 119.850199][ T8269] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.904028][T10015] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2763'. [ 119.913432][T10015] netlink: 'syz.0.2763': attribute type 7 has an invalid length. [ 119.921270][T10015] netlink: 'syz.0.2763': attribute type 8 has an invalid length. [ 119.929482][T10015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2763'. [ 119.941456][T10015] gretap0: entered promiscuous mode [ 119.947845][T10015] batadv_slave_1: entered promiscuous mode [ 119.995284][T10023] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10023 comm=syz.0.2768 [ 120.072687][T10027] loop1: detected capacity change from 0 to 1024 [ 120.084061][T10027] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.117229][ T6566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.133658][T10034] netlink: 532 bytes leftover after parsing attributes in process `syz.3.2773'. [ 120.146526][T10032] siw: device registration error -23 [ 120.198720][T10044] syz.0.2775[10044] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 120.198846][T10044] syz.0.2775[10044] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 120.205336][T10045] loop3: detected capacity change from 0 to 512 [ 120.211987][T10044] syz.0.2775[10044] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 120.244616][T10045] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.300664][T10045] ext4 filesystem being mounted at /92/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 120.341835][T10044] loop0: detected capacity change from 0 to 8192 [ 120.349973][T10044] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 120.377142][ T8585] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.477763][T10051] loop0: detected capacity change from 0 to 2048 [ 120.485172][T10051] EXT4-fs: Ignoring removed orlov option [ 120.498649][ T8] kernel write not supported for file /cpu/0/msr (pid: 8 comm: kworker/0:0) [ 120.522950][T10051] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 120.635562][ T36] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 120.669456][ T36] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 120.686107][ T36] EXT4-fs (loop0): This should not happen!! Data will be lost [ 120.686107][ T36] [ 120.697836][ T36] EXT4-fs (loop0): Total free blocks count 0 [ 120.704469][ T36] EXT4-fs (loop0): Free/Dirty block details [ 120.710882][ T36] EXT4-fs (loop0): free_blocks=2415919104 [ 120.716759][ T36] EXT4-fs (loop0): dirty_blocks=2528 [ 120.722492][ T36] EXT4-fs (loop0): Block reservation details [ 120.729171][ T36] EXT4-fs (loop0): i_reserved_data_blocks=161 [ 120.750125][ T36] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 862 with error 28 [ 121.055294][T10093] netlink: 532 bytes leftover after parsing attributes in process `syz.2.2796'. [ 121.077107][T10092] ebtables: ebtables: counters copy to user failed while replacing table [ 121.227382][T10105] syz.0.2798[10105] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.227459][T10105] syz.0.2798[10105] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.241923][T10105] syz.0.2798[10105] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.830662][ T29] kauditd_printk_skb: 89 callbacks suppressed [ 121.830681][ T29] audit: type=1400 audit(1862123470.831:2449): avc: denied { lock } for pid=10118 comm="syz.3.2807" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=28073 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 121.895907][ T29] audit: type=1400 audit(1862123470.901:2450): avc: denied { setopt } for pid=10120 comm="syz.3.2808" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 121.973096][T10125] loop1: detected capacity change from 0 to 128 [ 121.984575][T10125] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2810'. [ 122.047080][ T29] audit: type=1326 audit(1862123471.051:2451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10134 comm="syz.1.2815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 122.100629][ T29] audit: type=1326 audit(1862123471.051:2452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10134 comm="syz.1.2815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 122.127264][ T29] audit: type=1326 audit(1862123471.051:2453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10134 comm="syz.1.2815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 122.151948][ T29] audit: type=1326 audit(1862123471.051:2454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10134 comm="syz.1.2815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa83bcdff9 code=0x7ffc0000 [ 122.187954][ T29] audit: type=1400 audit(1862123471.191:2455): avc: denied { create } for pid=10148 comm="syz.3.2822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 122.210933][ T29] audit: type=1400 audit(1862123471.191:2456): avc: denied { ioctl } for pid=10148 comm="syz.3.2822" path="socket:[28131]" dev="sockfs" ino=28131 ioctlcmd=0x6205 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 122.237577][ T29] audit: type=1400 audit(1862123471.191:2457): avc: denied { setopt } for pid=10148 comm="syz.3.2822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 122.258546][ T29] audit: type=1400 audit(1862123471.191:2458): avc: denied { getopt } for pid=10148 comm="syz.3.2822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 122.346651][T10165] netlink: 'syz.1.2830': attribute type 3 has an invalid length. [ 122.355481][T10165] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2830'. [ 122.366190][T10163] ip6t_rpfilter: unknown options [ 122.393016][T10170] loop3: detected capacity change from 0 to 512 [ 122.418608][T10173] batadv0: entered promiscuous mode [ 122.432827][T10170] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #15: comm syz.3.2832: casefold flag without casefold feature [ 122.448889][T10173] batadv_slave_0: entered promiscuous mode [ 122.452534][T10170] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.2832: couldn't read orphan inode 15 (err -117) [ 122.456048][T10173] batadv_slave_0: left promiscuous mode [ 122.475029][T10173] batadv0: left promiscuous mode [ 122.494723][T10170] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.556857][ T8585] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.562726][T10192] loop1: detected capacity change from 0 to 512 [ 122.577533][T10192] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 122.592572][T10192] EXT4-fs (loop1): 1 truncate cleaned up [ 122.600623][T10192] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 122.600796][T10196] loop0: detected capacity change from 0 to 256 [ 122.633843][T10196] syz.0.2846[10196] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 122.633936][T10196] syz.0.2846[10196] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 122.647624][T10196] syz.0.2846[10196] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 122.675121][ T6566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.690015][T10206] loop4: detected capacity change from 0 to 512 [ 122.704213][T10196] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001) [ 122.712803][T10204] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2848'. [ 122.727283][T10206] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.742625][T10206] ext4 filesystem being mounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 122.815860][ T9709] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.847427][T10225] rdma_op ffff888114ba7180 conn xmit_rdma 0000000000000000 [ 122.879674][T10232] loop4: detected capacity change from 0 to 512 [ 122.900312][T10232] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.928797][T10232] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 122.938308][T10242] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2865'. [ 122.971509][T10246] netlink: 664 bytes leftover after parsing attributes in process `syz.2.2867'. [ 122.997908][T10232] tmpfs: Unknown parameter 'ÏlC' [ 123.042724][ T9709] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.163931][T10264] syz.4.2870[10264] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 123.164037][T10264] syz.4.2870[10264] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 123.206173][T10268] loop1: detected capacity change from 0 to 1024 [ 123.211657][T10264] syz.4.2870[10264] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 123.256909][T10268] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 123.302395][ T6566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.366746][T10296] siw: device registration error -23 [ 123.547225][T10324] loop3: detected capacity change from 0 to 256 [ 123.578809][T10326] loop3: detected capacity change from 0 to 256 [ 123.911072][T10367] tipc: Enabling of bearer rejected, failed to enable media [ 124.150371][T10397] netlink: 'syz.3.2941': attribute type 153 has an invalid length. [ 124.216297][T10406] netlink: 'syz.4.2946': attribute type 3 has an invalid length. [ 124.497022][T10469] loop2: detected capacity change from 0 to 512 [ 124.518620][T10469] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.2972: corrupted in-inode xattr: invalid ea_ino [ 124.534028][T10469] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.2972: couldn't read orphan inode 15 (err -117) [ 124.551176][T10469] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.595970][ T6348] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.653843][T10488] loop2: detected capacity change from 0 to 512 [ 124.660878][T10488] EXT4-fs: Ignoring removed mblk_io_submit option [ 124.668003][T10488] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 124.678831][T10488] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002] [ 124.687538][T10488] System zones: 1-12 [ 124.693236][T10488] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.2980: corrupted in-inode xattr: e_value size too large [ 124.711047][T10488] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.2980: couldn't read orphan inode 15 (err -117) [ 124.733346][T10488] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 124.781503][ T6348] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.785227][T10501] Cannot find set identified by id 0 to match [ 124.805156][T10503] loop4: detected capacity change from 0 to 2048 [ 124.911618][T10521] __nla_validate_parse: 6 callbacks suppressed [ 124.911638][T10521] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2995'. [ 125.001499][T10533] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3001'. [ 125.052153][T10542] SELinux: failed to load policy [ 125.136281][T10554] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3010'. [ 125.261789][T10575] loop4: detected capacity change from 0 to 512 [ 125.269608][T10573] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3019'. [ 125.282741][T10578] syz.1.3022[10578] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.282836][T10578] syz.1.3022[10578] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.294590][T10575] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 125.328105][T10578] syz.1.3022[10578] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.347050][T10575] EXT4-fs (loop4): orphan cleanup on readonly fs [ 125.386880][T10575] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3021: bg 0: block 248: padding at end of block bitmap is not set [ 125.426591][T10575] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.3021: Failed to acquire dquot type 1 [ 125.453446][T10575] EXT4-fs (loop4): 1 truncate cleaned up [ 125.459903][T10593] SELinux: policydb version 0 does not match my version range 15-33 [ 125.465045][T10575] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 125.469980][T10593] SELinux: failed to load policy [ 125.487336][T10575] EXT4-fs error (device loop4): __ext4_remount:6522: comm syz.4.3021: Abort forced by user [ 125.499815][T10575] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 125.531810][T10575] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 125.542971][T10575] ext4 filesystem being remounted at /75/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 125.577136][T10600] loop3: detected capacity change from 0 to 2048 [ 125.594659][T10575] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.3021: Failed to acquire dquot type 1 [ 125.669261][T10610] batman_adv: batadv0: Adding interface: gretap1 [ 125.676581][T10610] batman_adv: batadv0: Interface activated: gretap1 [ 125.732742][T10620] IPVS: Error joining to the multicast group [ 125.781118][T10631] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3046'. [ 125.866041][T10635] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3048'. [ 125.952803][T10649] syz.1.3055[10649] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 126.035102][T10665] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3062'. [ 126.055987][T10665] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 126.594221][T10696] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3073'. [ 126.639183][T10702] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 126.646059][T10702] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 126.654342][T10702] vhci_hcd vhci_hcd.0: Device attached [ 126.663638][T10704] vhci_hcd: connection closed [ 126.664196][ T170] vhci_hcd: stop threads [ 126.674939][ T170] vhci_hcd: release socket [ 126.679990][ T170] vhci_hcd: disconnect device [ 126.854841][ T29] kauditd_printk_skb: 310 callbacks suppressed [ 126.854855][ T29] audit: type=1400 audit(1862123475.550:2765): avc: denied { read } for pid=10731 comm="syz.4.3091" name="usbmon0" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 126.887363][ T29] audit: type=1400 audit(1862123475.550:2766): avc: denied { open } for pid=10731 comm="syz.4.3091" path="/dev/usbmon0" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 126.917575][ T29] audit: type=1400 audit(1862123475.610:2767): avc: denied { cpu } for pid=10737 comm="syz.4.3094" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 126.950475][ T29] audit: type=1400 audit(1862123475.620:2768): avc: denied { write } for pid=10739 comm="syz.1.3095" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 126.983399][ T29] audit: type=1326 audit(1862123475.680:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10741 comm="syz.4.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3423dff9 code=0x7ffc0000 [ 127.008072][ T29] audit: type=1326 audit(1862123475.680:2770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10741 comm="syz.4.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3423dff9 code=0x7ffc0000 [ 127.035042][ T29] audit: type=1326 audit(1862123475.730:2771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10741 comm="syz.4.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fcb3423dff9 code=0x7ffc0000 [ 127.058925][ T29] audit: type=1326 audit(1862123475.730:2772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10741 comm="syz.4.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3423dff9 code=0x7ffc0000 [ 127.084112][ T29] audit: type=1326 audit(1862123475.730:2773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10741 comm="syz.4.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3423dff9 code=0x7ffc0000 [ 127.108910][ T29] audit: type=1326 audit(1862123475.770:2774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10741 comm="syz.4.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7fcb3423dff9 code=0x7ffc0000 [ 127.161432][T10746] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10746 comm=syz.1.3098 [ 127.187448][T10751] loop3: detected capacity change from 0 to 512 [ 127.194972][T10751] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 127.204730][T10751] EXT4-fs (loop3): orphan cleanup on readonly fs [ 127.213214][T10751] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3100: bg 0: block 248: padding at end of block bitmap is not set [ 127.228993][T10751] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.3100: Failed to acquire dquot type 1 [ 127.243335][T10751] EXT4-fs (loop3): 1 truncate cleaned up [ 127.255184][T10751] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 127.266774][T10751] EXT4-fs error (device loop3): __ext4_remount:6522: comm syz.3.3100: Abort forced by user [ 127.283345][T10751] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 127.303565][T10751] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 127.317230][T10766] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 127.319427][T10751] ext4 filesystem being remounted at /166/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 127.324643][T10766] IPv6: NLM_F_CREATE should be set when creating new route [ 127.379318][T10751] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.3100: Failed to acquire dquot type 1 [ 127.556913][T10801] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3124'. [ 127.621866][T10811] loop1: detected capacity change from 0 to 4096 [ 127.710986][T10825] 9pnet_fd: Insufficient options for proto=fd [ 127.768783][T10827] netlink: 'syz.1.3133': attribute type 3 has an invalid length. [ 127.918079][T10840] loop1: detected capacity change from 0 to 1764 [ 127.932625][T10840] 9pnet_fd: Insufficient options for proto=fd [ 128.152705][T10842] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 128.167733][T10842] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 128.215533][T10862] ALSA: seq fatal error: cannot create timer (-22) [ 128.630037][T10900] bpf_get_probe_write_proto: 2 callbacks suppressed [ 128.630115][T10900] syz.3.3169[10900] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 128.638459][T10900] syz.3.3169[10900] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 128.651166][T10900] syz.3.3169[10900] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 128.746557][T10906] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3172'. [ 128.860024][T10916] netlink: 'syz.0.3177': attribute type 3 has an invalid length. [ 128.992514][T10930] loop4: detected capacity change from 0 to 1024 [ 128.999496][T10930] EXT4-fs: Ignoring removed oldalloc option [ 129.013656][T10930] EXT4-fs mount: 10 callbacks suppressed [ 129.013671][T10930] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.058102][ T9709] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.069693][T10936] 9pnet_fd: p9_fd_create_tcp (10936): problem connecting socket to 127.0.0.1 [ 129.084582][T10938] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 129.119766][T10944] loop0: detected capacity change from 0 to 512 [ 129.133233][T10944] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.146471][T10944] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 129.168473][T10944] tmpfs: Unknown parameter 'ÏlC' [ 129.185350][ T8269] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.193263][T10951] loop4: detected capacity change from 0 to 512 [ 129.222562][T10951] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.235831][T10951] ext4 filesystem being mounted at /115/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 129.260203][ T9709] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.416592][T10976] loop2: detected capacity change from 0 to 1024 [ 129.439378][T10976] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.457480][T10979] 9pnet_fd: Insufficient options for proto=fd [ 129.483485][ T6348] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.491292][T10987] netlink: 'syz.3.3206': attribute type 10 has an invalid length. [ 129.505944][T10987] team0: Port device syz_tun added [ 129.529672][T10993] loop1: detected capacity change from 0 to 256 [ 129.538302][T10990] loop2: detected capacity change from 0 to 512 [ 129.548871][T10990] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 129.550274][T10993] FAT-fs (loop1): bogus number of FAT sectors [ 129.563905][T10993] FAT-fs (loop1): Can't find a valid FAT filesystem [ 129.597291][T10993] loop1: detected capacity change from 0 to 2048 [ 129.605597][T10990] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 129.613874][T10990] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 129.623949][T11006] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 129.625798][T10990] System zones: 0-1, 15-15, 18-18, 34-34 [ 129.642854][T10990] EXT4-fs (loop2): orphan cleanup on readonly fs [ 129.651742][T10990] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 129.667353][T10990] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 129.675252][T10990] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3205: bg 0: block 40: padding at end of block bitmap is not set [ 129.690849][T10993] loop1: p1 p3 < > p4 < p5 > [ 129.695573][T10993] loop1: partition table partially beyond EOD, truncated [ 129.696253][T10990] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 129.704154][T10993] loop1: p1 size 33024 extends beyond EOD, truncated [ 129.719352][T10990] EXT4-fs (loop2): 1 truncate cleaned up [ 129.726646][T10993] loop1: p3 start 4284289 is beyond EOD, truncated [ 129.737260][T10993] loop1: p5 size 33024 extends beyond EOD, truncated [ 129.745685][T10990] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 129.798377][T10990] EXT4-fs (loop2): shut down requested (1) [ 129.815082][T10990] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=16 [ 129.824844][T10990] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=16 [ 129.861947][ T6348] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.932282][T11036] loop3: detected capacity change from 0 to 512 [ 129.939215][T11036] EXT4-fs: Ignoring removed bh option [ 129.945163][T11036] EXT4-fs: inline encryption not supported [ 129.955002][T11036] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.3230: corrupted in-inode xattr: invalid ea_ino [ 129.972433][T11036] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.3230: couldn't read orphan inode 15 (err -117) [ 129.986198][T11036] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.037216][T11049] loop4: detected capacity change from 0 to 512 [ 130.047003][ T8585] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.056988][T11049] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 130.074833][T11049] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 130.083630][T11049] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 130.091985][T11049] System zones: 0-1, 15-15, 18-18, 34-34 [ 130.097865][T11049] EXT4-fs (loop4): orphan cleanup on readonly fs [ 130.104328][T11049] EXT4-fs warning (device loop4): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 130.119598][T11049] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 130.128800][T11049] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3235: bg 0: block 40: padding at end of block bitmap is not set [ 130.143466][T11049] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 130.152496][T11049] EXT4-fs (loop4): 1 truncate cleaned up [ 130.158573][T11049] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 130.176701][T11049] EXT4-fs (loop4): shut down requested (1) [ 130.183843][T11049] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=16 [ 130.192894][T11049] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=16 [ 130.209372][ T9709] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.225985][T11059] lo speed is unknown, defaulting to 1000 [ 130.455599][T11083] loop3: detected capacity change from 0 to 512 [ 130.463812][T11083] EXT4-fs: Ignoring removed oldalloc option [ 130.472919][T11083] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.3250: Parent and EA inode have the same ino 15 [ 130.490726][T11083] EXT4-fs (loop3): Remounting filesystem read-only [ 130.497499][T11083] EXT4-fs warning (device loop3): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 130.519458][T11083] EXT4-fs (loop3): 1 orphan inode deleted [ 130.531086][T11083] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.545318][T11083] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 130.548531][T11092] SELinux: Context :yz1 is not valid (left unmapped). [ 130.555529][T11083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.614401][T11100] ================================================================== [ 130.622910][T11100] BUG: KCSAN: data-race in pcpu_alloc_noprof / pcpu_block_update_hint_alloc [ 130.632603][T11100] [ 130.634951][T11100] read-write to 0xffffffff88bdd3ac of 4 bytes by task 11096 on cpu 1: [ 130.643429][T11100] pcpu_block_update_hint_alloc+0x5db/0x6a0 [ 130.649364][T11100] pcpu_alloc_area+0x488/0x4b0 [ 130.654256][T11100] pcpu_alloc_noprof+0x4b3/0x10c0 [ 130.659698][T11100] bpf_map_alloc_percpu+0xad/0x210 [ 130.664861][T11100] array_map_alloc+0x2aa/0x390 [ 130.670030][T11100] map_create+0x850/0xb70 [ 130.674505][T11100] __sys_bpf+0x667/0x7a0 [ 130.678782][T11100] __x64_sys_bpf+0x43/0x50 [ 130.683226][T11100] x64_sys_call+0x2625/0x2d60 [ 130.688020][T11100] do_syscall_64+0xc9/0x1c0 [ 130.692547][T11100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.698563][T11100] [ 130.700915][T11100] read to 0xffffffff88bdd3ac of 4 bytes by task 11100 on cpu 0: [ 130.708723][T11100] pcpu_alloc_noprof+0x9a7/0x10c0 [ 130.713770][T11100] ipv6_add_dev+0x2ee/0xab0 [ 130.718300][T11100] addrconf_notify+0x407/0x950 [ 130.723340][T11100] raw_notifier_call_chain+0x6f/0x1d0 [ 130.729045][T11100] call_netdevice_notifiers_info+0xae/0x100 [ 130.735239][T11100] register_netdevice+0xca9/0xe30 [ 130.740470][T11100] register_netdev+0x3b/0x50 [ 130.745607][T11100] loopback_net_init+0x59/0x100 [ 130.750657][T11100] ops_init+0x1c9/0x260 [ 130.754850][T11100] setup_net+0x14d/0x600 [ 130.759105][T11100] copy_net_ns+0x290/0x430 [ 130.763623][T11100] create_new_namespaces+0x228/0x430 [ 130.768940][T11100] unshare_nsproxy_namespaces+0xe6/0x120 [ 130.774595][T11100] ksys_unshare+0x3da/0x720 [ 130.779224][T11100] __x64_sys_unshare+0x1f/0x30 [ 130.784002][T11100] x64_sys_call+0x2c8d/0x2d60 [ 130.788697][T11100] do_syscall_64+0xc9/0x1c0 [ 130.793670][T11100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.799679][T11100] [ 130.802002][T11100] value changed: 0x00000004 -> 0xfffffffd [ 130.808071][T11100] [ 130.810395][T11100] Reported by Kernel Concurrency Sanitizer on: [ 130.816648][T11100] CPU: 0 UID: 0 PID: 11100 Comm: syz.2.3258 Tainted: G W 6.12.0-rc1-syzkaller-00042-gf23aa4c0761a #0 [ 130.828903][T11100] Tainted: [W]=WARN [ 130.832710][T11100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 130.842797][T11100] ================================================================== [ 130.852523][T11100] lo speed is unknown, defaulting to 1000 [ 133.431449][ T29] kauditd_printk_skb: 111 callbacks suppressed [ 133.431465][ T29] audit: type=1400 audit(1862123482.130:2880): avc: denied { read } for pid=2950 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 133.461861][ T29] audit: type=1400 audit(1862123482.130:2881): avc: denied { search } for pid=2950 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 133.485368][ T29] audit: type=1400 audit(1862123482.130:2882): avc: denied { append } for pid=2950 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 133.508580][ T29] audit: type=1400 audit(1862123482.130:2883): avc: denied { open } for pid=2950 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 133.531625][ T29] audit: type=1400 audit(1862123482.130:2884): avc: denied { getattr } for pid=2950 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1