last executing test programs: 4.942873383s ago: executing program 3 (id=8067): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x80de, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=") creat(&(0x7f0000000000)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x4200, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x171c, 0x0, 0x0, 0x0, 0x8, "ef359f413bb93852f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a4b78c660e677df701908b9aaa3f6a00400", "036c47c6780820d1cbf7896de1fdcf335263bdbcef549ba197fce47ddfdd753abd9501ce721b6ae9b49600002a00", "b7326736181c208220000000b9000010000000000000f0ffefffff5aff000001"}) 4.775280518s ago: executing program 3 (id=8076): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) setxattr$incfs_id(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), &(0x7f0000000580)={'0000000000000000000000000000000', 0x30}, 0x20, 0x2) 4.55015545s ago: executing program 3 (id=8095): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffc, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x2, 0x8, 0x8, 0x3ff}]}) 3.196831785s ago: executing program 4 (id=8154): r0 = openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) write$selinux_create(r0, &(0x7f00000005c0)=@objname={'system_u:object_r:hald_exec_t:s0', 0x20, 'system_u:system_r:kernel_t:s0', 0x20, 0x0, 0x20, './mnt\x00'}, 0x5a) 3.134056761s ago: executing program 4 (id=8155): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014001180b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}}) 2.957879037s ago: executing program 4 (id=8164): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000400)='net/dev_mcast\x00') preadv(r2, &(0x7f0000000100)=[{&(0x7f0000000000)=""/154, 0x9a}], 0x1, 0x0, 0x0) sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="030000000000000000000200000009000100"], 0x34}}, 0x0) 2.850193537s ago: executing program 4 (id=8169): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x200000, &(0x7f0000000400)={[{@dioread_lock}, {@errors_remount}, {@i_version}, {@noblock_validity}]}, 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000240)=ANY=[@ANYBLOB="000000004c900200070000000300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"]) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 2.59466467s ago: executing program 4 (id=8171): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000080850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 2.184318079s ago: executing program 4 (id=8172): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='sys_enter\x00', r0}, 0x10) r1 = epoll_create1(0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xe000001a}) 1.658136577s ago: executing program 2 (id=8191): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x141301) ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000040)={0x80, 0x6, 0x301, 0x0, 0x18, 0x0, 0x0}) 1.597531573s ago: executing program 2 (id=8200): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080)) write$cgroup_int(r0, &(0x7f00000000c0), 0x12) 1.368539824s ago: executing program 1 (id=8198): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21, 0x5000}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x4}, @IFLA_IPTUN_LINK={0x8, 0x1, r2}]}}}, @IFLA_MTU={0x8, 0x4, 0x40000500}]}, 0x4c}}, 0x0) 1.164380263s ago: executing program 1 (id=8199): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300002095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioperm(0x0, 0x3, 0x3f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='percpu_alloc_percpu\x00', r0}, 0x10) syz_io_uring_setup(0x3667, &(0x7f0000000100)={0x0, 0x0, 0x2}, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 1.131718326s ago: executing program 2 (id=8201): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) sendmsg$NL80211_CMD_SET_MAC_ACL(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='~\x00\x00\n', @ANYRES16=0x0, @ANYBLOB="0000f33bdc97a8d29ebcae76e05f43000000", @ANYRES32=0x0, @ANYBLOB="0c00990000000000000000000800a500000000000400a6804000a6800a00060008021100000100000a00060008021100000100000a00060008021100000000000a00060008021100000100000a00060008021100000000000800a50001"], 0x7c}}, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000000c0)="17000000020001000003be8c5ee17688a2003308030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba000840024f0298e9e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0x11a) 1.067358042s ago: executing program 2 (id=8203): r0 = syz_io_uring_setup(0x1114, &(0x7f0000000200), &(0x7f00000001c0)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x10, 0x0, 0x7, 0x0, 0x0}) io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x18, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff]}, 0x1) 1.066845052s ago: executing program 1 (id=8204): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree_skb\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001b00)=ANY=[@ANYBLOB="b702000013000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005e9a9ed347ce167c04cefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5282db0bdc0774c5b60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e91b4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e93f67d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd16aac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313acf5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ef57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633b4d987591ec3db582cef55c98a59a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee705caa751f9facc4af0b8282aa46f34fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd353646000000000000ade90000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656cc2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef062cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd6eac114482b619fc575aa0dd2777e881e29a854380e0f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eedffffa63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b55891f170849c8cd5e942c0652127e7f6baa0d3277f1c33d1a55953dda6b3ef332adb49e3537829be258ddee56c8ab709d7c3f9107ba11bf7f608bcfec730eb13c9104851e6e859cc0568ff072192c49b42f1a4156372d0ed5caad2be9cc1d7f47faaca0890f196025cfd3a2ecf86106bb069a75f5c730caf55c473039c46925bc82e0e578cc2a2ba6f8be4fea86a9bb18a5164ce8321f585d537cf10cdcc440dd2347b5e93be7686938fb8ba2446000000000000000000003002c069b0854d2db0a0c762b1f88c3f687e6aa5bacf086403f4cee2847ab61ad3d230e49fd7942e374217738ad4a6d94f2af2ba7486514a7131357369523e85ee52a6148c0f8fe1af9334567f2123445eb722dd5b7094a2848a281f495acbbcd2ef25eda26333df5db4ff0e7445ebd3013ac9cfc2cdb5bacafde79b40baa19cc2eb0e93c6a2d8877149aa5ed8fe477a51b8d647f9e83d4a407635696cc48d821023080c40b66e5aba44dcd95781075a42155c821a0c41c324532c1abccb4ae1dcec2e3cec396c49ccacc787f795e03cc908a6defc7073c3452a8362951bb4c7c42a40321e85708aaa3283c79fbf7d8055bd9b740c616ec70"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffca3, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd60e0ffff04128700631177fbac141416e000030a44079f034d2f87e589ca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x61, 0x60000000, 0x0, 0x7000000}, 0x2c) 1.018971896s ago: executing program 0 (id=8205): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = socket$inet(0x2, 0x2, 0x1) setsockopt$inet_buf(r1, 0x0, 0x20, &(0x7f00000001c0)="17bdefe4d3a1e88acb70e416", 0xc) 1.018388326s ago: executing program 1 (id=8206): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000eae7"], 0x48) 1.007795898s ago: executing program 0 (id=8207): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000600)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x2, 0x13, 0x0, 0x8, 0x2}, 0x10}}, 0x10) 934.825024ms ago: executing program 0 (id=8208): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$inet(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000280)=@broute={'broute\x00', 0x20, 0x2, 0x238, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200005c0], 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000d96600000000000000000000000000000000000000000000000000001ae0000000000000feffffff0100000011000000000000008100626373663000000200080000003f000000000000000002000000ffff00000000626f6e643000000000000000000000007600000000010000005c121d00000000ffffffffffff0000000000000000000000000000000000000000d0000000d000000000010000766c616e000000ff030000002000000000000000000000000000000000000000080000000000007f0000000000000100766c616e000000000000000000000000000000000000000000000000000000000800000000000000000000063810020041554449540000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff01000000030000000000000000006970365f76746930000000000000000073797a6b616c6c6572300000000000006263736630000000000000000000000076657468305f746f5f7465616d000000aaaaaaaaaacc030000000000aaaaaaaaaaaa00000000000000007000000070000000a8000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000fcffffff0000000000000000000000000000000000000000000000000000000000000000400000000000000002000000ffffffff00000000"]}, 0x2b0) 911.940766ms ago: executing program 1 (id=8209): perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 869.39919ms ago: executing program 0 (id=8210): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x8) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf67000000000000160602000fff52007607000010000000d60700000ee60000bf050000000000001f63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070400000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999f9d60bb39d0af449deaa27ea949e8f9000d885dfea2783835e29eb532ba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f2686ee970d6482a2e7ddbf51c74ccac1c7b21bde7d1af255d6ebff9bff35e3888a0e356d82e43407a6d7fa94b2100204000000000000009ab62d7b07ba0a71a72145edade9941f04000000000000004ea9e4c70ef8b7407740ab3312edee62a4dc2fc85755d387bfa1bc8eb71fbe11b2216cc8d1f0160c237d929b49da28724b95555b74be2f76fb5f330b015a68587a75c01300"/467], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffe1, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 826.943704ms ago: executing program 1 (id=8211): write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @loopback}, 0x10, 0x0}, 0x34004000) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a00010076786c616e0000000400028008000a00", @ANYRES64=r0], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) 739.899602ms ago: executing program 0 (id=8212): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)={0x54, r2, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_PEERS={0x38, 0x8, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_ALLOWEDIPS={0x4}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r3}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x40) 711.306275ms ago: executing program 0 (id=8213): unshare(0x22020600) r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r0, &(0x7f0000003540)=[{{&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, &(0x7f0000000880)=[{&(0x7f0000000080)="93", 0x1}, {&(0x7f0000002400)="9917b1ad3d06a27855d01141e914353e8c663ed1065e32301b8acd1815ed897020c9092fe19ef95bd3c69397d675e3c19835f4c930a9bcbd49c4d872b7679a32e22015d7df39001b2d750fe2484101ef67cb628910e4cde2d8285b9017f55e84b67b72840813a8d080b71200f197d5b65f243ac4ac17d0cba3d08c98ceedf43365fc78aa0f52585ef7d8d525c049e1ae193a110f2dcfce4e6114b15de04b2720d6bd946506004cf479e742dcf73534e370150d97a55b559b5a1bedbc9290cbcac428f960e016fb88cfc21d86da2974ec3f2632992a27a4e5864623e05722eb07d27139b45171ec0cefa44e98f05dd4ff957056265edbacd81a611e4dfacb2b4879517e00c52e84728b1de1193bc88e509860ff143fc216c5100c41667a3ba5b157db616145a6d5ddb592e6b9589cdc93e3e8ef63da3cb4033d9f676cec3dcbb003ae54940e30203e1dc7b939c9c32029ad645b46ee269892e7a786bd36c2f7d962aad3b8d6e9d946adfa984a52cf7d35c5b2f492ab267c1ca948a5c0323d628364a612004c1c7feb2671a984f4dc05330a968e4b8cbe9200f111597c8ecc7ea7681ec281e168edbadc83d98de2b0dda7b187f509e487d63300932f3c76a1b66b4e01dffb07b4c80b5f5273a84b3cb0732b691738bba87517d53cf2b88b481cb325b8b912f54cee9d2546f2fdb96931bda2821eb66554abd4a21a8281c3c461df633a97f5cb3cf924fb324782399df0dc72d18d22b320e605dddf1123417dffc6452835a63fca230fbb002fd9c204b0819c56c4ce398423518b59dc8220bbf0c8b66f54c8009f1170f4c5582bfc703938bdf4d88ffe3eb87f4d2a62d442bb08ba405e11984c919fed63f9e86fd16c00843fa07cd9170919f4d07a12ad38db3f9effcfe1d631a48150e33ce07b3516fefab9587043a908dac8b0ffe361ec8e0fe7531f6d6d858cdabf7600f3a2bd90bce672cba7d366ae4ac6e33813f18340349422230cfe1d8c5757eb139321d44b57159089c68c13d7806cdbebeb42953f6f1670a313278a13076defab61b2016cf636ed37c7e7e1c49a4fb1d6a3d249e189087b37e724b6b24824bce4f77ab6f8a8d2f571d23c5120d75440e8eeda120467b5046b316e39aea9b6c7fa65eb4db56a3fed78c25fcde3afa956dee186fcad0b83f3d50a153f269113f5d9f1ccdff5ba86390c95b3a4ac782cd1121253f728b9b28a3cf59ebd82b0439d2f439e9cd00ca11a3f73515b6256b0faa56063ab761d5860a002c27fede7ce87b6336a4a146f2286ee32bb12e5a8bef04ba8cdb901c602a80eec7e74c947f88f6939ad240db8bc4baf655b941d1fc166fcbd2a64b5691e9145847ebc3ff5f8c07b8265c00176fa4617b6b7249aa801a090d4c65e36cfbbbca28913a892c3a7dd856fdf1f9a7279acfeee9fe51d14f87e4928f07f80145f54afb9a94fce7e76d38b64858327883b8f7141ccac8de649b7eb216d1b6c63f6d4d56dd9f11a2b36a6b3913917c378931e1ba3ec16aec67ef2bab2f1336a6990f7a78ab8acbc81d4ef49dc9bf02e6bae05118c706aeafa332e785ab59140d41ec0d00261ef9dd1735e19954cf1e8042b84185fa8bea4878e22ae53841b9c9752c950e5b21c7e7212b0297f22675cf8baae246e3c46a33e7228633954253add2592dbb7335b24569c834977a53ef23a84f7819deabd2c499422f23e7b682dc7f81b5d47b2ed330b83bb4f6c8f976539a8bf0d1f9b88d534c672d329ba41009f75c928ede7", 0x4e4}], 0x2}}, {{&(0x7f0000000740)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001a40)=[{&(0x7f0000000780)="e4", 0x1}], 0x1}}], 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000000), 0x4) ppoll(&(0x7f00000008c0)=[{r0}], 0x1, 0x0, 0x0, 0x0) 112.61427ms ago: executing program 3 (id=8098): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x3aa4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) utime(0x0, 0x0) 110.50936ms ago: executing program 2 (id=8222): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="ac020000", @ANYRES16=r1, @ANYBLOB="bf4400000000000000000c"], 0x2ac}}, 0x0) 42.514657ms ago: executing program 3 (id=8214): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300002095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioperm(0x0, 0x3, 0x3f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='percpu_alloc_percpu\x00', r0}, 0x10) syz_io_uring_setup(0x3667, &(0x7f0000000100)={0x0, 0x0, 0x2}, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 31.636848ms ago: executing program 2 (id=8215): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) 0s ago: executing program 3 (id=8216): r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x5) ppoll(&(0x7f0000000080)=[{r0}], 0x1, &(0x7f0000000240), 0x0, 0x0) kernel console output (not intermixed with test programs): [ 142.352377][T17408] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 142.383376][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.395456][T17432] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6273'. [ 142.612270][T17459] loop4: detected capacity change from 0 to 2048 [ 142.633909][T17459] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 142.777977][T17494] bpf_get_probe_write_proto: 2 callbacks suppressed [ 142.777994][T17494] syz.1.6302[17494] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 142.787256][T17491] netlink: 'syz.4.6301': attribute type 3 has an invalid length. [ 142.810946][T17494] syz.1.6302[17494] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 142.811018][T17494] syz.1.6302[17494] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 142.915181][T17508] loop3: detected capacity change from 0 to 512 [ 142.947978][T17508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.961954][T17508] ext4 filesystem being mounted at /1195/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.986456][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.008606][T17522] netlink: 'syz.3.6315': attribute type 39 has an invalid length. [ 143.025436][T17524] netlink: 'syz.1.6316': attribute type 3 has an invalid length. [ 143.112441][T17534] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 143.282804][T17564] netlink: 'syz.1.6336': attribute type 39 has an invalid length. [ 143.403563][T17575] syz.1.6341[17575] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 143.403621][T17575] syz.1.6341[17575] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 143.415924][T17575] syz.1.6341[17575] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 143.677543][T17622] loop3: detected capacity change from 0 to 512 [ 143.696579][T17622] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 143.715653][T17622] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.6363: invalid indirect mapped block 4294967295 (level 0) [ 143.731537][T17622] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.6363: invalid indirect mapped block 4294967295 (level 1) [ 143.745972][T17622] EXT4-fs (loop3): 1 orphan inode deleted [ 143.751867][T17622] EXT4-fs (loop3): 1 truncate cleaned up [ 143.758260][T17622] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.773174][T17622] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 143.784995][T17631] loop4: detected capacity change from 0 to 512 [ 143.800224][T17631] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 143.801107][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.808344][T17631] EXT4-fs (loop4): orphan cleanup on readonly fs [ 143.826700][T17631] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.6367: Failed to acquire dquot type 1 [ 143.838508][T17631] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.6367: bg 0: block 40: padding at end of block bitmap is not set [ 143.856778][T17638] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6370'. [ 143.881734][T17631] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 143.893736][T17631] EXT4-fs (loop4): 1 truncate cleaned up [ 143.900057][T17631] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 143.934325][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.934671][T17649] xt_hashlimit: invalid interval [ 144.540884][T17675] vxcan1: tx address claim with different name [ 144.759394][T17699] devtmpfs: Unknown parameter 'dic' [ 145.007887][T17729] loop4: detected capacity change from 0 to 512 [ 145.024107][T17729] EXT4-fs (loop4): orphan cleanup on readonly fs [ 145.033126][T17729] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.6412: bg 0: block 248: padding at end of block bitmap is not set [ 145.049883][T17729] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.6412: Failed to acquire dquot type 1 [ 145.063184][T17729] EXT4-fs (loop4): 1 truncate cleaned up [ 145.069905][T17729] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 145.086503][T17740] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 145.101185][T17729] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 145.123865][T17729] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 145.147076][T17749] syz.1.6418[17749] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 145.147138][T17749] syz.1.6418[17749] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 145.164688][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.185323][T17749] syz.1.6418[17749] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 145.423003][ T29] kauditd_printk_skb: 277 callbacks suppressed [ 145.423019][ T29] audit: type=1400 audit(1728264304.007:5393): avc: denied { write } for pid=17786 comm="syz.3.6434" name="ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 145.471485][ T29] audit: type=1400 audit(1728264304.027:5394): avc: denied { create } for pid=17782 comm="syz.1.6436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 145.507876][ T29] audit: type=1400 audit(1728264304.087:5395): avc: denied { write } for pid=17794 comm="syz.4.6439" path="socket:[50465]" dev="sockfs" ino=50465 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 145.616386][T17817] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 145.699513][T17834] netlink: 'syz.1.6457': attribute type 11 has an invalid length. [ 145.758145][T17841] loop4: detected capacity change from 0 to 1024 [ 145.797602][T17841] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.801833][ T29] audit: type=1400 audit(1728264304.387:5396): avc: denied { ioctl } for pid=17850 comm="syz.2.6463" path="socket:[50523]" dev="sockfs" ino=50523 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 145.865936][ T29] audit: type=1400 audit(1728264304.447:5397): avc: denied { read } for pid=17858 comm="syz.0.6465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 145.874176][T17841] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 145.911199][T17841] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 145.923801][T17841] EXT4-fs (loop4): This should not happen!! Data will be lost [ 145.923801][T17841] [ 145.933654][T17841] EXT4-fs (loop4): Total free blocks count 0 [ 145.940864][T17841] EXT4-fs (loop4): Free/Dirty block details [ 145.947121][T17841] EXT4-fs (loop4): free_blocks=68451041280 [ 145.953053][T17841] EXT4-fs (loop4): dirty_blocks=16 [ 145.958574][T17841] EXT4-fs (loop4): Block reservation details [ 145.964822][T17841] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 146.001875][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.028335][T17878] pimreg: entered allmulticast mode [ 146.036755][T17878] pimreg: left allmulticast mode [ 146.054366][ T29] audit: type=1326 audit(1728264304.637:5398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17880 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 146.086675][ T29] audit: type=1326 audit(1728264304.637:5399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17880 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 146.112676][ T29] audit: type=1326 audit(1728264304.637:5400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17880 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 146.137831][ T29] audit: type=1326 audit(1728264304.637:5401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17880 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 146.161650][ T29] audit: type=1326 audit(1728264304.657:5402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17880 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 146.231323][T17894] program syz.0.6480 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 146.331948][T17915] SELinux: Context system_u:object_r:systemd_passwd_var_run_t:s0 is not valid (left unmapped). [ 146.332930][T17919] loop3: detected capacity change from 0 to 512 [ 146.351360][T17919] EXT4-fs: Ignoring removed mblk_io_submit option [ 146.375036][T17928] netlink: 'syz.4.6494': attribute type 11 has an invalid length. [ 146.382095][T17919] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.396810][T17919] ext4 filesystem being mounted at /1223/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 146.416438][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.433054][T17932] loop4: detected capacity change from 0 to 2048 [ 146.453828][T17932] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.473222][T17932] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 146.490971][T17932] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 13 with max blocks 1 with error 28 [ 146.505125][T17932] EXT4-fs (loop4): This should not happen!! Data will be lost [ 146.505125][T17932] [ 146.516363][T17932] EXT4-fs (loop4): Total free blocks count 0 [ 146.524480][T17932] EXT4-fs (loop4): Free/Dirty block details [ 146.531718][T17932] EXT4-fs (loop4): free_blocks=66060288 [ 146.537289][T17932] EXT4-fs (loop4): dirty_blocks=16 [ 146.543816][T17932] EXT4-fs (loop4): Block reservation details [ 146.551809][T17932] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 146.583019][ T151] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 146.637463][T17966] syz.1.6510[17966] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 146.644769][T17957] netlink: 'syz.0.6503': attribute type 21 has an invalid length. [ 146.666088][T17957] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6503'. [ 146.694897][T17974] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6514'. [ 146.766614][T17983] loop3: detected capacity change from 0 to 2048 [ 146.795934][T17983] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.811940][T17983] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 146.831428][T17983] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 13 with max blocks 1 with error 28 [ 146.845096][T17983] EXT4-fs (loop3): This should not happen!! Data will be lost [ 146.845096][T17983] [ 146.856413][T17983] EXT4-fs (loop3): Total free blocks count 0 [ 146.864466][T17983] EXT4-fs (loop3): Free/Dirty block details [ 146.871955][T17983] EXT4-fs (loop3): free_blocks=66060288 [ 146.878642][T17983] EXT4-fs (loop3): dirty_blocks=16 [ 146.885727][T17983] EXT4-fs (loop3): Block reservation details [ 146.893886][T17983] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 146.923375][T17998] loop4: detected capacity change from 0 to 128 [ 146.930917][T18000] netlink: 256 bytes leftover after parsing attributes in process `syz.0.6523'. [ 146.957720][T17998] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 146.970090][ T151] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 146.984177][T18009] netlink: 8280 bytes leftover after parsing attributes in process `syz.2.6527'. [ 146.984312][T18009] netlink: 8280 bytes leftover after parsing attributes in process `syz.2.6527'. [ 147.015006][T17998] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 147.051016][T17998] EXT4-fs error (device loop4): __ext4_find_entry:1652: inode #2: comm syz.4.6522: checksumming directory block 0 [ 147.114792][ T3265] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 147.183900][T18008] usb usb3: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 147.221221][T18008] vhci_hcd: default hub control req: d300 v0000 i0000 l0 [ 147.313893][T18040] Cannot find del_set index 0 as target [ 147.328129][T18042] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6550'. [ 147.339567][T18042] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6550'. [ 147.353359][T18042] gtp0: entered promiscuous mode [ 147.358438][T18042] gtp0: entered allmulticast mode [ 147.388179][T18054] pimreg: entered allmulticast mode [ 147.395400][T18054] pimreg: left allmulticast mode [ 147.577792][T18089] vhci_hcd: default hub control req: 8031 v0000 i0000 l0 [ 147.592315][T18095] pimreg: entered allmulticast mode [ 147.600124][T18095] pimreg: left allmulticast mode [ 147.743603][T18120] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6577'. [ 147.788540][T18134] pimreg: entered allmulticast mode [ 147.796088][T18134] pimreg: left allmulticast mode [ 148.221852][T18181] netlink: 'syz.0.6604': attribute type 3 has an invalid length. [ 148.514248][T18221] lo speed is unknown, defaulting to 1000 [ 148.863327][T18264] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 148.924115][T18273] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6646'. [ 148.933594][T18273] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6646'. [ 149.971350][T18333] IPVS: Error joining to the multicast group [ 149.978506][T18336] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 150.035100][T18345] loop3: detected capacity change from 0 to 1024 [ 150.047202][T18345] EXT4-fs: Ignoring removed orlov option [ 150.053541][T18345] EXT4-fs: Ignoring removed nomblk_io_submit option [ 150.073965][T18350] loop4: detected capacity change from 0 to 764 [ 150.083248][T18345] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 150.097224][T18350] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 150.144408][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.164026][T18365] loop3: detected capacity change from 0 to 512 [ 150.191364][T18365] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.207631][T18365] ext4 filesystem being mounted at /1263/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 150.258136][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.280472][T18381] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=18381 comm=syz.4.6695 [ 150.312700][T18387] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526 [ 150.513595][T18413] loop4: detected capacity change from 0 to 2048 [ 150.555821][T18413] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 150.577456][ T29] kauditd_printk_skb: 148 callbacks suppressed [ 150.577470][ T29] audit: type=1400 audit(1728264309.157:5551): avc: denied { rename } for pid=18411 comm="syz.4.6708" name="file1" dev="loop4" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 150.607953][T18413] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 150.642767][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.676150][T18434] 0ªX¹¦À: renamed from caif0 [ 150.683041][T18434] 0ªX¹¦À: entered allmulticast mode [ 150.688277][T18434] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 150.738034][T18444] loop4: detected capacity change from 0 to 1024 [ 150.765272][ T29] audit: type=1326 audit(1728264309.347:5552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.0.6723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 150.790063][ T29] audit: type=1326 audit(1728264309.347:5553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.0.6723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 150.815877][ T29] audit: type=1326 audit(1728264309.347:5554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.0.6723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 150.841410][ T29] audit: type=1326 audit(1728264309.347:5555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.0.6723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 150.865365][ T29] audit: type=1326 audit(1728264309.347:5556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.0.6723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 150.866424][T18444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 150.890097][ T29] audit: type=1326 audit(1728264309.347:5557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.0.6723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 150.890190][ T29] audit: type=1326 audit(1728264309.347:5558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.0.6723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 150.890212][ T29] audit: type=1326 audit(1728264309.347:5559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.0.6723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 150.890234][ T29] audit: type=1326 audit(1728264309.347:5560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.0.6723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f15434bdff9 code=0x7ffc0000 [ 151.014397][T18444] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 151.040843][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.117624][T18482] bpf_get_probe_write_proto: 5 callbacks suppressed [ 151.117641][T18482] syz.0.6734[18482] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 151.130600][T18482] syz.0.6734[18482] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 151.144528][T18482] syz.0.6734[18482] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 151.227250][T18503] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 151.384573][T18532] binfmt_misc: register: failed to install interpreter file ./file0 [ 151.396843][T18532] devtmpfs: Too few inodes for current use [ 151.499675][T18550] SELinux: Context system_u:object_r:var_t:s0 is not valid (left unmapped). [ 151.602290][T18564] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=18564 comm=syz.0.6769 [ 152.051081][T18654] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0 [ 152.051455][T18653] IPVS: stopping master sync thread 18654 ... [ 152.505274][ T2299] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.553820][ T2299] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.625566][ T3265] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 152.638375][ T3265] CPU: 1 UID: 0 PID: 3265 Comm: syz-executor Tainted: G W 6.12.0-rc2-syzkaller #0 [ 152.649137][ T3265] Tainted: [W]=WARN [ 152.652936][ T3265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 152.662981][ T3265] Call Trace: [ 152.666250][ T3265] [ 152.669232][ T3265] dump_stack_lvl+0xf2/0x150 [ 152.673900][ T3265] dump_stack+0x15/0x20 [ 152.678044][ T3265] dump_header+0x83/0x2d0 [ 152.682386][ T3265] oom_kill_process+0x341/0x4c0 [ 152.687432][ T3265] out_of_memory+0x9af/0xbe0 [ 152.692066][ T3265] ? css_next_descendant_pre+0x11c/0x140 [ 152.697794][ T3265] mem_cgroup_out_of_memory+0x13e/0x190 [ 152.703389][ T3265] try_charge_memcg+0x51b/0x810 [ 152.708399][ T3265] charge_memcg+0x50/0xc0 [ 152.712731][ T3265] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 152.718726][ T3265] __read_swap_cache_async+0x236/0x480 [ 152.724208][ T3265] swap_cluster_readahead+0x276/0x3f0 [ 152.729737][ T3265] swapin_readahead+0xe4/0x6f0 [ 152.734844][ T3265] ? __filemap_get_folio+0x420/0x5b0 [ 152.740335][ T3265] ? save_fpregs_to_fpstate+0x102/0x160 [ 152.745959][ T3265] ? swap_cache_get_folio+0x77/0x210 [ 152.751339][ T3265] do_swap_page+0x2af/0x23e0 [ 152.755973][ T3265] ? hrtimer_try_to_cancel+0x106/0x1d0 [ 152.761438][ T3265] ? __rcu_read_lock+0x36/0x50 [ 152.766221][ T3265] ? pte_offset_map_nolock+0x124/0x1d0 [ 152.771697][ T3265] handle_mm_fault+0x8c5/0x2a80 [ 152.776551][ T3265] exc_page_fault+0x3b9/0x650 [ 152.781298][ T3265] asm_exc_page_fault+0x26/0x30 [ 152.786146][ T3265] RIP: 0033:0x7fcd3ec700a5 [ 152.790553][ T3265] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e c4 15 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74 [ 152.810505][ T3265] RSP: 002b:00007ffe2b3291c8 EFLAGS: 00010246 [ 152.816664][ T3265] RAX: 0000000000000000 RBX: 0000000000000b39 RCX: 00007fcd3ec700a3 [ 152.824646][ T3265] RDX: 00007ffe2b3291e0 RSI: 0000000000000000 RDI: 0000000000000000 [ 152.832716][ T3265] RBP: 00007ffe2b32923c R08: 000000001f59643d R09: 7fffffffffffffff [ 152.840773][ T3265] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032 [ 152.848824][ T3265] R13: 0000000000025294 R14: 0000000000025274 R15: 00007ffe2b329290 [ 152.856800][ T3265] [ 152.859903][ T3265] memory: usage 307200kB, limit 307200kB, failcnt 2725 [ 152.870350][ T3265] memory+swap: usage 307428kB, limit 9007199254740988kB, failcnt 0 [ 152.878252][ T3265] kmem: usage 307084kB, limit 9007199254740988kB, failcnt 0 [ 152.886864][ T3265] Memory cgroup stats for /syz4: [ 152.896321][ T2299] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.942152][ T3265] cache 110592 [ 152.942294][T18694] lo speed is unknown, defaulting to 1000 [ 152.945536][ T3265] rss 0 [ 152.955461][ T3265] shmem 0 [ 152.958465][ T3265] mapped_file 110592 [ 152.964179][ T3265] dirty 110592 [ 152.967555][ T3265] writeback 4096 [ 152.972080][ T3265] workingset_refault_anon 17 [ 152.976665][ T3265] workingset_refault_file 0 [ 152.981403][ T3265] swap 233472 [ 152.984676][ T3265] swapcached 4096 [ 152.988389][ T3265] pgpgin 122973 [ 152.992635][ T3265] pgpgout 122944 [ 152.996178][ T3265] pgfault 220400 [ 153.001072][ T3265] pgmajfault 15 [ 153.004530][ T3265] inactive_anon 4096 [ 153.008419][ T3265] active_anon 0 [ 153.013307][ T3265] inactive_file 110592 [ 153.017377][ T3265] active_file 4096 [ 153.023167][ T3265] unevictable 0 [ 153.026720][ T3265] hierarchical_memory_limit 314572800 [ 153.033419][ T3265] hierarchical_memsw_limit 9223372036854771712 [ 153.040900][ T3265] total_cache 110592 [ 153.044892][ T3265] total_rss 0 [ 153.048236][ T3265] total_shmem 0 [ 153.053785][ T3265] total_mapped_file 110592 [ 153.058348][ T3265] total_dirty 110592 [ 153.063567][ T3265] total_writeback 4096 [ 153.067685][ T3265] total_workingset_refault_anon 17 [ 153.074061][ T3265] total_workingset_refault_file 0 [ 153.081120][ T3265] total_swap 233472 [ 153.084935][ T3265] total_swapcached 4096 [ 153.090574][ T3265] total_pgpgin 122973 [ 153.094554][ T3265] total_pgpgout 122944 [ 153.098629][ T3265] total_pgfault 220400 [ 153.103974][ T3265] total_pgmajfault 15 [ 153.107944][ T3265] total_inactive_anon 4096 [ 153.114229][ T3265] total_active_anon 0 [ 153.118225][ T3265] total_inactive_file 110592 [ 153.124203][ T3265] total_active_file 4096 [ 153.128592][ T3265] total_unevictable 0 [ 153.133894][ T3265] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.6824,pid=18677,uid=0 [ 153.150688][ T3265] Memory cgroup out of memory: Killed process 18677 (syz.4.6824) total-vm:89032kB, anon-rss:620kB, file-rss:15904kB, shmem-rss:0kB, UID:0 pgtables:104kB oom_score_adj:1000 [ 153.175090][T18694] chnl_net:caif_netlink_parms(): no params data found [ 153.182277][T18716] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 153.182301][T18716] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 153.182379][T18716] vhci_hcd vhci_hcd.0: Device attached [ 153.183885][T18724] vhci_hcd: connection closed [ 153.208428][ T151] vhci_hcd: stop threads [ 153.220812][ T151] vhci_hcd: release socket [ 153.225468][ T151] vhci_hcd: disconnect device [ 153.233074][ T2299] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.293526][T18694] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.302802][T18694] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.313959][T18694] bridge_slave_0: entered allmulticast mode [ 153.321777][T18694] bridge_slave_0: entered promiscuous mode [ 153.327343][T18739] 9pnet: Could not find request transport: rd [ 153.334296][T18694] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.334337][T18694] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.334540][T18694] bridge_slave_1: entered allmulticast mode [ 153.335037][T18694] bridge_slave_1: entered promiscuous mode [ 153.380632][T18694] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 153.394640][T18694] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 153.417729][ T2299] bridge_slave_1: left allmulticast mode [ 153.425520][ T2299] bridge_slave_1: left promiscuous mode [ 153.432556][ T2299] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.443319][ T2299] bridge_slave_0: left allmulticast mode [ 153.449739][ T2299] bridge_slave_0: left promiscuous mode [ 153.455539][ T2299] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.562266][ T2299] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 153.573471][ T2299] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 153.584190][ T2299] bond0 (unregistering): Released all slaves [ 153.608020][T18694] team0: Port device team_slave_0 added [ 153.616360][T18694] team0: Port device team_slave_1 added [ 153.633295][ T2299] hsr_slave_0: left promiscuous mode [ 153.640038][ T2299] hsr_slave_1: left promiscuous mode [ 153.645724][ T2299] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 153.653819][ T2299] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 153.661967][ T2299] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 153.669574][ T2299] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 153.678574][ T2299] veth1_macvtap: left promiscuous mode [ 153.684232][ T2299] veth0_macvtap: left promiscuous mode [ 153.690412][ T2299] veth1_vlan: left promiscuous mode [ 153.695686][ T2299] veth0_vlan: left promiscuous mode [ 153.783946][ T2299] team0 (unregistering): Port device team_slave_1 removed [ 153.797971][ T2299] team0 (unregistering): Port device team_slave_0 removed [ 153.872409][T18694] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 153.880738][T18694] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 153.910073][T18694] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 153.930930][T18694] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 153.937923][T18694] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 153.965982][T18694] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 154.004746][T18694] hsr_slave_0: entered promiscuous mode [ 154.012618][T18694] hsr_slave_1: entered promiscuous mode [ 154.018517][T18694] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 154.028145][T18694] Cannot create hsr debugfs directory [ 154.037352][T18747] lo speed is unknown, defaulting to 1000 [ 154.167607][T18747] chnl_net:caif_netlink_parms(): no params data found [ 154.205398][T18747] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.214122][T18747] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.222653][T18747] bridge_slave_0: entered allmulticast mode [ 154.231078][T18747] bridge_slave_0: entered promiscuous mode [ 154.240267][T18747] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.247560][T18747] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.256205][T18747] bridge_slave_1: entered allmulticast mode [ 154.266260][T18747] bridge_slave_1: entered promiscuous mode [ 154.291906][T18747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 154.305477][T18747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 154.334480][T18747] team0: Port device team_slave_0 added [ 154.344132][T18747] team0: Port device team_slave_1 added [ 154.381448][T18747] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 154.388559][T18747] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.417273][T18747] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 154.432168][T18747] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 154.441239][T18747] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.469533][T18747] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 154.483453][T18694] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 154.511495][T18694] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 154.525635][T18747] hsr_slave_0: entered promiscuous mode [ 154.534067][T18747] hsr_slave_1: entered promiscuous mode [ 154.541370][T18747] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 154.549075][T18747] Cannot create hsr debugfs directory [ 154.554809][T18694] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 154.574119][T18694] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 154.657891][T18747] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.669199][T18747] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0 [ 154.680679][T18747] netdevsim netdevsim4 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 154.696409][T18694] 8021q: adding VLAN 0 to HW filter on device bond0 [ 154.715070][T18694] 8021q: adding VLAN 0 to HW filter on device team0 [ 154.725221][ T151] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.732316][ T151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 154.747676][T18747] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.758310][T18747] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0 [ 154.768378][T18747] netdevsim netdevsim4 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 154.786914][ T151] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.794008][ T151] bridge0: port 2(bridge_slave_1) entered forwarding state [ 154.819375][T18694] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 154.829882][T18694] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 154.862747][T18747] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.873342][T18747] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0 [ 154.883285][T18747] netdevsim netdevsim4 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 154.942289][T18747] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.952543][T18747] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0 [ 154.963021][T18747] netdevsim netdevsim4 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 154.985257][T18694] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 155.044198][T18747] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 155.055975][T18747] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 155.068341][T18747] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 155.080478][T18747] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 155.104685][T18694] veth0_vlan: entered promiscuous mode [ 155.115208][T18694] veth1_vlan: entered promiscuous mode [ 155.148540][T18694] veth0_macvtap: entered promiscuous mode [ 155.157998][T18694] veth1_macvtap: entered promiscuous mode [ 155.166393][T18747] 8021q: adding VLAN 0 to HW filter on device bond0 [ 155.186393][T18747] 8021q: adding VLAN 0 to HW filter on device team0 [ 155.194478][T18694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.205779][T18694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.216199][T18694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.226834][T18694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.237386][T18694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.247848][T18694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.260017][T18694] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 155.271819][ T28] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.278903][ T28] bridge0: port 1(bridge_slave_0) entered forwarding state [ 155.295638][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.302891][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 155.313232][T18694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.324571][T18694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.334428][T18694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.345209][T18694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.355923][T18694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.367001][T18694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.377377][T18694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.388440][T18694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.398549][T18694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.409980][T18694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.421045][T18694] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 155.429777][T18694] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.438688][T18694] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.448582][T18694] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.457467][T18694] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.539698][T18831] __nla_validate_parse: 14 callbacks suppressed [ 155.539758][T18831] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6882'. [ 155.555486][T18831] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6882'. [ 155.574096][T18747] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 155.632246][T18843] lo speed is unknown, defaulting to 1000 [ 155.731614][ T29] kauditd_printk_skb: 108 callbacks suppressed [ 155.731654][ T29] audit: type=1326 audit(1728264314.317:5669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18857 comm="syz.1.6881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43916dff9 code=0x7ffc0000 [ 155.764199][ T3342] kernel read not supported for file /newroot/1306/file0 (pid: 3342 comm: kworker/0:4) [ 155.768263][ T29] audit: type=1326 audit(1728264314.317:5670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18857 comm="syz.1.6881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43916dff9 code=0x7ffc0000 [ 155.798218][T18747] veth0_vlan: entered promiscuous mode [ 155.801435][ T29] audit: type=1326 audit(1728264314.317:5671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18857 comm="syz.1.6881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ff43916dff9 code=0x7ffc0000 [ 155.830710][ T29] audit: type=1326 audit(1728264314.317:5672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18857 comm="syz.1.6881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43916dff9 code=0x7ffc0000 [ 155.839712][T18747] veth1_vlan: entered promiscuous mode [ 155.855751][ T29] audit: type=1326 audit(1728264314.317:5673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18857 comm="syz.1.6881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43916dff9 code=0x7ffc0000 [ 155.886040][ T29] audit: type=1326 audit(1728264314.317:5674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18857 comm="syz.1.6881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff43916dff9 code=0x7ffc0000 [ 155.911076][ T29] audit: type=1326 audit(1728264314.317:5675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18857 comm="syz.1.6881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43916dff9 code=0x7ffc0000 [ 155.936707][ T29] audit: type=1326 audit(1728264314.317:5676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18857 comm="syz.1.6881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43916dff9 code=0x7ffc0000 [ 155.938104][T18747] veth0_macvtap: entered promiscuous mode [ 155.995567][T18747] veth1_macvtap: entered promiscuous mode [ 156.023512][T18747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.035746][T18747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.045935][T18747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.057957][T18747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.068514][T18747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.080156][T18747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.091256][T18747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.102761][T18747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.114790][T18747] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 156.129456][T18747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.141935][T18747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.153341][T18747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.165535][T18747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.177331][T18747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.188685][T18877] usb usb8: usbfs: process 18877 (syz.1.6889) did not claim interface 0 before use [ 156.200957][T18747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.212098][T18747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.212307][ T29] audit: type=1326 audit(1728264314.787:5677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18878 comm="syz.1.6890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43916dff9 code=0x7ffc0000 [ 156.223814][T18747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.247244][ T29] audit: type=1326 audit(1728264314.787:5678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18878 comm="syz.1.6890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43916dff9 code=0x7ffc0000 [ 156.286149][T18747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.297398][T18747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.308192][T18747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.319957][T18747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.332071][T18747] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 156.344886][T18747] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.355710][T18747] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.365903][T18747] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.376142][T18747] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.437052][T18886] lo speed is unknown, defaulting to 1000 [ 156.445680][T18889] loop3: detected capacity change from 0 to 256 [ 156.453938][T18889] vfat: Bad value for 'fmask' [ 156.496376][T18893] loop3: detected capacity change from 0 to 1764 [ 156.595624][T18911] loop4: detected capacity change from 0 to 512 [ 156.622133][ T3334] kernel read not supported for file /newroot/216/file0 (pid: 3334 comm: kworker/0:2) [ 156.633247][T18911] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.646909][T18911] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 156.676659][T18747] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.862804][T18936] Cannot find del_set index 0 as target [ 156.955369][T18949] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6914'. [ 156.964415][T18949] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6914'. [ 156.975999][T18949] gtp0: entered promiscuous mode [ 156.981032][T18949] gtp0: entered allmulticast mode [ 157.563753][T18969] loop0: detected capacity change from 0 to 764 [ 157.588395][T18969] Symlink component flag not implemented [ 157.598388][T18973] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6926'. [ 157.608553][T18969] Symlink component flag not implemented (129) [ 157.616604][T18969] rock: directory entry would overflow storage [ 157.624043][T18969] rock: sig=0x4f50, size=4, remaining=3 [ 157.629739][T18969] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 157.807789][T19003] netlink: 'syz.1.6943': attribute type 4 has an invalid length. [ 157.868265][T19008] lo speed is unknown, defaulting to 1000 [ 157.984738][T19016] loop3: detected capacity change from 0 to 2048 [ 158.205332][ T109] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.248723][T19023] lo speed is unknown, defaulting to 1000 [ 158.281255][ T109] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.307144][T19050] loop3: detected capacity change from 0 to 512 [ 158.316960][T19050] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.6958: bg 0: block 5: invalid block bitmap [ 158.334267][T19050] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 158.343964][T19050] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.6958: invalid indirect mapped block 3 (level 2) [ 158.347892][T19049] lo speed is unknown, defaulting to 1000 [ 158.378167][T19050] EXT4-fs (loop3): 1 orphan inode deleted [ 158.385228][T19050] EXT4-fs (loop3): 1 truncate cleaned up [ 158.396467][ T109] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.404511][T19050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 158.426719][T19050] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6958'. [ 158.448614][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.472401][T19023] chnl_net:caif_netlink_parms(): no params data found [ 158.492760][ T109] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.589940][T19023] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.597213][T19023] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.608913][T19023] bridge_slave_0: entered allmulticast mode [ 158.615594][T19023] bridge_slave_0: entered promiscuous mode [ 158.623268][T19023] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.630361][T19023] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.637701][T19023] bridge_slave_1: entered allmulticast mode [ 158.644588][T19023] bridge_slave_1: entered promiscuous mode [ 158.667146][T19023] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 158.678038][T19023] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 158.692035][T19085] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 158.752281][T19023] team0: Port device team_slave_0 added [ 158.759393][T19023] team0: Port device team_slave_1 added [ 158.808457][ T109] bridge_slave_1: left allmulticast mode [ 158.815463][ T109] bridge_slave_1: left promiscuous mode [ 158.823367][ T109] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.854321][ T109] bridge_slave_0: left allmulticast mode [ 158.861357][ T109] bridge_slave_0: left promiscuous mode [ 158.867321][ T109] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.997337][ T109] bond0 (unregistering): (slave geneve1): Releasing backup interface [ 159.040992][ T109] bond0 (unregistering): left promiscuous mode [ 159.047233][ T109] bond_slave_0: left promiscuous mode [ 159.053115][ T109] bond_slave_1: left promiscuous mode [ 159.068453][ T109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 159.083437][ T109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 159.102983][ T109] bond0 (unregistering): Released all slaves [ 159.112323][ T109] bond1 (unregistering): Released all slaves [ 159.121279][T19023] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 159.128350][T19023] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.157077][T19023] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 159.176168][T19023] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 159.184023][T19023] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.211162][T19023] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 159.227331][ T109] tipc: Disabling bearer [ 159.232946][ T109] tipc: Left network mode [ 159.250799][ T109] hsr_slave_0: left promiscuous mode [ 159.258262][ T109] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 159.267279][ T109] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 159.276856][ T109] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 159.285626][ T109] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 159.317870][ T109] veth1_macvtap: left promiscuous mode [ 159.323407][ T109] veth0_macvtap: left promiscuous mode [ 159.329165][ T109] veth1_vlan: left promiscuous mode [ 159.334615][ T109] veth0_vlan: left promiscuous mode [ 159.341354][T19128] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7002'. [ 159.434320][ T109] team0 (unregistering): Port device team_slave_1 removed [ 159.445159][ T109] team0 (unregistering): Port device team_slave_0 removed [ 159.490307][T19128] IPVS: Error joining to the multicast group [ 159.537380][T19140] loop0: detected capacity change from 0 to 256 [ 159.551280][T19023] hsr_slave_0: entered promiscuous mode [ 159.570724][T19023] hsr_slave_1: entered promiscuous mode [ 159.620877][T19149] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=19149 comm=syz.1.7001 [ 159.801640][T19187] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7020'. [ 159.812762][T19187] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7020'. [ 159.856608][T19194] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7023'. [ 159.977901][T19023] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 159.988699][T19023] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 160.001478][T19023] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 160.011530][T19023] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 160.056268][T19222] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 160.084251][T19023] 8021q: adding VLAN 0 to HW filter on device bond0 [ 160.135921][T19232] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 160.161198][T19023] 8021q: adding VLAN 0 to HW filter on device team0 [ 160.180756][ T2299] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.188059][ T2299] bridge0: port 1(bridge_slave_0) entered forwarding state [ 160.198509][ T2299] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.205632][ T2299] bridge0: port 2(bridge_slave_1) entered forwarding state [ 160.328662][T19023] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 160.398262][T19023] veth0_vlan: entered promiscuous mode [ 160.407242][T19023] veth1_vlan: entered promiscuous mode [ 160.420983][T19023] veth0_macvtap: entered promiscuous mode [ 160.432357][T19023] veth1_macvtap: entered promiscuous mode [ 160.444306][T19023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.454955][T19023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.465073][T19023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.475704][T19023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.485579][T19023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.496101][T19023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.505930][T19023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.516514][T19023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.527424][T19023] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 160.538433][T19023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.550186][T19023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.561582][T19023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.573248][T19023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.584766][T19023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.596449][T19023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.607752][T19023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.620342][T19023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.631123][T19023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.642728][T19023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.653396][T19023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.664294][T19023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.678488][T19023] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 160.701651][T19023] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.713815][T19023] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.724419][T19023] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.735235][T19023] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.798249][T19276] __nla_validate_parse: 5 callbacks suppressed [ 160.798265][T19276] netlink: 664 bytes leftover after parsing attributes in process `syz.2.6951'. [ 160.817089][T19279] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 160.873058][T19293] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7052'. [ 160.894241][T19294] loop0: detected capacity change from 0 to 512 [ 160.901032][T19293] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7052'. [ 160.913482][T19294] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #2: comm syz.0.7065: corrupted xattr block 255: invalid header [ 160.927697][T19294] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 160.928271][ T29] kauditd_printk_skb: 90 callbacks suppressed [ 160.928282][ T29] audit: type=1326 audit(1728264319.507:5769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19300 comm="syz.3.7057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 160.937716][T19294] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.944938][ T29] audit: type=1326 audit(1728264319.507:5770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19300 comm="syz.3.7057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 160.967137][T19294] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #2: comm syz.0.7065: corrupted xattr block 255: invalid header [ 160.990516][T19294] SELinux: (dev loop0, type ext4) getxattr errno 117 [ 161.009775][ T29] audit: type=1326 audit(1728264319.507:5771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19300 comm="syz.3.7057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 161.023869][T19294] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.030546][ T29] audit: type=1326 audit(1728264319.507:5772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19300 comm="syz.3.7057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 161.090359][ T29] audit: type=1326 audit(1728264319.507:5773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19300 comm="syz.3.7057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 161.117486][ T29] audit: type=1326 audit(1728264319.557:5774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19300 comm="syz.3.7057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 161.123571][T19293] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7052'. [ 161.143086][ T29] audit: type=1326 audit(1728264319.557:5775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19300 comm="syz.3.7057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 161.176149][ T29] audit: type=1326 audit(1728264319.557:5776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19300 comm="syz.3.7057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 161.201086][ T29] audit: type=1326 audit(1728264319.557:5777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19300 comm="syz.3.7057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 161.225758][ T29] audit: type=1326 audit(1728264319.557:5778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19300 comm="syz.3.7057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 161.393375][T19330] netlink: 664 bytes leftover after parsing attributes in process `syz.3.7070'. [ 161.448683][T19340] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7075'. [ 161.471804][T19340] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7075'. [ 161.496648][T19340] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7075'. [ 161.517848][T19347] loop4: detected capacity change from 0 to 128 [ 161.527573][T19347] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 161.536937][T19347] vhci_hcd: invalid port number 219 [ 161.543624][T19347] vhci_hcd: default hub control req: ecdb v6ab1 i00db l1556 [ 161.824737][T19375] netlink: 664 bytes leftover after parsing attributes in process `syz.1.7090'. [ 161.850806][T19377] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7093'. [ 161.954559][T19396] syz.1.7100[19396] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 161.954613][T19396] syz.1.7100[19396] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 161.966686][T19396] syz.1.7100[19396] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.409567][T19415] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 162.578710][T19444] IPVS: Error joining to the multicast group [ 162.712337][T19458] xt_CT: You must specify a L4 protocol and not use inversions on it [ 162.727418][T19460] loop0: detected capacity change from 0 to 512 [ 162.762505][T19460] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.7131: bg 0: block 5: invalid block bitmap [ 162.779091][T19460] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 162.810058][T19460] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.7131: invalid indirect mapped block 3 (level 2) [ 162.828542][T19460] EXT4-fs (loop0): 1 orphan inode deleted [ 162.834382][T19460] EXT4-fs (loop0): 1 truncate cleaned up [ 162.841038][T19460] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.860432][T19481] Invalid ELF header magic: != ELF [ 162.946835][T16655] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.967633][T19491] loop0: detected capacity change from 0 to 256 [ 162.984705][T19491] FAT-fs (loop0): Directory bread(block 64) failed [ 162.993576][T19491] FAT-fs (loop0): Directory bread(block 65) failed [ 163.001506][T19491] FAT-fs (loop0): Directory bread(block 66) failed [ 163.008295][T19491] FAT-fs (loop0): Directory bread(block 67) failed [ 163.023461][T19491] FAT-fs (loop0): Directory bread(block 68) failed [ 163.033776][T19491] FAT-fs (loop0): Directory bread(block 69) failed [ 163.041807][T19491] FAT-fs (loop0): Directory bread(block 70) failed [ 163.052906][T19491] FAT-fs (loop0): Directory bread(block 71) failed [ 163.060876][T19491] FAT-fs (loop0): Directory bread(block 72) failed [ 163.067460][T19491] FAT-fs (loop0): Directory bread(block 73) failed [ 163.087529][T19491] syz.0.7146: attempt to access beyond end of device [ 163.087529][T19491] loop0: rw=0, sector=1768, nr_sectors = 4 limit=256 [ 163.127138][T19501] loop0: detected capacity change from 0 to 1024 [ 163.152026][T19501] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 163.167906][T19501] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 163.189804][T16655] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.275300][T19518] loop0: detected capacity change from 0 to 512 [ 163.283902][T19518] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 163.302252][T19518] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.315930][T19518] ext4 filesystem being mounted at /271/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 163.338561][T16655] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.458527][T19532] loop3: detected capacity change from 0 to 1024 [ 163.471969][T19532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 163.487690][T19532] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 163.512540][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.147622][T19574] loop3: detected capacity change from 0 to 512 [ 164.170729][T19574] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 164.193318][T19574] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.225475][T19574] ext4 filesystem being mounted at /1376/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.359581][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.459872][T19594] loop0: detected capacity change from 0 to 1024 [ 164.497332][T19594] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.540871][T16655] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.600532][T19605] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 165.034672][T19621] loop0: detected capacity change from 0 to 512 [ 165.062197][T19621] EXT4-fs: Ignoring removed bh option [ 165.078614][T19621] EXT4-fs: inline encryption not supported [ 165.091911][T19621] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.7194: corrupted in-inode xattr: invalid ea_ino [ 165.111316][T19621] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.7194: couldn't read orphan inode 15 (err -117) [ 165.126456][T19621] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.163883][T16655] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.392085][T19662] loop0: detected capacity change from 0 to 1024 [ 165.427407][T19669] loop4: detected capacity change from 0 to 128 [ 165.462429][T19662] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.601392][T19687] sctp: [Deprecated]: syz.4.7234 (pid 19687) Use of struct sctp_assoc_value in delayed_ack socket option. [ 165.601392][T19687] Use struct sctp_sack_info instead [ 165.626178][T16655] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.961111][ T29] kauditd_printk_skb: 205 callbacks suppressed [ 165.961126][ T29] audit: type=1400 audit(1728264323.729:5984): avc: denied { getopt } for pid=19709 comm="syz.4.7244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 165.998279][ T29] audit: type=1400 audit(1728264323.759:5985): avc: denied { read } for pid=19719 comm="syz.1.7250" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 166.005885][T19722] syzkaller1: entered promiscuous mode [ 166.023062][ T29] audit: type=1400 audit(1728264323.759:5986): avc: denied { open } for pid=19719 comm="syz.1.7250" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 166.023096][ T29] audit: type=1400 audit(1728264323.769:5987): avc: denied { ioctl } for pid=19721 comm="syz.0.7249" path="socket:[57267]" dev="sockfs" ino=57267 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 166.032432][ T29] audit: type=1326 audit(1728264323.799:5988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19724 comm="syz.3.7251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 166.057716][T19722] syzkaller1: entered allmulticast mode [ 166.082023][ T29] audit: type=1326 audit(1728264323.799:5989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19724 comm="syz.3.7251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 166.082058][ T29] audit: type=1326 audit(1728264323.799:5990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19724 comm="syz.3.7251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 166.082154][ T29] audit: type=1326 audit(1728264323.799:5991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19724 comm="syz.3.7251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 166.140613][ T29] audit: type=1326 audit(1728264323.909:5992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19724 comm="syz.3.7251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 166.140746][ T29] audit: type=1326 audit(1728264323.909:5993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19724 comm="syz.3.7251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 166.293063][T19740] __nla_validate_parse: 11 callbacks suppressed [ 166.293077][T19740] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7258'. [ 166.377588][T19748] netlink: 199796 bytes leftover after parsing attributes in process `syz.0.7262'. [ 166.724949][T19801] syz.2.7287[19801] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 166.725054][T19801] syz.2.7287[19801] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 166.737783][T19801] syz.2.7287[19801] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 166.846607][T19814] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 166.867476][T19814] vhci_hcd: invalid port number 23 [ 167.033810][T19832] loop4: detected capacity change from 0 to 8192 [ 167.304235][T19873] Cannot find add_set index 0 as target [ 167.415110][T19890] loop3: detected capacity change from 0 to 512 [ 167.425882][T19890] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 167.472357][T19890] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.495561][T19890] ext4 filesystem being mounted at /1403/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 167.512162][T19910] netlink: 'syz.1.7335': attribute type 1 has an invalid length. [ 167.539907][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.576753][T19921] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.7341'. [ 167.642655][T19938] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7349'. [ 167.653875][T19938] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7349'. [ 167.767445][T19962] syzkaller1: entered promiscuous mode [ 167.773069][T19962] syzkaller1: entered allmulticast mode [ 167.976133][T19989] loop0: detected capacity change from 0 to 1024 [ 167.983284][T19989] journal_path: Lookup failure for './file1' [ 167.989316][T19989] EXT4-fs: error: could not find journal device path [ 168.125839][T20024] netlink: 'syz.0.7390': attribute type 3 has an invalid length. [ 168.135678][T20024] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7390'. [ 168.164330][T20028] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7392'. [ 168.350496][T20067] tipc: Enabling of bearer rejected, failed to enable media [ 168.741921][T20104] syz.2.7427[20104] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 168.742067][T20104] syz.2.7427[20104] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 168.755236][T20104] syz.2.7427[20104] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 168.916054][ T3341] kernel write not supported for file /snd/seq (pid: 3341 comm: kworker/0:3) [ 168.973115][T20126] tmpfs: Bad value for 'mpol' [ 169.161369][T20140] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 3 [ 169.301311][T20158] tmpfs: Bad value for 'mpol' [ 169.351584][T20166] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 169.685259][T20212] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 169.714446][T20214] tipc: Enabling of bearer rejected, failed to enable media [ 169.729184][T20218] syz.1.7484[20218] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.729367][T20218] syz.1.7484[20218] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.741364][T20218] syz.1.7484[20218] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.765592][ T3334] kernel write not supported for file /snd/seq (pid: 3334 comm: kworker/0:2) [ 169.788484][T20225] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.7480'. [ 169.798719][T20211] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.7480'. [ 169.874914][T20245] syz.1.7498[20245] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.874954][T20245] syz.1.7498[20245] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.887797][T20245] syz.1.7498[20245] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.893560][T20241] vhci_hcd: default hub control req: 4014 v0000 i0000 l0 [ 169.923894][T20243] tipc: Enabling of bearer rejected, failed to enable media [ 169.977345][T20252] syz.4.7501[20252] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 170.091185][T20278] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.7506'. [ 170.117731][T20275] loop4: detected capacity change from 0 to 8192 [ 170.265499][T20295] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 170.593598][T20351] loop0: detected capacity change from 0 to 256 [ 170.617275][T20355] loop3: detected capacity change from 0 to 128 [ 170.628349][T20355] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 170.637272][T20355] vhci_hcd: invalid port number 219 [ 170.642678][T20355] vhci_hcd: default hub control req: ecdb v6ab1 i00db l1556 [ 170.655498][T20353] netlink: 'syz.1.7549': attribute type 4 has an invalid length. [ 170.716954][T20367] loop3: detected capacity change from 0 to 164 [ 170.743933][T20367] syz.3.7554: attempt to access beyond end of device [ 170.743933][T20367] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 170.760315][T20367] syz.3.7554: attempt to access beyond end of device [ 170.760315][T20367] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 170.775626][T20367] syz.3.7554: attempt to access beyond end of device [ 170.775626][T20367] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 170.792523][T20367] syz.3.7554: attempt to access beyond end of device [ 170.792523][T20367] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 170.831130][T20367] syz.3.7554: attempt to access beyond end of device [ 170.831130][T20367] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 170.849801][T20367] syz.3.7554: attempt to access beyond end of device [ 170.849801][T20367] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 170.864626][T20367] syz.3.7554: attempt to access beyond end of device [ 170.864626][T20367] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 170.879272][T20367] syz.3.7554: attempt to access beyond end of device [ 170.879272][T20367] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 170.893144][T20367] syz.3.7554: attempt to access beyond end of device [ 170.893144][T20367] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 170.907433][T20367] syz.3.7554: attempt to access beyond end of device [ 170.907433][T20367] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 171.052814][ T29] kauditd_printk_skb: 419 callbacks suppressed [ 171.052826][ T29] audit: type=1400 audit(1728264584.817:6413): avc: denied { compute_member } for pid=20399 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 171.337053][ T29] audit: type=1400 audit(1728264585.097:6414): avc: denied { ioctl } for pid=20402 comm="syz.0.7583" path="socket:[60151]" dev="sockfs" ino=60151 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 171.383845][ T29] audit: type=1326 audit(1728264585.147:6415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20407 comm="syz.2.7575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb053f2dff9 code=0x7ffc0000 [ 171.408077][ T29] audit: type=1326 audit(1728264585.147:6416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20407 comm="syz.2.7575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb053f2dff9 code=0x7ffc0000 [ 171.432281][ T29] audit: type=1326 audit(1728264585.197:6417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20407 comm="syz.2.7575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb053f2dff9 code=0x7ffc0000 [ 171.456126][ T29] audit: type=1326 audit(1728264585.197:6418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20407 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb053f2dff9 code=0x7ffc0000 [ 171.479403][ T29] audit: type=1326 audit(1728264585.197:6419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20407 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb053f2dff9 code=0x7ffc0000 [ 171.503631][ T29] audit: type=1326 audit(1728264585.267:6420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20407 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb053f2dff9 code=0x7ffc0000 [ 171.526983][ T29] audit: type=1326 audit(1728264585.267:6421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20407 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb053f2dff9 code=0x7ffc0000 [ 171.549984][ T29] audit: type=1326 audit(1728264585.267:6422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20407 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb053f2dff9 code=0x7ffc0000 [ 171.606478][T20412] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 171.631792][T20421] IPVS: Error joining to the multicast group [ 171.696109][T20426] netlink: 'syz.3.7582': attribute type 21 has an invalid length. [ 171.848079][T20458] __nla_validate_parse: 1 callbacks suppressed [ 171.848091][T20458] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7599'. [ 172.030850][T20478] loop3: detected capacity change from 0 to 128 [ 172.033880][T20476] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 172.043791][T20478] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 172.071989][T20478] ext4 filesystem being mounted at /1457/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 172.135104][ T3269] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 172.166887][T20484] loop3: detected capacity change from 0 to 512 [ 172.187537][T20484] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #2: comm syz.3.7608: corrupted xattr block 255: invalid header [ 172.203322][T20484] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 172.214382][T20484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.227562][T20484] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #2: comm syz.3.7608: corrupted xattr block 255: invalid header [ 172.243570][T20484] SELinux: (dev loop3, type ext4) getxattr errno 117 [ 172.252769][T20484] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.549284][T20523] loop0: detected capacity change from 0 to 8192 [ 172.556187][T20523] vfat: Unknown parameter 'ÿÿÿÿ18446744073709551615' [ 172.623087][T20528] netlink: 'syz.4.7630': attribute type 1 has an invalid length. [ 172.681134][T20534] Cannot find add_set index 0 as target [ 172.796626][T20544] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7639'. [ 172.837274][T20548] loop4: detected capacity change from 0 to 128 [ 172.861666][T20548] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 172.875535][T20548] ext4 filesystem being mounted at /151/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 172.924523][T18747] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 172.944082][T20553] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7643'. [ 173.105011][T20584] sctp: [Deprecated]: syz.2.7659 (pid 20584) Use of struct sctp_assoc_value in delayed_ack socket option. [ 173.105011][T20584] Use struct sctp_sack_info instead [ 173.105444][T20583] netlink: 36 bytes leftover after parsing attributes in process `syz.4.7656'. [ 173.626416][T20602] loop0: detected capacity change from 0 to 128 [ 173.660389][T20608] loop4: detected capacity change from 0 to 164 [ 173.675152][T20608] rock: directory entry would overflow storage [ 173.681363][T20608] rock: sig=0x4f50, size=4, remaining=3 [ 173.686906][T20608] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 173.694063][T20602] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 173.717792][T20602] ext4 filesystem being mounted at /365/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 173.763311][T20622] netlink: 199796 bytes leftover after parsing attributes in process `syz.4.7675'. [ 173.816038][T16655] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 173.917096][T20638] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7682'. [ 173.968104][T20645] loop3: detected capacity change from 0 to 256 [ 173.991647][T20645] FAT-fs (loop3): Directory bread(block 64) failed [ 173.998627][T20645] FAT-fs (loop3): Directory bread(block 65) failed [ 174.008038][T20645] FAT-fs (loop3): Directory bread(block 66) failed [ 174.016467][T20645] FAT-fs (loop3): Directory bread(block 67) failed [ 174.027015][T20645] FAT-fs (loop3): Directory bread(block 68) failed [ 174.035053][T20645] FAT-fs (loop3): Directory bread(block 69) failed [ 174.043276][T20645] FAT-fs (loop3): Directory bread(block 70) failed [ 174.052018][T20645] FAT-fs (loop3): Directory bread(block 71) failed [ 174.060239][T20645] FAT-fs (loop3): Directory bread(block 72) failed [ 174.066922][T20645] FAT-fs (loop3): Directory bread(block 73) failed [ 174.266981][T20671] loop0: detected capacity change from 0 to 128 [ 174.365502][T20679] sctp: [Deprecated]: syz.0.7702 (pid 20679) Use of struct sctp_assoc_value in delayed_ack socket option. [ 174.365502][T20679] Use struct sctp_sack_info instead [ 174.450210][T20687] loop0: detected capacity change from 0 to 164 [ 175.717824][T20742] loop4: detected capacity change from 0 to 512 [ 175.726003][T20742] EXT4-fs: Ignoring removed bh option [ 175.734740][T20742] EXT4-fs: inline encryption not supported [ 175.746223][T20742] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.7731: corrupted in-inode xattr: invalid ea_ino [ 175.768078][T20742] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.7731: couldn't read orphan inode 15 (err -117) [ 175.792513][T20742] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 175.821825][T18747] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.836896][T20747] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7735'. [ 175.851976][T20747] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7735'. [ 175.895596][T20754] loop4: detected capacity change from 0 to 512 [ 175.907410][T20752] loop0: detected capacity change from 0 to 2048 [ 175.915201][T20756] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7737'. [ 175.926468][T20754] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.7736: bg 0: block 5: invalid block bitmap [ 175.941242][T20754] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 175.952190][T20752] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 176.006261][T20754] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.7736: invalid indirect mapped block 3 (level 2) [ 176.040661][T16655] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.055709][T20754] EXT4-fs (loop4): 1 orphan inode deleted [ 176.061620][T20754] EXT4-fs (loop4): 1 truncate cleaned up [ 176.069705][T20754] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.084065][ T29] kauditd_printk_skb: 329 callbacks suppressed [ 176.084086][ T29] audit: type=1400 audit(1728264589.847:6752): avc: denied { mount } for pid=20753 comm="syz.4.7736" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 176.113369][ T29] audit: type=1400 audit(1728264589.877:6753): avc: denied { read write } for pid=16655 comm="syz-executor" name="loop0" dev="devtmpfs" ino=603 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 176.150597][ T29] audit: type=1400 audit(1728264589.897:6754): avc: denied { open } for pid=16655 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=603 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 176.175202][ T29] audit: type=1400 audit(1728264589.897:6755): avc: denied { ioctl } for pid=16655 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=603 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 176.201323][ T29] audit: type=1400 audit(1728264589.907:6756): avc: denied { create } for pid=20767 comm="syz.3.7742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 176.223581][ T29] audit: type=1400 audit(1728264589.907:6758): avc: denied { map_create } for pid=20753 comm="syz.4.7736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 176.243692][ T29] audit: type=1400 audit(1728264589.907:6757): avc: denied { write } for pid=20767 comm="syz.3.7742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 176.265165][ T29] audit: type=1400 audit(1728264589.907:6759): avc: denied { bpf } for pid=20753 comm="syz.4.7736" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 176.285943][ T29] audit: type=1400 audit(1728264589.907:6760): avc: denied { map_read map_write } for pid=20753 comm="syz.4.7736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 176.306331][ T29] audit: type=1400 audit(1728264589.917:6761): avc: denied { write } for pid=20770 comm="syz.0.7741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 176.349819][T20775] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 176.387481][T18747] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.500547][T20786] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7749'. [ 176.558640][T20796] loop4: detected capacity change from 0 to 2048 [ 176.584064][T20796] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 176.615232][T18747] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.710938][T20819] loop3: detected capacity change from 0 to 1024 [ 176.720407][T20823] loop0: detected capacity change from 0 to 128 [ 176.723910][T20821] syzkaller1: entered promiscuous mode [ 176.734291][T20821] syzkaller1: entered allmulticast mode [ 176.740066][T20823] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 176.740087][T20823] vhci_hcd: invalid port number 219 [ 176.740096][T20823] vhci_hcd: default hub control req: ecdb v6ab1 i00db l1556 [ 176.760063][T20819] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.793862][ T3269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.601606][T20875] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 177.609250][T20875] vhci_hcd: invalid port number 23 [ 177.723200][T20887] loop0: detected capacity change from 0 to 8192 [ 177.866623][T20909] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 177.881381][T20909] vhci_hcd: invalid port number 23 [ 178.081369][T20942] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 178.091364][T20942] vhci_hcd: invalid port number 23 [ 178.131067][T20947] Cannot find add_set index 0 as target [ 178.192700][T20956] loop0: detected capacity change from 0 to 512 [ 178.199766][T20956] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 178.241447][T20956] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.254279][T20956] ext4 filesystem being mounted at /411/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 178.280332][T16655] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.292205][T20966] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.7841'. [ 178.343970][T20974] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 178.352448][T20974] vhci_hcd: invalid port number 23 [ 178.648567][T21012] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 178.661755][T21012] vhci_hcd: invalid port number 23 [ 179.703034][T21055] netlink: 'syz.3.7870': attribute type 4 has an invalid length. [ 179.832940][T21075] loop3: detected capacity change from 0 to 256 [ 180.295796][T21097] syzkaller1: entered promiscuous mode [ 180.301334][T21097] syzkaller1: entered allmulticast mode [ 180.491815][T21124] netlink: 'syz.0.7905': attribute type 21 has an invalid length. [ 181.100224][T21184] loop4: detected capacity change from 0 to 8192 [ 181.176148][ T29] kauditd_printk_skb: 237 callbacks suppressed [ 181.176161][ T29] audit: type=1400 audit(1728264850.933:6999): avc: denied { name_connect } for pid=21187 comm="syz.0.7944" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 181.230872][ T29] audit: type=1400 audit(1728264850.983:7000): avc: denied { setopt } for pid=21189 comm="syz.4.7934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 181.277067][ T29] audit: type=1400 audit(1728264851.033:7001): avc: denied { shutdown } for pid=21192 comm="syz.2.7935" lport=49632 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 181.327988][T21200] bpf_get_probe_write_proto: 5 callbacks suppressed [ 181.328029][T21200] syz.2.7938[21200] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.336353][T21200] syz.2.7938[21200] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.348581][T21200] syz.2.7938[21200] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.378636][ T29] audit: type=1400 audit(1728264851.133:7002): avc: denied { mount } for pid=21201 comm="syz.4.7939" name="/" dev="configfs" ino=1256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 181.419770][ T29] audit: type=1400 audit(1728264851.133:7003): avc: denied { read } for pid=21201 comm="syz.4.7939" name="/" dev="configfs" ino=1256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 181.443519][ T29] audit: type=1400 audit(1728264851.133:7004): avc: denied { open } for pid=21201 comm="syz.4.7939" path="/212/file0" dev="configfs" ino=1256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 181.471032][ T29] audit: type=1400 audit(1728264851.183:7005): avc: denied { unmount } for pid=18747 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 181.580000][T21210] loop4: detected capacity change from 0 to 512 [ 181.602097][T21210] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.616367][T21210] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.641450][T18747] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.642969][ T29] audit: type=1326 audit(1728264851.403:7006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21217 comm="syz.3.7955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 181.677310][ T29] audit: type=1326 audit(1728264851.443:7007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21217 comm="syz.3.7955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 181.703135][ T29] audit: type=1326 audit(1728264851.443:7008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21217 comm="syz.3.7955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d2020dff9 code=0x7ffc0000 [ 181.857611][T21242] syz.4.7956[21242] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.857651][T21242] syz.4.7956[21242] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.870953][T21242] syz.4.7956[21242] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.939395][T21250] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7961'. [ 181.945997][T21254] loop4: detected capacity change from 0 to 512 [ 181.970516][T21254] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 182.033671][T21265] netlink: 'syz.4.7969': attribute type 4 has an invalid length. [ 182.061007][T21271] loop4: detected capacity change from 0 to 128 [ 182.089666][T21271] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 182.112129][T21271] ext4 filesystem being mounted at /224/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 182.177701][T18747] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 182.497132][T21313] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 182.506182][T21313] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 182.515069][T21313] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 182.523937][T21313] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 182.545125][T21313] vxlan0: entered promiscuous mode [ 182.550456][T21313] vxlan0: entered allmulticast mode [ 182.572647][T21313] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.582763][T21313] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.592362][T21313] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.601836][T21313] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.638490][T21261] syz.3.7970 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 182.651749][T21261] CPU: 1 UID: 0 PID: 21261 Comm: syz.3.7970 Tainted: G W 6.12.0-rc2-syzkaller #0 [ 182.662535][T21261] Tainted: [W]=WARN [ 182.666424][T21261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 182.676840][T21261] Call Trace: [ 182.680125][T21261] [ 182.683146][T21261] dump_stack_lvl+0xf2/0x150 [ 182.687854][T21261] dump_stack+0x15/0x20 [ 182.692339][T21261] dump_header+0x83/0x2d0 [ 182.696776][T21261] oom_kill_process+0x341/0x4c0 [ 182.701969][T21261] out_of_memory+0x9af/0xbe0 [ 182.706713][T21261] ? css_next_descendant_pre+0x11c/0x140 [ 182.712506][T21261] mem_cgroup_out_of_memory+0x13e/0x190 [ 182.718124][T21261] try_charge_memcg+0x51b/0x810 [ 182.723086][T21261] charge_memcg+0x50/0xc0 [ 182.727648][T21261] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 182.733683][T21261] __read_swap_cache_async+0x236/0x480 [ 182.739146][T21261] swap_cluster_readahead+0x276/0x3f0 [ 182.744558][T21261] swapin_readahead+0xe4/0x6f0 [ 182.749443][T21261] ? __filemap_get_folio+0x420/0x5b0 [ 182.754738][T21261] ? __lruvec_stat_mod_folio+0xdb/0x120 [ 182.760360][T21261] ? swap_cache_get_folio+0x77/0x210 [ 182.765782][T21261] do_swap_page+0x2af/0x23e0 [ 182.770371][T21261] ? __rcu_read_lock+0x36/0x50 [ 182.775419][T21261] ? pte_offset_map_nolock+0x124/0x1d0 [ 182.780972][T21261] handle_mm_fault+0x8c5/0x2a80 [ 182.785965][T21261] exc_page_fault+0x3b9/0x650 [ 182.790728][T21261] asm_exc_page_fault+0x26/0x30 [ 182.795591][T21261] RIP: 0033:0x7f3d200e1adc [ 182.800151][T21261] Code: 72 64 0f 1f 40 00 69 3d d6 3b e1 00 e8 03 00 00 48 8d 1d b7 44 2e 00 e8 82 c4 12 00 eb 0c 48 81 c3 d8 00 00 00 48 39 dd 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 d8 00 00 [ 182.820500][T21261] RSP: 002b:00007ffc61c49f70 EFLAGS: 00010202 [ 182.826556][T21261] RAX: 0000000000000000 RBX: 00007f3d203c5f80 RCX: 0000000000000000 [ 182.834901][T21261] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055557d043808 [ 182.843017][T21261] RBP: 00007f3d203c7a80 R08: 0000000000000000 R09: 7fffffffffffffff [ 182.850981][T21261] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000002ca3d [ 182.859007][T21261] R13: 00007ffc61c4a070 R14: 0000000000000032 R15: ffffffffffffffff [ 182.868986][T21261] [ 182.874329][T21261] memory: usage 307200kB, limit 307200kB, failcnt 265 [ 182.882277][T21261] memory+swap: usage 308032kB, limit 9007199254740988kB, failcnt 0 [ 182.891806][T21261] kmem: usage 307064kB, limit 9007199254740988kB, failcnt 0 [ 182.901640][T21261] Memory cgroup stats for /syz3: [ 182.940199][T21261] cache 106496 [ 182.949842][T21330] loop0: detected capacity change from 0 to 1024 [ 182.952352][T21330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 182.957139][T21261] rss 0 [ 182.975285][T21261] shmem 0 [ 182.978532][T21261] mapped_file 106496 [ 182.984594][T21261] dirty 106496 [ 182.988422][T21261] writeback 8192 [ 182.993372][T21261] workingset_refault_anon 19 [ 182.997980][T21261] workingset_refault_file 0 [ 183.004450][T21261] swap 856064 [ 183.007928][T21261] swapcached 28672 [ 183.013139][T21261] pgpgin 135262 [ 183.016662][T21261] pgpgout 135229 [ 183.021571][T21261] pgfault 218795 [ 183.025455][T21261] pgmajfault 7 [ 183.030811][T21261] inactive_anon 28672 [ 183.034957][T21261] active_anon 0 [ 183.038606][T21261] inactive_file 106496 [ 183.044531][T21261] active_file 0 [ 183.048018][T21261] unevictable 0 [ 183.052828][T21261] hierarchical_memory_limit 314572800 [ 183.060733][T21261] hierarchical_memsw_limit 9223372036854771712 [ 183.067281][T21261] total_cache 106496 [ 183.073193][T21261] total_rss 0 [ 183.076504][T21261] total_shmem 0 [ 183.081474][T21261] total_mapped_file 106496 [ 183.086337][T21261] total_dirty 106496 [ 183.092590][T21261] total_writeback 8192 [ 183.096986][T21261] total_workingset_refault_anon 19 [ 183.103415][T21261] total_workingset_refault_file 0 [ 183.108453][T21261] total_swap 856064 [ 183.113261][T21261] total_swapcached 28672 [ 183.117511][T21261] total_pgpgin 135262 [ 183.122222][T21261] total_pgpgout 135229 [ 183.126310][T21261] total_pgfault 218795 [ 183.130454][T21261] total_pgmajfault 7 [ 183.134434][T21261] total_inactive_anon 28672 [ 183.140467][T21261] total_active_anon 0 [ 183.144451][T21261] total_inactive_file 106496 [ 183.151152][T21261] total_active_file 0 [ 183.155231][T21261] total_unevictable 0 [ 183.160748][T21261] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.7970,pid=21261,uid=0 [ 183.176995][T21261] Memory cgroup out of memory: Killed process 21261 (syz.3.7970) total-vm:89032kB, anon-rss:616kB, file-rss:15968kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000 [ 183.222059][T16655] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.351972][T21359] af_packet: tpacket_rcv: packet too big, clamped from 212960 to 3952. macoff=96 [ 183.447631][T21371] dvmrp8: entered allmulticast mode [ 183.464231][T21371] dvmrp8: left allmulticast mode [ 183.559904][T21382] loop4: detected capacity change from 0 to 764 [ 183.570641][T21382] Symlink component flag not implemented [ 183.587652][T21382] Symlink component flag not implemented (129) [ 183.610763][T21382] rock: directory entry would overflow storage [ 183.617033][T21382] rock: sig=0x4f50, size=4, remaining=3 [ 183.624156][T21382] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 183.834374][T21427] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 183.844915][T21427] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 183.855864][T21427] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 183.865278][T21427] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 183.881911][T21427] vxlan0: entered promiscuous mode [ 183.887178][T21427] vxlan0: entered allmulticast mode [ 183.903437][T21427] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 183.913423][T21427] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 183.922473][T21427] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 183.931550][T21427] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 184.035939][T21454] loop0: detected capacity change from 0 to 164 [ 184.045328][T21454] Unable to read rock-ridge attributes [ 184.106910][T21454] Unable to read rock-ridge attributes [ 184.134047][T21454] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 184.176933][T21476] loop3: detected capacity change from 0 to 512 [ 184.184884][T21476] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 184.236860][T21476] EXT4-fs (loop3): 1 truncate cleaned up [ 184.243197][T21476] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 184.315534][T21476] loop3: detected capacity change from 512 to 11 [ 184.409160][T16577] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5780: Out of memory [ 184.418655][T16577] EXT4-fs error (device loop3): ext4_dirty_inode:5984: inode #2: comm syz.3.5892: mark_inode_dirty error [ 184.433271][T16577] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.434353][T21506] loop4: detected capacity change from 0 to 164 [ 184.534328][T21524] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8091'. [ 184.545365][T21524] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8091'. [ 184.578142][ T2299] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.647123][ T2299] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.661265][T21542] netlink: 9286 bytes leftover after parsing attributes in process `syz.4.8102'. [ 184.693144][T21549] tipc: Started in network mode [ 184.698075][T21549] tipc: Node identity 7f000001, cluster identity 4711 [ 184.713858][T21549] tipc: Enabled bearer , priority 10 [ 184.722901][ T2299] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.805887][ T2299] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.962879][T21590] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8119'. [ 185.004335][T21595] loop4: detected capacity change from 0 to 2048 [ 185.035193][ T2299] bond0 (unregistering): (slave geneve1): Releasing backup interface [ 185.046417][ T2299] geneve1 (unregistering): left allmulticast mode [ 185.056303][ T2299] bond0 (unregistering): left allmulticast mode [ 185.061240][T21595] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.064352][ T2299] bond_slave_0: left allmulticast mode [ 185.083785][ T2299] bond_slave_1: left allmulticast mode [ 185.090466][ T2299] bond0 (unregistering): left promiscuous mode [ 185.096833][ T2299] bond_slave_0: left promiscuous mode [ 185.103920][ T2299] bond_slave_1: left promiscuous mode [ 185.120315][T21595] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 185.158366][T21595] EXT4-fs (loop4): Remounting filesystem read-only [ 185.185383][ T2299] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 185.228238][T18747] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.242366][ T2299] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 185.255269][ T2299] bond0 (unregistering): Released all slaves [ 185.275671][ T2299] bond1 (unregistering): Released all slaves [ 185.290829][ T2299] bond2 (unregistering): Released all slaves [ 185.302432][ T2299] bond3 (unregistering): Released all slaves [ 185.443408][ T2299] IPVS: stopping master sync thread 11637 ... [ 185.490897][T21623] hub 9-0:1.0: USB hub found [ 185.501616][T21623] hub 9-0:1.0: 8 ports detected [ 185.571756][ T2299] hsr_slave_0: left promiscuous mode [ 185.581579][ T2299] hsr_slave_1: left promiscuous mode [ 185.587334][ T2299] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 185.594881][ T2299] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 185.606259][ T2299] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 185.613784][ T2299] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 185.629695][ T2299] veth1_macvtap: left promiscuous mode [ 185.635333][ T2299] veth0_macvtap: left promiscuous mode [ 185.640994][ T2299] veth1_vlan: left promiscuous mode [ 185.758719][ T2299] team0 (unregistering): Port device team_slave_1 removed [ 185.770215][ T2299] team0 (unregistering): Port device team_slave_0 removed [ 185.830260][ T35] tipc: Node number set to 2130706433 [ 185.844609][T21651] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8156'. [ 185.854789][T21651] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8156'. [ 185.926863][T21660] loop0: detected capacity change from 0 to 2048 [ 185.951913][T21541] chnl_net:caif_netlink_parms(): no params data found [ 185.982075][T21660] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.998210][T21660] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 186.016413][T21660] EXT4-fs (loop0): Remounting filesystem read-only [ 186.034302][T21541] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.041570][T21541] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.050864][T21541] bridge_slave_0: entered allmulticast mode [ 186.057376][T21541] bridge_slave_0: entered promiscuous mode [ 186.064262][T21541] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.071672][T21541] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.078957][T21541] bridge_slave_1: entered allmulticast mode [ 186.084346][T16655] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.085508][T21541] bridge_slave_1: entered promiscuous mode [ 186.121928][T21541] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.158332][T21541] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.176181][T21693] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8164'. [ 186.197548][T21541] team0: Port device team_slave_0 added [ 186.207844][T21541] team0: Port device team_slave_1 added [ 186.229064][T21700] loop4: detected capacity change from 0 to 1024 [ 186.235839][T21700] EXT4-fs: Ignoring removed i_version option [ 186.236336][T21541] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.251655][T21541] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.279950][T21541] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.291788][T21700] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 186.293475][T21541] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.307956][T21700] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 186.311560][T21541] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.327825][ T29] kauditd_printk_skb: 317 callbacks suppressed [ 186.327838][ T29] audit: type=1400 audit(1728264856.073:7326): avc: denied { write } for pid=21699 comm="syz.4.8169" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 186.356521][T21541] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.361240][ T29] audit: type=1400 audit(1728264856.073:7327): avc: denied { add_name } for pid=21699 comm="syz.4.8169" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 186.361268][ T29] audit: type=1400 audit(1728264856.073:7328): avc: denied { create } for pid=21699 comm="syz.4.8169" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 186.361289][ T29] audit: type=1400 audit(1728264856.073:7329): avc: denied { read append open } for pid=21699 comm="syz.4.8169" path="/270/file2/cgroup.controllers" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 186.361314][ T29] audit: type=1400 audit(1728264856.073:7330): avc: denied { ioctl } for pid=21699 comm="syz.4.8169" path="/270/file2/cgroup.controllers" dev="loop4" ino=18 ioctlcmd=0x583b scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 186.361866][T21700] EXT4-fs (loop4): Remounting filesystem read-only [ 186.364510][T21700] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 186.485216][T21706] hub 9-0:1.0: USB hub found [ 186.491832][T21700] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 186.492121][ T29] audit: type=1400 audit(1728264856.253:7331): avc: denied { mounton } for pid=21699 comm="syz.4.8169" path="/270/file2/file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 186.502516][T18747] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=11 [ 186.515231][T21706] hub 9-0:1.0: 8 ports detected [ 186.528533][T18747] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=11 [ 186.571589][T18747] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=11 [ 186.581122][T18747] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=11 [ 186.591301][T18747] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=11 [ 186.600827][T18747] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=11 [ 186.602739][T21541] hsr_slave_0: entered promiscuous mode [ 186.610598][T18747] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=11 [ 186.624954][T21541] hsr_slave_1: entered promiscuous mode [ 186.630418][ T29] audit: type=1400 audit(1728264856.393:7332): avc: denied { remove_name } for pid=18747 comm="syz-executor" name="lost+found" dev="loop4" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 186.655354][ T29] audit: type=1400 audit(1728264856.393:7333): avc: denied { rmdir } for pid=18747 comm="syz-executor" name="lost+found" dev="loop4" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 186.680253][T21541] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 186.687832][T21541] Cannot create hsr debugfs directory [ 186.900206][T18747] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.914266][ T2299] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 186.948250][ T29] audit: type=1400 audit(1728264856.703:7334): avc: denied { create } for pid=21710 comm="syz.2.8181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 186.951197][T21541] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 186.985411][T21714] syz.0.8175[21714] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 186.985467][T21714] syz.0.8175[21714] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 187.003805][ T29] audit: type=1400 audit(1728264856.733:7335): avc: denied { setopt } for pid=21710 comm="syz.2.8181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 187.022191][T21714] syz.0.8175[21714] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 187.040490][T21717] xt_CT: You must specify a L4 protocol and not use inversions on it [ 187.063549][ T2299] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.097623][T21541] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 187.111854][T21541] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 187.126422][ T2299] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.139349][T21730] tipc: Started in network mode [ 187.144377][T21730] tipc: Node identity 7f000001, cluster identity 4711 [ 187.151760][T21730] tipc: Enabled bearer , priority 10 [ 187.158059][T21541] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 187.183911][ T2299] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.245886][T21744] syz.2.8185[21744] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 187.245944][T21744] syz.2.8185[21744] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 187.270882][T21744] syz.2.8185[21744] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 187.306719][ T2299] bridge_slave_1: left allmulticast mode [ 187.324523][ T2299] bridge_slave_1: left promiscuous mode [ 187.330185][ T2299] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.341425][ T2299] bridge_slave_0: left allmulticast mode [ 187.347760][ T2299] bridge_slave_0: left promiscuous mode [ 187.353886][ T2299] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.366042][T21749] loop0: detected capacity change from 0 to 764 [ 187.501755][ T2299] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 187.514826][ T2299] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 187.528170][ T2299] bond0 (unregistering): Released all slaves [ 187.559811][T21541] 8021q: adding VLAN 0 to HW filter on device bond0 [ 187.624143][T21783] syzkaller0: entered promiscuous mode [ 187.630052][T21783] syzkaller0: entered allmulticast mode [ 187.645673][ T2299] hsr_slave_0: left promiscuous mode [ 187.661575][ T2299] hsr_slave_1: left promiscuous mode [ 187.667392][ T2299] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 187.674857][ T2299] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 187.682784][ T2299] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 187.692170][ T2299] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 187.692882][T21793] block device autoloading is deprecated and will be removed. [ 187.709302][ T2299] veth1_macvtap: left promiscuous mode [ 187.714934][ T2299] veth0_macvtap: left promiscuous mode [ 187.721171][ T2299] veth1_vlan: left promiscuous mode [ 187.726690][ T2299] veth0_vlan: left promiscuous mode [ 187.813206][ T2299] team0 (unregistering): Port device team_slave_1 removed [ 187.825637][ T2299] team0 (unregistering): Port device team_slave_0 removed [ 187.866965][T21788] tipc: Started in network mode [ 187.873841][T21788] tipc: Node identity 7f000001, cluster identity 4711 [ 187.881748][T21788] tipc: Enabled bearer , priority 10 [ 187.888541][T21541] 8021q: adding VLAN 0 to HW filter on device team0 [ 187.916369][T21762] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.923548][T21762] bridge0: port 1(bridge_slave_0) entered forwarding state [ 187.990925][T21719] chnl_net:caif_netlink_parms(): no params data found [ 188.007754][ T40] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.015064][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state [ 188.120788][T21719] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.127875][T21719] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.137821][T21719] bridge_slave_0: entered allmulticast mode [ 188.144781][T21719] bridge_slave_0: entered promiscuous mode [ 188.151653][T21719] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.158772][T21719] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.166069][T21719] bridge_slave_1: entered allmulticast mode [ 188.176654][T21719] bridge_slave_1: entered promiscuous mode [ 188.205086][T21719] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 188.228225][T21719] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 188.272490][T21719] team0: Port device team_slave_0 added [ 188.283595][T21719] team0: Port device team_slave_1 added [ 188.289584][ T3341] tipc: Node number set to 2130706433 [ 188.325287][T21719] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.332434][T21719] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.358692][T21719] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.380397][T21860] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 188.389159][T21860] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 188.398200][T21860] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 188.407498][T21860] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 188.418585][T21860] vxlan0: entered promiscuous mode [ 188.423811][T21860] vxlan0: entered allmulticast mode [ 188.431591][T21860] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 188.441773][T21860] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 188.452786][T21860] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 188.462458][T21860] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 188.476901][T21719] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.485090][T21719] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.512864][T21719] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.541859][T21719] hsr_slave_0: entered promiscuous mode [ 188.547881][T21719] hsr_slave_1: entered promiscuous mode [ 188.555172][T21719] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 188.563785][T21719] Cannot create hsr debugfs directory [ 188.585411][T21541] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 188.678115][T21541] veth0_vlan: entered promiscuous mode [ 188.687559][T21541] veth1_vlan: entered promiscuous mode [ 188.705920][T21541] veth0_macvtap: entered promiscuous mode [ 188.714186][T21541] veth1_macvtap: entered promiscuous mode [ 188.724763][T21541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.735310][T21541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.745215][T21541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.755666][T21541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.765521][T21541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.775989][T21541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.786697][T21541] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 188.798825][T21541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.810595][T21541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.821464][T21541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.832939][T21541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.843980][T21541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.855214][T21541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.866051][T21541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.877699][T21541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.888592][T21541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.888814][ T3341] tipc: Node number set to 2130706433 [ 188.900938][T21541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.916194][T21541] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 188.930424][T21541] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.939990][T21541] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.948721][T21541] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.958706][T21541] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.008301][T21719] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 189.017897][T21719] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 189.031017][T21719] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 189.039227][T21874] netlink: 664 bytes leftover after parsing attributes in process `syz.2.8222'. [ 189.050794][T21719] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 189.115704][T21719] ================================================================== [ 189.123906][T21719] BUG: KCSAN: data-race in pcpu_alloc_noprof / pcpu_free_area [ 189.131470][T21719] [ 189.133781][T21719] read-write to 0xffffffff88bdd3ac of 4 bytes by task 21541 on cpu 1: [ 189.141934][T21719] pcpu_free_area+0x4dc/0x570 [ 189.146721][T21719] free_percpu+0x1c6/0xb30 [ 189.151159][T21719] xt_percpu_counter_free+0x63/0x80 [ 189.156376][T21719] cleanup_entry+0x195/0x1c0 [ 189.160992][T21719] __do_replace+0x470/0x580 [ 189.165506][T21719] do_ip6t_set_ctl+0x820/0x8c0 [ 189.170287][T21719] nf_setsockopt+0x195/0x1b0 [ 189.174896][T21719] ipv6_setsockopt+0x10f/0x130 [ 189.179669][T21719] tcp_setsockopt+0x93/0xb0 [ 189.184185][T21719] sock_common_setsockopt+0x64/0x80 [ 189.189400][T21719] __sys_setsockopt+0x1cc/0x240 [ 189.194258][T21719] __x64_sys_setsockopt+0x66/0x80 [ 189.199276][T21719] x64_sys_call+0x278d/0x2d60 [ 189.203964][T21719] do_syscall_64+0xc9/0x1c0 [ 189.208449][T21719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.214335][T21719] [ 189.216642][T21719] read to 0xffffffff88bdd3ac of 4 bytes by task 21719 on cpu 0: [ 189.224371][T21719] pcpu_alloc_noprof+0x9a7/0x10c0 [ 189.229405][T21719] qdisc_alloc+0x289/0x450 [ 189.233834][T21719] qdisc_create_dflt+0x4c/0x280 [ 189.238702][T21719] dev_activate+0x20e/0x9e0 [ 189.243288][T21719] __dev_open+0x263/0x2e0 [ 189.247609][T21719] __dev_change_flags+0x155/0x410 [ 189.252621][T21719] dev_change_flags+0x59/0xd0 [ 189.257297][T21719] do_setlink+0x844/0x2490 [ 189.261716][T21719] rtnl_newlink+0x11a3/0x1690 [ 189.266381][T21719] rtnetlink_rcv_msg+0x6aa/0x710 [ 189.271323][T21719] netlink_rcv_skb+0x12c/0x230 [ 189.276300][T21719] rtnetlink_rcv+0x1c/0x30 [ 189.280725][T21719] netlink_unicast+0x599/0x670 [ 189.285501][T21719] netlink_sendmsg+0x5cc/0x6e0 [ 189.290294][T21719] __sock_sendmsg+0x140/0x180 [ 189.294977][T21719] __sys_sendto+0x1d6/0x260 [ 189.299476][T21719] __x64_sys_sendto+0x78/0x90 [ 189.304330][T21719] x64_sys_call+0x2959/0x2d60 [ 189.309104][T21719] do_syscall_64+0xc9/0x1c0 [ 189.313651][T21719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.319729][T21719] [ 189.322129][T21719] value changed: 0x00000031 -> 0x00000032 [ 189.327836][T21719] [ 189.330234][T21719] Reported by Kernel Concurrency Sanitizer on: [ 189.336543][T21719] CPU: 0 UID: 0 PID: 21719 Comm: syz-executor Tainted: G W 6.12.0-rc2-syzkaller #0 [ 189.347324][T21719] Tainted: [W]=WARN [ 189.351300][T21719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 189.361445][T21719] ================================================================== [ 189.376614][T21719] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.387944][T21719] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.498918][T21884] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.506045][T21884] bridge0: port 1(bridge_slave_0) entered forwarding state [ 189.516219][T21884] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.523422][T21884] bridge0: port 2(bridge_slave_1) entered forwarding state [ 189.634441][T21822] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.753913][T21822] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.822200][T21822] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.892859][T21822] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.972058][T21822] bridge_slave_1: left allmulticast mode [ 189.977888][T21822] bridge_slave_1: left promiscuous mode [ 189.984919][T21822] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.994012][T21822] bridge_slave_0: left allmulticast mode [ 190.000330][T21822] bridge_slave_0: left promiscuous mode [ 190.006042][T21822] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.141853][T21822] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 190.153565][T21822] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 190.164612][T21822] bond0 (unregistering): Released all slaves [ 190.201269][T21822] tipc: Disabling bearer [ 190.206327][T21822] tipc: Left network mode [ 190.214857][T21822] hsr_slave_0: left promiscuous mode [ 190.220816][T21822] hsr_slave_1: left promiscuous mode [ 190.226734][T21822] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 190.234358][T21822] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 190.241926][T21822] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 190.249637][T21822] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 190.260686][T21822] veth1_macvtap: left promiscuous mode [ 190.266200][T21822] veth0_macvtap: left promiscuous mode [ 190.273311][T21822] veth1_vlan: left promiscuous mode [ 190.278709][T21822] veth0_vlan: left promiscuous mode [ 190.356691][T21822] team0 (unregistering): Port device team_slave_1 removed [ 190.367688][T21822] team0 (unregistering): Port device team_slave_0 removed [ 191.122421][T21822] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.171986][T21822] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.243439][T21822] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.292495][T21822] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.353205][T21822] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.393203][T21822] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.453001][T21822] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.483739][T21822] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.550490][T21822] bridge_slave_1: left allmulticast mode [ 191.556218][T21822] bridge_slave_1: left promiscuous mode [ 191.562788][T21822] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.571874][T21822] bridge_slave_0: left allmulticast mode [ 191.577610][T21822] bridge_slave_0: left promiscuous mode [ 191.584225][T21822] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.592841][T21822] bridge_slave_1: left allmulticast mode [ 191.598488][T21822] bridge_slave_1: left promiscuous mode [ 191.605527][T21822] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.614059][T21822] bridge_slave_0: left allmulticast mode [ 191.619792][T21822] bridge_slave_0: left promiscuous mode [ 191.625478][T21822] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.633515][T21822] bridge_slave_1: left allmulticast mode [ 191.639476][T21822] bridge_slave_1: left promiscuous mode [ 191.645134][T21822] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.652967][T21822] bridge_slave_0: left allmulticast mode [ 191.659352][T21822] bridge_slave_0: left promiscuous mode [ 191.665221][T21822] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.951667][T21822] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 191.962067][T21822] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 191.972953][T21822] bond0 (unregistering): Released all slaves [ 191.982619][T21822] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 191.993871][T21822] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 192.004813][T21822] bond0 (unregistering): Released all slaves [ 192.013418][T21822] bond1 (unregistering): Released all slaves [ 192.022413][T21822] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 192.032506][T21822] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 192.042838][T21822] bond0 (unregistering): Released all slaves [ 192.051421][T21822] bond1 (unregistering): Released all slaves [ 192.092608][T21822] tipc: Disabling bearer [ 192.097587][T21822] tipc: Left network mode [ 192.103417][T21822] tipc: Disabling bearer [ 192.108376][T21822] tipc: Left network mode [ 192.117678][T21822] hsr_slave_0: left promiscuous mode [ 192.124199][T21822] hsr_slave_1: left promiscuous mode [ 192.130895][T21822] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 192.138244][T21822] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 192.148672][T21822] hsr_slave_0: left promiscuous mode [ 192.155146][T21822] hsr_slave_1: left promiscuous mode [ 192.161712][T21822] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 192.170182][T21822] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 192.177722][T21822] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 192.185238][T21822] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 192.194011][T21822] hsr_slave_0: left promiscuous mode [ 192.201084][T21822] hsr_slave_1: left promiscuous mode [ 192.206694][T21822] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 192.214987][T21822] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 192.223465][T21822] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 192.232065][T21822] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 192.244007][T21822] veth1_macvtap: left promiscuous mode [ 192.250269][T21822] veth0_macvtap: left promiscuous mode [ 192.256103][T21822] veth1_vlan: left promiscuous mode [ 192.264739][T21822] veth0_vlan: left promiscuous mode [ 192.271129][T21822] veth1_macvtap: left promiscuous mode [ 192.276586][T21822] veth0_macvtap: left promiscuous mode [ 192.283182][T21822] veth1_vlan: left promiscuous mode [ 192.288487][T21822] veth0_vlan: left promiscuous mode [ 192.420980][T21822] team0 (unregistering): Port device team_slave_1 removed [ 192.431329][T21822] team0 (unregistering): Port device team_slave_0 removed [ 192.488700][T21822] team0 (unregistering): Port device team_slave_1 removed [ 192.500502][T21822] team0 (unregistering): Port device team_slave_0 removed [ 192.560293][T21822] team0 (unregistering): Port device team_slave_1 removed [ 192.570906][T21822] team0 (unregistering): Port device team_slave_0 removed [ 193.273680][T21822] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.321999][T21822] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.362109][T21822] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.432682][T21822] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.489642][T21822] bridge_slave_1: left allmulticast mode [ 193.495382][T21822] bridge_slave_1: left promiscuous mode [ 193.501941][T21822] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.510639][T21822] bridge_slave_0: left allmulticast mode [ 193.516456][T21822] bridge_slave_0: left promiscuous mode [ 193.523394][T21822] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.611822][T21822] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 193.622342][T21822] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 193.632205][T21822] bond0 (unregistering): Released all slaves [ 193.672847][T21822] hsr_slave_0: left promiscuous mode [ 193.678573][T21822] hsr_slave_1: left promiscuous mode [ 193.685467][T21822] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 193.693664][T21822] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 193.704174][T21822] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 193.712432][T21822] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 193.722079][T21822] veth1_macvtap: left promiscuous mode [ 193.727563][T21822] veth0_macvtap: left promiscuous mode [ 193.733112][T21822] veth1_vlan: left promiscuous mode [ 193.738318][T21822] veth0_vlan: left promiscuous mode [ 193.810776][T21822] team0 (unregistering): Port device team_slave_1 removed [ 193.821206][T21822] team0 (unregistering): Port device team_slave_0 removed