last executing test programs: 470.731868ms ago: executing program 2 (id=11039): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f00000019c0)=@raw={'raw\x00', 0x4001, 0x3, 0x2e8, 0x120, 0x0, 0x148, 0x120, 0x148, 0x250, 0x240, 0x240, 0x250, 0x240, 0x7fffffe, 0x0, {[{{@ip={@loopback, @remote, 0x0, 0x0, 'ip6gretap0\x00', 'bridge0\x00'}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@inet=@dscp={{0x28}, {0x81, 0x2}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @multicast, 0x0, 0x0, [0x7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x20, 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, 0x10]}}}, {{@uncond, 0x0, 0xc8, 0x130, 0x0, {}, [@common=@ah={{0x30}, {[0x9, 0x1]}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x8, 0x800, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x348) 446.40884ms ago: executing program 2 (id=11041): r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000a00), 0x80402, 0x0) write$cgroup_int(r0, 0x0, 0x2) 358.919828ms ago: executing program 2 (id=11044): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_RENAME(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x5, 0x6, 0x401}, 0x14}}, 0x0) 358.790968ms ago: executing program 0 (id=11045): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000001f0000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 311.019143ms ago: executing program 4 (id=11049): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x20, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) 302.979633ms ago: executing program 2 (id=11057): r0 = socket(0xa, 0x40000000002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x20000600, 0x0, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000007f00000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0200000005000000000000000000766574683098c76f5f7465616d00000064756d6d79300000000000000000000064756d0004300000000000000000000073797a6b616c6c8279a7e00000000000ffffffffffff000000000000ffffffff7fff00000000000000087000000070000000a000000072656469726563740000000000000000000000000000000000000000000000000800000000000000ffffffff000000000b00000000000000000073797a6b616c6c65723100000000000067726574617030000000000000000000766c616e30000000000000000000000064756d6d7930000000000000000000000180c2000000000000000000aaaaaaaaaabb00000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000001b700000000000010000000000000000000000000000000ffffffff00000000"]}, 0x280) 300.856793ms ago: executing program 0 (id=11050): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x14, 0x3, 0x6, 0x201}, 0x14}}, 0x0) 256.380087ms ago: executing program 4 (id=11053): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, 0x0, 0x0) 251.945188ms ago: executing program 2 (id=11054): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="7000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000480012800b0001006272696467650000380002800800050001000000080004000100000005001800000000000c001f000000000000000000060006000700000008001d000100000008000a0001"], 0x70}}, 0x0) 223.13361ms ago: executing program 4 (id=11055): r0 = gettid() getpriority(0x1, r0) 219.366621ms ago: executing program 0 (id=11056): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000001c0)={'ip6tnl0\x00', &(0x7f00000002c0)={'ip6_vti0\x00', 0x0, 0x29, 0x7, 0x87, 0x9, 0x4, @local, @dev={0xfe, 0x80, '\x00', 0xc}, 0x7800, 0x89, 0x4, 0x9}}) 219.135901ms ago: executing program 3 (id=11058): r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x8}, 0x8080, 0x2, 0x0, 0x0, 0x7fffffff}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000b00)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYRES64=r0, @ANYRES64], 0x20) 177.648934ms ago: executing program 4 (id=11060): r0 = syz_io_uring_setup(0x353, &(0x7f0000001500), &(0x7f0000ffb000), &(0x7f0000ffb000)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x12, 0x20000000, 0x0) 177.527435ms ago: executing program 1 (id=11061): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) lgetxattr(0x0, 0x0, 0x0, 0x0) 176.563285ms ago: executing program 3 (id=11062): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[@ANYBLOB="240000001a000100000000000000000002000000000000000030000008000100ac1414"], 0x24}}, 0x0) 160.345136ms ago: executing program 1 (id=11063): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={@dev={0xfe, 0x80, '\x00', 0x1e}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, 0x0, 0x4, 0x8, 0x0, 0x5, 0x8}) 159.959006ms ago: executing program 4 (id=11064): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x220440e, &(0x7f00000001c0), 0x0, 0x52f, &(0x7f00000003c0)="$eJzs3U9sI1cZAPBvJn/s3abNFnoAVOhSCguq1k687arqhXKqEKqE6JHDNiROFMWOo9gpTdhD9sgdiUqc4IA4c0DigNQTdyQOcONSDkgFVqAGCQkjj8dZ548Td5vYbfz7SSO/mef4+15m573R82ZeABPrZkTsR8RsRLwVEfP58STf4rXu1nnfhw/vLx88vL+cRLv95j+SrL5zLPp+puOJ/DOLEfG91yN+kBwL+seI5u7exlKtVt3OD5Vb9a1yc3fv9np9aa26Vt2sVO4u3l145c7LlQtr63P1X39wLSJ+99svvv+H/W/8qJPWXF7X346L1G36zGGcjumI+M5lBBuDqbw9s4/zw7NPXXxCfCRpRHwmIp7Prv/5mMrO5lFHz+03R5gdAHAZ2u35aM/37wMAV12azYElaSmfC5iLNC2VunN4z8T1tNZotl5cbexsrnTnym7ETLq6Xqsu5HOFN2ImWV2fri5m5d5+rVo5tn8nIp6OiJ8UrmX7peVGbWWcNz4AMMGeODb+/7vQHf8BgCuu+KhYGGceAMDoFMedAAAwcsZ/AJg8xn8AmDzGfwCYPMZ/AJg8xn8AmCjffeONztY+yJ9/vfL27s5G4+3bK9XmRqm+s1xabmxvldYajbXsmT318z6v1mhsLb4UO++UW9Vmq9zc3btXb+xstu5lz/W+V50ZSasAgLM8/dx7f04iYv/Va9kWfc/7P3esfvayswMuUzruBICxmRp3AsDYnFzt6wzXLi8PYPTMx8Pk+l+73Y6+tXsj4sFhqe9hoAP/i9C7Q4VJrRsKnzy3Pn9k/v+X/XXuDeBqM/8Pk+vx5v/dy8NV8JHm/4Erpd1OrPkPABPGHD+QnFPf//3/QrtvZ7jv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBKmsu2JC3la4HPRZqWShFPRsSNmElW12vVhYh4KiL+VJgpdPYXI8K6QQDwaZb+LcnX/7o1/8Lc8drZwn8K2WtE/PBnb/70naVWa3sxYjb55+Hx1rv58co48gcAztMbp3vjeM+HD+8v97ZR5vPBt7qLi3biHuRbt2Y6prPXYjbXcP1fSb7f1blfmbqA+PsPIuJzp7U/yeZGbuQrnx6P34n95Ejjp0fip1ld97Xzu/jsBeQCk+a9Tv/z2mnXXxo3s9fTr/9i1kN9fL3+7+BE/5ce9n9TA/q/m8PGeOn33z5xsD3frXsQ8YXpiIPeh/f1P734yYD4LwwZ/y/Pfun5QXXtn0fcitPanxyJVW7Vt8rN3b3b6/WltepadbNSubt4d+GVOy9Xytkcdbk3U33S3199cWBunfZfHxC/eE77vzpk+3/x37e+/+Uz4n/9K6ef/2fOiN8ZE782ZPyl678pDqrrxF8Z0P7zzv/g3+pR7/91b2XItwIAI9Dc3dtYqtWq2x+/UDzzPelFhBiikETsX3KIR4XCr378+vlvLowsn8csxKCqqcMjs/m/l3Gn+mkvFD4ZaQxRGHPHBFy6Rxf9uDMBAAAAAAAAAAAAAAAGGcWfE427jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxd/w8AAP//XivUIA==") bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000008000000"], &(0x7f0000000700)=""/164, 0x48, 0xa4, 0xa, 0x0, 0x0, @void, @value}, 0x28) 112.04858ms ago: executing program 3 (id=11065): r0 = socket(0xa, 0x40000000002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x20000600, 0x0, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000007f00000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0200000005000000000000000000766574683098c76f5f7465616d00000064756d6d79300000000000000000000064756d0004300000000000000000000073797a6b616c6c8279a7e00000000000ffffffffffff000000000000ffffffff7fff00000000000000087000000070000000a000000072656469726563740000000000000000000000000000000000000000000000000800000000000000ffffffff000000000b00000000000000000073797a6b616c6c65723100000000000067726574617030000000000000000000766c616e30000000000000000000000064756d6d7930000000000000000000000180c2000000000000000000aaaaaaaaaabb00000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000001b700000000000010000000000000000000000000000000ffffffff00000000"]}, 0x280) 111.94661ms ago: executing program 3 (id=11066): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="600000000806050000000000000000000000000005000400000000000900020073797a3200000000140007800800064000006a000800084000005fdc0500050002000000050001000600"], 0x60}}, 0x0) 111.59046ms ago: executing program 1 (id=11067): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, 0x0, 0x0) 69.800714ms ago: executing program 0 (id=11068): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0x9f, &(0x7f0000000000), &(0x7f0000000080)=0x4) 67.066514ms ago: executing program 0 (id=11069): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x10405, 0x0, @void, @value, @void, @value}, 0xf) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x6, &(0x7f0000000040)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, r0}, @ldst={0x3, 0x0, 0x6, 0x0, 0x0, 0xa000}]}, &(0x7f0000000180)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 64.127515ms ago: executing program 1 (id=11070): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7, 0x5}) 60.942555ms ago: executing program 3 (id=11071): r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) write$cgroup_int(r0, &(0x7f0000000000)=0x3, 0x12) 29.383378ms ago: executing program 1 (id=11072): r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x8}, 0x8080, 0x2, 0x0, 0x0, 0x7fffffff}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000b00)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYRES64=r0, @ANYRES64], 0x20) 28.908388ms ago: executing program 2 (id=11073): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000800000000000000f7ffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0920000000000055090100000000009500000000000000bf91000000000004b7020000010000008500000001000000b70000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x2, &(0x7f0000000100)=""/2, 0x40f00, 0x45, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcd2, @void, @value}, 0x90) 28.835098ms ago: executing program 3 (id=11074): r0 = socket$inet(0x2, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'batadv0\x00', &(0x7f0000000100)=@ethtool_gstrings={0x1b, 0x1}}) 367.77µs ago: executing program 4 (id=11075): r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000014001080800418e00000004fcff", 0x58}], 0x1) 291.68µs ago: executing program 0 (id=11076): io_uring_setup(0x4810, &(0x7f0000000000)) rt_tgsigqueueinfo(0x0, 0x0, 0x3e, &(0x7f0000000000)={0x0, 0x0, 0x7}) 0s ago: executing program 1 (id=11077): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000080)={[{@nolazytime}, {}]}, 0x6, 0x4eb, &(0x7f0000000a40)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): nied { getopt } for pid=14603 comm="syz.1.5693" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 128.345823][ T29] audit: type=1400 audit(2000000010.196:342): avc: denied { write } for pid=14626 comm="syz.1.5703" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 128.464980][T14645] Cannot find add_set index 0 as target [ 128.470784][ T29] audit: type=1400 audit(2000000010.317:343): avc: denied { setopt } for pid=14642 comm="syz.2.5711" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 128.522349][T14655] netlink: 'syz.2.5713': attribute type 1 has an invalid length. [ 128.538636][ T29] audit: type=1400 audit(2000000010.355:344): avc: denied { ioctl } for pid=14650 comm="syz.0.5709" path="socket:[38053]" dev="sockfs" ino=38053 ioctlcmd=0x891a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 128.576119][ T29] audit: type=1400 audit(2000000010.402:345): avc: denied { setopt } for pid=14660 comm="syz.4.5716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 128.614664][T14665] ip6gre1: entered allmulticast mode [ 128.654156][T14675] tmpfs: Bad value for 'mpol' [ 128.742124][T14670] loop1: detected capacity change from 0 to 8192 [ 128.744485][ T29] audit: type=1400 audit(2000000010.570:346): avc: denied { bind } for pid=14683 comm="syz.3.5728" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 128.755830][T14670] vfat: Unknown parameter 'S^F ]34/8vЩX"h\oC:dQ;/w*z|6ݠ/]%:neF4Ű+yꅈ' [ 128.793313][ T29] audit: type=1400 audit(2000000010.617:347): avc: denied { setopt } for pid=14688 comm="syz.2.5729" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 129.049184][T14732] ip6gre1: entered allmulticast mode [ 129.187304][T14744] tmpfs: Bad value for 'mpol' [ 129.995051][T14837] syz.4.5800: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 130.009749][T14837] CPU: 0 UID: 0 PID: 14837 Comm: syz.4.5800 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0 [ 130.020546][T14837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 130.030695][T14837] Call Trace: [ 130.033981][T14837] [ 130.036939][T14837] dump_stack_lvl+0xf2/0x150 [ 130.041638][T14837] dump_stack+0x15/0x20 [ 130.045813][T14837] warn_alloc+0x145/0x1b0 [ 130.050205][T14837] ? __vmalloc_node_range_noprof+0x88/0xec0 [ 130.056183][T14837] ? audit_log_end+0x1d0/0x1e0 [ 130.060981][T14837] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 130.067066][T14837] __vmalloc_node_range_noprof+0xaa/0xec0 [ 130.072818][T14837] ? avc_denied+0xf1/0x110 [ 130.077292][T14837] ? xfd_validate_state+0x46/0xf0 [ 130.082334][T14837] ? save_fpregs_to_fpstate+0x102/0x160 [ 130.087974][T14837] ? xskq_create+0x36/0xd0 [ 130.092430][T14837] vmalloc_user_noprof+0x59/0x70 [ 130.097435][T14837] ? xskq_create+0x79/0xd0 [ 130.101874][T14837] xskq_create+0x79/0xd0 [ 130.106216][T14837] xsk_init_queue+0x82/0xd0 [ 130.110913][T14837] xsk_setsockopt+0x409/0x520 [ 130.115634][T14837] ? __pfx_xsk_setsockopt+0x10/0x10 [ 130.120953][T14837] __sys_setsockopt+0x1cc/0x240 [ 130.125932][T14837] __x64_sys_setsockopt+0x66/0x80 [ 130.131010][T14837] x64_sys_call+0x278d/0x2d60 [ 130.135740][T14837] do_syscall_64+0xc9/0x1c0 [ 130.140280][T14837] ? clear_bhb_loop+0x55/0xb0 [ 130.144993][T14837] ? clear_bhb_loop+0x55/0xb0 [ 130.149707][T14837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.155649][T14837] RIP: 0033:0x7fce9637e719 [ 130.160119][T14837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.180588][T14837] RSP: 002b:00007fce94ff7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 130.189161][T14837] RAX: ffffffffffffffda RBX: 00007fce96535f80 RCX: 00007fce9637e719 [ 130.196052][T14848] loop1: detected capacity change from 0 to 512 [ 130.197147][T14837] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003 [ 130.197166][T14837] RBP: 00007fce963f139e R08: 0000000000000020 R09: 0000000000000000 [ 130.219399][T14837] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000000 [ 130.227392][T14837] R13: 0000000000000000 R14: 00007fce96535f80 R15: 00007fff43e00f18 [ 130.235415][T14837] [ 130.238655][T14837] Mem-Info: [ 130.241777][T14837] active_anon:7273 inactive_anon:0 isolated_anon:0 [ 130.241777][T14837] active_file:10967 inactive_file:12790 isolated_file:0 [ 130.241777][T14837] unevictable:0 dirty:259 writeback:0 [ 130.241777][T14837] slab_reclaimable:3057 slab_unreclaimable:13972 [ 130.241777][T14837] mapped:20748 shmem:307 pagetables:866 [ 130.241777][T14837] sec_pagetables:0 bounce:0 [ 130.241777][T14837] kernel_misc_reclaimable:0 [ 130.241777][T14837] free:1897105 free_pcp:8767 free_cma:0 [ 130.287085][T14837] Node 0 active_anon:29092kB inactive_anon:0kB active_file:43868kB inactive_file:51160kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:82992kB dirty:1036kB writeback:0kB shmem:1228kB writeback_tmp:0kB kernel_stack:2928kB pagetables:3464kB sec_pagetables:0kB all_unreclaimable? no [ 130.314955][T14837] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 130.342296][T14837] lowmem_reserve[]: 0 2866 7844 0 [ 130.347647][T14837] Node 0 DMA32 free:2950276kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953908kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB [ 130.376409][T14837] lowmem_reserve[]: 0 0 4978 0 [ 130.381227][T14837] Node 0 Normal free:4620736kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:28860kB inactive_anon:0kB active_file:43868kB inactive_file:51160kB unevictable:0kB writepending:1036kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:31916kB local_pcp:25796kB free_cma:0kB [ 130.411773][T14837] lowmem_reserve[]: 0 0 0 0 [ 130.416415][T14837] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 130.429483][T14837] Node 0 DMA32: 3*4kB (M) 1*8kB (M) 1*16kB (M) 3*32kB (M) 2*64kB (M) 3*128kB (M) 2*256kB (M) 2*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950276kB [ 130.445779][T14837] Node 0 Normal: 256*4kB (UME) 84*8kB (ME) 43*16kB (UME) 185*32kB (UME) 306*64kB (UME) 187*128kB (UME) 117*256kB (UME) 73*512kB (UME) 50*1024kB (UM) 29*2048kB (UME) 1072*4096kB (UM) = 4620656kB [ 130.465282][T14837] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 130.474693][T14837] 24058 total pagecache pages [ 130.479515][T14837] 1 pages in swap cache [ 130.483768][T14837] Free swap = 124484kB [ 130.487928][T14837] Total swap = 124996kB [ 130.492280][T14837] 2097051 pages RAM [ 130.496097][T14837] 0 pages HighMem/MovableOnly [ 130.500808][T14837] 80182 pages reserved [ 130.506212][T14848] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 130.540794][T14848] ext4 filesystem being mounted at /1086/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.574108][T14848] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.5805: Failed to acquire dquot type 1 [ 130.629234][T14859] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 139: padding at end of block bitmap is not set [ 130.669130][ T4016] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 130.767564][T14888] netlink: 'syz.4.5825': attribute type 7 has an invalid length. [ 130.791230][T14890] loop1: detected capacity change from 0 to 1024 [ 130.812414][T14890] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.917618][ T4016] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.942267][T14908] loop2: detected capacity change from 0 to 512 [ 131.180660][T14929] __nla_validate_parse: 7 callbacks suppressed [ 131.180679][T14929] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5853'. [ 131.317388][T14950] loop2: detected capacity change from 0 to 512 [ 131.343868][T14955] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 131.362638][T14950] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.5852: Failed to acquire dquot type 1 [ 131.572163][T14980] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5867'. [ 131.710032][T14990] xt_CT: You must specify a L4 protocol and not use inversions on it [ 131.751733][T14992] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5873'. [ 131.765875][T14994] ip6t_srh: unknown srh match flags 5294 [ 131.840213][T14761] loop3: detected capacity change from 0 to 262144 [ 131.850314][T14950] EXT4-fs (loop2): 1 truncate cleaned up [ 131.850947][T14950] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 131.851020][T14950] ext4 filesystem being mounted at /1089/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 131.860583][T15002] netlink: 830 bytes leftover after parsing attributes in process `syz.0.5878'. [ 131.889526][T15002] bond_slave_0: entered promiscuous mode [ 131.889553][T15002] bond_slave_1: entered promiscuous mode [ 131.920770][ T4011] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.041461][T15021] tmpfs: Bad value for 'mpol' [ 132.131188][T15036] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5896'. [ 132.353732][T15071] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5911'. [ 132.372716][T15075] ip6t_REJECT: ECHOREPLY is not supported [ 132.422216][T15082] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5919'. [ 132.632610][T15118] wireguard0: entered promiscuous mode [ 132.638163][T15118] wireguard0: entered allmulticast mode [ 132.663445][T15124] xt_CT: You must specify a L4 protocol and not use inversions on it [ 132.683710][T15126] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5939'. [ 132.715267][T15128] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5940'. [ 132.800920][T15141] netlink: 830 bytes leftover after parsing attributes in process `syz.4.5946'. [ 132.810057][T15141] bond_slave_0: entered promiscuous mode [ 132.815868][T15141] bond_slave_1: entered promiscuous mode [ 132.906675][T15155] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 132.998915][ T29] kauditd_printk_skb: 863 callbacks suppressed [ 132.998932][ T29] audit: type=1326 audit(2000000014.555:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ff00000 [ 133.012571][T15170] loop3: detected capacity change from 0 to 256 [ 133.028694][ T29] audit: type=1326 audit(2000000014.555:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ff00000 [ 133.028732][ T29] audit: type=1326 audit(2000000014.555:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ff00000 [ 133.082114][ T29] audit: type=1326 audit(2000000014.555:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ff00000 [ 133.105621][ T29] audit: type=1326 audit(2000000014.555:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ff00000 [ 133.129221][ T29] audit: type=1326 audit(2000000014.555:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ff00000 [ 133.152796][ T29] audit: type=1326 audit(2000000014.555:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ff00000 [ 133.169564][T15173] SELinux: failed to load policy [ 133.176306][ T29] audit: type=1326 audit(2000000014.555:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ff00000 [ 133.204759][ T29] audit: type=1326 audit(2000000014.555:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ff00000 [ 133.228479][ T29] audit: type=1326 audit(2000000014.555:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ff00000 [ 133.365928][T15192] netlink: 'syz.0.5970': attribute type 27 has an invalid length. [ 133.373856][T15192] netlink: 'syz.0.5970': attribute type 3 has an invalid length. [ 133.491634][T15203] vhci_hcd: invalid port number 0 [ 133.574468][T15223] xt_CT: You must specify a L4 protocol and not use inversions on it [ 133.634382][T15231] __vm_enough_memory: pid: 15231, comm: syz.3.6000, bytes: 4503599627366400 not enough memory for the allocation [ 133.698501][T15243] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 133.881971][T15267] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 134.030777][T15293] netlink: 'syz.4.6021': attribute type 21 has an invalid length. [ 134.054789][T15297] __vm_enough_memory: pid: 15297, comm: syz.0.6023, bytes: 4503599627366400 not enough memory for the allocation [ 134.570144][T15372] netlink: 'syz.0.6057': attribute type 11 has an invalid length. [ 134.618050][T15377] ieee802154 phy0 wpan0: encryption failed: -22 [ 135.325392][T15491] netlink: 'syz.0.6120': attribute type 32 has an invalid length. [ 135.334671][T15491] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 135.475971][T15507] SET target dimension over the limit! [ 136.064863][T15591] netlink: 'syz.4.6169': attribute type 1 has an invalid length. [ 136.142757][T15602] loop4: detected capacity change from 0 to 1024 [ 136.188679][T15602] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.294219][ T4008] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.323846][T15633] IPv6: Can't replace route, no match found [ 136.432038][T15654] netlink: 'syz.4.6198': attribute type 10 has an invalid length. [ 136.455297][T15654] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.462549][T15654] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.496847][T15654] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.503996][T15654] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.511326][T15654] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.518410][T15654] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.540219][T15654] bridge0: entered promiscuous mode [ 136.546482][T15654] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 136.556255][T15669] netlink: 'syz.1.6203': attribute type 10 has an invalid length. [ 136.575390][T15669] 8021q: adding VLAN 0 to HW filter on device team0 [ 136.589170][T15669] bond0: (slave team0): Enslaving as an active interface with an up link [ 136.597804][T15664] __nla_validate_parse: 16 callbacks suppressed [ 136.597821][T15664] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6202'. [ 136.613287][T15664] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6202'. [ 136.754002][T15707] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6217'. [ 136.793096][T15712] netlink: 'syz.1.6219': attribute type 10 has an invalid length. [ 136.816623][T15712] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.823897][T15712] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.868963][T15712] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.876194][T15712] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.883671][T15712] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.890747][T15712] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.893190][T15723] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6225'. [ 136.904719][T15712] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 136.915133][T15723] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6225'. [ 136.924536][T15723] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6225'. [ 137.079007][T15754] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 137.089084][T15754] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 137.131537][T15758] netlink: 'syz.2.6239': attribute type 10 has an invalid length. [ 137.141492][T15758] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.148704][T15758] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.201951][T15758] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.209150][T15758] bridge0: port 2(bridge_slave_1) entered forwarding state [ 137.216532][T15758] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.223714][T15758] bridge0: port 1(bridge_slave_0) entered forwarding state [ 137.234668][T15758] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 137.249759][T15763] wireguard0: entered promiscuous mode [ 137.255336][T15763] wireguard0: entered allmulticast mode [ 137.650076][T15823] PM: Enabling pm_trace changes system date and time during resume. [ 137.650076][T15823] PM: Correct system time has to be restored manually after resume. [ 137.761018][T15837] netlink: 60 bytes leftover after parsing attributes in process `syz.3.6280'. [ 137.770576][T15837] unsupported nlmsg_type 40 [ 138.031724][T15840] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6282'. [ 138.039179][T15845] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.039352][T15845] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.042735][T15845] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.042785][T15845] bridge0: port 2(bridge_slave_1) entered forwarding state [ 138.042856][T15845] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.042886][T15845] bridge0: port 1(bridge_slave_0) entered forwarding state [ 138.044095][T15845] bridge0: entered promiscuous mode [ 138.044529][T15845] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 138.201484][T15868] x_tables: ip6_tables: SNPT target: used from hooks PREROUTING, but only usable from INPUT/POSTROUTING [ 138.218479][T15867] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6295'. [ 138.261132][T15877] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.268377][T15877] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.278688][T15881] ipt_ECN: cannot use operation on non-tcp rule [ 138.387112][ T29] kauditd_printk_skb: 8164 callbacks suppressed [ 138.387182][ T29] audit: type=1400 audit(2000000019.587:9381): avc: denied { node_bind } for pid=15896 comm="syz.0.6310" saddr=ff00::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 138.393804][T15902] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6312'. [ 138.503300][ T29] audit: type=1400 audit(2000000019.690:9382): avc: denied { write } for pid=15913 comm="syz.3.6318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 138.522932][ T29] audit: type=1400 audit(2000000019.690:9383): avc: denied { connect } for pid=15913 comm="syz.3.6318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 138.542671][ T29] audit: type=1400 audit(2000000019.690:9384): avc: denied { name_connect } for pid=15913 comm="syz.3.6318" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 138.624911][T15930] Driver unsupported XDP return value 0 on prog (id 466) dev N/A, expect packet loss! [ 138.703113][T15944] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.710312][T15944] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.814128][T15964] loop1: detected capacity change from 0 to 164 [ 138.825838][T15964] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 138.840321][T15970] validate_nla: 4 callbacks suppressed [ 138.840401][T15970] netlink: 'syz.3.6346': attribute type 21 has an invalid length. [ 138.854951][ T29] audit: type=1400 audit(2000000020.036:9385): avc: denied { setopt } for pid=15965 comm="syz.4.6344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 138.875109][T15972] ipt_ECN: cannot use operation on non-tcp rule [ 138.899247][T15970] netlink: 'syz.3.6346': attribute type 1 has an invalid length. [ 138.971904][T15988] netlink: 'syz.0.6354': attribute type 10 has an invalid length. [ 139.008415][T15988] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.015591][T15988] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.244994][T16037] netlink: 'syz.3.6379': attribute type 10 has an invalid length. [ 139.432093][T16074] usb usb7: usbfs: process 16074 (syz.3.6398) did not claim interface 0 before use [ 139.634981][T16103] loop3: detected capacity change from 0 to 164 [ 139.674207][T16103] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 139.970597][ T29] audit: type=1400 audit(2000000021.075:9386): avc: denied { read write } for pid=4011 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 140.025490][ T29] audit: type=1400 audit(2000000021.103:9387): avc: denied { open } for pid=4011 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 140.049723][ T29] audit: type=1400 audit(2000000021.103:9388): avc: denied { ioctl } for pid=4011 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 140.075597][ T29] audit: type=1400 audit(2000000021.112:9389): avc: denied { read } for pid=2998 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 140.097625][T16156] netlink: 'syz.2.6446': attribute type 5 has an invalid length. [ 140.105489][ T29] audit: type=1400 audit(2000000021.112:9390): avc: denied { search } for pid=2998 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 140.325273][T16175] usb usb7: usbfs: process 16175 (syz.2.6457) did not claim interface 0 before use [ 140.848437][T16247] IPv6: Can't replace route, no match found [ 140.983094][T16275] xt_hashlimit: max too large, truncated to 1048576 [ 140.989832][T16275] xt_hashlimit: overflow, try lower: 0/0 [ 141.064242][T16288] IPv6: Can't replace route, no match found [ 141.251606][T16325] loop3: detected capacity change from 0 to 128 [ 141.594109][T16387] loop3: detected capacity change from 0 to 128 [ 141.955734][T16430] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 142.154874][T16459] ieee802154 phy0 wpan0: encryption failed: -22 [ 142.287877][T16475] __nla_validate_parse: 11 callbacks suppressed [ 142.287921][T16475] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6594'. [ 142.482421][T16495] siw: device registration error -23 [ 142.525159][T16503] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6610'. [ 142.534201][T16503] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6610'. [ 142.551522][T16509] ieee802154 phy0 wpan0: encryption failed: -22 [ 142.723082][T16530] siw: device registration error -23 [ 142.811100][T16540] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 142.817659][T16540] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 142.825911][T16540] vhci_hcd vhci_hcd.0: Device attached [ 142.940594][T16554] vhci_hcd vhci_hcd.0: port 0 already used [ 142.951158][T16543] vhci_hcd: connection closed [ 143.015674][ T36] vhci_hcd: stop threads [ 143.024756][ T36] vhci_hcd: release socket [ 143.029197][ T36] vhci_hcd: disconnect device [ 143.154607][T16590] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6651'. [ 143.207655][T16598] netlink: 'syz.2.6654': attribute type 1 has an invalid length. [ 143.295556][T16616] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6662'. [ 143.304711][T16616] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6662'. [ 143.317349][T16617] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6664'. [ 143.326403][T16617] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6664'. [ 143.394467][T16630] netlink: 'syz.3.6671': attribute type 1 has an invalid length. [ 143.402350][T16632] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6672'. [ 143.469353][T16640] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 143.541144][T16653] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6682'. [ 143.634068][T16667] netlink: 'syz.4.6688': attribute type 10 has an invalid length. [ 143.675490][T16667] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.687081][T16667] team_slave_0: entered promiscuous mode [ 143.692863][T16667] team_slave_1: entered promiscuous mode [ 143.700800][T16667] bond0: (slave team0): Enslaving as an active interface with an up link [ 143.772310][T16681] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 143.907735][T16706] netlink: 'syz.4.6706': attribute type 11 has an invalid length. [ 143.943480][T16708] netlink: 'syz.2.6708': attribute type 10 has an invalid length. [ 143.986113][T16708] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.003831][T16708] bond0: (slave team0): Enslaving as an active interface with an up link [ 144.077233][ T29] kauditd_printk_skb: 144 callbacks suppressed [ 144.077270][ T29] audit: type=1400 audit(2000000024.910:9535): avc: denied { create } for pid=16723 comm="syz.4.6718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 144.132520][ T29] audit: type=1400 audit(2000000024.929:9536): avc: denied { node_bind } for pid=16730 comm="syz.2.6720" saddr=fe88::3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 144.153908][ T29] audit: type=1400 audit(2000000024.938:9537): avc: denied { read } for pid=16723 comm="syz.4.6718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 144.208034][T16741] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 144.208965][ T29] audit: type=1400 audit(2000000025.041:9538): avc: denied { setopt } for pid=16739 comm="syz.0.6725" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 144.229742][T16745] netlink: 'syz.3.6727': attribute type 10 has an invalid length. [ 144.296415][T16745] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.317594][T16745] bond0: (slave team0): Enslaving as an active interface with an up link [ 144.369805][ T29] audit: type=1400 audit(2000000025.191:9539): avc: denied { write } for pid=16761 comm="syz.0.6744" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 144.402014][T16763] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 144.469336][T16775] netlink: 'syz.3.6739': attribute type 11 has an invalid length. [ 144.518719][T16785] netlink: 'syz.0.6755': attribute type 2 has an invalid length. [ 144.541399][T16782] Option '/00' to dns_resolver key: bad/missing value [ 144.632611][ T29] audit: type=1400 audit(2000000025.434:9540): avc: denied { write } for pid=16800 comm="syz.2.6752" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 144.713252][T16816] netlink: 'syz.4.6761': attribute type 2 has an invalid length. [ 144.733489][ T29] audit: type=1400 audit(2000000025.527:9541): avc: denied { create } for pid=16817 comm="syz.1.6763" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 144.753637][ T29] audit: type=1400 audit(2000000025.527:9542): avc: denied { getopt } for pid=16817 comm="syz.1.6763" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 144.900439][T16848] IPVS: length: 39 != 24 [ 144.933231][ T29] audit: type=1326 audit(2000000025.724:9543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16852 comm="syz.4.6779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9637e719 code=0x7ffc0000 [ 144.959215][ T29] audit: type=1326 audit(2000000025.724:9544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16852 comm="syz.4.6779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7fce9637e719 code=0x7ffc0000 [ 145.021193][T16858] Option '/00' to dns_resolver key: bad/missing value [ 145.112730][T16882] team_slave_0: entered allmulticast mode [ 145.265526][T16908] IPVS: length: 39 != 24 [ 145.271813][T16910] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 145.278462][T16910] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 145.286675][T16910] vhci_hcd vhci_hcd.0: Device attached [ 145.365775][T16910] vhci_hcd vhci_hcd.0: port 0 already used [ 145.372310][T16913] vhci_hcd: connection closed [ 145.375495][ T28] vhci_hcd: stop threads [ 145.384707][ T28] vhci_hcd: release socket [ 145.389186][ T28] vhci_hcd: disconnect device [ 145.519745][T16960] cgroup: name respecified [ 145.594671][T16969] team_slave_0: entered allmulticast mode [ 145.696870][T16986] SELinux: Context system_u:object_r:hald_dccm_exec_t:s0 is not valid (left unmapped). [ 145.827205][T17007] team_slave_0: entered allmulticast mode [ 145.848638][T17010] ------------[ cut here ]------------ [ 145.854176][T17010] Please remove unsupported % in format string [ 145.861713][T17010] WARNING: CPU: 1 PID: 17010 at lib/vsprintf.c:2659 format_decode+0x87f/0x8a0 [ 145.870672][T17010] Modules linked in: [ 145.874629][T17010] CPU: 1 UID: 0 PID: 17010 Comm: syz.3.6855 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0 [ 145.885491][T17010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 145.895642][T17010] RIP: 0010:format_decode+0x87f/0x8a0 [ 145.901051][T17010] Code: dc b2 86 e8 e3 e1 1c fc c6 05 c6 a6 86 01 01 90 4c 89 ef e8 43 e0 1c fc 41 0f b6 75 00 48 c7 c7 2f ea 3b 86 e8 32 bf e5 fb 90 <0f> 0b 90 90 4c 89 ff e8 35 ee 1c fc 4d 8b 27 e9 a3 fe ff ff e8 a8 [ 145.920803][T17010] RSP: 0018:ffffc90004533a50 EFLAGS: 00010246 [ 145.926939][T17010] RAX: bdf39bc96df2ff00 RBX: ffff00ffffffffff RCX: 0000000000040000 [ 145.934950][T17010] RDX: ffffc900069e9000 RSI: 0000000000001299 RDI: 000000000000129a [ 145.943026][T17010] RBP: 0000000000000000 R08: ffffffff8111f637 R09: 0000000000000000 [ 145.951095][T17010] R10: 0001ffffffffffff R11: ffff88810344b180 R12: ffff0a00ffffff00 [ 145.959139][T17010] R13: ffffc90004533bb4 R14: ffff0000ffffff00 R15: ffffc90004533ad8 [ 145.967134][T17010] FS: 00007f8a359576c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 145.976159][T17010] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.982865][T17010] CR2: 0000001b2e31eff8 CR3: 0000000107520000 CR4: 00000000003506f0 [ 145.990878][T17010] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 145.998891][T17010] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 146.006908][T17010] Call Trace: [ 146.010187][T17010] [ 146.013145][T17010] ? __warn+0x141/0x350 [ 146.017340][T17010] ? report_bug+0x315/0x420 [ 146.021901][T17010] ? format_decode+0x87f/0x8a0 [ 146.026821][T17010] ? handle_bug+0x60/0x90 [ 146.031259][T17010] ? exc_invalid_op+0x1a/0x50 [ 146.036074][T17010] ? asm_exc_invalid_op+0x1a/0x20 [ 146.041150][T17010] ? __warn_printk+0x167/0x1b0 [ 146.046016][T17010] ? format_decode+0x87f/0x8a0 [ 146.050828][T17010] bstr_printf+0xb5/0x9e0 [ 146.055173][T17010] ? bpf_test_run+0x1d6/0x4a0 [ 146.059919][T17010] bpf_trace_printk+0xba/0x1d0 [ 146.064692][T17010] ? bpf_test_run+0x1d6/0x4a0 [ 146.069483][T17010] bpf_prog_12183cdb1cd51dab+0x37/0x3b [ 146.074973][T17010] bpf_test_run+0x1e5/0x4a0 [ 146.079549][T17010] ? _raw_spin_lock_irqsave+0x3c/0xb0 [ 146.084981][T17010] ? bpf_test_run+0x104/0x4a0 [ 146.089768][T17010] bpf_prog_test_run_skb+0x830/0xba0 [ 146.095150][T17010] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 146.101033][T17010] bpf_prog_test_run+0x20f/0x3a0 [ 146.106059][T17010] __sys_bpf+0x400/0x7a0 [ 146.110428][T17010] __x64_sys_bpf+0x43/0x50 [ 146.114882][T17010] x64_sys_call+0x2625/0x2d60 [ 146.119609][T17010] do_syscall_64+0xc9/0x1c0 [ 146.124141][T17010] ? clear_bhb_loop+0x55/0xb0 [ 146.128873][T17010] ? clear_bhb_loop+0x55/0xb0 [ 146.133665][T17010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.139608][T17010] RIP: 0033:0x7f8a36cde719 [ 146.144058][T17010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.163785][T17010] RSP: 002b:00007f8a35957038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 146.172267][T17010] RAX: ffffffffffffffda RBX: 00007f8a36e95f80 RCX: 00007f8a36cde719 [ 146.180275][T17010] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 146.188291][T17010] RBP: 00007f8a36d5139e R08: 0000000000000000 R09: 0000000000000000 [ 146.196361][T17010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.204355][T17010] R13: 0000000000000000 R14: 00007f8a36e95f80 R15: 00007ffe3de7f638 [ 146.212491][T17010] [ 146.215528][T17010] ---[ end trace 0000000000000000 ]--- [ 146.284486][T17026] cgroup: name respecified [ 146.299028][T17032] openvswitch: netlink: Key 0 has unexpected len 4 expected 0 [ 146.381030][T17046] netlink: 'syz.4.6874': attribute type 1 has an invalid length. [ 146.388971][T17046] netlink: 'syz.4.6874': attribute type 2 has an invalid length. [ 146.591427][T17088] SELinux: failed to load policy [ 146.740096][T17122] netlink: 'syz.3.6910': attribute type 21 has an invalid length. [ 146.783337][T17129] SELinux: failed to load policy [ 146.848344][T17142] netlink: 'syz.1.6920': attribute type 10 has an invalid length. [ 146.871938][T17142] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 146.931960][T17156] xt_TCPMSS: Only works on TCP SYN packets [ 146.957889][T17162] SELinux: failed to load policy [ 147.454799][T17265] ebt_limit: overflow, try lower: 570423552/2483027968 [ 147.638859][T17303] netlink: 'syz.2.7000': attribute type 10 has an invalid length. [ 147.646739][T17303] __nla_validate_parse: 11 callbacks suppressed [ 147.646755][T17303] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7000'. [ 147.664494][T17303] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 147.868869][T17343] netlink: 'syz.1.7020': attribute type 1 has an invalid length. [ 147.976166][T17368] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7033'. [ 148.089332][T17389] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7045'. [ 148.149100][T17396] xt_CT: You must specify a L4 protocol and not use inversions on it [ 148.158622][T17400] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7049'. [ 148.167693][T17400] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7049'. [ 148.206400][T17409] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7053'. [ 148.226821][T17412] cgroup: Invalid name [ 148.387654][T17448] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7073'. [ 148.514032][T17471] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7083'. [ 148.576182][T17482] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7089'. [ 148.626311][T17492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7094'. [ 148.663577][T17497] loop3: detected capacity change from 0 to 256 [ 148.680966][T17503] xt_CT: You must specify a L4 protocol and not use inversions on it [ 148.727865][T17508] cgroup: Invalid name [ 148.911610][T17544] Cannot find add_set index 3 as target [ 149.127125][T17586] Cannot find add_set index 3 as target [ 149.341809][ C0] hrtimer: interrupt took 46483 ns [ 149.503410][T17654] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 149.584952][ T29] kauditd_printk_skb: 44 callbacks suppressed [ 149.585046][ T29] audit: type=1400 audit(144.349:9589): avc: denied { write } for pid=17664 comm="syz.3.7182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 149.669142][T17682] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 149.901894][T17705] loop3: detected capacity change from 0 to 128 [ 149.944395][T17705] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 149.964771][T17705] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 149.973421][T17705] FAT-fs (loop3): Filesystem has been set read-only [ 150.006105][T17720] x_tables: ip_tables: osf match: only valid for protocol 6 [ 150.051169][T17726] loop0: detected capacity change from 0 to 512 [ 150.065493][T17730] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 150.096612][T17726] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.112735][ T29] audit: type=1400 audit(144.835:9590): avc: denied { mount } for pid=17725 comm="syz.0.7221" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 150.141687][ T4003] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.143249][ T29] audit: type=1400 audit(144.863:9591): avc: denied { unmount } for pid=4003 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 150.203112][ T29] audit: type=1400 audit(144.919:9592): avc: denied { read write } for pid=17749 comm="syz.3.7222" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 150.226253][ T29] audit: type=1400 audit(144.919:9593): avc: denied { open } for pid=17749 comm="syz.3.7222" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 150.284192][ T29] audit: type=1400 audit(144.994:9594): avc: denied { create } for pid=17762 comm="syz.3.7228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 150.316201][ T29] audit: type=1400 audit(145.022:9595): avc: denied { write } for pid=17762 comm="syz.3.7228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 150.336403][ T29] audit: type=1400 audit(145.022:9596): avc: denied { read } for pid=17762 comm="syz.3.7228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 150.496228][ T29] audit: type=1326 audit(145.191:9597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17796 comm="syz.2.7245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93ff3e719 code=0x7ffc0000 [ 150.519270][ T29] audit: type=1326 audit(145.191:9598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17796 comm="syz.2.7245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93ff3e719 code=0x7ffc0000 [ 150.536529][T17803] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 150.548107][T17801] netlink: 'syz.4.7248': attribute type 3 has an invalid length. [ 150.590723][T17807] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled [ 150.676436][T17818] bond2: entered promiscuous mode [ 150.681533][T17818] bond2: entered allmulticast mode [ 150.687091][T17818] 8021q: adding VLAN 0 to HW filter on device bond2 [ 150.697999][T17818] bond2 (unregistering): Released all slaves [ 150.839162][T17842] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled [ 150.954681][T17857] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 151.345654][T17930] loop2: detected capacity change from 0 to 512 [ 151.382853][T17930] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 151.407602][ T4011] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.488324][T17953] bond1: entered promiscuous mode [ 151.493476][T17953] bond1: entered allmulticast mode [ 151.498937][T17953] 8021q: adding VLAN 0 to HW filter on device bond1 [ 151.512050][T17953] bond1 (unregistering): Released all slaves [ 151.681108][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.688588][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.696110][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.703587][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.711012][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.718446][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.725909][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.733336][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.740812][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.748330][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.755775][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.763303][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.770757][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.778197][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.785718][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.793184][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.800620][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.808125][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.815540][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.822983][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.830495][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.837966][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.845414][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.852933][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.860473][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.867894][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.875431][ T3997] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.885867][ T3997] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz0 [ 152.226755][T18053] bond1: entered promiscuous mode [ 152.231831][T18053] bond1: entered allmulticast mode [ 152.242134][T18053] 8021q: adding VLAN 0 to HW filter on device bond1 [ 152.266853][T18053] bond1 (unregistering): Released all slaves [ 152.441871][T18088] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067968) [ 152.452146][T18088] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647 [ 152.496180][T18090] xt_policy: too many policy elements [ 152.577691][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.585298][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.592894][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.601510][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.608984][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.616496][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.623946][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.631527][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.638977][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.646540][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.654079][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.661529][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.669004][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.676481][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.683939][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.691370][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.698808][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.706275][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.713673][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.721230][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.728704][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.736116][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.743593][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.751015][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.758501][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.765954][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.773438][ T3997] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 152.781498][ T3997] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz0 [ 152.913044][T18118] netlink: 'syz.3.7401': attribute type 10 has an invalid length. [ 152.922092][T18118] bridge0: port 3(dummy0) entered blocking state [ 152.928560][T18118] bridge0: port 3(dummy0) entered disabled state [ 152.935217][T18118] dummy0: entered allmulticast mode [ 152.942910][T18118] dummy0: entered promiscuous mode [ 153.017960][T18132] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067968) [ 153.028275][T18132] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647 [ 153.145918][T18146] __nla_validate_parse: 12 callbacks suppressed [ 153.145937][T18146] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7416'. [ 153.193086][T18169] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067968) [ 153.203389][T18169] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647 [ 153.279711][T18184] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7434'. [ 153.326800][T18192] deleting an unspecified loop device is not supported. [ 153.382025][T18206] xt_policy: too many policy elements [ 153.473872][T18224] tmpfs: Bad value for 'mpol' [ 153.670965][T18266] netlink: 'syz.4.7476': attribute type 4 has an invalid length. [ 153.731354][T18278] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7481'. [ 153.888270][T18310] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7497'. [ 153.897335][T18310] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7497'. [ 153.989821][T18325] tmpfs: Bad value for 'mpol' [ 154.258758][T18379] netlink: 'syz.2.7530': attribute type 4 has an invalid length. [ 154.289788][T18386] netlink: 'syz.2.7532': attribute type 10 has an invalid length. [ 154.297822][T18386] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7532'. [ 154.314251][T18386] bridge0: port 3(dummy0) entered blocking state [ 154.320846][T18386] bridge0: port 3(dummy0) entered disabled state [ 154.342840][T18386] dummy0: entered allmulticast mode [ 154.350467][T18386] dummy0: entered promiscuous mode [ 154.357766][T18386] bridge0: port 3(dummy0) entered blocking state [ 154.364195][T18386] bridge0: port 3(dummy0) entered forwarding state [ 154.451647][T18409] netlink: 'syz.0.7544': attribute type 4 has an invalid length. [ 154.493611][T18418] tmpfs: Bad value for 'mpol' [ 154.626225][T18446] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7564'. [ 154.656444][T18452] loop0: detected capacity change from 0 to 128 [ 154.675319][T18455] tmpfs: Bad value for 'mpol' [ 154.694395][T18459] netlink: 'syz.4.7570': attribute type 2 has an invalid length. [ 154.722046][T18452] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 154.734368][T18464] sit0: entered promiscuous mode [ 154.736269][T18452] EXT4-fs warning (device loop0): __ext4_ioctl:1258: Setting inode version is not supported with metadata_csum enabled. [ 154.746174][T18464] netlink: 'syz.2.7573': attribute type 1 has an invalid length. [ 154.759808][T18464] netlink: 1 bytes leftover after parsing attributes in process `syz.2.7573'. [ 154.769355][ T4003] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 155.111550][ T29] kauditd_printk_skb: 88 callbacks suppressed [ 155.111570][ T29] audit: type=1400 audit(149.512:9687): avc: denied { create } for pid=18520 comm="syz.3.7601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 155.127107][T18524] netlink: 256 bytes leftover after parsing attributes in process `syz.0.7603'. [ 155.192984][T18536] xt_NFQUEUE: number of total queues is 0 [ 155.222100][ T29] audit: type=1326 audit(149.615:9688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18539 comm="syz.3.7611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a36cde719 code=0x7ffc0000 [ 155.234425][T18542] netlink: 696 bytes leftover after parsing attributes in process `syz.0.7610'. [ 155.253572][ T29] audit: type=1326 audit(149.615:9689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18539 comm="syz.3.7611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a36cde719 code=0x7ffc0000 [ 155.277161][ T29] audit: type=1326 audit(149.615:9690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18539 comm="syz.3.7611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f8a36cde719 code=0x7ffc0000 [ 155.300072][ T29] audit: type=1326 audit(149.615:9691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18539 comm="syz.3.7611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a36cde719 code=0x7ffc0000 [ 155.340988][ T29] audit: type=1400 audit(149.718:9692): avc: denied { read } for pid=18549 comm="syz.3.7612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 155.387050][T18562] process 'syz.0.7620' launched './file0' with NULL argv: empty string added [ 155.396034][ T29] audit: type=1400 audit(149.765:9693): avc: denied { execute } for pid=18561 comm="syz.0.7620" name="file0" dev="tmpfs" ino=7204 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 155.445863][ T29] audit: type=1326 audit(149.821:9694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18569 comm="syz.0.7624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 155.468856][ T29] audit: type=1326 audit(149.821:9695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18569 comm="syz.0.7624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 155.483070][T18576] tmpfs: Bad value for 'mpol' [ 155.494501][ T29] audit: type=1326 audit(149.868:9696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18569 comm="syz.0.7624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 156.308683][T18654] netlink: 'syz.0.7667': attribute type 21 has an invalid length. [ 156.630325][T18702] loop0: detected capacity change from 0 to 512 [ 156.638980][T18702] EXT4-fs: Ignoring removed mblk_io_submit option [ 156.647175][T18702] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 156.662789][T18702] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002] [ 156.671268][T18702] System zones: 1-12 [ 156.675486][T18702] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.7689: corrupted in-inode xattr: e_value size too large [ 156.690063][T18702] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.7689: couldn't read orphan inode 15 (err -117) [ 156.702711][T18702] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 156.756662][ T4003] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.808216][T18731] netlink: 'syz.2.7704': attribute type 1 has an invalid length. [ 156.816073][T18731] netlink: 'syz.2.7704': attribute type 2 has an invalid length. [ 156.883913][T18745] xt_hashlimit: max too large, truncated to 1048576 [ 156.971778][T18762] netlink: 'syz.0.7720': attribute type 1 has an invalid length. [ 157.208249][T18813] loop3: detected capacity change from 0 to 164 [ 157.233093][T18813] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 157.364748][T18838] loop1: detected capacity change from 0 to 2048 [ 157.421028][T18838] loop1: p2 < > [ 157.447712][ T3016] loop1: p2 < > [ 157.478182][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 157.506968][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 157.551430][T18859] ip6gre1: entered allmulticast mode [ 157.880759][T18919] loop4: detected capacity change from 0 to 164 [ 157.894596][T18919] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 158.024727][T18935] loop4: detected capacity change from 0 to 512 [ 158.031336][T18935] EXT4-fs: Ignoring removed nobh option [ 158.055072][T18935] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 158.079855][ T4008] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.082764][T18944] tmpfs: Bad value for 'mpol' [ 158.341498][T18977] loop3: detected capacity change from 0 to 164 [ 158.377929][T18977] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 158.406011][T18977] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 158.569584][T18998] tmpfs: Bad value for 'mpol' [ 158.601886][T19002] netlink: 'syz.3.7835': attribute type 15 has an invalid length. [ 158.709014][T19025] netlink: 'syz.3.7847': attribute type 1 has an invalid length. [ 158.755809][T19029] __nla_validate_parse: 9 callbacks suppressed [ 158.755893][T19029] netlink: 256 bytes leftover after parsing attributes in process `syz.3.7848'. [ 158.856468][T19049] netlink: 'syz.2.7858': attribute type 1 has an invalid length. [ 158.998915][T19065] ieee802154 phy0 wpan0: encryption failed: -90 [ 159.172008][T19090] loop3: detected capacity change from 0 to 1024 [ 159.198247][T19090] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.241288][ T4005] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.476570][T19129] netlink: 'syz.2.7894': attribute type 1 has an invalid length. [ 159.616913][T19144] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7903'. [ 159.807503][T19171] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 159.915314][T19191] loop1: detected capacity change from 0 to 1024 [ 159.968481][T19191] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 160.015131][T19210] netlink: 'syz.4.7934': attribute type 21 has an invalid length. [ 160.023156][T19210] netlink: 'syz.4.7934': attribute type 20 has an invalid length. [ 160.048127][ T4016] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.175619][T19236] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 160.182194][T19236] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 160.189761][T19236] vhci_hcd vhci_hcd.0: Device attached [ 160.203747][T19237] usbip_core: unknown command [ 160.208498][T19237] vhci_hcd: unknown pdu 75816550 [ 160.213635][T19237] usbip_core: unknown command [ 160.231593][ T36] vhci_hcd: stop threads [ 160.235888][ T36] vhci_hcd: release socket [ 160.240312][ T36] vhci_hcd: disconnect device [ 160.578602][T19298] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 160.579742][T19297] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7976'. [ 160.691444][T19314] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7986'. [ 160.696665][T19317] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7985'. [ 160.891677][T19345] loop2: detected capacity change from 0 to 512 [ 160.916002][T19345] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 160.924052][T19345] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 160.947316][T19345] System zones: 0-1, 15-15, 18-18, 34-34 [ 160.955125][T19345] EXT4-fs (loop2): orphan cleanup on readonly fs [ 160.962127][T19345] __quota_error: 27 callbacks suppressed [ 160.962142][T19345] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 160.977403][T19345] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 160.992024][T19345] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 161.006794][T19345] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.7999: bg 0: block 40: padding at end of block bitmap is not set [ 161.029186][T19345] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 161.039255][ T29] audit: type=1400 audit(155.059:9724): avc: denied { bind } for pid=19364 comm="syz.3.8007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 161.058797][T19345] EXT4-fs (loop2): 1 truncate cleaned up [ 161.075282][T19345] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 161.109714][T19369] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8011'. [ 161.183911][ T4011] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.248426][T19386] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8019'. [ 161.264956][T19386] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8019'. [ 161.395597][T19402] netlink: 2 bytes leftover after parsing attributes in process `syz.3.8027'. [ 161.443026][T19407] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8030'. [ 161.831978][ T29] audit: type=1326 audit(155.789:9725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19468 comm="syz.0.8070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 161.855032][ T29] audit: type=1326 audit(155.789:9726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19468 comm="syz.0.8070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 161.878121][ T29] audit: type=1326 audit(155.798:9727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19468 comm="syz.0.8070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 161.901088][ T29] audit: type=1326 audit(155.798:9728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19468 comm="syz.0.8070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 161.998271][ T29] audit: type=1400 audit(155.957:9729): avc: denied { execute_no_trans } for pid=19497 comm="syz.2.8074" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1310 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 162.140220][T19519] loop2: detected capacity change from 0 to 512 [ 162.143145][T19521] loop4: detected capacity change from 0 to 512 [ 162.216393][T19521] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 162.224468][T19521] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 162.245415][T19521] System zones: 0-1, 15-15, 18-18, 34-34 [ 162.252465][T19521] EXT4-fs (loop4): orphan cleanup on readonly fs [ 162.262889][T19521] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0 [ 162.275719][ T29] audit: type=1326 audit(156.201:9730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19543 comm="syz.1.8092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ffc0000 [ 162.281753][T19521] EXT4-fs warning (device loop4): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 162.298777][ T29] audit: type=1326 audit(156.201:9731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19543 comm="syz.1.8092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ffc0000 [ 162.313298][T19521] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 162.352368][T19519] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.370319][T19521] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.8082: bg 0: block 40: padding at end of block bitmap is not set [ 162.401525][ T4011] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.401970][T19521] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 162.437230][T19521] EXT4-fs (loop4): 1 truncate cleaned up [ 162.446167][T19521] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 162.491802][T19565] Q6\bY4: renamed from lo [ 162.528827][ T4008] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.038871][T19673] loop1: detected capacity change from 0 to 512 [ 163.079463][T19673] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 163.087458][T19673] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 163.108142][T19673] System zones: 0-1, 15-15, 18-18, 34-34 [ 163.114275][T19673] EXT4-fs (loop1): orphan cleanup on readonly fs [ 163.121470][T19673] EXT4-fs warning (device loop1): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 163.136104][T19673] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 163.188110][T19673] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.8149: bg 0: block 40: padding at end of block bitmap is not set [ 163.199656][T19699] Q6\bY4: renamed from lo [ 163.206208][T19673] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 163.220337][T19673] EXT4-fs (loop1): 1 truncate cleaned up [ 163.228140][T19673] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 163.276447][ T4016] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.393632][T19729] tmpfs: Unknown parameter 'fsuuid' [ 163.952792][T19829] validate_nla: 7 callbacks suppressed [ 163.952854][T19829] netlink: 'syz.3.8228': attribute type 3 has an invalid length. [ 164.012199][T19843] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 164.091280][T19859] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 164.097850][T19859] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 164.105385][T19859] vhci_hcd vhci_hcd.0: Device attached [ 164.126533][T19860] usbip_core: unknown command [ 164.131281][T19860] vhci_hcd: unknown pdu 75816550 [ 164.136273][T19860] usbip_core: unknown command [ 164.157912][ T28] vhci_hcd: stop threads [ 164.162217][ T28] vhci_hcd: release socket [ 164.166733][ T28] vhci_hcd: disconnect device [ 164.455790][T19921] __nla_validate_parse: 5 callbacks suppressed [ 164.455809][T19921] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8271'. [ 165.107693][T20027] @: renamed from veth0_vlan (while UP) [ 165.147735][T20028] loop1: detected capacity change from 0 to 4096 [ 165.172202][T20036] raw_sendmsg: syz.4.8327 forgot to set AF_INET. Fix it! [ 165.228223][T20028] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.305032][ T4016] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.318355][T20061] 9pnet_fd: Insufficient options for proto=fd [ 165.489281][T20096] netlink: 'syz.2.8356': attribute type 21 has an invalid length. [ 165.557127][T20108] usb usb1: usbfs: process 20108 (syz.2.8362) did not claim interface 0 before use [ 165.749835][T20146] netlink: 68 bytes leftover after parsing attributes in process `syz.3.8377'. [ 166.027343][T20199] usb usb1: usbfs: process 20199 (syz.1.8409) did not claim interface 0 before use [ 166.079376][T20212] netlink: 'syz.0.8405': attribute type 21 has an invalid length. [ 166.112770][T20204] sit0: left promiscuous mode [ 166.121199][T20197] loop4: detected capacity change from 0 to 4096 [ 166.150205][T20197] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.221407][ T4008] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.243598][T20204] bridge0: port 3(dummy0) entered disabled state [ 166.250147][T20204] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.257378][T20204] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.360717][T20204] team_slave_0: left allmulticast mode [ 166.375362][T20204] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 166.399093][T20204] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 166.471364][T20204] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.480478][T20204] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.489714][T20204] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.498708][T20204] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.524792][T20204] ip6gre1: left allmulticast mode [ 166.541869][T20236] netlink: 'syz.3.8418': attribute type 21 has an invalid length. [ 166.595294][T20271] netlink: 132 bytes leftover after parsing attributes in process `syz.0.8433'. [ 166.632274][T20276] netlink: 240 bytes leftover after parsing attributes in process `syz.3.8436'. [ 166.644682][T20280] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8438'. [ 167.009383][T20345] SELinux: policydb version 0 does not match my version range 15-33 [ 167.015128][T20347] loop2: detected capacity change from 0 to 128 [ 167.041727][T20345] SELinux: failed to load policy [ 167.075654][T20347] tmpfs: Bad value for 'mpol' [ 167.080945][ T29] kauditd_printk_skb: 53 callbacks suppressed [ 167.080998][ T29] audit: type=1400 audit(160.709:9784): avc: denied { mounton } for pid=20346 comm="syz.2.8472" path="/1655/file0" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1 [ 167.125826][ T29] audit: type=1400 audit(160.756:9785): avc: denied { getopt } for pid=20361 comm="syz.1.8477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 167.213037][ T29] audit: type=1400 audit(160.831:9786): avc: denied { connect } for pid=20375 comm="syz.2.8484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 167.279807][T20387] SELinux: policydb version 0 does not match my version range 15-33 [ 167.295195][T20387] SELinux: failed to load policy [ 167.446664][ T29] audit: type=1400 audit(161.046:9787): avc: denied { accept } for pid=20413 comm="syz.3.8498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 167.477842][T20418] loop0: detected capacity change from 0 to 2048 [ 167.552953][ T29] audit: type=1400 audit(161.121:9788): avc: denied { getopt } for pid=20427 comm="syz.3.8504" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 167.581220][T20434] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8507'. [ 167.593572][T20418] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.636889][ T29] audit: type=1400 audit(161.224:9789): avc: denied { setattr } for pid=20417 comm="syz.0.8499" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 167.644302][T20446] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 167.729308][ T4003] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.773891][T20465] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.8521' sets config #-2 [ 167.879350][ T29] audit: type=1400 audit(161.458:9790): avc: denied { getopt } for pid=20475 comm="syz.4.8526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 167.909978][T20480] delete_channel: no stack [ 168.057924][T20512] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8543'. [ 168.282929][T20551] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8571'. [ 168.307494][T20557] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 168.325234][T20559] netlink: 'syz.4.8564': attribute type 5 has an invalid length. [ 168.400506][T20571] can0: slcan on ptm0. [ 168.412012][ T29] audit: type=1400 audit(161.944:9791): avc: denied { read } for pid=3054 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 168.463015][T20576] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.466087][ T29] audit: type=1400 audit(161.954:9792): avc: denied { search } for pid=3054 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 168.470129][T20576] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.498048][ T29] audit: type=1400 audit(161.954:9793): avc: denied { read } for pid=3054 comm="dhcpcd" name="n25" dev="tmpfs" ino=31258 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 168.498848][T20584] netlink: 132 bytes leftover after parsing attributes in process `syz.1.8579'. [ 168.541050][T20576] bond_slave_0: left promiscuous mode [ 168.546526][T20576] bond_slave_1: left promiscuous mode [ 168.552133][T20576] team_slave_0: left promiscuous mode [ 168.557557][T20576] team_slave_1: left promiscuous mode [ 168.606457][T20595] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.8583' sets config #-2 [ 168.658873][T20576] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 168.670563][T20576] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 168.708524][T20576] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.717514][T20576] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.726579][T20576] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.735672][T20576] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.753190][T20576] ip6gre1: left allmulticast mode [ 168.768727][T20597] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8584'. [ 168.847544][T20570] can0 (unregistered): slcan off ptm0. [ 169.421366][T20728] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 37407 - 0 [ 169.430317][T20728] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 37407 - 0 [ 169.439218][T20728] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 37407 - 0 [ 169.447107][T20731] ieee802154 phy0 wpan0: encryption failed: -22 [ 169.448178][T20728] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 37407 - 0 [ 169.465739][T20732] x_tables: unsorted underflow at hook 1 [ 169.479427][T20728] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 33597 - 0 [ 169.488336][T20728] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 33597 - 0 [ 169.497162][T20728] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 33597 - 0 [ 169.506028][T20728] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 33597 - 0 [ 169.517668][T20728] geneve2: entered promiscuous mode [ 169.523003][T20728] geneve2: entered allmulticast mode [ 169.588803][T20753] xt_TPROXY: Can be used only with -p tcp or -p udp [ 169.727857][T20779] can0: slcan on ptm0. [ 169.759483][T20787] cgroup: No subsys list or none specified [ 169.799346][T20777] can0 (unregistered): slcan off ptm0. [ 169.821043][T20797] ieee802154 phy0 wpan0: encryption failed: -22 [ 169.874437][T20806] __nla_validate_parse: 1 callbacks suppressed [ 169.874471][T20806] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8670'. [ 169.903431][T20808] x_tables: unsorted underflow at hook 1 [ 169.949651][T20818] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8674'. [ 170.053768][T20840] set match dimension is over the limit! [ 170.117040][T20850] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 39676 - 0 [ 170.126010][T20850] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 39676 - 0 [ 170.134967][T20850] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 39676 - 0 [ 170.143830][T20850] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 39676 - 0 [ 170.160791][T20858] netlink: 'syz.4.8688': attribute type 3 has an invalid length. [ 170.169043][T20850] netdevsim netdevsim3 netdevsim0: set [1, 2] type 2 family 0 port 39583 - 0 [ 170.178002][T20850] netdevsim netdevsim3 netdevsim1: set [1, 2] type 2 family 0 port 39583 - 0 [ 170.186903][T20850] netdevsim netdevsim3 netdevsim2: set [1, 2] type 2 family 0 port 39583 - 0 [ 170.195889][T20850] netdevsim netdevsim3 netdevsim3: set [1, 2] type 2 family 0 port 39583 - 0 [ 170.209305][T20850] geneve2: entered promiscuous mode [ 170.214569][T20850] geneve2: entered allmulticast mode [ 170.310103][T20883] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8693'. [ 170.437022][T20905] xt_TPROXY: Can be used only with -p tcp or -p udp [ 170.640776][T20945] set match dimension is over the limit! [ 170.832649][T20976] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8751'. [ 170.865632][T20986] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8745'. [ 171.021585][T21012] loop1: detected capacity change from 0 to 2048 [ 171.063834][T21017] xt_ipvs: protocol family 7 not supported [ 171.074986][T21012] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 171.075128][T21027] xt_TCPMSS: Only works on TCP SYN packets [ 171.146413][ T4016] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.169945][T21036] usb usb8: usbfs: process 21036 (syz.4.8768) did not claim interface 0 before use [ 171.206873][T21044] netlink: 'syz.2.8772': attribute type 1 has an invalid length. [ 171.216154][T21048] ebt_among: wrong size: 1048 against expected 1006634004, rounded to 1006634008 [ 171.417380][T21088] netdevsim netdevsim0: Firmware load for './cgroup/../file0' refused, path contains '..' component [ 171.453793][T21091] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8805'. [ 171.538622][T21106] netlink: 56 bytes leftover after parsing attributes in process `syz.3.8803'. [ 171.608162][T21119] loop3: detected capacity change from 0 to 1024 [ 171.642299][T21119] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 171.669553][ T4005] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.778716][T21154] netlink: 'syz.0.8827': attribute type 27 has an invalid length. [ 171.808102][T21154] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 171.921073][T21176] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8838'. [ 171.947111][T21175] loop0: detected capacity change from 0 to 2048 [ 171.971442][T21186] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8843'. [ 171.980637][T21186] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8843'. [ 172.028048][T21175] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 172.107181][ T4003] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.121774][T21205] netlink: 'syz.4.8853': attribute type 1 has an invalid length. [ 172.130661][T21206] ebt_among: wrong size: 1048 against expected 1006634004, rounded to 1006634008 [ 172.438285][T21256] xt_hashlimit: invalid interval [ 172.451175][ T29] kauditd_printk_skb: 107 callbacks suppressed [ 172.451201][ T29] audit: type=1400 audit(165.714:9901): avc: denied { ioctl } for pid=21251 comm="syz.0.8874" path="socket:[58934]" dev="sockfs" ino=58934 ioctlcmd=0x891e scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 172.522162][ T29] audit: type=1400 audit(165.798:9902): avc: denied { create } for pid=21263 comm="syz.4.8882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 172.588355][ T29] audit: type=1400 audit(165.854:9903): avc: denied { bind } for pid=21263 comm="syz.4.8882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 172.607512][ T29] audit: type=1400 audit(165.854:9904): avc: denied { node_bind } for pid=21263 comm="syz.4.8882" saddr=fe80::aa scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 172.737665][ T29] audit: type=1400 audit(165.995:9905): avc: denied { prog_load } for pid=21286 comm="syz.0.8891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 172.756291][ T29] audit: type=1400 audit(165.995:9906): avc: denied { map_create } for pid=21285 comm="syz.2.8890" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 172.775055][ T29] audit: type=1400 audit(165.995:9907): avc: denied { bpf } for pid=21286 comm="syz.0.8891" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 172.795473][ T29] audit: type=1400 audit(165.995:9909): avc: denied { perfmon } for pid=21285 comm="syz.2.8890" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 172.815910][ T29] audit: type=1400 audit(165.995:9908): avc: denied { perfmon } for pid=21286 comm="syz.0.8891" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 172.836406][ T29] audit: type=1400 audit(165.995:9910): avc: denied { map_read map_write } for pid=21285 comm="syz.2.8890" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 173.133490][T21316] netlink: 'syz.1.8907': attribute type 16 has an invalid length. [ 173.141439][T21316] netlink: 'syz.1.8907': attribute type 17 has an invalid length. [ 173.160474][T21321] xt_CT: You must specify a L4 protocol and not use inversions on it [ 173.334915][T21338] --map-set only usable from mangle table [ 173.335995][T21316] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 173.366881][T21316] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 173.444961][T21316] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.454176][T21316] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.463265][T21316] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.472331][T21316] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.496472][T21355] loop3: detected capacity change from 0 to 1764 [ 173.516240][T21316] ip6gre1: left allmulticast mode [ 173.587408][T21358] netlink: 'syz.4.8928': attribute type 21 has an invalid length. [ 173.597710][T21358] netlink: 'syz.4.8928': attribute type 4 has an invalid length. [ 173.605518][T21358] netlink: 'syz.4.8928': attribute type 5 has an invalid length. [ 173.681450][T21380] ipt_rpfilter: unknown options [ 173.753996][T21394] netlink: 'syz.2.8945': attribute type 1 has an invalid length. [ 173.906057][T21422] cgroup: name respecified [ 174.093890][T21460] dummy0: entered promiscuous mode [ 174.099209][T21460] dummy0: entered allmulticast mode [ 174.282145][T21495] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 174.312494][T21502] xt_TCPMSS: Only works on TCP SYN packets [ 174.663973][T21565] Restarting kernel threads ... done. [ 175.058794][T21642] Restarting kernel threads ... done. [ 175.143279][T21663] dummy0: entered promiscuous mode [ 175.148489][T21663] dummy0: entered allmulticast mode [ 175.357358][T21699] __nla_validate_parse: 12 callbacks suppressed [ 175.357376][T21699] netlink: 108 bytes leftover after parsing attributes in process `syz.2.9095'. [ 175.372854][T21699] netlink: 108 bytes leftover after parsing attributes in process `syz.2.9095'. [ 175.408197][T21712] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9099'. [ 175.488178][T21724] loop2: detected capacity change from 0 to 512 [ 175.497305][T21722] loop3: detected capacity change from 0 to 2048 [ 175.512192][T21724] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 175.561462][T21724] EXT4-fs (loop2): 1 orphan inode deleted [ 175.567569][T21724] EXT4-fs (loop2): 1 truncate cleaned up [ 175.585843][T21724] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.630659][T21722] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 175.644445][ T4011] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.685989][T21722] EXT4-fs error (device loop3): ext4_generic_delete_entry:2680: inode #2: block 16: comm syz.3.9108: bad entry in directory: inode out of bounds - offset=44, inode=185, rec_len=16, size=2048 fake=0 [ 175.708792][T21722] EXT4-fs error (device loop3) in ext4_delete_entry:2751: Corrupt filesystem [ 175.718828][T21752] xt_l2tp: missing protocol rule (udp|l2tpip) [ 175.733918][T21754] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9122'. [ 175.769760][ T4005] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.830368][T21768] validate_nla: 3 callbacks suppressed [ 175.830384][T21768] netlink: 'syz.2.9126': attribute type 7 has an invalid length. [ 175.854895][T21771] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 175.861462][T21771] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 175.869219][T21771] vhci_hcd vhci_hcd.0: Device attached [ 175.912248][T21773] vhci_hcd: connection closed [ 175.912632][ T36] vhci_hcd: stop threads [ 175.921785][ T36] vhci_hcd: release socket [ 175.926431][ T36] vhci_hcd: disconnect device [ 176.087905][T21815] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9150'. [ 176.219771][T21840] netlink: 'syz.4.9160': attribute type 7 has an invalid length. [ 176.538295][T21893] @: renamed from veth0_vlan [ 176.552787][T21895] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9189'. [ 176.561841][T21895] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9189'. [ 176.628799][T21909] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9196'. [ 176.630237][T21908] loop0: detected capacity change from 0 to 2048 [ 176.637903][T21909] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9196'. [ 176.689423][T21908] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 176.717467][T21908] EXT4-fs error (device loop0): ext4_generic_delete_entry:2680: inode #2: block 16: comm syz.0.9195: bad entry in directory: inode out of bounds - offset=44, inode=185, rec_len=16, size=2048 fake=0 [ 176.742488][T21908] EXT4-fs error (device loop0) in ext4_delete_entry:2751: Corrupt filesystem [ 176.799823][ T4003] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.808783][T21935] netlink: 200 bytes leftover after parsing attributes in process `syz.1.9209'. [ 176.877615][T21948] netlink: 'syz.2.9213': attribute type 3 has an invalid length. [ 176.959223][T21962] loop4: detected capacity change from 0 to 2048 [ 176.961533][T21964] netlink: 'syz.0.9220': attribute type 10 has an invalid length. [ 177.051981][T21962] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 177.073602][T21962] EXT4-fs error (device loop4): ext4_generic_delete_entry:2680: inode #2: block 16: comm syz.4.9219: bad entry in directory: inode out of bounds - offset=44, inode=185, rec_len=16, size=2048 fake=0 [ 177.098878][T21962] EXT4-fs error (device loop4) in ext4_delete_entry:2751: Corrupt filesystem [ 177.157542][ T4008] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.294172][T22018] caif0: entered promiscuous mode [ 177.299271][T22018] caif0: entered allmulticast mode [ 177.492065][T22053] netlink: 'syz.0.9264': attribute type 21 has an invalid length. [ 177.534254][T22061] caif0: entered promiscuous mode [ 177.539502][T22061] caif0: entered allmulticast mode [ 177.737714][T22101] bond2: entered allmulticast mode [ 177.743462][T22101] 8021q: adding VLAN 0 to HW filter on device bond2 [ 177.886115][ T29] kauditd_printk_skb: 132 callbacks suppressed [ 177.886140][ T29] audit: type=1400 audit(170.812:10043): avc: denied { execute } for pid=22124 comm="syz.3.9300" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=62421 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 177.994974][T22144] caif0: entered promiscuous mode [ 178.000205][T22144] caif0: entered allmulticast mode [ 178.138105][ T29] audit: type=1400 audit(171.046:10044): avc: denied { read write } for pid=22164 comm="syz.4.9320" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 178.161203][ T29] audit: type=1400 audit(171.046:10045): avc: denied { open } for pid=22164 comm="syz.4.9320" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 178.267470][ T29] audit: type=1326 audit(171.139:10046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22178 comm="syz.0.9325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 178.290495][ T29] audit: type=1326 audit(171.149:10047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22178 comm="syz.0.9325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 178.313583][ T29] audit: type=1326 audit(171.149:10048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22178 comm="syz.0.9325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 178.336512][ T29] audit: type=1326 audit(171.149:10049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22178 comm="syz.0.9325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 178.359547][ T29] audit: type=1326 audit(171.149:10050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22178 comm="syz.0.9325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14664de719 code=0x7ffc0000 [ 178.462048][ T29] audit: type=1400 audit(171.345:10051): avc: denied { create } for pid=22207 comm="syz.0.9340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 178.482375][ T29] audit: type=1400 audit(171.345:10052): avc: denied { write } for pid=22207 comm="syz.0.9340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 178.557655][T22227] xt_CT: You must specify a L4 protocol and not use inversions on it [ 178.574261][T22229] xt_hashlimit: max too large, truncated to 1048576 [ 178.677788][T22247] xt_TPROXY: Can be used only with -p tcp or -p udp [ 178.703937][T22252] loop0: detected capacity change from 0 to 128 [ 178.727069][T22252] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 178.761943][T22261] xt_hashlimit: max too large, truncated to 1048576 [ 178.796572][ T36] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 179.039383][T22310] xt_TPROXY: Can be used only with -p tcp or -p udp [ 179.140620][T22325] loop1: detected capacity change from 0 to 512 [ 179.196418][T22325] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 179.245587][ T4016] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 179.389734][T22366] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 179.435369][T22380] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 179.442788][T22380] vhci_hcd: invalid port number 23 [ 179.704273][T22429] netlink: 'syz.4.9446': attribute type 1 has an invalid length. [ 179.766474][T22441] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=50 sclass=netlink_audit_socket pid=22441 comm=syz.1.9451 [ 179.856926][T22456] netlink: 'syz.0.9458': attribute type 1 has an invalid length. [ 180.015345][T22483] loop0: detected capacity change from 0 to 512 [ 180.084041][T22483] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 180.126147][ T4003] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 180.283488][T22527] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 180.351695][T22537] binfmt_misc: register: failed to install interpreter file ./file0/../file0 [ 180.503970][T22565] loop4: detected capacity change from 0 to 1024 [ 180.615353][T22565] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 180.710496][T22565] EXT4-fs error (device loop4): ext4_empty_dir:3117: inode #11: block 623: comm syz.4.9513: Attempting to read directory block (623) that is past i_size (638464) [ 180.760464][ T4008] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.822856][T22624] __nla_validate_parse: 15 callbacks suppressed [ 180.822877][T22624] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9549'. [ 180.839420][T22620] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 180.901840][T22631] loop4: detected capacity change from 0 to 2048 [ 181.143883][T22678] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9565'. [ 181.188924][T22689] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9570'. [ 181.262429][T22701] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9577'. [ 181.279791][T22704] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9578'. [ 181.376668][T22721] netlink: 104 bytes leftover after parsing attributes in process `syz.3.9588'. [ 181.390687][T22728] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9591'. [ 181.421685][T22721] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9588'. [ 181.430714][T22721] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9588'. [ 181.478470][T22736] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 181.516572][T22743] netlink: 'syz.4.9597': attribute type 10 has an invalid length. [ 181.590913][T22757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9602'. [ 181.614222][T22762] xt_socket: unknown flags 0x2 [ 181.862943][T22810] loop1: detected capacity change from 0 to 512 [ 181.898436][T22810] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 181.944315][T22810] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.982580][T22833] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 182.079404][ T4016] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.211788][T22870] xt_CT: No such helper "pptp" [ 182.258401][T22881] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 182.316371][T22891] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 182.390120][T22901] loop0: detected capacity change from 0 to 256 [ 182.407050][T22901] FAT-fs (loop0): bogus sectors per cluster 30 [ 182.413316][T22901] FAT-fs (loop0): Can't find a valid FAT filesystem [ 182.699736][T22954] xt_socket: unknown flags 0x58 [ 182.801663][T22969] xt_CT: No such helper "pptp" [ 182.816349][T22973] tmpfs: Bad value for 'mpol' [ 183.025010][T23009] loop4: detected capacity change from 0 to 512 [ 183.050281][T23014] loop2: detected capacity change from 0 to 736 [ 183.050398][T23009] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.9724: invalid block [ 183.079860][T23014] rock: directory entry would overflow storage [ 183.086094][T23014] rock: sig=0x3b10, size=4, remaining=3 [ 183.089354][T23009] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.9724: invalid indirect mapped block 4294967295 (level 1) [ 183.096152][T23018] caif0: left promiscuous mode [ 183.107805][T23009] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.9724: invalid indirect mapped block 4294967295 (level 1) [ 183.125377][T23009] EXT4-fs (loop4): 2 truncates cleaned up [ 183.131603][T23009] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.176369][T23024] xt_socket: unknown flags 0x58 [ 183.185792][T23018] geneve2: left promiscuous mode [ 183.224187][ T4008] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.260814][T23032] xt_l2tp: v2 doesn't support IP mode [ 183.299456][ T29] kauditd_printk_skb: 68 callbacks suppressed [ 183.299471][ T29] audit: type=1326 audit(175.873:10121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23039 comm="syz.4.9735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9637e719 code=0x7ffc0000 [ 183.335315][ T29] audit: type=1326 audit(175.920:10122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23039 comm="syz.4.9735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7fce9637e719 code=0x7ffc0000 [ 183.358398][ T29] audit: type=1326 audit(175.920:10123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23039 comm="syz.4.9735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9637e719 code=0x7ffc0000 [ 183.381757][ T29] audit: type=1326 audit(175.920:10124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23039 comm="syz.4.9735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9637e719 code=0x7ffc0000 [ 183.482594][T23056] netlink: 'syz.4.9748': attribute type 15 has an invalid length. [ 183.601635][T23082] netlink: 'syz.3.9763': attribute type 21 has an invalid length. [ 183.762110][T23110] xt_l2tp: v2 doesn't support IP mode [ 183.820344][ T29] audit: type=1400 audit(176.359:10125): avc: denied { ioctl } for pid=23118 comm="syz.3.9779" path="socket:[65181]" dev="sockfs" ino=65181 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 183.875678][ T29] audit: type=1400 audit(176.397:10126): avc: denied { create } for pid=23124 comm="syz.2.9782" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 183.894749][ T29] audit: type=1400 audit(176.406:10127): avc: denied { ioctl } for pid=23124 comm="syz.2.9782" path="socket:[65196]" dev="sockfs" ino=65196 ioctlcmd=0x89ec scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 183.978350][ T29] audit: type=1400 audit(176.453:10128): avc: denied { ioctl } for pid=23136 comm="syz.4.9786" path="socket:[65220]" dev="sockfs" ino=65220 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 184.002764][ T29] audit: type=1400 audit(176.509:10129): avc: denied { setopt } for pid=23142 comm="syz.4.9791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 184.077128][T23163] sctp: [Deprecated]: syz.4.9801 (pid 23163) Use of struct sctp_assoc_value in delayed_ack socket option. [ 184.077128][T23163] Use struct sctp_sack_info instead [ 184.125672][ T29] audit: type=1326 audit(176.658:10130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23170 comm="syz.1.9805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x7ffc0000 [ 184.201448][T23181] loop1: detected capacity change from 0 to 512 [ 184.237380][T23181] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 184.300477][ T4016] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.326274][T23206] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 184.663870][T23256] sctp: [Deprecated]: syz.0.9845 (pid 23256) Use of struct sctp_assoc_value in delayed_ack socket option. [ 184.663870][T23256] Use struct sctp_sack_info instead [ 184.681656][T23258] netlink: 'syz.2.9847': attribute type 3 has an invalid length. [ 184.706682][T23262] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 185.410165][T23390] netlink: 'syz.3.9913': attribute type 10 has an invalid length. [ 185.425388][T23390] team0: Port device netdevsim1 added [ 185.488524][T23400] loop4: detected capacity change from 0 to 128 [ 185.496362][T23400] ext4: Unknown parameter 'noacl' [ 185.504078][T23400] bpf: Bad value for 'uid' [ 185.575630][T23412] xt_cgroup: invalid path, errno=-2 [ 185.683968][T23432] cgroup: noprefix used incorrectly [ 185.747077][T23441] xt_cgroup: invalid path, errno=-2 [ 185.780931][T23446] /dev/nbd3: Can't lookup blockdev [ 185.862281][T23458] netlink: 'syz.1.9946': attribute type 10 has an invalid length. [ 185.887601][T23464] xt_connbytes: Forcing CT accounting to be enabled [ 185.893131][T23458] team0: Port device netdevsim1 added [ 186.216807][T23527] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 186.243023][T23529] IPv6: sit1: Disabled Multicast RS [ 186.280314][T23535] netlink: 'syz.1.9983': attribute type 1 has an invalid length. [ 186.346541][T23541] xt_nat: multiple ranges no longer supported [ 186.495528][T23568] tmpfs: Bad value for 'mpol' [ 186.513986][T23577] netlink: 'syz.4.10004': attribute type 1 has an invalid length. [ 186.657197][T23601] __nla_validate_parse: 29 callbacks suppressed [ 186.657217][T23601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10016'. [ 186.820130][T23635] tipc: Can't bind to reserved service type 3 [ 187.320380][T23729] netlink: 'syz.4.10079': attribute type 11 has an invalid length. [ 187.372443][T23737] loop3: detected capacity change from 0 to 2048 [ 187.464671][T23737] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 187.489098][T23737] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 187.505538][T23763] netlink: 'syz.1.10093': attribute type 11 has an invalid length. [ 187.529167][T23737] EXT4-fs (loop3): Remounting filesystem read-only [ 187.545434][T23737] EXT4-fs warning (device loop3): ext4_xattr_inode_lookup_create:1605: inode #18: comm syz.3.10083: cleanup dec ref error -28 [ 187.588333][ T4005] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.849503][T23828] loop3: detected capacity change from 0 to 512 [ 187.868070][T23828] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.961182][T23850] x_tables: duplicate entry at hook 2 [ 187.988643][ T4005] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.051870][T23864] xt_TCPMSS: Only works on TCP SYN packets [ 188.157295][T23886] program syz.2.10153 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 188.188277][T23890] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 188.370397][T23919] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 188.384232][T23926] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 188.582144][T23963] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 188.615252][T23968] netlink: 'syz.3.10193': attribute type 4 has an invalid length. [ 188.672525][T23976] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 188.695922][T23976] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 188.775140][ T29] kauditd_printk_skb: 54 callbacks suppressed [ 188.775159][ T29] audit: type=1400 audit(181.008:10185): avc: denied { listen } for pid=23993 comm="syz.2.10206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 188.879590][T24012] IPv6: sit2: Disabled Multicast RS [ 188.898558][ T29] audit: type=1400 audit(181.111:10186): avc: denied { getopt } for pid=24016 comm="syz.3.10219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 188.920122][T24018] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 188.946401][T24018] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 188.962454][T24023] netlink: 'syz.4.10221': attribute type 4 has an invalid length. [ 188.995655][ T29] audit: type=1400 audit(181.205:10187): avc: denied { lock } for pid=24030 comm="syz.4.10226" path="socket:[68396]" dev="sockfs" ino=68396 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 189.176979][T24054] bridge0: left promiscuous mode [ 189.183557][T24054] bridge0: entered promiscuous mode [ 189.189931][T24054] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.199172][T24054] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.209133][T24054] dummy0: left promiscuous mode [ 189.214190][T24054] dummy0: left allmulticast mode [ 189.221328][T24054] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 189.553364][T24119] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10268'. [ 189.577060][ T29] audit: type=1400 audit(181.757:10188): avc: denied { setopt } for pid=24120 comm="syz.3.10270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 189.857111][T24147] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.864268][T24147] bridge0: port 2(bridge_slave_1) entered forwarding state [ 189.871692][T24147] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.878804][T24147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 189.902095][T24156] loop2: detected capacity change from 0 to 512 [ 189.919381][T24156] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 189.928860][T24147] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 189.944541][T24156] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 189.974152][T24156] System zones: 0-2, 18-18, 34-34 [ 190.024542][T24156] EXT4-fs error (device loop2): ext4_orphan_get:1414: comm syz.2.10286: bad orphan inode 15 [ 190.053138][T24156] ext4_test_bit(bit=14, block=18) = 1 [ 190.058708][T24156] is_bad_inode(inode)=0 [ 190.062941][T24156] NEXT_ORPHAN(inode)=2264924160 [ 190.067895][T24156] max_ino=32 [ 190.071107][T24156] i_nlink=0 [ 190.074313][T24156] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 190.090109][T24156] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.10286: bg 0: block 80: padding at end of block bitmap is not set [ 190.104925][T24156] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 190.114822][T24156] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.151985][T24191] netlink: 256 bytes leftover after parsing attributes in process `syz.3.10302'. [ 190.163023][ T4011] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.264544][T24205] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 190.271126][T24205] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 190.278884][T24205] vhci_hcd vhci_hcd.0: Device attached [ 190.285318][T24212] vhci_hcd: invalid port number 129 [ 190.295415][ T29] audit: type=1326 audit(182.421:10189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24214 comm="syz.3.10314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a36cde719 code=0x7ffc0000 [ 190.335769][T24210] vhci_hcd: connection closed [ 190.338348][ T1959] vhci_hcd: stop threads [ 190.347521][ T1959] vhci_hcd: release socket [ 190.351955][ T1959] vhci_hcd: disconnect device [ 190.383260][ T29] audit: type=1326 audit(182.449:10190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24214 comm="syz.3.10314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a36cde719 code=0x7ffc0000 [ 190.406522][ T29] audit: type=1326 audit(182.449:10191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24214 comm="syz.3.10314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f8a36cde719 code=0x7ffc0000 [ 190.429784][ T29] audit: type=1326 audit(182.449:10192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24214 comm="syz.3.10314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a36cde719 code=0x7ffc0000 [ 190.452960][ T29] audit: type=1326 audit(182.449:10193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24214 comm="syz.3.10314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a36cde719 code=0x7ffc0000 [ 190.510714][ T29] audit: type=1400 audit(182.598:10194): avc: denied { checkpoint_restore } for pid=24230 comm="syz.1.10322" capability=40 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 190.555954][T24242] tc_dump_action: action bad kind [ 190.667123][T24263] loop3: detected capacity change from 0 to 512 [ 190.683180][T24263] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 190.703983][T24263] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 190.713211][T24263] System zones: 0-2, 18-18, 34-34 [ 190.720974][T24263] EXT4-fs error (device loop3): ext4_orphan_get:1414: comm syz.3.10338: bad orphan inode 15 [ 190.741548][T24263] ext4_test_bit(bit=14, block=18) = 1 [ 190.747013][T24263] is_bad_inode(inode)=0 [ 190.751308][T24263] NEXT_ORPHAN(inode)=2264924160 [ 190.756211][T24263] max_ino=32 [ 190.759424][T24263] i_nlink=0 [ 190.768362][T24263] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 190.787482][T24277] tc_dump_action: action bad kind [ 190.824116][T24263] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.10338: bg 0: block 80: padding at end of block bitmap is not set [ 190.855542][T24263] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 190.869306][T24289] loop0: detected capacity change from 0 to 512 [ 190.881825][T24263] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.913238][ T4005] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.935742][T24289] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.975117][T24306] dummy0: left promiscuous mode [ 190.980114][T24306] dummy0: left allmulticast mode [ 190.995952][T24306] caif0: left promiscuous mode [ 191.000940][T24306] caif0: left allmulticast mode [ 191.086263][ T4003] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.216465][T24347] tmpfs: Bad value for 'mpol' [ 191.702831][T24415] program syz.3.10410 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 191.934819][T24383] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 33597 - 0 [ 191.943937][T24383] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 33597 - 0 [ 191.953101][T24383] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 33597 - 0 [ 191.962199][T24383] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 33597 - 0 [ 191.973459][T24383] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 37407 - 0 [ 191.982581][T24383] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 37407 - 0 [ 191.991677][T24383] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 37407 - 0 [ 192.000727][T24383] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 37407 - 0 [ 192.009879][T24383] geneve2: left promiscuous mode [ 192.014884][T24383] geneve2: left allmulticast mode [ 192.036714][T24383] bond2: left allmulticast mode [ 192.135828][T24453] netlink: 'syz.2.10430': attribute type 7 has an invalid length. [ 192.229532][T24467] xt_ecn: cannot match TCP bits for non-tcp packets [ 192.255314][T24469] loop2: detected capacity change from 0 to 1764 [ 192.272449][T24474] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10435'. [ 192.281608][T24474] netlink: 80 bytes leftover after parsing attributes in process `syz.1.10435'. [ 192.290783][T24474] netlink: 592 bytes leftover after parsing attributes in process `syz.1.10435'. [ 192.299986][T24474] netlink: 80 bytes leftover after parsing attributes in process `syz.1.10435'. [ 192.380704][T24487] netlink: 'syz.1.10443': attribute type 21 has an invalid length. [ 192.388718][T24487] netlink: 128 bytes leftover after parsing attributes in process `syz.1.10443'. [ 192.426446][T24487] netlink: 'syz.1.10443': attribute type 4 has an invalid length. [ 192.618761][T24524] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10462'. [ 192.634793][T24533] SET target dimension over the limit! [ 192.636191][T24531] netlink: 'syz.4.10466': attribute type 21 has an invalid length. [ 192.684847][T24531] netlink: 156 bytes leftover after parsing attributes in process `syz.4.10466'. [ 193.233268][T24574] caif0: left allmulticast mode [ 193.476367][T24574] team_slave_0: left allmulticast mode [ 193.501262][T24574] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 193.517555][T24574] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 193.679573][T24574] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.688646][T24574] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.697680][T24574] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.706767][T24574] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.730700][T24574] ip6gre1: left allmulticast mode [ 193.759767][T24574] netdevsim netdevsim3 netdevsim0: unset [1, 2] type 2 family 0 port 39583 - 0 [ 193.768849][T24574] netdevsim netdevsim3 netdevsim1: unset [1, 2] type 2 family 0 port 39583 - 0 [ 193.777930][T24574] netdevsim netdevsim3 netdevsim2: unset [1, 2] type 2 family 0 port 39583 - 0 [ 193.787006][T24574] netdevsim netdevsim3 netdevsim3: unset [1, 2] type 2 family 0 port 39583 - 0 [ 193.796496][T24574] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 39676 - 0 [ 193.805643][T24574] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 39676 - 0 [ 193.814703][T24574] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 39676 - 0 [ 193.823850][T24574] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 39676 - 0 [ 193.849089][T24574] geneve2: left allmulticast mode [ 193.916601][T24614] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10503'. [ 193.925629][T24614] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10503'. [ 194.005178][T24627] ebt_among: dst integrity fail: 101 [ 194.068253][T24640] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10514'. [ 194.176367][T24660] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 194.256678][T24678] IPVS: Error connecting to the multicast addr [ 194.299669][T24684] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 194.299669][T24684] The task syz.3.10532 (24684) triggered the difference, watch for misbehavior. [ 194.417093][T24705] xt_socket: unknown flags 0xc [ 194.602984][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 194.603002][ T29] audit: type=1326 audit(186.452:10216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24738 comm="syz.4.10564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9637e719 code=0x7ffc0000 [ 194.662992][ T29] audit: type=1326 audit(186.452:10217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24738 comm="syz.4.10564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9637e719 code=0x7ffc0000 [ 194.686152][ T29] audit: type=1326 audit(186.490:10218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24738 comm="syz.4.10564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7fce9637e719 code=0x7ffc0000 [ 194.709339][ T29] audit: type=1326 audit(186.490:10219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24738 comm="syz.4.10564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9637e719 code=0x7ffc0000 [ 194.732548][ T29] audit: type=1326 audit(186.490:10220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24738 comm="syz.4.10564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9637e719 code=0x7ffc0000 [ 194.781250][ T29] audit: type=1400 audit(186.611:10221): avc: denied { bind } for pid=24748 comm="syz.0.10569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 194.884058][T24764] @: renamed from vlan0 (while UP) [ 194.986217][ T29] audit: type=1400 audit(186.817:10222): avc: denied { validate_trans } for pid=24775 comm="syz.4.10581" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 195.070573][ T29] audit: type=1400 audit(186.892:10223): avc: denied { bind } for pid=24794 comm="syz.1.10590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 195.709265][T24903] tmpfs: Bad value for 'mpol' [ 195.812175][T24921] netlink: 'syz.1.10651': attribute type 1 has an invalid length. [ 195.907099][T24934] tmpfs: Bad value for 'mpol' [ 195.991816][T24951] netlink: 'syz.2.10667': attribute type 3 has an invalid length. [ 196.055794][T24962] xt_CT: No such helper "snmp_trap" [ 196.167946][ T29] audit: type=1326 audit(187.912:10224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24978 comm="syz.2.10680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93ff3e719 code=0x7ffc0000 [ 196.191215][ T29] audit: type=1326 audit(187.912:10225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24978 comm="syz.2.10680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93ff3e719 code=0x7ffc0000 [ 197.056945][T25130] netlink: 'syz.0.10754': attribute type 29 has an invalid length. [ 197.430631][T25209] xt_addrtype: ipv6 does not support BROADCAST matching [ 197.693464][T25260] __nla_validate_parse: 13 callbacks suppressed [ 197.693483][T25260] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10817'. [ 197.768361][T25273] xt_addrtype: ipv6 does not support BROADCAST matching [ 197.792088][T25278] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10836'. [ 197.958483][T25310] netlink: 'syz.4.10842': attribute type 7 has an invalid length. [ 197.972388][T25312] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10844'. [ 198.071901][T25331] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10853'. [ 198.092790][T25331] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10853'. [ 198.137938][T25342] netlink: 'syz.3.10857': attribute type 3 has an invalid length. [ 198.218940][T25357] netlink: 224 bytes leftover after parsing attributes in process `syz.3.10865'. [ 198.245215][T25361] netlink: 200 bytes leftover after parsing attributes in process `syz.4.10870'. [ 198.279003][T25366] netlink: 168 bytes leftover after parsing attributes in process `syz.2.10872'. [ 198.301453][T25366] netlink: 'syz.2.10872': attribute type 1 has an invalid length. [ 198.305221][T25372] netlink: 19 bytes leftover after parsing attributes in process `syz.1.10875'. [ 198.309437][T25366] netlink: 'syz.2.10872': attribute type 2 has an invalid length. [ 198.326465][T25366] netlink: 36 bytes leftover after parsing attributes in process `syz.2.10872'. [ 198.537833][T25399] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0 [ 198.678179][T25426] bridge3: entered promiscuous mode [ 198.683528][T25426] bridge3: entered allmulticast mode [ 198.867620][T25465] netlink: 'syz.0.10920': attribute type 1 has an invalid length. [ 198.875517][T25465] netlink: 'syz.0.10920': attribute type 2 has an invalid length. [ 198.971926][T25475] loop1: detected capacity change from 0 to 164 [ 199.112419][T25507] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0 [ 199.183667][T25520] x_tables: ip6_tables: SNPT target: used from hooks FORWARD, but only usable from INPUT/POSTROUTING [ 199.313229][T25544] (unnamed net_device) (uninitialized): peer notification delay (8) is not a multiple of miimon (100), value rounded to 0 ms [ 199.496821][T25583] mmap: syz.0.10978 (25583): VmData 29077504 exceed data ulimit 2. Update limits or use boot option ignore_rlimit_data. [ 199.595323][T25604] loop4: detected capacity change from 0 to 128 [ 199.601929][T25604] EXT4-fs: Ignoring removed mblk_io_submit option [ 199.663773][T25604] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 199.700489][T25604] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #2: comm syz.4.10988: No space for directory leaf checksum. Please run e2fsck -D. [ 199.715963][T25604] EXT4-fs error (device loop4): __ext4_find_entry:1652: inode #2: comm syz.4.10988: checksumming directory block 0 [ 199.776861][ T4008] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 199.901530][T25658] netlink: 'syz.1.11014': attribute type 5 has an invalid length. [ 199.943672][T25667] loop1: detected capacity change from 0 to 1024 [ 199.999318][T25680] loop3: detected capacity change from 0 to 128 [ 200.006074][T25680] EXT4-fs: Ignoring removed mblk_io_submit option [ 200.041244][T25667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 200.056184][T25680] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 200.068554][ T29] kauditd_printk_skb: 34 callbacks suppressed [ 200.068571][ T29] audit: type=1400 audit(191.569:10260): avc: denied { rename } for pid=25666 comm="syz.1.11021" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 200.068854][T25667] EXT4-fs error (device loop1): ext4_empty_dir:3128: inode #11: block 40: comm syz.1.11021: bad entry in directory: rec_len is smaller than minimal - offset=8192, inode=589824, rec_len=0, size=1024 fake=0 [ 200.074793][ T29] audit: type=1400 audit(191.569:10261): avc: denied { add_name } for pid=25666 comm="syz.1.11021" name="file1" dev="loop1" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 200.152776][T25680] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:406: inode #2: comm syz.3.11027: No space for directory leaf checksum. Please run e2fsck -D. [ 200.161430][T25698] loop0: detected capacity change from 0 to 512 [ 200.168261][T25680] EXT4-fs error (device loop3): __ext4_find_entry:1652: inode #2: comm syz.3.11027: checksumming directory block 0 [ 200.175242][T25698] EXT4-fs: Ignoring removed nobh option [ 200.212692][ T4016] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.238739][T25698] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 200.268717][ T4005] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 200.280318][ T29] audit: type=1400 audit(191.756:10262): avc: denied { unlink } for pid=25697 comm="syz.0.11034" name="file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 200.303199][T25698] EXT4-fs error (device loop0): ext4_generic_delete_entry:2680: inode #2: block 3: comm syz.0.11034: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0 [ 200.325125][T25698] EXT4-fs (loop0): Remounting filesystem read-only [ 200.349079][ T4003] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 200.444699][ T29] audit: type=1326 audit(191.915:10263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25733 comm="syz.1.11051" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc54e8de719 code=0x0 [ 200.489767][T25742] bridge3: entered promiscuous mode [ 200.495125][T25742] bridge3: entered allmulticast mode [ 200.572874][T25759] loop4: detected capacity change from 0 to 512 [ 200.638753][T25759] Quota error (device loop4): v2_read_file_info: Block with free entry 5 out of range (1, 0). [ 200.649183][T25759] EXT4-fs warning (device loop4): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 200.687927][T25759] EXT4-fs (loop4): mount failed [ 200.742195][ T3016] ================================================================== [ 200.750350][ T3016] BUG: KCSAN: data-race in dont_mount / step_into [ 200.753279][T25789] loop1: detected capacity change from 0 to 512 [ 200.756794][ T3016] [ 200.756802][ T3016] read-write to 0xffff888132c97840 of 4 bytes by task 3307 on cpu 0: [ 200.773455][ T3016] dont_mount+0x2a/0x40 [ 200.777655][ T3016] vfs_unlink+0x298/0x430 [ 200.782029][ T3016] do_unlinkat+0x236/0x4c0 [ 200.786477][ T3016] __x64_sys_unlink+0x2e/0x40 [ 200.791192][ T3016] x64_sys_call+0x280f/0x2d60 [ 200.795899][ T3016] do_syscall_64+0xc9/0x1c0 [ 200.800435][ T3016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.806372][ T3016] [ 200.808703][ T3016] read to 0xffff888132c97840 of 4 bytes by task 3016 on cpu 1: [ 200.816252][ T3016] step_into+0x12f/0x810 [ 200.820510][ T3016] walk_component+0x169/0x230 [ 200.825203][ T3016] path_lookupat+0x10a/0x2b0 [ 200.829807][ T3016] filename_lookup+0x127/0x300 [ 200.834580][ T3016] do_readlinkat+0x89/0x210 [ 200.839094][ T3016] __x64_sys_readlink+0x47/0x60 [ 200.843955][ T3016] x64_sys_call+0x13c3/0x2d60 [ 200.848644][ T3016] do_syscall_64+0xc9/0x1c0 [ 200.853185][ T3016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.859098][ T3016] [ 200.861419][ T3016] value changed: 0x00600008 -> 0x00008008 [ 200.867136][ T3016] [ 200.869455][ T3016] Reported by Kernel Concurrency Sanitizer on: [ 200.875605][ T3016] CPU: 1 UID: 0 PID: 3016 Comm: udevd Tainted: G W 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0 [ 200.887334][ T3016] Tainted: [W]=WARN [ 200.891138][ T3016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 200.901193][ T3016] ================================================================== [ 200.932390][T25789] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 200.963185][ T4016] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.