last executing test programs: 3m40.7504973s ago: executing program 32 (id=316): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000002040)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1190e95fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a02413bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a202304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a99281000000059f425ec2f8580fe3c6f605f9a00e90ba71cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e0852c8e7536bd1f018fa6be1e4de61fdccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4065903124bff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a8640724a5f4e12ad99012a2e01ce79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5"], 0x0, 0x5}, 0x94) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000024c0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000070000030900010073797a30000000004c000000090a01040000000000000000070000000900020073797a31000000000900010073797a3000000000080005400000001c08000a4000000000080003400000004008000f4000000006201200000c0a01030000000000000000070000070900020073797a31000000000900010073797a3000000000f4110380f01100800800034000000002"], 0x12b4}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4) 3m37.317357233s ago: executing program 33 (id=399): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6) ioctl$TUNGETVNETLE(r0, 0x40047440, &(0x7f0000001200)) 3m29.600913236s ago: executing program 2 (id=559): r0 = syz_clone(0x2008400, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x188, 0x0) syz_open_procfs(r0, &(0x7f0000000100)='fdinfo\x00') 3m29.534459779s ago: executing program 2 (id=561): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x237a, 0x4) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4) sendmmsg$inet6(r0, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c, 0x0}}], 0x1, 0x800) recvmmsg(r0, &(0x7f0000003e80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=""/95, 0x5f}, 0x3}], 0x1, 0x12141, 0x0) 3m29.497162192s ago: executing program 2 (id=562): r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$UHID_INPUT(r1, &(0x7f0000001980)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa10100000009b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad7c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af801034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0xd35}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x483, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'rr\x00', 0x3a, 0x4, 0x15}, 0x2c) 3m29.461160393s ago: executing program 2 (id=564): r0 = socket$inet6(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000003c0)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001400090527bd7000fddbdf25021000cb", @ANYRES32=r2, @ANYBLOB="080004000a010102080001006401010108000200ac14143a080003"], 0x48}, 0x1, 0x0, 0x0, 0x4040014}, 0x24044841) sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) 3m29.329176081s ago: executing program 2 (id=571): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000540)='./bus\x00', 0x8800, &(0x7f0000000280)={[{@errors_remount}, {@usrquota}, {@minixdf}, {@nombcache}]}, 0x1, 0x51a, &(0x7f0000000f00)="$eJzs3c9vI1cdAPCvnThxfnSTlh4AQbu0hQWt1km8bVT1AOWIUCVEjyBtQ+KNothxFDulCXtIz1yRqMSJHvkDOPfEgRsXBDcuywGJHxFog8TBaMaTrDdrb6xNYqfx5yON5r2ZWX+/L868t36O/QIYWTcj4iAiJiLig4iYy47nsi3ebW/JdY8OH6weHT5YzUWr9f4/c+n55Fh0/JvETPaYxYj44acRP8k9Hbext7+5Uq1WdrL6QrO2vdDY27+zUVtZr6xXtsrl5aXlxbfvvlW+sLa+WpvISl99+IeDb/0sSWs2O9LZjovUbnrhJE5iPCK+fxnBhmAsa8/EsBPhueQj4qWIeC29/+diLH02AYDrrNWai9ZcZx0AuO7y6RxYLl/K5gJmI58vldpzeC/HdL5abzRv36/vbq2158rmo5C/v1GtLGZzhfNRyCX1pbT8uF4+Vb8bES9GxC8mp9J6abVeXRvmf3wAYITNnBr//zPZHv8BgGuuOOwEAICB6zH+Hww6DwBgcLz+B4DRY/wHgNFTTL/DYWrYaQAAA+T1PwCMHuM/AIyUH7z3XrK1jrLvv177cG93s/7hnbVKY7NU210trdZ3tkvr9fp6+p09tbMer1qvby+9GbsfzX97u9FcaOzt36vVd7ea99Lv9b5XKaRX+WQBAAzTi69+9udcMiK/M5Vu0bGWQ2GomQGXLT/sBIChGetRBq4/q33B6DrHa3zTA3BNdFmi9wnF6PIBoVar1bq8lIBLdutL5v9hVHXM//srYBgx5vxhdJn/h9HVauX6XfM/+r0QALjazPEDPd7/fynb/yZ7c+DHa6ev+OQyswIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICr7Xj931K2Fvhs5POlUsQLETEfhdz9jWplMSJuRMSfJguTSX1pyDkDAOeV/1suW//r1twbs0+cemXmpDgRET/91fu//Gil2dz5Y8RE7l+Tx8ebn2THy4PPHgA42/E4ne47Xsg/OnywerwNMp+/fzciiu34R4cTcXQSfzzG030xChEx/e9cVm/LdcxdnMfBxxHxxW7tz8VsOgfSXvn0dPwk9gsDjZ9/In4+PdfeJz+LL1xALjBqPkv6n3e73X/5uJnuu9//xbSHOr+s/0seavUo7QMfxz/u/8Z69H83+43x5u++1y5NPX3u44gvj0ccxz7q6H+O4+d6xH+jz/h/+corr/U61/p1xK3oHr8z1kKztr3Q2Nu/s1FbWa+sV7bK5eWl5cW3775VXkjnqBd6jwb/eOf2jV7nkvZP94hfPKP9X++z/Z/+74Mffe0Z8b/5erf4+Xj5GfGTMfEbfcZfmf5tsde5JP5aj/af9fzf7jP+w7/uP7VsOAAwPI29/c2VarWy86zCjaOIs675XBaiv4t/n/2wrkTOI11InoUrkEbXwnc6jszEJcaa6HEz/vz19q/pZETnL3ar9VyxevUYFzHrBlwFJzd9RPx32MkAAAAAAAAAAAAAAABdDeLTUcNuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANfX/wMAAP//jMfJaQ==") openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) 3m29.18335873s ago: executing program 2 (id=577): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)='a', 0x1}], 0x1, 0x0, 0x0, 0x44}], 0x1, 0x0) setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x98, 0x20, 0x8d, 0xd, 0x0, 0x2, 0x0, 0x7, 0x4, 0x0, 0x0, 0x2, 0x4}, 0xe) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="300000000000000084000000010000000000000004"], 0x30}], 0x1, 0x0) recvfrom$l2tp6(r0, 0x0, 0x0, 0x40010141, 0x0, 0x0) 3m28.605476084s ago: executing program 34 (id=597): syz_mount_image$msdos(&(0x7f0000000080), &(0x7f0000000a80)='./file0\x00', 0x200000, &(0x7f00000025c0)=ANY=[], 0x3, 0x15d, &(0x7f0000000f00)="$eJzs27+KE1EUB+AzJmrUJrVYDNhYBbWyVCSCOKAoKbRSiDaJBEwzWgWfxNaHEyRVCuGKzpLshoRl/8zO7ub7mhz4ccM9xZ3LGZj3dz6PhpPpp8mreXSyLNqPI49FFt24Eq2ozAIAuEwWKcXvlFK6PosbPyKl1PSOAIC6uf8BYPccev8/amhjAEBtzP8AsHvevH334klR9F/neSfi16wclIPqt8qfPS/69/P/uqtV87IctJb5gyrPD+ZX4+Ze/nBjfi3u3a3yf9nTl8VafiuG9bcPAAAAO6GXL22c73u9bXlV7Xs/sDa/t+N2+8zaAACOYPr12+jDePzxi0JxQYs/KaVjLP/+szoC56SL0y2yiDjZ/zT9ZALqtjr0Te8EAAAAAAAAAAAAAADYpt6vkVpNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb/Q0AAP//LjxONw==") syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file1\x00', 0x4, &(0x7f0000001240)={[{@dots}, {@fat=@nocase}, {@dots}, {}, {@dots}, {@nodots}, {@fat=@discard}, {@fat=@nfs_stale_rw}]}, 0x1, 0x22d, &(0x7f0000000300)="$eJzs3b2KE1EYBuDP3exu2MatxWLAxiqodzDICuKAEJlCKwdWm10RZpvRKpfhNXhJXsZW6UbMhPwZbTQes/M8EOaFl8B3mpwU5yRv73+4vPh4/b799iWGwywGEZOYRpzFQRxG5878eTDLx7FqEgDAvhmPqzz1DOxWXefVUUSc/NSUX5MMBAAAAAAAAAAAwB9z/h8A+sf5/9uvrvPqdP79bZ3z/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA607a92/7mlXo+AODvs/8DQP/Y/wGgf+z/ANA/r16/eZEXxfk4y4YRN5OmbMru2fXPnhfnj7KZs+W7bpqmPFz0j7s+W++P4nTeP9naH8fDB13/o3v6stjoT+Ji98sHAAAAAAAAAAAAAAAAAACA/8IoW9h6v380+lXfpZXfB9i4vz+Ie4N/tgwAAAAAAAAAAAAAAAAAAADYa9efPl9WV1fvakEQhEVI/ckEAAAAAAAAAAAAAAAAAAD9s7z0m3oSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEhn+f//uwup1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0w/cAAAD//wu+k9A=") bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000012c0)=ANY=[], &(0x7f0000000100)=""/4117, 0x1a, 0x1015, 0x1}, 0x28) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0) 3m14.064380597s ago: executing program 35 (id=577): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)='a', 0x1}], 0x1, 0x0, 0x0, 0x44}], 0x1, 0x0) setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x98, 0x20, 0x8d, 0xd, 0x0, 0x2, 0x0, 0x7, 0x4, 0x0, 0x0, 0x2, 0x4}, 0xe) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="300000000000000084000000010000000000000004"], 0x30}], 0x1, 0x0) recvfrom$l2tp6(r0, 0x0, 0x0, 0x40010141, 0x0, 0x0) 2m56.522453087s ago: executing program 6 (id=1361): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x6, 0x4, 0x2003, 0x2}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000480)={r1}, 0xc) 2m56.459183781s ago: executing program 6 (id=1364): bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@ifindex, 0xd, 0x1, 0x9, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0}, 0x40) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="03000000040000000400000009"], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x3, 0x4, 0x4, 0x98, 0x0, 0x1}, 0x48) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x7, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000218100000", @ANYRES32=r0, @ANYBLOB="000000000000000018100000", @ANYRES32=r1, @ANYBLOB="000000000000000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r2, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) 2m56.422253143s ago: executing program 6 (id=1366): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x1000000009, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x8, 0x3fff8000}, 0xa00, 0x81, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0xa) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) rt_sigpending(0x0, 0x0) 2m56.091299353s ago: executing program 6 (id=1372): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2b59090, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) umount2(&(0x7f0000000000)='./file0/file0\x00', 0x4) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) 2m56.090717823s ago: executing program 6 (id=1373): ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000050000000000000001000004080000000000000003000000100000000000000000000002000000000300000000000004040000000000002e"], 0x0, 0x4d}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x0, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x1}, 0x48) 2m55.829939538s ago: executing program 6 (id=1378): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000500)={0x11, 0x5, r1, 0x1, 0x3, 0x6, @broadcast}, 0x14) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x8, 0x8458, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_config_ext={0x1000, 0x9}, 0x0, 0x10000, 0x0, 0x1, 0x408, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$packet(r0, &(0x7f0000000300)={0x11, 0x1a, 0x0, 0x1, 0x8, 0x6, @remote}, 0x14) 2m55.829771738s ago: executing program 36 (id=1378): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000500)={0x11, 0x5, r1, 0x1, 0x3, 0x6, @broadcast}, 0x14) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x8, 0x8458, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_config_ext={0x1000, 0x9}, 0x0, 0x10000, 0x0, 0x1, 0x408, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$packet(r0, &(0x7f0000000300)={0x11, 0x1a, 0x0, 0x1, 0x8, 0x6, @remote}, 0x14) 2m51.251664377s ago: executing program 7 (id=1455): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="38000000070a050000000000000000000a0040010900010073797a31000000000900024073797a32000000000c000340"], 0x38}, 0x1, 0x0, 0x0, 0x20040850}, 0x4004014) 2m51.210494549s ago: executing program 7 (id=1458): r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x0, &(0x7f0000000200), 0x1, 0x4bf, &(0x7f0000002f40)="$eJzs3c1rXOUaAPDnTD7apLm3H/dyaXvBFirUD5rJB9JE3bhSFwWx4EahxmQaayaZkJnUJnSR6q4LF6IoiAv3/gVu7MoiiHv34kIqWiOoIIzMmcl3Jg42zdic3w9Oc95zzszzvh2el/e8c86cADLrdO2fJKIvIr6OiMP14sYDTtf/LN+9Pl5bkqhWL/6YpMfVyiuHrrzuUEQsRcTBiHjx2YjXkq1xywuLU2PFYmGuUc5Xpmfz5YXFc1emxyYLk4WZwZHzo6MjA8NDo7vW1pvvvHHzwmfPd3/669t3br/7xee1avU19q1vx26qN70rjq7b1hkRT9+PYG3Q0WhPT7srwt9S+/z+ExFn0vw/HB3ppwlkQbVarf5RPdBs91IV2Ldy6Rg4yfVHRH09l+vvr4/h/xu9uWKpXHn8cml+ZqI+Vj4SXbnLV4qFgca5wpHoSmrlwXR9rTy0qTwckY6B3+voScv946XixN52dcAmhzbl/y8d9fwHMsIpP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJL1y4UFuqK/e/T1xdmJ8qXT03UShP9U/Pj/ePl+Zm+ydLpcn0np3pv3q/Yqk0O/hEzF/LVwrlSr68sHhpujQ/U7mU3td/qdC1J60CWnH01K1vkohYerInXWq6G/vkKuxv1WoS7b4HGWiPjnZ3QEDbmPqD7HKOD2z+id7N44KDzV44uzZfCDxYcu2uANA2Z0/4/g+yyvw/ZNe9zf8v7Vo9gL1njA9s84i+DXaa/wceTOb/Ibv6mjz/61/rnt01EBH/Xh0B1J/1BewHue+Txvj/7OGH+zbv7U5+S78i6I6INz+6+MG1sUplbrC2/afV7ZUPG9uH1r2w6QkD0C4rebqSxwBAdi3fvT6+suxl3B+eqV+EsDV+Z2Nu8mD6HWXvcrLhWoVkl+5dXLoREce3i580nndeP5HpXe7YEv9Y429Sf4u0vp3pc9P3Jv6JdfEfWhf/5D3/r0A23Kr1PwPb5V8uzelYzb+N/U/fLl070bz/y632fx1N+r9TLcZ4/eO3vmsa/0bEybX4nesjdDbiJ9vEr9XtbIvx77zy0v+a7at+Un+f7fq/tZpE5CvTs/nywuK59HfkJgszgyPnR0dHBoaHRvPpHHV+ZaZ6q6eOf3V7p/b3Nom/U/tr2x5tsf2////Ll0/vEP+RM9t//sd2iN8TEY+1GP/noW9fbbavFn+iSftzO8SvbRtuMX75/ecOtHgoALAHyguLU2PFYmHOihUrbVm58c+oxqaVdvdMwP1WXjiQXtM3V253TQAAAAAAAAAAAIBW7cXlxO1uIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAfvBnAAAA//94ENCA") openat(r0, 0x0, 0x400040, 0x10c) r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) io_setup(0x7d, &(0x7f0000000600)=0x0) io_submit(r2, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000)="96", 0x1, 0x0, 0x0, 0x0, r1}]) 2m51.034938939s ago: executing program 7 (id=1460): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) syz_clone3(&(0x7f0000000080)={0x901400, &(0x7f0000000040), 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) wait4(0x0, 0x0, 0x40000000, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 2m50.827609401s ago: executing program 7 (id=1463): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x1008490, &(0x7f0000000a40)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000a80)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='tmpfs\x00', 0x16, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0) capset(&(0x7f0000000340)={0x20080522}, &(0x7f0000000300)={0x0, 0x0, 0x5f22}) listxattr(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 2m50.765906035s ago: executing program 7 (id=1466): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) r0 = syz_io_uring_setup(0x38, &(0x7f0000000140)={0x0, 0x1d30, 0x13500}, &(0x7f0000000240), &(0x7f0000000480)) socket$inet6_tcp(0xa, 0x1, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x21, &(0x7f0000000440), 0x1) 2m50.3438741s ago: executing program 7 (id=1479): r0 = io_uring_setup(0xfc6, &(0x7f00000002c0)={0x0, 0x6c02, 0x0, 0x0, 0x20000004}) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmmsg$inet(r1, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0xf5) listen(0xffffffffffffffff, 0xfffffffc) close_range(r0, 0xffffffffffffffff, 0x0) 2m50.203356338s ago: executing program 37 (id=1479): r0 = io_uring_setup(0xfc6, &(0x7f00000002c0)={0x0, 0x6c02, 0x0, 0x0, 0x20000004}) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmmsg$inet(r1, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0xf5) listen(0xffffffffffffffff, 0xfffffffc) close_range(r0, 0xffffffffffffffff, 0x0) 2m27.658769382s ago: executing program 5 (id=1949): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x4}, 0x144, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7000000ff020100bfa30000000000000703000018feffff720aa9fff8ffffff71a4a9ff0000000072030200000000131d400500000000004704000001ed00006b030000000000001d440000000000007a0a00fe00ffffffc303000051000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7109000000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a1074649c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c0dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6acdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e50002a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de5c028d6112a0c2d21b2dc98814106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c53218294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb118888876b617398d00a7526103ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fed000000007baa5b6a686b50f0937f778af083e08b7ab6cd9c65ba55f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddc42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293d364b9effa9a9406ac2683e231d4774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479517dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a79e59e1712c8c546768e5722da19fcdb4c2890cda1f96b952511e3a49d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767987d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca485683252b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c32040098e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a0032f37ff559be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1be62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee07751532d5e7d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070f66b2b388f0f744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e2fa3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef907000000f01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e015cb56119df72c7533a48d028a3a981463f25c068d4410dad0c74e2a9478fa3be18a1a27bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb581012fd7a8139166fd5e59c84f4ab07001b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe293308b2a146f12a4c205235924cee765d94b1cc06641247c773ab8d1abbeb03ea68"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff11, 0x0, 0xffffffffffffffff, 0xfffffffffffffea5}, 0x48) 2m27.531005649s ago: executing program 5 (id=1951): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @empty, 0xffffffff}, 0x1c) r1 = socket$inet6(0xa, 0x80002, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xffffffff}, 0x1c) 2m27.530627409s ago: executing program 5 (id=1952): r0 = socket$inet_udp(0x2, 0x2, 0x0) close(0x3) r1 = socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x32, &(0x7f0000000f00)=0x1000000, 0x4) 2m27.494485821s ago: executing program 5 (id=1953): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f00000002c0)=@file={0x1, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000002c0)=0x20) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 2m27.464065463s ago: executing program 5 (id=1955): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='map_files\x00') readlinkat(r0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000540)=""/76, 0x4c) 2m27.193753119s ago: executing program 5 (id=1962): r0 = socket(0x10, 0x80002, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000f80)={'syz_tun\x00', 0x0}) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000480)={0x20, r3, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x20}}, 0x0) 2m27.187770769s ago: executing program 38 (id=1962): r0 = socket(0x10, 0x80002, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000f80)={'syz_tun\x00', 0x0}) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000480)={0x20, r3, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x20}}, 0x0) 53.012905338s ago: executing program 4 (id=4634): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, &(0x7f0000000080)={0x5, 0x0, 0x6}) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x7, @loopback, 0x8}, 0x1c) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0x20, &(0x7f0000000000)={@in={{0x2, 0x4e24, @rand_addr=0x64010100}}, 0x0, 0x0, 0x3a, 0x0, "a30b3b28af4d2f246a016542daa845f387713f4048ff2ece1e75f1fc0100f41e4de6256109383664417165bba0dd5ace522fa788000000000033035551502f07b4001a00"}, 0xd8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e62, 0x1ff, @loopback, 0x23}, 0x1c) 52.082962492s ago: executing program 4 (id=4660): r0 = gettid() timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000000)) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0) lchown(0x0, 0x0, 0x0) 51.989138478s ago: executing program 4 (id=4662): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f00000001c0)={0x1d, r1}, 0x10) readv(r0, &(0x7f0000000fc0)=[{&(0x7f0000003880)=""/4102, 0x1006}], 0x1) setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4) sendmsg$can_raw(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x7, 0x1, 0x0, 0x0, "0000000000000003"}, 0x10}, 0x1, 0x0, 0x0, 0x4}, 0x20004000) 51.925265871s ago: executing program 4 (id=4666): mkdir(&(0x7f0000001a80)='./file0\x00', 0x1b8) mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0) mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x20000, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='..\x00') mount$bpf(0x200000000000, &(0x7f0000000440)='./file0\x00', 0x0, 0x98d046, 0x0) mount$bpf(0x200000000000, &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10454ca, 0x0) 51.833841737s ago: executing program 4 (id=4669): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$xdp(0x2c, 0x3, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000140)=0x4000, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', 0x0}) bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x1, r3, 0x1e, r0}, 0x10) 51.828576747s ago: executing program 4 (id=4670): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88ce359bdb00143c, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x4) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000300)=0xf) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x4) 51.767670161s ago: executing program 39 (id=4670): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88ce359bdb00143c, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x4) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000300)=0xf) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x4) 2.37438184s ago: executing program 8 (id=5903): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x800004, @mcast2={0xff, 0x3}}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000340)=ANY=[], 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0xe, 0xc, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10) sendto$inet6(r0, &(0x7f0000000000)="826bb66f", 0x1c, 0x0, 0x0, 0x0) 2.239993208s ago: executing program 8 (id=5909): sendmsg$NL80211_CMD_STOP_NAN(0xffffffffffffffff, 0x0, 0x10890) syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x11000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$FS_IOC_RESVSP(r0, 0x4030582b, &(0x7f00000001c0)={0x1100, 0x1, 0x3, 0x401, 0x2000000}) 1.758771576s ago: executing program 8 (id=5922): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000010029bd7000ffdbdf2500000000", @ANYRES32=r2, @ANYBLOB="100804002010000024001280110001006272696467655f736c618c65000000000c000580050019"], 0x44}, 0x1, 0x0, 0x0, 0x404c1}, 0x40040d4) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x24044040) 1.666272901s ago: executing program 0 (id=5925): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000280)={0x0, 0x4}, 0x8) sendto(r0, &(0x7f0000000400)="b4", 0x1, 0xc0d1, &(0x7f00000002c0)=@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x80) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000000)=@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='J', 0x1}], 0x1, 0x0, 0x0, 0x2804c044}, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000200)={0x0, 0x1, 0x2}, 0x8) 1.638598953s ago: executing program 9 (id=5927): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e6400"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000000c0)=@setlink={0x2c, 0x13, 0x5, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, 0x312}, [@IFLA_ADDRESS={0xa, 0x1, @broadcast}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x42) 1.52070706s ago: executing program 9 (id=5928): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe}) rmdir(&(0x7f0000000000)='./file0\x00') close(0x3) 1.441027975s ago: executing program 9 (id=5929): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{}, 0x0, &(0x7f0000000100)='%-010d \x00'}, 0x20) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70) 1.399854167s ago: executing program 9 (id=5931): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc), 0x80, 0x0, 0x0, 0x0, 0x0) prctl$PR_MCE_KILL(0x4e, 0x1, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x5, 0x31, 0xffffffffffffffff, 0xffffe000) 1.277624044s ago: executing program 8 (id=5934): r0 = socket(0x28, 0x5, 0x0) r1 = syz_io_uring_setup(0x4f6, &(0x7f0000000380)={0x0, 0x80fd, 0x10, 0x4, 0x2cf}, &(0x7f0000000300)=0x0, &(0x7f00000002c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0xffffffff}, 0x0, 0x0, 0x1}) io_uring_enter(r1, 0x47bc, 0xf5, 0x0, 0x0, 0x0) connect$unix(r0, &(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e) 1.080859066s ago: executing program 1 (id=5936): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000000)='.\x00', 0x2000775) write$binfmt_elf64(r0, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0xfc, 0x0, 0x40, 0x7fff, 0x2, 0x3e, 0xfffbffed, 0x294, 0x40, 0x1dd, 0xf, 0x0, 0x38, 0x1, 0x0, 0x2}, [{0x3, 0x3, 0x4, 0xd, 0x1c8, 0xe6, 0x1004, 0x3}], "8896f90580418954b50ef0f8011177f10291cbe4d3216fbc64f1ba622fdc49f66389be39365bb59d9c290d8b0ee2fea7687f7d9bbf575a4ce10ff0a5ef4278f6591b0531b2a7c2b99998f516147a99cc57365ed46bccfb71c0d5d504e1d023a3f2158e1a94f98388c50814f0832afb8b9ae3"}, 0xea) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000) 1.01418422s ago: executing program 1 (id=5937): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e6400"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000680)=@newlink={0x58, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @gre={{0x8}, {0x24, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x8, 0x6, @remote}, @IFLA_GRE_REMOTE={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0xf}}, @IFLA_GRE_LOCAL={0x8, 0x6, @remote}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 921.592426ms ago: executing program 1 (id=5948): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) ioprio_set$pid(0x2, 0x0, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x100) io_setup(0x1ff, &(0x7f00000001c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x22, 0x1, 0x0, r0, 0x0, 0x0, 0xa00}]) 845.83742ms ago: executing program 1 (id=5940): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) write$cgroup_int(r0, &(0x7f0000000540), 0xfffffdd8) madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17) 797.200223ms ago: executing program 3 (id=5941): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) write$tun(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a0088e7aaaaaaaaaabbbdbd16e8362b88a81d008100010086dd"], 0x42) 768.007794ms ago: executing program 0 (id=5942): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x101, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000010401010000000000000000000004000500010001"], 0x1c}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000000104"], 0x20}, 0x1, 0x0, 0x0, 0x20048805}, 0x0) 723.099817ms ago: executing program 3 (id=5943): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x22, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newlink={0x58, 0x10, 0x403, 0x300, 0x10000, {0x0, 0x0, 0x0, 0x0, 0x630a4, 0x1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0xb, 0x1f}}, @IFLA_VLAN_ID={0x6, 0x1, 0xffc}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x58}}, 0x8000) 716.634617ms ago: executing program 0 (id=5944): socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r1, 0x321, 0x70bd27, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x20}}, 0x4000000) 660.968331ms ago: executing program 3 (id=5945): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00'}) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB='7'], 0x0}, 0x90) socketpair(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) syz_clone(0x8010e000, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000080)) 597.776744ms ago: executing program 0 (id=5946): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x2, 0xf4261, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_config_ext={0x4000000000000001, 0xf60e}, 0x9092, 0x0, 0x43a1bd76, 0x2, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x5, &(0x7f0000001d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) timer_gettime(0x0, 0x0) 541.575188ms ago: executing program 9 (id=5947): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x374, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x31}, 0x94) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d80000001b00010000000000fdfffffffc000000000000000000000000000000200100000000000000000000000000004e240000000000010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000ffffffffffffff7ffcffffffffffffff04000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000006fcffff00000000000003000000000000000000000000000c0008"], 0xd8}, 0x1, 0x0, 0x0, 0x40044}, 0x20008004) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'bond0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'gretap0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="400d0000000000003000128008000100687372002400028008000200", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r1], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) 467.411412ms ago: executing program 3 (id=5949): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000040)={{{@in6=@empty, @in6=@mcast2, 0xfffd, 0x1, 0x0, 0x0, 0xa}, {0x2, 0x6, 0x6, 0x0, 0x7, 0x4, 0x1, 0xfffffffffffffffc}, {0x4000000005c, 0x7, 0xfffffffffffffff9, 0xff}, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {{@in=@empty, 0x4d6, 0x32}, 0xa, @in6=@mcast2, 0xffffffde, 0x0, 0x67a01bcf906970c1, 0x81, 0x7}}, 0xe8) sendmmsg$inet6(r1, &(0x7f0000000300)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x52700000, @mcast2}, 0x1c, 0x0}}], 0x1, 0x8015) 417.444765ms ago: executing program 1 (id=5950): sendmsg$NL80211_CMD_STOP_NAN(0xffffffffffffffff, 0x0, 0x10890) syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x11000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$FS_IOC_RESVSP(r0, 0x4030582b, &(0x7f00000001c0)={0x1100, 0x1, 0x3, 0x401, 0x2000000}) 325.68157ms ago: executing program 8 (id=5951): r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x5, 0x84) sendto$inet(r1, &(0x7f0000000140)='&', 0x1, 0x80c4, &(0x7f0000000280)={0x2, 0x4e22, @loopback}, 0x10) close_range(r0, r1, 0x0) 325.498381ms ago: executing program 3 (id=5952): timer_create(0x0, 0x0, &(0x7f0000bbdffc)=0x0) write$selinux_attr(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x8031, 0xffffffffffffffff, 0xfffff000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) timer_delete(r0) 269.350314ms ago: executing program 9 (id=5953): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000280)={0x0, 0x4}, 0x8) sendto(r0, &(0x7f0000000400)="b4", 0x1, 0xc0d1, &(0x7f00000002c0)=@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x80) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000000)=@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='J', 0x1}], 0x1, 0x0, 0x0, 0x2804c044}, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000200)={0x0, 0x1, 0x2}, 0x8) 219.758817ms ago: executing program 0 (id=5954): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) ioctl$int_in(r0, 0x5452, &(0x7f0000000280)=0x3a0af83a) shutdown(r0, 0x1) listen(r0, 0x28) poll(&(0x7f0000000080)=[{r0, 0x101}, {r0, 0x100}], 0x2, 0x400) shutdown(r0, 0x0) 93.734794ms ago: executing program 0 (id=5955): r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x1954, 0x300, 0x4}, &(0x7f0000000300)=0x0, &(0x7f0000000580)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1}) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_clone(0x111, 0x0, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r0, 0x6e2, 0x3900, 0x3, 0x0, 0x0) 46.149416ms ago: executing program 8 (id=5956): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="c5"], 0x20) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) 17.781478ms ago: executing program 3 (id=5957): writev(0xffffffffffffffff, &(0x7f0000000780)=[{&(0x7f0000000000)="7f84c923f560c1cfb5856014c9b385fd", 0x10}], 0x1) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000000)=0x2, 0x4) perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x7a, 0x1, 0x0, 0x0, 0x0, 0x1, 0x108000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x13008, 0x0, 0x800101, 0x5, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) fcntl$lock(r0, 0x26, &(0x7f0000000000)={0xa3c0dda19233b004, 0x0, 0x9}) 0s ago: executing program 1 (id=5958): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r0 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0x0, 0x20002f7}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) io_uring_enter(r0, 0x2219, 0x7723, 0x36, 0x0, 0x0) kernel console output (not intermixed with test programs): comm="syz.9.3913" name="file0" dev="tmpfs" ino=3019 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 192.380419][ T29] audit: type=1400 audit(1770678979.435:2413): avc: denied { open } for pid=14486 comm="syz.9.3913" path="/582/file0" dev="tmpfs" ino=3019 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 192.403480][ T29] audit: type=1400 audit(1770678979.435:2414): avc: denied { ioctl } for pid=14486 comm="syz.9.3913" path="/582/file0" dev="tmpfs" ino=3019 ioctlcmd=0x70cf scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 192.428384][ T29] audit: type=1400 audit(1770678979.515:2415): avc: denied { unlink } for pid=7522 comm="syz-executor" name="file0" dev="tmpfs" ino=3019 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 192.435037][ T10] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 192.474627][T14488] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #18: comm syz.0.3907: corrupted inode contents [ 192.510641][T14488] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #18: comm syz.0.3907: mark_inode_dirty error [ 192.520271][T14495] sctp: [Deprecated]: syz.4.3916 (pid 14495) Use of int in max_burst socket option. [ 192.520271][T14495] Use struct sctp_assoc_value instead [ 192.537590][T14488] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #18: comm syz.0.3907: corrupted inode contents [ 192.566130][T14488] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3001: inode #18: comm syz.0.3907: mark_inode_dirty error [ 192.583525][T14488] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3004: inode #18: comm syz.0.3907: mark inode dirty (error -117) [ 192.585903][ T29] audit: type=1400 audit(1770678979.725:2416): avc: denied { create } for pid=14481 comm="syz.8.3911" name="file7" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 192.606025][T14488] EXT4-fs warning (device loop0): ext4_evict_inode:273: xattr delete (err -117) [ 192.639768][ T29] audit: type=1400 audit(1770678979.775:2417): avc: denied { remove_name } for pid=14481 comm="syz.8.3911" name="file7" dev="loop8" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 192.662644][ T29] audit: type=1400 audit(1770678979.775:2418): avc: denied { rename } for pid=14481 comm="syz.8.3911" name="file7" dev="loop8" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 192.686395][T14482] EXT4-fs error (device loop8): ext4_empty_dir:3094: inode #12: block 80: comm syz.8.3911: bad entry in directory: directory entry overrun - offset=12, inode=6, rec_len=4096, size=4096 fake=0 [ 192.709422][T14482] EXT4-fs warning (device loop8): ext4_empty_dir:3097: inode #12: comm syz.8.3911: directory missing '..' [ 192.760686][T14503] macvlan2: entered promiscuous mode [ 192.773300][T14503] macvlan3: entered promiscuous mode [ 192.857682][T14513] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3923'. [ 192.874655][T14515] loop1: detected capacity change from 0 to 256 [ 192.883507][ T2963] kernel write not supported for file [eventfd] (pid: 2963 comm: kworker/1:2) [ 192.990611][T14529] batadv_slave_1: entered promiscuous mode [ 192.998123][T14528] batadv_slave_1: left promiscuous mode [ 193.031317][T14536] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 54) [ 193.039409][T14536] FAT-fs (loop0): Filesystem has been set read-only [ 193.117170][ T9469] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 54) [ 193.140273][T14546] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 193.182938][T14546] EXT4-fs (loop1): 1 truncate cleaned up [ 193.214419][T14546] EXT4-fs error (device loop1): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.1.3940: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 193.271327][T14546] EXT4-fs (loop1): Remounting filesystem read-only [ 193.278019][T14546] EXT4-fs warning (device loop1): ext4_rename_delete:3729: inode #2: comm syz.1.3940: Deleting old file: nlink 4, error=-117 [ 193.343557][T14564] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3944'. [ 193.344922][T14572] EXT4-fs: Ignoring removed nomblk_io_submit option [ 193.367178][T14575] ext4 filesystem being mounted at /484/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 193.434943][T14575] EXT4-fs error (device loop4): dx_make_map:1296: inode #2: block 63: comm syz.4.3949: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 193.481490][T14587] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3954'. [ 193.496424][T14575] EXT4-fs error (device loop4) in do_split:2027: Corrupt filesystem [ 193.669917][T14600] SELinux: failed to load policy [ 193.689012][T14604] batadv1: entered promiscuous mode [ 193.945629][T14634] SELinux: failed to load policy [ 194.389006][ T1719] Bluetooth: hci0: Frame reassembly failed (-84) [ 194.577100][T14688] tap0: tun_chr_ioctl cmd 35111 [ 194.929320][T14701] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4005'. [ 195.045765][T14713] veth0_vlan: left promiscuous mode [ 195.095947][T14718] batadv_slave_1: entered promiscuous mode [ 195.102653][T14717] batadv_slave_1: left promiscuous mode [ 195.128244][T14720] netlink: 100 bytes leftover after parsing attributes in process `syz.8.4014'. [ 195.175530][T14724] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4016'. [ 195.430184][T14745] ext4 filesystem being mounted at /503/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 195.456796][T14745] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: block 3: comm syz.4.4035: lblock 3 mapped to illegal pblock 3 (length 3) [ 195.472225][T14745] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 195.484610][T14745] EXT4-fs (loop4): This should not happen!! Data will be lost [ 195.484610][T14745] [ 195.507115][T14745] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: comm syz.4.4035: lblock 0 mapped to illegal pblock 0 (length 3) [ 195.532764][T14745] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117 [ 195.545286][T14745] EXT4-fs (loop4): This should not happen!! Data will be lost [ 195.545286][T14745] [ 195.591512][ T4143] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:13: lblock 8 mapped to illegal pblock 8 (length 8) [ 195.607719][ T4143] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 195.620247][ T4143] EXT4-fs (loop4): This should not happen!! Data will be lost [ 195.620247][ T4143] [ 195.637874][ T7874] EXT4-fs unmount: 20 callbacks suppressed [ 195.637891][ T7874] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 195.921078][T14781] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4037'. [ 196.003465][T14789] set_capacity_and_notify: 5 callbacks suppressed [ 196.003484][T14789] loop0: detected capacity change from 0 to 128 [ 196.021360][T14789] FAT-fs (loop0): error, clusters badly computed (2 != 0) [ 196.028744][T14789] FAT-fs (loop0): Filesystem has been set read-only [ 196.066917][T14791] batadv_slave_1: entered promiscuous mode [ 196.096601][T14790] batadv_slave_1: left promiscuous mode [ 196.234624][T14818] loop8: detected capacity change from 0 to 1024 [ 196.291042][T14823] batadv1: entered promiscuous mode [ 196.300584][T14818] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 196.313019][T14818] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 196.329653][T14818] EXT4-fs error (device loop8): ext4_map_blocks:825: inode #15: block 3: comm syz.8.4052: lblock 3 mapped to illegal pblock 3 (length 3) [ 196.345054][T14818] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 196.357434][T14818] EXT4-fs (loop8): This should not happen!! Data will be lost [ 196.357434][T14818] [ 196.375842][T14818] EXT4-fs error (device loop8): ext4_map_blocks:825: inode #15: comm syz.8.4052: lblock 0 mapped to illegal pblock 0 (length 3) [ 196.389943][T14818] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117 [ 196.402326][T14818] EXT4-fs (loop8): This should not happen!! Data will be lost [ 196.402326][T14818] [ 196.424060][ T3815] Bluetooth: hci0: command 0x1003 tx timeout [ 196.424810][ T44] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 196.433404][ T4143] EXT4-fs error (device loop8): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:13: lblock 8 mapped to illegal pblock 8 (length 8) [ 196.450787][ T4143] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 196.463101][ T4143] EXT4-fs (loop8): This should not happen!! Data will be lost [ 196.463101][ T4143] [ 196.474421][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 196.626496][T14840] SELinux: failed to load policy [ 196.676614][T14844] loop0: detected capacity change from 0 to 1024 [ 196.688188][T14844] EXT4-fs (loop0): Couldn't mount because of unsupported optional features (40000) [ 196.824253][T14858] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4071'. [ 196.833771][ T29] kauditd_printk_skb: 26 callbacks suppressed [ 196.833789][ T29] audit: type=1326 audit(1770679239.962:2445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.8.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078d04af79 code=0x7ffc0000 [ 196.864439][ T29] audit: type=1326 audit(1770679239.982:2446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.8.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f078d04af79 code=0x7ffc0000 [ 196.888002][ T29] audit: type=1326 audit(1770679239.982:2447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.8.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078d04af79 code=0x7ffc0000 [ 196.911602][ T29] audit: type=1326 audit(1770679239.982:2448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14859 comm="syz.8.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078d04af79 code=0x7ffc0000 [ 197.010576][T14866] SELinux: failed to load policy [ 197.079441][T14879] netlink: 48 bytes leftover after parsing attributes in process `syz.8.4082'. [ 197.092591][T14877] loop4: detected capacity change from 0 to 1024 [ 197.110873][T14877] EXT4-fs (loop4): Couldn't mount because of unsupported optional features (40000) [ 197.207049][ T29] audit: type=1400 audit(1770679240.342:2449): avc: denied { create } for pid=14891 comm="syz.0.4088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 197.232637][ T29] audit: type=1400 audit(1770679240.362:2450): avc: denied { read } for pid=14891 comm="syz.0.4088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 197.390197][T14672] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 197.430131][T14918] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4100'. [ 197.472551][T14918] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4100'. [ 197.532905][ T29] audit: type=1400 audit(1770679240.662:2451): avc: denied { read } for pid=14926 comm="syz.4.4104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 197.610344][T14934] loop1: detected capacity change from 0 to 512 [ 197.637969][T14934] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 197.651813][T14936] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4108'. [ 197.684633][T14934] EXT4-fs (loop1): 1 truncate cleaned up [ 197.690692][T14934] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 197.772803][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.172371][T14964] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4120'. [ 198.181639][ T29] audit: type=1400 audit(1770679241.302:2452): avc: denied { nlmsg_read } for pid=14962 comm="syz.0.4120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 198.529119][T14982] loop4: detected capacity change from 0 to 32768 [ 198.574380][ T3302] loop4: p1 p2 p3 < p5 p6 > [ 198.579665][ T3302] loop4: p2 size 16775168 extends beyond EOD, truncated [ 198.588121][ T3302] loop4: p5 start 4294970168 is beyond EOD, truncated [ 198.599788][T14982] loop4: p1 p2 p3 < p5 p6 > [ 198.605286][T14982] loop4: p2 size 16775168 extends beyond EOD, truncated [ 198.613405][T14982] loop4: p5 start 4294970168 is beyond EOD, truncated [ 198.662985][T14989] loop4: detected capacity change from 0 to 128 [ 198.676916][ T29] audit: type=1400 audit(1770679241.812:2453): avc: denied { mounton } for pid=14988 comm="syz.4.4131" path="/523/file0/bus" dev="loop4" ino=179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1 [ 198.727172][ T3588] udevd[3588]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 198.739686][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 198.750832][T10053] udevd[10053]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 198.756751][ T4013] udevd[4013]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory [ 198.780471][ T3588] udevd[3588]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 198.792082][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 198.803912][T10053] udevd[10053]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 198.815134][ T4013] udevd[4013]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory [ 198.868315][T14999] GUP no longer grows the stack in syz.9.4136 (14999): 200000004000-20000000a000 (200000002000) [ 198.878831][T14999] CPU: 1 UID: 0 PID: 14999 Comm: syz.9.4136 Not tainted syzkaller #0 PREEMPT(voluntary) [ 198.878986][T14999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 198.879047][T14999] Call Trace: [ 198.879054][T14999] [ 198.879061][T14999] __dump_stack+0x1d/0x30 [ 198.879225][T14999] dump_stack_lvl+0x95/0xd0 [ 198.879245][T14999] dump_stack+0x15/0x1b [ 198.879264][T14999] __get_user_pages+0x195b/0x1ea0 [ 198.879302][T14999] ? __rcu_read_unlock+0x4e/0x70 [ 198.879398][T14999] get_user_pages_remote+0x1d5/0x6b0 [ 198.879419][T14999] __access_remote_vm+0x15c/0x580 [ 198.879441][T14999] access_remote_vm+0x32/0x40 [ 198.879464][T14999] proc_pid_cmdline_read+0x32b/0x6b0 [ 198.879516][T14999] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 198.879541][T14999] vfs_readv+0x432/0x6e0 [ 198.879574][T14999] __x64_sys_preadv+0xfd/0x1c0 [ 198.879627][T14999] x64_sys_call+0x2805/0x3000 [ 198.879688][T14999] do_syscall_64+0xc0/0x2a0 [ 198.879720][T14999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.879739][T14999] RIP: 0033:0x7fb96e1baf79 [ 198.879800][T14999] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 198.879817][T14999] RSP: 002b:00007fb96cc17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 198.879835][T14999] RAX: ffffffffffffffda RBX: 00007fb96e435fa0 RCX: 00007fb96e1baf79 [ 198.879868][T14999] RDX: 0000000000000001 RSI: 0000200000000680 RDI: 0000000000000003 [ 198.879908][T14999] RBP: 00007fb96e2516e0 R08: 00000000fffffff9 R09: 0000000000000000 [ 198.879921][T14999] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000000 [ 198.879933][T14999] R13: 00007fb96e436038 R14: 00007fb96e435fa0 R15: 00007fff55762888 [ 198.880052][T14999] [ 199.143495][ T29] audit: type=1400 audit(1770679242.272:2454): avc: denied { write } for pid=15003 comm="syz.0.4138" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 199.236571][T15009] syzkaller1: entered promiscuous mode [ 199.242094][T15009] syzkaller1: entered allmulticast mode [ 199.318103][T15018] loop0: detected capacity change from 0 to 512 [ 199.327254][T15018] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 199.347768][T15018] EXT4-fs (loop0): 1 truncate cleaned up [ 199.374836][T15018] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 199.606390][T15044] syzkaller1: entered promiscuous mode [ 199.611922][T15044] syzkaller1: entered allmulticast mode [ 199.674275][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.217771][ T3309] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 200.228811][ T3309] CPU: 1 UID: 0 PID: 3309 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) [ 200.228846][ T3309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 200.228863][ T3309] Call Trace: [ 200.228872][ T3309] [ 200.228929][ T3309] __dump_stack+0x1d/0x30 [ 200.228961][ T3309] dump_stack_lvl+0x95/0xd0 [ 200.228988][ T3309] dump_stack+0x15/0x1b [ 200.229015][ T3309] dump_header+0x80/0x240 [ 200.229039][ T3309] oom_kill_process+0x295/0x350 [ 200.229072][ T3309] out_of_memory+0x97d/0xb80 [ 200.229107][ T3309] try_charge_memcg+0x62e/0xa10 [ 200.229153][ T3309] mem_cgroup_swapin_charge_folio+0x103/0x1f0 [ 200.229243][ T3309] __read_swap_cache_async+0x17b/0x2d0 [ 200.229287][ T3309] swap_cluster_readahead+0x262/0x3c0 [ 200.229365][ T3309] swapin_readahead+0xde/0x840 [ 200.229466][ T3309] ? __perf_event_task_sched_in+0xa65/0xad0 [ 200.229501][ T3309] ? __rcu_read_unlock+0x4e/0x70 [ 200.229535][ T3309] ? swap_cache_get_folio+0x26f/0x280 [ 200.229605][ T3309] do_swap_page+0x59b/0x2a50 [ 200.229646][ T3309] ? finish_task_switch+0x79/0x280 [ 200.229739][ T3309] ? __schedule+0x81f/0xce0 [ 200.229761][ T3309] ? __rcu_read_lock+0x36/0x50 [ 200.229945][ T3309] ? __pfx_default_wake_function+0x10/0x10 [ 200.229983][ T3309] handle_mm_fault+0xb40/0x3030 [ 200.230086][ T3309] ? vma_start_read+0x1c7/0x2c0 [ 200.230141][ T3309] do_user_addr_fault+0x62f/0x1050 [ 200.230188][ T3309] exc_page_fault+0x62/0xa0 [ 200.230262][ T3309] asm_exc_page_fault+0x26/0x30 [ 200.230289][ T3309] RIP: 0033:0x7fa7a8df6197 [ 200.230368][ T3309] Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 200.230393][ T3309] RSP: 002b:00007ffca252c2d0 EFLAGS: 00010202 [ 200.230416][ T3309] RAX: 0000000000000000 RBX: 0000555587436500 RCX: 00007fa7a8df6197 [ 200.230431][ T3309] RDX: 00007ffca252c310 RSI: 0000000000000000 RDI: 0000000000000000 [ 200.230445][ T3309] RBP: 00007ffca252c37c R08: 0000000000000000 R09: 0000000000000000 [ 200.230517][ T3309] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388 [ 200.230534][ T3309] R13: 00000000000927c0 R14: 0000000000030d2e R15: 00007ffca252c3d0 [ 200.230560][ T3309] [ 200.230569][ T3309] memory: usage 307200kB, limit 307200kB, failcnt 3090 [ 200.372230][T15100] loop0: detected capacity change from 0 to 256 [ 200.372953][ T3309] memory+swap: usage 259168kB, limit 9007199254740988kB, failcnt 0 [ 200.372971][ T3309] kmem: usage 258252kB, limit 9007199254740988kB, failcnt 0 [ 200.372984][ T3309] Memory cgroup stats for /syz1: [ 200.554463][ T3309] cache 0 [ 200.562383][ T3309] rss 20480 [ 200.565558][ T3309] shmem 0 [ 200.568669][ T3309] mapped_file 0 [ 200.572147][ T3309] dirty 0 [ 200.575192][ T3309] writeback 0 [ 200.578492][ T3309] workingset_refault_anon 3221 [ 200.583350][ T3309] workingset_refault_file 984 [ 200.588135][ T3309] swap 868352 [ 200.591498][ T3309] swapcached 36864 [ 200.595355][ T3309] pgpgin 162617 [ 200.598824][ T3309] pgpgout 162602 [ 200.602385][ T3309] pgfault 215561 [ 200.605981][ T3309] pgmajfault 494 [ 200.609606][ T3309] inactive_anon 28672 [ 200.613604][ T3309] active_anon 20480 [ 200.617474][ T3309] inactive_file 12288 [ 200.621548][ T3309] active_file 0 [ 200.625037][ T3309] unevictable 0 [ 200.628528][ T3309] hierarchical_memory_limit 314572800 [ 200.634191][ T3309] hierarchical_memsw_limit 9223372036854771712 [ 200.640391][ T3309] total_cache 0 [ 200.643877][ T3309] total_rss 20480 [ 200.647624][ T3309] total_shmem 0 [ 200.651095][ T3309] total_mapped_file 0 [ 200.655250][ T3309] total_dirty 0 [ 200.658841][ T3309] total_writeback 0 [ 200.662665][ T3309] total_workingset_refault_anon 3221 [ 200.668069][ T3309] total_workingset_refault_file 984 [ 200.673342][ T3309] total_swap 868352 [ 200.677267][ T3309] total_swapcached 36864 [ 200.681530][ T3309] total_pgpgin 162617 [ 200.685549][ T3309] total_pgpgout 162602 [ 200.689641][ T3309] total_pgfault 215561 [ 200.693730][ T3309] total_pgmajfault 494 [ 200.697858][ T3309] total_inactive_anon 28672 [ 200.702372][ T3309] total_active_anon 20480 [ 200.706758][ T3309] total_inactive_file 12288 [ 200.711302][ T3309] total_active_file 0 [ 200.715347][ T3309] total_unevictable 0 [ 200.719381][ T3309] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.4184,pid=15085,uid=0 [ 200.734123][ T3309] Memory cgroup out of memory: Killed process 15085 (syz.1.4184) total-vm:94012kB, anon-rss:1344kB, file-rss:22156kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 200.759843][T15100] FAT-fs (loop0): IO charset iso8859-5 not found [ 201.015430][T15124] loop4: detected capacity change from 0 to 1764 [ 201.196484][T15146] loop8: detected capacity change from 0 to 256 [ 201.226300][T15146] FAT-fs (loop8): Directory bread(block 64) failed [ 201.232925][T15146] FAT-fs (loop8): Directory bread(block 65) failed [ 201.239899][T15146] FAT-fs (loop8): Directory bread(block 66) failed [ 201.246681][T15146] FAT-fs (loop8): Directory bread(block 67) failed [ 201.253370][T15146] FAT-fs (loop8): Directory bread(block 68) failed [ 201.260504][T15146] FAT-fs (loop8): Directory bread(block 69) failed [ 201.267262][T15146] FAT-fs (loop8): Directory bread(block 70) failed [ 201.316047][T15146] FAT-fs (loop8): Directory bread(block 71) failed [ 201.322660][T15146] FAT-fs (loop8): Directory bread(block 72) failed [ 201.333038][T15146] FAT-fs (loop8): Directory bread(block 73) failed [ 201.586918][T15181] loop0: detected capacity change from 0 to 512 [ 201.602840][T15181] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 201.627627][T15181] EXT4-fs (loop0): 1 truncate cleaned up [ 201.639150][T15181] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.670094][T15181] EXT4-fs error (device loop0): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.0.4218: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 201.692773][T15181] EXT4-fs (loop0): Remounting filesystem read-only [ 201.699416][T15181] EXT4-fs warning (device loop0): ext4_rename_delete:3729: inode #2: comm syz.0.4218: Deleting old file: nlink 5, error=-117 [ 201.726889][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.034417][ T10] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 202.045150][ T1035] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 202.084477][T15221] loop0: detected capacity change from 0 to 512 [ 202.106458][T15221] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 202.122715][T15221] ext4 filesystem being mounted at /481/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 202.152447][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.279392][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 202.279410][ T29] audit: type=1400 audit(1770679245.412:2482): avc: denied { read } for pid=2963 comm="kworker/1:2" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=46444 scontext=system_u:system_r:kernel_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 202.422013][T15244] loop0: detected capacity change from 0 to 1024 [ 202.429802][T15244] EXT4-fs: Ignoring removed bh option [ 202.453304][T15244] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 202.479631][T15244] raw_sendmsg: syz.0.4244 forgot to set AF_INET. Fix it! [ 202.499292][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.535593][T15255] __nla_validate_parse: 1 callbacks suppressed [ 202.535613][T15255] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4247'. [ 202.619865][T15263] bond1: entered promiscuous mode [ 202.808939][T15278] tipc: Started in network mode [ 202.813856][T15278] tipc: Node identity 7f000001, cluster identity 7 [ 202.830829][T15278] tipc: Enabled bearer , priority 10 [ 202.862274][ T29] audit: type=1400 audit(1770679245.992:2483): avc: denied { bind } for pid=15280 comm="syz.4.4259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 202.904759][ T29] audit: type=1400 audit(1770679245.992:2484): avc: denied { node_bind } for pid=15280 comm="syz.4.4259" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 202.924953][ T29] audit: type=1400 audit(1770679246.032:2485): avc: denied { name_bind } for pid=15280 comm="syz.4.4259" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 202.982882][T15285] loop0: detected capacity change from 0 to 256 [ 203.375870][T15308] loop0: detected capacity change from 0 to 164 [ 203.473671][ T29] audit: type=1400 audit(1770679246.602:2486): avc: denied { shutdown } for pid=15316 comm="syz.9.4275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 203.494055][ T29] audit: type=1400 audit(1770679246.602:2487): avc: denied { read } for pid=15316 comm="syz.9.4275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 203.834139][ T10] tipc: Node number set to 2130706433 [ 203.878317][T15337] loop8: detected capacity change from 0 to 512 [ 203.886548][T15337] ext2: Unknown parameter 'smackfsroot' [ 203.919207][ T29] audit: type=1326 audit(1770679247.052:2488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15338 comm="syz.8.4284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078d04af79 code=0x7ffc0000 [ 203.943300][ T29] audit: type=1326 audit(1770679247.082:2489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15338 comm="syz.8.4284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078d04af79 code=0x7ffc0000 [ 203.967044][ T29] audit: type=1326 audit(1770679247.082:2490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15338 comm="syz.8.4284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078d04af79 code=0x7ffc0000 [ 203.990690][ T29] audit: type=1326 audit(1770679247.082:2491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15338 comm="syz.8.4284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078d04af79 code=0x7ffc0000 [ 204.264096][T15348] netlink: 2 bytes leftover after parsing attributes in process `syz.8.4288'. [ 204.273067][T15348] netlink: 2 bytes leftover after parsing attributes in process `syz.8.4288'. [ 204.282903][T15348] netlink: 2 bytes leftover after parsing attributes in process `syz.8.4288'. [ 204.292013][T15348] netlink: 2 bytes leftover after parsing attributes in process `syz.8.4288'. [ 204.429214][T15352] netlink: 44 bytes leftover after parsing attributes in process `syz.8.4290'. [ 204.449002][T15352] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4290'. [ 204.722386][T15365] loop0: detected capacity change from 0 to 128 [ 204.747084][T15365] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 204.759506][T15365] ext4 filesystem being mounted at /503/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 204.800253][T15365] EXT4-fs error (device loop0): ext4_append:79: inode #2: comm syz.0.4294: Logical block already allocated [ 204.825226][ T9469] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 204.896856][T15370] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4296'. [ 204.955522][T15372] netlink: 104 bytes leftover after parsing attributes in process `syz.4.4297'. [ 205.109170][T15387] loop8: detected capacity change from 0 to 512 [ 205.172212][T15387] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.186640][T15387] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 205.261279][ T3815] Bluetooth: hci0: sending frame failed (-49) [ 205.267456][ T44] Bluetooth: hci0: Opcode 0x1003 failed: -49 [ 205.277192][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.438112][T15415] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 205.450460][T15415] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 205.859765][T15453] netlink: 63503 bytes leftover after parsing attributes in process `syz.4.4334'. [ 206.047505][T15461] netlink: 'syz.9.4337': attribute type 21 has an invalid length. [ 206.652860][T15502] veth0: entered promiscuous mode [ 206.660885][T15504] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15504 comm=syz.8.4358 [ 206.671882][T15502] veth0: left promiscuous mode [ 206.707464][T15504] IPVS: persistence engine module ip_vs_pe_ý not found [ 206.758485][T15512] set_capacity_and_notify: 1 callbacks suppressed [ 206.758506][T15512] loop4: detected capacity change from 0 to 1764 [ 207.361839][T15581] netlink: 'syz.0.4394': attribute type 21 has an invalid length. [ 207.369897][T15583] netlink: 'syz.8.4393': attribute type 5 has an invalid length. [ 207.469488][T15591] sctp: [Deprecated]: syz.0.4397 (pid 15591) Use of struct sctp_assoc_value in delayed_ack socket option. [ 207.469488][T15591] Use struct sctp_sack_info instead [ 207.589964][T15600] sit0: entered promiscuous mode [ 207.605367][T15600] netlink: 'syz.1.4402': attribute type 1 has an invalid length. [ 207.613180][T15600] __nla_validate_parse: 9 callbacks suppressed [ 207.613235][T15600] netlink: 1 bytes leftover after parsing attributes in process `syz.1.4402'. [ 207.717474][T15610] pim6reg1: entered promiscuous mode [ 207.722828][T15610] pim6reg1: entered allmulticast mode [ 207.781833][T15612] netlink: 'syz.8.4407': attribute type 64 has an invalid length. [ 207.791324][T15612] sch_tbf: burst 9 is lower than device lo mtu (65550) ! [ 208.066927][ T29] kauditd_printk_skb: 41 callbacks suppressed [ 208.066945][ T29] audit: type=1400 audit(1770679251.202:2533): avc: denied { bind } for pid=15633 comm="syz.8.4417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 208.111239][ T29] audit: type=1400 audit(1770679251.242:2534): avc: denied { setopt } for pid=15633 comm="syz.8.4417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 208.448597][T15646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 208.457303][T15646] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 208.605130][ T29] audit: type=1400 audit(1770679251.742:2535): avc: denied { mount } for pid=15656 comm="syz.1.4426" name="/" dev="mqueue" ino=2333 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 208.706951][T15666] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15666 comm=syz.1.4430 [ 208.832206][ T29] audit: type=1326 audit(1770679251.962:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.1.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 208.856510][ T29] audit: type=1326 audit(1770679251.962:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.1.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 208.880254][ T29] audit: type=1326 audit(1770679251.962:2538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.1.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 208.903870][ T29] audit: type=1326 audit(1770679251.962:2539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.1.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 208.927436][ T29] audit: type=1326 audit(1770679251.962:2540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.1.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 209.021473][T15685] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4439'. [ 209.131605][T15702] loop4: detected capacity change from 0 to 512 [ 209.140682][T15702] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 209.159196][T15702] EXT4-fs (loop4): 1 truncate cleaned up [ 209.165811][T15702] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 209.216673][ T29] audit: type=1400 audit(1770679252.352:2541): avc: denied { mounton } for pid=15701 comm="syz.4.4447" path="/585/file2" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 209.282948][ T7874] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.369569][ T29] audit: type=1326 audit(1770679252.502:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15713 comm="syz.4.4451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37140faf79 code=0x7ffc0000 [ 209.532357][T15722] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4455'. [ 209.586814][ T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1) [ 209.655377][T15733] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4460'. [ 209.760630][T15743] loop4: detected capacity change from 0 to 1024 [ 209.767737][T15743] EXT4-fs: Ignoring removed orlov option [ 209.773599][T15743] EXT4-fs: inline encryption not supported [ 209.801100][T15743] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 209.831208][ T7874] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.077190][T15831] netlink: 'syz.1.4503': attribute type 8 has an invalid length. [ 211.469165][T15869] loop4: detected capacity change from 0 to 8192 [ 211.625066][ T3399] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 211.788035][T15907] loop1: detected capacity change from 0 to 512 [ 211.794857][T15907] EXT4-fs: Ignoring removed bh option [ 211.801711][T15907] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 211.813030][T15907] EXT4-fs (loop1): 1 truncate cleaned up [ 211.819464][T15907] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.844775][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.899546][T15894] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 211.914147][T15894] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 212.692846][T15957] net_ratelimit: 8 callbacks suppressed [ 212.692866][T15957] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 212.720307][T15955] loop1: detected capacity change from 0 to 8192 [ 212.772425][ T3309] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1) [ 212.780346][ T3309] FAT-fs (loop1): Filesystem has been set read-only [ 212.935456][T15974] loop1: detected capacity change from 0 to 8192 [ 212.997975][T15988] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 213.016433][T15988] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 213.099879][T15990] af_packet: tpacket_rcv: packet too big, clamped from 2902 to 4294967280. macoff=96 [ 213.255396][T15994] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4576'. [ 213.264351][T15994] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4576'. [ 213.454116][T16008] netlink: 48 bytes leftover after parsing attributes in process `syz.9.4580'. [ 213.678520][T16013] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4583'. [ 213.699928][T16017] loop4: detected capacity change from 0 to 512 [ 213.709632][T16017] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 213.724037][T16015] loop9: detected capacity change from 64 to 0 [ 213.741998][T16017] EXT4-fs (loop4): 1 truncate cleaned up [ 213.755565][T16017] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 213.792979][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 213.792998][ T29] audit: type=1400 audit(1770679256.922:2570): avc: denied { rename } for pid=16016 comm="syz.4.4585" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 213.870261][ T29] audit: type=1400 audit(1770679256.922:2571): avc: denied { unlink } for pid=16016 comm="syz.4.4585" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 213.956304][ T29] audit: type=1326 audit(1770679257.072:2572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16028 comm="syz.0.4590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 213.979985][ T29] audit: type=1326 audit(1770679257.072:2573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16028 comm="syz.0.4590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 214.003522][ T29] audit: type=1326 audit(1770679257.072:2574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16028 comm="syz.0.4590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 214.027211][ T29] audit: type=1326 audit(1770679257.072:2575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16028 comm="syz.0.4590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 214.050922][ T29] audit: type=1326 audit(1770679257.072:2576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16028 comm="syz.0.4590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 214.074486][ T29] audit: type=1326 audit(1770679257.072:2577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16028 comm="syz.0.4590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 214.098027][ T29] audit: type=1326 audit(1770679257.072:2578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16028 comm="syz.0.4590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 214.121653][ T29] audit: type=1326 audit(1770679257.072:2579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16028 comm="syz.0.4590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 214.176708][ T7874] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.263684][T16043] pim6reg1: entered promiscuous mode [ 214.269239][T16043] pim6reg1: entered allmulticast mode [ 214.392969][T16061] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4605'. [ 214.402001][T16061] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4605'. [ 214.422885][ T3460] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 214.434268][T16061] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4605'. [ 214.443209][T16061] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4605'. [ 214.462705][ T3460] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 214.474149][ T3460] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 214.483298][ T3460] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 214.563199][T16075] loop0: detected capacity change from 0 to 128 [ 214.594627][T16078] netlink: 'syz.9.4612': attribute type 1 has an invalid length. [ 215.180927][T16116] loop4: detected capacity change from 0 to 512 [ 215.221801][T16116] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 215.235202][T16116] ext4 filesystem being mounted at /637/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 215.249951][T16122] loop0: detected capacity change from 0 to 128 [ 215.286671][T16122] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 215.301785][T16122] ext4 filesystem being mounted at /566/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 215.305155][ T7874] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.399935][ T9469] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 215.564152][T16151] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4639'. [ 215.573061][T16151] netlink: 20 bytes leftover after parsing attributes in process `syz.9.4639'. [ 216.002599][T16212] atomic_op ffff888119a09d28 conn xmit_atomic 0000000000000000 [ 216.162632][T16240] loop8: detected capacity change from 0 to 512 [ 216.191886][T16240] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 216.230827][T16240] EXT4-fs (loop8): orphan cleanup on readonly fs [ 216.238618][T16240] EXT4-fs warning (device loop8): ext4_enable_quotas:7221: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 216.254539][T16240] EXT4-fs (loop8): Cannot turn on quotas: error -22 [ 216.261563][T16240] EXT4-fs error (device loop8): ext4_ext_check_inode:523: inode #13: comm syz.8.4656: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 216.455155][T16240] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.4656: couldn't read orphan inode 13 (err -117) [ 216.468484][T16240] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 216.554579][T16302] veth0_to_hsr: Caught tx_queue_len zero misconfig [ 216.620675][ T4129] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 216.631068][ T4129] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.680025][T16240] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 216.690243][T16240] EXT4-fs (loop8): can't disable delalloc during remount [ 216.714407][T16309] atomic_op ffff88813996a128 conn xmit_atomic 0000000000000000 [ 216.727227][ T4129] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 216.737691][ T4129] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.783252][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.821911][ T4129] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 216.832515][ T4129] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.916966][ T4129] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 216.927365][ T4129] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.049705][ T4129] bridge_slave_1: left allmulticast mode [ 217.055463][ T4129] bridge_slave_1: left promiscuous mode [ 217.061170][ T4129] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.070066][ T4129] bridge_slave_0: left allmulticast mode [ 217.075808][ T4129] bridge_slave_0: left promiscuous mode [ 217.081543][ T4129] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.207216][ T4129] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 217.222012][ T4129] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 217.238248][ T4129] bond0 (unregistering): Released all slaves [ 217.264722][T16353] atomic_op ffff88811b419d28 conn xmit_atomic 0000000000000000 [ 217.278385][ T4129] tipc: Disabling bearer [ 217.283731][ T4129] tipc: Left network mode [ 217.305111][ T4129] hsr_slave_0: left promiscuous mode [ 217.311044][ T4129] hsr_slave_1: left promiscuous mode [ 217.321094][ T4129] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 217.328675][ T4129] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 217.348526][ T4129] veth1_macvtap: left promiscuous mode [ 217.354731][ T4129] veth0_macvtap: left promiscuous mode [ 217.360379][ T4129] veth1_vlan: left promiscuous mode [ 217.367997][ T4129] veth0_vlan: left promiscuous mode [ 217.521173][ T4129] team0 (unregistering): Port device team_slave_1 removed [ 217.532572][ T4129] team0 (unregistering): Port device team_slave_0 removed [ 217.614351][T16312] chnl_net:caif_netlink_parms(): no params data found [ 217.701586][T16312] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.708867][T16312] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.734248][T16312] bridge_slave_0: entered allmulticast mode [ 217.744734][T16312] bridge_slave_0: entered promiscuous mode [ 217.764994][T16312] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.772130][T16312] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.792341][T16312] bridge_slave_1: entered allmulticast mode [ 217.805360][T16312] bridge_slave_1: entered promiscuous mode [ 217.848054][T16312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.867263][T16312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.913936][T16312] team0: Port device team_slave_0 added [ 217.929325][T16312] team0: Port device team_slave_1 added [ 217.934449][ T4129] IPVS: stop unused estimator thread 0... [ 217.950754][T16312] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.957812][T16312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 217.983842][T16312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.996095][T16312] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.003065][T16312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 218.029083][T16312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.101438][T16312] hsr_slave_0: entered promiscuous mode [ 218.113174][T16312] hsr_slave_1: entered promiscuous mode [ 218.124483][T16312] debugfs: 'hsr0' already exists in 'hsr' [ 218.130288][T16312] Cannot create hsr debugfs directory [ 218.261279][T16435] atomic_op ffff88810d84dd28 conn xmit_atomic 0000000000000000 [ 218.524916][T16312] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 218.535856][T16312] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 218.545707][T16312] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 218.560567][T16312] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 218.636802][T16312] 8021q: adding VLAN 0 to HW filter on device bond0 [ 218.665066][T16312] 8021q: adding VLAN 0 to HW filter on device team0 [ 218.688931][ T4135] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.696147][ T4135] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.708810][ T4135] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.715945][ T4135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.740332][T16312] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 218.750836][T16312] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 218.870858][T16312] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 218.998338][T16312] veth0_vlan: entered promiscuous mode [ 219.007239][T16312] veth1_vlan: entered promiscuous mode [ 219.066010][T16312] veth0_macvtap: entered promiscuous mode [ 219.085609][T16312] veth1_macvtap: entered promiscuous mode [ 219.104331][T16312] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.126801][T16312] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 219.159612][ T4135] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.190642][ T4135] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.200984][ T29] kauditd_printk_skb: 48 callbacks suppressed [ 219.201011][ T29] audit: type=1400 audit(1770679262.342:2628): avc: denied { mounton } for pid=16312 comm="syz-executor" path="/root/syzkaller.mg5Muw/syz-tmp" dev="sda1" ino=2063 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 219.235077][ T4135] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.244697][ T29] audit: type=1400 audit(1770679262.372:2629): avc: denied { mounton } for pid=16312 comm="syz-executor" path="/root/syzkaller.mg5Muw/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 219.265573][ T4135] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.271897][ T29] audit: type=1400 audit(1770679262.372:2630): avc: denied { mounton } for pid=16312 comm="syz-executor" path="/root/syzkaller.mg5Muw/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=50550 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 219.333910][ T29] audit: type=1400 audit(1770679262.452:2631): avc: denied { mounton } for pid=16312 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 219.357120][ T29] audit: type=1400 audit(1770679262.452:2632): avc: denied { mount } for pid=16312 comm="syz-executor" name="/" dev="gadgetfs" ino=4536 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 219.582253][T16561] __nla_validate_parse: 2 callbacks suppressed [ 219.582268][T16561] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4717'. [ 219.597584][T16561] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4717'. [ 219.841552][T16595] loop1: detected capacity change from 0 to 128 [ 219.860974][T16595] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 219.895097][T16595] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 219.963388][ T3329] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 220.760814][T16690] loop1: detected capacity change from 0 to 256 [ 220.785563][T16690] FAT-fs (loop1): Directory bread(block 64) failed [ 220.812962][T16690] FAT-fs (loop1): Directory bread(block 65) failed [ 220.839999][T16690] FAT-fs (loop1): Directory bread(block 66) failed [ 220.847203][T16690] FAT-fs (loop1): Directory bread(block 67) failed [ 220.853842][T16690] FAT-fs (loop1): Directory bread(block 68) failed [ 220.860971][T16690] FAT-fs (loop1): Directory bread(block 69) failed [ 220.867755][T16690] FAT-fs (loop1): Directory bread(block 70) failed [ 220.884747][T16690] FAT-fs (loop1): Directory bread(block 71) failed [ 220.891322][T16690] FAT-fs (loop1): Directory bread(block 72) failed [ 220.912834][T16704] loop3: detected capacity change from 0 to 512 [ 220.931410][T16690] FAT-fs (loop1): Directory bread(block 73) failed [ 220.942460][T16704] EXT4-fs: Ignoring removed oldalloc option [ 220.989549][T16704] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.4753: Parent and EA inode have the same ino 15 [ 221.038943][T16704] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.4753: Parent and EA inode have the same ino 15 [ 221.083595][T16704] EXT4-fs (loop3): 1 orphan inode deleted [ 221.119893][T16704] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 221.211170][T16704] EXT4-fs error (device loop3): ext4_find_dest_de:2050: inode #2: block 13: comm syz.3.4753: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 221.250150][T16312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.446652][T16770] loop0: detected capacity change from 0 to 1764 [ 221.616483][T16801] loop1: detected capacity change from 0 to 512 [ 221.646101][T16801] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 221.679971][T16801] EXT4-fs (loop1): 1 truncate cleaned up [ 221.694264][T16801] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 221.744850][T16801] EXT4-fs error (device loop1): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.1.4779: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 221.798730][T16801] EXT4-fs (loop1): Remounting filesystem read-only [ 221.805503][T16801] EXT4-fs warning (device loop1): ext4_rename_delete:3729: inode #2: comm syz.1.4779: Deleting old file: nlink 5, error=-117 [ 221.839263][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.916921][T16826] loop1: detected capacity change from 0 to 512 [ 221.947679][T16826] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 221.986640][T16826] ext4 filesystem being mounted at /1018/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 222.032656][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.046855][T16840] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4795'. [ 222.080382][T16846] tipc: Started in network mode [ 222.085389][T16846] tipc: Node identity 7f000001, cluster identity 4711 [ 222.092387][T16846] tipc: Enabled bearer , priority 10 [ 222.127417][T16851] loop3: detected capacity change from 0 to 512 [ 222.147521][T16851] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 222.159501][T16851] EXT4-fs (loop3): 1 truncate cleaned up [ 222.177862][T16851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 222.201526][T16851] EXT4-fs error (device loop3): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.3.4801: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 222.222311][T16851] EXT4-fs (loop3): Remounting filesystem read-only [ 222.228934][T16851] EXT4-fs warning (device loop3): ext4_rename_delete:3729: inode #2: comm syz.3.4801: Deleting old file: nlink 5, error=-117 [ 222.305880][T16866] loop8: detected capacity change from 0 to 256 [ 222.329609][T16312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.401007][T16874] loop8: detected capacity change from 0 to 512 [ 222.440258][T16872] bond2: entered promiscuous mode [ 222.470807][T16874] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 222.486972][T16874] ext4 filesystem being mounted at /330/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 222.544188][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.765339][T16901] bond1: entered promiscuous mode [ 222.876003][T16911] loop3: detected capacity change from 0 to 256 [ 223.027256][T16923] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4832'. [ 223.069065][T16923] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4832'. [ 223.075840][ T29] audit: type=1326 audit(1770679266.202:2633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16928 comm="syz.1.4834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 223.101656][ T29] audit: type=1326 audit(1770679266.202:2634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16928 comm="syz.1.4834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 223.125228][ T1035] tipc: Node number set to 2130706433 [ 223.125266][ T29] audit: type=1326 audit(1770679266.202:2635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16928 comm="syz.1.4834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 223.125296][ T29] audit: type=1326 audit(1770679266.202:2636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16928 comm="syz.1.4834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 223.125323][ T29] audit: type=1326 audit(1770679266.202:2637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16928 comm="syz.1.4834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 223.435523][T16948] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4842'. [ 223.444477][T16948] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4842'. [ 223.454804][T16948] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4842'. [ 223.463880][T16948] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4842'. [ 223.728243][T16965] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4848'. [ 223.885206][T16978] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 223.898131][T16978] ext4 filesystem being mounted at /602/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 223.928320][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.908625][T17028] __nla_validate_parse: 3 callbacks suppressed [ 224.908646][T17028] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4882'. [ 224.923805][T17028] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4882'. [ 224.933938][T17028] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4882'. [ 224.942864][T17028] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4882'. [ 225.230345][T17063] set_capacity_and_notify: 3 callbacks suppressed [ 225.230382][T17063] loop8: detected capacity change from 0 to 512 [ 225.264689][T17063] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 225.277137][T17063] EXT4-fs (loop8): 1 truncate cleaned up [ 225.283364][T17063] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 225.359088][T17068] netlink: 63503 bytes leftover after parsing attributes in process `syz.3.4890'. [ 225.389518][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.561946][T17083] loop8: detected capacity change from 0 to 1024 [ 225.571119][T17083] EXT4-fs: inline encryption not supported [ 225.577798][T17083] EXT4-fs: Ignoring removed nobh option [ 225.583436][T17083] EXT4-fs: Ignoring removed bh option [ 225.610600][T17083] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 225.823099][T17090] netlink: 'syz.3.4899': attribute type 21 has an invalid length. [ 225.831104][T17090] netlink: 128 bytes leftover after parsing attributes in process `syz.3.4899'. [ 225.840517][T17090] netlink: 3 bytes leftover after parsing attributes in process `syz.3.4899'. [ 225.860240][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.969721][T17098] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4902'. [ 226.374751][T17121] loop1: detected capacity change from 0 to 4096 [ 226.409577][T17121] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.497774][T17128] netlink: 16 bytes leftover after parsing attributes in process `syz.9.4926'. [ 226.535218][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.565637][T17133] veth0: entered promiscuous mode [ 226.571682][T17133] veth0: left promiscuous mode [ 226.621555][T17141] loop1: detected capacity change from 0 to 128 [ 226.708766][T17150] loop0: detected capacity change from 0 to 512 [ 226.724562][T17151] netlink: 792 bytes leftover after parsing attributes in process `syz.1.4924'. [ 226.737496][T17150] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 226.752049][T17150] EXT4-fs (loop0): 1 truncate cleaned up [ 226.758601][T17150] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.949668][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.319408][ T29] kauditd_printk_skb: 11 callbacks suppressed [ 227.319424][ T29] audit: type=1326 audit(1770679270.452:2649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17199 comm="syz.1.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 227.349332][ T29] audit: type=1326 audit(1770679270.452:2650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17199 comm="syz.1.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 227.377931][T17202] loop0: detected capacity change from 0 to 1024 [ 227.385158][T17202] EXT4-fs: inline encryption not supported [ 227.391100][T17202] EXT4-fs: Ignoring removed nobh option [ 227.396733][T17202] EXT4-fs: Ignoring removed bh option [ 227.405344][ T29] audit: type=1326 audit(1770679270.452:2651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17199 comm="syz.1.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 227.428992][ T29] audit: type=1326 audit(1770679270.452:2652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17199 comm="syz.1.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 227.452677][ T29] audit: type=1326 audit(1770679270.512:2653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17199 comm="syz.1.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa7a8dfb84e code=0x7ffc0000 [ 227.461103][T17202] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.476533][ T29] audit: type=1326 audit(1770679270.512:2654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17199 comm="syz.1.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa7a8dfb84e code=0x7ffc0000 [ 227.512227][ T29] audit: type=1326 audit(1770679270.512:2655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17199 comm="syz.1.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=469 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 227.535738][ T29] audit: type=1326 audit(1770679270.512:2656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17199 comm="syz.1.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 227.559383][ T29] audit: type=1326 audit(1770679270.512:2657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17199 comm="syz.1.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 227.582973][ T29] audit: type=1326 audit(1770679270.512:2658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17199 comm="syz.1.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 227.610188][T17212] netlink: 'syz.9.4948': attribute type 21 has an invalid length. [ 227.766278][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.868671][T17236] loop3: detected capacity change from 0 to 4096 [ 227.878482][T17240] dummy0: Caught tx_queue_len zero misconfig [ 227.887648][T17236] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.933513][T16312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.351982][T17283] pim6reg1: entered promiscuous mode [ 228.357374][T17283] pim6reg1: entered allmulticast mode [ 228.835025][T17328] netlink: 'syz.3.5004': attribute type 21 has an invalid length. [ 228.927689][T17340] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=17340 comm=syz.0.5009 [ 229.152780][T17374] loop8: detected capacity change from 0 to 512 [ 229.159788][T17374] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 229.171928][T17374] EXT4-fs (loop8): 1 truncate cleaned up [ 229.178670][T17374] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 229.206308][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.843565][T17378] sit0: entered promiscuous mode [ 229.853166][T17378] netlink: 'syz.8.5025': attribute type 1 has an invalid length. [ 229.963133][T17388] netlink: 'syz.9.5031': attribute type 64 has an invalid length. [ 229.971578][T17388] sch_tbf: burst 9 is lower than device lo mtu (65550) ! [ 230.187517][T17402] loop8: detected capacity change from 0 to 32768 [ 230.226673][T17395] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 230.235004][ T3302] loop8: p1 p2 p3 < p5 p6 > [ 230.236591][T17395] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 230.241970][ T3302] loop8: p2 size 16775168 extends beyond EOD, truncated [ 230.255730][ T3302] loop8: p5 start 4294970168 is beyond EOD, truncated [ 230.266945][T17402] loop8: p1 p2 p3 < p5 p6 > [ 230.272194][T17402] loop8: p2 size 16775168 extends beyond EOD, truncated [ 230.280442][T17402] loop8: p5 start 4294970168 is beyond EOD, truncated [ 230.395282][T10053] udevd[10053]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory [ 230.401139][ T3588] udevd[3588]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory [ 230.415888][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory [ 230.430574][ T4013] udevd[4013]: inotify_add_watch(7, /dev/loop8p6, 10) failed: No such file or directory [ 230.448845][T10053] udevd[10053]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory [ 230.453553][ T3588] udevd[3588]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory [ 230.461751][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory [ 230.479662][ T4013] udevd[4013]: inotify_add_watch(7, /dev/loop8p6, 10) failed: No such file or directory [ 230.496313][T10053] udevd[10053]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory [ 230.507820][ T4013] udevd[4013]: inotify_add_watch(7, /dev/loop8p6, 10) failed: No such file or directory [ 230.809701][T17419] loop8: detected capacity change from 0 to 512 [ 230.848289][T17419] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 230.943982][T17419] EXT4-fs (loop8): 1 truncate cleaned up [ 231.016194][T17435] loop1: detected capacity change from 0 to 128 [ 231.059242][T17435] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 231.098098][T17419] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 231.116582][T17435] FAT-fs (loop1): error, invalid FAT chain (i_pos 548, last_block 8) [ 231.124878][T17435] FAT-fs (loop1): Filesystem has been set read-only [ 231.131816][T17435] FAT-fs (loop1): error, corrupted file size (i_pos 548, 522) [ 231.689156][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.876490][T17470] loop3: detected capacity change from 0 to 32768 [ 231.916234][ T3302] loop3: p1 p2 p3 < p5 p6 > [ 231.930701][ T3302] loop3: p2 size 16775168 extends beyond EOD, truncated [ 231.971455][ T3302] loop3: p5 start 4294970168 is beyond EOD, truncated [ 231.989805][T17496] __nla_validate_parse: 13 callbacks suppressed [ 231.989826][T17496] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5066'. [ 232.035498][T17470] loop3: p1 p2 p3 < p5 p6 > [ 232.044749][T17470] loop3: p2 size 16775168 extends beyond EOD, truncated [ 232.075614][T17470] loop3: p5 start 4294970168 is beyond EOD, truncated [ 232.152327][T17508] netlink: 'syz.9.5069': attribute type 8 has an invalid length. [ 232.520819][T17553] loop0: detected capacity change from 0 to 512 [ 232.531371][T17553] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 232.554707][T17553] EXT4-fs (loop0): 1 truncate cleaned up [ 232.567435][T17553] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 232.591766][ T29] kauditd_printk_skb: 22 callbacks suppressed [ 232.591784][ T29] audit: type=1326 audit(1770679275.722:2681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17552 comm="syz.0.5085" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f29c558af79 code=0x0 [ 232.639957][ T3399] kernel write not supported for file bpf-prog (pid: 3399 comm: kworker/0:5) [ 232.701696][T17573] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5088'. [ 233.261055][T17629] loop3: detected capacity change from 0 to 128 [ 233.268139][T17629] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 233.283081][T17629] FAT-fs (loop3): error, invalid FAT chain (i_pos 548, last_block 8) [ 233.291397][T17629] FAT-fs (loop3): Filesystem has been set read-only [ 233.298554][T17629] FAT-fs (loop3): error, corrupted file size (i_pos 548, 522) [ 233.345547][T17633] loop3: detected capacity change from 0 to 128 [ 233.352356][T17633] EXT4-fs: Ignoring removed nobh option [ 233.367368][T17633] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 233.380178][T17633] ext4 filesystem being mounted at /100/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 233.394665][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.525095][T16312] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 233.834448][T17650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 233.854457][T17650] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 233.982361][T17660] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 234.228108][T17681] loop1: detected capacity change from 0 to 128 [ 234.236713][T17681] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 234.265684][T17681] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 234.542383][T17708] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5143'. [ 234.817194][T17718] netlink: 'syz.0.5145': attribute type 8 has an invalid length. [ 234.889385][T17719] loop1: detected capacity change from 0 to 8192 [ 235.337485][ T29] audit: type=1326 audit(1770679278.472:2682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17738 comm="syz.3.5168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 235.361291][ T29] audit: type=1326 audit(1770679278.472:2683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17738 comm="syz.3.5168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 235.386104][ T29] audit: type=1326 audit(1770679278.522:2684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17738 comm="syz.3.5168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 235.409685][ T29] audit: type=1326 audit(1770679278.522:2685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17738 comm="syz.3.5168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 235.433353][ T29] audit: type=1326 audit(1770679278.522:2686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17738 comm="syz.3.5168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 235.457826][ T29] audit: type=1326 audit(1770679278.592:2687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17738 comm="syz.3.5168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 235.481387][ T29] audit: type=1326 audit(1770679278.592:2688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17738 comm="syz.3.5168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 235.505036][ T29] audit: type=1326 audit(1770679278.592:2689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17738 comm="syz.3.5168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 235.528766][ T29] audit: type=1326 audit(1770679278.642:2690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17738 comm="syz.3.5168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 235.657864][T17741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 235.668183][T17741] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 235.738089][T17752] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5163'. [ 235.747054][T17752] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5163'. [ 235.761041][ T4147] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 235.769932][ T4147] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 235.778921][T17752] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5163'. [ 235.787962][T17752] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5163'. [ 235.797473][ T4147] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 235.808322][ T4147] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 235.977475][T17776] loop8: detected capacity change from 0 to 512 [ 235.984241][T17776] EXT4-fs: Ignoring removed bh option [ 235.989956][T17776] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem [ 236.001889][T17776] EXT4-fs (loop8): 1 truncate cleaned up [ 236.008083][T17776] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 236.067907][T17787] loop1: detected capacity change from 0 to 512 [ 236.091196][T17787] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.104191][T17787] ext4 filesystem being mounted at /1091/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 236.140332][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.214886][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.239063][T17806] loop3: detected capacity change from 0 to 128 [ 236.247905][T17806] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 236.267418][T17806] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 236.603732][T17828] loop3: detected capacity change from 0 to 8192 [ 236.657621][T16312] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1) [ 236.665591][T16312] FAT-fs (loop3): Filesystem has been set read-only [ 236.692943][T17830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5195'. [ 236.701908][T17830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5195'. [ 236.762532][T17836] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5198'. [ 237.019444][T17849] loop0: detected capacity change from 0 to 512 [ 237.027631][T17849] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 237.045160][T17849] EXT4-fs (loop0): 1 truncate cleaned up [ 237.051636][T17849] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 237.078310][T17851] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5201'. [ 237.386426][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.522767][T17878] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5213'. [ 237.531876][T17878] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5213'. [ 237.567711][ T4135] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 237.567738][T17878] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5213'. [ 237.567860][ T4135] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 237.576667][T17878] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5213'. [ 237.614028][ T4135] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 237.622768][ T4135] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 237.671576][ T29] kauditd_printk_skb: 77 callbacks suppressed [ 237.671592][ T29] audit: type=1326 audit(1770679280.802:2768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17879 comm="syz.3.5225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 237.874712][T17896] pim6reg1: entered promiscuous mode [ 237.880148][T17896] pim6reg1: entered allmulticast mode [ 238.262801][T17919] loop3: detected capacity change from 0 to 128 [ 238.299986][T17919] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 238.332186][T17919] ext4 filesystem being mounted at /130/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 238.385713][T16312] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 238.390416][T17924] loop8: detected capacity change from 0 to 128 [ 238.790677][T17930] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5234'. [ 239.372152][ T29] audit: type=1326 audit(1770679282.502:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17983 comm="syz.9.5247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96e1baf79 code=0x7ffc0000 [ 239.428538][ T29] audit: type=1326 audit(1770679282.532:2770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17983 comm="syz.9.5247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb96e17b84e code=0x7ffc0000 [ 239.452519][ T29] audit: type=1326 audit(1770679282.532:2771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17983 comm="syz.9.5247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96e1baf79 code=0x7ffc0000 [ 239.476118][ T29] audit: type=1326 audit(1770679282.532:2772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17983 comm="syz.9.5247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96e1baf79 code=0x7ffc0000 [ 239.499659][ T29] audit: type=1326 audit(1770679282.542:2773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17983 comm="syz.9.5247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fb96e1baf79 code=0x7ffc0000 [ 239.523116][ T29] audit: type=1326 audit(1770679282.542:2774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17983 comm="syz.9.5247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96e1baf79 code=0x7ffc0000 [ 239.546716][ T29] audit: type=1326 audit(1770679282.542:2775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17983 comm="syz.9.5247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96e1baf79 code=0x7ffc0000 [ 239.570230][ T29] audit: type=1326 audit(1770679282.542:2776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17983 comm="syz.9.5247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb96e1baf79 code=0x7ffc0000 [ 240.101840][ T29] audit: type=1326 audit(1770679283.232:2777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18049 comm="syz.3.5256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 240.318361][T18078] loop3: detected capacity change from 0 to 512 [ 240.354350][T18078] xt_hashlimit: size too large, truncated to 1048576 [ 240.901730][T18119] loop8: detected capacity change from 0 to 512 [ 240.977829][T18119] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 240.990843][T18119] ext4 filesystem being mounted at /399/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 241.109384][T18132] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #18: comm syz.8.5288: corrupted inode contents [ 241.121742][T18132] EXT4-fs error (device loop8): ext4_dirty_inode:6502: inode #18: comm syz.8.5288: mark_inode_dirty error [ 241.134405][T18132] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #18: comm syz.8.5288: corrupted inode contents [ 241.147923][T18132] EXT4-fs error (device loop8): ext4_xattr_delete_inode:3001: inode #18: comm syz.8.5288: mark_inode_dirty error [ 241.234983][T18132] EXT4-fs error (device loop8): ext4_xattr_delete_inode:3004: inode #18: comm syz.8.5288: mark inode dirty (error -117) [ 241.248286][T18132] EXT4-fs warning (device loop8): ext4_evict_inode:273: xattr delete (err -117) [ 241.317744][T18146] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5300'. [ 241.326992][T18146] netlink: 'syz.1.5300': attribute type 5 has an invalid length. [ 241.334979][T18146] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5300'. [ 241.347896][T18146] geneve2: entered promiscuous mode [ 241.353290][T18146] geneve2: entered allmulticast mode [ 241.361174][ T3329] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 65535 - 0 [ 241.371826][ T3329] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 65535 - 0 [ 241.381034][ T3329] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 65535 - 0 [ 241.393526][ T3329] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 65535 - 0 [ 241.431887][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 241.460292][T18154] netlink: 'syz.8.5303': attribute type 4 has an invalid length. [ 241.581436][T18158] netlink: 'syz.8.5303': attribute type 4 has an invalid length. [ 242.096157][T18187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 242.105002][T18187] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 242.781502][T18246] syzkaller1: entered promiscuous mode [ 242.920789][T18257] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5356'. [ 242.930055][T18257] netlink: 'syz.3.5356': attribute type 5 has an invalid length. [ 242.937906][T18257] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5356'. [ 242.953679][T18257] geneve2: entered promiscuous mode [ 242.959026][T18257] geneve2: entered allmulticast mode [ 242.966163][ T317] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 65535 - 0 [ 242.975350][ T317] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 65535 - 0 [ 242.994066][ T31] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 65535 - 0 [ 243.014070][ T31] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 65535 - 0 [ 243.048742][T18264] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5358'. [ 243.057768][T18264] netlink: 'syz.9.5358': attribute type 5 has an invalid length. [ 243.065650][T18264] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5358'. [ 243.128706][T18264] geneve2: entered promiscuous mode [ 243.134022][T18264] geneve2: entered allmulticast mode [ 243.144253][ T31] netdevsim netdevsim9 netdevsim0: set [1, 1] type 2 family 0 port 65535 - 0 [ 243.154776][ T31] netdevsim netdevsim9 netdevsim1: set [1, 1] type 2 family 0 port 65535 - 0 [ 243.163817][ T31] netdevsim netdevsim9 netdevsim2: set [1, 1] type 2 family 0 port 65535 - 0 [ 243.184883][ T31] netdevsim netdevsim9 netdevsim3: set [1, 1] type 2 family 0 port 65535 - 0 [ 243.247364][T18276] loop0: detected capacity change from 0 to 512 [ 243.282832][T18276] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 243.300835][T18287] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5357'. [ 243.318410][T18276] ext4 filesystem being mounted at /703/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 243.337329][ T29] kauditd_printk_skb: 38 callbacks suppressed [ 243.337344][ T29] audit: type=1400 audit(1770679286.472:2816): avc: denied { create } for pid=18288 comm="syz.8.5359" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=blk_file permissive=1 [ 243.423759][T18295] netlink: 'syz.3.5363': attribute type 4 has an invalid length. [ 243.437019][T18295] netlink: 'syz.3.5363': attribute type 4 has an invalid length. [ 243.476632][T18300] loop3: detected capacity change from 0 to 512 [ 243.483733][T18300] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 243.506609][T18300] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 243.519421][T18300] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 243.532823][T18300] EXT4-fs (loop3): shut down requested (2) [ 243.534530][T18296] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #18: comm syz.0.5353: corrupted inode contents [ 243.546197][ T29] audit: type=1400 audit(1770679286.672:2817): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 243.572540][ T29] audit: type=1400 audit(1770679286.672:2818): avc: denied { search } for pid=2982 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 243.586332][T18296] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #18: comm syz.0.5353: mark_inode_dirty error [ 243.594136][ T29] audit: type=1400 audit(1770679286.672:2819): avc: denied { append } for pid=2982 comm="syslogd" name="messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 243.627797][ T29] audit: type=1400 audit(1770679286.672:2820): avc: denied { open } for pid=2982 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 243.650363][ T29] audit: type=1400 audit(1770679286.672:2821): avc: denied { getattr } for pid=2982 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 243.689057][T18296] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #18: comm syz.0.5353: corrupted inode contents [ 243.701169][T18296] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3001: inode #18: comm syz.0.5353: mark_inode_dirty error [ 243.714276][T18296] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3004: inode #18: comm syz.0.5353: mark inode dirty (error -117) [ 243.714814][T16312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 243.728083][T18296] EXT4-fs warning (device loop0): ext4_evict_inode:273: xattr delete (err -117) [ 243.789059][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.051619][T18329] netlink: 'syz.0.5377': attribute type 4 has an invalid length. [ 244.076626][T18329] netlink: 'syz.0.5377': attribute type 4 has an invalid length. [ 244.129648][ T29] audit: type=1326 audit(1770679287.262:2822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18334 comm="syz.3.5389" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f21e99daf79 code=0x0 [ 245.004167][T18358] loop1: detected capacity change from 0 to 512 [ 245.019556][T18358] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 245.039888][T18358] ext4 filesystem being mounted at /1129/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 245.128339][T18358] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #18: comm syz.1.5400: corrupted inode contents [ 245.140884][T18358] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #18: comm syz.1.5400: mark_inode_dirty error [ 245.153023][T18358] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #18: comm syz.1.5400: corrupted inode contents [ 245.167040][T18358] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3001: inode #18: comm syz.1.5400: mark_inode_dirty error [ 245.189497][T18358] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3004: inode #18: comm syz.1.5400: mark inode dirty (error -117) [ 245.204830][T18358] EXT4-fs warning (device loop1): ext4_evict_inode:273: xattr delete (err -117) [ 245.232740][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 246.076454][ T29] audit: type=1326 audit(1770679289.212:2823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18383 comm="syz.1.5408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 246.100195][ T29] audit: type=1326 audit(1770679289.212:2824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18383 comm="syz.1.5408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 246.123806][ T29] audit: type=1326 audit(1770679289.212:2825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18383 comm="syz.1.5408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 246.231173][T18397] syzkaller1: entered promiscuous mode [ 246.318837][T18406] loop3: detected capacity change from 0 to 512 [ 246.348168][T18406] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 246.393437][T18406] ext4 filesystem being mounted at /172/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 246.412096][T18415] loop0: detected capacity change from 0 to 1024 [ 246.435724][T18415] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 246.476825][T18423] loop1: detected capacity change from 0 to 512 [ 246.544703][T18423] xt_hashlimit: size too large, truncated to 1048576 [ 246.554383][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 246.577032][T18424] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #18: comm syz.3.5407: corrupted inode contents [ 246.659901][T18424] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #18: comm syz.3.5407: mark_inode_dirty error [ 246.676650][T18424] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #18: comm syz.3.5407: corrupted inode contents [ 246.707743][T18424] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3001: inode #18: comm syz.3.5407: mark_inode_dirty error [ 246.720735][T18424] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3004: inode #18: comm syz.3.5407: mark inode dirty (error -117) [ 246.744902][T18424] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -117) [ 246.818932][T16312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 247.026601][T18465] loop3: detected capacity change from 0 to 512 [ 247.065151][T18465] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 247.077932][T18465] ext4 filesystem being mounted at /175/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 247.174881][T18473] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #18: comm syz.3.5435: corrupted inode contents [ 247.187358][T18473] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #18: comm syz.3.5435: mark_inode_dirty error [ 247.204134][T18473] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #18: comm syz.3.5435: corrupted inode contents [ 247.231843][T18478] syzkaller1: entered promiscuous mode [ 247.239607][T18473] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3001: inode #18: comm syz.3.5435: mark_inode_dirty error [ 247.274576][T18473] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3004: inode #18: comm syz.3.5435: mark inode dirty (error -117) [ 247.304179][T18473] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -117) [ 247.341796][T16312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.083392][T18527] loop0: detected capacity change from 0 to 512 [ 248.112445][T18527] xt_hashlimit: size too large, truncated to 1048576 [ 248.480961][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 248.480977][ T29] audit: type=1400 audit(1770679291.612:2849): avc: denied { relabelfrom } for pid=18540 comm="syz.8.5475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 248.507259][ T29] audit: type=1400 audit(1770679291.612:2850): avc: denied { relabelto } for pid=18540 comm="syz.8.5475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 248.557157][ T29] audit: type=1400 audit(1770679291.692:2851): avc: denied { read write } for pid=18544 comm="syz.0.5466" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 248.586864][ T29] audit: type=1400 audit(1770679291.692:2852): avc: denied { open } for pid=18544 comm="syz.0.5466" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 248.787168][T18563] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5474'. [ 248.848785][T18566] SELinux: security policydb version 16 (MLS) not backwards compatible [ 248.878704][T18566] SELinux: failed to load policy [ 248.990179][T18572] geneve1: Caught tx_queue_len zero misconfig [ 249.204580][ T29] audit: type=1326 audit(1770679292.342:2853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18575 comm="syz.9.5480" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb96e1baf79 code=0x0 [ 249.518422][T18587] loop1: detected capacity change from 0 to 512 [ 249.558586][T18587] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 249.616471][T18587] ext4 filesystem being mounted at /1145/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 249.800677][T18597] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #18: comm syz.1.5486: corrupted inode contents [ 249.835524][T18597] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #18: comm syz.1.5486: mark_inode_dirty error [ 249.867653][T18597] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #18: comm syz.1.5486: corrupted inode contents [ 249.897502][T18597] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3001: inode #18: comm syz.1.5486: mark_inode_dirty error [ 249.909744][T18597] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3004: inode #18: comm syz.1.5486: mark inode dirty (error -117) [ 249.922632][T18597] EXT4-fs warning (device loop1): ext4_evict_inode:273: xattr delete (err -117) [ 249.950423][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.084661][T18605] loop1: detected capacity change from 0 to 764 [ 250.097572][T18605] rock: directory entry would overflow storage [ 250.103780][T18605] rock: sig=0x4f50, size=4, remaining=3 [ 250.109498][T18605] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 250.295708][T18618] SELinux: security policydb version 16 (MLS) not backwards compatible [ 250.310457][T18618] SELinux: failed to load policy [ 250.407659][T18627] loop1: detected capacity change from 0 to 512 [ 250.435780][T18627] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.450968][T18627] ext4 filesystem being mounted at /1152/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 250.547328][T18627] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #18: comm syz.1.5500: corrupted inode contents [ 250.560146][T18627] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #18: comm syz.1.5500: mark_inode_dirty error [ 250.571928][T18627] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #18: comm syz.1.5500: corrupted inode contents [ 250.585191][T18627] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3001: inode #18: comm syz.1.5500: mark_inode_dirty error [ 250.597645][T18627] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3004: inode #18: comm syz.1.5500: mark inode dirty (error -117) [ 250.610568][T18627] EXT4-fs warning (device loop1): ext4_evict_inode:273: xattr delete (err -117) [ 250.637418][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.678926][T18641] loop8: detected capacity change from 0 to 512 [ 250.691606][T18641] EXT4-fs: Ignoring removed i_version option [ 250.697830][T18641] EXT4-fs: Ignoring removed bh option [ 250.717649][T18641] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.730624][T18641] ext4 filesystem being mounted at /435/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 250.764186][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.840939][T18655] loop0: detected capacity change from 0 to 1024 [ 250.856559][T18655] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 250.889212][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 251.683444][ T29] audit: type=1326 audit(1770679294.812:2854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18672 comm="syz.0.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 251.709279][ T29] audit: type=1326 audit(1770679294.842:2855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18672 comm="syz.0.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 251.732928][ T29] audit: type=1326 audit(1770679294.842:2856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18672 comm="syz.0.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 251.756321][ T29] audit: type=1326 audit(1770679294.842:2857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18672 comm="syz.0.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 251.756908][T18675] loop8: detected capacity change from 0 to 512 [ 251.779960][ T29] audit: type=1326 audit(1770679294.842:2858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18672 comm="syz.0.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29c558af79 code=0x7ffc0000 [ 251.846267][T18675] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.858951][T18675] ext4 filesystem being mounted at /438/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 251.962271][T18675] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #18: comm syz.8.5516: corrupted inode contents [ 252.005076][T18675] EXT4-fs error (device loop8): ext4_dirty_inode:6502: inode #18: comm syz.8.5516: mark_inode_dirty error [ 252.053986][T18675] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #18: comm syz.8.5516: corrupted inode contents [ 252.112142][T18675] EXT4-fs error (device loop8): ext4_xattr_delete_inode:3001: inode #18: comm syz.8.5516: mark_inode_dirty error [ 252.223050][T18675] EXT4-fs error (device loop8): ext4_xattr_delete_inode:3004: inode #18: comm syz.8.5516: mark inode dirty (error -117) [ 252.279642][T18675] EXT4-fs warning (device loop8): ext4_evict_inode:273: xattr delete (err -117) [ 252.298951][T18711] loop0: detected capacity change from 0 to 764 [ 252.330467][T18711] rock: directory entry would overflow storage [ 252.336709][T18711] rock: sig=0x4f50, size=4, remaining=3 [ 252.342298][T18711] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 252.483487][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.604281][T18729] loop1: detected capacity change from 0 to 1024 [ 252.644155][T18729] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 252.742606][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 253.513863][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 253.513878][ T29] audit: type=1326 audit(1770679296.642:2880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.1.5572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 253.544076][ T29] audit: type=1326 audit(1770679296.642:2881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.1.5572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 253.567676][ T29] audit: type=1326 audit(1770679296.642:2882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.1.5572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 253.591287][ T29] audit: type=1326 audit(1770679296.642:2883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.1.5572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 253.615048][ T29] audit: type=1326 audit(1770679296.642:2884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.1.5572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 253.638604][ T29] audit: type=1326 audit(1770679296.642:2885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.1.5572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 253.662138][ T29] audit: type=1326 audit(1770679296.642:2886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.1.5572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 253.686447][ T29] audit: type=1326 audit(1770679296.782:2887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18809 comm="syz.8.5576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078d04af79 code=0x7ffc0000 [ 253.710014][ T29] audit: type=1326 audit(1770679296.782:2888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18809 comm="syz.8.5576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078d04af79 code=0x7ffc0000 [ 253.733724][ T29] audit: type=1326 audit(1770679296.782:2889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18809 comm="syz.8.5576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f078d04af79 code=0x7ffc0000 [ 253.854513][T18829] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 253.861032][T18829] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 254.000001][T18843] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5591'. [ 254.152988][T18847] syzkaller1: entered promiscuous mode [ 254.158545][T18847] syzkaller1: entered allmulticast mode [ 254.298814][T18851] loop0: detected capacity change from 0 to 512 [ 254.305874][T18851] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 254.315588][T18851] EXT4-fs (loop0): 1 truncate cleaned up [ 254.321623][T18851] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.336380][T18857] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5595'. [ 254.357488][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.637714][T18883] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5608'. [ 254.646784][T18883] netlink: 'syz.8.5608': attribute type 7 has an invalid length. [ 254.654553][T18883] netlink: 'syz.8.5608': attribute type 8 has an invalid length. [ 254.662327][T18883] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5608'. [ 254.675837][T18883] erspan0: entered promiscuous mode [ 254.682300][T18883] 0ªî{X¹¦: entered promiscuous mode [ 254.785052][T18888] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5610'. [ 254.815491][T18888] 8021q: adding VLAN 0 to HW filter on device bond3 [ 254.837328][T18888] bond3: (slave batadv1): Opening slave failed [ 254.906863][T18897] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5614'. [ 254.953248][T18902] loop8: detected capacity change from 0 to 1024 [ 254.978005][T18902] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 255.025792][T18902] ext4 filesystem being mounted at /456/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 255.040870][T18902] EXT4-fs (loop8): shut down requested (0) [ 255.050323][T18904] can0: slcan on ttyS3. [ 255.103435][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 255.114115][T18903] can0 (unregistered): slcan off ttyS3. [ 255.367220][T18945] SELinux: failed to load policy [ 255.707094][T18987] netlink: 'syz.9.5640': attribute type 1 has an invalid length. [ 255.721442][T18987] 8021q: adding VLAN 0 to HW filter on device bond2 [ 255.723315][T18985] 9pnet: p9_errstr2errno: server reported unknown error ÿÿ [ 256.161714][T19015] netlink: 20 bytes leftover after parsing attributes in process `syz.9.5651'. [ 256.438608][T19031] SELinux: failed to load policy [ 256.565345][T19025] loop0: detected capacity change from 0 to 32768 [ 256.625363][T19025] loop0: p1 p3 < p5 p6 > [ 256.629766][T19025] loop0: partition table partially beyond EOD, truncated [ 256.709151][T10053] udevd[10053]: inotify_add_watch(7, /dev/loop0p5, 10) failed: No such file or directory [ 256.720758][ T4013] udevd[4013]: inotify_add_watch(7, /dev/loop0p6, 10) failed: No such file or directory [ 256.733642][ T3588] udevd[3588]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 256.745079][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 256.877458][T19080] sctp: [Deprecated]: syz.0.5672 (pid 19080) Use of struct sctp_assoc_value in delayed_ack socket option. [ 256.877458][T19080] Use struct sctp_sack_info instead [ 256.958399][T19088] netlink: 104 bytes leftover after parsing attributes in process `syz.0.5681'. [ 257.383259][T19116] netlink: 64 bytes leftover after parsing attributes in process `syz.1.5695'. [ 257.494905][T19122] IPv6: Can't replace route, no match found [ 257.573412][T19134] xt_hashlimit: max too large, truncated to 1048576 [ 258.057390][T19174] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check. [ 258.173331][T19184] netlink: 'syz.0.5726': attribute type 83 has an invalid length. [ 258.211976][T19186] ALSA: seq fatal error: cannot create timer (-19) [ 258.278270][T19196] sctp: [Deprecated]: syz.3.5732 (pid 19196) Use of struct sctp_assoc_value in delayed_ack socket option. [ 258.278270][T19196] Use struct sctp_sack_info instead [ 258.316049][T19201] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5734'. [ 258.325006][T19201] netlink: 'syz.3.5734': attribute type 6 has an invalid length. [ 258.332830][T19201] netlink: 'syz.3.5734': attribute type 5 has an invalid length. [ 258.341215][T19201] netlink: 'syz.3.5734': attribute type 6 has an invalid length. [ 258.349063][T19201] netlink: 'syz.3.5734': attribute type 5 has an invalid length. [ 258.894399][ T29] kauditd_printk_skb: 64 callbacks suppressed [ 258.894418][ T29] audit: type=1400 audit(1770679302.032:2954): avc: denied { ioctl } for pid=19250 comm="syz.9.5758" path="socket:[58602]" dev="sockfs" ino=58602 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 259.044617][ T2963] IPVS: starting estimator thread 0... [ 259.116986][T19268] __nla_validate_parse: 3 callbacks suppressed [ 259.117008][T19268] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5762'. [ 259.174475][T19264] IPVS: using max 2208 ests per chain, 110400 per kthread [ 259.455405][T19287] xt_hashlimit: max too large, truncated to 1048576 [ 259.671989][T19301] netlink: 'syz.3.5777': attribute type 83 has an invalid length. [ 259.698583][T19303] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5778'. [ 259.708034][T19303] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5778'. [ 259.717125][T19303] netlink: 'syz.9.5778': attribute type 6 has an invalid length. [ 259.725098][T19303] netlink: 'syz.9.5778': attribute type 5 has an invalid length. [ 259.769415][T19303] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5778'. [ 259.778366][T19303] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5778'. [ 259.787341][T19303] netlink: 'syz.9.5778': attribute type 6 has an invalid length. [ 259.795234][T19303] netlink: 'syz.9.5778': attribute type 5 has an invalid length. [ 259.919648][T19320] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check. [ 260.460102][ T29] audit: type=1326 audit(1770679303.592:2955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19350 comm="syz.3.5802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 260.492574][ T29] audit: type=1326 audit(1770679303.592:2956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19350 comm="syz.3.5802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 260.506106][T19353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5801'. [ 260.516751][ T29] audit: type=1326 audit(1770679303.592:2957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19350 comm="syz.3.5802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 260.525314][T19353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5801'. [ 260.549041][ T29] audit: type=1326 audit(1770679303.592:2958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19350 comm="syz.3.5802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 260.557744][T19353] netlink: 'syz.1.5801': attribute type 6 has an invalid length. [ 260.581232][ T29] audit: type=1326 audit(1770679303.592:2959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19350 comm="syz.3.5802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 260.589210][T19353] netlink: 'syz.1.5801': attribute type 5 has an invalid length. [ 260.612515][ T29] audit: type=1326 audit(1770679303.592:2960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19350 comm="syz.3.5802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 260.644070][ T29] audit: type=1326 audit(1770679303.592:2961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19350 comm="syz.3.5802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 260.667704][ T29] audit: type=1326 audit(1770679303.592:2962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19350 comm="syz.3.5802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f21e99daf79 code=0x7ffc0000 [ 260.691561][ T29] audit: type=1326 audit(1770679303.622:2963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19350 comm="syz.3.5802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f21e99dace2 code=0x7ffc0000 [ 260.714228][T19353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5801'. [ 260.723794][T19353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5801'. [ 260.732758][T19353] netlink: 'syz.1.5801': attribute type 6 has an invalid length. [ 260.740526][T19353] netlink: 'syz.1.5801': attribute type 5 has an invalid length. [ 260.752965][ T4135] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 260.784107][ T4135] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 260.802305][ T4135] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 260.812484][ T4135] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 260.889697][T19365] 9pnet: p9_errstr2errno: server reported unknown error ÿÿ [ 261.038960][T19385] ALSA: seq fatal error: cannot create timer (-19) [ 261.060752][T19382] SELinux: failed to load policy [ 261.230325][T19395] can0: slcan on ttyS3. [ 261.284142][T19394] can0 (unregistered): slcan off ttyS3. [ 261.655248][T19423] SELinux: failed to load policy [ 261.813738][T19444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5841'. [ 261.952037][T19450] 8021q: adding VLAN 0 to HW filter on device bond1 [ 261.975913][T19450] bond1: (slave batadv1): Opening slave failed [ 263.262822][T19475] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 264.692084][T19498] __nla_validate_parse: 3 callbacks suppressed [ 264.692098][T19498] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5863'. [ 264.739256][T19433] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 264.827663][T19509] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 264.834238][T19509] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 264.837488][T19507] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5868'. [ 264.841837][T19509] vhci_hcd vhci_hcd.0: Device attached [ 264.860123][T19509] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1303 [ 264.882862][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 264.882876][ T29] audit: type=1326 audit(1770679308.022:2970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19504 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 264.912621][ T29] audit: type=1326 audit(1770679308.022:2971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19504 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 264.927234][T19510] vhci_hcd: connection closed [ 264.936183][ T29] audit: type=1326 audit(1770679308.022:2972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19504 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 264.941186][ T4135] vhci_hcd vhci_hcd.3: stop threads [ 264.966412][ T29] audit: type=1326 audit(1770679308.052:2973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19504 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 264.969609][ T4135] vhci_hcd vhci_hcd.3: release socket [ 264.969627][ T4135] vhci_hcd vhci_hcd.3: disconnect device [ 265.004229][ T29] audit: type=1326 audit(1770679308.052:2974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19504 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 265.027768][ T29] audit: type=1326 audit(1770679308.052:2975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19504 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 265.051267][ T29] audit: type=1326 audit(1770679308.062:2976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19504 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 265.074941][ T29] audit: type=1326 audit(1770679308.062:2977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19504 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 265.098612][ T29] audit: type=1326 audit(1770679308.062:2978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19504 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 265.122172][ T29] audit: type=1326 audit(1770679308.062:2979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19504 comm="syz.1.5867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a8e3af79 code=0x7ffc0000 [ 265.229450][T19522] loop0: detected capacity change from 0 to 512 [ 265.239145][T19522] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 265.256060][T19522] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e12c, mo2=0002] [ 265.264275][T19522] System zones: 1-12 [ 265.268592][T19522] EXT4-fs (loop0): orphan cleanup on readonly fs [ 265.275734][T19522] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5873: bg 0: block 361: padding at end of block bitmap is not set [ 265.290815][T19522] EXT4-fs (loop0): Remounting filesystem read-only [ 265.297640][T19522] EXT4-fs (loop0): 1 truncate cleaned up [ 265.305658][T19522] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 265.670535][T19560] batadv0: entered promiscuous mode [ 265.681457][T19560] bond0: (slave vlan0): Enslaving as an active interface with an up link [ 265.746845][T19564] batadv_slave_1: entered promiscuous mode [ 265.753438][T19563] batadv_slave_1: left promiscuous mode [ 265.773640][ T5596] kernel write not supported for file bpf-prog (pid: 5596 comm: kworker/1:5) [ 265.848948][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 265.932567][T19570] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 266.111104][T19589] batadv_slave_1: entered promiscuous mode [ 266.125020][T19588] batadv_slave_1: left promiscuous mode [ 266.228708][T19599] loop8: detected capacity change from 0 to 4096 [ 266.335032][T19607] bridge_slave_0: invalid flags given to default FDB implementation [ 266.363572][T19599] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 266.582240][T19616] loop0: detected capacity change from 0 to 512 [ 266.619670][T19616] EXT4-fs: inline encryption not supported [ 266.662251][T19616] EXT4-fs (loop0): 1 orphan inode deleted [ 266.669920][T19616] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 266.682958][ T4135] EXT4-fs error (device loop0): ext4_release_dquot:7022: comm kworker/u8:11: Failed to release dquot type 1 [ 266.684333][T19616] ext4 filesystem being mounted at /830/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 266.758648][ T9469] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.808327][T19641] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5927'. [ 266.869755][T19637] can0: slcan on ttyS3. [ 266.882547][T19641] 8021q: adding VLAN 0 to HW filter on device bond3 [ 266.934118][T19636] can0 (unregistered): slcan off ttyS3. [ 266.940254][T11149] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.009694][T19653] batadv0: entered promiscuous mode [ 267.025890][T19653] bond0: (slave vlan0): Enslaving as an active interface with an up link [ 267.389471][T19676] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5937'. [ 267.405080][T19676] 8021q: adding VLAN 0 to HW filter on device bond4 [ 267.420059][T19676] 8021q: adding VLAN 0 to HW filter on device bond4 [ 267.428212][T19676] bond4: (slave gre2): The slave device specified does not support setting the MAC address [ 267.440029][T19676] bond4: (slave gre2): Error -95 calling set_mac_address [ 267.684598][T19690] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5942'. [ 267.748731][T19693] batadv0: entered promiscuous mode [ 267.756030][T19693] bond0: (slave vlan2): Enslaving as an active interface with an up link [ 267.916811][T19702] netlink: 'syz.9.5947': attribute type 8 has an invalid length. [ 267.924737][T19702] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5947'. [ 267.995581][T19702] bond0: entered promiscuous mode [ 268.000750][T19702] bond_slave_0: entered promiscuous mode [ 268.006517][T19702] bond_slave_1: entered promiscuous mode [ 268.034906][T19702] gretap0: entered promiscuous mode [ 268.048848][T19702] bond0: left promiscuous mode [ 268.053723][T19702] bond_slave_0: left promiscuous mode [ 268.059230][T19702] bond_slave_1: left promiscuous mode [ 268.077644][T19702] gretap0: left promiscuous mode [ 268.122525][T19707] loop1: detected capacity change from 0 to 4096 [ 268.141386][T19707] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 268.447411][ T3309] ================================================================== [ 268.455641][ T3309] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 268.463042][ T3309] [ 268.465388][ T3309] read-write to 0xffff88811ab29d90 of 8 bytes by task 3329 on cpu 0: [ 268.473505][ T3309] __xa_clear_mark+0xf5/0x1e0 [ 268.478202][ T3309] __folio_end_writeback+0xf4/0x360 [ 268.483428][ T3309] folio_end_writeback_no_dropbehind+0x6d/0x1d0 [ 268.489695][ T3309] folio_end_writeback+0x1c/0x70 [ 268.494642][ T3309] ext4_finish_bio+0x459/0x8b0 [ 268.499417][ T3309] ext4_release_io_end+0x9f/0x1f0 [ 268.504452][ T3309] ext4_end_io_end+0x18d/0x240 [ 268.509222][ T3309] ext4_end_io_rsv_work+0x15b/0x1f0 [ 268.514429][ T3309] process_scheduled_works+0x4cd/0x9d0 [ 268.519895][ T3309] worker_thread+0x6bc/0x8b0 [ 268.524489][ T3309] kthread+0x488/0x510 [ 268.528573][ T3309] ret_from_fork+0x148/0x280 [ 268.533189][ T3309] ret_from_fork_asm+0x1a/0x30 [ 268.537959][ T3309] [ 268.540295][ T3309] read to 0xffff88811ab29d90 of 8 bytes by task 3309 on cpu 1: [ 268.547837][ T3309] xas_find_marked+0x213/0x620 [ 268.552618][ T3309] filemap_get_folios_tag+0xfa/0x510 [ 268.557908][ T3309] filemap_fdatawait_keep_errors+0x6c/0x190 [ 268.563810][ T3309] sync_inodes_sb+0x40e/0x4c0 [ 268.568499][ T3309] sync_filesystem+0x102/0x190 [ 268.573283][ T3309] generic_shutdown_super+0x44/0x210 [ 268.578604][ T3309] kill_block_super+0x2a/0x70 [ 268.583289][ T3309] ext4_kill_sb+0x42/0x80 [ 268.587658][ T3309] deactivate_locked_super+0x75/0x1c0 [ 268.593069][ T3309] deactivate_super+0x97/0xa0 [ 268.597767][ T3309] cleanup_mnt+0x2bb/0x330 [ 268.602225][ T3309] __cleanup_mnt+0x19/0x20 [ 268.606693][ T3309] task_work_run+0x130/0x1a0 [ 268.611311][ T3309] exit_to_user_mode_loop+0x1f7/0x6f0 [ 268.616828][ T3309] do_syscall_64+0x1d3/0x2a0 [ 268.621462][ T3309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.627399][ T3309] [ 268.629726][ T3309] value changed: 0xfffffff800000000 -> 0xfffffe0000000000 [ 268.636860][ T3309] [ 268.639189][ T3309] Reported by Kernel Concurrency Sanitizer on: [ 268.645354][ T3309] CPU: 1 UID: 0 PID: 3309 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) [ 268.655258][ T3309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 268.665323][ T3309] ================================================================== [ 268.686500][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.