last executing test programs: 1.104199728s ago: executing program 2 (id=5178): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000400000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) socket$packet(0x11, 0x2, 0x300) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000847fff)='X', 0xfee4, 0x60, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}}, 0x1c) 1.103553918s ago: executing program 2 (id=5188): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200010, &(0x7f0000000080), 0xfe, 0x55d, &(0x7f0000000980)="$eJzs3d9rW1UcAPDvTX/sp66DMdQHKezByVy6tv6Y4MN8FB0O9H2G9q6Mpsto0rHWgduDe9mLDEHEgfgH+O7j8B/wrxjoYMgo+uBL5aY3XbYmbZZlSzSfD9ztnPuj55yce07OyUm4AQytyeyfQsSrEfFNEnGo6dho5AcnN89bf3htLtuS2Nj47M8kknxf4/wk//9AHnklIn79OuJEYXu61dW1xVK5nC7n8ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dnZX3z3N/ff3r3o9O3jq1/9/P9w7eTOBMH82PN5XgG15sjkzGZvyZjceaJE6d7kNggSfqdAboykrfzscj6gEMxkrd64P/vq4jYAIZUov3DkGqMAxpz+x7Ng/8zHny4OQHaXv7Rzc9GYm99brR/PXlsZpTNdyd6kH6Wxi9/3LmdbdG7zyEAdnX9RkScGh3d3v8lef/XvVMdnPNkGvo/eHHuZuOft1qNfwpb459oMf450KLtdmP39l+43+KypFefUmfjvw9ajn+3Fq0mRvLYS/Ux31hy4WI5zfq2lyPieIztyeI7reecXr+30e5Y8/gv27L0G2PBPB/3R/c8fs18qVZ6ljI3e3Aj4rWW499kq/6TFvWfvR7nOkzjaHrn9XbHdi//87XxU8QbLev/0YpWsvP65FT9fphq3BXb/XXz6G/t0u93+bP6379z+SeS5vXa6tOn8ePef9J2x7q9/8eTz+vh8Xzf1VKttjwdMZ58sn3/zKNrG/HG+Vn5jx/buf9rdf/vi4gvOiz/zSM32546CPU//1T1//SBex9/+UO79Dur/7froeP5nk76v04z+CyvHQAAAAAAAAyaQkQcjKRQ3AoXCsXi5vc7jsT+QrlSrZ24UFm5NB/138pOxFihsdJ9qOn7ENP592Eb8Zkn4rMRcTgivh3ZV48X5yrl+X4XHgAAAAAAAAAAAAAAAAAAAAbEgTa//8/8PtLykvEXm0PgufLIbxheu7b/XjzpCRhI3v9heHXV/vf1Ph/Ai+f9H4bUWL8zAPST938YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9de7s2WzbWH94bS6Lz19ZXVmsXDk5n1YXi0src8W5yvLl4kKlslBOi3OVpd3+XrlSuTw9EytXp2pptTZVXV07v1RZuVQ7f3GptJCeTz1tCAAAAAAAAAAAAAAAAAAAALarrq4tlsrldFlAoKvA6GBkQ6ApcKsHrbvPHRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPk3AAD//0unNek=") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x28011, r0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x0) 967.03673ms ago: executing program 1 (id=5180): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f00000001c0)=[{0x6}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0) capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_RESIZEX(r0, 0x4b46, 0x0) 964.32221ms ago: executing program 2 (id=5181): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0) 938.346773ms ago: executing program 2 (id=5184): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000000)={0x1d, r1}, 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000140)=[{{}, {0x0, 0x0, 0x1, 0x1}}], 0x8) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 893.871167ms ago: executing program 2 (id=5185): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) fcntl$setpipe(r2, 0x407, 0x0) write$binfmt_elf64(r1, 0x0, 0x0) 804.328085ms ago: executing program 2 (id=5195): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) io_setup(0x800, &(0x7f0000000040)=0x0) io_getevents(r1, 0x6, 0x6, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}], 0x0) io_getevents(r1, 0x1, 0x4c23a064f8efc354, &(0x7f0000000000), 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f0000002e80)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) 583.472745ms ago: executing program 4 (id=5207): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000400000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') preadv(r1, 0x0, 0x0, 0x4f, 0x200000) 578.891516ms ago: executing program 4 (id=5208): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x68, r2, 0x909, 0x0, 0x0, {{}, {0x0, 0x4108}, {0x4c, 0x18, {0x60, @link='broadcast-link\x00'}}}}, 0x68}}, 0x0) 564.998297ms ago: executing program 4 (id=5209): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x200000, 0x0, &(0x7f0000a00000/0x600000)=nil) r0 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000040)=[{}], 0xb3c, 0xe4, 0x0, 0x0, 0x0, 0x2}) 549.707929ms ago: executing program 4 (id=5210): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x20}) socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89a2, &(0x7f0000000080)) 468.230546ms ago: executing program 3 (id=5211): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000095c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, 0x0, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c80)={0x20, r2, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}]}]}, 0x20}}, 0x0) 468.069656ms ago: executing program 3 (id=5212): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x99, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000002010104005600000000000000000000060012400000000008001a"], 0x24}}, 0x20004010) 467.859506ms ago: executing program 4 (id=5213): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) 460.336007ms ago: executing program 3 (id=5215): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001400)=@newtaction={0x488, 0x30, 0xffff, 0x0, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x3, 0x6, 0x1, 0x0, 0x12a, 0x5, 0x1, 0x0, 0x2, 0xd, 0x3, 0x101, 0xa, 0x6, 0xb0, 0x7, 0x4, 0xa26, 0x200, 0x1, 0x6, 0xfffffff8, 0x50403450, 0xffffffff, 0x9, 0x22, 0x948, 0xe84f, 0x80, 0x3301, 0xff, 0x10001, 0xfffffffc, 0x7fff, 0xb, 0x4, 0x9, 0x0, 0xfffffffe, 0xfffffffc, 0x2, 0x5, 0x5, 0x3, 0x3, 0x5, 0x5, 0x7, 0xfffffff8, 0x3, 0x2, 0xfffff2c0, 0xe, 0x0, 0x10001, 0xfffffffc, 0x7, 0xf, 0x7fffffff, 0x80, 0x0, 0x4, 0x2, 0x1, 0x0, 0x7d2f, 0x400, 0x5, 0x3, 0x1, 0x7, 0x6, 0x3, 0x10001, 0x5, 0xffff, 0x81, 0xfff, 0x9, 0x7fffffff, 0x4, 0x6, 0xa1, 0xb3, 0x1101, 0x7fff, 0x204, 0x6, 0x6, 0xa, 0x2, 0xb, 0x1c83, 0x4, 0x5, 0x4c4, 0xfffffe20, 0x7ff, 0xcee, 0x9, 0xa3, 0x7, 0x2, 0xca, 0x2, 0x10000, 0x7, 0x24a3, 0x2, 0x7, 0x2, 0x6, 0x0, 0x3, 0x2, 0x6, 0x800, 0xffff, 0x6, 0x5, 0x7, 0xf, 0x200000, 0x42d, 0x2, 0x3, 0x10, 0x7, 0xfffeffff, 0x1, 0x2, 0x4, 0x9, 0x6, 0x51c5a53a, 0x8, 0x1, 0x1000, 0x4, 0x6, 0x7, 0x6, 0x5, 0xffff0000, 0x0, 0x4, 0xe7, 0x8, 0xdb, 0x8, 0xfffffff9, 0x8, 0x0, 0x7, 0x6, 0x9, 0x4, 0x4, 0xff, 0x7, 0x5, 0x200, 0x6, 0x8, 0xe298, 0x0, 0x2, 0x1, 0x5, 0xfffffffa, 0x6, 0xe9, 0x4, 0x7, 0x76ed7dd, 0x7, 0x24, 0x2, 0x7fff, 0x80e, 0x5, 0x4, 0xfffffff5, 0x0, 0x0, 0x9f18, 0x776, 0xfffffffe, 0x0, 0x3, 0x10001, 0x0, 0x8000, 0xb, 0x7, 0xf, 0x8, 0x7, 0x9, 0x2, 0x9, 0x3, 0xfffffff5, 0xe2d00000, 0x1, 0x2, 0x8, 0x50000, 0x2, 0x83, 0x4, 0x2, 0x7, 0x9, 0x401, 0x1ff, 0x2, 0x8, 0x320, 0x8, 0x1, 0x2, 0x4, 0x0, 0x1, 0x8, 0x5151, 0x4, 0x5, 0x8001, 0x6, 0x7, 0x101, 0x5, 0x9, 0x45, 0x5, 0x5, 0x1ff, 0x2bd6, 0x1, 0x7, 0x40000000, 0x9, 0x2, 0x4, 0x7, 0x1, 0x1, 0x6, 0x1, 0x4f9d, 0x101, 0x800, 0x9b2, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xae, 0x10000000, 0x0, 0x100, 0x7, {0x7, 0x0, 0x2, 0x8, 0xc4fe, 0xfb3}, {0x1, 0x0, 0x5, 0x0, 0xc9}, 0x2, 0xff, 0x2}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x488}}, 0x0) 454.444328ms ago: executing program 4 (id=5216): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="24000000180013010000e9000000000002000000000f00080000000008001e0007"], 0x24}}, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x60, 0x2, 0x1, 0x40, 0x10, 0xaf, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x9, 0x24, 0x6, 0x0, 0x1, "bf9bc165"}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0xffff7fff, 0x6, 0x4773, 0x79}, {0x6, 0x24, 0x1a, 0x0, 0x31}}, {{0x9, 0x5, 0x81, 0x3, 0x8, 0xfa, 0x51, 0x9}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x80, 0x0, 0x3}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0xf, 0x5, 0x4}}}}}}}]}}, &(0x7f0000000580)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x310, 0x3, 0xe4, 0x6, 0x10, 0x7}, 0xf, &(0x7f0000000180)={0x5, 0xf, 0xf, 0x1, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x2, 0xab, 0x1a, 0x7}]}}) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) 405.648162ms ago: executing program 3 (id=5218): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001640)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x9}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x9, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {0x2000000}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffa}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x8}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x7fffffff}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) 405.452232ms ago: executing program 0 (id=5219): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800"/13, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x2005000, 0x0, 0x0, 0x0, 0x0, 0x0) 405.231862ms ago: executing program 3 (id=5220): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1000, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f0000000000)={0x2, 0x0, @private}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000100)=[@ip_retopts={{0x10}}], 0x10}, 0x0) 405.117312ms ago: executing program 3 (id=5221): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x45b, 0x0, 0x0) 405.035272ms ago: executing program 0 (id=5222): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) openat$selinux_commit_pending_bools(0xffffffffffffff9c, 0x0, 0x1, 0x0) bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) getegid() 352.299747ms ago: executing program 0 (id=5223): r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x4052, r0, 0x0) mlock2(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) iopl(0x3) mlock2(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x1) 352.122467ms ago: executing program 0 (id=5224): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000083850000002d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000090000003c0003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x50}}, 0x0) 352.017197ms ago: executing program 0 (id=5225): r0 = eventfd2(0x0, 0x0) write$eventfd(r0, &(0x7f0000000000)=0xfffffffffffffffe, 0x8) r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) mount$9p_fd(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) read$eventfd(r0, &(0x7f0000000f40), 0x8) 351.892037ms ago: executing program 0 (id=5226): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000440)={0x2, 0x3}, 0x8) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) close(r0) 122.456848ms ago: executing program 1 (id=5227): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x6, 0x8, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000400), &(0x7f0000000340)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0xfffffffffffffd3e, 0x0, 0x0) 109.424759ms ago: executing program 1 (id=5228): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @link_local, @void, {@ipv4={0x6000, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @broadcast}, @timestamp_reply={0x11}}}}}, 0x0) 96.187941ms ago: executing program 1 (id=5229): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 221.25µs ago: executing program 1 (id=5230): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0xa, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x301, 0x44, 0xe0, 0x685, 0x0}) 0s ago: executing program 1 (id=5231): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, 0x0, 0x0) poll(&(0x7f0000000100)=[{r0}], 0x1, 0x9d) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) kernel console output (not intermixed with test programs): id=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.0.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 58.590034][ T29] audit: type=1326 audit(1861303831.276:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.0.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 58.613731][ T29] audit: type=1326 audit(1861303831.276:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.0.1279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 58.638903][ T29] audit: type=1326 audit(1861303831.326:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6254 comm="syz.3.1285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 58.662446][ T29] audit: type=1326 audit(1861303831.326:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6254 comm="syz.3.1285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 58.685997][ T29] audit: type=1326 audit(1861303831.326:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6254 comm="syz.3.1285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 58.709434][ T29] audit: type=1326 audit(1861303831.326:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6254 comm="syz.3.1285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 58.798158][ T6267] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1288'. [ 58.819534][ T6273] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1293'. [ 58.893049][ T6287] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1310'. [ 58.931186][ T6296] batadv0: entered promiscuous mode [ 58.940431][ T6296] batadv_slave_0: entered promiscuous mode [ 58.940950][ T6299] netlink: 'syz.3.1306': attribute type 1 has an invalid length. [ 58.946337][ T6296] batadv_slave_0: left promiscuous mode [ 58.959801][ T6296] batadv0: left promiscuous mode [ 59.013567][ T6309] netlink: 'syz.1.1321': attribute type 1 has an invalid length. [ 59.080853][ T6321] netlink: 'syz.0.1316': attribute type 2 has an invalid length. [ 59.088691][ T6321] netlink: 'syz.0.1316': attribute type 2 has an invalid length. [ 59.194794][ T6346] batadv0: entered promiscuous mode [ 59.204855][ T6346] batadv_slave_0: entered promiscuous mode [ 59.210895][ T6346] batadv_slave_0: left promiscuous mode [ 59.232907][ T6346] batadv0: left promiscuous mode [ 59.244004][ T6355] netlink: 272 bytes leftover after parsing attributes in process `syz.3.1334'. [ 59.283611][ T6366] netlink: 'syz.3.1341': attribute type 2 has an invalid length. [ 59.291431][ T6366] netlink: 'syz.3.1341': attribute type 2 has an invalid length. [ 61.258118][ T6494] netlink: 272 bytes leftover after parsing attributes in process `syz.2.1398'. [ 61.576368][ T6539] netlink: 272 bytes leftover after parsing attributes in process `syz.4.1419'. [ 62.084144][ T6591] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO [ 62.452690][ T6626] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO [ 62.580050][ T6638] qrtr: Invalid version 164 [ 62.646248][ T6644] qrtr: Invalid version 164 [ 63.847646][ T29] kauditd_printk_skb: 73 callbacks suppressed [ 63.847664][ T29] audit: type=1326 audit(1861303836.546:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6682 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 63.892415][ T29] audit: type=1326 audit(1861303836.546:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6682 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 63.915917][ T29] audit: type=1326 audit(1861303836.546:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6682 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 63.939757][ T29] audit: type=1326 audit(1861303836.546:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6682 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 63.963373][ T29] audit: type=1326 audit(1861303836.546:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6682 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 63.986985][ T29] audit: type=1326 audit(1861303836.546:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6682 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 64.010409][ T29] audit: type=1326 audit(1861303836.546:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6682 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 64.033963][ T29] audit: type=1326 audit(1861303836.546:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6682 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 64.057568][ T29] audit: type=1326 audit(1861303836.576:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6682 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 64.081089][ T29] audit: type=1326 audit(1861303836.576:1293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6682 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=148 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 64.225432][ T6709] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1499'. [ 64.276713][ T6717] hub 9-0:1.0: USB hub found [ 64.285891][ T6717] hub 9-0:1.0: 8 ports detected [ 64.431573][ T6755] netlink: 14568 bytes leftover after parsing attributes in process `syz.1.1521'. [ 64.488071][ T6766] bpf_get_probe_write_proto: 5 callbacks suppressed [ 64.488090][ T6766] syz.2.1527[6766] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.495248][ T6766] syz.2.1527[6766] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.507513][ T6766] syz.2.1527[6766] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.573733][ T6783] syz.3.1545[6783] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.585410][ T6783] syz.3.1545[6783] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.597108][ T6783] syz.3.1545[6783] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.656972][ T6792] netlink: 'syz.1.1538': attribute type 3 has an invalid length. [ 64.692387][ T6797] netlink: 14568 bytes leftover after parsing attributes in process `syz.3.1540'. [ 64.713870][ T6801] syz.1.1544[6801] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.713994][ T6801] syz.1.1544[6801] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.725944][ T6801] syz.1.1544[6801] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.779882][ T6811] syz.2.1549[6811] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.906213][ T6827] netlink: 'syz.4.1556': attribute type 3 has an invalid length. [ 64.979636][ T6841] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1562'. [ 64.988746][ T6841] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1562'. [ 65.155055][ T6870] block device autoloading is deprecated and will be removed. [ 65.212081][ T6881] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1580'. [ 65.285418][ T6890] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1599'. [ 65.436919][ T6919] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1601'. [ 65.445955][ T6919] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1601'. [ 65.462254][ T6921] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1603'. [ 65.484510][ T6924] hub 9-0:1.0: USB hub found [ 65.492000][ T6924] hub 9-0:1.0: 8 ports detected [ 66.767537][ T7015] hub 9-0:1.0: USB hub found [ 66.772523][ T7015] hub 9-0:1.0: 8 ports detected [ 68.417224][ T7104] ebtables: ebtables: counters copy to user failed while replacing table [ 68.527634][ T7136] loop3: detected capacity change from 0 to 128 [ 68.545873][ T7136] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 68.563489][ T7136] ext4 filesystem being mounted at /330/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 68.585608][ T3262] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 68.652736][ T7157] macvtap1: entered promiscuous mode [ 68.658193][ T7157] vlan1: entered promiscuous mode [ 68.663413][ T7157] macvtap1: entered allmulticast mode [ 68.668826][ T7157] vlan1: entered allmulticast mode [ 68.673968][ T7157] veth0_vlan: entered allmulticast mode [ 68.683722][ T7157] vlan1: left allmulticast mode [ 68.688696][ T7157] veth0_vlan: left allmulticast mode [ 68.694109][ T7157] vlan1: left promiscuous mode [ 68.764521][ T7168] ebtables: ebtables: counters copy to user failed while replacing table [ 68.990973][ T29] kauditd_printk_skb: 127 callbacks suppressed [ 68.990989][ T29] audit: type=1400 audit(1861303841.686:1421): avc: denied { read } for pid=7201 comm="syz.4.1735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 69.050865][ T29] audit: type=1326 audit(1861303841.746:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7210 comm="syz.3.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 69.074500][ T29] audit: type=1326 audit(1861303841.746:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7210 comm="syz.3.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 69.098889][ T29] audit: type=1326 audit(1861303841.746:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7210 comm="syz.3.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 69.122404][ T29] audit: type=1326 audit(1861303841.746:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7210 comm="syz.3.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 69.145823][ T29] audit: type=1326 audit(1861303841.746:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7210 comm="syz.3.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 69.169263][ T29] audit: type=1326 audit(1861303841.746:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7210 comm="syz.3.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 69.192775][ T29] audit: type=1326 audit(1861303841.796:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7210 comm="syz.3.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 69.216513][ T29] audit: type=1326 audit(1861303841.796:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7210 comm="syz.3.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 69.240045][ T29] audit: type=1326 audit(1861303841.796:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7210 comm="syz.3.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 69.247503][ T7215] __nla_validate_parse: 10 callbacks suppressed [ 69.247523][ T7215] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1742'. [ 69.388290][ T7240] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1748'. [ 69.398850][ T7229] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1748'. [ 69.469392][ T7248] netlink: 6 bytes leftover after parsing attributes in process `syz.1.1757'. [ 70.293989][ T7292] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1768'. [ 70.309515][ T7286] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1768'. [ 71.111639][ T7344] siw: device registration error -23 [ 71.197929][ T7364] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1812'. [ 71.315744][ T7382] siw: device registration error -23 [ 71.479549][ T7407] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1828'. [ 71.526225][ T7417] siw: device registration error -23 [ 72.087887][ T7473] syzkaller1: entered promiscuous mode [ 72.093455][ T7473] syzkaller1: entered allmulticast mode [ 72.106024][ T7472] 9pnet: Could not find request transport: r [ 72.127098][ T7479] block device autoloading is deprecated and will be removed. [ 72.138215][ T7479] syz.4.1860: attempt to access beyond end of device [ 72.138215][ T7479] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 72.224074][ T7493] bpf_get_probe_write_proto: 8 callbacks suppressed [ 72.224094][ T7493] syz.0.1866[7493] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.232877][ T7493] syz.0.1866[7493] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.267888][ T7493] syz.0.1866[7493] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.357289][ T7513] syz.3.1877: attempt to access beyond end of device [ 72.357289][ T7513] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 72.472891][ T7537] syz.4.1889[7537] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.472980][ T7537] syz.4.1889[7537] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.493265][ T7537] syz.4.1889[7537] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.523830][ T7541] lo speed is unknown, defaulting to 1000 [ 72.570524][ T7551] syz.1.1907[7551] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.570688][ T7551] syz.1.1907[7551] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.596201][ T7551] syz.1.1907[7551] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.620240][ T7556] loop0: detected capacity change from 0 to 128 [ 72.664271][ T7556] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 72.686774][ T7556] ext4 filesystem being mounted at /379/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 72.750754][ T3264] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 72.876689][ T7588] Cannot find del_set index 0 as target [ 72.893913][ T7590] netlink: 240 bytes leftover after parsing attributes in process `syz.1.1915'. [ 72.929882][ T7590] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.973885][ T7601] syz.0.1920[7601] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.989051][ T7590] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.022459][ T7603] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1921'. [ 73.061609][ T7607] lo speed is unknown, defaulting to 1000 [ 73.072523][ T7590] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.132348][ T7590] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.175269][ T7590] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.188073][ T7590] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.199806][ T7590] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.211841][ T7590] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.266533][ T7620] Cannot find del_set index 0 as target [ 73.318522][ T7630] netlink: 'syz.2.1933': attribute type 4 has an invalid length. [ 73.466872][ T7650] Cannot find del_set index 0 as target [ 73.584747][ T7665] loop0: detected capacity change from 0 to 1024 [ 73.592404][ T7665] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 73.603877][ T7665] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 73.616990][ T7665] EXT4-fs (loop0): too many log groups per flexible block group [ 73.624703][ T7665] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 73.631661][ T7665] EXT4-fs (loop0): mount failed [ 73.761816][ T7678] netlink: 'syz.0.1965': attribute type 4 has an invalid length. [ 73.975709][ T7709] netlink: 'syz.4.1969': attribute type 4 has an invalid length. [ 74.065431][ T7723] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.077024][ T7719] tun0: tun_chr_ioctl cmd 1074025675 [ 74.082354][ T7719] tun0: persist enabled [ 74.087239][ T7719] tun0: tun_chr_ioctl cmd 1074025675 [ 74.092795][ T7719] tun0: persist disabled [ 74.098625][ T29] kauditd_printk_skb: 133 callbacks suppressed [ 74.098641][ T29] audit: type=1326 audit(1861303846.796:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7724 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 74.128598][ T29] audit: type=1326 audit(1861303846.796:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7724 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 74.152065][ T29] audit: type=1326 audit(1861303846.796:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7724 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 74.175587][ T29] audit: type=1326 audit(1861303846.796:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7724 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 74.199029][ T29] audit: type=1326 audit(1861303846.796:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7724 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 74.217436][ T7632] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 74.222506][ T29] audit: type=1326 audit(1861303846.796:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7724 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 74.231425][ T7632] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 74.253921][ T29] audit: type=1326 audit(1861303846.796:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7724 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 74.253956][ T29] audit: type=1326 audit(1861303846.796:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7724 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 74.311162][ T29] audit: type=1326 audit(1861303846.846:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7724 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 74.334718][ T29] audit: type=1326 audit(1861303846.846:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7724 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 74.393419][ T7723] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.471820][ T7723] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.525186][ T7753] loop3: detected capacity change from 0 to 512 [ 74.557978][ T7723] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.570010][ T7753] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002] [ 74.578186][ T7753] System zones: 1-12 [ 74.582525][ T7752] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22 [ 74.590727][ T7752] netdevsim netdevsim4: Direct firmware load for . failed with error -22 [ 74.612923][ T7753] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.1992: Directory hole found for htree index block 0 [ 74.643652][ T7723] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.646878][ T7753] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 74.665383][ T7723] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.691056][ T7753] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.1992: Directory hole found for htree index block 0 [ 74.701415][ T7723] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.712557][ T7753] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 74.723430][ T7723] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.728761][ T7753] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.762433][ T7753] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 74.829149][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.936970][ T7792] __nla_validate_parse: 6 callbacks suppressed [ 74.936989][ T7792] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2010'. [ 74.977253][ T7796] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 75.110398][ T7818] atomic_op ffff888123ae9128 conn xmit_atomic 0000000000000000 [ 75.136264][ T7819] Cannot find add_set index 0 as target [ 75.346357][ T7854] loop0: detected capacity change from 0 to 512 [ 75.361124][ T7854] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.2038: corrupted in-inode xattr: invalid ea_ino [ 75.378253][ T7854] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.2038: couldn't read orphan inode 15 (err -117) [ 75.397535][ T7854] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.442901][ T7854] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.2038: invalid indirect mapped block 234881024 (level 0) [ 75.472098][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.721473][ T7909] program syz.3.2064 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 75.766754][ T7918] program syz.3.2067 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 75.769440][ T7907] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 75.961056][ T7948] vlan2: entered promiscuous mode [ 75.966248][ T7948] gretap0: entered promiscuous mode [ 75.971634][ T7948] vlan2: entered allmulticast mode [ 75.976781][ T7948] gretap0: entered allmulticast mode [ 76.082532][ T7954] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2083'. [ 76.178664][ T7970] SELinux: Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped). [ 76.307924][ T7990] loop0: detected capacity change from 0 to 256 [ 76.322922][ T7990] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 0, start 00000001) [ 76.395828][ T8004] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 76.460218][ T8015] IPVS: Error joining to the multicast group [ 77.635319][ T8054] pim6reg1: entered promiscuous mode [ 77.640817][ T8054] pim6reg1: entered allmulticast mode [ 77.695113][ T8067] netlink: 16402 bytes leftover after parsing attributes in process `+}[@'. [ 77.792887][ T8081] Option 'kÆvÏ4ì…ð' to dns_resolver key: bad/missing value [ 77.853129][ T8093] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2147'. [ 77.915478][ T8102] loop3: detected capacity change from 0 to 1024 [ 77.925393][ T8102] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 77.952829][ T8102] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.968253][ T8112] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 77.986545][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.012533][ T8121] loop3: detected capacity change from 0 to 164 [ 78.054902][ T8128] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 78.054902][ T8128] The task syz.4.2159 (8128) triggered the difference, watch for misbehavior. [ 78.101557][ T8136] lo speed is unknown, defaulting to 1000 [ 78.576144][ T8146] netlink: 'syz.2.2169': attribute type 22 has an invalid length. [ 78.749159][ T8172] hub 9-0:1.0: USB hub found [ 78.753857][ T8172] hub 9-0:1.0: 8 ports detected [ 78.798807][ T8178] loop3: detected capacity change from 0 to 512 [ 78.807271][ T8178] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.2184: corrupted in-inode xattr: invalid ea_ino [ 78.826297][ T8178] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.2184: couldn't read orphan inode 15 (err -117) [ 78.846809][ T8178] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.875464][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.928298][ T8194] loop3: detected capacity change from 0 to 256 [ 78.934934][ T8194] vfat: Bad value for 'fmask' [ 79.108738][ T29] kauditd_printk_skb: 102 callbacks suppressed [ 79.108752][ T29] audit: type=1326 audit(1861303851.806:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8230 comm="syz.4.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f058587def9 code=0x7ffc0000 [ 79.138674][ T29] audit: type=1326 audit(1861303851.806:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8230 comm="syz.4.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f058587def9 code=0x7ffc0000 [ 79.162250][ T29] audit: type=1326 audit(1861303851.806:1678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8230 comm="syz.4.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f058587def9 code=0x7ffc0000 [ 79.185742][ T29] audit: type=1326 audit(1861303851.806:1679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8230 comm="syz.4.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f058587def9 code=0x7ffc0000 [ 79.209227][ T29] audit: type=1326 audit(1861303851.806:1680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8230 comm="syz.4.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f058587def9 code=0x7ffc0000 [ 79.232727][ T29] audit: type=1326 audit(1861303851.806:1681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8230 comm="syz.4.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f058587def9 code=0x7ffc0000 [ 79.257656][ T29] audit: type=1326 audit(1861303851.836:1682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8228 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 79.280893][ T29] audit: type=1326 audit(1861303851.836:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8228 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 79.303890][ T29] audit: type=1326 audit(1861303851.926:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8228 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 79.327075][ T29] audit: type=1326 audit(1861303851.926:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8228 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d763def9 code=0x7ffc0000 [ 79.732095][ T8293] netlink: 'syz.0.2239': attribute type 4 has an invalid length. [ 80.094142][ T8352] netlink: 3656 bytes leftover after parsing attributes in process `syz.4.2267'. [ 80.103516][ T8352] netlink: 3656 bytes leftover after parsing attributes in process `syz.4.2267'. [ 80.187583][ T8368] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2275'. [ 80.203742][ T8372] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2276'. [ 80.213046][ T8372] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2276'. [ 80.321339][ T8388] bpf_get_probe_write_proto: 5 callbacks suppressed [ 80.321355][ T8388] syz.4.2285[8388] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 80.328774][ T8388] syz.4.2285[8388] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 80.340418][ T8388] syz.4.2285[8388] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 80.460832][ T8407] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2293'. [ 80.481464][ T8407] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2293'. [ 80.557705][ T8416] sctp: [Deprecated]: syz.2.2297 (pid 8416) Use of int in maxseg socket option. [ 80.557705][ T8416] Use struct sctp_assoc_value instead [ 80.726349][ T8438] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2307'. [ 80.783799][ T8446] loop3: detected capacity change from 0 to 512 [ 80.816010][ T8446] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.828865][ T8446] ext4 filesystem being mounted at /457/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.880265][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.990407][ T8400] syz.1.2291 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 81.001620][ T8400] CPU: 0 UID: 0 PID: 8400 Comm: syz.1.2291 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0 [ 81.012016][ T8400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 81.022094][ T8400] Call Trace: [ 81.025394][ T8400] [ 81.028459][ T8400] dump_stack_lvl+0xf2/0x150 [ 81.033115][ T8400] dump_stack+0x15/0x20 [ 81.037296][ T8400] dump_header+0x83/0x2d0 [ 81.041680][ T8400] oom_kill_process+0x341/0x4c0 [ 81.046559][ T8400] out_of_memory+0x9af/0xbe0 [ 81.051274][ T8400] ? css_next_descendant_pre+0x11c/0x140 [ 81.056931][ T8400] mem_cgroup_out_of_memory+0x13e/0x190 [ 81.062608][ T8400] try_charge_memcg+0x51b/0x810 [ 81.067584][ T8400] charge_memcg+0x50/0xc0 [ 81.071950][ T8400] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 81.077961][ T8400] __read_swap_cache_async+0x236/0x480 [ 81.083474][ T8400] swap_cluster_readahead+0x276/0x3f0 [ 81.088872][ T8400] swapin_readahead+0xe4/0x6f0 [ 81.093731][ T8400] ? __filemap_get_folio+0x420/0x5b0 [ 81.099078][ T8400] ? __lruvec_stat_mod_folio+0xdb/0x120 [ 81.104650][ T8400] ? swap_cache_get_folio+0x77/0x210 [ 81.109967][ T8400] do_swap_page+0x2af/0x23e0 [ 81.114637][ T8400] ? __rcu_read_lock+0x36/0x50 [ 81.119438][ T8400] ? pte_offset_map_nolock+0x124/0x1d0 [ 81.125002][ T8400] handle_mm_fault+0x8c5/0x2a80 [ 81.129954][ T8400] exc_page_fault+0x3b9/0x650 [ 81.134642][ T8400] asm_exc_page_fault+0x26/0x30 [ 81.139508][ T8400] RIP: 0033:0x7f4fe64219c8 [ 81.144011][ T8400] Code: 31 d2 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d d8 60 2e 00 00 0f 8e 99 fd ff ff e8 21 e5 fe ff 49 39 c4 72 64 0f 1f 40 00 <69> 3d c6 3c e1 00 e8 03 00 00 48 8d 1d a7 45 2e 00 e8 72 c4 12 00 [ 81.163707][ T8400] RSP: 002b:00007ffeb98cae40 EFLAGS: 00010216 [ 81.169782][ T8400] RAX: 0000000000013c29 RBX: 00007f4fe6707a80 RCX: 0000000000013880 [ 81.177937][ T8400] RDX: 00000000000003a9 RSI: 00007ffeb98cae20 RDI: 0000000000000001 [ 81.185934][ T8400] RBP: 00007f4fe6707a80 R08: 0000000037e3889e R09: 7fffffffffffffff [ 81.193998][ T8400] R10: 00007f4fe72430b8 R11: 00007f4fe7243080 R12: 0000000000013d54 [ 81.202009][ T8400] R13: 00007ffeb98caf40 R14: 0000000000000032 R15: ffffffffffffffff [ 81.210019][ T8400] [ 81.213313][ T8400] memory: usage 307200kB, limit 307200kB, failcnt 2778 [ 81.220525][ T8400] memory+swap: usage 301856kB, limit 9007199254740988kB, failcnt 0 [ 81.228607][ T8400] kmem: usage 285612kB, limit 9007199254740988kB, failcnt 0 [ 81.236288][ T8400] Memory cgroup stats for /syz1: [ 81.245776][ T8400] cache 102400 [ 81.254562][ T8400] rss 0 [ 81.257546][ T8400] shmem 0 [ 81.260645][ T8400] mapped_file 102400 [ 81.264695][ T8400] dirty 102400 [ 81.268269][ T8400] writeback 0 [ 81.271739][ T8400] workingset_refault_anon 8 [ 81.273503][ T8463] netlink: 'syz.3.2318': attribute type 1 has an invalid length. [ 81.276435][ T8400] workingset_refault_file 0 [ 81.289118][ T8400] swap 385024 [ 81.292554][ T8400] swapcached 0 [ 81.296165][ T8400] pgpgin 40921 [ 81.299694][ T8400] pgpgout 40896 [ 81.303334][ T8400] pgfault 78985 [ 81.307019][ T8400] pgmajfault 6 [ 81.310538][ T8400] inactive_anon 0 [ 81.314405][ T8400] active_anon 0 [ 81.318040][ T8400] inactive_file 0 [ 81.321839][ T8400] active_file 102400 [ 81.326002][ T8400] unevictable 0 [ 81.329606][ T8400] hierarchical_memory_limit 314572800 [ 81.335133][ T8400] hierarchical_memsw_limit 9223372036854771712 [ 81.341499][ T8400] total_cache 102400 [ 81.345549][ T8400] total_rss 0 [ 81.349039][ T8400] total_shmem 0 [ 81.352650][ T8400] total_mapped_file 102400 [ 81.357250][ T8400] total_dirty 102400 [ 81.361289][ T8400] total_writeback 0 [ 81.365262][ T8400] total_workingset_refault_anon 8 [ 81.370498][ T8400] total_workingset_refault_file 0 [ 81.375778][ T8400] total_swap 385024 [ 81.379732][ T8400] total_swapcached 0 [ 81.383814][ T8400] total_pgpgin 40921 [ 81.387887][ T8400] total_pgpgout 40896 [ 81.392054][ T8400] total_pgfault 78985 [ 81.396225][ T8400] total_pgmajfault 6 [ 81.400264][ T8400] total_inactive_anon 0 [ 81.404621][ T8400] total_active_anon 0 [ 81.408827][ T8400] total_inactive_file 0 [ 81.413124][ T8400] total_active_file 102400 [ 81.417743][ T8400] total_unevictable 0 [ 81.422052][ T8400] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2291,pid=8400,uid=0 [ 81.436919][ T8400] Memory cgroup out of memory: Killed process 8400 (syz.1.2291) total-vm:89032kB, anon-rss:612kB, file-rss:16160kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000 [ 81.445209][ T8401] syz.1.2291 (8401) used greatest stack depth: 9024 bytes left [ 81.607686][ T8493] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2332'. [ 81.727356][ T8519] random: crng reseeded on system resumption [ 81.778451][ T8517] loop3: detected capacity change from 0 to 512 [ 81.786297][ T8517] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 81.798072][ T8517] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002] [ 81.806176][ T8517] EXT4-fs (loop3): orphan cleanup on readonly fs [ 81.816762][ T8517] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2344: bg 0: block 361: padding at end of block bitmap is not set [ 81.817202][ T8521] syzkaller1: entered promiscuous mode [ 81.836399][ T8517] EXT4-fs (loop3): Remounting filesystem read-only [ 81.836641][ T8521] syzkaller1: entered allmulticast mode [ 81.843589][ T8517] EXT4-fs (loop3): 1 truncate cleaned up [ 81.854850][ T8517] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 81.873452][ T8517] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 81.881398][ T8517] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 81.908243][ T8517] 9pnet_fd: Insufficient options for proto=fd [ 81.986425][ T8549] syz.0.2359: attempt to access beyond end of device [ 81.986425][ T8549] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 82.000357][ T3340] kernel read not supported for file /newroot/465/file0 (pid: 3340 comm: kworker/1:3) [ 82.160120][ T8587] loop0: detected capacity change from 0 to 164 [ 82.170807][ T8587] syz.0.2371: attempt to access beyond end of device [ 82.170807][ T8587] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 82.184753][ T8587] syz.0.2371: attempt to access beyond end of device [ 82.184753][ T8587] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 82.198720][ T8587] syz.0.2371: attempt to access beyond end of device [ 82.198720][ T8587] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 82.212388][ T8587] syz.0.2371: attempt to access beyond end of device [ 82.212388][ T8587] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 82.226772][ T8587] syz.0.2371: attempt to access beyond end of device [ 82.226772][ T8587] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 82.240717][ T8592] syz.0.2371: attempt to access beyond end of device [ 82.240717][ T8592] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 82.254235][ T8592] syz.0.2371: attempt to access beyond end of device [ 82.254235][ T8592] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 82.268789][ T8592] syz.0.2371: attempt to access beyond end of device [ 82.268789][ T8592] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 82.284645][ T8587] syz.0.2371: attempt to access beyond end of device [ 82.284645][ T8587] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 82.534129][ T8619] netlink: 140 bytes leftover after parsing attributes in process `syz.4.2379'. [ 83.173668][ T8663] loop0: detected capacity change from 0 to 164 [ 83.205572][ T8667] netlink: 'syz.2.2399': attribute type 3 has an invalid length. [ 83.402861][ T8703] IPv6: NLM_F_CREATE should be specified when creating new route [ 83.587079][ T8730] xt_CT: You must specify a L4 protocol and not use inversions on it [ 83.677263][ T8747] wg2: entered promiscuous mode [ 83.682268][ T8747] wg2: entered allmulticast mode [ 83.703119][ T8755] netlink: 'syz.3.2440': attribute type 7 has an invalid length. [ 83.710956][ T8755] netlink: 'syz.3.2440': attribute type 8 has an invalid length. [ 83.721835][ T8755] gretap0: entered promiscuous mode [ 83.731716][ T8755] batadv_slave_1: entered promiscuous mode [ 83.761787][ T8764] loop0: detected capacity change from 0 to 1024 [ 83.769458][ T8764] EXT4-fs: Ignoring removed orlov option [ 83.775263][ T8764] EXT4-fs: Ignoring removed nomblk_io_submit option [ 83.813156][ T8764] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.850696][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.006130][ T8805] loop0: detected capacity change from 0 to 512 [ 84.018287][ T8806] tun0: tun_chr_ioctl cmd 1074025675 [ 84.023683][ T8806] tun0: persist enabled [ 84.030417][ T8806] tun0: tun_chr_ioctl cmd 1074025675 [ 84.033112][ T8805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.035772][ T8806] tun0: persist disabled [ 84.062029][ T8805] ext4 filesystem being mounted at /521/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.123626][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.201205][ T29] kauditd_printk_skb: 336 callbacks suppressed [ 84.201219][ T29] audit: type=1400 audit(1861303856.896:2022): avc: denied { setopt } for pid=8839 comm="syz.4.2479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 84.237871][ T29] audit: type=1400 audit(1861303856.926:2023): avc: denied { shutdown } for pid=8839 comm="syz.4.2479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 84.271596][ T8846] loop0: detected capacity change from 0 to 512 [ 84.287535][ T29] audit: type=1400 audit(1861303856.986:2024): avc: denied { create } for pid=8847 comm="syz.2.2484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 84.318298][ T8846] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002] [ 84.325250][ T29] audit: type=1400 audit(1861303856.986:2025): avc: denied { write } for pid=8847 comm="syz.2.2484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 84.335673][ T8846] System zones: 1-12 [ 84.345548][ T29] audit: type=1400 audit(1861303857.006:2026): avc: denied { mount } for pid=8852 comm="syz.4.2485" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 84.349503][ T8846] [ 84.365847][ T8846] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.2482: Directory hole found for htree index block 0 [ 84.400855][ T8858] Cannot find add_set index 0 as target [ 84.407278][ T8846] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117 [ 84.415601][ T8846] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.2482: Directory hole found for htree index block 0 [ 84.441918][ T8846] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 84.480891][ T8846] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.533231][ T29] audit: type=1326 audit(1861303857.226:2027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8872 comm="syz.4.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f058587def9 code=0x7ffc0000 [ 84.577513][ T8846] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 84.588502][ T29] audit: type=1326 audit(1861303857.256:2028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8872 comm="syz.4.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f058587def9 code=0x7ffc0000 [ 84.612096][ T29] audit: type=1326 audit(1861303857.256:2029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8872 comm="syz.4.2493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f058587def9 code=0x7ffc0000 [ 84.618700][ T8884] syz.2.2499[8884] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.635550][ T29] audit: type=1400 audit(1861303857.256:2030): avc: denied { create } for pid=8845 comm="syz.0.2482" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 84.647082][ T8884] syz.2.2499[8884] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.667703][ T29] audit: type=1400 audit(1861303857.336:2031): avc: denied { mount } for pid=8878 comm="syz.1.2496" name="/" dev="ramfs" ino=22117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 84.675998][ T8884] syz.2.2499[8884] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.706190][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.769613][ T8901] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0' [ 84.837904][ T8907] SELinux: failed to load policy [ 84.911470][ T8927] hub 9-0:1.0: USB hub found [ 84.916779][ T8927] hub 9-0:1.0: 8 ports detected [ 84.947837][ T8935] program syz.0.2519 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 85.005354][ T8944] program syz.0.2535 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 85.069304][ T8955] rdma_op ffff888114dd2580 conn xmit_rdma 0000000000000000 [ 85.157615][ T980] kernel write not supported for file /checkreqprot (pid: 980 comm: kworker/0:2) [ 85.227151][ T8980] __nla_validate_parse: 3 callbacks suppressed [ 85.227164][ T8980] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2542'. [ 85.264623][ T8983] program syz.0.2554 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 85.304581][ T8985] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 85.328306][ T8990] vlan2: entered promiscuous mode [ 85.333459][ T8990] vlan2: entered allmulticast mode [ 85.338813][ T8990] gretap0: entered allmulticast mode [ 85.475889][ T9010] batadv_slave_1: entered promiscuous mode [ 85.492677][ T9009] batadv_slave_1: left promiscuous mode [ 85.527799][ T9015] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2561'. [ 86.751808][ T9114] syz.1.2604[9114] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.751947][ T9114] syz.1.2604[9114] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.765916][ T9114] syz.1.2604[9114] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.904649][ T9142] netlink: 'syz.1.2617': attribute type 22 has an invalid length. [ 86.959884][ T9154] rdma_op ffff888102150180 conn xmit_rdma 0000000000000000 [ 87.088959][ T9176] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2644'. [ 87.179016][ T9189] hub 9-0:1.0: USB hub found [ 87.183924][ T9189] hub 9-0:1.0: 8 ports detected [ 87.313826][ T9218] netlink: 240 bytes leftover after parsing attributes in process `syz.4.2652'. [ 87.326191][ T9218] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.389159][ T9218] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.439599][ T9218] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.459534][ T9233] pim6reg1: entered promiscuous mode [ 87.464858][ T9233] pim6reg1: entered allmulticast mode [ 87.488632][ T9218] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.555248][ T9239] lo speed is unknown, defaulting to 1000 [ 87.575110][ T9218] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.599041][ T9218] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.610631][ T9218] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.622163][ T9218] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.814564][ T9274] syz.4.2680[9274] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.814660][ T9274] syz.4.2680[9274] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.827392][ T9274] syz.4.2680[9274] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.924361][ T9298] loop0: detected capacity change from 0 to 512 [ 87.945450][ T9298] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 87.984553][ T9298] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.999400][ T9298] ext4 filesystem being mounted at /550/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.086740][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.365770][ T9326] loop0: detected capacity change from 0 to 1024 [ 88.372672][ T9326] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 88.383691][ T9326] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 88.394619][ T9326] JBD2: no valid journal superblock found [ 88.400424][ T9326] EXT4-fs (loop0): Could not load journal inode [ 88.436428][ T9332] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2714'. [ 88.650061][ T9346] netlink: 240 bytes leftover after parsing attributes in process `syz.2.2710'. [ 88.663756][ T9346] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.686691][ T9350] syz.0.2722[9350] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.686791][ T9350] syz.0.2722[9350] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.698421][ T9350] syz.0.2722[9350] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.720772][ T9346] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.776058][ T9355] lo speed is unknown, defaulting to 1000 [ 88.784719][ T9346] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.829416][ T9346] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.883335][ T9346] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.894844][ T9346] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.906598][ T9346] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.918048][ T9346] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.961954][ T9370] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2732'. [ 89.043160][ T9379] lo speed is unknown, defaulting to 1000 [ 89.744278][ T29] kauditd_printk_skb: 420 callbacks suppressed [ 89.744305][ T29] audit: type=1400 audit(1861303862.436:2452): avc: denied { create } for pid=9403 comm="syz.0.2735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 89.772819][ T29] audit: type=1400 audit(1861303862.466:2453): avc: denied { connect } for pid=9403 comm="syz.0.2735" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 89.774768][ T9401] netlink: 240 bytes leftover after parsing attributes in process `syz.3.2734'. [ 89.822040][ T29] audit: type=1400 audit(1861303862.486:2454): avc: denied { write } for pid=9403 comm="syz.0.2735" laddr=::1 lport=7 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 89.855413][ T9401] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.927384][ T29] audit: type=1400 audit(1861303862.626:2455): avc: denied { ioctl } for pid=9411 comm="syz.1.2740" path="socket:[23353]" dev="sockfs" ino=23353 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 89.972955][ T9401] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.995853][ T9412] syzkaller1: entered promiscuous mode [ 90.001436][ T9412] syzkaller1: entered allmulticast mode [ 90.009743][ T9419] netlink: 'syz.4.2744': attribute type 1 has an invalid length. [ 90.038947][ T29] audit: type=1400 audit(1861303862.736:2456): avc: denied { read } for pid=9417 comm="syz.0.2754" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 90.062296][ T29] audit: type=1400 audit(1861303862.736:2457): avc: denied { open } for pid=9417 comm="syz.0.2754" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 90.086176][ T29] audit: type=1400 audit(1861303862.736:2458): avc: denied { ioctl } for pid=9417 comm="syz.0.2754" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 90.104207][ T9429] sctp: [Deprecated]: syz.0.2749 (pid 9429) Use of int in maxseg socket option. [ 90.104207][ T9429] Use struct sctp_assoc_value instead [ 90.146297][ T29] audit: type=1400 audit(1861303862.756:2459): avc: denied { unmount } for pid=3721 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 90.166316][ T29] audit: type=1400 audit(1861303862.786:2460): avc: denied { name_connect } for pid=9428 comm="syz.0.2749" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 90.186669][ T29] audit: type=1400 audit(1861303862.786:2461): avc: denied { shutdown } for pid=9428 comm="syz.0.2749" laddr=fe80::a lport=48106 faddr=::ffff:100.1.1.2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 90.217029][ T9401] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.287073][ T9401] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.342380][ T9401] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.354071][ T9401] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.367320][ T9401] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.378702][ T9401] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.410152][ T9454] IPv6: NLM_F_CREATE should be specified when creating new route [ 90.412495][ T9456] loop3: detected capacity change from 0 to 164 [ 90.428508][ T9456] bio_check_eod: 29259 callbacks suppressed [ 90.428531][ T9456] syz.3.2763: attempt to access beyond end of device [ 90.428531][ T9456] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 90.448759][ T9456] syz.3.2763: attempt to access beyond end of device [ 90.448759][ T9456] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 90.462656][ T9456] syz.3.2763: attempt to access beyond end of device [ 90.462656][ T9456] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 90.470149][ T9458] netlink: 'syz.1.2764': attribute type 3 has an invalid length. [ 90.476892][ T9456] syz.3.2763: attempt to access beyond end of device [ 90.476892][ T9456] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 90.498265][ T9456] syz.3.2763: attempt to access beyond end of device [ 90.498265][ T9456] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 90.511828][ T9459] syz.3.2763: attempt to access beyond end of device [ 90.511828][ T9459] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 90.526000][ T9456] syz.3.2763: attempt to access beyond end of device [ 90.526000][ T9456] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 90.539479][ T9459] syz.3.2763: attempt to access beyond end of device [ 90.539479][ T9459] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 90.553161][ T9456] syz.3.2763: attempt to access beyond end of device [ 90.553161][ T9456] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 90.566695][ T9459] syz.3.2763: attempt to access beyond end of device [ 90.566695][ T9459] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 91.119048][ T9468] Cannot find add_set index 0 as target [ 91.431879][ T9493] wg2: entered promiscuous mode [ 91.436943][ T9493] wg2: entered allmulticast mode [ 91.477324][ T9501] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2780'. [ 91.486396][ T9501] netlink: 'syz.1.2780': attribute type 7 has an invalid length. [ 91.494319][ T9501] netlink: 'syz.1.2780': attribute type 8 has an invalid length. [ 91.502323][ T9501] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2780'. [ 91.515103][ T9501] batadv_slave_1: entered promiscuous mode [ 91.522213][ T9501] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 91.529874][ T9501] Cannot create hsr debugfs directory [ 91.647201][ T9522] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2792'. [ 91.956481][ T9551] random: crng reseeded on system resumption [ 92.751946][ T9601] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2824'. [ 92.817982][ T9616] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 93.089335][ T9650] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 93.369778][ T9694] loop3: detected capacity change from 0 to 512 [ 93.376641][ T9694] EXT4-fs: Ignoring removed orlov option [ 93.383479][ T9694] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 93.406642][ T9694] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #16: comm syz.3.2854: iget: bad extended attribute block 32768 [ 93.419716][ T9694] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.2854: couldn't read orphan inode 16 (err -117) [ 93.431892][ T9694] EXT4-fs (loop3): 1 orphan inode deleted [ 93.437960][ T9694] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.454035][ T9694] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 93.477930][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.543731][ T9705] syz.3.2857[9705] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 93.543802][ T9705] syz.3.2857[9705] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 93.555803][ T9705] syz.3.2857[9705] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 93.695399][ T9720] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2876'. [ 93.757255][ T9729] hub 9-0:1.0: USB hub found [ 93.764345][ T9729] hub 9-0:1.0: 8 ports detected [ 93.843231][ T9747] program syz.4.2880 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 93.887800][ T9750] loop3: detected capacity change from 0 to 1024 [ 93.897220][ T9750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.913091][ T9750] EXT4-fs warning (device loop3): ext4_empty_dir:3107: inode #11: comm syz.3.2882: directory missing '..' [ 93.933414][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.058090][ T9781] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2896'. [ 94.150185][ T9789] batadv_slave_1: entered promiscuous mode [ 94.156959][ T9786] batadv_slave_1: left promiscuous mode [ 94.190236][ T9795] loop3: detected capacity change from 0 to 512 [ 94.219574][ T9795] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.241771][ T9795] ext4 filesystem being mounted at /550/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.293666][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.438025][ T9842] batadv_slave_1: entered promiscuous mode [ 94.444822][ T9841] batadv_slave_1: left promiscuous mode [ 94.585273][ T9865] loop3: detected capacity change from 0 to 512 [ 94.643192][ T9865] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.656112][ T9865] ext4 filesystem being mounted at /552/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.704172][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.749986][ T29] kauditd_printk_skb: 570 callbacks suppressed [ 94.750003][ T29] audit: type=1400 audit(1861303867.446:3032): avc: denied { read write } for pid=3262 comm="syz-executor" name="loop3" dev="devtmpfs" ino=535 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 94.780561][ T29] audit: type=1400 audit(1861303867.446:3033): avc: denied { open } for pid=3262 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=535 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 94.804959][ T29] audit: type=1400 audit(1861303867.446:3034): avc: denied { ioctl } for pid=3262 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=535 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 94.837678][ T29] audit: type=1400 audit(1861303867.476:3035): avc: denied { open } for pid=9881 comm="syz.1.2941" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 94.857038][ T29] audit: type=1400 audit(1861303867.476:3036): avc: denied { kernel } for pid=9881 comm="syz.1.2941" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 94.876597][ T29] audit: type=1326 audit(1861303867.526:3037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9880 comm="syz.3.2940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 94.900032][ T29] audit: type=1326 audit(1861303867.526:3038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9880 comm="syz.3.2940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 94.923660][ T29] audit: type=1326 audit(1861303867.526:3039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9880 comm="syz.3.2940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 94.947223][ T29] audit: type=1326 audit(1861303867.526:3040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9880 comm="syz.3.2940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 94.970683][ T29] audit: type=1326 audit(1861303867.526:3041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9880 comm="syz.3.2940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 95.077741][ T9902] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 95.159048][ T9912] loop0: detected capacity change from 0 to 1024 [ 95.171943][ T9912] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 95.193042][ T9912] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.234634][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.334923][ T9952] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2975'. [ 95.565122][ T9993] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2990'. [ 95.575158][ T9984] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2990'. [ 95.637133][ T50] tipc: Subscription rejected, illegal request [ 95.730791][T10019] tipc: Started in network mode [ 95.735748][T10019] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 95.747580][T10019] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 95.755936][T10019] tipc: Enabled bearer , priority 10 [ 96.073483][T10084] netlink: 3 bytes leftover after parsing attributes in process `syz.1.3035'. [ 96.089600][T10085] loop0: detected capacity change from 0 to 512 [ 96.110027][T10085] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 96.121621][T10085] EXT4-fs (loop0): orphan cleanup on readonly fs [ 96.130104][T10085] EXT4-fs warning (device loop0): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 96.146075][T10085] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 96.154189][T10085] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3034: bg 0: block 40: padding at end of block bitmap is not set [ 96.169967][T10085] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 96.179011][T10085] EXT4-fs (loop0): 1 truncate cleaned up [ 96.185073][T10085] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 96.199587][T10085] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz.0.3034: corrupted xattr block 31: invalid header [ 96.213119][T10085] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=16 [ 96.222174][T10085] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz.0.3034: corrupted xattr block 31: invalid header [ 96.236580][T10085] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=16 [ 96.245877][T10085] EXT4-fs error (device loop0): ext4_get_link:106: inode #16: comm syz.0.3034: bad symlink. [ 96.270669][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.414225][T10125] syz_tun: entered promiscuous mode [ 96.446147][T10130] tipc: Started in network mode [ 96.451138][T10130] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 96.461302][T10130] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 96.469602][T10130] tipc: Enabled bearer , priority 10 [ 96.492937][T10132] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3056'. [ 96.596320][T10144] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3062'. [ 96.605335][T10144] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3062'. [ 96.634548][T10151] syz.4.3066[10151] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.634661][T10151] syz.4.3066[10151] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.646195][T10151] syz.4.3066[10151] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.726695][T10160] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3070'. [ 96.827202][T10174] netlink: 'syz.4.3077': attribute type 9 has an invalid length. [ 96.835237][T10174] netlink: 61951 bytes leftover after parsing attributes in process `syz.4.3077'. [ 96.873948][T10180] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 96.887327][ T980] tipc: Node number set to 1 [ 96.959611][T10197] syz.2.3088[10197] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.959740][T10197] syz.2.3088[10197] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.972308][T10197] syz.2.3088[10197] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.986294][T10194] netlink: 'syz.0.3086': attribute type 1 has an invalid length. [ 97.005760][T10194] netlink: 'syz.0.3086': attribute type 2 has an invalid length. [ 97.064762][T10203] loop0: detected capacity change from 0 to 2048 [ 97.096749][T10203] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.123474][T10203] ext4 filesystem being mounted at /628/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.169110][T10203] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.180385][T10220] syz_tun: entered promiscuous mode [ 97.198718][T10221] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.3093'. [ 97.226408][T10216] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.3093'. [ 97.378701][T10250] netlink: 'syz.1.3110': attribute type 9 has an invalid length. [ 97.386571][T10250] netlink: 61951 bytes leftover after parsing attributes in process `syz.1.3110'. [ 97.567410][T10293] Process accounting resumed [ 97.600778][T10295] netlink: 'syz.3.3130': attribute type 1 has an invalid length. [ 97.608589][T10295] netlink: 'syz.3.3130': attribute type 2 has an invalid length. [ 97.630448][ T3337] tipc: Node number set to 1 [ 97.959477][T10355] loop3: detected capacity change from 0 to 512 [ 97.973848][T10359] netlink: 'syz.0.3160': attribute type 10 has an invalid length. [ 97.981759][T10359] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3160'. [ 97.991333][T10355] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 97.993265][T10359] batman_adv: batadv0: Adding interface: veth1_vlan [ 98.003171][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.006062][T10359] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.013375][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.039944][T10359] batman_adv: batadv0: Interface activated: veth1_vlan [ 98.046371][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.046400][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.053619][T10355] EXT4-fs (loop3): orphan cleanup on readonly fs [ 98.060623][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.078858][T10355] EXT4-fs warning (device loop3): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 98.081745][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.103957][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.109883][T10355] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 98.111370][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.125403][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.132842][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.140267][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.147773][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.149158][T10355] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3158: bg 0: block 40: padding at end of block bitmap is not set [ 98.155215][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.176793][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.184192][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.187642][T10355] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 98.191657][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.207944][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.212606][T10355] EXT4-fs (loop3): 1 truncate cleaned up [ 98.215361][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.228511][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.232668][T10355] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 98.235915][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.235943][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.263098][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.270618][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.278176][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.280384][T10355] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #16: comm syz.3.3158: corrupted xattr block 31: invalid header [ 98.285582][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.285653][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.313619][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.321050][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.328512][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.336007][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.343496][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.349801][T10355] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=16 [ 98.350913][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.367323][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.374735][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.382181][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.389630][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.389867][T10355] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #16: comm syz.3.3158: corrupted xattr block 31: invalid header [ 98.397034][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.397064][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.425660][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.430067][T10355] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=16 [ 98.433240][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.442785][T10355] EXT4-fs error (device loop3): ext4_get_link:106: inode #16: comm syz.3.3158: bad symlink. [ 98.449751][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.467335][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.474942][ T3340] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 98.483786][ T3340] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz0] on syz0 [ 98.494022][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.528540][T10378] netlink: 312 bytes leftover after parsing attributes in process `syz.0.3169'. [ 98.584302][T10392] loop3: detected capacity change from 0 to 128 [ 98.595853][T10392] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 98.636267][T10392] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 98.734578][T10392] ext2 filesystem being mounted at /592/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.764645][T10405] IPv6: Can't replace route, no match found [ 98.823658][ T3262] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 98.949702][T10434] xt_hashlimit: max too large, truncated to 1048576 [ 98.958135][T10434] x_tables: ip_tables: osf match: only valid for protocol 6 [ 98.978764][T10444] Process accounting resumed [ 99.029854][T10449] can0: slcan on ttyS3. [ 99.165746][T10449] can0 (unregistered): slcan off ttyS3. [ 99.218254][T10467] atomic_op ffff88810f7ac528 conn xmit_atomic 0000000000000000 [ 99.270754][T10480] IPv6: Can't replace route, no match found [ 99.516044][T10507] IPv6: Can't replace route, no match found [ 99.866845][ T29] kauditd_printk_skb: 356 callbacks suppressed [ 99.866862][ T29] audit: type=1326 audit(1861303872.566:3398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10552 comm="syz.2.3251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5dd6def9 code=0x7ffc0000 [ 99.896886][ T29] audit: type=1326 audit(1861303872.566:3399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10552 comm="syz.2.3251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5dd6def9 code=0x7ffc0000 [ 99.931283][ T29] audit: type=1326 audit(1861303872.596:3400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10552 comm="syz.2.3251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f7e5dd6def9 code=0x7ffc0000 [ 99.954955][ T29] audit: type=1326 audit(1861303872.596:3401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10552 comm="syz.2.3251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5dd6def9 code=0x7ffc0000 [ 99.978745][ T29] audit: type=1326 audit(1861303872.596:3402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10552 comm="syz.2.3251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e5dd6def9 code=0x7ffc0000 [ 100.002348][ T29] audit: type=1326 audit(1861303872.676:3403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10561 comm="syz.3.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 100.026763][ T29] audit: type=1326 audit(1861303872.676:3404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10561 comm="syz.3.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 100.050395][ T29] audit: type=1326 audit(1861303872.676:3405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10561 comm="syz.3.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 100.073882][ T29] audit: type=1326 audit(1861303872.676:3406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10561 comm="syz.3.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 100.097443][ T29] audit: type=1326 audit(1861303872.676:3407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10561 comm="syz.3.3254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e4edef9 code=0x7ffc0000 [ 100.142323][T10558] xt_hashlimit: max too large, truncated to 1048576 [ 100.154670][T10558] x_tables: ip_tables: osf match: only valid for protocol 6 [ 100.191102][T10570] loop3: detected capacity change from 0 to 128 [ 100.274774][T10588] loop0: detected capacity change from 0 to 512 [ 100.323555][T10588] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.352315][T10588] ext4 filesystem being mounted at /659/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.430433][T10588] EXT4-fs error (device loop0): ext4_get_first_dir_block:3540: inode #12: block 32: comm syz.0.3266: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 100.529005][T10588] EXT4-fs error (device loop0): ext4_get_first_dir_block:3543: inode #12: comm syz.0.3266: directory missing '.' [ 100.585322][T10622] netlink: 'syz.4.3283': attribute type 13 has an invalid length. [ 100.636568][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.663339][T10635] loop0: detected capacity change from 0 to 128 [ 100.671460][T10637] loop3: detected capacity change from 0 to 512 [ 100.693240][T10637] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.706106][T10637] ext4 filesystem being mounted at /613/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.722807][T10637] EXT4-fs (loop3): shut down requested (0) [ 100.738929][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.775304][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.782977][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.790394][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.797879][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.805325][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.812804][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.820438][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.827980][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.835379][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.842931][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.850589][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.858140][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.865590][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.873073][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.880530][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.887950][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.895344][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.902841][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.910303][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.917850][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.925259][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.932709][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.940101][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.947643][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.955092][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.962627][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.970093][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.977488][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.984988][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.992492][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 100.999914][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.007368][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.014765][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.022243][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.029707][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.037168][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.044560][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.052076][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.059529][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.067026][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.074436][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.081959][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.089415][ T3337] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 101.098702][ T3337] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz0] on syz0 [ 101.207788][T10671] can0: slcan on ttyS3. [ 101.283669][T10671] can0 (unregistered): slcan off ttyS3. [ 101.333220][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.340787][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.348266][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.355822][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.363349][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.370828][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.370936][T10678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 101.378381][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.394046][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.401956][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.409554][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.416197][T10684] netlink: 'syz.3.3306': attribute type 13 has an invalid length. [ 101.417027][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.432358][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.439825][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.447502][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.455055][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.462619][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.470041][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.477476][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.485056][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.492586][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.500103][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.507571][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.515057][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.523115][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.530629][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.538096][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.545553][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.553127][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.560629][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.568261][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.575768][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.583177][ T3337] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 101.590762][T10678] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 101.591673][ T3337] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz0] on syz0 [ 101.624088][T10701] __nla_validate_parse: 7 callbacks suppressed [ 101.624118][T10701] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3318'. [ 101.801137][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.808740][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.816174][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.823556][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.830990][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.838534][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.845962][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.853451][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.860962][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.868434][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.875976][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.883376][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.890814][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.898297][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.905724][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.913238][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.922048][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.929475][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.936932][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.944393][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.951809][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.959222][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.966657][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.974038][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.981472][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.988906][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 101.996325][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.003713][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.011187][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.018674][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.026142][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.033543][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.041156][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.048618][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.056103][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.063553][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.071061][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.078580][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.086039][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.093457][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.100925][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.108364][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.115811][ T3340] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 102.127306][ T3340] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz0] on syz0 [ 102.194017][T10737] netlink: 'syz.2.3343': attribute type 2 has an invalid length. [ 102.291399][T10753] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3345'. [ 102.338453][T10760] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 102.350930][T10760] vhci_hcd: invalid port number 23 [ 102.502629][ T3340] IPVS: starting estimator thread 0... [ 102.508581][T10789] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3360'. [ 102.529094][T10800] netlink: 'syz.0.3366': attribute type 2 has an invalid length. [ 102.535900][T10797] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 102.544524][T10797] vhci_hcd: invalid port number 23 [ 102.605695][T10798] IPVS: using max 2448 ests per chain, 122400 per kthread [ 102.671550][T10826] loop3: detected capacity change from 0 to 128 [ 102.678560][T10826] vfat: Unknown parameter 'ÿÿÿÿ' [ 102.688104][T10826] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3378'. [ 102.733058][T10832] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 102.740854][T10832] vhci_hcd: invalid port number 23 [ 102.823524][T10844] bond1: entered promiscuous mode [ 102.828742][T10844] bond1: entered allmulticast mode [ 102.834338][T10844] 8021q: adding VLAN 0 to HW filter on device bond1 [ 102.853549][T10844] bond1 (unregistering): Released all slaves [ 102.913644][T10856] loop3: detected capacity change from 0 to 512 [ 102.927462][T10856] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.940442][T10856] ext4 filesystem being mounted at /644/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.964823][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.999669][T10865] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3406'. [ 103.001423][T10866] loop3: detected capacity change from 0 to 512 [ 103.027445][T10866] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.3396: Failed to acquire dquot type 1 [ 103.039660][T10866] EXT4-fs (loop3): 1 truncate cleaned up [ 103.046293][T10866] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.058889][T10866] ext4 filesystem being mounted at /646/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.081079][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.643702][T10883] can0: slcan on ttyS3. [ 103.676038][T10883] can0 (unregistered): slcan off ttyS3. [ 103.711542][T10892] loop0: detected capacity change from 0 to 256 [ 103.721123][T10892] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 103.792165][T10899] netlink: 140 bytes leftover after parsing attributes in process `syz.2.3412'. [ 103.792542][T10900] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3413'. [ 103.810877][T10899] caif0 speed is unknown, defaulting to 1000 [ 103.825219][T10899] caif0 speed is unknown, defaulting to 1000 [ 103.833366][T10899] caif0 speed is unknown, defaulting to 1000 [ 103.887652][T10899] infiniband syz1: set down [ 103.892336][T10899] infiniband syz1: added caif0 [ 103.897753][ T35] caif0 speed is unknown, defaulting to 1000 [ 103.922177][T10899] RDS/IB: syz1: added [ 103.932804][T10899] smc: adding ib device syz1 with port count 1 [ 103.941082][T10899] smc: ib device syz1 port 1 has pnetid [ 103.947260][ T35] caif0 speed is unknown, defaulting to 1000 [ 103.953634][T10899] caif0 speed is unknown, defaulting to 1000 [ 103.988196][T10899] caif0 speed is unknown, defaulting to 1000 [ 104.023688][T10899] caif0 speed is unknown, defaulting to 1000 [ 104.067026][T10936] netlink: 'syz.3.3431': attribute type 29 has an invalid length. [ 104.075807][T10936] netlink: 'syz.3.3431': attribute type 29 has an invalid length. [ 104.086823][T10936] netlink: 500 bytes leftover after parsing attributes in process `syz.3.3431'. [ 104.099180][T10899] caif0 speed is unknown, defaulting to 1000 [ 104.142074][T10899] caif0 speed is unknown, defaulting to 1000 [ 104.286552][T10972] team0: entered promiscuous mode [ 104.291826][T10972] team_slave_0: entered promiscuous mode [ 104.297585][T10972] team_slave_1: entered promiscuous mode [ 104.304161][T10971] team0: left promiscuous mode [ 104.309049][T10971] team_slave_0: left promiscuous mode [ 104.314763][T10971] team_slave_1: left promiscuous mode [ 104.358673][T10979] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3450'. [ 104.368063][T10979] rdma_rxe: rxe_newlink: failed to add caif0 [ 104.376089][T10982] siw: device registration error -23 [ 104.547561][T11013] netlink: 'syz.2.3467': attribute type 29 has an invalid length. [ 104.557112][T11013] netlink: 'syz.2.3467': attribute type 29 has an invalid length. [ 104.566280][T11013] netlink: 500 bytes leftover after parsing attributes in process `syz.2.3467'. [ 104.643118][T11028] bond1: entered promiscuous mode [ 104.648320][T11028] bond1: entered allmulticast mode [ 104.653683][T11028] 8021q: adding VLAN 0 to HW filter on device bond1 [ 104.667654][T11028] bond1 (unregistering): Released all slaves [ 104.748545][T11043] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 104.913494][ T29] kauditd_printk_skb: 387 callbacks suppressed [ 104.913513][ T29] audit: type=1400 audit(1861303877.606:3793): avc: denied { setopt } for pid=11060 comm="syz.3.3488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 105.013677][T11073] bond1: entered promiscuous mode [ 105.018866][T11073] bond1: entered allmulticast mode [ 105.024996][T11073] 8021q: adding VLAN 0 to HW filter on device bond1 [ 105.043542][T11073] bond1 (unregistering): Released all slaves [ 105.055337][T11081] IPv6: NLM_F_CREATE should be specified when creating new route [ 105.079139][ T29] audit: type=1400 audit(1861303877.776:3794): avc: denied { write } for pid=11087 comm="syz.2.3502" name="ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 105.194999][T11110] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 105.219816][ T29] audit: type=1400 audit(1861303877.916:3795): avc: denied { write } for pid=11113 comm="syz.4.3513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 105.267204][ T29] audit: type=1400 audit(1861303877.966:3796): avc: denied { read } for pid=11115 comm="syz.4.3514" name="event0" dev="devtmpfs" ino=218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 105.291116][ T29] audit: type=1400 audit(1861303877.966:3797): avc: denied { open } for pid=11115 comm="syz.4.3514" path="/dev/input/event0" dev="devtmpfs" ino=218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 105.316763][ T29] audit: type=1400 audit(1861303877.976:3798): avc: denied { ioctl } for pid=11115 comm="syz.4.3514" path="/dev/input/event0" dev="devtmpfs" ino=218 ioctlcmd=0x4590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 105.382201][T11122] bond1: entered promiscuous mode [ 105.387574][T11122] bond1: entered allmulticast mode [ 105.392947][ T29] audit: type=1400 audit(1861303878.086:3799): avc: denied { ioctl } for pid=11128 comm="syz.2.3519" path="socket:[30131]" dev="sockfs" ino=30131 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 105.410822][T11122] 8021q: adding VLAN 0 to HW filter on device bond1 [ 105.428652][ T29] audit: type=1400 audit(1861303878.086:3800): avc: denied { bind } for pid=11128 comm="syz.2.3519" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 105.455020][T11122] bond1 (unregistering): Released all slaves [ 105.993691][ T29] audit: type=1400 audit(1861303878.686:3801): avc: denied { read } for pid=11188 comm="syz.0.3549" name="ptp0" dev="devtmpfs" ino=222 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 106.016935][ T29] audit: type=1400 audit(1861303878.686:3802): avc: denied { open } for pid=11188 comm="syz.0.3549" path="/dev/ptp0" dev="devtmpfs" ino=222 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 106.235989][T11226] af_packet: packet_mmap: vma is busy: 1 [ 106.303943][T11241] bio_check_eod: 31310 callbacks suppressed [ 106.303961][T11241] syz.0.3571: attempt to access beyond end of device [ 106.303961][T11241] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 106.367921][T11251] pimreg: entered allmulticast mode [ 106.376382][T11251] pimreg: left allmulticast mode [ 106.402796][T11254] netlink: 'syz.2.3576': attribute type 3 has an invalid length. [ 106.433509][T11259] loop3: detected capacity change from 0 to 256 [ 106.440502][T11259] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 106.480722][T11266] syz_tun: entered promiscuous mode [ 106.491086][T11269] loop0: detected capacity change from 0 to 512 [ 106.498048][T11269] EXT4-fs: Ignoring removed mblk_io_submit option [ 106.498170][T11266] batadv_slave_0: entered promiscuous mode [ 106.504943][T11269] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 106.527665][T11269] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 106.537820][T11269] System zones: 1-12 [ 106.555178][T11269] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.3584: corrupted in-inode xattr: e_value size too large [ 106.571767][T11269] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.3584: couldn't read orphan inode 15 (err -117) [ 106.573509][T11280] loop3: detected capacity change from 0 to 512 [ 106.590423][T11280] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 106.602313][T11269] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.652882][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.719222][T11302] loop0: detected capacity change from 0 to 512 [ 106.744716][T11302] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 106.746342][T11307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 106.752765][T11302] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002] [ 106.769623][T11302] System zones: 0-2, 18-18, 34-35 [ 106.774222][T11307] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 106.775799][T11302] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 106.811005][T11302] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 12: comm syz.0.3602: path /712/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 106.836621][T11302] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 13: comm syz.0.3602: path /712/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 106.861767][T11320] loop3: detected capacity change from 0 to 512 [ 106.869229][T11302] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 14: comm syz.0.3602: path /712/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 106.890272][T11302] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 15: comm syz.0.3602: path /712/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 106.912429][T11320] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 106.920253][T11302] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 16: comm syz.0.3602: path /712/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 106.925865][T11320] EXT4-fs (loop3): orphan cleanup on readonly fs [ 106.944897][T11302] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 17: comm syz.0.3602: path /712/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 106.968993][T11320] EXT4-fs warning (device loop3): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 106.975740][T11302] EXT4-fs error (device loop0): ext4_map_blocks:671: inode #2: block 18: comm syz.0.3602: lblock 23 mapped to illegal pblock 18 (length 1) [ 106.998427][T11320] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 107.014951][T11320] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3610: bg 0: block 40: padding at end of block bitmap is not set [ 107.032393][T11320] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 107.044497][T11320] EXT4-fs (loop3): 1 truncate cleaned up [ 107.050668][T11320] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 107.065778][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.087806][T11320] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #16: comm syz.3.3610: corrupted xattr block 31: invalid header [ 107.101790][T11320] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=16 [ 107.110864][T11334] af_packet: packet_mmap: vma is busy: 1 [ 107.110975][T11320] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #16: comm syz.3.3610: corrupted xattr block 31: invalid header [ 107.135838][T11320] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=16 [ 107.145170][T11320] EXT4-fs error (device loop3): ext4_get_link:106: inode #16: comm syz.3.3610: bad symlink. [ 107.157542][T11338] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #16: comm syz.3.3610: corrupted xattr block 31: invalid header [ 107.171155][T11338] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=16 [ 107.180256][T11338] EXT4-fs error (device loop3): ext4_get_link:106: inode #16: comm syz.3.3610: bad symlink. [ 107.200757][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.233381][T11352] loop0: detected capacity change from 0 to 256 [ 107.241872][T11352] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 107.277309][T11354] __nla_validate_parse: 1 callbacks suppressed [ 107.277328][T11354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3624'. [ 107.287844][T11358] pimreg: entered allmulticast mode [ 107.339006][T11358] pimreg: left allmulticast mode [ 107.522911][T11395] loop0: detected capacity change from 0 to 2048 [ 107.620952][T11412] syz_tun: entered promiscuous mode [ 107.629832][T11412] batadv_slave_0: entered promiscuous mode [ 107.639736][T11412] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 107.647353][T11412] Cannot create hsr debugfs directory [ 107.708614][T11424] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 107.829603][T11441] SELinux: Context system_u:object_r:public_content_rw_t:s0 is not valid (left unmapped). [ 107.876375][T11451] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3670'. [ 108.042769][T11479] loop3: detected capacity change from 0 to 512 [ 108.050185][T11479] EXT4-fs: Ignoring removed mblk_io_submit option [ 108.057621][T11479] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 108.068827][T11485] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 108.077256][T11479] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 108.085339][T11479] System zones: 1-12 [ 108.089927][T11479] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.3684: corrupted in-inode xattr: e_value size too large [ 108.104949][T11479] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.3684: couldn't read orphan inode 15 (err -117) [ 108.118046][T11479] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.130777][T11492] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 108.143031][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.242052][T11515] syz_tun: entered promiscuous mode [ 108.256492][T11515] batadv_slave_0: entered promiscuous mode [ 108.269231][T11515] debugfs: Directory 'hsr2' with parent 'hsr' already present! [ 108.284776][T11515] Cannot create hsr debugfs directory [ 108.304532][T11523] loop0: detected capacity change from 0 to 512 [ 108.311411][T11523] EXT4-fs: Ignoring removed mblk_io_submit option [ 108.320827][T11523] EXT4-fs error (device loop0): __ext4_iget:4952: inode #11: block 1: comm syz.0.3713: invalid block [ 108.334100][T11523] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.3713: couldn't read orphan inode 11 (err -117) [ 108.353813][T11523] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.396336][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.504053][T11554] dvmrp8: entered allmulticast mode [ 108.510876][T11554] dvmrp8: left allmulticast mode [ 108.613773][T11566] lo speed is unknown, defaulting to 1000 [ 108.620728][T11566] caif0 speed is unknown, defaulting to 1000 [ 108.697221][T11574] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 108.828171][T11591] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 108.842828][T11591] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 108.928634][T11613] loop3: detected capacity change from 0 to 128 [ 108.935407][T11613] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 108.949534][T11613] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 108.968881][ T28] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 109.894390][T11704] loop0: detected capacity change from 0 to 512 [ 109.950076][ T29] kauditd_printk_skb: 204 callbacks suppressed [ 109.950141][ T29] audit: type=1400 audit(1861303882.646:4006): avc: denied { setcheckreqprot } for pid=11708 comm="syz.0.3789" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 109.997365][T11712] loop0: detected capacity change from 0 to 1024 [ 110.004249][T11712] EXT4-fs: Ignoring removed orlov option [ 110.010058][T11712] EXT4-fs: Ignoring removed nomblk_io_submit option [ 110.027454][T11712] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.043005][ T29] audit: type=1400 audit(1861303882.736:4007): avc: denied { write } for pid=11711 comm="syz.0.3790" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 110.044077][T11712] EXT4-fs (loop0): Online defrag not supported with bigalloc [ 110.083043][ T29] audit: type=1400 audit(1861303882.736:4008): avc: denied { add_name } for pid=11711 comm="syz.0.3790" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 110.103889][ T29] audit: type=1400 audit(1861303882.736:4009): avc: denied { create } for pid=11711 comm="syz.0.3790" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 110.124324][ T29] audit: type=1400 audit(1861303882.736:4010): avc: denied { read write } for pid=11711 comm="syz.0.3790" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 110.147057][ T29] audit: type=1400 audit(1861303882.736:4011): avc: denied { open } for pid=11711 comm="syz.0.3790" path="/748/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 110.170245][ T29] audit: type=1400 audit(1861303882.736:4012): avc: denied { ioctl } for pid=11711 comm="syz.0.3790" path="/748/file1/file2" dev="loop0" ino=16 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 110.203235][ T3264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.245082][ T29] audit: type=1400 audit(1861303882.936:4013): avc: denied { create } for pid=11726 comm="syz.3.3808" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 110.265023][ T29] audit: type=1400 audit(1861303882.936:4014): avc: denied { setopt } for pid=11726 comm="syz.3.3808" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 110.285208][ T29] audit: type=1400 audit(1861303882.936:4015): avc: denied { ioctl } for pid=11726 comm="syz.3.3808" path="socket:[32120]" dev="sockfs" ino=32120 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 110.653862][T11798] syzkaller0: entered promiscuous mode [ 110.659427][T11798] syzkaller0: entered allmulticast mode [ 110.819245][T11838] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 110.825820][T11838] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 110.833537][T11838] vhci_hcd vhci_hcd.0: Device attached [ 110.840235][T11842] vhci_hcd: connection closed [ 110.840351][ T3282] vhci_hcd: stop threads [ 110.849433][ T3282] vhci_hcd: release socket [ 110.853967][ T3282] vhci_hcd: disconnect device [ 111.411842][T11974] Process accounting resumed [ 111.886003][T12078] veth1_macvtap: left promiscuous mode [ 111.891516][T12078] macsec0: entered allmulticast mode [ 111.904467][T12078] veth1_macvtap: entered promiscuous mode [ 111.910330][T12078] veth1_macvtap: entered allmulticast mode [ 111.916284][T12078] macsec0: entered promiscuous mode [ 112.854574][T12169] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 112.861250][T12169] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 112.868902][T12169] vhci_hcd vhci_hcd.0: Device attached [ 112.903795][T12172] vhci_hcd: connection closed [ 112.903998][ T28] vhci_hcd: stop threads [ 112.913007][ T28] vhci_hcd: release socket [ 112.917494][ T28] vhci_hcd: disconnect device [ 113.133568][T12191] netlink: 'syz.2.4015': attribute type 13 has an invalid length. [ 113.208905][T12194] netlink: 'syz.1.4026': attribute type 13 has an invalid length. [ 113.358500][T12176] coredump: 1647(syz.0.4008): written to core: VMAs: 29, size 91127808; core: 62112430 bytes, pos 91136000 [ 114.800566][T12434] x_tables: unsorted underflow at hook 2 [ 114.956011][ T29] kauditd_printk_skb: 841 callbacks suppressed [ 114.956026][ T29] audit: type=1400 audit(1861303887.656:4857): avc: denied { prog_load } for pid=12459 comm="syz.4.4144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 114.989812][ T29] audit: type=1400 audit(1861303887.656:4858): avc: denied { prog_load } for pid=12460 comm="syz.3.4143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 115.009246][ T29] audit: type=1400 audit(1861303887.666:4859): avc: denied { read write } for pid=3262 comm="syz-executor" name="loop3" dev="devtmpfs" ino=535 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 115.033721][ T29] audit: type=1400 audit(1861303887.666:4860): avc: denied { create } for pid=12459 comm="syz.4.4144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0 [ 115.053519][ T29] audit: type=1400 audit(1861303887.676:4861): avc: denied { read } for pid=12463 comm="syz.0.4145" name="usbmon0" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=0 [ 115.077074][ T29] audit: type=1400 audit(1861303887.686:4862): avc: denied { create } for pid=12463 comm="syz.0.4145" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=0 [ 115.098717][ T29] audit: type=1400 audit(1861303887.686:4863): avc: denied { name_bind } for pid=12465 comm="syz.3.4146" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=0 [ 115.120483][ T29] audit: type=1400 audit(1861303887.686:4864): avc: denied { create } for pid=12463 comm="syz.0.4145" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=0 [ 115.153990][ T29] audit: type=1400 audit(1861303887.696:4865): avc: denied { read write } for pid=3262 comm="syz-executor" name="loop3" dev="devtmpfs" ino=535 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 115.178376][ T29] audit: type=1400 audit(1861303887.746:4866): avc: denied { map_create } for pid=12467 comm="syz.4.4147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 115.779170][T12572] lo speed is unknown, defaulting to 1000 [ 115.788309][T12572] caif0 speed is unknown, defaulting to 1000 [ 117.441763][T12735] lo speed is unknown, defaulting to 1000 [ 117.448104][T12735] caif0 speed is unknown, defaulting to 1000 [ 118.662928][T12863] Process accounting resumed [ 118.847686][T12899] Process accounting resumed [ 119.974565][T12984] coredump: 1(syz.0.4404): written to core: VMAs: 29, size 74350592; core: 62157486 bytes, pos 74358784 [ 120.001102][ T29] kauditd_printk_skb: 747 callbacks suppressed [ 120.001122][ T29] audit: type=1400 audit(1861303892.686:5614): avc: denied { prog_load } for pid=13049 comm="syz.1.4425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 120.026677][ T29] audit: type=1400 audit(1861303892.686:5615): avc: denied { prog_load } for pid=13049 comm="syz.1.4425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 120.045870][ T29] audit: type=1400 audit(1861303892.686:5616): avc: denied { prog_load } for pid=13049 comm="syz.1.4425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 120.075661][ T29] audit: type=1400 audit(1861303892.716:5617): avc: denied { map_create } for pid=13051 comm="syz.2.4426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 120.095022][ T29] audit: type=1400 audit(1861303892.716:5618): avc: denied { prog_load } for pid=13051 comm="syz.2.4426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 120.114799][ T29] audit: type=1400 audit(1861303892.716:5619): avc: denied { mounton } for pid=13051 comm="syz.2.4426" path="/798/file0" dev="tmpfs" ino=4101 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0 [ 120.137588][ T29] audit: type=1400 audit(1861303892.746:5620): avc: denied { create } for pid=13052 comm="syz.4.4427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0 [ 120.157500][ T29] audit: type=1400 audit(1861303892.746:5621): avc: denied { create } for pid=13052 comm="syz.4.4427" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=0 [ 120.178932][ T29] audit: type=1400 audit(1861303892.756:5622): avc: denied { map_create } for pid=13056 comm="syz.2.4429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 120.198370][ T29] audit: type=1400 audit(1861303892.756:5623): avc: denied { prog_load } for pid=13056 comm="syz.2.4429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 120.896741][T13103] lo speed is unknown, defaulting to 1000 [ 120.902838][T13103] caif0 speed is unknown, defaulting to 1000 [ 121.500582][T13181] lo speed is unknown, defaulting to 1000 [ 121.513774][T13181] caif0 speed is unknown, defaulting to 1000 [ 121.920148][T13252] netlink: 'syz.4.4522': attribute type 2 has an invalid length. [ 121.963895][T13262] lo speed is unknown, defaulting to 1000 [ 121.982291][T13262] caif0 speed is unknown, defaulting to 1000 [ 122.802362][T13371] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 122.808924][T13371] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 122.816521][T13371] vhci_hcd vhci_hcd.0: Device attached [ 122.823617][T13372] vhci_hcd: connection closed [ 122.823780][ T3282] vhci_hcd: stop threads [ 122.832827][ T3282] vhci_hcd: release socket [ 122.837410][ T3282] vhci_hcd: disconnect device [ 123.751393][T13500] lo speed is unknown, defaulting to 1000 [ 123.758109][T13500] caif0 speed is unknown, defaulting to 1000 [ 124.345160][T13621] coredump: 1949(syz.3.4696): written to core: VMAs: 3, size 4096; core: 2771 bytes, pos 8192 [ 124.778969][T13683] bridge0: port 3(syz_tun) entered blocking state [ 124.785485][T13683] bridge0: port 3(syz_tun) entered disabled state [ 124.792411][T13683] syz_tun: entered allmulticast mode [ 124.798380][T13683] syz_tun: left allmulticast mode [ 125.024599][ T29] kauditd_printk_skb: 864 callbacks suppressed [ 125.024617][ T29] audit: type=1400 audit(1861303897.716:6488): avc: denied { create } for pid=13739 comm="syz.2.4754" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0 [ 125.076963][ T29] audit: type=1400 audit(1861303897.716:6489): avc: denied { read } for pid=13739 comm="syz.2.4754" name="loop0" dev="devtmpfs" ino=539 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 125.100693][ T29] audit: type=1400 audit(1861303897.756:6490): avc: denied { prog_load } for pid=13743 comm="syz.2.4755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 125.120054][ T29] audit: type=1400 audit(1861303897.766:6491): avc: denied { prog_load } for pid=13745 comm="syz.4.4756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 125.139392][ T29] audit: type=1400 audit(1861303897.766:6492): avc: denied { write } for pid=13745 comm="syz.4.4756" name="001" dev="devtmpfs" ino=144 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=0 [ 125.162292][ T29] audit: type=1400 audit(1861303897.776:6493): avc: denied { prog_load } for pid=13745 comm="syz.4.4756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 125.235275][ T29] audit: type=1400 audit(1861303897.776:6494): avc: denied { create } for pid=13747 comm="syz.2.4757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0 [ 125.255081][ T29] audit: type=1400 audit(1861303897.876:6495): avc: denied { create } for pid=13749 comm="syz.2.4758" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=0 [ 125.274709][ T29] audit: type=1400 audit(1861303897.886:6496): avc: denied { mounton } for pid=13751 comm="syz.4.4759" path="/968/file0" dev="tmpfs" ino=4973 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0 [ 125.297491][ T29] audit: type=1400 audit(1861303897.906:6497): avc: denied { prog_load } for pid=13749 comm="syz.2.4758" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 125.600328][T13825] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 125.606945][T13825] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 125.614725][T13825] vhci_hcd vhci_hcd.0: Device attached [ 125.621422][T13826] vhci_hcd: connection closed [ 125.621665][ T28] vhci_hcd: stop threads [ 125.630909][ T28] vhci_hcd: release socket [ 125.635369][ T28] vhci_hcd: disconnect device [ 126.055355][T13901] tap0: tun_chr_ioctl cmd 1074025675 [ 126.060747][T13901] tap0: persist enabled [ 126.065301][T13901] tap0: tun_chr_ioctl cmd 1074025675 [ 126.070726][T13901] tap0: persist enabled [ 126.407759][T13992] coredump: 1927(syz.2.4873): coredump has not been created, error -2 [ 126.518436][T14018] xt_hashlimit: max too large, truncated to 1048576 [ 126.741322][T14069] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14069 comm=syz.2.4910 [ 127.312062][T14182] netlink: 'syz.2.4964': attribute type 29 has an invalid length. [ 128.394412][T14305] lo speed is unknown, defaulting to 1000 [ 128.400834][T14305] caif0 speed is unknown, defaulting to 1000 [ 128.622081][T14351] ebtables: ebtables: counters copy to user failed while replacing table [ 128.733909][T14378] netlink: 'syz.2.5058': attribute type 2 has an invalid length. [ 129.701758][T14566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5147'. [ 129.887475][T14606] lo speed is unknown, defaulting to 1000 [ 129.893825][T14606] caif0 speed is unknown, defaulting to 1000 [ 130.031971][ T29] kauditd_printk_skb: 1015 callbacks suppressed [ 130.031988][ T29] audit: type=1400 audit(1861304414.725:7513): avc: denied { open } for pid=14618 comm="syz.2.5173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0 [ 130.080297][ T29] audit: type=1400 audit(1861304414.725:7514): avc: denied { module_request } for pid=14617 comm="syz.4.5172" kmod="ebt_statistic" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=0 [ 130.102363][ T29] audit: type=1400 audit(1861304414.725:7515): avc: denied { module_request } for pid=14617 comm="syz.4.5172" kmod=6562745F6E666C01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=0 [ 130.124492][ T29] audit: type=1400 audit(1861304414.735:7516): avc: denied { read } for pid=14621 comm="syz.4.5174" dev="nsfs" ino=4026532768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0 [ 130.145799][ T29] audit: type=1400 audit(1861304414.735:7517): avc: denied { prog_load } for pid=14621 comm="syz.4.5174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 130.165015][ T29] audit: type=1400 audit(1861304414.755:7518): avc: denied { compute_member } for pid=14621 comm="syz.4.5174" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=0 [ 130.185625][ T29] audit: type=1400 audit(1861304414.775:7519): avc: denied { create } for pid=14623 comm="syz.2.5175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0 [ 130.205616][ T29] audit: type=1400 audit(1861304414.775:7520): avc: denied { read } for pid=14623 comm="syz.2.5175" dev="nsfs" ino=4026532965 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0 [ 130.232182][ T29] audit: type=1400 audit(1861304414.775:7521): avc: denied { map_create } for pid=14625 comm="syz.4.5176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 130.251672][ T29] audit: type=1400 audit(1861304414.775:7522): avc: denied { prog_load } for pid=14625 comm="syz.4.5176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 130.643800][T14688] lo speed is unknown, defaulting to 1000 [ 130.650158][T14688] caif0 speed is unknown, defaulting to 1000 [ 130.737946][T14702] bridge0: port 3(veth0_to_bond) entered blocking state [ 130.744968][T14702] bridge0: port 3(veth0_to_bond) entered disabled state [ 130.752295][T14702] veth0_to_bond: entered allmulticast mode [ 130.758851][T14702] veth0_to_bond: entered promiscuous mode [ 130.764900][T14702] bridge0: port 3(veth0_to_bond) entered blocking state [ 130.771945][T14702] bridge0: port 3(veth0_to_bond) entered forwarding state [ 131.185000][T14743] netlink: 'syz.1.5229': attribute type 29 has an invalid length. [ 131.196082][T14743] netlink: 'syz.1.5229': attribute type 29 has an invalid length. [ 131.311601][T14748] ================================================================== [ 131.319708][T14748] BUG: KCSAN: data-race in do_sys_poll / pollwake [ 131.326130][T14748] [ 131.328498][T14748] read to 0xffffc9001bdebc10 of 4 bytes by task 14747 on cpu 0: [ 131.336126][T14748] do_sys_poll+0x986/0xc10 [ 131.340545][T14748] __se_sys_poll+0xe1/0x200 [ 131.345069][T14748] __x64_sys_poll+0x43/0x50 [ 131.349589][T14748] x64_sys_call+0x29db/0x2d60 [ 131.354274][T14748] do_syscall_64+0xc9/0x1c0 [ 131.358785][T14748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.364690][T14748] [ 131.367037][T14748] write to 0xffffc9001bdebc10 of 4 bytes by task 14748 on cpu 1: [ 131.374756][T14748] pollwake+0xbe/0x110 [ 131.378914][T14748] __wake_up+0x65/0xb0 [ 131.382995][T14748] snd_seq_cell_free+0x1e7/0x210 [ 131.387931][T14748] snd_seq_dispatch_event+0x210/0x240 [ 131.393308][T14748] snd_seq_check_queue+0x17b/0x300 [ 131.398429][T14748] snd_seq_enqueue_event+0x26e/0x2a0 [ 131.403821][T14748] snd_seq_client_enqueue_event+0x21a/0x2b0 [ 131.409734][T14748] snd_seq_write+0x3f3/0x500 [ 131.414348][T14748] vfs_write+0x26c/0x910 [ 131.418605][T14748] ksys_write+0xeb/0x1b0 [ 131.422856][T14748] __x64_sys_write+0x42/0x50 [ 131.427472][T14748] x64_sys_call+0x27dd/0x2d60 [ 131.432164][T14748] do_syscall_64+0xc9/0x1c0 [ 131.436671][T14748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.442671][T14748] [ 131.444998][T14748] value changed: 0x00000001 -> 0x00000000 [ 131.450799][T14748] [ 131.453138][T14748] Reported by Kernel Concurrency Sanitizer on: [ 131.459370][T14748] CPU: 1 UID: 0 PID: 14748 Comm: syz.1.5231 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0 [ 131.469872][T14748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 131.480010][T14748] ================================================================== Dec 24 21:00:17 syzkaller daemon.err dhcpcd[3001]: ps_sendpsmmsg: Connection refused Dec 24 21:00:17 syzkaller daemon.err dhcpcd[3001]: ps_root_recvmsgcb: failed to send message to pid 7158: Connection refused Dec 24 21:00:19 syzkaller daemon.err dhcpcd[3001]: ps_sendpsmmsg: Connection refused Dec 24 21:00:19 syzkaller daemon.err dhcpcd[3001]: ps_root_recvmsgcb: failed to send message to pid 7333: Connection refused Dec 24 21:00:19 [ 135.188601][ T29] kauditd_printk_skb: 140 callbacks suppressed syzkaller daemon[ 135.188618][ T29] audit: type=1400 audit(1861304419.885:7663): avc: denied { read } for pid=2945 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 .err dhcpcd[3001[ 135.220045][ T29] audit: type=1400 audit(1861304419.915:7664): avc: denied { read } for pid=2945 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 ]: ps_sendpsmmsg: Connection refused Dec 24 21:00:19 syzkaller daemon.err dhcpcd[3001]: ps_root_recvmsgcb: failed to send message to pid 7334: Connection refused [ 137.372274][ T29] audit: type=1400 audit(1861304422.065:7665): avc: denied { read } for pid=2945 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 Dec 24 21:00:22 [ 137.394864][ T29] audit: type=1400 audit(1861304422.095:7666): avc: denied { read } for pid=2945 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 syzkaller daemon.err dhcpcd[3001]: ps_sendpsmmsg: Connection refused Dec 24 21:00:22 syzkaller daemon.err dhcpcd[3001]: ps_root_recvmsgcb: failed to send message to pid 7703: Connection refused