last executing test programs: 7.039338449s ago: executing program 1 (id=1200): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, &(0x7f0000000040)}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) 4.150456365s ago: executing program 0 (id=1203): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = socket(0x10, 0x3, 0x0) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x800000, 0x0, 0xffffffff}, 0x20, 0x0, 0x7, 0x8, 0x101, 0x1c, 0x0, 0x0, 0x0, 0x0, {0x200}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x80}, 0x4080) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESDEC=r0], 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x2, &(0x7f0000002400)=0x0) io_submit(r8, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) 3.78331528s ago: executing program 1 (id=1206): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) r5 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r6, 0x0) write$selinux_load(r5, &(0x7f0000000000)=ANY=[], 0x2000) 3.673681932s ago: executing program 1 (id=1209): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xb490) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @loopback, 0x9}, 0x1c) sendto$inet6(r0, &(0x7f00000000c0)="044aac2f202c5feda71e039a57a93088fdcce4afe28aac61837792741a190670ccbe1a2b00aa77a87d56a3f12c7920ad02928a5dac14e5b896f000fcf6521928480be9af82613a5c66", 0x49, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 3.613491053s ago: executing program 1 (id=1210): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000004580)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10) setrlimit(0x40000000000008, &(0x7f0000000000)) 3.590889123s ago: executing program 1 (id=1213): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x0, 0x2c, 0x0, @dev, @local}}}}, 0x0) 3.590426843s ago: executing program 2 (id=1214): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000200)) close_range(r1, 0xffffffffffffffff, 0x0) 3.562673763s ago: executing program 2 (id=1216): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x100) pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000240)=ANY=[@ANYBLOB="06000000000000000153d3000000000005"]) 3.509481804s ago: executing program 1 (id=1218): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000200)={[{@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0xdcc}}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x100000004}, 0x16) r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r2) syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[], 0x0) ioctl$EVIOCGBITSW(r2, 0x40095505, 0x0) 3.425454416s ago: executing program 2 (id=1220): syz_emit_ethernet(0x86, &(0x7f00000001c0)={@random="591a1d9a2bdb", @link_local={0x1, 0x80, 0xc2, 0x25}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x29, 0x0, @empty=0x1000000, @multicast1}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x220, 0x0, 0x0, "bfd8a5dd2002c02142c4391145badd28fd7f0ffc0e896f38da00", "0bb10000085b2e00", {"c23b2195c4b058706558a70864bef1f0", "524a72fc460b8cd26e095f24ab642591"}}}}}}}, 0x0) 3.333274487s ago: executing program 2 (id=1222): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) write$binfmt_misc(r0, &(0x7f0000000240), 0xfffffecc) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)=0x81d) 3.231548539s ago: executing program 0 (id=1225): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f00000010c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000007c0)="02999344565d9c61d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e432bcb0330483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca0d1c470154ed985a179f87c9bc402189195e92dc1d73fce0d96439a53073df328509806e960c2", 0x7e}, {&(0x7f00000002c0)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9ee6ae29f0b07bc6fe7981126ca804c1f64e6c19ba36b2778c5f4a1c58625fe19516af43c9870c5b8191e23778abe7df2280d459b1651686a53ca52dce9570444c153f9c2903ae4c868074e89477bf6ed2ab648b0498ac8c0f90844ed9a26675199d5ff9b391c1dec077b5099cf9aecd1a", 0xcb}, {&(0x7f0000000400)="397d5f2e855cb2b0b1e6013fe47dc3e798cf47cfebf169e77257f308b498e5b417227094d55e5cfe7cd9af0569a4456954e58ea1850000000000000000355c5f42d9f2aa5f", 0x45}, {&(0x7f00000003c0)="9059c5aee5eca0529f3f9109a29885942349a08c6be8241fb9050c7491a49f89ee4aa8a1f1daa6663945ed017834c6afaab141dfb71370", 0x37}, {&(0x7f0000000480)="3b98c053d6287182fb77fa2573c0175eac0342191cae67c6aab799113bf6df72d6bae38ad4d70cf4923614c77b93f41a8de623711dbfe9124532ef0a290a9801ffac63d114b63603306210bd0ee6922a71edb08dc4d93aab9c40b4839e5cbaf0c4d28a016f64b1f07bdfba8f695191bd5d838b4395e9bbc0cab1184676af212a79208290e0a4e5de06f7ae089f225831692ec6b873fd", 0x96}], 0x5}}, {{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000a00)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523", 0x64}, {&(0x7f0000000180)="5be3b011e12323e4ab88c0472f0700000000000000e71ba62334303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf648c9100000000000000006a8f4f5405596e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa", 0xa2}, {&(0x7f0000000640)="7cf0e3f04a69cb809286d9c9e14c765f28e88424f045636a824bd7b6af588bbabbcd6f1b9070904932e41d1cb3ee51e3281c29585f4113996ac198b46fd0acf46cb4d77ff4a70cd86217509613c8af2ab70f7a9bbdf4239ed992535b10e1cbfb6db8807731ba99933692a652ab16305d94e450169f4f6022425f7c6404fada1387db285a93849fd05971689fd7f17575150a84293df224533e5cc56de224bbeb14da7f6164d54554eddf35e0bd48af61039dc3a735132380bdb3f8c33bf5450b9f27cccbbe30ea54cdd5ad70bc30120384eceb8d7ce6696b9a77711f6abba9fb", 0xe0}, {&(0x7f0000000940)="b37e2198f0af5c6ea74e25bab49b471c96ae67202fae67331a99de4be0c8257114322a73579ff18949247f4fb88ab7c261a5a6a9f47ba4798249bc4181338522495051ffd9d82d941c23e9d0da121bb60b7dcfe1f1d2c0aeb64a8d3dd9c2d3507efd34ccd71d337124bd9cd87bdb21d17ae671ab21ee1d093e92eb4a5fb2078f", 0x80}], 0x4}}], 0x2, 0xc0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 2.786801255s ago: executing program 4 (id=1236): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x14, r1, 0x301, 0x70bd28, 0x25dfdbfe, {0x1c}}, 0x14}}, 0x10) 2.710677147s ago: executing program 4 (id=1237): chdir(&(0x7f0000000540)='./cgroup\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) socket$inet6(0xa, 0x3, 0x8000000003c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x84515000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000010008500000022000000850000002300"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x3, 0x0) getsockname$packet(r7, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r8, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0) io_setup(0xbc, &(0x7f0000000280)=0x0) io_submit(r9, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x503, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffcd9, 0x0, 0x0, 0x2}]) 2.073963747s ago: executing program 0 (id=1238): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x4, 0x0, 0x0) 2.008101588s ago: executing program 0 (id=1240): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='hybla\x00', 0x6) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 2.007471728s ago: executing program 2 (id=1242): chdir(&(0x7f0000000540)='./cgroup\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) socket$inet6(0xa, 0x3, 0x8000000003c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x84515000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000010008500000022000000850000002300"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000000340)=ANY=[@ANYRES8=r5, @ANYRESDEC=r2, @ANYRES64=r0], 0x6, 0x2dd, &(0x7f00000005c0)="$eJzs3b9rZNUXAPDzkpk3s9+vMFNYieADLazWzbY2E2QDYiqXKdRCg7sLkgnCLgT8gRMrWxsLC/8CQfAPsfE/EGwFO1dZuPJ+MS+bmdmdwER0P58mh3vPefe8N5fkpcjNBy+eHN8p4t6Xn/8Sw2EWO5OYxMMsxrETrbM4Z/J1AAD/Zg9Tit9TbWXScxeHsogYbrc1AGBLVv/8LzpxbxH+eGWtAQBbcvudd9/aPzy89XZRDOPg5KvTafmbffm1nt+/Fx/FLO7GjRjFo4jqRaEf1dtCGR6klOa9ojSOV07mp9Oy8uT9n5rr7/8WUdXvxSjG1VBKqdcG6eDNw1t7Ra1TPz+d9uN/zfqTsv5mjOL5Zv3mbaWtv7mkPqZ5vPpyp//rMYqfP4yPYxZ3qrUX9V/sFcUb6Zs/Pnuv7Kqsz+an00GVt5B2r/SDAQAAAAAAAAAAAAAAAAAAAADgP+16c3bOIIrxX/UZgM35O7uPyvl+FK3x+fN56vqsvVD3fKCU0jzFd+35OjeKokhN4qK+Fy/0ugcLAgAAAAAAAAAAAAAAAAAAwLPrwSefHh/NZnfvXzq4FouR9jSAXkT8eTvisleedEZeiirorWp10Kx5NJvtNOH5nF53JHbbnCxibRvlTVz+sRxvknztQs9N8P0Pm62eNze3Nrm/fK0nBMMnVQ06I+3uOj7Klj/DQbQjw2aTfJtHZyPl8ZSN5aumUmyy/fKlU6ONH1T+/yqYr8mJbF1jr/967hPMHr+LvHqq9chr/Tq3meo3OSs3wPCp9nMM6/KL3ysyp3UAAAAAAAAAAAAAAAAAAMBWLf76d8nk2drSnTTYWlsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKUW//9/g2DeFD8+FWf1eCc5j/sP/sn7AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NnwdwAAAP//FPdQIg==") r6 = socket(0x10, 0x3, 0x0) getsockname$packet(r6, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r7, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0) io_setup(0xbc, &(0x7f0000000280)=0x0) io_submit(r8, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x503, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffcd9, 0x0, 0x0, 0x2}]) 1.425505217s ago: executing program 4 (id=1249): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) statfs(&(0x7f0000000080)='./file0\x00', 0x0) 1.403765677s ago: executing program 4 (id=1250): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f00000002c0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c757466383d302c757365667265652c646973636172642c73686f72746e616d653d77696e6e742c6572726f72733d636f6e74696e75652c636865636b3d6e6f726d616c2c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c0075fd0f66e1fbbd34adc2c85b20fe31e143d77cfa81b25d55da5a420be8a22a83e81efee5f8650c3a6ab5921db3ad08c62c69af5867c65f4d15bc9ae43474550ab3218e4335c82dbb9b531ea1419c1eb9c5bdc1dbfda4493b2b3440ac4b27c0fe35239d9dc2eabc697b61459ddcd388a41538526706975e5c737e48de944c114461063da691df56dce7e20ca2da4e044d78473d0e7296b43c9eb2ec69af52b88510008c405044c99e05bd6488f5767e2efa4390efa7d9250c2c6ab87a10786d"], 0xfd, 0x2ae, &(0x7f0000000800)="$eJzs3M9r02AYwPFn3bq1HVt7EEFBfNCLXsJW/4IiG4gFZa6iHoTMpVoa29HESkXcbl69+T8Mj94E5z+wizfv4mUIgpcdZJEljc1m90vWpa7fD4y8y/s+ed/8aHkSmnfj3pun1bJjlE1XEimVhKRWZFMkJwkJDbWXCb88KlErcnX855cLd+4/uFkoFmfmVGcL89fyqjp58ePzl+8ufXLH776f/DAm67mHGz/yX9fPrp/b2JoPt1531dSFet01F2xLFytO1VC9bVumY2ml5liNHfVlu7601FKztjiRWWpYjqNmraVVq6VuXd1GS83HZqWmhmHoREYGzfCRI0qrc3NmoSeDQRzS3VY2GgVzuGtlafUkBgUAAPrL3/m/nEj+/6TiaMXR2kH5f0LI/3vHz/+3uiaNOB2S2zcABTPT/vzuRP4PAAAAAAAAAAAAAAAAAAAAAMD/YNPzsp7nZcNl+DcmIinZSgWtvGzc40Rv7H/+RcL/IyFDMQ4Xxyzy4l5KxH7dLDVLwTKoL5SlIrZYMpUU+eVfD21BefZGcWZKfTlZs5fb8f5LgmNhfCjXPX46iNdI/HKzlJRMtP+8ZOVM9/j8rvikiDRLo3LlciTekKx8fiR1sWXRv6478a+mVa/fKu7qP+23AwAAAADgNDD0j9zO+99gNknD0HDakF31wcrO8wHJHvB8QGVtVDrxI3J+JL79BgAAAABgkDitF1XTtq3GIBfScvSoQTx0RvvnYPs29jxvebvRIbf8Ni2yR1VC9qzqdeG7iPTBAT/uwrdnwQk8TOM4v5UAAAAA9EIn6Y97JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADK7DTh4Wtv+Xucci3Q3Hs5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAf/gdAAD//9maFWk=") openat(0xffffffffffffff9c, 0x0, 0x107842, 0x42) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_udp(0xa, 0x2, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x68, 0x4, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_INFO={0x2c, 0x3, "ebae551382395afa4d23edfcbe6d55b57cb15e63c15c46395916e2b388abc3d6ce2316334e8278ad"}, @NFTA_MATCH_NAME={0xa, 0x1, 'limit\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @limit={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xbc}, 0x1, 0x0, 0x0, 0x2000094}, 0x4004000) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r2}, 0x10) setitimer(0x1, 0x0, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000180)={r3, 0x0, &(0x7f0000001700)=""/53, 0x4}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000000500000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) write$binfmt_script(0xffffffffffffffff, &(0x7f00000000c0), 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) 1.276655599s ago: executing program 3 (id=1252): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r4 = epoll_create(0x8) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0xf6c447fee59251f4}) close_range(r2, r3, 0x0) 1.22894592s ago: executing program 3 (id=1253): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0xcc40, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10) sendmmsg$inet(r2, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064c6", 0x15}, {&(0x7f00000002c0)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000280)="5825be57aff935abe386b36f8db4235867894c2b356be67ca2746357d1787935", 0x20}], 0x1}}], 0x2, 0x4004040) 1.22830089s ago: executing program 4 (id=1254): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200"/56, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 1.2093016s ago: executing program 3 (id=1255): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000cc0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f00000007c0)='\x00', 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x20000000) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) recvmsg$unix(r0, &(0x7f0000000780)={0x0, 0xfd00, &(0x7f0000000640)=[{&(0x7f0000000280)=""/230, 0xe6}], 0x1}, 0x0) 1.171735731s ago: executing program 3 (id=1256): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372"], 0xfc}}, 0x0) 1.171529351s ago: executing program 0 (id=1257): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000f2ffffff850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001e0055"], 0x14}}, 0x0) 1.171309321s ago: executing program 4 (id=1258): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x200000000200}, 0x18) r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301) ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f00000004c0)={0x80, 0x3, 0x0, 0xfffe, 0x0, 0xf, 0x0}) 1.115535952s ago: executing program 3 (id=1259): bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x80, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00'}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10) close(r2) 1.115197362s ago: executing program 0 (id=1260): chdir(&(0x7f0000000540)='./cgroup\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) socket$inet6(0xa, 0x3, 0x8000000003c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x84515000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000010008500000022000000850000002300"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x3, 0x0) getsockname$packet(r7, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r8, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0) io_setup(0xbc, &(0x7f0000000280)=0x0) io_submit(r9, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x503, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffcd9, 0x0, 0x0, 0x2}]) 1.064595003s ago: executing program 3 (id=1261): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='kmem_cache_free\x00', r3, 0x0, 0x1}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='block_bio_remap\x00', r5}, 0x18) quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0) 0s ago: executing program 2 (id=1262): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffff4f7}, {}, 0x0, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x4d6, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x4000) sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000020ac1e000100000000000000000000000000000000000000000a0040"], 0xb8}}, 0x0) kernel console output (not intermixed with test programs): nat_bits in checkpoint [ 80.941669][ T1361] netem: change failed [ 80.942930][ T6] usb 2-1: device descriptor read/64, error -71 [ 81.009879][ T1354] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 81.021887][ T1354] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 81.070978][ T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 81.080380][ T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 81.103853][ T1372] loop0: detected capacity change from 0 to 1024 [ 81.167920][ T1372] EXT4-fs (loop0): Ignoring removed orlov option [ 81.222493][ T6] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 81.223574][ T1372] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,orlov,. Quota mode: none. [ 81.257752][ T30] kauditd_printk_skb: 337 callbacks suppressed [ 81.257773][ T30] audit: type=1326 audit(1744151914.492:2522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1377 comm="syz.4.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 81.314811][ T1374] loop2: detected capacity change from 0 to 40427 [ 81.328834][ T30] audit: type=1326 audit(1744151914.532:2523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1377 comm="syz.4.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 81.380500][ T30] audit: type=1326 audit(1744151914.532:2524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1377 comm="syz.4.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 81.421969][ T1104] usb 4-1: string descriptor 0 read error: -71 [ 81.428648][ T1104] cdc_mbim 4-1:0.72: skipping garbage [ 81.434148][ T1104] cdc_mbim 4-1:0.72: CDC Union missing and no IAD found [ 81.441545][ T1104] cdc_mbim 4-1:0.72: bind() failure [ 81.447482][ T1104] usb 4-1: USB disconnect, device number 4 [ 81.455594][ T30] audit: type=1326 audit(1744151914.532:2525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1377 comm="syz.4.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 81.483391][ T30] audit: type=1326 audit(1744151914.532:2526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1377 comm="syz.4.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 81.531400][ T30] audit: type=1326 audit(1744151914.532:2527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1377 comm="syz.4.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 81.539082][ T1380] loop4: detected capacity change from 0 to 8192 [ 81.572498][ T6] usb 2-1: device descriptor read/64, error -71 [ 81.601871][ T1380] loop4: p1 p2[DM] p4 [ 81.612593][ T1380] loop4: p1 size 196608 extends beyond EOD, truncated [ 81.621698][ T30] audit: type=1326 audit(1744151914.532:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1377 comm="syz.4.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 81.653141][ T1380] loop4: p2 start 4292936063 is beyond EOD, truncated [ 81.670464][ T1380] loop4: p4 size 50331648 extends beyond EOD, truncated [ 81.687639][ T30] audit: type=1326 audit(1744151914.532:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1377 comm="syz.4.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 81.720006][ T1374] loop2: detected capacity change from 0 to 2048 [ 81.737377][ T30] audit: type=1326 audit(1744151914.532:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1377 comm="syz.4.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 81.761001][ T30] audit: type=1326 audit(1744151914.532:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1377 comm="syz.4.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 81.834148][ T1374] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,data_err=abort,stripe=0x0000000000000006,errors=remount-ro,. Quota mode: none. [ 81.871500][ T1374] EXT4-fs (loop2): shut down requested (2) [ 81.877941][ T1374] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop2 ino=12 [ 81.886668][ T39] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 81.894604][ T1374] process 'syz.2.290' launched './file0' with NULL argv: empty string added [ 81.992601][ T6] usb 2-1: device descriptor read/64, error -71 [ 82.112550][ T6] usb usb2-port1: attempt power cycle [ 82.242537][ T20] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 82.292561][ T39] usb 1-1: config 0 has an invalid interface number: 72 but max is 0 [ 82.300606][ T39] usb 1-1: config 0 descriptor has 1 excess byte, ignoring [ 82.325041][ T39] usb 1-1: config 0 has no interface number 0 [ 82.403716][ T39] usb 1-1: New USB device found, idVendor=12d1, idProduct=d03d, bcdDevice=2f.07 [ 82.423905][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.443529][ T39] usb 1-1: config 0 descriptor?? [ 82.558964][ T1401] loop4: detected capacity change from 0 to 128 [ 82.712977][ T39] usb 1-1: string descriptor 0 read error: -71 [ 82.743241][ T39] cdc_mbim 1-1:0.72: skipping garbage [ 82.789590][ T1401] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 82.802349][ T1401] ext4 filesystem being mounted at /75/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 82.824268][ T39] cdc_mbim 1-1:0.72: CDC Union missing and no IAD found [ 82.874348][ T39] cdc_mbim 1-1:0.72: bind() failure [ 82.881178][ T39] usb 1-1: USB disconnect, device number 5 [ 82.938519][ T1400] loop1: detected capacity change from 0 to 8192 [ 82.972591][ T20] usb 3-1: config 0 has an invalid interface number: 72 but max is 0 [ 82.979643][ T1408] netem: change failed [ 82.980636][ T20] usb 3-1: config 0 descriptor has 1 excess byte, ignoring [ 82.992644][ T1400] loop1: p1 p2[DM] p4 [ 82.996761][ T1400] loop1: p1 size 196608 extends beyond EOD, truncated [ 83.004439][ T20] usb 3-1: config 0 has no interface number 0 [ 83.010912][ T1400] loop1: p2 start 4292936063 is beyond EOD, truncated [ 83.018129][ T1400] loop1: p4 size 50331648 extends beyond EOD, truncated [ 83.025175][ T20] usb 3-1: New USB device found, idVendor=12d1, idProduct=d03d, bcdDevice=2f.07 [ 83.034726][ T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.043693][ T20] usb 3-1: config 0 descriptor?? [ 83.191619][ T367] udevd[367]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 83.203837][ T368] udevd[368]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 83.226421][ T367] udevd[367]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 83.310448][ T1410] loop3: detected capacity change from 0 to 40427 [ 83.326118][ T20] usb 3-1: string descriptor 0 read error: -71 [ 83.343861][ T368] udevd[368]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 83.355647][ T20] cdc_mbim 3-1:0.72: skipping garbage [ 83.372197][ T20] cdc_mbim 3-1:0.72: CDC Union missing and no IAD found [ 83.386770][ T1410] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 83.411808][ T1410] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 83.442032][ T1422] loop0: detected capacity change from 0 to 1024 [ 83.460582][ T1410] F2FS-fs (loop3): invalid crc value [ 83.481943][ T1410] F2FS-fs (loop3): Found nat_bits in checkpoint [ 83.525770][ T1422] EXT4-fs (loop0): Ignoring removed orlov option [ 83.660896][ T20] cdc_mbim 3-1:0.72: bind() failure [ 83.667073][ T20] usb 3-1: USB disconnect, device number 4 [ 83.680199][ T1422] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,orlov,. Quota mode: none. [ 83.681083][ T1416] loop1: detected capacity change from 0 to 128 [ 83.791741][ T1416] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 83.805198][ T1416] ext4 filesystem being mounted at /46/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 83.851741][ T1410] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 83.858796][ T1410] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 83.974950][ T314] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 84.003313][ T314] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 84.107324][ T1442] loop0: detected capacity change from 0 to 512 [ 84.129862][ T1442] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 84.211550][ T1442] EXT4-fs (loop0): 1 truncate cleaned up [ 84.232555][ T1442] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,. Quota mode: writeback. [ 84.337003][ T1447] loop2: detected capacity change from 0 to 128 [ 84.592740][ T1447] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 84.603401][ T1447] ext4 filesystem being mounted at /63/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 84.822606][ T1457] loop3: detected capacity change from 0 to 40427 [ 84.882044][ T1470] loop0: detected capacity change from 0 to 1024 [ 84.907693][ T1457] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 84.922579][ T1457] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 84.928597][ T1470] EXT4-fs (loop0): Ignoring removed orlov option [ 84.937108][ T1104] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 84.942135][ T1457] F2FS-fs (loop3): invalid crc value [ 84.973914][ T1470] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,orlov,. Quota mode: none. [ 84.991735][ T1465] loop1: detected capacity change from 0 to 40427 [ 85.004261][ T1457] F2FS-fs (loop3): Found nat_bits in checkpoint [ 85.101263][ T1457] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 85.108501][ T1457] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 85.142924][ T1465] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 85.164921][ T1465] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 85.188131][ T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 85.189376][ T1465] F2FS-fs (loop1): invalid crc value [ 85.207206][ T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 85.227368][ T1465] F2FS-fs (loop1): Found nat_bits in checkpoint [ 85.323379][ T1487] loop0: detected capacity change from 0 to 1024 [ 85.357585][ T1487] EXT4-fs (loop0): Ignoring removed orlov option [ 85.362594][ T1104] usb 3-1: config 0 has an invalid interface number: 72 but max is 0 [ 85.382267][ T1465] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 85.391711][ T1104] usb 3-1: config 0 descriptor has 1 excess byte, ignoring [ 85.399317][ T1465] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 85.403996][ T1487] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,orlov,. Quota mode: none. [ 85.414634][ T1104] usb 3-1: config 0 has no interface number 0 [ 85.598976][ T1104] usb 3-1: New USB device found, idVendor=12d1, idProduct=d03d, bcdDevice=2f.07 [ 85.618478][ T1104] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.629345][ T1104] usb 3-1: config 0 descriptor?? [ 85.651966][ T1493] loop3: detected capacity change from 0 to 128 [ 85.661081][ T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 85.671874][ T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 85.707424][ T1493] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 85.718517][ T1493] ext4 filesystem being mounted at /62/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 86.267777][ T30] kauditd_printk_skb: 116 callbacks suppressed [ 86.267796][ T30] audit: type=1326 audit(1744151919.502:2648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1502 comm="syz.1.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33d9088169 code=0x7ffc0000 [ 86.423756][ T30] audit: type=1326 audit(1744151919.602:2649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1502 comm="syz.1.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f33d9088169 code=0x7ffc0000 [ 86.520209][ T30] audit: type=1326 audit(1744151919.602:2650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1502 comm="syz.1.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33d9088169 code=0x7ffc0000 [ 86.582135][ T30] audit: type=1326 audit(1744151919.602:2651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1502 comm="syz.1.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f33d9088169 code=0x7ffc0000 [ 86.622618][ T30] audit: type=1326 audit(1744151919.602:2652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1502 comm="syz.1.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33d9088169 code=0x7ffc0000 [ 86.656316][ T30] audit: type=1326 audit(1744151919.602:2653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1502 comm="syz.1.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f33d9088169 code=0x7ffc0000 [ 86.693718][ T1519] netem: change failed [ 86.714203][ T30] audit: type=1326 audit(1744151919.612:2654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1502 comm="syz.1.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33d9088169 code=0x7ffc0000 [ 86.714880][ T1521] loop3: detected capacity change from 0 to 512 [ 86.742851][ T30] audit: type=1326 audit(1744151919.612:2655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1502 comm="syz.1.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f33d9088169 code=0x7ffc0000 [ 86.774273][ T30] audit: type=1326 audit(1744151919.612:2656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1502 comm="syz.1.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33d9088169 code=0x7ffc0000 [ 86.803612][ T30] audit: type=1326 audit(1744151919.612:2657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1502 comm="syz.1.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f33d9088169 code=0x7ffc0000 [ 86.849692][ T1513] loop4: detected capacity change from 0 to 4096 [ 86.864670][ T1521] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 86.880632][ T1511] loop1: detected capacity change from 0 to 40427 [ 86.883258][ T1521] EXT4-fs (loop3): 1 truncate cleaned up [ 86.893362][ T1521] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,. Quota mode: writeback. [ 86.895524][ T1513] EXT4-fs (loop4): error: journal path wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8/ is not a block device [ 86.933668][ T1511] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 86.947982][ T1511] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 86.957851][ T1511] F2FS-fs (loop1): invalid crc value [ 86.965374][ T1511] F2FS-fs (loop1): Found nat_bits in checkpoint [ 87.075186][ T1534] ======================================================= [ 87.075186][ T1534] WARNING: The mand mount option has been deprecated and [ 87.075186][ T1534] and is ignored by this kernel. Remove the mand [ 87.075186][ T1534] option from the mount to silence this warning. [ 87.075186][ T1534] ======================================================= [ 87.077426][ T1511] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 87.111165][ T1534] blk_update_request: I/O error, dev loop4, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0 [ 87.148856][ T1534] EXT4-fs (loop4): unable to read superblock [ 87.154064][ T1511] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 87.178603][ T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 87.197745][ T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 87.222563][ T1104] usb 3-1: string descriptor 0 read error: -71 [ 87.232799][ T1104] cdc_mbim 3-1:0.72: skipping garbage [ 87.238071][ T1104] cdc_mbim 3-1:0.72: CDC Union missing and no IAD found [ 87.292518][ T1544] 9pnet: p9_errstr2errno: server reported unknown error @í΂Í(ááí«QÿND [ 87.292518][ T1544] .  [ 87.303291][ T1541] blk_update_request: I/O error, dev loop0, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0 [ 87.319663][ T1104] cdc_mbim 3-1:0.72: bind() failure [ 87.335233][ T1104] usb 3-1: USB disconnect, device number 5 [ 87.353964][ T1541] EXT4-fs (loop0): unable to read superblock [ 87.371419][ T1530] loop3: detected capacity change from 0 to 40427 [ 87.379980][ T1546] loop4: detected capacity change from 0 to 512 [ 87.417518][ T1530] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 87.432270][ T1530] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 87.465910][ T1530] F2FS-fs (loop3): invalid crc value [ 87.484147][ T1530] F2FS-fs (loop3): Found nat_bits in checkpoint [ 87.503999][ T1559] netem: change failed [ 87.534259][ T1546] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 87.542147][ T1546] System zones: 0-2, 18-18, 34-34 [ 87.562622][ T1546] EXT4-fs (loop4): orphan cleanup on readonly fs [ 87.571358][ T1546] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.339: bg 0: block 248: padding at end of block bitmap is not set [ 87.593209][ T1546] EXT4-fs error (device loop4): ext4_acquire_dquot:6188: comm syz.4.339: Failed to acquire dquot type 1 [ 87.628363][ T1546] EXT4-fs (loop4): 1 truncate cleaned up [ 87.635355][ T1530] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 87.645638][ T1530] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 87.674184][ T1546] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 87.694480][ T326] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 87.704751][ T1559] loop2: detected capacity change from 0 to 4096 [ 87.725439][ T326] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 87.755389][ T1559] EXT4-fs (loop2): error: journal path wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8/ is not a block device [ 87.782993][ T1569] loop0: detected capacity change from 0 to 128 [ 87.914301][ T1569] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 87.925318][ T1569] ext4 filesystem being mounted at /70/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 88.212684][ T1104] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 88.276653][ T6] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 88.467414][ T1585] loop2: detected capacity change from 0 to 40427 [ 88.485814][ T1585] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 88.493549][ T1585] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 88.503456][ T1585] F2FS-fs (loop2): invalid crc value [ 88.510394][ T1585] F2FS-fs (loop2): Found nat_bits in checkpoint [ 88.558206][ T1585] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 88.565611][ T1585] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 88.586311][ T45] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 88.595565][ T45] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 88.629881][ T1597] netem: change failed [ 88.663254][ T1104] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 88.712956][ T1598] loop3: detected capacity change from 0 to 128 [ 88.735721][ T1104] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 88.779608][ T1104] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 88.982388][ T1598] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 88.993225][ T1598] ext4 filesystem being mounted at /69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 89.033321][ T1104] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.042670][ T1104] usb 5-1: config 0 descriptor?? [ 89.063046][ T6] usb 1-1: config 0 has an invalid interface number: 72 but max is 0 [ 89.070984][ T6] usb 1-1: config 0 descriptor has 1 excess byte, ignoring [ 89.079586][ T6] usb 1-1: config 0 has no interface number 0 [ 89.102176][ T6] usb 1-1: New USB device found, idVendor=12d1, idProduct=d03d, bcdDevice=2f.07 [ 89.121772][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.133071][ T6] usb 1-1: config 0 descriptor?? [ 89.189372][ T1610] netem: change failed [ 89.259548][ T1610] loop1: detected capacity change from 0 to 4096 [ 89.315649][ T1610] EXT4-fs (loop1): error: journal path wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8/ is not a block device [ 89.332505][ T26] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 89.712621][ T26] usb 4-1: config 0 has an invalid interface number: 72 but max is 0 [ 89.724218][ T26] usb 4-1: config 0 descriptor has 1 excess byte, ignoring [ 89.739373][ T26] usb 4-1: config 0 has no interface number 0 [ 89.747391][ T26] usb 4-1: New USB device found, idVendor=12d1, idProduct=d03d, bcdDevice=2f.07 [ 89.760843][ T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.784059][ T26] usb 4-1: config 0 descriptor?? [ 90.482976][ T1546] syz.4.339 (1546) used greatest stack depth: 19824 bytes left [ 90.632583][ T6] usb 1-1: string descriptor 0 read error: -71 [ 90.637945][ T1104] usbhid 5-1:0.0: can't add hid device: -71 [ 90.648074][ T1104] usbhid: probe of 5-1:0.0 failed with error -71 [ 90.649193][ T6] cdc_mbim 1-1:0.72: skipping garbage [ 90.658031][ T1104] usb 5-1: USB disconnect, device number 6 [ 90.671223][ T6] cdc_mbim 1-1:0.72: CDC Union missing and no IAD found [ 90.697161][ T6] cdc_mbim 1-1:0.72: bind() failure [ 90.710263][ T1635] loop0: detected capacity change from 0 to 1024 [ 90.763514][ T6] usb 1-1: USB disconnect, device number 6 [ 90.770075][ T1635] EXT4-fs (loop0): Ignoring removed orlov option [ 90.846386][ T1635] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,orlov,. Quota mode: none. [ 90.887474][ T1640] loop4: detected capacity change from 0 to 128 [ 91.093368][ T1640] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 91.104201][ T1640] ext4 filesystem being mounted at /85/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 91.182949][ T1644] netem: change failed [ 91.762575][ T26] usb 4-1: string descriptor 0 read error: -71 [ 91.769290][ T26] cdc_mbim 4-1:0.72: skipping garbage [ 91.775033][ T26] cdc_mbim 4-1:0.72: CDC Union missing and no IAD found [ 91.781882][ T26] cdc_mbim 4-1:0.72: bind() failure [ 91.789696][ T26] usb 4-1: USB disconnect, device number 5 [ 92.107640][ T1663] loop0: detected capacity change from 0 to 128 [ 92.333365][ T1663] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 92.344486][ T1663] ext4 filesystem being mounted at /73/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 92.448980][ T1650] loop2: detected capacity change from 0 to 40427 [ 92.521109][ T1653] loop4: detected capacity change from 0 to 40427 [ 92.533276][ T1650] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 92.548398][ T1650] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 92.563849][ T1650] F2FS-fs (loop2): invalid crc value [ 92.582022][ T1650] F2FS-fs (loop2): Found nat_bits in checkpoint [ 92.632253][ T1650] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 92.639342][ T1650] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 92.674196][ T361] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 92.683832][ T361] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 92.910423][ T1653] loop4: detected capacity change from 0 to 2048 [ 93.101808][ T1653] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,data_err=abort,stripe=0x0000000000000006,errors=remount-ro,. Quota mode: none. [ 93.132361][ T1679] loop3: detected capacity change from 0 to 40427 [ 93.172483][ T1653] EXT4-fs (loop4): shut down requested (2) [ 93.231329][ T1687] loop2: detected capacity change from 0 to 128 [ 93.282995][ T1653] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 93.293101][ T1679] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 93.315576][ T1679] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 93.465149][ T1687] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 93.474072][ T1679] F2FS-fs (loop3): invalid crc value [ 93.480945][ T1687] ext4 filesystem being mounted at /80/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 93.555891][ T1679] F2FS-fs (loop3): Found nat_bits in checkpoint [ 93.593802][ T30] kauditd_printk_skb: 379 callbacks suppressed [ 93.593819][ T30] audit: type=1326 audit(1744151926.832:3035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1694 comm="syz.4.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 93.629230][ T1695] netem: change failed [ 93.630281][ T30] audit: type=1326 audit(1744151926.862:3036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1694 comm="syz.4.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 93.657932][ T1679] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 93.668736][ T1679] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 93.684446][ T30] audit: type=1326 audit(1744151926.862:3037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1694 comm="syz.4.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3ee7659087 code=0x7ffc0000 [ 93.728723][ T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 93.739232][ T30] audit: type=1326 audit(1744151926.862:3038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1694 comm="syz.4.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3ee7658ffc code=0x7ffc0000 [ 93.748292][ T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 93.762362][ T30] audit: type=1326 audit(1744151926.862:3039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1694 comm="syz.4.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3ee7658f34 code=0x7ffc0000 [ 93.804380][ T30] audit: type=1326 audit(1744151926.862:3040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1694 comm="syz.4.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3ee7658f34 code=0x7ffc0000 [ 93.836406][ T30] audit: type=1326 audit(1744151926.862:3041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1694 comm="syz.4.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3ee7655dca code=0x7ffc0000 [ 93.859669][ T30] audit: type=1326 audit(1744151926.862:3042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1694 comm="syz.4.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 93.883749][ T30] audit: type=1326 audit(1744151926.862:3043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1694 comm="syz.4.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 93.907403][ T30] audit: type=1326 audit(1744151926.862:3044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1694 comm="syz.4.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 94.036556][ T1702] loop4: detected capacity change from 0 to 8192 [ 94.118692][ T1703] loop0: detected capacity change from 0 to 128 [ 94.284166][ T1703] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 94.295266][ T1703] ext4 filesystem being mounted at /76/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 94.528359][ T1711] usb usb1: usbfs: process 1711 (syz.3.385) did not claim interface 0 before use [ 94.561867][ T1705] loop2: detected capacity change from 0 to 40427 [ 94.597970][ T1705] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 94.622585][ T26] Bluetooth: hci0: command 0x1003 tx timeout [ 94.632162][ T471] Bluetooth: hci0: sending frame failed (-49) [ 94.642522][ T1705] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 94.818964][ T1705] F2FS-fs (loop2): invalid crc value [ 94.831266][ T1705] F2FS-fs (loop2): Found nat_bits in checkpoint [ 95.022854][ T1705] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 95.024374][ T1714] loop3: detected capacity change from 0 to 40427 [ 95.032641][ T1705] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 95.123736][ T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 95.138499][ T1714] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 95.166022][ T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 95.177301][ T1714] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 95.192834][ T1714] F2FS-fs (loop3): invalid crc value [ 95.233039][ T1714] F2FS-fs (loop3): Found nat_bits in checkpoint [ 95.307559][ T1732] loop4: detected capacity change from 0 to 128 [ 95.472889][ T1732] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 95.484017][ T1732] ext4 filesystem being mounted at /89/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 95.524220][ T1714] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 95.542539][ T1714] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 95.607341][ T1689] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 95.696907][ T1689] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 95.827369][ T1739] loop2: detected capacity change from 0 to 2048 [ 95.919754][ T1739] EXT4-fs (loop2): Mount option "noacl" will be removed by 3.5 [ 95.919754][ T1739] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 95.919754][ T1739] [ 96.075154][ T1739] EXT4-fs (loop2): mounted filesystem without journal. Opts: noacl,,errors=continue. Quota mode: none. [ 96.692587][ T494] Bluetooth: hci0: command 0x1001 tx timeout [ 96.698965][ T471] Bluetooth: hci0: sending frame failed (-49) [ 97.329943][ T1751] netem: change failed [ 97.518094][ T1767] loop3: detected capacity change from 0 to 1024 [ 97.609985][ T1767] EXT4-fs (loop3): Ignoring removed orlov option [ 97.639171][ T1767] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,orlov,. Quota mode: none. [ 97.665259][ T1773] loop2: detected capacity change from 0 to 128 [ 97.777293][ T1773] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 97.788288][ T1773] ext4 filesystem being mounted at /84/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 98.464637][ T1782] loop2: detected capacity change from 0 to 1024 [ 98.802975][ T1785] loop3: detected capacity change from 0 to 128 [ 99.277705][ T1787] loop4: detected capacity change from 0 to 128 [ 99.284513][ T494] Bluetooth: hci0: command 0x1009 tx timeout [ 99.339379][ T1782] EXT4-fs (loop2): Ignoring removed orlov option [ 99.372489][ T1787] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 99.383549][ T1787] ext4 filesystem being mounted at /94/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 99.422658][ T1785] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 99.434953][ T1785] ext4 filesystem being mounted at /78/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 99.696245][ T1782] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,orlov,. Quota mode: none. [ 99.696321][ T1777] loop0: detected capacity change from 0 to 40427 [ 99.732154][ T30] kauditd_printk_skb: 87 callbacks suppressed [ 99.732170][ T30] audit: type=1326 audit(1744151932.962:3132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz.4.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 99.748216][ T1795] netem: change failed [ 99.763619][ T30] audit: type=1326 audit(1744151932.962:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz.4.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 99.789028][ T30] audit: type=1326 audit(1744151932.972:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz.4.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3ee7659087 code=0x7ffc0000 [ 99.812672][ T30] audit: type=1326 audit(1744151932.972:3135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz.4.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3ee7658ffc code=0x7ffc0000 [ 99.880376][ T30] audit: type=1326 audit(1744151932.972:3136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz.4.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3ee7658f34 code=0x7ffc0000 [ 99.911180][ T1777] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 99.919052][ T30] audit: type=1326 audit(1744151932.972:3137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz.4.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3ee7658f34 code=0x7ffc0000 [ 99.946452][ T1777] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 99.956121][ T1777] F2FS-fs (loop0): invalid crc value [ 99.961603][ T30] audit: type=1326 audit(1744151932.972:3138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz.4.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3ee7655dca code=0x7ffc0000 [ 99.985858][ T30] audit: type=1326 audit(1744151932.972:3139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz.4.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 100.018609][ T30] audit: type=1326 audit(1744151932.972:3140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz.4.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 100.050567][ T1777] F2FS-fs (loop0): Found nat_bits in checkpoint [ 100.111757][ T30] audit: type=1326 audit(1744151932.972:3141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz.4.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 100.145124][ T1777] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 100.152155][ T1777] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 100.193250][ T10] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 100.206271][ T10] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 100.258842][ T1808] loop4: detected capacity change from 0 to 8192 [ 100.292919][ T1808] loop4: p1 p2[DM] p4 [ 100.297579][ T1808] loop4: p1 size 196608 extends beyond EOD, truncated [ 100.305072][ T1808] loop4: p2 start 4292936063 is beyond EOD, truncated [ 100.311711][ T1808] loop4: p4 size 50331648 extends beyond EOD, truncated [ 100.312691][ T6] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 100.449743][ T1816] netem: change failed [ 100.509764][ T1818] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1818 comm=syz.4.407 [ 100.602478][ T6] usb 4-1: device descriptor read/64, error -71 [ 100.691748][ T1824] loop4: detected capacity change from 0 to 8192 [ 100.714580][ T1824] loop4: p1 p2[DM] p4 [ 100.719606][ T1824] loop4: p1 size 196608 extends beyond EOD, truncated [ 100.759591][ T1824] loop4: p2 start 4292936063 is beyond EOD, truncated [ 100.794987][ T1826] loop2: detected capacity change from 0 to 128 [ 100.806197][ T1824] loop4: p4 size 50331648 extends beyond EOD, truncated [ 101.040786][ T1826] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 101.051773][ T1826] ext4 filesystem being mounted at /87/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 101.066385][ T101] loop4: p1 p2[DM] p4 [ 101.149470][ T101] loop4: p1 size 196608 extends beyond EOD, truncated [ 101.175282][ T101] loop4: p2 start 4292936063 is beyond EOD, truncated [ 101.197950][ T101] loop4: p4 size 50331648 extends beyond EOD, truncated [ 101.342528][ T6] usb 4-1: device descriptor read/64, error -71 [ 101.434822][ T1828] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1828 comm=syz.4.412 [ 101.519653][ T1836] loop0: detected capacity change from 0 to 128 [ 101.641428][ T1836] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 101.652608][ T1836] ext4 filesystem being mounted at /82/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 101.852357][ T1839] loop2: detected capacity change from 0 to 8192 [ 101.873808][ T1839] loop2: p1 p2[DM] p4 [ 101.878365][ T1839] loop2: p1 size 196608 extends beyond EOD, truncated [ 101.880189][ T1841] loop4: detected capacity change from 0 to 8192 [ 101.886423][ T1839] loop2: p2 start 4292936063 is beyond EOD, truncated [ 101.897848][ T1839] loop2: p4 size 50331648 extends beyond EOD, truncated [ 101.912515][ T6] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 101.922924][ T1841] loop4: p1 p2[DM] p4 [ 101.927414][ T1841] loop4: p1 size 196608 extends beyond EOD, truncated [ 101.941668][ T1841] loop4: p2 start 4292936063 is beyond EOD, truncated [ 101.948607][ T1841] loop4: p4 size 50331648 extends beyond EOD, truncated [ 102.091907][ T1842] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1842 comm=syz.2.414 [ 102.220663][ T6] usb 4-1: device descriptor read/64, error -71 [ 102.476208][ T1852] loop0: detected capacity change from 0 to 1024 [ 102.525555][ T1852] EXT4-fs (loop0): Ignoring removed orlov option [ 102.553010][ T1852] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,orlov,. Quota mode: none. [ 102.853056][ T6] usb 4-1: device descriptor read/64, error -71 [ 103.613373][ T6] usb usb4-port1: attempt power cycle [ 103.779035][ T1871] netem: change failed [ 103.862613][ T1874] loop1: detected capacity change from 0 to 128 [ 104.188916][ T1876] netem: change failed [ 104.403723][ T1874] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 104.414560][ T1874] ext4 filesystem being mounted at /63/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 104.743820][ T1876] loop4: detected capacity change from 0 to 4096 [ 104.762721][ T30] kauditd_printk_skb: 184 callbacks suppressed [ 104.762739][ T30] audit: type=1326 audit(1744151937.952:3326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1869 comm="syz.4.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 104.833901][ T1876] EXT4-fs (loop4): error: journal path wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8/ is not a block device [ 104.848569][ T30] audit: type=1326 audit(1744151937.962:3327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1869 comm="syz.4.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 104.872650][ T30] audit: type=1326 audit(1744151937.962:3328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1869 comm="syz.4.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 104.913146][ T30] audit: type=1326 audit(1744151937.962:3329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1869 comm="syz.4.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 104.972273][ T1889] loop2: detected capacity change from 0 to 128 [ 105.201416][ T30] audit: type=1326 audit(1744151937.962:3330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1869 comm="syz.4.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 105.242929][ T30] audit: type=1326 audit(1744151937.962:3331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1869 comm="syz.4.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 105.266561][ T311] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 105.267558][ T1889] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 105.286838][ T30] audit: type=1326 audit(1744151937.962:3332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1869 comm="syz.4.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 105.286877][ T30] audit: type=1326 audit(1744151937.962:3333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1869 comm="syz.4.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 105.286904][ T30] audit: type=1326 audit(1744151937.962:3334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1869 comm="syz.4.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 105.286930][ T30] audit: type=1326 audit(1744151937.962:3335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1869 comm="syz.4.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee7657169 code=0x7ffc0000 [ 105.387820][ T1889] ext4 filesystem being mounted at /91/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 105.539480][ T1903] syz.4.433[1903] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 105.539574][ T1903] syz.4.433[1903] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 105.553895][ T1689] Bluetooth: hci0: Frame reassembly failed (-84) [ 105.702607][ T311] usb 2-1: config 0 has an invalid interface number: 72 but max is 0 [ 105.715853][ T311] usb 2-1: config 0 descriptor has 1 excess byte, ignoring [ 105.722555][ T299] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 105.733806][ T311] usb 2-1: config 0 has no interface number 0 [ 105.739843][ T311] usb 2-1: New USB device found, idVendor=12d1, idProduct=d03d, bcdDevice=2f.07 [ 105.754035][ T311] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.778095][ T311] usb 2-1: config 0 descriptor?? [ 105.958935][ T1924] loop4: detected capacity change from 0 to 512 [ 106.005913][ T1924] EXT4-fs (loop4): Ignoring removed nobh option [ 106.026958][ T1924] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 106.035789][ T1924] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.442: corrupted in-inode xattr [ 106.048301][ T1924] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.442: couldn't read orphan inode 15 (err -117) [ 106.060160][ T1924] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,prjquota,auto_da_alloc,mblk_io_submit,acl,,errors=continue. Quota mode: writeback. [ 106.393424][ T299] usb 3-1: config 0 has an invalid interface number: 72 but max is 0 [ 106.407219][ T299] usb 3-1: config 0 descriptor has 1 excess byte, ignoring [ 106.414412][ T299] usb 3-1: config 0 has no interface number 0 [ 106.421687][ T299] usb 3-1: New USB device found, idVendor=12d1, idProduct=d03d, bcdDevice=2f.07 [ 106.422374][ T1932] syz.4.444[1932] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 106.430802][ T1932] syz.4.444[1932] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 106.431130][ T299] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.462051][ T299] usb 3-1: config 0 descriptor?? [ 106.497281][ T1936] Zero length message leads to an empty skb [ 106.521328][ T1938] loop4: detected capacity change from 0 to 1024 [ 106.623025][ T1938] EXT4-fs (loop4): Ignoring removed oldalloc option [ 106.630227][ T1938] EXT4-fs (loop4): Ignoring removed orlov option [ 106.636775][ T1938] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 106.647727][ T1938] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869) [ 106.657574][ T1938] EXT4-fs (loop4): invalid journal inode [ 106.663420][ T1938] EXT4-fs (loop4): can't get journal size [ 106.670686][ T1938] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,norecovery,oldalloc,orlov,,errors=continue. Quota mode: writeback. [ 106.787216][ T1948] tun0: tun_chr_ioctl cmd 1074025675 [ 106.792660][ T1948] tun0: persist enabled [ 106.963824][ T1956] sch_tbf: burst 3092 is lower than device lo mtu (65550) ! [ 107.152576][ T311] usb 2-1: string descriptor 0 read error: -71 [ 107.166716][ T311] cdc_mbim 2-1:0.72: skipping garbage [ 107.182549][ T311] cdc_mbim 2-1:0.72: CDC Union missing and no IAD found [ 107.204906][ T311] cdc_mbim 2-1:0.72: bind() failure [ 107.227985][ T311] usb 2-1: USB disconnect, device number 7 [ 107.277705][ T1982] netlink: 'syz.1.465': attribute type 27 has an invalid length. [ 107.297542][ T1982] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.304610][ T1982] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.337839][ T1983] loop1: detected capacity change from 0 to 512 [ 107.383532][ T1983] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 107.395270][ T1983] EXT4-fs (loop1): 1 truncate cleaned up [ 107.400887][ T1983] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000358,min_batch_time=0x0000000003000000,stripe=0x0000000000000009,,errors=continue. Quota mode: none. [ 107.572507][ T494] Bluetooth: hci0: command 0x1003 tx timeout [ 107.578447][ T471] Bluetooth: hci0: sending frame failed (-49) [ 107.832634][ T299] usb 3-1: string descriptor 0 read error: -71 [ 107.839735][ T299] cdc_mbim 3-1:0.72: skipping garbage [ 107.845249][ T299] cdc_mbim 3-1:0.72: CDC Union missing and no IAD found [ 107.852146][ T299] cdc_mbim 3-1:0.72: bind() failure [ 107.858396][ T299] usb 3-1: USB disconnect, device number 6 [ 108.011788][ T2007] SELinux: ebitmap: map size 4294449787 does not match my size 64 (high bit was 0) [ 108.023229][ T2007] SELinux: failed to load policy [ 108.084623][ T2015] IPv6: NLM_F_CREATE should be specified when creating new route [ 108.139967][ T2018] netlink: 'syz.2.480': attribute type 27 has an invalid length. [ 108.159236][ T2021] SELinux: Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped). [ 108.201670][ T2023] loop2: detected capacity change from 0 to 512 [ 108.234076][ T2018] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.241131][ T2018] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.249473][ T2027] mmap: syz.1.484 (2027) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 108.294675][ T2023] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 108.320771][ T2027] tipc: Started in network mode [ 108.326102][ T2027] tipc: Node identity 7f000001, cluster identity 4711 [ 108.335148][ T2023] EXT4-fs (loop2): 1 truncate cleaned up [ 108.345982][ T2023] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000358,min_batch_time=0x0000000003000000,stripe=0x0000000000000009,,errors=continue. Quota mode: none. [ 108.378922][ T2027] tipc: Enabled bearer , priority 10 [ 108.397615][ T2033] tipc: Enabling of bearer rejected, failed to enable media [ 108.790046][ T2053] serio: Serial port ptm1 [ 108.977540][ T2058] loop7: detected capacity change from 0 to 16384 [ 109.040085][ T2059] loop0: detected capacity change from 0 to 2048 [ 109.193819][ T2060] loop_set_status: loop7 () has still dirty pages (nrpages=320) [ 109.194225][ T2059] EXT4-fs (loop0): mounted filesystem without journal. Opts: discard,,errors=continue. Quota mode: none. [ 109.227775][ T2059] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.496: bg 0: block 65: padding at end of block bitmap is not set [ 109.296331][ T2064] sch_tbf: burst 3092 is lower than device lo mtu (65550) ! [ 109.423971][ T320] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0 [ 109.431357][ T320] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0 [ 109.439688][ T320] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0 [ 109.514456][ T299] tipc: Node number set to 2130706433 [ 109.520095][ T320] hid-generic 0000:0004:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz1 [ 109.570391][ T2089] loop2: detected capacity change from 0 to 2048 [ 109.596435][ T2089] Alternate GPT is invalid, using primary GPT. [ 109.602723][ T2089] loop2: p2 p3 p7 [ 109.758384][ T2095] loop1: detected capacity change from 0 to 4096 [ 109.800781][ T320] Bluetooth: hci0: command 0x1001 tx timeout [ 109.840613][ T471] Bluetooth: hci0: sending frame failed (-49) [ 109.881697][ T2095] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 110.364682][ T313] udevd[313]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 110.364709][ T368] udevd[368]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 110.398449][ T367] udevd[367]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 110.783103][ T30] kauditd_printk_skb: 194 callbacks suppressed [ 110.784149][ T30] audit: type=1400 audit(1744151944.012:3530): avc: denied { read } for pid=2099 comm="syz.2.511" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 110.911759][ T30] audit: type=1400 audit(1744151944.012:3531): avc: denied { open } for pid=2099 comm="syz.2.511" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 111.060153][ T30] audit: type=1400 audit(1744151944.012:3532): avc: denied { ioctl } for pid=2099 comm="syz.2.511" path="/dev/loop-control" dev="devtmpfs" ino=111 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 111.104517][ T2116] loop1: detected capacity change from 0 to 512 [ 111.198725][ T2116] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 111.278234][ T2116] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0002] [ 111.289900][ T2116] System zones: 1-12 [ 111.302345][ T2116] EXT4-fs (loop1): orphan cleanup on readonly fs [ 111.318354][ T2116] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.516: bg 0: block 361: padding at end of block bitmap is not set [ 111.343583][ T2116] EXT4-fs (loop1): Remounting filesystem read-only [ 111.366474][ T2116] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 111.494019][ T2116] EXT4-fs (loop1): Remounting filesystem read-only [ 111.500386][ T2116] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.516: invalid indirect mapped block 12 (level 1) [ 111.592223][ T2116] EXT4-fs (loop1): Remounting filesystem read-only [ 111.598888][ T2116] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.516: invalid indirect mapped block 2 (level 2) [ 111.613103][ T2116] EXT4-fs (loop1): Remounting filesystem read-only [ 111.619606][ T2116] EXT4-fs (loop1): 1 truncate cleaned up [ 111.625302][ T2116] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,max_batch_time=0x0000000000000007,inode_readahead_blks=0x0000000000000040,errors=remount-ro,init_itable. Quota mode: none. [ 111.646252][ T2123] netlink: 8 bytes leftover after parsing attributes in process `syz.4.518'. [ 111.668618][ T30] audit: type=1400 audit(1744151944.902:3533): avc: denied { mount } for pid=2120 comm="syz.2.519" name="/" dev="ramfs" ino=21619 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 111.691144][ T2123] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 111.754367][ T2128] loop4: detected capacity change from 0 to 2048 [ 111.803518][ T2128] loop4: p1 < > p4 [ 111.807919][ T2128] loop4: p4 size 8388608 extends beyond EOD, truncated [ 112.142696][ T20] Bluetooth: hci0: command 0x1009 tx timeout [ 112.247569][ T30] audit: type=1400 audit(1744151945.482:3534): avc: denied { ioctl } for pid=2138 comm="syz.0.525" path="socket:[21645]" dev="sockfs" ino=21645 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 112.284230][ T2139] bridge0: port 3(veth3) entered blocking state [ 112.290305][ T2139] bridge0: port 3(veth3) entered disabled state [ 112.297866][ T2139] device veth3 entered promiscuous mode [ 112.642733][ T2153] netlink: 4 bytes leftover after parsing attributes in process `syz.1.530'. [ 112.651472][ T2153] device bridge_slave_1 left promiscuous mode [ 112.657684][ T2153] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.665581][ T2153] device bridge_slave_0 left promiscuous mode [ 112.671709][ T2153] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.764475][ T30] audit: type=1326 audit(1744151946.002:3535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 112.789766][ T30] audit: type=1326 audit(1744151946.002:3536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 112.813530][ T30] audit: type=1326 audit(1744151946.002:3537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 112.842617][ T30] audit: type=1326 audit(1744151946.072:3538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 112.879291][ T30] audit: type=1326 audit(1744151946.072:3539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 112.911632][ T2165] loop1: detected capacity change from 0 to 512 [ 112.984488][ T2165] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 113.003352][ T2165] EXT4-fs warning (device loop1): ext4_enable_quotas:6423: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 113.598738][ T2193] bridge0: port 3(veth3) entered blocking state [ 113.604937][ T2193] bridge0: port 3(veth3) entered disabled state [ 113.611523][ T2193] device veth3 entered promiscuous mode [ 113.798527][ T2211] loop2: detected capacity change from 0 to 1024 [ 113.841130][ T2214] loop4: detected capacity change from 0 to 512 [ 113.854348][ T2211] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 113.865039][ T2211] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 113.879746][ T2211] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.553: bg 0: block 393: padding at end of block bitmap is not set [ 113.894968][ T2211] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 48 with error 117 [ 113.907345][ T2211] EXT4-fs (loop2): This should not happen!! Data will be lost [ 113.907345][ T2211] [ 113.935594][ T2214] EXT4-fs (loop4): 1 orphan inode deleted [ 113.941180][ T2214] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 113.952234][ T2214] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 113.984076][ T2220] xt_bpf: check failed: parse error [ 114.114177][ T2234] loop2: detected capacity change from 0 to 512 [ 114.165659][ T2239] netlink: 48 bytes leftover after parsing attributes in process `syz.4.565'. [ 114.166900][ T2234] EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 114.190211][ T2234] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 114.201200][ T2243] cgroup: fork rejected by pids controller in /syz4 [ 114.413480][ T289] syz-executor (289) used greatest stack depth: 19696 bytes left [ 114.610047][ T2257] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.617229][ T2257] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.624891][ T2257] device bridge_slave_0 entered promiscuous mode [ 114.631998][ T2257] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.643901][ T2257] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.651457][ T2257] device bridge_slave_1 entered promiscuous mode [ 114.750919][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 114.758641][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 114.776583][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 114.785217][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 114.793477][ T1689] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.800368][ T1689] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.808563][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 114.817178][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 114.825573][ T1689] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.832480][ T1689] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.851012][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 114.858938][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 114.867897][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 114.885858][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 114.899917][ T2257] device veth0_vlan entered promiscuous mode [ 114.907317][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 114.915893][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 114.923892][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 114.932766][ T494] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 114.941518][ T8] device veth3 left promiscuous mode [ 114.946800][ T8] bridge0: port 3(veth3) entered disabled state [ 114.953565][ T8] device bridge_slave_1 left promiscuous mode [ 114.959594][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.967138][ T8] device bridge_slave_0 left promiscuous mode [ 114.979872][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.993611][ T8] device veth1_macvtap left promiscuous mode [ 114.999666][ T8] device veth0_vlan left promiscuous mode [ 115.140168][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 115.154579][ T2257] device veth1_macvtap entered promiscuous mode [ 115.173422][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 115.182590][ T2285] syz.1.583[2285] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 115.182674][ T2285] syz.1.583[2285] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 115.185019][ T1689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 115.212478][ T494] usb 3-1: device descriptor read/64, error -71 [ 115.259910][ T2289] syz.4.570[2289] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 115.259999][ T2289] syz.4.570[2289] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 115.331315][ T2299] syz.1.588[2299] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 115.343259][ T2299] syz.1.588[2299] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 115.392089][ T2301] netlink: 192 bytes leftover after parsing attributes in process `syz.1.589'. [ 115.441679][ T2308] loop4: detected capacity change from 0 to 1024 [ 115.504350][ T2308] EXT4-fs (loop4): Ignoring removed orlov option [ 115.510827][ T2308] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 115.549987][ T2308] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 115.691196][ T494] usb 3-1: device descriptor read/64, error -71 [ 115.992858][ T494] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 116.008762][ T30] kauditd_printk_skb: 81 callbacks suppressed [ 116.008779][ T30] audit: type=1400 audit(1744151949.242:3620): avc: denied { write } for pid=2336 comm="syz.3.605" name="raw6" dev="proc" ino=4026532668 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 116.051257][ T2341] netlink: 4 bytes leftover after parsing attributes in process `syz.4.606'. [ 116.070813][ T2343] netlink: 8 bytes leftover after parsing attributes in process `syz.0.607'. [ 116.079536][ T30] audit: type=1326 audit(1744151949.302:3621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2340 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 116.108729][ T2341] Illegal XDP return value 4294967274, expect packet loss! [ 116.129925][ T2343] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 116.143179][ T30] audit: type=1326 audit(1744151949.302:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2340 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 116.180976][ T30] audit: type=1326 audit(1744151949.302:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2340 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 116.205676][ T30] audit: type=1326 audit(1744151949.302:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2340 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 116.233791][ T30] audit: type=1326 audit(1744151949.302:3625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2340 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 116.269727][ T30] audit: type=1326 audit(1744151949.302:3626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2340 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 116.322562][ T30] audit: type=1326 audit(1744151949.342:3627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2340 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 116.373307][ T2354] loop3: detected capacity change from 0 to 2048 [ 116.392496][ T30] audit: type=1326 audit(1744151949.342:3628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2340 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 116.416778][ T30] audit: type=1326 audit(1744151949.342:3629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2340 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 116.442950][ T2354] loop3: p1 p3 < > p4 < p5 > [ 116.447650][ T2354] loop3: partition table partially beyond EOD, truncated [ 116.463268][ T494] usb 3-1: device descriptor read/64, error -71 [ 116.478482][ T2354] loop3: p1 size 33024 extends beyond EOD, truncated [ 116.480054][ T2350] 9pnet: Could not find request transport: rdma [ 116.506928][ T2360] netlink: 4 bytes leftover after parsing attributes in process `syz.1.613'. [ 116.511501][ T2354] loop3: p3 start 4284289 is beyond EOD, truncated [ 116.550875][ T2354] loop3: p5 size 33024 extends beyond EOD, truncated [ 116.862896][ T494] usb 3-1: device descriptor read/64, error -71 [ 116.992560][ T494] usb usb3-port1: attempt power cycle [ 117.313656][ T2381] netlink: 24 bytes leftover after parsing attributes in process `syz.0.622'. [ 117.642769][ T2385] kernel profiling enabled (shift: 9) [ 117.793700][ T2399] syz.0.630 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 117.815937][ T2403] loop4: detected capacity change from 0 to 2048 [ 117.820601][ T2404] loop2: detected capacity change from 0 to 2048 [ 117.921010][ T2403] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 118.283397][ T2434] loop3: detected capacity change from 0 to 512 [ 118.302601][ T2434] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 118.316983][ T2434] EXT4-fs (loop3): invalid journal inode [ 118.322892][ T2434] EXT4-fs (loop3): can't get journal size [ 118.330484][ T2434] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c118, mo2=0002] [ 118.342696][ T2434] System zones: 1-12, 13-13 [ 118.359204][ T2434] EXT4-fs (loop3): 1 truncate cleaned up [ 118.373249][ T2434] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,grpquota,debug,discard,,errors=continue. Quota mode: writeback. [ 118.636995][ T2463] loop3: detected capacity change from 0 to 512 [ 118.733584][ T2463] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 118.745980][ T2463] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 118.765758][ T2463] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 118.785494][ T2463] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 118.800165][ T2463] System zones: 0-2, 18-18, 34-34 [ 118.810956][ T2463] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 118.827569][ T2463] EXT4-fs (loop3): 1 truncate cleaned up [ 118.848685][ T2463] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 119.960136][ T2522] loop4: detected capacity change from 0 to 256 [ 120.015167][ T2531] syz.2.685[2531] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 120.015257][ T2531] syz.2.685[2531] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 120.042744][ T2522] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097162) [ 120.067639][ T2522] FAT-fs (loop4): Filesystem has been set read-only [ 120.117724][ T2538] xt_bpf: check failed: parse error [ 120.748364][ T2579] loop4: detected capacity change from 0 to 1024 [ 120.771789][ T2579] EXT4-fs (loop4): Ignoring removed nobh option [ 120.788516][ T2579] EXT4-fs (loop4): Ignoring removed bh option [ 120.792537][ T1033] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 120.802047][ T2579] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 120.845702][ T2579] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,jqfmt=vfsv0,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: none. [ 120.872572][ T2594] loop2: detected capacity change from 0 to 1024 [ 120.879935][ T2579] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3876: comm syz.4.708: Allocating blocks 385-513 which overlap fs metadata [ 120.898135][ T2579] EXT4-fs (loop4): pa ffff88813d660dc8: logic 16, phys. 129, len 24 [ 120.906167][ T2579] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 8 [ 120.926284][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 120.935580][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 120.948189][ T2594] EXT4-fs (loop2): Ignoring removed nobh option [ 120.948950][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 120.956064][ T2594] EXT4-fs (loop2): Ignoring removed bh option [ 120.963576][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 120.968387][ T2594] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 120.976946][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 120.996492][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.005976][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.013876][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.015745][ T2594] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,jqfmt=vfsv0,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: none. [ 121.026363][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.053251][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.061312][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.071246][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.076719][ T2594] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3876: comm syz.2.714: Allocating blocks 385-513 which overlap fs metadata [ 121.079185][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.095451][ T2593] EXT4-fs (loop2): pa ffff88813d660000: logic 16, phys. 129, len 24 [ 121.100112][ T1033] usb 2-1: device descriptor read/64, error -71 [ 121.108169][ T2593] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 8 [ 121.114423][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.133193][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.142836][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.143912][ T2607] SELinux: failed to load policy [ 121.150430][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.150461][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.150486][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.155377][ T30] kauditd_printk_skb: 214 callbacks suppressed [ 121.155394][ T30] audit: type=1400 audit(1744151954.382:3844): avc: denied { load_policy } for pid=2606 comm="syz.0.719" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 121.162776][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.212071][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.219978][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.228811][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.236495][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.244206][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.251788][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.259415][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.270092][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.278275][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.287702][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.295670][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.307730][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.315502][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.323194][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.330981][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.338698][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.346459][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.355078][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.631400][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.639088][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.646700][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.654310][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.661900][ T20] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 121.671891][ T20] hid-generic 0000:007F:FFFFFFFE.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 121.693106][ T30] audit: type=1326 audit(1744151954.932:3845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2613 comm="syz.2.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 121.724158][ T30] audit: type=1326 audit(1744151954.952:3846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2613 comm="syz.2.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 121.772364][ T30] audit: type=1326 audit(1744151954.982:3847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2613 comm="syz.2.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 121.795922][ T1033] usb 2-1: device descriptor read/64, error -71 [ 121.805908][ T30] audit: type=1326 audit(1744151954.982:3848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2613 comm="syz.2.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 121.865302][ T2620] SELinux: failed to load policy [ 121.878529][ T2622] loop2: detected capacity change from 0 to 2048 [ 121.934327][ T2622] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 122.044068][ T2633] loop2: detected capacity change from 0 to 256 [ 122.059797][ T2630] loop4: detected capacity change from 0 to 2048 [ 122.073416][ T30] audit: type=1400 audit(1744151955.302:3849): avc: denied { setopt } for pid=2631 comm="syz.3.728" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 122.082781][ T1033] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 122.182958][ T2630] loop4: p1 p3 < > p4 < p5 > [ 122.187612][ T2630] loop4: partition table partially beyond EOD, truncated [ 122.208846][ T2630] loop4: p1 size 33024 extends beyond EOD, truncated [ 122.221680][ T2641] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 122.239192][ T30] audit: type=1400 audit(1744151955.472:3850): avc: denied { read append } for pid=2632 comm="syz.2.727" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 122.334205][ T2645] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 122.341518][ T2645] usb usb1: Process 2645 (syz.0.731) called USBDEVFS_CLEAR_HALT for active endpoint 0x81 [ 122.358477][ T30] audit: type=1400 audit(1744151955.502:3851): avc: denied { open } for pid=2632 comm="syz.2.727" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 122.408160][ T30] audit: type=1400 audit(1744151955.642:3852): avc: denied { read } for pid=2640 comm="syz.3.732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 122.428069][ T2630] loop4: p3 start 4284289 is beyond EOD, truncated [ 122.442568][ T1033] usb 2-1: device descriptor read/64, error -71 [ 122.450824][ T2630] loop4: p5 size 33024 extends beyond EOD, truncated [ 122.659861][ T30] audit: type=1400 audit(1744151955.892:3853): avc: denied { mount } for pid=2646 comm="syz.2.733" name="/" dev="configfs" ino=1334 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 122.873474][ T1033] usb 2-1: device descriptor read/64, error -71 [ 123.032925][ T1033] usb usb2-port1: attempt power cycle [ 123.134121][ T2658] netlink: 8 bytes leftover after parsing attributes in process `syz.2.737'. [ 123.385192][ T2670] loop2: detected capacity change from 0 to 256 [ 123.696550][ T2676] capability: warning: `syz.3.745' uses deprecated v2 capabilities in a way that may be insecure [ 123.722514][ T1033] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 124.077778][ T2722] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 124.129530][ T2726] device pim6reg1 entered promiscuous mode [ 124.203010][ T1033] usb 2-1: device not accepting address 10, error -71 [ 124.290082][ T2756] netlink: 36 bytes leftover after parsing attributes in process `syz.2.783'. [ 124.314185][ T2758] netlink: 24 bytes leftover after parsing attributes in process `syz.2.784'. [ 124.576495][ T2786] netlink: 24 bytes leftover after parsing attributes in process `syz.2.797'. [ 124.607962][ T2788] netlink: 20 bytes leftover after parsing attributes in process `syz.2.798'. [ 124.996289][ T2802] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 125.247376][ T2816] netlink: 24 bytes leftover after parsing attributes in process `syz.4.808'. [ 126.167055][ T30] kauditd_printk_skb: 114 callbacks suppressed [ 126.167072][ T30] audit: type=1400 audit(1744151959.402:3968): avc: denied { create } for pid=2844 comm="syz.1.822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 126.190846][ T2847] netlink: 68 bytes leftover after parsing attributes in process `syz.2.823'. [ 126.214452][ T30] audit: type=1400 audit(1744151959.412:3969): avc: denied { create } for pid=2846 comm="syz.2.823" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 126.422201][ T2853] netlink: 24 bytes leftover after parsing attributes in process `syz.1.822'. [ 126.602971][ T30] audit: type=1400 audit(1744151959.412:3970): avc: denied { write } for pid=2846 comm="syz.2.823" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 126.629423][ T30] audit: type=1400 audit(1744151959.412:3971): avc: denied { nlmsg_write } for pid=2846 comm="syz.2.823" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 126.665409][ T30] audit: type=1400 audit(1744151959.532:3972): avc: denied { read } for pid=2848 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 126.697066][ T30] audit: type=1400 audit(1744151959.532:3973): avc: denied { open } for pid=2848 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 126.782051][ T2858] loop2: detected capacity change from 0 to 256 [ 126.889676][ T2858] FAT-fs (loop2): Directory bread(block 64) failed [ 126.896272][ T2858] FAT-fs (loop2): Directory bread(block 65) failed [ 126.902928][ T2858] FAT-fs (loop2): Directory bread(block 66) failed [ 126.909363][ T2858] FAT-fs (loop2): Directory bread(block 67) failed [ 126.915858][ T2858] FAT-fs (loop2): Directory bread(block 68) failed [ 126.922288][ T2858] FAT-fs (loop2): Directory bread(block 69) failed [ 126.928782][ T2858] FAT-fs (loop2): Directory bread(block 70) failed [ 126.935254][ T2858] FAT-fs (loop2): Directory bread(block 71) failed [ 126.941807][ T2858] FAT-fs (loop2): Directory bread(block 72) failed [ 126.948266][ T2858] FAT-fs (loop2): Directory bread(block 73) failed [ 126.980637][ T2858] audit: audit_backlog=65 > audit_backlog_limit=64 [ 126.987200][ T2858] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 126.994816][ T2858] audit: backlog limit exceeded [ 127.212967][ T2858] audit: audit_backlog=65 > audit_backlog_limit=64 [ 127.481470][ T2869] syz.4.828[2869] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 127.481565][ T2869] syz.4.828[2869] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 127.539909][ T2848] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.625409][ T2876] loop4: detected capacity change from 0 to 512 [ 127.633224][ T2848] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.640593][ T2848] device bridge_slave_0 entered promiscuous mode [ 127.710338][ T2878] tipc: Enabling of bearer rejected, failed to enable media [ 127.743722][ T2876] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 127.753330][ T2848] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.760172][ T2848] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.775708][ T2848] device bridge_slave_1 entered promiscuous mode [ 127.848279][ T1689] device veth3 left promiscuous mode [ 127.855116][ T2876] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0002] [ 127.863726][ T1689] bridge0: port 3(veth3) entered disabled state [ 127.872847][ T2876] System zones: 1-12 [ 127.887259][ T1689] device bridge_slave_1 left promiscuous mode [ 127.899962][ T2876] EXT4-fs (loop4): orphan cleanup on readonly fs [ 127.906858][ T1689] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.922822][ T2876] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.831: bg 0: block 361: padding at end of block bitmap is not set [ 127.923019][ T1689] device bridge_slave_0 left promiscuous mode [ 128.005070][ T2876] EXT4-fs (loop4): Remounting filesystem read-only [ 128.115982][ T2876] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 128.129858][ T1689] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.139652][ T2889] netlink: 68 bytes leftover after parsing attributes in process `syz.1.835'. [ 128.152845][ T2876] EXT4-fs (loop4): Remounting filesystem read-only [ 128.163786][ T1689] device veth1_macvtap left promiscuous mode [ 128.172675][ T2876] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.831: invalid indirect mapped block 12 (level 1) [ 128.174871][ T1689] device veth0_vlan left promiscuous mode [ 128.240389][ T2876] EXT4-fs (loop4): Remounting filesystem read-only [ 128.247744][ T2876] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.831: invalid indirect mapped block 2 (level 2) [ 128.261479][ T2876] EXT4-fs (loop4): Remounting filesystem read-only [ 128.268223][ T2876] EXT4-fs (loop4): 1 truncate cleaned up [ 128.274047][ T2876] EXT4-fs (loop4): mounted filesystem without journal. Opts: noload,max_batch_time=0x0000000000000007,inode_readahead_blks=0x0000000000000040,errors=remount-ro,init_itable. Quota mode: none. [ 128.422824][ T2904] loop4: detected capacity change from 0 to 512 [ 128.431211][ T2900] loop3: detected capacity change from 0 to 256 [ 128.444254][ T2904] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 128.461320][ T2904] EXT4-fs (loop4): invalid journal inode [ 128.468369][ T2904] EXT4-fs (loop4): can't get journal size [ 128.483680][ T2904] EXT4-fs (loop4): 1 truncate cleaned up [ 128.491178][ T2904] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none. [ 128.493439][ T2908] netlink: 8 bytes leftover after parsing attributes in process `syz.2.844'. [ 128.511178][ T2908] netlink: 4 bytes leftover after parsing attributes in process `syz.2.844'. [ 128.522911][ T2900] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000400) [ 128.530584][ T2900] FAT-fs (loop3): Filesystem has been set read-only [ 128.542072][ T2912] loop2: detected capacity change from 0 to 512 [ 128.549133][ T2908] device wireguard0 entered promiscuous mode [ 128.641027][ T2912] EXT4-fs (loop2): too many log groups per flexible block group [ 128.651762][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 128.660807][ T2912] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 128.663846][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 128.678443][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 128.685008][ T2912] EXT4-fs (loop2): mount failed [ 128.687485][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 128.699456][ T361] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.706530][ T361] bridge0: port 1(bridge_slave_0) entered forwarding state [ 128.714390][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 128.722693][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 128.741032][ T361] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.747943][ T361] bridge0: port 2(bridge_slave_1) entered forwarding state [ 128.755878][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 128.827403][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 128.861851][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 128.897886][ T2935] loop2: detected capacity change from 0 to 128 [ 128.914877][ T2933] SELinux: Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped). [ 128.927046][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 128.941040][ T2848] device veth0_vlan entered promiscuous mode [ 128.949131][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 128.969284][ T2935] attempt to access beyond end of device [ 128.969284][ T2935] loop2: rw=2049, want=240, limit=128 [ 128.970117][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 128.998978][ T2934] attempt to access beyond end of device [ 128.998978][ T2934] loop2: rw=524288, want=240, limit=128 [ 129.008039][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 129.035553][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 129.049910][ T2848] device veth1_macvtap entered promiscuous mode [ 129.060637][ T2947] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 129.087274][ T2949] loop2: detected capacity change from 0 to 512 [ 129.094445][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 129.107754][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 129.155120][ T2949] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 129.166297][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 129.185022][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 129.190577][ T2949] ext4 filesystem being mounted at /195/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 129.446707][ T2974] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 129.454719][ T2974] usb usb1: Process 2974 (syz.0.868) called USBDEVFS_CLEAR_HALT for active endpoint 0x81 [ 129.603061][ T2977] syz.4.871[2977] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 129.603383][ T2977] syz.4.871[2977] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 129.606326][ T2978] loop2: detected capacity change from 0 to 1024 [ 129.769288][ T2978] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 130.128910][ T2994] loop3: detected capacity change from 0 to 512 [ 130.170355][ T2999] loop4: detected capacity change from 0 to 512 [ 130.189084][ T2994] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 130.228831][ T3001] loop2: detected capacity change from 0 to 2048 [ 130.228875][ T2994] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 130.256346][ T2994] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 130.265423][ T2994] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 130.273504][ T2994] System zones: 0-2, 18-18, 34-34 [ 130.298923][ T2999] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.882: inode #1: comm syz.4.882: iget: illegal inode # [ 130.312380][ T2994] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 130.333038][ T2999] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.882: error while reading EA inode 1 err=-117 [ 130.345478][ T2994] EXT4-fs (loop3): 1 truncate cleaned up [ 130.350964][ T2994] EXT4-fs (loop3): mounted filesystem without journal. Opts: min_batch_time=0x000000000000a04d,errors=continue,,errors=continue. Quota mode: none. [ 130.369706][ T2999] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.882: inode #1: comm syz.4.882: iget: illegal inode # [ 130.384413][ T2999] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.882: error while reading EA inode 1 err=-117 [ 130.398576][ T2999] EXT4-fs (loop4): 1 orphan inode deleted [ 130.416351][ T2999] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrjquota=,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,journal_dev=0x0000000000000dcc,,errors=continue. Quota mode: writeback. [ 130.895952][ T3025] loop3: detected capacity change from 0 to 512 [ 130.910082][ T3029] netlink: 68 bytes leftover after parsing attributes in process `syz.1.891'. [ 130.922270][ T3025] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 130.967342][ T3034] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 130.975837][ T3034] usb usb1: Process 3034 (syz.4.893) called USBDEVFS_CLEAR_HALT for active endpoint 0x81 [ 130.986863][ T3025] EXT4-fs warning (device loop3): ext4_enable_quotas:6423: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 131.059639][ T3043] loop4: detected capacity change from 0 to 2048 [ 131.118633][ T3043] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 131.175703][ T30] kauditd_printk_skb: 283 callbacks suppressed [ 131.175721][ T30] audit: type=1326 audit(1744151964.412:4254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3047 comm="syz.2.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 131.207686][ T30] audit: type=1326 audit(1744151964.412:4255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3047 comm="syz.2.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 131.233340][ T30] audit: type=1326 audit(1744151964.412:4256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3047 comm="syz.2.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fa8693ee169 code=0x7ffc0000 [ 131.268912][ T30] audit: type=1400 audit(1744151964.442:4257): avc: denied { execute } for pid=3062 comm="syz.0.906" name="file0" dev="tmpfs" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 131.296748][ T30] audit: type=1400 audit(1744151964.442:4258): avc: denied { execute_no_trans } for pid=3062 comm="syz.0.906" path="/4/file0" dev="tmpfs" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 131.323364][ T30] audit: type=1400 audit(1744151964.472:4259): avc: denied { read } for pid=3066 comm="syz.0.908" name="event2" dev="devtmpfs" ino=266 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 131.347650][ T30] audit: type=1400 audit(1744151964.472:4260): avc: denied { open } for pid=3066 comm="syz.0.908" path="/dev/input/event2" dev="devtmpfs" ino=266 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 131.372698][ T30] audit: type=1400 audit(1744151964.482:4261): avc: denied { ioctl } for pid=3066 comm="syz.0.908" path="/dev/input/event2" dev="devtmpfs" ino=266 ioctlcmd=0x4504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 131.399437][ T30] audit: type=1400 audit(1744151964.502:4262): avc: denied { setopt } for pid=3069 comm="syz.1.910" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 131.427636][ T30] audit: type=1400 audit(1744151964.652:4263): avc: denied { setopt } for pid=3074 comm="syz.3.912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 131.452080][ T3083] tmpfs: Unsupported parameter 'mpol' [ 131.475804][ T3085] xt_hashlimit: size too large, truncated to 1048576 [ 131.506065][ T3089] netlink: 24 bytes leftover after parsing attributes in process `syz.0.918'. [ 131.831753][ T3105] netlink: 24 bytes leftover after parsing attributes in process `syz.0.923'. [ 132.205806][ T3120] tipc: Started in network mode [ 132.210518][ T3120] tipc: Node identity ac14140f, cluster identity 4711 [ 132.214007][ T3122] loop3: detected capacity change from 0 to 128 [ 132.217750][ T3120] tipc: New replicast peer: 255.255.255.255 [ 132.232900][ T3120] tipc: Enabled bearer , priority 10 [ 132.239793][ T3120] netlink: 12 bytes leftover after parsing attributes in process `syz.2.932'. [ 132.248613][ T3120] tipc: Disabling bearer [ 132.355574][ T3135] loop4: detected capacity change from 0 to 512 [ 132.375204][ T3139] usb usb1: usbfs: process 3139 (syz.3.940) did not claim interface 0 before use [ 132.385135][ T3139] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 132.387361][ T3135] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 132.405547][ T3139] usb usb1: Process 3139 (syz.3.940) called USBDEVFS_CLEAR_HALT for active endpoint 0x81 [ 132.430427][ T3135] EXT4-fs (loop4): 1 truncate cleaned up [ 132.439256][ T3135] EXT4-fs (loop4): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,. Quota mode: writeback. [ 132.516259][ T3146] netlink: 68 bytes leftover after parsing attributes in process `syz.3.941'. [ 132.568878][ T3151] loop3: detected capacity change from 0 to 512 [ 132.575737][ T3155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.947'. [ 132.591231][ T3155] netlink: 12 bytes leftover after parsing attributes in process `syz.1.947'. [ 132.609366][ T3151] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.945: inode #1: comm syz.3.945: iget: illegal inode # [ 132.628551][ T3151] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.945: error while reading EA inode 1 err=-117 [ 132.628745][ T3151] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.945: inode #1: comm syz.3.945: iget: illegal inode # [ 132.628883][ T3151] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.945: error while reading EA inode 1 err=-117 [ 132.641918][ T3151] EXT4-fs (loop3): 1 orphan inode deleted [ 132.682590][ T3151] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrjquota=,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,journal_dev=0x0000000000000dcc,,errors=continue. Quota mode: writeback. [ 132.803611][ T3174] netlink: 68 bytes leftover after parsing attributes in process `syz.1.956'. [ 132.832119][ T494] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 132.840289][ T494] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 133.236551][ T3186] netlink: 'syz.3.960': attribute type 1 has an invalid length. [ 133.409415][ T3208] syz.2.969[3208] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.409517][ T3208] syz.2.969[3208] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.441121][ T3212] hub 9-0:1.0: USB hub found [ 133.457291][ T3212] hub 9-0:1.0: 1 port detected [ 133.464758][ T3214] syz.1.972[3214] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.464842][ T3214] syz.1.972[3214] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 134.041678][ T3264] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 134.099612][ T3270] loop4: detected capacity change from 0 to 128 [ 134.328621][ T3292] syz.3.1009[3292] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 134.328710][ T3292] syz.3.1009[3292] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 134.363880][ T3295] loop3: detected capacity change from 0 to 128 [ 134.393614][ T3290] hub 2-0:1.0: USB hub found [ 134.405227][ T3290] hub 2-0:1.0: 1 port detected [ 134.481483][ T3305] loop2: detected capacity change from 0 to 512 [ 134.502365][ T3305] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.1014: inode #1: comm syz.2.1014: iget: illegal inode # [ 134.522770][ T3305] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1014: error while reading EA inode 1 err=-117 [ 134.611228][ T3305] EXT4-fs (loop2): 1 orphan inode deleted [ 134.665113][ T3305] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 134.746614][ T3328] usb usb1: usbfs: process 3328 (syz.1.1024) did not claim interface 0 before use [ 134.784183][ T3330] loop4: detected capacity change from 0 to 512 [ 134.835104][ T3330] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 134.846444][ T3330] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 134.926999][ T3346] syz.1.1032[3346] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 134.927112][ T3346] syz.1.1032[3346] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 135.132239][ T3364] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 135.216962][ T3378] 9pnet_virtio: no channels available for device [ 135.239901][ T3380] loop4: detected capacity change from 0 to 128 [ 135.260528][ T3380] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 580) [ 135.268998][ T3380] FAT-fs (loop4): Filesystem has been set read-only [ 135.296385][ T3382] hub 2-0:1.0: USB hub found [ 135.302577][ T3382] hub 2-0:1.0: 1 port detected [ 135.918022][ T3409] loop2: detected capacity change from 0 to 512 [ 135.925761][ T3411] loop3: detected capacity change from 0 to 1024 [ 135.970831][ T3411] EXT4-fs (loop3): Ignoring removed orlov option [ 135.981563][ T3413] usb usb1: usbfs: process 3413 (syz.0.1061) did not claim interface 0 before use [ 135.994647][ T3409] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 136.009523][ T3409] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.021282][ T3411] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,stripe=0x0000000000000001,orlov,. Quota mode: none. [ 136.060842][ T3411] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: none. [ 136.146589][ T3433] IPv6: NLM_F_CREATE should be specified when creating new route [ 136.220837][ T3440] usb usb1: usbfs: process 3440 (syz.3.1072) did not claim interface 0 before use [ 136.229342][ T3437] loop2: detected capacity change from 0 to 512 [ 136.240069][ T3437] EXT4-fs (loop2): Ignoring removed nobh option [ 136.247948][ T3440] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 136.265541][ T30] kauditd_printk_skb: 157 callbacks suppressed [ 136.265558][ T30] audit: type=1326 audit(1744151969.502:4421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3438 comm="syz.4.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 136.295766][ T30] audit: type=1326 audit(1744151969.502:4422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3438 comm="syz.4.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 136.322165][ T30] audit: type=1400 audit(1744151969.552:4423): avc: denied { read } for pid=3444 comm="syz.0.1074" name="event0" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 136.346438][ T3437] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #3: comm syz.2.1071: corrupted inode contents [ 136.347315][ T30] audit: type=1400 audit(1744151969.552:4424): avc: denied { open } for pid=3444 comm="syz.0.1074" path="/dev/input/event0" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 136.368433][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.381999][ T30] audit: type=1326 audit(1744151969.592:4425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3438 comm="syz.4.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=218 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 136.411984][ T30] audit: type=1326 audit(1744151969.592:4426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3438 comm="syz.4.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 136.432840][ T3437] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #3: comm syz.2.1071: mark_inode_dirty error [ 136.437763][ T30] audit: type=1326 audit(1744151969.592:4427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3438 comm="syz.4.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 136.475786][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.483038][ T3437] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #3: comm syz.2.1071: corrupted inode contents [ 136.490418][ T3457] __nla_validate_parse: 1 callbacks suppressed [ 136.490441][ T3457] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1079'. [ 136.494706][ T30] audit: type=1400 audit(1744151969.722:4428): avc: denied { setopt } for pid=3454 comm="syz.1.1078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 136.529669][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.536135][ T3437] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #3: comm syz.2.1071: mark_inode_dirty error [ 136.547987][ T30] audit: type=1400 audit(1744151969.772:4429): avc: denied { read write } for pid=3444 comm="syz.0.1074" name="raw-gadget" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 136.572630][ T30] audit: type=1400 audit(1744151969.772:4430): avc: denied { open } for pid=3444 comm="syz.0.1074" path="/dev/raw-gadget" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 136.597741][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.628289][ T3437] EXT4-fs error (device loop2): ext4_acquire_dquot:6188: comm syz.2.1071: Failed to acquire dquot type 0 [ 136.666222][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.673948][ T3471] netem: incorrect gi model size [ 136.678247][ T3437] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #16: comm syz.2.1071: corrupted inode contents [ 136.678816][ T3471] netem: change failed [ 136.711521][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.732480][ T3437] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #16: comm syz.2.1071: mark_inode_dirty error [ 136.752734][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.759259][ T3437] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #16: comm syz.2.1071: corrupted inode contents [ 136.782735][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.792632][ T3437] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #16: comm syz.2.1071: mark_inode_dirty error [ 136.812705][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.832993][ T3437] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #16: comm syz.2.1071: corrupted inode contents [ 136.859515][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.883322][ T3437] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 136.902074][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.916062][ T3437] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #16: comm syz.2.1071: corrupted inode contents [ 136.944390][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.950739][ T3437] EXT4-fs error (device loop2): ext4_truncate:4303: inode #16: comm syz.2.1071: mark_inode_dirty error [ 136.963332][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.972384][ T3498] loop3: detected capacity change from 0 to 512 [ 136.978683][ T3437] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 136.981066][ T3500] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0) [ 136.996105][ T3437] EXT4-fs (loop2): Remounting filesystem read-only [ 136.996983][ T3500] SELinux: failed to load policy [ 137.002937][ T3437] EXT4-fs (loop2): 1 truncate cleaned up [ 137.013395][ T3437] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nobh,. Quota mode: writeback. [ 137.042924][ T3437] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.082067][ T3498] EXT4-fs (loop3): orphan cleanup on readonly fs [ 137.092280][ T3498] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1098: bg 0: block 248: padding at end of block bitmap is not set [ 137.107902][ T3506] loop4: detected capacity change from 0 to 4096 [ 137.115564][ T3498] EXT4-fs error (device loop3): ext4_acquire_dquot:6188: comm syz.3.1098: Failed to acquire dquot type 1 [ 137.128688][ T3498] EXT4-fs (loop3): 1 truncate cleaned up [ 137.135317][ T3498] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 137.198595][ T3506] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 137.201120][ T3511] loop2: detected capacity change from 0 to 512 [ 137.283905][ T3511] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 137.313981][ T3511] EXT4-fs (loop2): 1 truncate cleaned up [ 137.316599][ T3516] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1106'. [ 137.319794][ T3511] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000358,resuid=0x0000000000000000,stripe=0x0000000000000009,,errors=continue. Quota mode: none. [ 137.623003][ T3540] loop2: detected capacity change from 0 to 512 [ 137.654968][ T3540] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 137.662002][ T3540] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 137.694438][ T3540] EXT4-fs (loop2): 1 truncate cleaned up [ 137.699933][ T3540] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,discard,grpquota,,errors=continue. Quota mode: writeback. [ 137.798725][ T3540] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 137.859556][ T3546] usb usb1: usbfs: process 3546 (syz.1.1118) did not claim interface 0 before use [ 137.899390][ T3546] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 138.316706][ T3559] syz.2.1120[3559] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 138.316800][ T3559] syz.2.1120[3559] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 138.347308][ T3559] loop2: detected capacity change from 0 to 512 [ 138.453895][ T3559] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 138.470625][ T3559] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 138.544250][ T3559] EXT4-fs (loop2): 1 truncate cleaned up [ 138.549838][ T3559] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,lazytime,discard,grpquota,,errors=continue. Quota mode: writeback. [ 138.630446][ T3583] loop3: detected capacity change from 0 to 128 [ 138.663239][ T3583] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 138.679163][ T3583] ext4 filesystem being mounted at /190/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 138.907894][ T3602] loop2: detected capacity change from 0 to 256 [ 139.621909][ T3630] loop2: detected capacity change from 0 to 512 [ 139.634810][ T3630] EXT4-fs (loop2): corrupt root inode, run e2fsck [ 139.641132][ T3630] EXT4-fs (loop2): mount failed [ 139.682613][ T3630] netlink: 'syz.2.1154': attribute type 27 has an invalid length. [ 139.690894][ T3630] device wireguard0 left promiscuous mode [ 140.757082][ T3694] loop4: detected capacity change from 0 to 512 [ 141.031107][ T3694] EXT4-fs (loop4): 1 orphan inode deleted [ 141.036749][ T3694] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 141.047577][ T3694] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 141.079360][ T3708] loop2: detected capacity change from 0 to 512 [ 141.100681][ T3710] 9pnet: Could not find request transport: f [ 141.126404][ T3708] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 141.142180][ T3708] EXT4-fs (loop2): 1 truncate cleaned up [ 141.148961][ T3708] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000358,resuid=0x0000000000000000,stripe=0x0000000000000009,,errors=continue. Quota mode: none. [ 141.200320][ T3724] usb usb1: usbfs: process 3724 (syz.1.1193) did not claim interface 0 before use [ 141.209678][ T3724] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 143.816967][ T3743] loop2: detected capacity change from 0 to 128 [ 144.098734][ T3743] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 144.117412][ T3743] ext4 filesystem being mounted at /234/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 144.154331][ T30] kauditd_printk_skb: 198 callbacks suppressed [ 144.154349][ T30] audit: type=1326 audit(1744151977.392:4625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3749 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 144.192519][ T320] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 144.230016][ T30] audit: type=1326 audit(1744151977.432:4626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3749 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 144.275186][ T30] audit: type=1326 audit(1744151977.432:4627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3749 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 144.299044][ T30] audit: type=1326 audit(1744151977.432:4628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3749 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 144.328778][ T30] audit: type=1326 audit(1744151977.432:4629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3749 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 144.352245][ T30] audit: type=1326 audit(1744151977.432:4630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3749 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 144.376943][ T30] audit: type=1326 audit(1744151977.432:4631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3749 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 144.400369][ T30] audit: type=1326 audit(1744151977.432:4632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3749 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 144.465814][ T30] audit: type=1326 audit(1744151977.432:4633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3749 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 144.518446][ T30] audit: type=1326 audit(1744151977.432:4634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3749 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559b63b169 code=0x7ffc0000 [ 144.642266][ T3758] SELinux: failed to load policy [ 144.652751][ T320] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 144.666847][ T3764] usb usb1: usbfs: process 3764 (syz.2.1205) did not claim interface 0 before use [ 144.678642][ T320] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 144.686510][ T3764] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 144.693019][ T320] usb 4-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 144.709133][ T320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.736108][ T320] usb 4-1: config 0 descriptor?? [ 144.795790][ T3780] loop2: detected capacity change from 0 to 128 [ 144.812520][ T320] usb 4-1: can't set config #0, error -71 [ 144.822128][ T3778] loop4: detected capacity change from 0 to 512 [ 144.832317][ T320] usb 4-1: USB disconnect, device number 9 [ 144.849235][ T3780] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 144.860440][ T3780] ext4 filesystem being mounted at /238/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 144.905887][ T3788] device pim6reg1 entered promiscuous mode [ 144.919212][ T3778] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 144.930778][ T3778] EXT4-fs (loop4): 1 truncate cleaned up [ 144.936400][ T3778] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota="errors=continue,noload,data_err=ignore,usrjquota="errors=continue,errors=remount-ro,noblock_validity,. Quota mode: writeback. [ 144.959952][ T3778] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback. [ 145.312460][ T311] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 145.380101][ T3819] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1232'. [ 145.423446][ T3824] netlink: 2104 bytes leftover after parsing attributes in process `syz.4.1234'. [ 145.450759][ T3826] loop4: detected capacity change from 0 to 128 [ 145.533767][ T3826] attempt to access beyond end of device [ 145.533767][ T3826] loop4: rw=2049, want=240, limit=128 [ 145.582487][ T311] usb 2-1: device descriptor read/64, error -71 [ 145.827050][ T3832] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1237'. [ 146.274788][ T3837] syz.3.1239[3837] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 146.274877][ T3837] syz.3.1239[3837] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 146.277835][ T3837] 9p: Unknown access argument j [ 146.369623][ T3847] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1243'. [ 146.432486][ T311] usb 2-1: device descriptor read/64, error -71 [ 146.664041][ T3857] loop2: detected capacity change from 0 to 256 [ 146.946658][ T3863] loop4: detected capacity change from 0 to 128 [ 146.954016][ T3863] FAT-fs (loop4): Directory bread(block 162) failed [ 146.960657][ T3863] FAT-fs (loop4): Directory bread(block 163) failed [ 146.967878][ T3863] FAT-fs (loop4): Directory bread(block 164) failed [ 146.974520][ T3863] FAT-fs (loop4): Directory bread(block 165) failed [ 146.981194][ T3863] FAT-fs (loop4): Directory bread(block 166) failed [ 146.987855][ T3863] FAT-fs (loop4): Directory bread(block 167) failed [ 146.994731][ T3863] FAT-fs (loop4): Directory bread(block 168) failed [ 147.001475][ T3863] FAT-fs (loop4): Directory bread(block 169) failed [ 147.017951][ T3863] FAT-fs (loop4): Directory bread(block 162) failed [ 147.019176][ T3865] SELinux: policydb version 0 does not match my version range 15-33 [ 147.024796][ T3863] FAT-fs (loop4): Directory bread(block 163) failed [ 147.032985][ T3865] SELinux: failed to load policy [ 147.038987][ T311] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 147.051707][ T3863] attempt to access beyond end of device [ 147.051707][ T3863] loop4: rw=3, want=232, limit=128 [ 147.062589][ T3863] attempt to access beyond end of device [ 147.062589][ T3863] loop4: rw=2051, want=234, limit=128 [ 147.145527][ T3873] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1254'. [ 147.373603][ T3890] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1260'. [ 148.497548][ T3895] ================================================================== [ 148.505461][ T3895] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x5b0/0x660 [ 148.511603][ T311] usb 2-1: device descriptor read/64, error -71 [ 148.514479][ T3895] Read of size 1 at addr ffff88810db313f8 by task syz.2.1262/3895 [ 148.514500][ T3895] [ 148.514506][ T3895] CPU: 1 PID: 3895 Comm: syz.2.1262 Not tainted 5.15.178-syzkaller-00255-g8b377d8dcfe4 #0 [ 148.540091][ T3895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 148.549984][ T3895] Call Trace: [ 148.553104][ T3895] [ 148.555882][ T3895] dump_stack_lvl+0x151/0x1c0 [ 148.560398][ T3895] ? io_uring_drop_tctx_refs+0x190/0x190 [ 148.565862][ T3895] ? panic+0x760/0x760 [ 148.569767][ T3895] ? sysvec_reschedule_ipi+0x8c/0x160 [ 148.574976][ T3895] print_address_description+0x87/0x3b0 [ 148.580364][ T3895] kasan_report+0x179/0x1c0 [ 148.584697][ T3895] ? __stack_depot_save+0x177/0x470 [ 148.589734][ T3895] ? xfrm_policy_inexact_list_reinsert+0x5b0/0x660 [ 148.596069][ T3895] ? xfrm_policy_inexact_list_reinsert+0x5b0/0x660 [ 148.602485][ T3895] __asan_report_load1_noabort+0x14/0x20 [ 148.607979][ T3895] xfrm_policy_inexact_list_reinsert+0x5b0/0x660 [ 148.614130][ T3895] ? ____kasan_kmalloc+0xed/0x110 [ 148.618989][ T3895] ? ____kasan_kmalloc+0xdb/0x110 [ 148.623850][ T3895] ? xfrm_policy_addr_delta+0x23b/0x370 [ 148.629237][ T3895] xfrm_policy_inexact_insert_node+0x917/0xb00 [ 148.635227][ T3895] xfrm_policy_inexact_alloc_chain+0x4ec/0xaf0 [ 148.641216][ T3895] xfrm_policy_inexact_insert+0x6a/0x1160 [ 148.646769][ T3895] ? __kasan_check_write+0x14/0x20 [ 148.651710][ T3895] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 148.656573][ T3895] ? policy_hash_bysel+0x137/0x700 [ 148.661521][ T3895] xfrm_policy_insert+0xe7/0x940 [ 148.666360][ T3895] xfrm_add_policy+0x4f2/0x980 [ 148.670912][ T3895] ? cap_capable+0x1d2/0x270 [ 148.675325][ T3895] ? xfrm_dump_sa_done+0xc0/0xc0 [ 148.680100][ T3895] xfrm_user_rcv_msg+0x4f3/0x7d0 [ 148.684871][ T3895] ? xfrm_netlink_rcv+0x90/0x90 [ 148.689556][ T3895] ? tracing_record_taskinfo_sched_switch+0x84/0x390 [ 148.696072][ T3895] ? release_firmware_map_entry+0x190/0x190 [ 148.701793][ T3895] ? avc_has_perm+0x16f/0x260 [ 148.706315][ T3895] netlink_rcv_skb+0x1cf/0x410 [ 148.710906][ T3895] ? xfrm_netlink_rcv+0x90/0x90 [ 148.715591][ T3895] ? netlink_ack+0xb10/0xb10 [ 148.720017][ T3895] ? mutex_lock+0xb6/0x1e0 [ 148.724274][ T3895] ? wait_for_completion_killable_timeout+0x10/0x10 [ 148.730700][ T3895] xfrm_netlink_rcv+0x72/0x90 [ 148.735209][ T3895] netlink_unicast+0x8df/0xac0 [ 148.739810][ T3895] ? netlink_detachskb+0x90/0x90 [ 148.744587][ T3895] ? security_netlink_send+0x7b/0xa0 [ 148.749705][ T3895] netlink_sendmsg+0xa0a/0xd20 [ 148.754305][ T3895] ? netlink_getsockopt+0x560/0x560 [ 148.759338][ T3895] ? security_socket_sendmsg+0x82/0xb0 [ 148.764634][ T3895] ? netlink_getsockopt+0x560/0x560 [ 148.769667][ T3895] ____sys_sendmsg+0x59e/0x8f0 [ 148.774269][ T3895] ? __sys_sendmsg_sock+0x40/0x40 [ 148.779127][ T3895] ? import_iovec+0xe5/0x120 [ 148.783557][ T3895] ___sys_sendmsg+0x252/0x2e0 [ 148.788070][ T3895] ? release_firmware_map_entry+0x190/0x190 [ 148.793796][ T3895] ? __sys_sendmsg+0x260/0x260 [ 148.798486][ T3895] ? preempt_schedule_irq+0xe7/0x140 [ 148.803643][ T3895] ? __cond_resched+0x20/0x20 [ 148.808150][ T3895] ? sysvec_reschedule_ipi+0x8c/0x160 [ 148.813361][ T3895] ? __fdget+0x1bc/0x240 [ 148.817436][ T3895] __se_sys_sendmsg+0x19a/0x260 [ 148.822120][ T3895] ? __x64_sys_sendmsg+0x90/0x90 [ 148.826899][ T3895] ? __kasan_check_write+0x14/0x20 [ 148.831845][ T3895] ? switch_fpu_return+0x15f/0x2e0 [ 148.836806][ T3895] __x64_sys_sendmsg+0x7b/0x90 [ 148.841390][ T3895] x64_sys_call+0x16a/0x9a0 [ 148.845726][ T3895] do_syscall_64+0x3b/0xb0 [ 148.849980][ T3895] ? clear_bhb_loop+0x35/0x90 [ 148.854500][ T3895] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 148.860234][ T3895] RIP: 0033:0x7fa8693ee169 [ 148.864479][ T3895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.884108][ T3895] RSP: 002b:00007fa867a58038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 148.892369][ T3895] RAX: ffffffffffffffda RBX: 00007fa869606fa0 RCX: 00007fa8693ee169 [ 148.900183][ T3895] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000005 [ 148.907978][ T3895] RBP: 00007fa86946f2a0 R08: 0000000000000000 R09: 0000000000000000 [ 148.915782][ T3895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.923592][ T3895] R13: 0000000000000000 R14: 00007fa869606fa0 R15: 00007ffd47256de8 [ 148.931416][ T3895] [ 148.934272][ T3895] [ 148.936444][ T3895] Allocated by task 3895: [ 148.940608][ T3895] ____kasan_kmalloc+0xdb/0x110 [ 148.945295][ T3895] __kasan_kmalloc+0x9/0x10 [ 148.949631][ T3895] __kmalloc+0x13f/0x2c0 [ 148.953713][ T3895] sk_prot_alloc+0xf9/0x330 [ 148.958048][ T3895] sk_alloc+0x38/0x430 [ 148.961958][ T3895] pfkey_create+0x12c/0x620 [ 148.966297][ T3895] __sock_create+0x3be/0x7e0 [ 148.970722][ T3895] __sys_socket+0x132/0x370 [ 148.975061][ T3895] __x64_sys_socket+0x7a/0x90 [ 148.979580][ T3895] x64_sys_call+0x147/0x9a0 [ 148.983919][ T3895] do_syscall_64+0x3b/0xb0 [ 148.988168][ T3895] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 148.993897][ T3895] [ 148.996068][ T3895] Last potentially related work creation: [ 149.001622][ T3895] kasan_save_stack+0x3b/0x60 [ 149.006135][ T3895] __kasan_record_aux_stack+0xd3/0xf0 [ 149.011352][ T3895] kasan_record_aux_stack_noalloc+0xb/0x10 [ 149.016985][ T3895] insert_work+0x56/0x320 [ 149.021148][ T3895] __queue_work+0x92a/0xcd0 [ 149.025491][ T3895] queue_work_on+0x105/0x170 [ 149.029918][ T3895] bpf_prog_free+0x13c/0x150 [ 149.034346][ T3895] __bpf_prog_put_rcu+0xaf/0xc0 [ 149.039032][ T3895] rcu_do_batch+0x57a/0xc10 [ 149.043370][ T3895] rcu_core+0x517/0x1020 [ 149.047448][ T3895] rcu_core_si+0x9/0x10 [ 149.051442][ T3895] handle_softirqs+0x25e/0x5c0 [ 149.056042][ T3895] __do_softirq+0xb/0xd [ 149.060033][ T3895] [ 149.062204][ T3895] Second to last potentially related work creation: [ 149.068628][ T3895] kasan_save_stack+0x3b/0x60 [ 149.073139][ T3895] __kasan_record_aux_stack+0xd3/0xf0 [ 149.078348][ T3895] kasan_record_aux_stack_noalloc+0xb/0x10 [ 149.083992][ T3895] call_rcu+0x123/0x10b0 [ 149.088072][ T3895] __bpf_prog_put_noref+0x291/0x2c0 [ 149.093101][ T3895] bpf_prog_put_deferred+0x2ee/0x3e0 [ 149.098226][ T3895] bpf_prog_release+0x27d/0x290 [ 149.103045][ T3895] __fput+0x228/0x8c0 [ 149.106853][ T3895] ____fput+0x15/0x20 [ 149.110672][ T3895] task_work_run+0x129/0x190 [ 149.115102][ T3895] exit_to_user_mode_loop+0xc4/0xe0 [ 149.120141][ T3895] exit_to_user_mode_prepare+0x5a/0xa0 [ 149.125428][ T3895] syscall_exit_to_user_mode+0x26/0x160 [ 149.130809][ T3895] do_syscall_64+0x47/0xb0 [ 149.135070][ T3895] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 149.140793][ T3895] [ 149.142983][ T3895] The buggy address belongs to the object at ffff88810db31000 [ 149.142983][ T3895] which belongs to the cache kmalloc-1k of size 1024 [ 149.156856][ T3895] The buggy address is located 1016 bytes inside of [ 149.156856][ T3895] 1024-byte region [ffff88810db31000, ffff88810db31400) [ 149.170138][ T3895] The buggy address belongs to the page: [ 149.175616][ T3895] page:ffffea000436cc00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10db30 [ 149.185672][ T3895] head:ffffea000436cc00 order:3 compound_mapcount:0 compound_pincount:0 [ 149.193830][ T3895] flags: 0x4000000000010200(slab|head|zone=1) [ 149.199743][ T3895] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043080 [ 149.208155][ T3895] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 149.216567][ T3895] page dumped because: kasan: bad access detected [ 149.222829][ T3895] page_owner tracks the page as allocated [ 149.228367][ T3895] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 291, ts 22310127923, free_ts 22266446731 [ 149.247208][ T3895] post_alloc_hook+0x1a3/0x1b0 [ 149.251802][ T3895] prep_new_page+0x1b/0x110 [ 149.256141][ T3895] get_page_from_freelist+0x3550/0x35d0 [ 149.261526][ T3895] __alloc_pages+0x27e/0x8f0 [ 149.265949][ T3895] new_slab+0x9a/0x4e0 [ 149.269854][ T3895] ___slab_alloc+0x39e/0x830 [ 149.274281][ T3895] __slab_alloc+0x4a/0x90 [ 149.278449][ T3895] __kmalloc_track_caller+0x171/0x2c0 [ 149.283654][ T3895] __alloc_skb+0x10c/0x550 [ 149.287909][ T3895] alloc_uevent_skb+0x80/0x230 [ 149.292508][ T3895] kobject_uevent_net_broadcast+0x188/0x590 [ 149.298236][ T3895] kobject_uevent_env+0x525/0x700 [ 149.303121][ T3895] kobject_uevent+0x1f/0x30 [ 149.307447][ T3895] device_add+0xa6e/0xf10 [ 149.311607][ T3895] netdev_register_kobject+0x177/0x320 [ 149.316909][ T3895] register_netdevice+0xde9/0x1390 [ 149.321854][ T3895] page last free stack trace: [ 149.326358][ T3895] free_unref_page_prepare+0x7c8/0x7d0 [ 149.331655][ T3895] free_unref_page+0xe8/0x750 [ 149.336169][ T3895] __free_pages+0x61/0xf0 [ 149.340333][ T3895] __free_slab+0xec/0x1d0 [ 149.344502][ T3895] discard_slab+0x29/0x40 [ 149.348667][ T3895] __slab_free+0x205/0x290 [ 149.352918][ T3895] ___cache_free+0x109/0x120 [ 149.357344][ T3895] qlink_free+0x4d/0x90 [ 149.361336][ T3895] qlist_free_all+0x44/0xb0 [ 149.365674][ T3895] kasan_quarantine_reduce+0x15a/0x180 [ 149.370971][ T3895] __kasan_slab_alloc+0x2f/0xe0 [ 149.375655][ T3895] slab_post_alloc_hook+0x53/0x2c0 [ 149.380610][ T3895] kmem_cache_alloc_trace+0xf9/0x270 [ 149.385724][ T3895] register_netdevice+0x257/0x1390 [ 149.390672][ T3895] veth_newlink+0x94f/0xe20 [ 149.395012][ T3895] rtnl_newlink+0x14c7/0x2050 [ 149.399528][ T3895] [ 149.401692][ T3895] Memory state around the buggy address: [ 149.407171][ T3895] ffff88810db31280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 149.415067][ T3895] ffff88810db31300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 149.422962][ T3895] >ffff88810db31380: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 149.430859][ T3895] ^ [ 149.438687][ T3895] ffff88810db31400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 149.446578][ T3895] ffff88810db31480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 149.454470][ T3895] ================================================================== [ 149.462363][ T3895] Disabling lock debugging due to kernel taint