last executing test programs: 4m23.290643921s ago: executing program 4 (id=2490): r0 = memfd_secret(0x80000) fcntl$setlease(r0, 0x400, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) close(r0) 4m23.207528043s ago: executing program 4 (id=2494): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8510, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5f, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route_sched(r0, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=@newtaction={0xc4, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}, [{0xb0, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000, 0x0, 0x4}, 0x3, r2}}]}, {0x4, 0xa}, {0xc}, {0xffac, 0x8, {0x0, 0x2}}}}, @m_mpls={0x5c, 0x2, 0x0, 0x0, {{0x9}, {0x30}, {0x4}, {0xc}, {0xc}}}]}]}, 0xc4}}, 0x0) 4m23.157242434s ago: executing program 4 (id=2496): r0 = socket(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x2}, 0x18) sendto$inet6(r0, &(0x7f0000000180)="7800000018002507b9409b14ffff00000204be04020506050e0204095c0008000400000046000045653600648d0a0012000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004b32000400170005000a00000000e5c2cc7f18ff2439d1ddf66ed538f252325bd059c52cd85ab6d3", 0x78, 0x0, 0x0, 0x0) 4m23.139992754s ago: executing program 4 (id=2498): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) io_setup(0x1, &(0x7f0000000b80)=0x0) io_submit(r1, 0x1, &(0x7f0000001d00)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0xfffc, r0, 0x0, 0x0, 0x0, 0x0, 0x4}]) recvmmsg(r0, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}}], 0xf00, 0x4c42bb4f92, 0x0) shutdown(r0, 0x0) 4m22.948839728s ago: executing program 4 (id=2505): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r1, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10) ioctl$SIOCPNENABLEPIPE(r1, 0x89ed, 0x0) 4m22.683700243s ago: executing program 4 (id=2506): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f00000003c0), 0x4742, 0x0) 4m22.683496893s ago: executing program 32 (id=2506): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f00000003c0), 0x4742, 0x0) 1m41.046721931s ago: executing program 0 (id=8754): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = socket(0x10, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r3], 0x3c}}, 0x0) 1m40.955910243s ago: executing program 0 (id=8756): bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48}, 0x94) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xb, 0xffffffffffffffff, 0x816ac1f4127f23eb) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd4242"], 0xfdef) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20000000}, 0x48) 1m40.464925302s ago: executing program 0 (id=8771): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200200000000000", @ANYRES32, @ANYBLOB="00000000130fd7c9c4a37285861fd08b4a000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/15], 0x50) 1m40.07730171s ago: executing program 0 (id=8781): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) chroot(&(0x7f0000000140)='./file0/../file0\x00') pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00') 1m39.987786381s ago: executing program 0 (id=8784): socket$packet(0x11, 0xa, 0x300) socket$packet(0x11, 0xa, 0x300) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) 1m39.859774614s ago: executing program 0 (id=8787): unshare(0x22020400) r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18) fcntl$setlease(r0, 0x400, 0x0) 1m39.859570754s ago: executing program 33 (id=8787): unshare(0x22020400) r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18) fcntl$setlease(r0, 0x400, 0x0) 1.295943295s ago: executing program 3 (id=12078): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) 1.225949836s ago: executing program 3 (id=12080): sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0xffffffffffffff0b, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x24004004) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0) close(r0) memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0) 1.148204288s ago: executing program 3 (id=12083): memfd_create(&(0x7f0000000340)='\xfb\"a&\x8fe\x11\x8c\xd64\xf9\x12\x00\x00\x00\x00\x00\x12\x1a\'<\xf5\xbeV\x12\xaal\xfa\xf0o\xd8\xb1,\xbd>M\xe3\x98?\xd9\x96\xab\xc7\x06F\x9b\xab\xc8\x1e\x89]\x13bZ\x8d /#k\x95\x9eLV(\x8a\x0e\x93\x93Vc]mP\xbativ\xce\xa4K\xfb\xf2\xe0\xbf\x9d\xa1\xa2\xcd\xb39\xb4\x17a9\x1c\x82\x1aLT\xd0\xb9\x1a\xafB\x95\xb4\xcf\x91X\x8c\x87\xc2\xa1\x1b\xfe\xe7\xbc\xf7\xeb\xdeL\x1d\x98Zq\xcc%\x98\xb0Yc\xec\xb7\xb5m(9\xde\xd3\xefB\xd4\xee\xb5\xee\xe0\xaa\xdd\x00\xb1jOB\xdas\xe3\xb47}%)\xb9\xbf{\xce\x94^\xec\xdf\xbcW\xe0I\x0e\xa4\x1e}\x06\vK\xed\x11\x880\x0e\x9c\xaeVU\x88\xb0\x842kgA]\x1e\x88\xecif\xee\xba\x8b\xc6\"\xcej\x84\x06\x8a\x99\x80\xd7\xcf\x96\xed\x89\x1e6\x93+\xec#\x1d2\xb8\x80Z\xf7\x06\xbe\xc9[L\xc5\xc9\xb5\xd6{\xee\xce\x17\x89\xa6r\xc5j\xec\x1b\xaa\x996\x14e\xcf\x8axQ\x8fXeT\'0.\x85\xa2\xc8\xb3c\t\xe8\x1a\x89\xecL\xcf\xd8\xb5\xfb\xbc\tX\x88\xbe\xf4@[\xb2\xd5\x8c\xb9\x0e\x17\x8b\xce\xd09\xd2\xfb\x9e\b\x00\x00\x00\x00\x00\x00\x00\x9c\x01\x91\xacH\xdb\xf9\xcb\x7fh\x83>\x8e\xe1=\xedR\xc9\xe68h\x19\xafLD\x94\x93\xebT\x15\x817\x9d#\xea\xd2\xa8\xfb^\x8c\x87#\x10\x83I\xc9~R\xbd\x818\xd9?p\xaf\xe2\xd7SPB\xe2\xc4\a\xe6\x94S\xb9\xc1\xbc\x06U\x92\xae=c=\xde5\xad\xe0\xf7Z\x8d\x1e\xc2Y\xb7\xf7O@\xf4L)o\\-\xb0Zr\x02\x1b\xa6\xa8\xc84\xad\x8dw\x83-\xcb\x10\xc12\xd3\x88', 0x3) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x24, 0x0, &(0x7f0000000340)=0xc) 1.05215949s ago: executing program 3 (id=12084): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='yeah', 0x4) sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9025a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080), 0xffffffffffffffa9, 0xc9100120, 0x0, 0x0) 737.662476ms ago: executing program 1 (id=12096): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==") creat(&(0x7f0000000000)='./bus\x00', 0x0) open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49) mknod$loop(&(0x7f0000000200)='./file0\x00', 0x2000, 0x0) lsetxattr$security_selinux(&(0x7f0000000280)='./bus\x00', &(0x7f0000000240), &(0x7f0000000100)='system_u:object_r:gpg_exec_t:s0\x00', 0x20, 0x2) renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x4) 683.487347ms ago: executing program 1 (id=12098): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170"], 0x44}}, 0x0) 601.367988ms ago: executing program 1 (id=12102): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) getrusage(0x0, &(0x7f0000000180)) 523.4127ms ago: executing program 1 (id=12105): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x6) r2 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000) 467.715111ms ago: executing program 1 (id=12109): r0 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00') r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket(0x18, 0x800, 0x0) connect$pppoe(r2, &(0x7f0000000100)={0x18, 0x0, {0x2, @multicast, 'geneve0\x00'}}, 0x1e) sendfile(r2, r0, 0x0, 0x8) 466.937691ms ago: executing program 6 (id=12110): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x26) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) request_key(&(0x7f0000000540)='user\x00', &(0x7f0000000580)={'syz', 0x2}, &(0x7f00000005c0)='\x00', 0xffffffffffffffff) 411.406932ms ago: executing program 6 (id=12113): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) shmget(0x2, 0x2000, 0x300, &(0x7f0000ffb000/0x2000)=nil) shmget(0x2, 0x4000, 0x4, &(0x7f0000009000/0x4000)=nil) 411.274452ms ago: executing program 1 (id=12114): r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x6}, 0x18) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000380)={0x9f, 0x2, '\x00', [@jumbo={0xc2, 0x4, 0x7}, @calipso={0x7, 0x8, {0x0, 0x0, 0x8, 0xf8}}]}, 0x18) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c) 403.871762ms ago: executing program 5 (id=12116): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbdf, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90) close(0x3) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r1, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x10) 377.834372ms ago: executing program 6 (id=12128): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4c00000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010067656e65766500001400028005000d0002000000050004000100000008000a00", @ANYRES32=r2], 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 300.407004ms ago: executing program 6 (id=12119): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1008}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x4f, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x4}, 0x18) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"}) 257.006405ms ago: executing program 5 (id=12121): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000180)="0b036800e0ff64000200475486dd", 0xe, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14) 256.479305ms ago: executing program 6 (id=12122): sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f000001a2c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001fc0)={0x10c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0xffffffff}, @NL80211_ATTR_FRAME={0x50, 0x33, @reassoc_req={{{0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x2}, @device_a, @broadcast, @from_mac, {0x9, 0x1}, @value=@ver_80211n={0x0, 0x6, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0, 0x1}}, 0x1012, 0x8c76, @device_a, {0x0, 0x6, @default_ap_ssid}, @val, @val={0x2d, 0x1a, {0x300, 0x0, 0x0, 0x0, {0x10001, 0x3, 0x0, 0x259, 0x0, 0x0, 0x1, 0x2, 0x1}, 0x8, 0x800, 0x3}}}}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xef}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1725}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xbb0}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1000}], @NL80211_ATTR_DURATION={0x8, 0x57, 0xd48}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14b4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1478}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x153}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x28e}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2e0}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}]]}, 0x10c}, 0x1, 0x0, 0x0, 0x24011}, 0x404c000) sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000880)=@canfd={{0x1, 0x1}, 0x39, 0x0, 0x0, 0x0, "3992ca995e968b0b065f7922b761528f0199602d1e09faf0c0f1c2db040f957a34b2aa413157e3ec06fdcf6128269e6763e9c19b00d4eb026a6375a22b930a64"}, 0x48}, 0x1, 0x0, 0x0, 0x8490}, 0x1) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)="d8000000180081064e81f782db4cb904021d0800fe067c05e8fe55a10a0005000140020003700e41b0000900ac0006fc1100000004000500014002000000035c3b61c1d67f6f94007174cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef409dd861c532e0df5c72f6cc3d6b92e3be65ed830a126361214c572c7d79207e20bdf860122b87104ce4e", 0x93}], 0x1}, 0x20004804) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400}) 250.501495ms ago: executing program 2 (id=12123): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000100)=ANY=[@ANYBLOB='b *:* r'], 0x8) r2 = openat$cgroup_devices(r0, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r2, &(0x7f0000000900)=ANY=[@ANYBLOB='b *:* r'], 0x9) 226.011016ms ago: executing program 5 (id=12124): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x10}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=@newtaction={0xc4, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}, [{0xb0, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000, 0x0, 0x4}, 0x3, r3}}]}, {0x4, 0xa}, {0xc}, {0xffac, 0x8, {0x0, 0x2}}}}, @m_mpls={0x5c, 0x2, 0x0, 0x0, {{0x9}, {0x30}, {0x4}, {0xc}, {0xc}}}]}]}, 0xc4}}, 0x0) 225.476686ms ago: executing program 2 (id=12125): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a300000000014000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000) 185.445276ms ago: executing program 6 (id=12126): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=0x0, &(0x7f0000000580)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1}) io_uring_enter(r0, 0x6e2, 0x3900, 0x3, 0x0, 0x0) clock_nanosleep(0x2, 0x1000000, &(0x7f0000000040)={0x77359400}, 0x0) 180.395117ms ago: executing program 2 (id=12127): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x45, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000000)='kfree\x00', r1}, 0x18) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, 0x0, 0x0, 0x0, 0x10b8}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 140.737507ms ago: executing program 2 (id=12129): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = epoll_create(0x3ff) r2 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x2002}) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000001480)={0x4000000a}) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x10}) 140.269807ms ago: executing program 3 (id=12130): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007800800124000000000050015002200000005000500020000000500010006"], 0x64}}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10) 134.413037ms ago: executing program 5 (id=12131): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7}, 0x1c) ioctl$int_in(r0, 0x5452, &(0x7f0000000180)=0x37) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NFT_BATCH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[], 0x56c}, 0x1, 0x0, 0x0, 0x40000}, 0x8051) 124.063377ms ago: executing program 2 (id=12132): syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000101}) r0 = syz_io_uring_setup(0x751, &(0x7f0000000340)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, &(0x7f0000000300)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1}) io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5) 105.363258ms ago: executing program 3 (id=12133): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 99.848068ms ago: executing program 5 (id=12134): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newlink={0x54, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TOS={0x5, 0x4, 0x8}, @IFLA_GENEVE_TTL={0x5, 0x3, 0x1}, @IFLA_GENEVE_DF={0x5, 0xd, 0x1}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 38.936329ms ago: executing program 2 (id=12135): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0) write(r1, &(0x7f0000004200)='t', 0x1) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffff000) 0s ago: executing program 5 (id=12136): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil) kernel console output (not intermixed with test programs): uid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31240 comm="syz.2.9622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 289.134057][ T29] audit: type=1326 audit(277.011:10105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31240 comm="syz.2.9622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 289.157317][ T29] audit: type=1326 audit(277.011:10106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31240 comm="syz.2.9622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 289.180698][ T29] audit: type=1326 audit(277.011:10107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31240 comm="syz.2.9622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 289.203917][ T29] audit: type=1326 audit(277.011:10108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31240 comm="syz.2.9622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 289.266277][T31253] tmpfs: Bad value for 'mpol' [ 289.278747][T31255] loop3: detected capacity change from 0 to 128 [ 289.399214][T31279] ref_ctr_offset mismatch. inode: 0x26b8 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 289.413830][T31278] loop5: detected capacity change from 0 to 2048 [ 289.478445][T31278] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 289.598178][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.834728][ T3387] Process accounting resumed [ 289.902220][T31391] program syz.3.9675 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 289.978299][T31399] netlink: 'syz.1.9682': attribute type 3 has an invalid length. [ 289.996129][T31406] loop6: detected capacity change from 0 to 512 [ 290.015476][T31406] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 290.059910][T31406] EXT4-fs (loop6): 1 truncate cleaned up [ 290.066953][T31406] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 290.108089][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.284070][T31465] syzkaller1: entered promiscuous mode [ 290.289893][T31465] syzkaller1: entered allmulticast mode [ 290.681816][T31499] loop5: detected capacity change from 0 to 512 [ 290.699846][T31499] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 290.724563][T31499] EXT4-fs (loop5): 1 truncate cleaned up [ 290.730703][T31499] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 290.759168][T31506] __nla_validate_parse: 7 callbacks suppressed [ 290.759189][T31506] netlink: 2 bytes leftover after parsing attributes in process `syz.1.9718'. [ 290.810507][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.901848][T31528] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9726'. [ 290.916879][T31532] loop5: detected capacity change from 0 to 128 [ 290.934385][T31532] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 290.961307][T31532] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 290.969248][T31532] FAT-fs (loop5): Filesystem has been set read-only [ 290.981182][T31532] bio_check_eod: 43 callbacks suppressed [ 290.981198][T31532] syz.5.9728: attempt to access beyond end of device [ 290.981198][T31532] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 291.087079][T31550] netdevsim netdevsim6: Direct firmware load for failed with error -2 [ 291.348447][T31586] loop3: detected capacity change from 0 to 512 [ 291.389632][T31586] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.433608][T31586] ext4 filesystem being mounted at /2022/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 291.510916][T31607] veth1_to_bridge: entered promiscuous mode [ 291.519065][T31607] veth1_to_bridge: left promiscuous mode [ 291.526140][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.585563][T31622] netlink: 132 bytes leftover after parsing attributes in process `syz.1.9764'. [ 291.707268][ T6574] nci: nci_rsp_packet: unknown rsp opcode 0x22 [ 291.740884][T31658] loop6: detected capacity change from 0 to 512 [ 291.762558][T31658] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.775424][T31658] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 291.824460][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.868254][T31676] tmpfs: Too small a size for current use [ 292.072298][T31689] SELinux: policydb version -299076691 does not match my version range 15-35 [ 292.088858][T31689] SELinux: failed to load policy [ 292.546234][T31681] Set syz1 is full, maxelem 65536 reached [ 292.602320][T31706] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 292.611135][T31712] block device autoloading is deprecated and will be removed. [ 292.731118][T31720] SELinux: policydb version -299076691 does not match my version range 15-35 [ 292.751561][T31720] SELinux: failed to load policy [ 293.457492][ T29] kauditd_printk_skb: 281 callbacks suppressed [ 293.457509][ T29] audit: type=1400 audit(281.151:10390): avc: denied { name_bind } for pid=31786 comm="syz.5.9827" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 293.520362][ T29] audit: type=1400 audit(281.198:10391): avc: denied { read write } for pid=28616 comm="syz-executor" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 293.522976][T31794] loop3: detected capacity change from 0 to 128 [ 293.544666][ T29] audit: type=1400 audit(281.198:10392): avc: denied { open } for pid=28616 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 293.544707][ T29] audit: type=1400 audit(281.198:10393): avc: denied { ioctl } for pid=28616 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 293.583093][T31794] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 293.620827][ T29] audit: type=1400 audit(281.245:10394): avc: denied { mounton } for pid=31791 comm="syz.3.9832" path="/2035/file2" dev="tmpfs" ino=10461 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 293.643389][ T29] audit: type=1400 audit(281.273:10395): avc: denied { create } for pid=31792 comm="syz.6.9829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 293.663698][ T29] audit: type=1400 audit(281.292:10396): avc: denied { read write } for pid=31795 comm="syz.1.9833" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 293.687798][ T29] audit: type=1400 audit(281.292:10397): avc: denied { open } for pid=31795 comm="syz.1.9833" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 293.770263][T31794] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 293.778489][T31794] FAT-fs (loop3): Filesystem has been set read-only [ 293.787998][T31794] syz.3.9832: attempt to access beyond end of device [ 293.787998][T31794] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 293.807427][ T29] audit: type=1400 audit(281.404:10398): avc: denied { create } for pid=31798 comm="syz.1.9834" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 293.827332][ T29] audit: type=1400 audit(281.404:10399): avc: denied { write } for pid=31798 comm="syz.1.9834" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 293.898679][T31809] random: crng reseeded on system resumption [ 293.952248][T31817] loop3: detected capacity change from 0 to 128 [ 293.977264][T31817] syz.3.9841: attempt to access beyond end of device [ 293.977264][T31817] loop3: rw=2049, sector=138, nr_sectors = 16 limit=128 [ 293.995620][T31817] syz.3.9841: attempt to access beyond end of device [ 293.995620][T31817] loop3: rw=2049, sector=170, nr_sectors = 8 limit=128 [ 294.011794][T31817] syz.3.9841: attempt to access beyond end of device [ 294.011794][T31817] loop3: rw=2049, sector=176, nr_sectors = 2 limit=128 [ 294.025486][T31817] Buffer I/O error on dev loop3, logical block 88, lost async page write [ 294.093605][T31817] syz.3.9841: attempt to access beyond end of device [ 294.093605][T31817] loop3: rw=2049, sector=178, nr_sectors = 8 limit=128 [ 294.111029][T31817] syz.3.9841: attempt to access beyond end of device [ 294.111029][T31817] loop3: rw=2049, sector=184, nr_sectors = 2 limit=128 [ 294.124659][T31817] Buffer I/O error on dev loop3, logical block 92, lost async page write [ 294.135794][T31817] syz.3.9841: attempt to access beyond end of device [ 294.135794][T31817] loop3: rw=2049, sector=202, nr_sectors = 8 limit=128 [ 294.156689][T31817] syz.3.9841: attempt to access beyond end of device [ 294.156689][T31817] loop3: rw=2049, sector=208, nr_sectors = 2 limit=128 [ 294.170232][T31817] Buffer I/O error on dev loop3, logical block 104, lost async page write [ 294.191625][T31817] syz.3.9841: attempt to access beyond end of device [ 294.191625][T31817] loop3: rw=2049, sector=210, nr_sectors = 8 limit=128 [ 294.212205][T31817] Buffer I/O error on dev loop3, logical block 108, lost async page write [ 294.222598][T31817] Buffer I/O error on dev loop3, logical block 120, lost async page write [ 294.235149][T31817] Buffer I/O error on dev loop3, logical block 124, lost async page write [ 294.245249][T31817] Buffer I/O error on dev loop3, logical block 80, lost async page write [ 294.257231][T31817] Buffer I/O error on dev loop3, logical block 84, lost async page write [ 294.266873][T31817] Buffer I/O error on dev loop3, logical block 112, lost async page write [ 294.285904][T31817] Buffer I/O error on dev loop3, logical block 116, lost async page write [ 294.469736][T31843] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9852'. [ 294.491660][T31843] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9852'. [ 294.541617][T31849] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=31849 comm=syz.5.9855 [ 294.706670][T31873] netlink: 44 bytes leftover after parsing attributes in process `syz.5.9864'. [ 294.822139][T31883] vlan2: entered allmulticast mode [ 294.968197][T31894] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 295.564768][T31922] loop2: detected capacity change from 0 to 512 [ 295.606021][T31922] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.613895][T31934] netlink: 'syz.6.9887': attribute type 3 has an invalid length. [ 295.752123][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.824336][T31965] 9pnet: p9_errstr2errno: server reported unknown error  [ 295.844543][T31977] netlink: 132 bytes leftover after parsing attributes in process `syz.1.9905'. [ 296.038822][T32006] loop2: detected capacity change from 0 to 512 [ 296.052671][T32006] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 296.067223][T32006] EXT4-fs warning (device loop2): dx_probe:837: inode #2: comm syz.2.9917: Unimplemented hash flags: 0x0001 [ 296.079023][T32006] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.9917: Corrupt directory, running e2fsck is recommended [ 296.094728][T32006] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.9917: path /1856/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0 [ 296.191183][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.330926][T32038] syzkaller1: tun_chr_ioctl cmd 1074025678 [ 296.337123][T32038] syzkaller1: group set to 0 [ 296.963465][T32072] loop5: detected capacity change from 0 to 512 [ 296.979625][T32072] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 297.012093][T32072] EXT4-fs warning (device loop5): dx_probe:837: inode #2: comm syz.5.9934: Unimplemented hash flags: 0x0001 [ 297.023936][T32072] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.9934: Corrupt directory, running e2fsck is recommended [ 297.063738][T32082] loop3: detected capacity change from 0 to 512 [ 297.065580][T32072] EXT4-fs error (device loop5): ext4_readdir:264: inode #2: block 3: comm syz.5.9934: path /1514/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0 [ 297.072079][T32082] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 297.104626][T32082] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.201167][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.214808][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.280771][T32111] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 297.289456][T32110] IPVS: stopping master sync thread 32111 ... [ 297.358658][T32118] veth0_to_team: entered promiscuous mode [ 297.905028][T32133] loop2: detected capacity change from 0 to 512 [ 297.913399][T32133] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 297.930983][T32133] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.967391][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.223438][T32166] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 298.240941][T32163] IPVS: stopping master sync thread 32166 ... [ 298.291475][T32180] loop9: detected capacity change from 0 to 7 [ 298.298117][T32180] loop9: unable to read partition table [ 298.308679][T32180] loop_reread_partitions: partition scan of loop9 () failed (rc=-5) [ 298.501440][T32200] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9974'. [ 298.510927][T32202] loop6: detected capacity change from 0 to 1024 [ 298.525447][T32202] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 298.579774][T32211] loop2: detected capacity change from 0 to 2048 [ 298.607019][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.624450][T32211] EXT4-fs (loop2): failed to initialize system zone (-117) [ 298.672090][T32211] EXT4-fs (loop2): mount failed [ 298.752493][T32230] loop6: detected capacity change from 0 to 512 [ 298.770562][T32238] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 298.789748][T32230] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 298.801344][T32237] IPVS: stopping master sync thread 32238 ... [ 298.812907][T32230] EXT4-fs (loop6): 1 truncate cleaned up [ 298.822181][T32230] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 298.834584][ T29] kauditd_printk_skb: 291 callbacks suppressed [ 298.834597][ T29] audit: type=1326 audit(286.184:10691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32228 comm="syz.6.9983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7980935d67 code=0x7ffc0000 [ 298.867616][ T29] audit: type=1326 audit(286.212:10692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32228 comm="syz.6.9983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f79808daf79 code=0x7ffc0000 [ 298.890659][ T29] audit: type=1326 audit(286.212:10693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32228 comm="syz.6.9983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7980935d67 code=0x7ffc0000 [ 298.913755][ T29] audit: type=1326 audit(286.212:10694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32228 comm="syz.6.9983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f79808daf79 code=0x7ffc0000 [ 298.936862][ T29] audit: type=1326 audit(286.212:10695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32228 comm="syz.6.9983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7980935d67 code=0x7ffc0000 [ 298.959769][ T29] audit: type=1326 audit(286.212:10696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32228 comm="syz.6.9983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f79808daf79 code=0x7ffc0000 [ 298.982706][ T29] audit: type=1326 audit(286.212:10697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32228 comm="syz.6.9983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7980935d67 code=0x7ffc0000 [ 299.005679][ T29] audit: type=1326 audit(286.212:10698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32228 comm="syz.6.9983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f79808daf79 code=0x7ffc0000 [ 299.028723][ T29] audit: type=1326 audit(286.212:10699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32228 comm="syz.6.9983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7980935d67 code=0x7ffc0000 [ 299.051983][ T29] audit: type=1326 audit(286.212:10700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32228 comm="syz.6.9983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f79808daf79 code=0x7ffc0000 [ 299.078138][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.214803][T32251] loop9: detected capacity change from 0 to 7 [ 299.221642][T32251] loop9: unable to read partition table [ 299.227457][T32251] loop_reread_partitions: partition scan of loop9 () failed (rc=-5) [ 299.686690][T32283] loop5: detected capacity change from 0 to 1024 [ 299.722135][T32283] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 299.750232][T32297] loop9: detected capacity change from 0 to 7 [ 299.771710][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.781150][T32297] buffer_io_error: 6 callbacks suppressed [ 299.781164][T32297] Buffer I/O error on dev loop9, logical block 0, async page read [ 299.797216][T32297] Buffer I/O error on dev loop9, logical block 0, async page read [ 299.805196][T32297] loop9: unable to read partition table [ 299.818898][T32297] loop_reread_partitions: partition scan of loop9 () failed (rc=-5) [ 299.908188][T32312] loop5: detected capacity change from 0 to 2048 [ 299.930577][T32312] EXT4-fs (loop5): failed to initialize system zone (-117) [ 299.938365][T32312] EXT4-fs (loop5): mount failed [ 299.989345][T32323] loop2: detected capacity change from 0 to 512 [ 300.016772][T32323] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 300.058280][T32323] EXT4-fs (loop2): 1 truncate cleaned up [ 300.078157][T32323] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 300.153077][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 300.242662][ T6568] nci: nci_rsp_packet: unknown rsp opcode 0x22 [ 300.318429][T32369] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 301.209060][ T6599] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 301.520651][T32438] veth1_to_bridge: entered promiscuous mode [ 301.527686][T32438] veth1_to_bridge: left promiscuous mode [ 301.843114][T32464] veth1_to_bridge: entered promiscuous mode [ 301.849510][T32464] veth1_to_bridge: left promiscuous mode [ 302.007395][T32476] 8021q: adding VLAN 0 to HW filter on device $H [ 302.044831][T32476] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 302.060513][ T1027] lo speed is unknown, defaulting to 1000 [ 302.066555][ T1027] syz2: Port: 1 Link ACTIVE [ 302.076184][T32481] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10069'. [ 302.455758][T32513] loop5: detected capacity change from 0 to 512 [ 302.467409][T32515] netlink: 44 bytes leftover after parsing attributes in process `syz.1.10081'. [ 302.499731][T32513] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 302.519114][T32517] 8021q: adding VLAN 0 to HW filter on device $H [ 302.537777][T32517] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 302.583426][T32513] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 302.627192][T32513] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 302.726833][T32537] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10090'. [ 302.827126][T32554] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10097'. [ 302.836702][T32554] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10097'. [ 302.845754][T32554] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10097'. [ 302.858876][T32556] netlink: 44 bytes leftover after parsing attributes in process `syz.1.10101'. [ 302.895919][T32559] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 302.897266][T32554] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10097'. [ 302.920979][T32554] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10097'. [ 303.271334][T32605] loop6: detected capacity change from 0 to 128 [ 303.377143][T32628] ref_ctr_offset mismatch. inode: 0x25fa offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 303.522696][T32635] loop2: detected capacity change from 0 to 2048 [ 303.544743][T32635] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 303.608139][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.694593][T32654] loop3: detected capacity change from 0 to 512 [ 303.713390][T32657] geneve1: Caught tx_queue_len zero misconfig [ 303.720446][T32654] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 303.751218][T32654] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 303.776416][T32654] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.903584][T32681] __nla_validate_parse: 13 callbacks suppressed [ 303.903600][T32681] netlink: 24 bytes leftover after parsing attributes in process `syz.1.10143'. [ 303.921014][T32686] netlink: 'syz.6.10156': attribute type 3 has an invalid length. [ 304.042886][T32705] tmpfs: Bad value for 'mpol' [ 304.050958][ T10] Process accounting resumed [ 304.171816][T32719] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10159'. [ 304.184480][ T29] kauditd_printk_skb: 255 callbacks suppressed [ 304.184497][ T29] audit: type=1326 audit(291.196:10956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32718 comm="syz.6.10158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798093eec9 code=0x7ffc0000 [ 304.226302][T32722] netlink: 'syz.2.10161': attribute type 3 has an invalid length. [ 304.267945][ T29] audit: type=1326 audit(291.196:10957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32718 comm="syz.6.10158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f798093eec9 code=0x7ffc0000 [ 304.291140][ T29] audit: type=1326 audit(291.196:10958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32718 comm="syz.6.10158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798093eec9 code=0x7ffc0000 [ 304.314321][ T29] audit: type=1326 audit(291.205:10959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32718 comm="syz.6.10158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798093eec9 code=0x7ffc0000 [ 304.357418][ T29] audit: type=1400 audit(291.355:10960): avc: denied { create } for pid=32732 comm="syz.5.10166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 304.388980][T32739] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10168'. [ 304.391376][ T29] audit: type=1400 audit(291.373:10961): avc: denied { connect } for pid=32732 comm="syz.5.10166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 304.400385][T32739] netlink: 2 bytes leftover after parsing attributes in process `syz.1.10168'. [ 304.540115][ T29] audit: type=1326 audit(291.523:10962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32751 comm="syz.2.10172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 304.563642][ T29] audit: type=1326 audit(291.523:10963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32751 comm="syz.2.10172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 304.591462][ T29] audit: type=1326 audit(291.551:10964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32751 comm="syz.2.10172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 304.615122][ T29] audit: type=1326 audit(291.551:10965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32751 comm="syz.2.10172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 304.652285][T32752] loop2: detected capacity change from 0 to 128 [ 304.711389][T32766] program syz.5.10178 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 304.739041][T32767] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10177'. [ 304.812680][ T305] loop2: detected capacity change from 0 to 512 [ 304.837590][ T305] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 304.880775][ T305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 304.914791][ T305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.987346][ T313] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10181'. [ 305.021367][ T320] ref_ctr_offset mismatch. inode: 0x1f8c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 305.035482][ T313] netlink: 2 bytes leftover after parsing attributes in process `syz.3.10181'. [ 305.416921][ T354] program syz.2.10190 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 305.437938][ T351] loop5: detected capacity change from 0 to 128 [ 305.567992][ T376] loop3: detected capacity change from 0 to 2048 [ 305.577360][ T1027] Process accounting resumed [ 305.596908][ T376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 305.676605][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.715103][ T391] netlink: 64 bytes leftover after parsing attributes in process `syz.1.10209'. [ 305.943522][ T424] SELinux: failed to load policy [ 306.007507][ T432] netlink: 20 bytes leftover after parsing attributes in process `syz.5.10225'. [ 306.089179][ T446] netlink: 2 bytes leftover after parsing attributes in process `syz.3.10231'. [ 306.168280][ T463] loop5: detected capacity change from 0 to 512 [ 306.176382][ T463] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 306.192441][ T463] EXT4-fs (loop5): 1 truncate cleaned up [ 306.198766][ T467] loop3: detected capacity change from 0 to 512 [ 306.206362][ T463] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 306.242545][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 306.270476][ T467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 306.307644][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 306.589780][ T507] SELinux: failed to load policy [ 307.510057][ T572] loop3: detected capacity change from 0 to 512 [ 307.529482][ T572] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 307.548767][ T572] EXT4-fs (loop3): 1 truncate cleaned up [ 307.565489][ T572] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 307.602046][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.175464][ T651] loop3: detected capacity change from 0 to 1024 [ 308.183403][ T651] EXT4-fs: Ignoring removed orlov option [ 308.189512][ T651] EXT4-fs: Ignoring removed nobh option [ 308.195278][ T651] EXT4-fs: Ignoring removed bh option [ 308.221066][ T651] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 308.267722][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.486017][ T699] loop2: detected capacity change from 0 to 1024 [ 308.501483][ T699] EXT4-fs: Ignoring removed orlov option [ 308.508047][ T699] EXT4-fs: Ignoring removed nobh option [ 308.513903][ T699] EXT4-fs: Ignoring removed bh option [ 308.549036][ T699] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 308.580599][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.686321][ T728] loop2: detected capacity change from 0 to 512 [ 308.704148][ T728] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 308.717155][ T728] EXT4-fs (loop2): 1 truncate cleaned up [ 308.723278][ T728] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 308.767651][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.548954][ T29] kauditd_printk_skb: 167 callbacks suppressed [ 309.548972][ T29] audit: type=1326 audit(296.200:11133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=768 comm="syz.2.10358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 309.583027][ T29] audit: type=1326 audit(296.200:11134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=768 comm="syz.2.10358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 309.607193][ T29] audit: type=1326 audit(296.247:11135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=768 comm="syz.2.10358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 309.630578][ T29] audit: type=1326 audit(296.247:11136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=768 comm="syz.2.10358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 309.653581][ T29] audit: type=1326 audit(296.247:11137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=768 comm="syz.2.10358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 309.681589][ T767] loop6: detected capacity change from 0 to 1024 [ 309.688545][ T767] EXT4-fs: Ignoring removed orlov option [ 309.694356][ T767] EXT4-fs: Ignoring removed nobh option [ 309.699979][ T767] EXT4-fs: Ignoring removed bh option [ 309.719758][ T29] audit: type=1326 audit(296.266:11138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=768 comm="syz.2.10358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 309.743173][ T29] audit: type=1326 audit(296.266:11139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=768 comm="syz.2.10358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 309.766458][ T29] audit: type=1326 audit(296.266:11140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=768 comm="syz.2.10358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 309.789517][ T29] audit: type=1326 audit(296.266:11141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=768 comm="syz.2.10358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 309.812751][ T29] audit: type=1326 audit(296.266:11142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=768 comm="syz.2.10358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 309.839950][ T767] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 309.877290][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.778623][ T793] syz.6.10367 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 310.793409][ T793] CPU: 0 UID: 0 PID: 793 Comm: syz.6.10367 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 310.793449][ T793] Tainted: [W]=WARN [ 310.793455][ T793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 310.793482][ T793] Call Trace: [ 310.793491][ T793] [ 310.793502][ T793] __dump_stack+0x1d/0x30 [ 310.793530][ T793] dump_stack_lvl+0xe8/0x140 [ 310.793587][ T793] dump_stack+0x15/0x1b [ 310.793603][ T793] dump_header+0x81/0x220 [ 310.793635][ T793] oom_kill_process+0x342/0x400 [ 310.793718][ T793] out_of_memory+0x979/0xb80 [ 310.793747][ T793] try_charge_memcg+0x5e6/0x9e0 [ 310.793787][ T793] obj_cgroup_charge_pages+0xa6/0x150 [ 310.793824][ T793] __memcg_kmem_charge_page+0x9f/0x170 [ 310.793916][ T793] __alloc_frozen_pages_noprof+0x188/0x360 [ 310.793951][ T793] alloc_pages_mpol+0xb3/0x250 [ 310.794029][ T793] alloc_pages_noprof+0x90/0x130 [ 310.794065][ T793] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 310.794106][ T793] __kvmalloc_node_noprof+0x30f/0x4e0 [ 310.794145][ T793] ? ip_set_alloc+0x1f/0x30 [ 310.794172][ T793] ? ip_set_alloc+0x1f/0x30 [ 310.794241][ T793] ? __kmalloc_cache_noprof+0x189/0x320 [ 310.794267][ T793] ip_set_alloc+0x1f/0x30 [ 310.794285][ T793] hash_netiface_create+0x282/0x740 [ 310.794308][ T793] ? __pfx_hash_netiface_create+0x10/0x10 [ 310.794403][ T793] ip_set_create+0x3c9/0x960 [ 310.794437][ T793] ? __nla_parse+0x40/0x60 [ 310.794467][ T793] nfnetlink_rcv_msg+0x4c6/0x590 [ 310.794606][ T793] netlink_rcv_skb+0x123/0x220 [ 310.794628][ T793] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 310.794669][ T793] nfnetlink_rcv+0x16b/0x1690 [ 310.794703][ T793] ? nlmon_xmit+0x4f/0x60 [ 310.794759][ T793] ? consume_skb+0x49/0x150 [ 310.794780][ T793] ? nlmon_xmit+0x4f/0x60 [ 310.794810][ T793] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 310.794836][ T793] ? __dev_queue_xmit+0x1200/0x2000 [ 310.794877][ T793] ? __dev_queue_xmit+0x182/0x2000 [ 310.794961][ T793] ? ref_tracker_free+0x37d/0x3e0 [ 310.795052][ T793] ? __netlink_deliver_tap+0x4dc/0x500 [ 310.795080][ T793] netlink_unicast+0x5bd/0x690 [ 310.795102][ T793] netlink_sendmsg+0x58b/0x6b0 [ 310.795180][ T793] ? __pfx_netlink_sendmsg+0x10/0x10 [ 310.795205][ T793] __sock_sendmsg+0x142/0x180 [ 310.795237][ T793] ____sys_sendmsg+0x31e/0x4e0 [ 310.795290][ T793] ___sys_sendmsg+0x17b/0x1d0 [ 310.795328][ T793] __x64_sys_sendmsg+0xd4/0x160 [ 310.795357][ T793] x64_sys_call+0x191e/0x3000 [ 310.795380][ T793] do_syscall_64+0xd2/0x200 [ 310.795459][ T793] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 310.795486][ T793] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 310.795569][ T793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.795592][ T793] RIP: 0033:0x7f798093eec9 [ 310.795607][ T793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.795627][ T793] RSP: 002b:00007f797f39f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 310.795647][ T793] RAX: ffffffffffffffda RBX: 00007f7980b95fa0 RCX: 00007f798093eec9 [ 310.795672][ T793] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006 [ 310.795685][ T793] RBP: 00007f79809c1f91 R08: 0000000000000000 R09: 0000000000000000 [ 310.795697][ T793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 310.795710][ T793] R13: 00007f7980b96038 R14: 00007f7980b95fa0 R15: 00007ffe164b6008 [ 310.795730][ T793] [ 310.795760][ T793] memory: usage 307200kB, limit 307200kB, failcnt 123 [ 311.142641][ T793] memory+swap: usage 307508kB, limit 9007199254740988kB, failcnt 0 [ 311.150568][ T793] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0 [ 311.158020][ T793] Memory cgroup stats for /syz6: [ 311.158513][ T793] cache 0 [ 311.166718][ T793] rss 4096 [ 311.169756][ T793] shmem 0 [ 311.172708][ T793] mapped_file 0 [ 311.176274][ T793] dirty 0 [ 311.179222][ T793] writeback 0 [ 311.182639][ T793] workingset_refault_anon 0 [ 311.187224][ T793] workingset_refault_file 0 [ 311.191734][ T793] swap 315392 [ 311.195026][ T793] swapcached 32768 [ 311.198996][ T793] pgpgin 35761 [ 311.202428][ T793] pgpgout 35753 [ 311.206086][ T793] pgfault 62843 [ 311.209805][ T793] pgmajfault 2 [ 311.213259][ T793] inactive_anon 32768 [ 311.217303][ T793] active_anon 0 [ 311.220843][ T793] inactive_file 0 [ 311.224499][ T793] active_file 0 [ 311.228011][ T793] unevictable 0 [ 311.231507][ T793] hierarchical_memory_limit 314572800 [ 311.237092][ T793] hierarchical_memsw_limit 9223372036854771712 [ 311.243585][ T793] total_cache 0 [ 311.247132][ T793] total_rss 4096 [ 311.250774][ T793] total_shmem 0 [ 311.254309][ T793] total_mapped_file 0 [ 311.258496][ T793] total_dirty 0 [ 311.262087][ T793] total_writeback 0 [ 311.265969][ T793] total_workingset_refault_anon 0 [ 311.271066][ T793] total_workingset_refault_file 0 [ 311.276104][ T793] total_swap 315392 [ 311.280028][ T793] total_swapcached 32768 [ 311.284431][ T793] total_pgpgin 35761 [ 311.288341][ T793] total_pgpgout 35753 [ 311.292447][ T793] total_pgfault 62843 [ 311.296446][ T793] total_pgmajfault 2 [ 311.300376][ T793] total_inactive_anon 32768 [ 311.304927][ T793] total_active_anon 0 [ 311.308969][ T793] total_inactive_file 0 [ 311.313234][ T793] total_active_file 0 [ 311.317356][ T793] total_unevictable 0 [ 311.321517][ T793] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.10367,pid=792,uid=0 [ 311.336571][ T793] Memory cgroup out of memory: Killed process 792 (syz.6.10367) total-vm:95872kB, anon-rss:1136kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000 [ 311.763449][ T874] macvtap0: refused to change device tx_queue_len [ 312.986372][ T903] syz.5.10412 (903) used greatest stack depth: 6168 bytes left [ 314.357023][ T1001] kernel read not supported for file /policy (pid: 1001 comm: syz.6.10450) [ 314.683252][ T1030] __nla_validate_parse: 2 callbacks suppressed [ 314.683273][ T1030] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10466'. [ 314.882136][ T1041] SELinux: failed to load policy [ 314.922750][ T1049] netlink: 20 bytes leftover after parsing attributes in process `+}[@'. [ 314.953965][ T1053] SELinux: failed to load policy [ 315.005335][ T29] kauditd_printk_skb: 150 callbacks suppressed [ 315.005354][ T29] audit: type=1400 audit(301.317:11293): avc: denied { firmware_load } for pid=1056 comm="+}[@" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1 [ 315.360822][ T29] audit: type=1400 audit(301.644:11294): avc: denied { bind } for pid=1087 comm="syz.3.10479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 315.457360][ T29] audit: type=1326 audit(301.728:11295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1095 comm="syz.3.10483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 315.480554][ T29] audit: type=1326 audit(301.728:11296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1095 comm="syz.3.10483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 315.503747][ T29] audit: type=1326 audit(301.728:11297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1095 comm="syz.3.10483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 315.526869][ T29] audit: type=1326 audit(301.728:11298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1095 comm="syz.3.10483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 315.550122][ T29] audit: type=1326 audit(301.728:11299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1095 comm="syz.3.10483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 315.573397][ T29] audit: type=1326 audit(301.728:11300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1095 comm="syz.3.10483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 315.597141][ T29] audit: type=1326 audit(301.728:11301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1095 comm="syz.3.10483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 315.620739][ T29] audit: type=1326 audit(301.728:11302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1095 comm="syz.3.10483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 315.768479][ T1107] blktrace: Concurrent blktraces are not allowed on loop5 [ 315.878658][ T1112] kernel read not supported for file /policy (pid: 1112 comm: syz.3.10487) [ 316.010587][ T1133] kernel read not supported for file /policy (pid: 1133 comm: syz.2.10504) [ 316.232964][ T1154] netlink: 20 bytes leftover after parsing attributes in process `+}[@'. [ 316.412948][ T1183] loop5: detected capacity change from 0 to 128 [ 316.547880][ T1027] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x4 [ 316.555837][ T1027] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x2 [ 316.573466][ T1027] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x3 [ 316.583103][ T1027] hid-generic 0000:3000000:0000.000C: hidraw0: HID v0.00 Device [sy] on syz0 [ 316.638098][ T1209] netlink: 20 bytes leftover after parsing attributes in process `+}[@'. [ 316.685078][ T1223] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10525'. [ 316.998329][ T1289] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10539'. [ 317.216332][ T1301] lo speed is unknown, defaulting to 1000 [ 318.084783][ T1415] bridge0: entered promiscuous mode [ 318.090094][ T1415] macsec0: entered promiscuous mode [ 318.106540][ T1415] bridge0: port 1(macsec0) entered blocking state [ 318.113165][ T1415] bridge0: port 1(macsec0) entered disabled state [ 318.130802][ T1415] macsec0: entered allmulticast mode [ 318.136237][ T1415] bridge0: entered allmulticast mode [ 318.153066][ T1415] macsec0: left allmulticast mode [ 318.158220][ T1415] bridge0: left allmulticast mode [ 318.171648][ T1415] bridge0: left promiscuous mode [ 318.915517][ T1466] loop2: detected capacity change from 0 to 512 [ 318.932939][ T1466] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 319.070354][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.238755][ T1484] loop6: detected capacity change from 0 to 1024 [ 319.271551][ T1484] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 319.322468][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 319.667220][ T1503] SELinux: security policydb version 16 (MLS) not backwards compatible [ 319.675895][ T1503] SELinux: failed to load policy [ 320.641453][ T29] kauditd_printk_skb: 100 callbacks suppressed [ 320.641476][ T29] audit: type=1404 audit(306.583:11403): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1 [ 320.682490][ T29] audit: type=1400 audit(306.592:11404): avc: denied { prog_load } for pid=1519 comm="syz.3.10617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 320.701998][ T29] audit: type=1400 audit(306.592:11405): avc: denied { create } for pid=1519 comm="syz.3.10617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0 [ 320.721754][ T29] audit: type=1400 audit(306.592:11406): avc: denied { create } for pid=1519 comm="syz.3.10617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0 [ 320.742274][ T29] audit: type=1400 audit(306.611:11407): avc: denied { read write } for pid=28616 comm="syz-executor" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 320.766262][ T29] audit: type=1404 audit(306.611:11408): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1 [ 320.781061][ T29] audit: type=1400 audit(306.611:11409): avc: denied { read write } for pid=3300 comm="syz-executor" name="loop3" dev="devtmpfs" ino=673 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 320.804547][ T29] audit: type=1400 audit(306.611:11410): avc: denied { open } for pid=3300 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=673 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 320.827245][ T29] audit: type=1400 audit(306.611:11411): avc: denied { ioctl } for pid=3300 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=673 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 320.853673][ T29] audit: type=1400 audit(306.620:11412): avc: denied { create } for pid=1522 comm="syz.6.10618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 320.998684][ T1541] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10624'. [ 321.300908][ T1587] netlink: 'syz.3.10635': attribute type 1 has an invalid length. [ 321.375335][ T1592] SELinux: failed to load policy [ 321.647439][ T1605] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.10643'. [ 321.657368][ T1604] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.10643'. [ 321.740306][ T1609] lo speed is unknown, defaulting to 1000 [ 321.794326][ T1637] program syz.6.10648 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 321.871779][ T1642] loop6: detected capacity change from 0 to 8192 [ 321.931766][ T1661] loop6: detected capacity change from 0 to 1024 [ 321.966823][ T1661] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.001036][ T1675] netlink: 'syz.1.10659': attribute type 1 has an invalid length. [ 322.007578][ T1661] EXT4-fs error (device loop6): ext4_xattr_set_entry:1660: inode #15: comm syz.6.10654: corrupted xattr entries [ 322.021557][ T1661] EXT4-fs error (device loop6): ext4_xattr_block_set:2210: inode #15: comm syz.6.10654: bad block 113 [ 322.039876][ T1675] 8021q: adding VLAN 0 to HW filter on device bond4 [ 322.070127][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.081280][ T1711] loop2: detected capacity change from 0 to 512 [ 322.089314][ T1711] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 322.098970][ T1675] bond4: (slave veth0_to_bond): making interface the new active one [ 322.110283][ T1675] bond4: (slave veth0_to_bond): Enslaving as an active interface with an up link [ 322.110631][ T1711] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002] [ 322.128145][ T1711] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.10670: corrupted in-inode xattr: e_value size too large [ 322.146273][ T1711] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.10670: couldn't read orphan inode 15 (err -117) [ 322.188155][ T1711] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.231456][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.247552][ T1736] program syz.5.10665 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 322.265345][ T1741] loop2: detected capacity change from 0 to 1024 [ 322.285788][ T1741] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.321337][ T1741] EXT4-fs error (device loop2): ext4_xattr_set_entry:1660: inode #15: comm syz.2.10676: corrupted xattr entries [ 322.350288][ T1741] EXT4-fs error (device loop2): ext4_xattr_block_set:2210: inode #15: comm syz.2.10676: bad block 113 [ 322.389737][ T1760] netlink: 'syz.6.10674': attribute type 1 has an invalid length. [ 322.405518][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.425625][ T1760] 8021q: adding VLAN 0 to HW filter on device bond1 [ 322.450349][ T1802] loop3: detected capacity change from 0 to 512 [ 322.457407][ T1802] EXT4-fs: Ignoring removed oldalloc option [ 322.469635][ T1760] bond1: (slave veth0_to_bond): making interface the new active one [ 322.479745][ T1760] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link [ 322.498455][ T1806] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.10675'. [ 322.509351][ T1802] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 322.531843][ T1795] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.10675'. [ 322.558178][ T1810] program syz.2.10679 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 322.580927][ T1802] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.10678: bg 0: block 217: padding at end of block bitmap is not set [ 322.641097][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.700623][ T1833] netlink: 'syz.3.10691': attribute type 1 has an invalid length. [ 322.727444][ T1833] 8021q: adding VLAN 0 to HW filter on device bond7 [ 322.771167][ T1833] bond7: (slave veth0_to_bond): Enslaving as an active interface with a down link [ 322.841213][ T1876] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10695'. [ 322.872580][ T1877] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.10692'. [ 322.882677][ T1871] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.10692'. [ 322.919773][ T1885] loop6: detected capacity change from 0 to 512 [ 322.928229][ T1885] EXT4-fs: Ignoring removed oldalloc option [ 322.948834][ T1885] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 322.974298][ T1885] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.10698: bg 0: block 217: padding at end of block bitmap is not set [ 323.016544][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.035316][ T1898] netlink: 'syz.2.10703': attribute type 1 has an invalid length. [ 323.055851][ T1898] 8021q: adding VLAN 0 to HW filter on device bond4 [ 323.088313][ T1898] bond4: (slave veth0_to_bond): Enslaving as an active interface with a down link [ 323.206292][ T1948] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.10708'. [ 323.218437][ T1943] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.10708'. [ 323.252471][ T1953] loop2: detected capacity change from 0 to 512 [ 323.252434][ T1954] loop6: detected capacity change from 0 to 164 [ 323.259391][ T1953] EXT4-fs: Ignoring removed oldalloc option [ 323.273233][ T1954] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 323.281601][ T1953] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 323.297016][ T1953] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.10713: bg 0: block 217: padding at end of block bitmap is not set [ 323.313844][ T1954] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 323.353860][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.374377][ T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0) [ 323.386670][ T1970] loop6: detected capacity change from 0 to 128 [ 323.518306][ T6587] bio_check_eod: 17 callbacks suppressed [ 323.518325][ T6587] kworker/u8:41: attempt to access beyond end of device [ 323.518325][ T6587] loop6: rw=1, sector=145, nr_sectors = 16 limit=128 [ 323.539777][ T6587] kworker/u8:41: attempt to access beyond end of device [ 323.539777][ T6587] loop6: rw=1, sector=169, nr_sectors = 8 limit=128 [ 323.553629][ T6587] kworker/u8:41: attempt to access beyond end of device [ 323.553629][ T6587] loop6: rw=1, sector=185, nr_sectors = 8 limit=128 [ 323.578081][ T6587] kworker/u8:41: attempt to access beyond end of device [ 323.578081][ T6587] loop6: rw=1, sector=201, nr_sectors = 8 limit=128 [ 323.593456][ T6587] kworker/u8:41: attempt to access beyond end of device [ 323.593456][ T6587] loop6: rw=1, sector=217, nr_sectors = 8 limit=128 [ 323.607227][ T6587] kworker/u8:41: attempt to access beyond end of device [ 323.607227][ T6587] loop6: rw=1, sector=233, nr_sectors = 8 limit=128 [ 323.622476][ T6587] kworker/u8:41: attempt to access beyond end of device [ 323.622476][ T6587] loop6: rw=1, sector=249, nr_sectors = 8 limit=128 [ 323.637544][ T6587] kworker/u8:41: attempt to access beyond end of device [ 323.637544][ T6587] loop6: rw=1, sector=265, nr_sectors = 8 limit=128 [ 323.657752][ T6587] kworker/u8:41: attempt to access beyond end of device [ 323.657752][ T6587] loop6: rw=1, sector=281, nr_sectors = 8 limit=128 [ 323.673194][ T6587] kworker/u8:41: attempt to access beyond end of device [ 323.673194][ T6587] loop6: rw=1, sector=297, nr_sectors = 8 limit=128 [ 323.839277][ T2009] lo speed is unknown, defaulting to 1000 [ 323.930793][ T2037] loop6: detected capacity change from 0 to 512 [ 323.937919][ T2037] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 323.948633][ T2037] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002] [ 323.957200][ T2037] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.10734: corrupted in-inode xattr: e_value size too large [ 323.972402][ T2037] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.10734: couldn't read orphan inode 15 (err -117) [ 323.985801][ T2037] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 324.012798][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.259410][ T2071] loop5: detected capacity change from 0 to 164 [ 324.260021][ T1027] kernel write not supported for file bpf-prog (pid: 1027 comm: kworker/1:2) [ 324.276055][ T2071] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 324.290387][ T2071] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 324.478770][ T2112] /dev/md0: Can't lookup blockdev [ 324.480500][ T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0) [ 324.562391][ T2125] SELinux: Context system_u:object_r:modules_conf_t:s0 is not valid (left unmapped). [ 324.898991][ T2183] loop3: detected capacity change from 0 to 512 [ 324.907980][ T2183] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 324.918600][ T2183] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002] [ 324.938655][ T2183] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.10787: corrupted in-inode xattr: e_value size too large [ 324.963564][ T2183] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.10787: couldn't read orphan inode 15 (err -117) [ 324.995930][ T2183] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 325.048973][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.537638][ T2267] loop5: detected capacity change from 0 to 128 [ 325.562329][ T2267] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 325.665739][T10157] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 325.742848][ T2280] loop3: detected capacity change from 0 to 32768 [ 325.789054][ T2280] loop3: p1 p3 < > [ 325.823914][ T2297] netlink: 'syz.1.10836': attribute type 29 has an invalid length. [ 325.836026][ T2297] netlink: 'syz.1.10836': attribute type 29 has an invalid length. [ 325.962195][ T2319] SELinux: failed to load policy [ 325.993332][ T29] kauditd_printk_skb: 261 callbacks suppressed [ 325.993353][ T29] audit: type=1326 audit(311.597:11674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2322 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 326.029121][ T29] audit: type=1326 audit(311.597:11675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2322 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 326.052715][ T29] audit: type=1326 audit(311.625:11676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2322 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 326.076259][ T29] audit: type=1326 audit(311.625:11677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2322 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 326.099834][ T29] audit: type=1400 audit(311.625:11678): avc: denied { create } for pid=2324 comm="syz.2.10839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 326.119289][ T29] audit: type=1400 audit(311.625:11679): avc: denied { ioctl } for pid=2324 comm="syz.2.10839" path="socket:[86202]" dev="sockfs" ino=86202 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 326.144253][ T29] audit: type=1400 audit(311.625:11680): avc: denied { bind } for pid=2324 comm="syz.2.10839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 326.163498][ T29] audit: type=1326 audit(311.653:11681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2322 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 326.186739][ T29] audit: type=1326 audit(311.672:11682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2322 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 326.209654][ T29] audit: type=1326 audit(311.672:11683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2326 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f65a1591785 code=0x7ffc0000 [ 326.294166][ T2329] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 326.314248][ T2329] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 326.384245][ T2351] loop6: detected capacity change from 0 to 128 [ 326.419121][ T2351] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 326.432655][ T2361] loop2: detected capacity change from 0 to 164 [ 326.542175][T28616] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 326.560622][ T2381] __nla_validate_parse: 11 callbacks suppressed [ 326.560643][ T2381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10862'. [ 326.579644][ T2378] sit0: Caught tx_queue_len zero misconfig [ 326.634736][ T2393] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10864'. [ 326.654893][ T2393] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 326.701737][ T2393] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 326.757863][ T2408] loop3: detected capacity change from 0 to 164 [ 326.778178][ T2404] loop5: detected capacity change from 0 to 4096 [ 326.803548][ T2404] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 326.866079][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.875256][ T2380] loop2: detected capacity change from 0 to 32768 [ 326.911630][ T2380] loop2: p1 p3 < > [ 326.933295][ T2436] loop3: detected capacity change from 0 to 512 [ 326.950660][ T2436] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 326.989830][ T2436] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 327.016061][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.077287][ T2461] loop3: detected capacity change from 0 to 128 [ 327.090359][ T2461] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 327.108669][ T2466] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10885'. [ 327.159318][ T2477] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10889'. [ 327.178524][ T2481] loop6: detected capacity change from 0 to 512 [ 327.185946][ T2481] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 327.218999][ T2481] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 327.245197][ T3300] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 327.256873][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.293763][ T2501] loop3: detected capacity change from 0 to 512 [ 327.303827][ T2501] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 327.321170][ T2501] EXT4-fs (loop3): 1 truncate cleaned up [ 327.341851][ T2501] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.377697][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.446823][ T2524] netlink: 'syz.1.10904': attribute type 1 has an invalid length. [ 327.463045][ T2526] loop2: detected capacity change from 0 to 128 [ 327.474962][ T2526] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 327.556016][ T3304] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 327.575437][ T2541] loop5: detected capacity change from 0 to 512 [ 327.586147][ T2543] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10914'. [ 327.596533][ T2541] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 327.616808][ T2541] EXT4-fs (loop5): 1 truncate cleaned up [ 327.622894][ T2541] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.666285][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.482265][ T2595] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10927'. [ 328.509229][ T2596] loop5: detected capacity change from 0 to 512 [ 328.534144][ T2607] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10932'. [ 328.549196][ T2598] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 328.556917][ T2596] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 328.622647][ T2596] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 328.687929][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.762312][ T2637] loop6: detected capacity change from 0 to 128 [ 328.770913][ T2637] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 328.805908][T28616] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 329.601670][ T2660] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10947'. [ 329.689392][ T2685] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10958'. [ 329.758680][ T2695] loop2: detected capacity change from 0 to 128 [ 329.767337][ T2695] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 329.797851][ T3304] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 329.938562][ T2725] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10974'. [ 330.057850][ T2739] loop6: detected capacity change from 0 to 512 [ 330.091659][ T2739] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 330.106725][ T2739] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 330.145915][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.159304][ T2757] SELinux: security_context_str_to_sid (s) failed with errno=-22 [ 330.218989][ T2766] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 330.230134][ T2765] IPVS: stopping master sync thread 2766 ... [ 330.339790][ T2781] sd 0:0:1:0: device reset [ 330.397543][ T2788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 330.423050][ T2788] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 330.473958][ T2798] SELinux: failed to load policy [ 330.597023][ T2825] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 330.926284][ T2853] SELinux: policydb version -2103515528 does not match my version range 15-35 [ 330.935949][ T2853] SELinux: failed to load policy [ 331.058911][ T2865] netlink: 'syz.5.11024': attribute type 21 has an invalid length. [ 331.360673][ T29] kauditd_printk_skb: 320 callbacks suppressed [ 331.360691][ T29] audit: type=1400 audit(316.610:12004): avc: denied { validate_trans } for pid=2869 comm="syz.6.11026" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 331.414918][ T2872] batadv1: entered promiscuous mode [ 331.414938][ T2872] batadv1: entered allmulticast mode [ 331.520771][ T29] audit: type=1400 audit(316.760:12005): avc: denied { execute } for pid=2882 comm="syz.6.11030" name="file1" dev="tmpfs" ino=2130 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 331.531785][ T2885] netlink: 'syz.2.11031': attribute type 1 has an invalid length. [ 331.550116][ T29] audit: type=1400 audit(316.788:12006): avc: denied { execute_no_trans } for pid=2882 comm="syz.6.11030" path="/411/file1" dev="tmpfs" ino=2130 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 331.588647][ T2885] 8021q: adding VLAN 0 to HW filter on device bond5 [ 331.648573][ T29] audit: type=1400 audit(316.882:12007): avc: denied { name_bind } for pid=2924 comm="syz.2.11034" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 331.715110][ T2927] vcan0: tx drop: invalid sa for name 0xffffffffffffffff [ 331.715250][ T29] audit: type=1400 audit(316.910:12008): avc: denied { append } for pid=2926 comm="syz.6.11035" name="random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 331.746386][ T29] audit: type=1326 audit(316.910:12009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2928 comm="syz.2.11036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 331.746421][ T29] audit: type=1326 audit(316.929:12010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2928 comm="syz.2.11036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 331.746460][ T29] audit: type=1326 audit(316.929:12011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2928 comm="syz.2.11036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 331.746553][ T29] audit: type=1326 audit(316.929:12012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2928 comm="syz.2.11036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 331.746586][ T29] audit: type=1326 audit(316.929:12013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2928 comm="syz.2.11036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fccb39feec9 code=0x7ffc0000 [ 331.980393][ T2948] __nla_validate_parse: 4 callbacks suppressed [ 331.980414][ T2948] netlink: 256 bytes leftover after parsing attributes in process `syz.1.11044'. [ 332.024305][ T2968] loop6: detected capacity change from 0 to 512 [ 332.080036][ T2968] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 332.114905][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.181343][ T3007] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 332.243662][ T3018] program syz.3.11066 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 332.280977][ T3029] loop2: detected capacity change from 0 to 512 [ 332.326017][ T3029] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 332.334880][ T3029] EXT4-fs (loop2): orphan cleanup on readonly fs [ 332.343917][ T3029] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.11070: corrupted inode contents [ 332.358035][ T3029] EXT4-fs (loop2): Remounting filesystem read-only [ 332.365010][ T3029] EXT4-fs (loop2): 1 truncate cleaned up [ 332.370923][ T6571] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 332.371123][ T3042] loop3: detected capacity change from 0 to 2048 [ 332.381537][ T6571] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 332.381571][ T6571] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 332.410313][ T3029] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 332.422449][ T3042] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 332.448844][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.472531][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.507710][ T3058] netlink: 104 bytes leftover after parsing attributes in process `syz.2.11080'. [ 332.698459][ T3081] netlink: 96 bytes leftover after parsing attributes in process `syz.5.11088'. [ 332.941712][ T3114] loop5: detected capacity change from 0 to 1024 [ 332.948853][ T3114] EXT4-fs: Ignoring removed nomblk_io_submit option [ 332.969626][ T3114] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 332.980345][ T3114] System zones: 0-1, 3-36 [ 332.990527][ T3114] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.050329][ T3122] loop3: detected capacity change from 0 to 1024 [ 333.060794][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.074649][ T3122] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 333.203511][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 333.230899][ T3149] atomic_op ffff88815d081128 conn xmit_atomic 0000000000000000 [ 333.460280][ T3195] loop6: detected capacity change from 0 to 128 [ 333.472299][ T3195] vfat: Bad value for 'shortname' [ 333.549667][ T3216] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11137'. [ 333.856203][ T3346] sd 0:0:1:0: device reset [ 333.902507][ T3369] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11170'. [ 333.911885][ T3369] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11170'. [ 333.960517][ T3389] netlink: 'syz.6.11173': attribute type 21 has an invalid length. [ 333.981733][ T3389] netlink: 132 bytes leftover after parsing attributes in process `syz.6.11173'. [ 334.014420][ T3400] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) ! [ 334.245812][ T3442] IPv6: Can't replace route, no match found [ 334.424490][ T3467] netlink: 264 bytes leftover after parsing attributes in process `syz.1.11203'. [ 334.600048][ T3478] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11208'. [ 334.665406][ T3482] netlink: 96 bytes leftover after parsing attributes in process `syz.5.11210'. [ 334.779384][ T3562] can0: slcan on ttyS3. [ 334.832900][ T3562] can0 (unregistered): slcan off ttyS3. [ 334.841951][ T3562] can0: slcan on ttyS3. [ 334.886509][ T3561] can0 (unregistered): slcan off ttyS3. [ 335.079017][ T3612] netlink: 'syz.1.11232': attribute type 21 has an invalid length. [ 335.194756][ T3630] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) ! [ 335.307684][ T3644] loop2: detected capacity change from 0 to 512 [ 335.337495][ T3644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 335.351173][ T3653] program syz.1.11249 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 335.394252][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.511922][ T3682] netlink: 'syz.1.11272': attribute type 9 has an invalid length. [ 335.520048][ T3682] netlink: 'syz.1.11272': attribute type 6 has an invalid length. [ 335.693336][ T3701] loop6: detected capacity change from 0 to 512 [ 335.711960][ T3701] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 335.751730][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.814172][ T3727] loop2: detected capacity change from 0 to 128 [ 335.821156][ T3727] vfat: Bad value for 'shortname' [ 335.888322][ T3739] loop6: detected capacity change from 0 to 736 [ 336.318744][ T3748] loop5: detected capacity change from 0 to 512 [ 336.339096][ T3748] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 336.395448][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.413236][ T3764] loop6: detected capacity change from 0 to 2048 [ 336.428486][ T3766] loop2: detected capacity change from 0 to 1024 [ 336.435543][ T3766] EXT4-fs: Ignoring removed orlov option [ 336.448274][ T3766] EXT4-fs: Ignoring removed nobh option [ 336.448697][ T3764] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 336.454015][ T3766] EXT4-fs: Ignoring removed bh option [ 336.510248][ T3766] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 336.573663][ T3766] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.11296: Allocating blocks 481-513 which overlap fs metadata [ 336.589423][ T3790] netlink: 'syz.1.11302': attribute type 10 has an invalid length. [ 336.745014][ T3766] EXT4-fs (loop2): pa ffff888106a705b0: logic 352, phys. 465, len 3 [ 336.753288][ T3766] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 336.871655][ T3806] can0: slcan on ttyS3. [ 336.913564][ T29] kauditd_printk_skb: 449 callbacks suppressed [ 336.913579][ T29] audit: type=1326 audit(321.802:12457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.6.11310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7980935d67 code=0x7ffc0000 [ 336.976666][ T3806] can0 (unregistered): slcan off ttyS3. [ 336.993604][ T3816] can0: slcan on ttyS3. [ 336.996379][ T29] audit: type=1326 audit(321.867:12458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.6.11310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f79808daf79 code=0x7ffc0000 [ 337.021124][ T29] audit: type=1326 audit(321.867:12459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.6.11310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7980935d67 code=0x7ffc0000 [ 337.044658][ T29] audit: type=1326 audit(321.867:12460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.6.11310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f79808daf79 code=0x7ffc0000 [ 337.068188][ T29] audit: type=1326 audit(321.867:12461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.6.11310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798093eec9 code=0x7ffc0000 [ 337.091364][ T29] audit: type=1326 audit(321.867:12462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.6.11310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798093eec9 code=0x7ffc0000 [ 337.114371][ T29] audit: type=1326 audit(321.867:12463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.6.11310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f798093eec9 code=0x7ffc0000 [ 337.137628][ T29] audit: type=1326 audit(321.867:12464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.6.11310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798093eec9 code=0x7ffc0000 [ 337.160771][ T29] audit: type=1326 audit(321.867:12465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.6.11310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798093eec9 code=0x7ffc0000 [ 337.184032][ T29] audit: type=1326 audit(321.867:12466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.6.11310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f798093eec9 code=0x7ffc0000 [ 337.270263][ T3805] can0 (unregistered): slcan off ttyS3. [ 337.354082][ T3828] __nla_validate_parse: 10 callbacks suppressed [ 337.354102][ T3828] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11312'. [ 337.369673][ T3828] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11312'. [ 337.400190][ T3828] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11312'. [ 337.409458][ T3828] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11312'. [ 337.575126][ T3861] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11324'. [ 337.826390][ T3903] loop5: detected capacity change from 0 to 736 [ 337.846417][ T3906] loop6: detected capacity change from 0 to 512 [ 337.864141][ T3906] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 337.877896][ T3906] EXT4-fs (loop6): orphan cleanup on readonly fs [ 337.888344][ T3906] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.11354: corrupted inode contents [ 337.903014][ T3906] EXT4-fs (loop6): Remounting filesystem read-only [ 337.909893][ T3906] EXT4-fs (loop6): 1 truncate cleaned up [ 337.915920][ T6580] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 337.926597][ T6580] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 337.959957][ T6580] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started [ 337.976825][ T3924] netlink: 28 bytes leftover after parsing attributes in process `syz.5.11349'. [ 337.985948][ T3924] netlink: 28 bytes leftover after parsing attributes in process `syz.5.11349'. [ 338.034514][ T3932] loop5: detected capacity change from 0 to 512 [ 338.045971][ T3932] EXT4-fs error (device loop5): ext4_init_orphan_info:585: comm syz.5.11350: inode #0: comm syz.5.11350: iget: illegal inode # [ 338.060004][ T3932] EXT4-fs (loop5): get orphan inode failed [ 338.067763][ T3932] EXT4-fs (loop5): mount failed [ 338.141633][ T3949] netlink: 20 bytes leftover after parsing attributes in process `syz.1.11357'. [ 338.674646][ T3955] ref_ctr_offset mismatch. inode: 0x23e3 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 338.678900][ T3954] loop3: detected capacity change from 0 to 736 [ 338.774330][ T3973] program syz.6.11379 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 338.823810][ T3980] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 338.934202][ T4004] netlink: 96 bytes leftover after parsing attributes in process `syz.3.11380'. [ 339.148980][ T4039] loop3: detected capacity change from 0 to 512 [ 339.157531][ T4039] EXT4-fs error (device loop3): ext4_init_orphan_info:585: comm syz.3.11395: inode #0: comm syz.3.11395: iget: illegal inode # [ 339.172779][ T4039] EXT4-fs (loop3): get orphan inode failed [ 339.178988][ T4039] EXT4-fs (loop3): mount failed [ 339.254548][ T4054] loop2: detected capacity change from 0 to 512 [ 339.265753][ T4054] EXT4-fs error (device loop2): ext4_init_orphan_info:585: comm syz.2.11407: inode #0: comm syz.2.11407: iget: illegal inode # [ 339.279765][ T4054] EXT4-fs (loop2): get orphan inode failed [ 339.286161][ T4054] EXT4-fs (loop2): mount failed [ 339.795372][ T4074] loop2: detected capacity change from 0 to 512 [ 339.826217][ T4074] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 340.362458][ T4142] netlink: 256 bytes leftover after parsing attributes in process `syz.2.11433'. [ 340.425120][ T4157] loop2: detected capacity change from 0 to 128 [ 340.446572][ T4157] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 340.454724][ T4157] FAT-fs (loop2): Filesystem has been set read-only [ 340.463051][ T4157] bio_check_eod: 101 callbacks suppressed [ 340.463074][ T4157] syz.2.11436: attempt to access beyond end of device [ 340.463074][ T4157] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 340.483377][ T4157] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 340.491337][ T4157] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 340.500519][ T4157] syz.2.11436: attempt to access beyond end of device [ 340.500519][ T4157] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 340.527743][ T4157] syz.2.11436: attempt to access beyond end of device [ 340.527743][ T4157] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 340.541740][ T4157] syz.2.11436: attempt to access beyond end of device [ 340.541740][ T4157] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 340.555336][ T4156] syz.2.11436: attempt to access beyond end of device [ 340.555336][ T4156] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 340.571415][ T4157] syz.2.11436: attempt to access beyond end of device [ 340.571415][ T4157] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 340.585053][ T4157] syz.2.11436: attempt to access beyond end of device [ 340.585053][ T4157] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 340.598695][ T4157] syz.2.11436: attempt to access beyond end of device [ 340.598695][ T4157] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 340.612271][ T4156] syz.2.11436: attempt to access beyond end of device [ 340.612271][ T4156] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 340.625896][ T4157] syz.2.11436: attempt to access beyond end of device [ 340.625896][ T4157] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 341.494541][ T4191] loop6: detected capacity change from 0 to 128 [ 341.512960][ T4191] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100) [ 341.520974][ T4191] FAT-fs (loop6): Filesystem has been set read-only [ 341.535524][ T4191] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100) [ 341.543666][ T4191] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100) [ 342.533427][ T4208] netlink: 'syz.1.11462': attribute type 3 has an invalid length. [ 342.616722][ T29] kauditd_printk_skb: 1804 callbacks suppressed [ 342.616737][ T29] audit: type=1400 audit(327.143:14265): avc: denied { create } for pid=4212 comm="syz.1.11454" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 342.652265][ T4218] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 342.652572][ T4217] IPVS: stopping master sync thread 4218 ... [ 342.682739][ T29] audit: type=1400 audit(327.143:14266): avc: denied { setopt } for pid=4212 comm="syz.1.11454" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 342.748779][ T4226] netlink: 'syz.1.11460': attribute type 1 has an invalid length. [ 342.813913][ T4235] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649 [ 342.826265][ T29] audit: type=1400 audit(327.321:14267): avc: denied { write } for pid=4232 comm="syz.2.11463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 342.851218][ T4226] 8021q: adding VLAN 0 to HW filter on device bond5 [ 342.874393][ T1027] hid-generic 0008:0000:0008.000D: unknown main item tag 0x0 [ 342.881943][ T1027] hid-generic 0008:0000:0008.000D: unknown main item tag 0x0 [ 342.889571][ T1027] hid-generic 0008:0000:0008.000D: unknown main item tag 0x0 [ 342.897104][ T1027] hid-generic 0008:0000:0008.000D: unknown main item tag 0x0 [ 342.904574][ T1027] hid-generic 0008:0000:0008.000D: unknown main item tag 0x0 [ 342.912104][ T1027] hid-generic 0008:0000:0008.000D: unknown main item tag 0x0 [ 342.919996][ T1027] hid-generic 0008:0000:0008.000D: unknown main item tag 0x0 [ 342.922605][ T29] audit: type=1400 audit(327.377:14268): avc: denied { read write } for pid=4234 comm="syz.5.11464" name="uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 342.927471][ T1027] hid-generic 0008:0000:0008.000D: unknown main item tag 0x0 [ 342.927501][ T1027] hid-generic 0008:0000:0008.000D: unknown main item tag 0x0 [ 342.950746][ T29] audit: type=1400 audit(327.377:14269): avc: denied { open } for pid=4234 comm="syz.5.11464" path="/dev/uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 342.958174][ T1027] hid-generic 0008:0000:0008.000D: unknown main item tag 0x0 [ 343.012454][ T29] audit: type=1400 audit(327.517:14270): avc: denied { create } for pid=4275 comm="syz.2.11466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 343.014840][ T4236] bond5: (slave geneve3): making interface the new active one [ 343.042753][ T29] audit: type=1400 audit(327.536:14271): avc: denied { ioctl } for pid=4275 comm="syz.2.11466" path="socket:[89659]" dev="sockfs" ino=89659 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 343.068454][ T29] audit: type=1400 audit(327.536:14272): avc: denied { bind } for pid=4275 comm="syz.2.11466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 343.071277][ T4236] bond5: (slave geneve3): Enslaving as an active interface with an up link [ 343.088153][ T29] audit: type=1400 audit(327.536:14273): avc: denied { write } for pid=4275 comm="syz.2.11466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 343.088192][ T29] audit: type=1326 audit(327.536:14274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4272 comm="syz.3.11467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 343.141905][ T1027] hid-generic 0008:0000:0008.000D: hidraw0: HID v0.07 Device [syz1] on syz1 [ 343.388578][ T1027] hid-generic 0008:0000:0008.000E: hidraw0: HID v0.07 Device [syz1] on syz1 [ 343.613778][ T4350] loop6: detected capacity change from 0 to 8192 [ 343.622652][ T4354] loop3: detected capacity change from 0 to 512 [ 343.622760][ T4350] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 343.933701][ T4393] loop2: detected capacity change from 0 to 8192 [ 343.941566][ T4393] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 344.003244][ T4409] loop3: detected capacity change from 0 to 128 [ 344.018624][ T4409] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 344.026512][ T4409] FAT-fs (loop3): Filesystem has been set read-only [ 344.036145][ T4409] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 344.044368][ T4409] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 344.347509][ T4444] SELinux: security_context_str_to_sid () failed with errno=-22 [ 344.441338][ T4455] : renamed from bond0 (while UP) [ 344.952148][ T4505] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11568'. [ 345.852153][ T4543] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11575'. [ 346.030248][ T4566] loop2: detected capacity change from 0 to 1024 [ 346.054716][ T4566] EXT4-fs: Ignoring removed bh option [ 346.094885][ T4566] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.11585: inode #78: comm syz.2.11585: iget: illegal inode # [ 346.121048][ T4573] loop5: detected capacity change from 0 to 128 [ 346.128229][ T4566] EXT4-fs (loop2): Remounting filesystem read-only [ 346.141023][ T4566] EXT4-fs warning (device loop2): ext4_xattr_block_set:2190: inode #19: comm syz.2.11585: dec ref error=-30 [ 346.393847][ T6601] nci: nci_ntf_packet: unknown ntf opcode 0x127 [ 346.454591][ T4615] loop6: detected capacity change from 0 to 128 [ 347.283940][ T4679] netlink: 264 bytes leftover after parsing attributes in process `syz.5.11623'. [ 347.313976][ T4683] rdma_op ffff888114ea1d80 conn xmit_rdma 0000000000000000 [ 347.486220][ T4718] netlink: 148 bytes leftover after parsing attributes in process `syz.3.11638'. [ 347.628604][ T4736] loop2: detected capacity change from 0 to 2048 [ 347.727465][ T4736] loop2: p1 p3 p4 [ 347.742127][ T4739] lo speed is unknown, defaulting to 1000 [ 347.760488][ T4736] loop2: p4 size 589824 extends beyond EOD, truncated [ 348.079371][ T29] kauditd_printk_skb: 1242 callbacks suppressed [ 348.079397][ T29] audit: type=1400 audit(332.250:15517): avc: denied { read } for pid=4788 comm="syz.3.11653" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 348.108855][ T29] audit: type=1400 audit(332.250:15518): avc: denied { open } for pid=4788 comm="syz.3.11653" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 348.229581][ T4797] program syz.2.11656 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 348.245768][ T29] audit: type=1400 audit(332.307:15519): avc: denied { ioctl } for pid=4788 comm="syz.3.11653" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 348.270644][ T29] audit: type=1326 audit(332.353:15520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4795 comm="syz.3.11657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 348.293919][ T29] audit: type=1326 audit(332.353:15521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4795 comm="syz.3.11657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 348.317025][ T29] audit: type=1326 audit(332.353:15522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4795 comm="syz.3.11657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 348.340345][ T29] audit: type=1326 audit(332.353:15523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4795 comm="syz.3.11657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 348.363367][ T29] audit: type=1326 audit(332.353:15524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4795 comm="syz.3.11657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 348.386376][ T29] audit: type=1326 audit(332.353:15525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4795 comm="syz.3.11657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 348.409540][ T29] audit: type=1326 audit(332.353:15526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4795 comm="syz.3.11657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 348.549796][ T4813] loop5: detected capacity change from 0 to 128 [ 348.556612][ T4810] loop2: detected capacity change from 0 to 512 [ 348.561388][ T4813] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 348.571063][ T4813] FAT-fs (loop5): Filesystem has been set read-only [ 348.577774][ T4813] bio_check_eod: 57045 callbacks suppressed [ 348.577791][ T4813] syz.5.11658: attempt to access beyond end of device [ 348.577791][ T4813] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 348.597886][ T4813] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 348.605748][ T4813] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 348.609553][ T4810] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.11662: bad orphan inode 11862016 [ 348.625396][ T4813] syz.5.11658: attempt to access beyond end of device [ 348.625396][ T4813] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 348.639996][ T4811] syz.5.11658: attempt to access beyond end of device [ 348.639996][ T4811] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 348.654351][ T4813] syz.5.11658: attempt to access beyond end of device [ 348.654351][ T4813] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 348.670322][ T4813] syz.5.11658: attempt to access beyond end of device [ 348.670322][ T4813] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 348.686909][ T4811] syz.5.11658: attempt to access beyond end of device [ 348.686909][ T4811] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 348.702506][ T4813] syz.5.11658: attempt to access beyond end of device [ 348.702506][ T4813] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 348.716374][ T4811] syz.5.11658: attempt to access beyond end of device [ 348.716374][ T4811] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 348.731396][ T4813] syz.5.11658: attempt to access beyond end of device [ 348.731396][ T4813] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 348.745512][ T4813] syz.5.11658: attempt to access beyond end of device [ 348.745512][ T4813] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 348.801584][ T4830] netlink: 264 bytes leftover after parsing attributes in process `syz.1.11666'. [ 349.482922][ T4860] program syz.6.11681 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 349.550077][ T4869] loop6: detected capacity change from 0 to 512 [ 349.579474][ T4869] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.11684: bad orphan inode 11862016 [ 349.591265][ T4869] ext4 filesystem being mounted at /584/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 349.952333][ T4894] 9pnet_fd: Insufficient options for proto=fd [ 349.979872][ T4896] loop2: detected capacity change from 0 to 1024 [ 350.157811][ T4903] loop2: detected capacity change from 0 to 1024 [ 350.195601][ T4903] EXT4-fs: Ignoring removed nobh option [ 350.201305][ T4903] EXT4-fs: Ignoring removed nobh option [ 350.209617][ T4903] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 350.221118][ T4903] EXT4-fs error (device loop2): ext4_get_journal_inode:5806: comm syz.2.11695: inode #4294967295: comm syz.2.11695: iget: illegal inode # [ 350.238136][ T4903] EXT4-fs (loop2): no journal found [ 350.243401][ T4903] EXT4-fs (loop2): can't get journal size [ 350.252491][ T4903] EXT4-fs (loop2): failed to initialize system zone (-22) [ 350.261028][ T4903] EXT4-fs (loop2): mount failed [ 350.303575][ T4910] macvtap0: refused to change device tx_queue_len [ 350.356698][ T4916] loop2: detected capacity change from 0 to 764 [ 350.375459][ T4916] Symlink component flag not implemented [ 350.381348][ T4916] Symlink component flag not implemented [ 350.387410][ T4916] Symlink component flag not implemented (129) [ 350.393750][ T4916] Symlink component flag not implemented (6) [ 350.400451][ T4916] rock: directory entry would overflow storage [ 350.406772][ T4916] rock: sig=0x4f50, size=4, remaining=3 [ 350.412556][ T4916] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 350.480599][ T4926] netlink: 148 bytes leftover after parsing attributes in process `syz.2.11701'. [ 350.604335][ T4939] netlink: 'syz.5.11705': attribute type 1 has an invalid length. [ 350.639785][ T4942] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11706'. [ 350.649076][ T4942] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11706'. [ 350.748528][ T4952] netlink: 40 bytes leftover after parsing attributes in process `syz.5.11710'. [ 350.992086][ T4975] lo speed is unknown, defaulting to 1000 [ 351.742125][ T5053] SELinux: ebitmap: truncated map [ 351.749821][ T5053] SELinux: failed to load policy [ 351.973038][ T5074] netlink: 'syz.2.11751': attribute type 12 has an invalid length. [ 351.984362][ T5072] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11749'. [ 351.993604][ T5072] netlink: 40 bytes leftover after parsing attributes in process `syz.1.11749'. [ 352.017508][ T5072] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11749'. [ 352.021050][ T5082] loop6: detected capacity change from 0 to 1024 [ 352.050064][ T5082] EXT4-fs: Ignoring removed orlov option [ 352.077480][ T5082] EXT4-fs mount: 14 callbacks suppressed [ 352.077499][ T5082] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 352.134046][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.218416][ T5113] loop6: detected capacity change from 0 to 512 [ 352.278802][ T5113] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.310468][ T5113] ext4 filesystem being mounted at /605/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 352.326155][ T5113] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.11765: corrupted inode contents [ 352.339246][ T5113] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #2: comm syz.6.11765: mark_inode_dirty error [ 352.352315][ T5113] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.11765: corrupted inode contents [ 352.364615][ T5113] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.11765: mark_inode_dirty error [ 352.383038][ T5113] SELinux: Context system_u:object_r:gpg_exec_t:s0 is not valid (left unmapped). [ 352.407898][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.512945][ T5133] ip6tnl0: Caught tx_queue_len zero misconfig [ 352.603639][ T5143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 352.619580][ T5143] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 352.649482][ T5149] syzkaller1: entered promiscuous mode [ 352.655104][ T5149] syzkaller1: entered allmulticast mode [ 352.831406][ T5179] loop5: detected capacity change from 0 to 512 [ 352.858693][ T5179] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.873129][ T5179] ext4 filesystem being mounted at /1875/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 352.955026][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.174017][ T5214] lo speed is unknown, defaulting to 1000 [ 353.369213][ T37] hid_parser_main: 436 callbacks suppressed [ 353.369231][ T37] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 353.409717][ T37] hid-generic 0000:0000:0000.000F: hidraw0: HID v0.00 Device [syz1] on syz0 [ 353.491950][ T29] kauditd_printk_skb: 1267 callbacks suppressed [ 353.491969][ T29] audit: type=1326 audit(2000000002.983:16794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5289 comm="syz.3.11820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 353.548695][ T29] audit: type=1326 audit(2000000003.011:16795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5289 comm="syz.3.11820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 353.572758][ T29] audit: type=1326 audit(2000000003.011:16796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5289 comm="syz.3.11820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 353.596474][ T29] audit: type=1326 audit(2000000003.011:16797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5289 comm="syz.3.11820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 353.620180][ T29] audit: type=1326 audit(2000000003.011:16798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5289 comm="syz.3.11820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65a155eec9 code=0x7ffc0000 [ 353.676943][ T5295] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649 [ 353.812649][ T29] audit: type=1326 audit(2000000003.283:16799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.5.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b9213eec9 code=0x7ffc0000 [ 353.847845][ T29] audit: type=1326 audit(2000000003.283:16800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.5.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f7b9213eec9 code=0x7ffc0000 [ 353.871843][ T29] audit: type=1326 audit(2000000003.283:16801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.5.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b9213eec9 code=0x7ffc0000 [ 353.895858][ T29] audit: type=1326 audit(2000000003.301:16802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.5.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b9213eec9 code=0x7ffc0000 [ 353.942456][ T5316] netlink: 'syz.1.11831': attribute type 1 has an invalid length. [ 353.950391][ T5316] netlink: 'syz.1.11831': attribute type 6 has an invalid length. [ 353.958416][ T5316] netlink: 'syz.1.11831': attribute type 3 has an invalid length. [ 353.966249][ T5316] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11831'. [ 353.977335][ T5318] netlink: 8 bytes leftover after parsing attributes in process `+}[@'. [ 353.997433][ T29] audit: type=1400 audit(2000000003.451:16803): avc: denied { bind } for pid=5319 comm="syz.1.11833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 354.152526][ T5339] netlink: 28 bytes leftover after parsing attributes in process `syz.5.11842'. [ 354.596922][ T5418] netlink: 'syz.1.11869': attribute type 15 has an invalid length. [ 354.605112][ T5418] netlink: 'syz.1.11869': attribute type 18 has an invalid length. [ 354.616521][ T5418] vxlan1: entered promiscuous mode [ 354.767683][ T5439] loop3: detected capacity change from 0 to 512 [ 354.776810][ T5439] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.11877: error while reading EA inode 32 err=-116 [ 354.789808][ T5439] EXT4-fs (loop3): Remounting filesystem read-only [ 354.797155][ T5439] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 354.807360][ T5439] EXT4-fs (loop3): 1 orphan inode deleted [ 354.813706][ T5439] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 354.837313][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.943762][ T5460] netlink: 'syz.6.11884': attribute type 21 has an invalid length. [ 354.961454][ T5460] netlink: 'syz.6.11884': attribute type 21 has an invalid length. [ 354.970601][ T6606] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 354.981714][ T6606] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 354.992142][ T6606] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 355.012725][ T6606] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 355.056271][ T5469] loop5: detected capacity change from 0 to 164 [ 355.066067][ T5469] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 355.075704][ T5469] SELinux: Context system_u:object_r:initrc_var_run_t:s0 is not valid (left unmapped). [ 355.114130][ T5478] sd 0:0:1:0: device reset [ 355.144413][ T5480] netem: change failed [ 355.233391][ T5488] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 355.326947][ T5500] loop5: detected capacity change from 0 to 512 [ 355.335383][ T5500] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.11900: error while reading EA inode 32 err=-116 [ 355.348863][ T5500] EXT4-fs (loop5): Remounting filesystem read-only [ 355.355616][ T5500] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 355.366656][ T5500] EXT4-fs (loop5): 1 orphan inode deleted [ 355.373215][ T5500] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 355.400556][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.812220][ T5532] loop2: detected capacity change from 0 to 512 [ 355.834201][ T5532] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.11913: error while reading EA inode 32 err=-116 [ 355.848897][ T5532] EXT4-fs (loop2): Remounting filesystem read-only [ 355.857323][ T5532] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 355.889609][ T5532] EXT4-fs (loop2): 1 orphan inode deleted [ 355.904983][ T5532] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 355.952147][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.053766][ T5555] __nla_validate_parse: 12 callbacks suppressed [ 356.053788][ T5555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11920'. [ 356.069491][ T5555] netlink: 20 bytes leftover after parsing attributes in process `syz.2.11920'. [ 356.267536][ T5567] loop2: detected capacity change from 0 to 1024 [ 356.275059][ T5567] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 356.302962][ T5567] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 356.315543][ T5567] EXT4-fs (loop2): orphan cleanup on readonly fs [ 356.328193][ T5567] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.11928: Freeing blocks not in datazone - block = 0, count = 4096 [ 356.353310][ T5567] EXT4-fs (loop2): 1 orphan inode deleted [ 356.361902][ T5567] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 356.473995][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.499004][ T5581] loop5: detected capacity change from 0 to 1024 [ 356.526530][ T5581] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 356.629618][T10157] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.708267][ T5597] loop2: detected capacity change from 0 to 512 [ 356.783273][ T5597] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.11938: iget: bad i_size value: 38620345925642 [ 356.797686][ T5597] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.11938: couldn't read orphan inode 15 (err -117) [ 356.810870][ T5597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 356.840967][ T6601] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm kworker/u8:53: bg 0: block 5: invalid block bitmap [ 356.873295][ T6601] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 5 with error 28 [ 356.885747][ T6601] EXT4-fs (loop2): This should not happen!! Data will be lost [ 356.885747][ T6601] [ 356.895513][ T6601] EXT4-fs (loop2): Total free blocks count 0 [ 356.901539][ T6601] EXT4-fs (loop2): Free/Dirty block details [ 356.907449][ T6601] EXT4-fs (loop2): free_blocks=0 [ 356.912558][ T6601] EXT4-fs (loop2): dirty_blocks=5 [ 356.917649][ T6601] EXT4-fs (loop2): Block reservation details [ 356.923662][ T6601] EXT4-fs (loop2): i_reserved_data_blocks=5 [ 356.944748][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.027448][ T5619] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11945'. [ 357.061573][ T5619] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11945'. [ 357.074167][ T5619] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11945'. [ 357.095896][ T5619] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11945'. [ 357.112387][ T5619] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11945'. [ 357.133045][ T5619] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11945'. [ 357.209980][ T5641] loop2: detected capacity change from 0 to 128 [ 357.232366][ T5641] EXT4-fs: Ignoring removed nobh option [ 357.247430][ T5641] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 357.269393][ T5641] ext4 filesystem being mounted at /2251/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 357.306820][ T3304] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 357.375657][ T5657] loop5: detected capacity change from 0 to 128 [ 357.409991][ T5664] loop6: detected capacity change from 0 to 1024 [ 357.438806][ T5657] bio_check_eod: 24415 callbacks suppressed [ 357.438875][ T5657] gtp: attempt to access beyond end of device [ 357.438875][ T5657] loop5: rw=2049, sector=138, nr_sectors = 8 limit=128 [ 357.459778][ T5657] gtp: attempt to access beyond end of device [ 357.459778][ T5657] loop5: rw=2049, sector=146, nr_sectors = 6 limit=128 [ 357.488593][ T5664] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 357.509667][ T5657] gtp: attempt to access beyond end of device [ 357.509667][ T5657] loop5: rw=2049, sector=150, nr_sectors = 2 limit=128 [ 357.522878][ T5657] Buffer I/O error on dev loop5, logical block 75, lost async page write [ 357.573158][ T5657] gtp: attempt to access beyond end of device [ 357.573158][ T5657] loop5: rw=2049, sector=152, nr_sectors = 2 limit=128 [ 357.586212][ T5657] Buffer I/O error on dev loop5, logical block 76, lost async page write [ 357.617884][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.629577][ T5657] gtp: attempt to access beyond end of device [ 357.629577][ T5657] loop5: rw=2049, sector=170, nr_sectors = 6 limit=128 [ 357.643582][ T5657] gtp: attempt to access beyond end of device [ 357.643582][ T5657] loop5: rw=2049, sector=174, nr_sectors = 2 limit=128 [ 357.656493][ T5657] Buffer I/O error on dev loop5, logical block 87, lost async page write [ 357.669173][ T5657] gtp: attempt to access beyond end of device [ 357.669173][ T5657] loop5: rw=2049, sector=176, nr_sectors = 2 limit=128 [ 357.682178][ T5657] Buffer I/O error on dev loop5, logical block 88, lost async page write [ 357.862935][ T5689] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11971'. [ 357.883976][ T5689] netlink: 'syz.2.11971': attribute type 1 has an invalid length. [ 357.919206][ T5657] gtp: attempt to access beyond end of device [ 357.919206][ T5657] loop5: rw=2049, sector=178, nr_sectors = 6 limit=128 [ 357.970162][ T5657] gtp: attempt to access beyond end of device [ 357.970162][ T5657] loop5: rw=2049, sector=182, nr_sectors = 2 limit=128 [ 357.983477][ T5657] Buffer I/O error on dev loop5, logical block 91, lost async page write [ 358.020794][ T5657] gtp: attempt to access beyond end of device [ 358.020794][ T5657] loop5: rw=2049, sector=184, nr_sectors = 2 limit=128 [ 358.033940][ T5657] Buffer I/O error on dev loop5, logical block 92, lost async page write [ 358.064467][ T5657] Buffer I/O error on dev loop5, logical block 103, lost async page write [ 358.073033][ T5657] Buffer I/O error on dev loop5, logical block 104, lost async page write [ 358.096390][ T5657] Buffer I/O error on dev loop5, logical block 107, lost async page write [ 358.104954][ T5657] Buffer I/O error on dev loop5, logical block 108, lost async page write [ 358.830040][ T5722] netlink: 'syz.2.11981': attribute type 83 has an invalid length. [ 358.864046][ T29] kauditd_printk_skb: 198 callbacks suppressed [ 358.864063][ T29] audit: type=1400 audit(2000000007.997:17002): avc: denied { create } for pid=5726 comm="syz.1.11985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 358.894910][ T29] audit: type=1400 audit(2000000008.035:17003): avc: denied { mount } for pid=5730 comm="syz.2.11987" name="/" dev="ramfs" ino=93740 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 358.898065][ T5727] dummy0: entered allmulticast mode [ 358.919879][ T29] audit: type=1400 audit(2000000008.035:17004): avc: denied { setopt } for pid=5726 comm="syz.1.11985" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 358.935294][ T5727] dummy0: left allmulticast mode [ 358.966723][ T29] audit: type=1400 audit(2000000008.100:17005): avc: denied { read write } for pid=5734 comm="syz.2.11989" name="uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 358.990655][ T29] audit: type=1400 audit(2000000008.100:17006): avc: denied { open } for pid=5734 comm="syz.2.11989" path="/dev/uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 359.026179][ T29] audit: type=1400 audit(2000000008.147:17007): avc: denied { create } for pid=5738 comm="syz.5.11992" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 359.050454][ T29] audit: type=1400 audit(2000000008.166:17008): avc: denied { write } for pid=5719 comm="syz.3.11980" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 359.074919][ T29] audit: type=1400 audit(2000000008.184:17009): avc: denied { ioctl } for pid=5719 comm="syz.3.11980" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 359.100913][ T29] audit: type=1400 audit(2000000008.184:17010): avc: denied { connect } for pid=5738 comm="syz.5.11992" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 359.146334][ T29] audit: type=1400 audit(2000000008.268:17011): avc: denied { create } for pid=5747 comm="syz.2.11996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 359.227327][ T5759] loop2: detected capacity change from 0 to 1024 [ 359.238752][ T5759] EXT4-fs: Ignoring removed bh option [ 359.254173][ T5759] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 359.274063][ T5759] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 359.297124][ T5772] netlink: 96 bytes leftover after parsing attributes in process `syz.5.12004'. [ 359.329301][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.575140][ T5820] program syz.1.12023 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 359.587421][ T5820] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 359.633670][ T5835] netlink: 'syz.2.12027': attribute type 1 has an invalid length. [ 359.652215][ T5835] bond6: entered promiscuous mode [ 359.658149][ T5835] 8021q: adding VLAN 0 to HW filter on device bond6 [ 359.659663][ T5824] Falling back ldisc for ttyS3. [ 359.694279][ T5835] 8021q: adding VLAN 0 to HW filter on device bond7 [ 359.703311][ T5835] bond6: (slave bond7): making interface the new active one [ 359.710872][ T5835] bond7: entered promiscuous mode [ 359.717043][ T5835] bond6: (slave bond7): Enslaving as an active interface with an up link [ 359.746111][ T5911] loop6: detected capacity change from 0 to 512 [ 359.767184][ T5911] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.780432][ T5911] ext4 filesystem being mounted at /649/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 359.822517][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.940685][ T5939] lo speed is unknown, defaulting to 1000 [ 360.120072][ T5980] netlink: 'syz.6.12044': attribute type 1 has an invalid length. [ 360.149051][ T5980] bond4: entered promiscuous mode [ 360.158935][ T5980] 8021q: adding VLAN 0 to HW filter on device bond4 [ 360.209586][ T6014] 8021q: adding VLAN 0 to HW filter on device bond5 [ 360.221240][ T6014] bond4: (slave bond5): making interface the new active one [ 360.228680][ T6014] bond5: entered promiscuous mode [ 360.239909][ T6014] bond4: (slave bond5): Enslaving as an active interface with an up link [ 360.310359][ T6041] lo speed is unknown, defaulting to 1000 [ 360.517518][ T6085] loop6: detected capacity change from 0 to 1024 [ 360.525068][ T6085] EXT4-fs: Ignoring removed orlov option [ 360.536708][ T6085] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 360.568683][ T6090] netlink: 'syz.3.12053': attribute type 39 has an invalid length. [ 360.723723][ T6099] SELinux: ebitmap: truncated map [ 360.731864][ T6099] SELinux: failed to load policy [ 360.901387][ T6122] loop3: detected capacity change from 0 to 1024 [ 360.917115][ T6122] EXT4-fs: Ignoring removed orlov option [ 360.932990][ T6122] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 360.959336][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.240925][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.250524][ T6146] SELinux: ebitmap: truncated map [ 361.257950][ T6146] SELinux: failed to load policy [ 361.435373][ T6156] lo speed is unknown, defaulting to 1000 [ 361.515978][ T6174] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 361.522741][ T6174] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 361.530566][ T6174] vhci_hcd vhci_hcd.0: Device attached [ 361.568992][ T6172] loop6: detected capacity change from 0 to 512 [ 361.580704][ T6176] vhci_hcd: connection closed [ 361.582140][ T6576] vhci_hcd: stop threads [ 361.591300][ T6576] vhci_hcd: release socket [ 361.595992][ T6576] vhci_hcd: disconnect device [ 361.615340][ T6172] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 361.633718][ T6172] ext4 filesystem being mounted at /664/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 361.703680][ T6209] SELinux: security_context_str_to_sid () failed with errno=-22 [ 361.703977][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.732057][ T6211] netlink: 'syz.1.12090': attribute type 1 has an invalid length. [ 361.759411][ T6211] bond6: entered promiscuous mode [ 361.773175][ T6211] 8021q: adding VLAN 0 to HW filter on device bond6 [ 361.781257][ T6254] loop6: detected capacity change from 0 to 1024 [ 361.811410][ T6254] EXT4-fs: Ignoring removed orlov option [ 361.817632][ T6254] EXT4-fs: Ignoring removed nomblk_io_submit option [ 361.830092][ T6211] 8021q: adding VLAN 0 to HW filter on device bond7 [ 361.839645][ T6211] bond6: (slave bond7): making interface the new active one [ 361.847152][ T6211] bond7: entered promiscuous mode [ 361.853462][ T6211] bond6: (slave bond7): Enslaving as an active interface with an up link [ 361.866333][ T6254] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 361.991426][T28616] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.003106][ T6303] __nla_validate_parse: 7 callbacks suppressed [ 362.003127][ T6303] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12098'. [ 362.018905][ T6303] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12098'. [ 362.039943][ T6309] netlink: 24 bytes leftover after parsing attributes in process `syz.6.12100'. [ 362.049365][ T6305] loop5: detected capacity change from 0 to 512 [ 362.056699][ T6309] netlink: 48 bytes leftover after parsing attributes in process `syz.6.12100'. [ 362.059489][ T6305] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 362.107694][ T6319] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6319 comm=syz.6.12104 [ 362.120350][ T6319] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6319 comm=syz.6.12104 [ 362.285728][ T6349] netlink: 'syz.6.12128': attribute type 1 has an invalid length. [ 362.303935][ T6349] 8021q: adding VLAN 0 to HW filter on device bond6 [ 362.323594][ T6349] bond6: (slave geneve2): making interface the new active one [ 362.332772][ T6349] bond6: (slave geneve2): Enslaving as an active interface with an up link [ 362.384153][ T6389] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649 [ 362.448424][ T6398] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12124'. [ 362.457977][ T6398] netlink: 28 bytes leftover after parsing attributes in process `syz.5.12124'. [ 362.467564][ T6398] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12124'. [ 362.477974][ T6398] netlink: 28 bytes leftover after parsing attributes in process `syz.5.12124'. [ 362.487268][ T6398] netlink: 'syz.5.12124': attribute type 6 has an invalid length. [ 362.571860][ T6416] netlink: 'syz.5.12134': attribute type 1 has an invalid length. [ 362.577381][ T6418] loop2: detected capacity change from 0 to 1024 [ 362.587230][ T6418] EXT4-fs: Ignoring removed orlov option [ 362.598567][ T6418] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 362.619245][ T6416] 8021q: adding VLAN 0 to HW filter on device bond0 [ 362.694907][ T6458] ================================================================== [ 362.703058][ T6458] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode [ 362.712484][ T6458] [ 362.714835][ T6458] write to 0xffff88811a53ba18 of 4 bytes by task 6418 on cpu 0: [ 362.722488][ T6458] writeback_single_inode+0x150/0x3f0 [ 362.728046][ T6458] sync_inode_metadata+0x5b/0x90 [ 362.733024][ T6458] generic_buffers_fsync_noflush+0xd9/0x120 [ 362.739035][ T6458] ext4_sync_file+0x1ab/0x690 [ 362.743756][ T6458] vfs_fsync_range+0x10d/0x130 [ 362.748628][ T6458] ext4_buffered_write_iter+0x34f/0x3c0 [ 362.754203][ T6458] ext4_file_write_iter+0x383/0xf00 [ 362.759421][ T6458] iter_file_splice_write+0x663/0xa60 [ 362.764815][ T6458] direct_splice_actor+0x156/0x2a0 [ 362.770034][ T6458] splice_direct_to_actor+0x312/0x680 [ 362.775608][ T6458] do_splice_direct+0xda/0x150 [ 362.780566][ T6458] do_sendfile+0x380/0x650 [ 362.784996][ T6458] __x64_sys_sendfile64+0x105/0x150 [ 362.790211][ T6458] x64_sys_call+0x2bb4/0x3000 [ 362.794900][ T6458] do_syscall_64+0xd2/0x200 [ 362.799424][ T6458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.805594][ T6458] [ 362.807925][ T6458] read to 0xffff88811a53ba18 of 4 bytes by task 6458 on cpu 1: [ 362.815477][ T6458] generic_buffers_fsync_noflush+0x80/0x120 [ 362.821488][ T6458] ext4_sync_file+0x1ab/0x690 [ 362.826186][ T6458] vfs_fsync_range+0x10d/0x130 [ 362.830977][ T6458] ext4_buffered_write_iter+0x34f/0x3c0 [ 362.836551][ T6458] ext4_file_write_iter+0x383/0xf00 [ 362.841787][ T6458] iter_file_splice_write+0x663/0xa60 [ 362.847301][ T6458] direct_splice_actor+0x156/0x2a0 [ 362.852518][ T6458] splice_direct_to_actor+0x312/0x680 [ 362.858000][ T6458] do_splice_direct+0xda/0x150 [ 362.862972][ T6458] do_sendfile+0x380/0x650 [ 362.867400][ T6458] __x64_sys_sendfile64+0x105/0x150 [ 362.872876][ T6458] x64_sys_call+0x2bb4/0x3000 [ 362.877667][ T6458] do_syscall_64+0xd2/0x200 [ 362.882314][ T6458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.888219][ T6458] [ 362.890805][ T6458] value changed: 0x00000070 -> 0x00000002 [ 362.896530][ T6458] [ 362.898883][ T6458] Reported by Kernel Concurrency Sanitizer on: [ 362.905068][ T6458] CPU: 1 UID: 0 PID: 6458 Comm: syz.2.12135 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 362.916550][ T6458] Tainted: [W]=WARN [ 362.920366][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 362.930693][ T6458] ================================================================== [ 363.135902][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.