last executing test programs: 41.333044764s ago: executing program 4 (id=8141): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@tcp6, 0x1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) getegid() 41.277192355s ago: executing program 4 (id=8147): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="440000001000370400000000fcdbd42500000000", @ANYRES32=r2, @ANYBLOB="8345050001000000240012800b000100697036746e6c00001400028008000100", @ANYRES32=r2, @ANYBLOB='\b\x00\b\x00;'], 0x44}, 0x1, 0x0, 0x0, 0x4000080}, 0x40040c0) sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty}}}], 0x20}}], 0x1, 0x80) 41.212264486s ago: executing program 4 (id=8154): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x1e, 0x4, 0x0) sendmsg$tipc(r2, &(0x7f0000000200)={&(0x7f00000002c0)=@id={0x1e, 0x3, 0x2, {0x4e20}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x840) 41.157489716s ago: executing program 4 (id=8157): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000000), 0x1, 0x4bb, &(0x7f0000000580)="$eJzs3cuLXFUaAPCvqtLP9EweMwxJBiaBDGQepKsfDOmemcUMDMzMIjBMwI1CbLsrbUx1V9NVHdNNFh3dZeFCFAVx4d6/wI1ZGQVxrXtxIRGNLagglNxbVUm/KpaxUyV9fz+o9Dn33NR3Thff4da59/YNILNOJf/kIkYi4oOIONSobt3hVOPHxt3rs8krF/X6hc9z6X5JvbVr6/8djIj1iBiMiP//O+Kp3M641dW1KzPlcmm5WS/WFpaK1dW1s5cXZuZL86XF8alz09NTY5MT03s21psvPHPz/Fv/7X/z6+fv3H7xnbeTbo002zaPYy81ht4XRzZtOxARf38UwXqg0BzPUK87wkNJPr9fRcTpNP8PRSH9NIEsqNfr9e/qA+2a1+vAvpVPj4Fz+dGIaJTz/6qPNo7hfx3D+XKlWvvzpcrK4lzjWPlw9OUvXS6XxprfFQ5HXy6pj6fl+/WJbfXJiPQY+KXCUFofna2U57o71QHbHNyW/18V8vnRpBJ/6nXXgG7wlR+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/IpP+dP5+86q373+eurq5cqVw9O5fMCQsrs6OzleWl0flKZT69Z2fhh96vXKksjf8lVq4Va6VqrVhdXbu4UFlZrF1M7+u/WOrryqiAThw5eeujXESs/3UofSX6m21yFfa3ej0Xvb4HGeiNQq8nIKBnLP1BdvmOD+zyJ3q3GGzXsLT3fQG6I9/rDgA9c+a483+QVdb/Ibus/0N2OcYHrP9D9lj/h+wa2fn8r/T5P7/Y9OyusYj4ZUR8WOgbaD3rC9gP8p/mmsf/Zw79fmR7a3/um/QUQX9EPPvahVeuzdRqy+PJ9i/uba+92tw+0Yv+A51q5WkrjwGA7Nq4e3229epm3M/+2bgIYWf8A821ycH0HOXwRm7LtQq5Pbp2Yf1GRBzbLX6u+bzzxpmP4Y3CjvhHmz9zjbdI+3sgfW56d+If3xT/d5vin/jJvxXIhlvJ/DO2W/7l05yOe/m3df4Z2aNrJ9rPf/l781+hzfx3ssMYT7/+3Cdt49+IOLFr/Fa8wTTW9vhJ3850GP/OE4/9pl1b/Y3G++wWvyUpFWsLS8Xq6trZ9O/IzZcWx6fOTU9PjU1OTBfTNepia6V6p78de//2g8Y/3CZ+u/H/o9mnP3Y4/m9/+97jpx4Q/w+nd//8j7aJnxj6EU/o/3Li4yfbtSXx59qMP78z/rvD0WqNmOwwfvXl/wx0uCsA0AXV1bUrM+VyaVlBQeEhCgM/j27seaHXMxPwqN1P+l73BAAAAAAAAAAAAOhUNy4n7vUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g+8DAAD//3bC1tg=") open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0) 40.795374582s ago: executing program 4 (id=8172): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) bind$can_raw(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) close(r0) 40.557382525s ago: executing program 4 (id=8177): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) writev(r2, &(0x7f0000000040)=[{&(0x7f0000002500)='\f7', 0x2}, {&(0x7f0000000000)='0', 0x1}], 0x2) 40.513892976s ago: executing program 32 (id=8177): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) writev(r2, &(0x7f0000000040)=[{&(0x7f0000002500)='\f7', 0x2}, {&(0x7f0000000000)='0', 0x1}], 0x2) 40.507898336s ago: executing program 3 (id=8181): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="64000000020101040000000000000000020001014400028006000340000400041400018008000100ac14142a08000200ac1e0001060003400003000014000180080001000000000008000200ac1414aa06000340000200000c0019800800020006"], 0x64}, 0x1, 0x0, 0x0, 0x8800}, 0x80) 40.371662908s ago: executing program 3 (id=8183): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = semget$private(0x0, 0x3, 0x12) semctl$IPC_RMID(r2, 0x0, 0x0) 40.369378928s ago: executing program 3 (id=8194): munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0xb, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) 40.331130738s ago: executing program 3 (id=8186): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000000), 0x1, 0x4bb, &(0x7f0000000580)="$eJzs3cuLXFUaAPCvqtLP9EweMwxJBiaBDGQepKsfDOmemcUMDMzMIjBMwI1CbLsrbUx1V9NVHdNNFh3dZeFCFAVx4d6/wI1ZGQVxrXtxIRGNLagglNxbVUm/KpaxUyV9fz+o9Dn33NR3Thff4da59/YNILNOJf/kIkYi4oOIONSobt3hVOPHxt3rs8krF/X6hc9z6X5JvbVr6/8djIj1iBiMiP//O+Kp3M641dW1KzPlcmm5WS/WFpaK1dW1s5cXZuZL86XF8alz09NTY5MT03s21psvPHPz/Fv/7X/z6+fv3H7xnbeTbo002zaPYy81ht4XRzZtOxARf38UwXqg0BzPUK87wkNJPr9fRcTpNP8PRSH9NIEsqNfr9e/qA+2a1+vAvpVPj4Fz+dGIaJTz/6qPNo7hfx3D+XKlWvvzpcrK4lzjWPlw9OUvXS6XxprfFQ5HXy6pj6fl+/WJbfXJiPQY+KXCUFofna2U57o71QHbHNyW/18V8vnRpBJ/6nXXgG7wlR+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/IpP+dP5+86q373+eurq5cqVw9O5fMCQsrs6OzleWl0flKZT69Z2fhh96vXKksjf8lVq4Va6VqrVhdXbu4UFlZrF1M7+u/WOrryqiAThw5eeujXESs/3UofSX6m21yFfa3ej0Xvb4HGeiNQq8nIKBnLP1BdvmOD+zyJ3q3GGzXsLT3fQG6I9/rDgA9c+a483+QVdb/Ibus/0N2OcYHrP9D9lj/h+wa2fn8r/T5P7/Y9OyusYj4ZUR8WOgbaD3rC9gP8p/mmsf/Zw79fmR7a3/um/QUQX9EPPvahVeuzdRqy+PJ9i/uba+92tw+0Yv+A51q5WkrjwGA7Nq4e3229epm3M/+2bgIYWf8A821ycH0HOXwRm7LtQq5Pbp2Yf1GRBzbLX6u+bzzxpmP4Y3CjvhHmz9zjbdI+3sgfW56d+If3xT/d5vin/jJvxXIhlvJ/DO2W/7l05yOe/m3df4Z2aNrJ9rPf/l781+hzfx3ssMYT7/+3Cdt49+IOLFr/Fa8wTTW9vhJ3850GP/OE4/9pl1b/Y3G++wWvyUpFWsLS8Xq6trZ9O/IzZcWx6fOTU9PjU1OTBfTNepia6V6p78de//2g8Y/3CZ+u/H/o9mnP3Y4/m9/+97jpx4Q/w+nd//8j7aJnxj6EU/o/3Li4yfbtSXx59qMP78z/rvD0WqNmOwwfvXl/wx0uCsA0AXV1bUrM+VyaVlBQeEhCgM/j27seaHXMxPwqN1P+l73BAAAAAAAAAAAAOhUNy4n7vUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g+8DAAD//3bC1tg=") open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0) 39.896449305s ago: executing program 3 (id=8198): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x898, 0x30, 0xffff, 0x3, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE64={0xc, 0xb}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffff, 0x0, 0x894e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x8, 0x0, 0x0, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0) 39.506823271s ago: executing program 3 (id=8205): r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10) write$selinux_load(r0, &(0x7f0000000100)={0xf97cff8c, 0x8}, 0xa) 39.457989372s ago: executing program 33 (id=8205): r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10) write$selinux_load(r0, &(0x7f0000000100)={0xf97cff8c, 0x8}, 0xa) 36.537255586s ago: executing program 5 (id=8227): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x898, 0x30, 0xffff, 0x3, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE64={0xc, 0xb}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffff, 0x0, 0x894e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x8, 0x0, 0x0, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0) 36.484721717s ago: executing program 5 (id=8228): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r2, &(0x7f0000000000)={0x27, 0x2}, 0x6) 36.265786391s ago: executing program 5 (id=8240): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x6, 0x0) syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x2000414, &(0x7f0000000340)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000540)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==") r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000080)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000880)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) 36.165498832s ago: executing program 5 (id=8232): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000000), 0x1, 0x4bb, &(0x7f0000000580)="$eJzs3cuLXFUaAPCvqtLP9EweMwxJBiaBDGQepKsfDOmemcUMDMzMIjBMwI1CbLsrbUx1V9NVHdNNFh3dZeFCFAVx4d6/wI1ZGQVxrXtxIRGNLagglNxbVUm/KpaxUyV9fz+o9Dn33NR3Thff4da59/YNILNOJf/kIkYi4oOIONSobt3hVOPHxt3rs8krF/X6hc9z6X5JvbVr6/8djIj1iBiMiP//O+Kp3M641dW1KzPlcmm5WS/WFpaK1dW1s5cXZuZL86XF8alz09NTY5MT03s21psvPHPz/Fv/7X/z6+fv3H7xnbeTbo002zaPYy81ht4XRzZtOxARf38UwXqg0BzPUK87wkNJPr9fRcTpNP8PRSH9NIEsqNfr9e/qA+2a1+vAvpVPj4Fz+dGIaJTz/6qPNo7hfx3D+XKlWvvzpcrK4lzjWPlw9OUvXS6XxprfFQ5HXy6pj6fl+/WJbfXJiPQY+KXCUFofna2U57o71QHbHNyW/18V8vnRpBJ/6nXXgG7wlR+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/IpP+dP5+86q373+eurq5cqVw9O5fMCQsrs6OzleWl0flKZT69Z2fhh96vXKksjf8lVq4Va6VqrVhdXbu4UFlZrF1M7+u/WOrryqiAThw5eeujXESs/3UofSX6m21yFfa3ej0Xvb4HGeiNQq8nIKBnLP1BdvmOD+zyJ3q3GGzXsLT3fQG6I9/rDgA9c+a483+QVdb/Ibus/0N2OcYHrP9D9lj/h+wa2fn8r/T5P7/Y9OyusYj4ZUR8WOgbaD3rC9gP8p/mmsf/Zw79fmR7a3/um/QUQX9EPPvahVeuzdRqy+PJ9i/uba+92tw+0Yv+A51q5WkrjwGA7Nq4e3229epm3M/+2bgIYWf8A821ycH0HOXwRm7LtQq5Pbp2Yf1GRBzbLX6u+bzzxpmP4Y3CjvhHmz9zjbdI+3sgfW56d+If3xT/d5vin/jJvxXIhlvJ/DO2W/7l05yOe/m3df4Z2aNrJ9rPf/l781+hzfx3ssMYT7/+3Cdt49+IOLFr/Fa8wTTW9vhJ3850GP/OE4/9pl1b/Y3G++wWvyUpFWsLS8Xq6trZ9O/IzZcWx6fOTU9PjU1OTBfTNepia6V6p78de//2g8Y/3CZ+u/H/o9mnP3Y4/m9/+97jpx4Q/w+nd//8j7aJnxj6EU/o/3Li4yfbtSXx59qMP78z/rvD0WqNmOwwfvXl/wx0uCsA0AXV1bUrM+VyaVlBQeEhCgM/j27seaHXMxPwqN1P+l73BAAAAAAAAAAAAOhUNy4n7vUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g+8DAAD//3bC1tg=") open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0) 35.845107577s ago: executing program 5 (id=8237): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10) r1 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, 0x0, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f00000002c0)=""/4094, 0xffe}], 0x1, 0xf0, 0x3) 35.340108144s ago: executing program 5 (id=8241): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x5, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff}) ioctl$SG_BLKTRACETEARDOWN(r2, 0x1276, 0x0) 35.339962255s ago: executing program 34 (id=8241): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x5, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff}) ioctl$SG_BLKTRACETEARDOWN(r2, 0x1276, 0x0) 1.727179103s ago: executing program 6 (id=9400): socket$nl_netfilter(0x10, 0x3, 0xc) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000540), 0x42a00) r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f00000006c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1}) io_uring_enter(r0, 0x847ba, 0x4fe3, 0x63, 0x0, 0x0) 1.605635485s ago: executing program 6 (id=9402): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x0) sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000001200)="8fa35bac", 0x4}], 0x1}, 0x8800) 1.483036527s ago: executing program 6 (id=9408): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x189, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000600)='pagemap\x00') pread64(r2, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000) 1.480449707s ago: executing program 0 (id=9418): r0 = epoll_create1(0x80000) r1 = epoll_create1(0x80000) close(r0) syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0x1, 0x89}, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000280)={0x20000001}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000140)={0x77540947ad9a168d}) 1.429698888s ago: executing program 6 (id=9412): r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r1}, &(0x7f0000000540), &(0x7f0000000580)='%pS \x00'}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) write$selinux_load(r0, &(0x7f0000000000)={0xf97cff8c, 0x8}, 0x10) 1.401027908s ago: executing program 0 (id=9414): openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x80840, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = mq_open(&(0x7f00000004c0)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xednux\x02\xc7\x12\xec\xca7\xbc\x1fS\x1c\x05y\x91\xe5\x9aL\xa9u\b\x00\x00\x00\xa0pC\x19\x9b\vY\x186\xa4\xe7\x1eg{`\xfa\xf3n\x8fIj6f\xfb\x13-g\x19(a6\x18\xe24nz\x83w8\xff\xfb\x83\f\x9a\xda\xc5w\x8eo\x02\xa3\xc1\x83\x91\xc6\xfd\x8c\xc4s\x03\x16\xa4+\xce|^\x98K_0\x8a\xb0\xff~\x1e\xd92\xb4r\xd8\xe7', 0x40, 0x110, 0x0) mq_timedreceive(r1, 0x0, 0xfffffffffffffee3, 0x2000000, 0x0) 1.335363499s ago: executing program 1 (id=9416): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 1.33505003s ago: executing program 6 (id=9419): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x1000000, 0x4) 1.200268072s ago: executing program 1 (id=9421): r0 = socket$nl_route(0x10, 0x3, 0x0) creat(&(0x7f0000000080)='./file0\x00', 0x173) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x0) 1.009928955s ago: executing program 7 (id=9426): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x11, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0) sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0) 978.459875ms ago: executing program 1 (id=9427): openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x18) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") 975.417145ms ago: executing program 7 (id=9428): r0 = io_uring_setup(0x372f, &(0x7f0000000640)={0x0, 0x927a, 0x800, 0x1, 0x2de}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c00028005000300000000000800014000000001080002400000000c0900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) socket(0x2a, 0x2, 0x0) 892.202456ms ago: executing program 7 (id=9429): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18) unshare(0x8000000) semget$private(0x0, 0x4000, 0x555) semtimedop(0x0, &(0x7f0000000440)=[{0x0, 0x0, 0x1000}], 0xf, 0x0) unshare(0x2c040000) 892.032106ms ago: executing program 7 (id=9430): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000000400)=0x2, 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) bind$can_raw(r0, &(0x7f0000000480)={0x1d, r1}, 0x10) close(r0) 849.816507ms ago: executing program 7 (id=9431): r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0xe}, 0x400, 0xffffffff, 0x6, 0x5, 0x0, 0x40000001, 0xfff9, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x1) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff) openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) fstat(0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x200000, &(0x7f0000000740)={[], [{@euid_gt}, {@fowner_eq}, {@smackfshat={'smackfshat', 0x3d, '!}^*!)%%#'}}, {@euid_gt}, {@dont_measure}, {@obj_role={'obj_role', 0x3d, 'hsr0\x11'}}, {@measure}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@subj_type={'subj_type', 0x3d, 'hsr0\x00'}}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ") 827.207677ms ago: executing program 1 (id=9432): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x2, @multicast, 'ip_vti0\x00'}}, 0x1e) close_range(r1, 0xffffffffffffffff, 0x0) 544.448571ms ago: executing program 0 (id=9433): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 544.286011ms ago: executing program 1 (id=9434): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0xfffffffffffffccb, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r2}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 544.210001ms ago: executing program 6 (id=9435): r0 = creat(&(0x7f0000000200)='./file1\x00', 0x12e) close(r0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) io_getevents(0x0, 0x0, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0xa, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 539.828642ms ago: executing program 7 (id=9443): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0) r0 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) close(r0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x18) 365.126984ms ago: executing program 2 (id=9436): r0 = epoll_create1(0x80000) r1 = epoll_create1(0x80000) close(r0) syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0x1, 0x89}, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000280)={0x20000001}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000140)={0x77540947ad9a168d}) 364.623744ms ago: executing program 0 (id=9447): mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffff00, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) 319.847235ms ago: executing program 0 (id=9437): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090200000000fedfdf250100"], 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 319.137525ms ago: executing program 1 (id=9438): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) write(r1, &(0x7f0000004200)='t', 0x1) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffff000) 318.829065ms ago: executing program 2 (id=9439): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='sched_kthread_stop_ret\x00', r1}, 0x10) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0) 290.399285ms ago: executing program 0 (id=9440): r0 = socket$nl_route(0x10, 0x3, 0x0) creat(&(0x7f0000000080)='./file0\x00', 0x173) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x0) 139.814628ms ago: executing program 2 (id=9441): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) r3 = syz_open_procfs(0x0, &(0x7f0000000780)='net/tcp6\x00') preadv(r3, &(0x7f00000000c0)=[{&(0x7f0000001140)=""/4096, 0x1000}], 0x1, 0x300, 0x0) 53.020179ms ago: executing program 2 (id=9442): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0900000004000000563c000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000009df7000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x400448e0, 0x0) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) 52.520239ms ago: executing program 2 (id=9444): write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x58) close(0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, 0x0, 0x0}, 0x20) r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) 0s ago: executing program 2 (id=9445): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x44, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) r1 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0) wait4(r1, 0x0, 0x80000000, 0x0) kernel console output (not intermixed with test programs): detected capacity change from 0 to 1024 [ 334.227343][T23435] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 334.243127][T23435] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.7988: bg 0: block 88: padding at end of block bitmap is not set [ 334.274078][T12873] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.308339][T23445] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7991'. [ 334.328026][T23447] loop2: detected capacity change from 0 to 512 [ 334.334791][T23447] EXT4-fs: Ignoring removed nomblk_io_submit option [ 334.347755][T23449] loop3: detected capacity change from 0 to 512 [ 334.354989][T23449] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 334.367939][T23447] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.371009][T23449] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.380610][T23447] ext4 filesystem being mounted at /754/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 334.397627][T23449] ext4 filesystem being mounted at /801/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 334.430914][T23449] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.7994: corrupted xattr block 19: overlapping e_value [ 334.455119][T23449] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 334.464479][T23449] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.7994: corrupted xattr block 19: overlapping e_value [ 334.465328][T13495] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.478923][T23449] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 334.496759][T23449] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.7994: corrupted xattr block 19: overlapping e_value [ 334.552157][T12873] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.599130][T23459] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7995'. [ 334.611875][T23459] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7995'. [ 334.724148][T23473] 9pnet: p9_errstr2errno: server reported unknown error @L  [ 334.790185][T23481] loop3: detected capacity change from 0 to 512 [ 334.798219][T23481] EXT4-fs: Ignoring removed nomblk_io_submit option [ 334.798404][T23483] validate_nla: 2 callbacks suppressed [ 334.798420][T23483] netlink: 'syz.2.8016': attribute type 4 has an invalid length. [ 334.823250][T23483] netlink: 'syz.2.8016': attribute type 4 has an invalid length. [ 334.833544][T23481] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.847001][T23481] ext4 filesystem being mounted at /804/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 334.880554][T12873] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.928969][T23490] loop1: detected capacity change from 0 to 512 [ 334.931327][T23493] loop2: detected capacity change from 0 to 512 [ 334.938453][T23494] netlink: 'syz.3.8020': attribute type 4 has an invalid length. [ 334.945065][T23493] EXT4-fs: Ignoring removed nomblk_io_submit option [ 334.959785][T23490] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 334.967951][T23493] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.984481][T23493] ext4 filesystem being mounted at /760/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 334.986212][T23494] netlink: 'syz.3.8020': attribute type 4 has an invalid length. [ 335.005066][T23490] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 335.027789][T23490] ext4 filesystem being mounted at /1292/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 335.043554][T23490] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.8007: corrupted xattr block 19: overlapping e_value [ 335.058027][T23490] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 335.067180][T23490] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.8007: corrupted xattr block 19: overlapping e_value [ 335.082593][T23490] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 335.086359][T13495] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.091911][T23490] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.8007: corrupted xattr block 19: overlapping e_value [ 335.161161][ T7055] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.243629][T23517] 9pnet: p9_errstr2errno: server reported unknown error @L  [ 335.360166][T23527] loop1: detected capacity change from 0 to 512 [ 335.367164][T23527] EXT4-fs: Ignoring removed nomblk_io_submit option [ 335.380234][T23527] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 335.397879][T23532] netlink: 'syz.0.8024': attribute type 4 has an invalid length. [ 335.414459][T23527] ext4 filesystem being mounted at /1295/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 335.436302][T23532] netlink: 'syz.0.8024': attribute type 4 has an invalid length. [ 335.463589][ T7055] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.722994][T23566] netlink: 'syz.4.8040': attribute type 4 has an invalid length. [ 335.751481][T23566] netlink: 'syz.4.8040': attribute type 4 has an invalid length. [ 335.930087][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 335.930104][ T29] audit: type=1400 audit(1748912600.079:6554): avc: denied { listen } for pid=23595 comm="syz.0.8053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 336.687132][T23606] netlink: 'syz.1.8054': attribute type 4 has an invalid length. [ 336.709407][T23606] netlink: 'syz.1.8054': attribute type 4 has an invalid length. [ 337.559630][ T29] audit: type=1400 audit(1748912601.709:6555): avc: denied { bind } for pid=23641 comm="syz.1.8072" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 337.594182][ T29] audit: type=1400 audit(1748912601.729:6556): avc: denied { write } for pid=23641 comm="syz.1.8072" path="socket:[70112]" dev="sockfs" ino=70112 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 337.624194][ T29] audit: type=1326 audit(1748912601.769:6557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23644 comm="syz.4.8074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4304ce969 code=0x7ffc0000 [ 337.648035][ T29] audit: type=1326 audit(1748912601.769:6558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23644 comm="syz.4.8074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4304ce969 code=0x7ffc0000 [ 337.671961][ T29] audit: type=1326 audit(1748912601.779:6559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23644 comm="syz.4.8074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fe4304ce969 code=0x7ffc0000 [ 337.715037][ T29] audit: type=1326 audit(1748912601.859:6560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23644 comm="syz.4.8074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4304ce969 code=0x7ffc0000 [ 337.738759][ T29] audit: type=1326 audit(1748912601.859:6561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23644 comm="syz.4.8074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4304ce969 code=0x7ffc0000 [ 337.768688][ T29] audit: type=1326 audit(1748912601.919:6562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23644 comm="syz.4.8074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fe4304ce969 code=0x7ffc0000 [ 337.792456][ T29] audit: type=1326 audit(1748912601.919:6563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23644 comm="syz.4.8074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4304ce969 code=0x7ffc0000 [ 338.128284][T23688] --map-set only usable from mangle table [ 340.125143][T23830] loop4: detected capacity change from 0 to 512 [ 340.144973][T23830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 340.165139][T23830] ext4 filesystem being mounted at /1190/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 340.197037][T23839] SELinux: truncated policydb string identifier [ 340.203617][T23839] SELinux: failed to load policy [ 340.245747][T23830] loop4: detected capacity change from 512 to 64 [ 340.259509][T23830] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Out of memory [ 340.283426][T23847] validate_nla: 4 callbacks suppressed [ 340.283444][T23847] netlink: 'syz.0.8164': attribute type 10 has an invalid length. [ 340.302561][T23847] bridge0: port 2(bridge_slave_1) entered disabled state [ 340.303527][T23830] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Out of memory [ 340.309832][T23847] bridge0: port 1(bridge_slave_0) entered disabled state [ 340.346831][T23847] bridge0: port 2(bridge_slave_1) entered blocking state [ 340.354010][T23847] bridge0: port 2(bridge_slave_1) entered forwarding state [ 340.361436][T23847] bridge0: port 1(bridge_slave_0) entered blocking state [ 340.368591][T23847] bridge0: port 1(bridge_slave_0) entered forwarding state [ 340.369202][T23830] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #19: comm syz.4.8157: mark_inode_dirty error [ 340.392699][T23847] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 340.395757][T23830] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -12) [ 340.464707][ T9028] EXT4-fs error (device loop4): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 340.488766][ T9028] EXT4-fs error (device loop4): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 340.564655][T23865] SELinux: truncated policydb string identifier [ 340.571967][T22253] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.575708][T23865] SELinux: failed to load policy [ 340.592378][T23870] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 340.778314][T23880] netlink: 'syz.1.8180': attribute type 10 has an invalid length. [ 340.794554][T23880] bridge0: port 3(dummy0) entered disabled state [ 340.801721][T23880] bridge0: port 2(bridge_slave_1) entered disabled state [ 340.842145][T23880] bridge0: port 3(dummy0) entered blocking state [ 340.848593][T23880] bridge0: port 3(dummy0) entered forwarding state [ 340.855293][T23880] bridge0: port 2(bridge_slave_1) entered blocking state [ 340.862447][T23880] bridge0: port 2(bridge_slave_1) entered forwarding state [ 340.889910][T23880] bridge0: entered promiscuous mode [ 340.895892][T23880] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 340.957384][ T29] kauditd_printk_skb: 210 callbacks suppressed [ 340.957400][ T29] audit: type=1326 audit(1748912605.109:6774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23893 comm="syz.0.8196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4a93e969 code=0x7ffc0000 [ 341.003814][T23895] loop3: detected capacity change from 0 to 512 [ 341.015759][ T29] audit: type=1326 audit(1748912605.139:6775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23893 comm="syz.0.8196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4a93e969 code=0x7ffc0000 [ 341.039549][ T29] audit: type=1326 audit(1748912605.149:6776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23893 comm="syz.0.8196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c4a93e969 code=0x7ffc0000 [ 341.049200][T23895] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 341.063431][ T29] audit: type=1326 audit(1748912605.149:6777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23893 comm="syz.0.8196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4a93e969 code=0x7ffc0000 [ 341.079550][T23895] ext4 filesystem being mounted at /843/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 341.099872][ T29] audit: type=1326 audit(1748912605.149:6778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23893 comm="syz.0.8196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4a93e969 code=0x7ffc0000 [ 341.135279][ T29] audit: type=1326 audit(1748912605.159:6779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23893 comm="syz.0.8196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c4a93e969 code=0x7ffc0000 [ 341.158845][ T29] audit: type=1326 audit(1748912605.159:6780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23893 comm="syz.0.8196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4a93e969 code=0x7ffc0000 [ 341.182846][ T29] audit: type=1326 audit(1748912605.159:6781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23893 comm="syz.0.8196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c4a93e969 code=0x7ffc0000 [ 341.206417][ T29] audit: type=1326 audit(1748912605.159:6782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23893 comm="syz.0.8196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4a93e969 code=0x7ffc0000 [ 341.229925][ T29] audit: type=1326 audit(1748912605.159:6783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23893 comm="syz.0.8196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f3c4a93e969 code=0x7ffc0000 [ 341.284198][T23916] SELinux: truncated policydb string identifier [ 341.290787][T23916] SELinux: failed to load policy [ 341.295221][T23886] chnl_net:caif_netlink_parms(): no params data found [ 341.296016][T23895] loop3: detected capacity change from 512 to 64 [ 341.313329][T23917] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 341.377734][T12873] EXT4-fs error (device loop3): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 341.392893][T12873] EXT4-fs error (device loop3): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 341.441498][T23886] bridge0: port 1(bridge_slave_0) entered blocking state [ 341.448710][T23886] bridge0: port 1(bridge_slave_0) entered disabled state [ 341.458004][T23886] bridge_slave_0: entered allmulticast mode [ 341.464673][T23886] bridge_slave_0: entered promiscuous mode [ 341.465944][T22196] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 341.472088][T23886] bridge0: port 2(bridge_slave_1) entered blocking state [ 341.487698][T23886] bridge0: port 2(bridge_slave_1) entered disabled state [ 341.495934][T23886] bridge_slave_1: entered allmulticast mode [ 341.502645][T23932] netlink: 'syz.2.8200': attribute type 10 has an invalid length. [ 341.512235][T23886] bridge_slave_1: entered promiscuous mode [ 341.518846][T23932] bridge0: port 2(bridge_slave_1) entered disabled state [ 341.526167][T23932] bridge0: port 1(bridge_slave_0) entered disabled state [ 341.536317][T23932] bridge0: port 2(bridge_slave_1) entered blocking state [ 341.543413][T23932] bridge0: port 2(bridge_slave_1) entered forwarding state [ 341.550837][T23932] bridge0: port 1(bridge_slave_0) entered blocking state [ 341.557950][T23932] bridge0: port 1(bridge_slave_0) entered forwarding state [ 341.569303][T23932] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 341.633717][T23886] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 341.644774][T23886] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 341.664842][T23886] team0: Port device team_slave_0 added [ 341.671736][T23886] team0: Port device team_slave_1 added [ 341.688377][T23886] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 341.695345][T23886] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 341.721801][T23886] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 341.733212][T23886] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 341.740290][T23886] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 341.766492][T23886] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 341.800525][T23943] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 341.809858][T23946] loop2: detected capacity change from 0 to 512 [ 341.840917][T23886] hsr_slave_0: entered promiscuous mode [ 341.848927][T23886] hsr_slave_1: entered promiscuous mode [ 341.868903][T23886] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 341.880103][T23946] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 341.883588][T23886] Cannot create hsr debugfs directory [ 341.916603][T23946] ext4 filesystem being mounted at /798/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 341.995785][T23946] loop2: detected capacity change from 512 to 64 [ 342.010975][T23962] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Out of memory [ 342.020294][T23962] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Out of memory [ 342.027957][T23886] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 342.030546][T23962] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #19: comm syz.2.8208: mark_inode_dirty error [ 342.048525][T23962] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -12) [ 342.057622][T23886] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 342.074453][T23886] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 342.087633][T23886] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 342.106559][T13495] EXT4-fs error (device loop2): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 342.123082][T13495] EXT4-fs error (device loop2): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 342.179362][T23952] chnl_net:caif_netlink_parms(): no params data found [ 342.186916][T15334] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.226863][T23886] 8021q: adding VLAN 0 to HW filter on device bond0 [ 342.234349][T23952] bridge0: port 1(bridge_slave_0) entered blocking state [ 342.241515][T23952] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.248907][T23952] bridge_slave_0: entered allmulticast mode [ 342.255392][T23952] bridge_slave_0: entered promiscuous mode [ 342.262417][T23952] bridge0: port 2(bridge_slave_1) entered blocking state [ 342.269620][T23952] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.277027][T23952] bridge_slave_1: entered allmulticast mode [ 342.283718][T23952] bridge_slave_1: entered promiscuous mode [ 342.312362][T23886] 8021q: adding VLAN 0 to HW filter on device team0 [ 342.322930][ T3867] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 342.333509][ T3867] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.346443][T23952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 342.357154][T23952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 342.381055][ T3867] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 342.391461][ T3867] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.404308][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 342.411454][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 342.421269][T23952] team0: Port device team_slave_0 added [ 342.428576][T23952] team0: Port device team_slave_1 added [ 342.447841][ T3867] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 342.458336][ T3867] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.471079][T23952] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 342.478112][T23952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 342.504166][T23952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 342.515908][T23952] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 342.522884][T23952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 342.550065][T23952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 342.563923][ T3867] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 342.574431][ T3867] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.587527][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 342.594596][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 342.627402][T23952] hsr_slave_0: entered promiscuous mode [ 342.633537][T23952] hsr_slave_1: entered promiscuous mode [ 342.639661][T23952] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 342.647291][T23952] Cannot create hsr debugfs directory [ 342.705964][ T3867] bridge_slave_1: left allmulticast mode [ 342.711649][ T3867] bridge_slave_1: left promiscuous mode [ 342.717394][ T3867] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.725298][ T3867] bridge_slave_0: left allmulticast mode [ 342.731062][ T3867] bridge_slave_0: left promiscuous mode [ 342.736816][ T3867] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.798995][ T3867] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 342.828737][ T3867] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 342.838591][ T3867] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 342.848331][ T3867] bond0 (unregistering): Released all slaves [ 342.857837][ T3867] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 342.866009][ T3867] batadv1: left promiscuous mode [ 342.871949][ T3867] bond1 (unregistering): Released all slaves [ 342.881092][ T3867] bond2 (unregistering): (slave batadv2): Releasing backup interface [ 342.889361][ T3867] batadv2: left promiscuous mode [ 342.895268][ T3867] bond2 (unregistering): Released all slaves [ 342.938978][ T3867] tipc: Disabling bearer [ 342.944238][ T3867] tipc: Left network mode [ 342.953429][ T3867] hsr_slave_0: left promiscuous mode [ 342.959454][ T3867] hsr_slave_1: left promiscuous mode [ 342.965113][ T3867] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 342.973220][ T3867] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 342.981014][ T3867] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 342.988619][ T3867] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 343.000113][ T3867] veth1_macvtap: left promiscuous mode [ 343.005710][ T3867] veth0_macvtap: left promiscuous mode [ 343.011257][ T3867] veth1_vlan: left promiscuous mode [ 343.016619][ T3867] veth0_vlan: left promiscuous mode [ 343.080368][ T3867] team0 (unregistering): Port device team_slave_1 removed [ 343.091080][ T3867] team0 (unregistering): Port device team_slave_0 removed [ 343.131749][T23952] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 343.141784][T23886] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 343.150263][T23952] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 343.159941][T23952] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 343.172277][T23952] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 343.215314][T23952] 8021q: adding VLAN 0 to HW filter on device bond0 [ 343.232507][T23952] 8021q: adding VLAN 0 to HW filter on device team0 [ 343.242605][ T3334] bridge0: port 1(bridge_slave_0) entered blocking state [ 343.249846][ T3334] bridge0: port 1(bridge_slave_0) entered forwarding state [ 343.260546][ T3905] bridge0: port 2(bridge_slave_1) entered blocking state [ 343.267681][ T3905] bridge0: port 2(bridge_slave_1) entered forwarding state [ 343.300401][T23952] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 343.359738][T23886] veth0_vlan: entered promiscuous mode [ 343.370045][T23886] veth1_vlan: entered promiscuous mode [ 343.380415][T23952] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 343.399206][T23886] veth0_macvtap: entered promiscuous mode [ 343.407093][T23886] veth1_macvtap: entered promiscuous mode [ 343.419828][T23886] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 343.431243][T23886] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 343.441517][T23886] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.450345][T23886] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.459194][T23886] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.468008][T23886] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.492559][ T3867] IPVS: stop unused estimator thread 0... [ 343.538316][T24002] loop0: detected capacity change from 0 to 512 [ 343.548411][ T3867] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.568457][T24002] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 343.587516][ T3867] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.629653][T24002] ext4 filesystem being mounted at /808/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 343.657584][ T3867] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.667504][T24002] loop0: detected capacity change from 512 to 64 [ 343.694145][T23952] veth0_vlan: entered promiscuous mode [ 343.705318][T24002] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6255: Out of memory [ 343.727704][ T3867] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.740017][T24018] netlink: 'syz.5.8214': attribute type 10 has an invalid length. [ 343.740474][T24002] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6255: Out of memory [ 343.761711][T23952] veth1_vlan: entered promiscuous mode [ 343.768416][T24002] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #19: comm syz.0.8219: mark_inode_dirty error [ 343.775388][T24018] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.787183][T24018] bridge0: port 1(bridge_slave_0) entered disabled state [ 343.798744][T24018] bridge0: port 2(bridge_slave_1) entered blocking state [ 343.799218][T24002] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -12) [ 343.806332][T24018] bridge0: port 2(bridge_slave_1) entered forwarding state [ 343.806517][T24018] bridge0: port 1(bridge_slave_0) entered blocking state [ 343.831068][T24018] bridge0: port 1(bridge_slave_0) entered forwarding state [ 343.848221][T24018] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 343.874524][T23952] veth0_macvtap: entered promiscuous mode [ 343.881022][T13462] EXT4-fs error (device loop0): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 343.899884][T13462] EXT4-fs error (device loop0): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 343.908107][T23952] veth1_macvtap: entered promiscuous mode [ 343.925062][ T3867] bridge_slave_1: left allmulticast mode [ 343.930835][ T3867] bridge_slave_1: left promiscuous mode [ 343.936724][ T3867] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.981502][T15373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.017830][T24030] loop1: detected capacity change from 0 to 512 [ 344.050540][T24030] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 344.064441][T24030] ext4 filesystem being mounted at /1337/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 344.082400][ T3867] $H (unregistering): (slave bond_slave_0): Releasing backup interface [ 344.092672][ T3867] bond_slave_0: left promiscuous mode [ 344.100158][ T3867] $H (unregistering): (slave bond_slave_1): Releasing backup interface [ 344.109271][ T3867] bond_slave_1: left promiscuous mode [ 344.115439][ T3867] $H (unregistering): Released all slaves [ 344.124840][ T3867] bond0 (unregistering): (slave batadv1): Releasing backup interface [ 344.133082][ T3867] batadv1: left promiscuous mode [ 344.138287][T24030] loop1: detected capacity change from 512 to 64 [ 344.145868][ T3867] bond0 (unregistering): Released all slaves [ 344.146613][T24030] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Out of memory [ 344.161439][T24030] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Out of memory [ 344.161550][ T3867] bond1 (unregistering): (slave batadv2): Releasing backup interface [ 344.174436][T24030] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #19: comm syz.1.8226: mark_inode_dirty error [ 344.178954][ T3867] batadv2: left promiscuous mode [ 344.194104][T24030] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -12) [ 344.206914][ T3867] bond1 (unregistering): Released all slaves [ 344.223850][T23952] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 344.243632][T24038] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 344.269760][T23952] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 344.280954][ T7055] EXT4-fs error (device loop1): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 344.286897][ T3867] tipc: Disabling bearer [ 344.297542][ T3867] tipc: Left network mode [ 344.306169][ T7055] EXT4-fs error (device loop1): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 344.309292][T23952] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.326384][T23952] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.335727][T23952] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.344593][T23952] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.361196][ T3867] hsr_slave_0: left promiscuous mode [ 344.367171][ T3867] hsr_slave_1: left promiscuous mode [ 344.373089][ T3867] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 344.380760][ T3867] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 344.409230][ T3867] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 344.416812][ T3867] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 344.431544][T13818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.441380][ T3867] veth1_macvtap: left promiscuous mode [ 344.456612][ T3867] veth0_macvtap: left promiscuous mode [ 344.462252][ T3867] veth1_vlan: left promiscuous mode [ 344.468081][ T3867] veth0_vlan: left promiscuous mode [ 344.546338][ T3867] team0 (unregistering): Port device team_slave_1 removed [ 344.556108][ T3867] team0 (unregistering): Port device team_slave_0 removed [ 344.659659][T24012] chnl_net:caif_netlink_parms(): no params data found [ 344.799327][T24012] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.806505][T24012] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.818189][T24012] bridge_slave_0: entered allmulticast mode [ 344.824827][T24012] bridge_slave_0: entered promiscuous mode [ 344.832677][T24012] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.839846][T24012] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.847321][T24012] bridge_slave_1: entered allmulticast mode [ 344.854033][T24012] bridge_slave_1: entered promiscuous mode [ 344.865394][T24074] netlink: 'syz.6.8229': attribute type 10 has an invalid length. [ 344.901664][T24012] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 344.913217][T24074] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.920494][T24074] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.930561][T24074] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.937750][T24074] bridge0: port 2(bridge_slave_1) entered forwarding state [ 344.945050][T24074] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.952184][T24074] bridge0: port 1(bridge_slave_0) entered forwarding state [ 344.961414][T24074] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 344.983619][T24012] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 345.018377][T24081] loop5: detected capacity change from 0 to 128 [ 345.025253][T24081] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 345.041327][T24081] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 345.058935][T24012] team0: Port device team_slave_0 added [ 345.066722][T24012] team0: Port device team_slave_1 added [ 345.122498][T24012] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 345.129635][T24012] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 345.138771][T24090] loop5: detected capacity change from 0 to 512 [ 345.155712][T24012] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 345.181349][T24012] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 345.188551][T24012] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 345.214545][T24012] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 345.235140][T24044] chnl_net:caif_netlink_parms(): no params data found [ 345.249001][ T3867] IPVS: stop unused estimator thread 0... [ 345.269700][T24090] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 345.288828][T24090] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 345.320798][T24068] chnl_net:caif_netlink_parms(): no params data found [ 345.337166][T24012] hsr_slave_0: entered promiscuous mode [ 345.343323][T24012] hsr_slave_1: entered promiscuous mode [ 345.349279][T24090] loop5: detected capacity change from 512 to 64 [ 345.360254][T24090] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Out of memory [ 345.374048][T24090] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Out of memory [ 345.384346][T24090] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #19: comm syz.5.8232: mark_inode_dirty error [ 345.396821][T24090] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -12) [ 345.428858][T23886] EXT4-fs error (device loop5): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 345.441446][T24044] bridge0: port 1(bridge_slave_0) entered blocking state [ 345.448683][T24044] bridge0: port 1(bridge_slave_0) entered disabled state [ 345.458573][T24044] bridge_slave_0: entered allmulticast mode [ 345.465198][T24044] bridge_slave_0: entered promiscuous mode [ 345.478799][T23886] EXT4-fs error (device loop5): ext4_lookup:1784: inode #2: comm syz-executor: '.' linked to parent dir [ 345.509518][T24044] bridge0: port 2(bridge_slave_1) entered blocking state [ 345.516749][T24044] bridge0: port 2(bridge_slave_1) entered disabled state [ 345.524149][T24044] bridge_slave_1: entered allmulticast mode [ 345.530883][T24044] bridge_slave_1: entered promiscuous mode [ 345.567087][ T3867] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 345.576977][ T3867] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.592514][T24044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 345.608745][T24044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 345.627380][T24068] bridge0: port 1(bridge_slave_0) entered blocking state [ 345.634498][T24068] bridge0: port 1(bridge_slave_0) entered disabled state [ 345.644780][T24068] bridge_slave_0: entered allmulticast mode [ 345.651462][T24068] bridge_slave_0: entered promiscuous mode [ 345.658415][T24068] bridge0: port 2(bridge_slave_1) entered blocking state [ 345.665728][T24068] bridge0: port 2(bridge_slave_1) entered disabled state [ 345.673013][T24068] bridge_slave_1: entered allmulticast mode [ 345.679900][T24068] bridge_slave_1: entered promiscuous mode [ 345.720993][ T3867] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 345.730989][ T3867] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.758158][T24044] team0: Port device team_slave_0 added [ 345.769761][ T3867] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 345.779769][ T3867] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.792973][T24068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 345.803470][T24044] team0: Port device team_slave_1 added [ 345.819437][T24068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 345.837015][T24044] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 345.839819][T23886] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.844020][T24044] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 345.879239][T24044] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 345.915436][ T3867] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 345.925323][ T3867] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.936455][T24044] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 345.943436][T24044] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 345.969623][T24044] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 345.986547][T24068] team0: Port device team_slave_0 added [ 345.994231][T24068] team0: Port device team_slave_1 added [ 346.038531][T24068] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 346.045538][T24068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 346.071765][T24068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 346.083358][T24068] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 346.090365][T24068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 346.117726][T24068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 346.134379][T24044] hsr_slave_0: entered promiscuous mode [ 346.151845][T24044] hsr_slave_1: entered promiscuous mode [ 346.160805][T24044] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 346.171323][T24044] Cannot create hsr debugfs directory [ 346.214420][ T29] kauditd_printk_skb: 59 callbacks suppressed [ 346.214438][ T29] audit: type=1400 audit(1748912610.359:6843): avc: denied { module_load } for pid=24127 comm="syz.6.8246" path="/sys/kernel/notes" dev="sysfs" ino=212 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1 [ 346.214480][T24128] Invalid ELF header magic: != ELF [ 346.274342][T24068] hsr_slave_0: entered promiscuous mode [ 346.280784][T24068] hsr_slave_1: entered promiscuous mode [ 346.286941][T24068] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 346.294584][T24068] Cannot create hsr debugfs directory [ 346.364108][ T3867] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 346.374525][ T3867] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.440166][ T3867] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 346.450600][ T3867] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.466568][ T29] audit: type=1326 audit(1748912610.619:6844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24138 comm="syz.6.8250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d2b7e969 code=0x7ffc0000 [ 346.497953][ T29] audit: type=1326 audit(1748912610.619:6845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24138 comm="syz.6.8250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d2b7e969 code=0x7ffc0000 [ 346.521906][ T29] audit: type=1326 audit(1748912610.619:6846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24138 comm="syz.6.8250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f92d2b7e969 code=0x7ffc0000 [ 346.545844][ T29] audit: type=1326 audit(1748912610.619:6847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24138 comm="syz.6.8250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d2b7e969 code=0x7ffc0000 [ 346.569477][ T29] audit: type=1326 audit(1748912610.639:6848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24138 comm="syz.6.8250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d2b7e969 code=0x7ffc0000 [ 346.607058][ T3867] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 346.617590][ T3867] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.658253][T24012] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 346.671507][T24113] chnl_net:caif_netlink_parms(): no params data found [ 346.685180][ T3867] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 346.695673][ T3867] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.711376][T24012] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 346.727783][T24012] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 346.742797][T24012] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 346.775511][T24113] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.782755][T24113] bridge0: port 1(bridge_slave_0) entered disabled state [ 346.790142][T24113] bridge_slave_0: entered allmulticast mode [ 346.796878][T24113] bridge_slave_0: entered promiscuous mode [ 346.804106][T24113] bridge0: port 2(bridge_slave_1) entered blocking state [ 346.811453][T24113] bridge0: port 2(bridge_slave_1) entered disabled state [ 346.819126][T24113] bridge_slave_1: entered allmulticast mode [ 346.825943][T24113] bridge_slave_1: entered promiscuous mode [ 346.851993][T24113] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 346.862665][T24113] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 346.893737][T24113] team0: Port device team_slave_0 added [ 346.900694][T24113] team0: Port device team_slave_1 added [ 346.910127][ T3867] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 346.920762][ T3867] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.949027][T24113] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 346.956135][T24113] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 346.982252][T24113] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 346.994137][T24113] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 347.001210][T24113] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 347.027600][T24113] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 347.052961][ T3867] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 347.063405][ T3867] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.084145][T24113] hsr_slave_0: entered promiscuous mode [ 347.090464][T24113] hsr_slave_1: entered promiscuous mode [ 347.096460][T24113] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 347.104014][T24113] Cannot create hsr debugfs directory [ 347.122064][ T3867] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 347.132533][ T3867] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.180971][T24012] 8021q: adding VLAN 0 to HW filter on device bond0 [ 347.204280][T24012] 8021q: adding VLAN 0 to HW filter on device team0 [ 347.213551][ T3867] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 347.223948][ T3867] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.240216][ T3868] bridge0: port 1(bridge_slave_0) entered blocking state [ 347.247463][ T3868] bridge0: port 1(bridge_slave_0) entered forwarding state [ 347.257633][ T3868] bridge0: port 2(bridge_slave_1) entered blocking state [ 347.264810][ T3868] bridge0: port 2(bridge_slave_1) entered forwarding state [ 347.323802][ T3867] bridge0: port 3(dummy0) entered disabled state [ 347.332530][ T3867] bridge_slave_1: left allmulticast mode [ 347.338392][ T3867] bridge_slave_1: left promiscuous mode [ 347.344308][ T3867] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.353157][ T3867] bridge_slave_1: left allmulticast mode [ 347.358883][ T3867] bridge_slave_1: left promiscuous mode [ 347.364530][ T3867] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.372421][ T3867] bridge_slave_0: left allmulticast mode [ 347.378167][ T3867] bridge_slave_0: left promiscuous mode [ 347.383858][ T3867] bridge0: port 1(bridge_slave_0) entered disabled state [ 347.392189][ T3867] bridge_slave_1: left allmulticast mode [ 347.397961][ T3867] bridge_slave_1: left promiscuous mode [ 347.403631][ T3867] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.411545][ T3867] bridge_slave_0: left allmulticast mode [ 347.417308][ T3867] bridge_slave_0: left promiscuous mode [ 347.422986][ T3867] bridge0: port 1(bridge_slave_0) entered disabled state [ 347.531677][ T3867] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 347.540118][ T3867] bridge0 (unregistering): left promiscuous mode [ 347.648382][ T3867] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.657162][ T3867] bond_slave_0: left promiscuous mode [ 347.663513][ T3867] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 347.672589][ T3867] bond_slave_1: left promiscuous mode [ 347.678921][ T3867] bond0 (unregistering): Released all slaves [ 347.688727][ T3867] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 347.696972][ T3867] batadv1: left promiscuous mode [ 347.703179][ T3867] bond1 (unregistering): Released all slaves [ 347.711973][ T3867] bond2 (unregistering): (slave batadv2): Releasing backup interface [ 347.720938][ T3867] batadv2: left promiscuous mode [ 347.727239][ T3867] bond2 (unregistering): Released all slaves [ 347.758704][ T3867] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 347.798889][ T3867] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.809004][ T3867] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 347.818783][ T3867] bond0 (unregistering): Released all slaves [ 347.827956][ T3867] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 347.836230][ T3867] batadv1: left promiscuous mode [ 347.842278][ T3867] bond1 (unregistering): Released all slaves [ 347.907966][ T3867] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.918305][ T3867] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 347.927992][ T3867] bond0 (unregistering): Released all slaves [ 347.937294][ T3867] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 347.945652][ T3867] batadv1: left promiscuous mode [ 347.952085][ T3867] bond1 (unregistering): Released all slaves [ 347.972455][T24012] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 347.996416][ T3867] tipc: Disabling bearer [ 348.001698][ T3867] tipc: Left network mode [ 348.006829][ T3867] tipc: Disabling bearer [ 348.012080][ T3867] tipc: Left network mode [ 348.020698][ T3867] tipc: Disabling bearer [ 348.026566][ T3867] tipc: Left network mode [ 348.034443][ T3867] IPVS: stopping backup sync thread 10306 ... [ 348.049281][ T3867] hsr_slave_0: left promiscuous mode [ 348.055128][ T3867] hsr_slave_1: left promiscuous mode [ 348.061109][ T3867] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 348.068690][ T3867] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 348.076553][ T3867] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 348.084059][ T3867] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 348.094120][ T3867] hsr_slave_0: left promiscuous mode [ 348.099906][ T3867] hsr_slave_1: left promiscuous mode [ 348.105467][ T3867] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 348.113008][ T3867] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 348.120913][ T3867] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 348.128729][ T3867] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 348.138552][ T3867] hsr_slave_0: left promiscuous mode [ 348.144218][ T3867] hsr_slave_1: left promiscuous mode [ 348.149967][ T3867] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 348.157552][ T3867] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 348.165160][ T3867] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 348.172767][ T3867] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 348.187881][ T3867] veth1_macvtap: left promiscuous mode [ 348.193394][ T3867] veth0_macvtap: left promiscuous mode [ 348.199424][ T3867] veth1_vlan: left promiscuous mode [ 348.204701][ T3867] veth0_vlan: left promiscuous mode [ 348.210728][ T3867] veth1_macvtap: left promiscuous mode [ 348.216270][ T3867] veth0_macvtap: left promiscuous mode [ 348.221802][ T3867] veth1_vlan: left promiscuous mode [ 348.227115][ T3867] veth0_vlan: left promiscuous mode [ 348.233066][ T3867] veth1_macvtap: left promiscuous mode [ 348.238780][ T3867] veth0_macvtap: left promiscuous mode [ 348.244429][ T3867] veth1_vlan: left promiscuous mode [ 348.249806][ T3867] veth0_vlan: left promiscuous mode [ 348.381520][ T3867] team0 (unregistering): Port device team_slave_1 removed [ 348.391289][ T3867] team0 (unregistering): Port device team_slave_0 removed [ 348.445003][ T3867] team0 (unregistering): Port device team_slave_1 removed [ 348.454929][ T3867] team0 (unregistering): Port device team_slave_0 removed [ 348.516845][ T3867] team0 (unregistering): Port device team_slave_1 removed [ 348.526335][ T3867] team0 (unregistering): Port device team_slave_0 removed [ 348.571411][T24012] veth0_vlan: entered promiscuous mode [ 348.579361][T24012] veth1_vlan: entered promiscuous mode [ 348.594590][T24012] veth0_macvtap: entered promiscuous mode [ 348.602018][T24012] veth1_macvtap: entered promiscuous mode [ 348.612813][T24012] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 348.624364][T24012] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 348.634039][T24012] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.642909][T24012] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.651817][T24012] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.660583][T24012] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.691465][T24068] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 348.704682][T24068] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 348.713803][T24068] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 348.724003][T24068] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 348.756766][T24113] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 348.780415][T24113] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 348.795552][T24113] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 348.807611][T24113] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 348.827899][T24068] 8021q: adding VLAN 0 to HW filter on device bond0 [ 348.839449][T24044] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 348.854256][T24044] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 348.872817][T24068] 8021q: adding VLAN 0 to HW filter on device team0 [ 348.882494][T24044] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 348.898054][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 348.905313][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 348.917245][T24044] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 348.933564][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 348.941127][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 349.000037][T24068] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 349.017407][T24113] 8021q: adding VLAN 0 to HW filter on device bond0 [ 349.033628][T24044] 8021q: adding VLAN 0 to HW filter on device bond0 [ 349.049546][T24113] 8021q: adding VLAN 0 to HW filter on device team0 [ 349.078191][ T3905] bridge0: port 1(bridge_slave_0) entered blocking state [ 349.085282][ T3905] bridge0: port 1(bridge_slave_0) entered forwarding state [ 349.108452][T24044] 8021q: adding VLAN 0 to HW filter on device team0 [ 349.131705][ T3905] bridge0: port 2(bridge_slave_1) entered blocking state [ 349.138832][ T3905] bridge0: port 2(bridge_slave_1) entered forwarding state [ 349.149177][ T3915] bridge0: port 1(bridge_slave_0) entered blocking state [ 349.156282][ T3915] bridge0: port 1(bridge_slave_0) entered forwarding state [ 349.175433][ T3915] bridge0: port 2(bridge_slave_1) entered blocking state [ 349.182653][ T3915] bridge0: port 2(bridge_slave_1) entered forwarding state [ 349.211049][T24044] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 349.221594][T24044] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 349.235337][ T29] audit: type=1326 audit(1748912613.359:6849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24173 comm="syz.6.8261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d2b7e969 code=0x7ffc0000 [ 349.259190][ T29] audit: type=1326 audit(1748912613.359:6850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24173 comm="syz.6.8261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d2b7e969 code=0x7ffc0000 [ 349.283317][ T29] audit: type=1326 audit(1748912613.359:6851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24173 comm="syz.6.8261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f92d2b7e969 code=0x7ffc0000 [ 349.307749][ T29] audit: type=1326 audit(1748912613.359:6852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24173 comm="syz.6.8261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d2b7e969 code=0x7ffc0000 [ 349.320410][T24113] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 349.341720][T24113] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 349.372605][T24068] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 349.468200][T24044] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 349.484523][T24113] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 349.553515][T24068] veth0_vlan: entered promiscuous mode [ 349.575251][T24068] veth1_vlan: entered promiscuous mode [ 349.619046][T24068] veth0_macvtap: entered promiscuous mode [ 349.640161][T24068] veth1_macvtap: entered promiscuous mode [ 349.670642][T24068] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 349.681387][T24068] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 349.695153][T24044] veth0_vlan: entered promiscuous mode [ 349.703176][T24068] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.712067][T24068] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.720988][T24068] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.730039][T24068] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.757877][T24044] veth1_vlan: entered promiscuous mode [ 349.783705][T24044] veth0_macvtap: entered promiscuous mode [ 349.783943][ T3867] IPVS: stop unused estimator thread 0... [ 349.806104][T24044] veth1_macvtap: entered promiscuous mode [ 349.827150][T24113] veth0_vlan: entered promiscuous mode [ 349.834299][ T3867] IPVS: stop unused estimator thread 0... [ 349.842182][T24113] veth1_vlan: entered promiscuous mode [ 349.849677][ T3867] IPVS: stop unused estimator thread 0... [ 349.871863][T24044] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 349.891739][T24113] veth0_macvtap: entered promiscuous mode [ 349.900153][T24044] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 349.919899][T24044] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.928757][T24044] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.937522][T24044] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.946377][T24044] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.006432][T24113] veth1_macvtap: entered promiscuous mode [ 350.017873][T24113] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 350.055024][T24113] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 350.083094][T24113] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.092274][T24113] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.101191][T24113] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.110011][T24113] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.148264][ T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.205667][ T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.268405][ T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.339550][ T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.442693][ T12] bridge_slave_1: left allmulticast mode [ 350.448475][ T12] bridge_slave_1: left promiscuous mode [ 350.454218][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 350.477718][ T12] bridge_slave_0: left allmulticast mode [ 350.483574][ T12] bridge_slave_0: left promiscuous mode [ 350.489411][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 350.597665][ T12] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 350.668086][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 350.678458][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 350.688205][ T12] bond0 (unregistering): Released all slaves [ 350.755228][ T12] hsr_slave_0: left promiscuous mode [ 350.777487][ T12] hsr_slave_1: left promiscuous mode [ 350.799742][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 350.807298][T24291] loop1: detected capacity change from 0 to 8192 [ 350.813849][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 350.826114][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 350.833686][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 350.873569][ T12] veth1_macvtap: left promiscuous mode [ 350.879599][ T12] veth0_macvtap: left promiscuous mode [ 350.886357][ T12] veth1_vlan: left promiscuous mode [ 350.911448][ T12] veth0_vlan: left promiscuous mode [ 351.040520][T24309] loop6: detected capacity change from 0 to 8192 [ 351.124986][ T12] team0 (unregistering): Port device team_slave_1 removed [ 351.148598][ T12] team0 (unregistering): Port device team_slave_0 removed [ 351.152127][T24337] rdma_op ffff888119e12180 conn xmit_rdma 0000000000000000 [ 351.222350][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 351.222368][ T29] audit: type=1400 audit(1748912615.369:6866): avc: denied { read write } for pid=24339 comm="syz.6.8314" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 351.252464][ T29] audit: type=1400 audit(1748912615.369:6867): avc: denied { open } for pid=24339 comm="syz.6.8314" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 351.342176][ T29] audit: type=1400 audit(1748912615.439:6868): avc: denied { create } for pid=24351 comm="syz.2.8320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 351.362108][ T29] audit: type=1400 audit(1748912615.439:6869): avc: denied { write } for pid=24351 comm="syz.2.8320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 351.382081][ T29] audit: type=1400 audit(1748912615.439:6870): avc: denied { connect } for pid=24351 comm="syz.2.8320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 351.402081][ T29] audit: type=1400 audit(1748912615.439:6871): avc: denied { name_connect } for pid=24351 comm="syz.2.8320" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 351.424523][ T29] audit: type=1400 audit(1748912615.489:6872): avc: denied { write } for pid=24355 comm="syz.0.8322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 351.452305][ T29] audit: type=1400 audit(1748912615.599:6873): avc: denied { name_connect } for pid=24351 comm="syz.2.8320" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 351.515626][ T29] audit: type=1400 audit(1748912615.649:6874): avc: denied { shutdown } for pid=24351 comm="syz.2.8320" lport=48332 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 351.536600][ T29] audit: type=1400 audit(1748912615.649:6875): avc: denied { getopt } for pid=24351 comm="syz.2.8320" lport=48332 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 351.610268][T24369] loop0: detected capacity change from 0 to 8192 [ 351.626703][T24376] rdma_op ffff888123877580 conn xmit_rdma 0000000000000000 [ 351.839290][T24406] rdma_op ffff888123874180 conn xmit_rdma 0000000000000000 [ 351.927431][T24412] rdma_op ffff888123874180 conn xmit_rdma 0000000000000000 [ 351.987104][T24418] loop0: detected capacity change from 0 to 2048 [ 352.253676][T24443] loop2: detected capacity change from 0 to 8192 [ 352.286517][T24450] rdma_op ffff888125003980 conn xmit_rdma 0000000000000000 [ 352.332306][T24454] rdma_op ffff888125003980 conn xmit_rdma 0000000000000000 [ 352.380144][T24460] loop0: detected capacity change from 0 to 8192 [ 352.436288][T24466] loop2: detected capacity change from 0 to 2048 [ 352.576178][T24484] __nla_validate_parse: 29 callbacks suppressed [ 352.576195][T24484] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8379'. [ 352.793317][T24502] loop6: detected capacity change from 0 to 2048 [ 352.901723][T24511] netlink: 16 bytes leftover after parsing attributes in process `syz.6.8391'. [ 353.285259][T24537] loop1: detected capacity change from 0 to 2048 [ 353.299425][T24540] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8404'. [ 353.522008][T24571] netlink: 16 bytes leftover after parsing attributes in process `syz.7.8419'. [ 353.872246][T24602] loop6: detected capacity change from 0 to 764 [ 353.884150][T24604] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8435'. [ 354.131908][T24621] loop1: detected capacity change from 0 to 512 [ 354.164152][T24621] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 354.180947][T24621] ext4 filesystem being mounted at /39/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 354.243292][T24637] netlink: 16 bytes leftover after parsing attributes in process `syz.6.8450'. [ 354.275310][T24068] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.375354][T24659] loop2: detected capacity change from 0 to 764 [ 354.413602][T24664] netlink: 20 bytes leftover after parsing attributes in process `syz.7.8475'. [ 355.150334][T24679] loop2: detected capacity change from 0 to 512 [ 355.158385][T24677] Falling back ldisc for ptm0. [ 355.173767][T24679] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 355.200203][T24679] ext4 filesystem being mounted at /44/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 355.285703][T24012] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.314875][T24691] sch_tbf: burst 3092 is lower than device lo mtu (65550) ! [ 355.344199][T24694] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8477'. [ 355.359601][T24696] loop1: detected capacity change from 0 to 764 [ 355.450378][T24710] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22 [ 355.458822][T24710] netdevsim netdevsim6: Direct firmware load for . failed with error -22 [ 355.548948][T24728] loop0: detected capacity change from 0 to 512 [ 355.561024][T24728] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 355.573495][T24728] EXT4-fs (loop0): 1 truncate cleaned up [ 355.581453][T24728] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 355.629351][T24044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.777255][T24749] netlink: 'syz.6.8501': attribute type 10 has an invalid length. [ 355.811158][T24749] team0: Device veth0_macvtap failed to register rx_handler [ 355.867354][T24756] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 355.882402][T24756] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 355.955285][T24761] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8506'. [ 355.964322][T24761] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8506'. [ 356.300893][T24789] bridge0: entered promiscuous mode [ 356.308244][T24789] bridge0: port 3(macvlan2) entered blocking state [ 356.314845][T24789] bridge0: port 3(macvlan2) entered disabled state [ 356.321642][T24789] macvlan2: entered allmulticast mode [ 356.327116][T24789] bridge0: entered allmulticast mode [ 356.333536][T24789] macvlan2: left allmulticast mode [ 356.338911][T24789] bridge0: left allmulticast mode [ 356.345767][T24789] bridge0: left promiscuous mode [ 356.358543][ T29] kauditd_printk_skb: 206 callbacks suppressed [ 356.358563][ T29] audit: type=1326 audit(1748912620.509:7082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24792 comm="syz.2.8522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7ffc0000 [ 356.391330][ T29] audit: type=1326 audit(1748912620.509:7083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24792 comm="syz.2.8522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7ffc0000 [ 356.393670][T24795] serio: Serial port ptm0 [ 356.415066][ T29] audit: type=1326 audit(1748912620.509:7084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24792 comm="syz.2.8522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f3ec43ae969 code=0x7ffc0000 [ 356.443076][ T29] audit: type=1326 audit(1748912620.509:7085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24792 comm="syz.2.8522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7ffc0000 [ 356.466751][ T29] audit: type=1326 audit(1748912620.509:7086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24792 comm="syz.2.8522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f3ec43ae969 code=0x7ffc0000 [ 356.490500][ T29] audit: type=1326 audit(1748912620.509:7087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24792 comm="syz.2.8522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7ffc0000 [ 356.543009][ T29] audit: type=1400 audit(1748912620.599:7088): avc: denied { bind } for pid=24798 comm="syz.1.8524" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 356.562783][ T29] audit: type=1400 audit(1748912620.689:7089): avc: denied { ioctl } for pid=24806 comm="syz.6.8528" path="socket:[77123]" dev="sockfs" ino=77123 ioctlcmd=0x7453 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 356.604824][ T29] audit: type=1400 audit(1748912620.739:7090): avc: denied { setopt } for pid=24808 comm="syz.7.8530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 356.683349][ T29] audit: type=1400 audit(1748912620.819:7091): avc: denied { write } for pid=24818 comm="syz.6.8534" name="packet" dev="proc" ino=4026533716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 356.849701][T24832] ipvlan0: entered promiscuous mode [ 356.863308][T24832] ipvlan0: left promiscuous mode [ 357.044741][T24843] ipvlan2: entered promiscuous mode [ 357.057256][T24843] bridge0: port 3(ipvlan2) entered blocking state [ 357.063937][T24843] bridge0: port 3(ipvlan2) entered disabled state [ 357.071088][T24843] ipvlan2: entered allmulticast mode [ 357.076507][T24843] bridge0: entered allmulticast mode [ 357.087368][T24843] ipvlan2: left allmulticast mode [ 357.092497][T24843] bridge0: left allmulticast mode [ 357.264611][T24858] bond1: entered promiscuous mode [ 357.269889][T24858] bond1: entered allmulticast mode [ 357.281380][T24858] 8021q: adding VLAN 0 to HW filter on device bond1 [ 357.321093][T24858] bond1 (unregistering): Released all slaves [ 357.483719][ T3394] IPVS: starting estimator thread 0... [ 357.528950][T24893] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2 [ 357.587936][T24883] IPVS: using max 1824 ests per chain, 91200 per kthread [ 357.599613][T24900] SELinux: syz.6.8571 (24900) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 357.689329][T24921] vxcan1: entered allmulticast mode [ 357.699028][T24921] pim6reg: entered allmulticast mode [ 357.735250][T24926] SELinux: policydb version 0 does not match my version range 15-34 [ 357.747446][T24926] SELinux: failed to load policy [ 357.892362][T24949] loop1: detected capacity change from 0 to 512 [ 357.900849][T24949] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 357.912107][T24950] SELinux: syz.2.8594 (24950) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 357.935757][T24949] EXT4-fs (loop1): 1 truncate cleaned up [ 357.943445][T24949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 358.035328][T24068] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.088448][T24980] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 358.186397][T24997] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 358.195925][T24997] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 358.298424][T25014] __nla_validate_parse: 1 callbacks suppressed [ 358.298442][T25014] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8623'. [ 358.314281][T25014] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8623'. [ 358.473462][T25031] loop6: detected capacity change from 0 to 1024 [ 358.487297][T25031] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 358.511044][T23952] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.540757][T25037] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8633'. [ 358.550246][T25037] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8633'. [ 358.607707][T24997] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 358.619878][T25043] loop0: detected capacity change from 0 to 4096 [ 358.626655][T24997] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 358.638012][T25043] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 358.664790][T24044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.724053][T25055] veth1_to_bond: entered allmulticast mode [ 358.730717][T25055] veth1_to_bond: left allmulticast mode [ 358.765749][T25059] loop0: detected capacity change from 0 to 2048 [ 358.778686][T25059] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 358.793712][T25059] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.8643: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 358.826062][T24044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.907463][T25075] netlink: 'syz.0.8649': attribute type 13 has an invalid length. [ 358.940170][T25075] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 359.002929][T25082] loop0: detected capacity change from 0 to 512 [ 359.011667][T25082] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.8652: corrupted in-inode xattr: invalid ea_ino [ 359.026106][T25082] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.8652: couldn't read orphan inode 15 (err -117) [ 359.038920][T25082] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.057467][T25085] netlink: 'syz.6.8654': attribute type 10 has an invalid length. [ 359.082511][T25085] team0: Device hsr_slave_0 failed to register rx_handler [ 359.160631][T25093] hub 9-0:1.0: USB hub found [ 359.166436][T25093] hub 9-0:1.0: 8 ports detected [ 359.193143][T24044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.254112][T25106] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8662'. [ 359.267866][T25108] loop1: detected capacity change from 0 to 1024 [ 359.293899][T25108] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 359.312984][T25108] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #19: comm syz.1.8664: missing EA_INODE flag [ 359.326551][T25108] EXT4-fs (loop1): Remounting filesystem read-only [ 359.333135][T25108] EXT4-fs warning (device loop1): ext4_xattr_block_set:2190: inode #20: comm syz.1.8664: dec ref error=-30 [ 359.377160][T24068] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.417260][T25130] loop0: detected capacity change from 0 to 512 [ 359.458196][T25130] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 359.467799][T25130] EXT4-fs (loop0): orphan cleanup on readonly fs [ 359.475292][T25139] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8677'. [ 359.488222][T25142] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8678'. [ 359.488665][T25139] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8677'. [ 359.511412][T25130] EXT4-fs error (device loop0): ext4_quota_enable:7124: inode #15: comm syz.0.8674: iget: bad i_size value: 360287970189639690 [ 359.539407][T25130] EXT4-fs error (device loop0): ext4_quota_enable:7127: comm syz.0.8674: Bad quota inode: 15, type: 2 [ 359.551840][T25130] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=15). Please run e2fsck to fix. [ 359.583375][T25130] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 359.590833][T25130] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 359.619964][T24044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.632371][T25158] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8686'. [ 359.641496][T25158] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8686'. [ 359.690838][T25165] loop0: detected capacity change from 0 to 512 [ 359.710881][T25165] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.724249][T25165] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 359.744186][T25171] Falling back ldisc for ptm0. [ 359.778968][T25165] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 359.785985][T25176] loop2: detected capacity change from 0 to 4096 [ 359.801464][T25176] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.829710][T24044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.857981][T24012] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.888238][T25188] loop2: detected capacity change from 0 to 512 [ 359.897558][T25188] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 359.906021][T25188] EXT4-fs (loop2): orphan cleanup on readonly fs [ 359.909713][T25191] veth1_to_bond: entered allmulticast mode [ 359.912758][T25188] EXT4-fs error (device loop2): ext4_quota_enable:7124: inode #15: comm syz.2.8696: iget: bad i_size value: 360287970189639690 [ 359.921125][T25191] veth1_to_bond: left allmulticast mode [ 359.932946][T25188] EXT4-fs error (device loop2): ext4_quota_enable:7127: comm syz.2.8696: Bad quota inode: 15, type: 2 [ 359.949526][T25188] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=15). Please run e2fsck to fix. [ 359.965406][T25188] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 359.973960][T25188] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 360.006723][T25194] loop0: detected capacity change from 0 to 256 [ 360.015489][T24012] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.015726][T25194] FAT-fs (loop0): bogus number of FAT sectors [ 360.030783][T25194] FAT-fs (loop0): Can't find a valid FAT filesystem [ 360.129995][T25206] Falling back ldisc for ptm0. [ 360.170546][T25208] loop1: detected capacity change from 0 to 2048 [ 360.192891][T25212] loop6: detected capacity change from 0 to 4096 [ 360.202597][T25212] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 360.217929][T25208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 360.239954][T25208] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.8705: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 360.282323][T23952] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.296074][T24068] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.313047][T25225] loop6: detected capacity change from 0 to 512 [ 360.321109][T25225] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 360.329900][T25225] EXT4-fs (loop6): orphan cleanup on readonly fs [ 360.345269][T25225] EXT4-fs error (device loop6): ext4_quota_enable:7124: inode #15: comm syz.6.8711: iget: bad i_size value: 360287970189639690 [ 360.361049][T25229] veth1_to_bond: entered allmulticast mode [ 360.368048][T25229] veth1_to_bond: left allmulticast mode [ 360.375419][T25225] EXT4-fs error (device loop6): ext4_quota_enable:7127: comm syz.6.8711: Bad quota inode: 15, type: 2 [ 360.392998][T25225] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=15). Please run e2fsck to fix. [ 360.412167][T25225] EXT4-fs (loop6): Cannot turn on quotas: error -117 [ 360.426094][T25225] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 360.464525][T25239] Falling back ldisc for ptm0. [ 360.484843][T23952] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.509969][T25244] netlink: 'syz.1.8730': attribute type 13 has an invalid length. [ 360.535070][T25248] hub 9-0:1.0: USB hub found [ 360.540617][T25248] hub 9-0:1.0: 8 ports detected [ 360.562630][T25244] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 360.627214][T25256] loop6: detected capacity change from 0 to 2048 [ 360.653499][T25256] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 360.699079][T25264] loop0: detected capacity change from 0 to 1024 [ 360.707056][T25256] EXT4-fs error (device loop6): ext4_find_extent:939: inode #2: comm syz.6.8724: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 360.732082][T25264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 360.760171][T24044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.771655][T23952] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.782364][T25272] netlink: 'syz.7.8732': attribute type 10 has an invalid length. [ 360.802473][T25272] team0: Device hsr_slave_0 failed to register rx_handler [ 360.833064][T25278] Falling back ldisc for ptm0. [ 361.055309][T25299] netlink: 'syz.6.8742': attribute type 13 has an invalid length. [ 361.153999][T25299] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 361.354701][T25336] SELinux: syz.6.8763 (25336) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 361.415444][T25342] loop2: detected capacity change from 0 to 512 [ 361.428515][T25342] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 361.442154][T25342] EXT4-fs (loop2): 1 truncate cleaned up [ 361.448563][T25342] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 361.474584][T25350] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 361.497799][ T29] kauditd_printk_skb: 135 callbacks suppressed [ 361.497902][ T29] audit: type=1326 audit(1748912625.649:7227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25347 comm="syz.7.8766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff371fee969 code=0x7ffc0000 [ 361.531464][ T29] audit: type=1326 audit(1748912625.649:7228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25347 comm="syz.7.8766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff371fee969 code=0x7ffc0000 [ 361.555312][ T29] audit: type=1326 audit(1748912625.649:7229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25347 comm="syz.7.8766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff371fee969 code=0x7ffc0000 [ 361.585347][ T29] audit: type=1326 audit(1748912625.729:7230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25347 comm="syz.7.8766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff371fee969 code=0x7ffc0000 [ 361.609680][ T29] audit: type=1326 audit(1748912625.759:7231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25347 comm="syz.7.8766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff371fee969 code=0x7ffc0000 [ 361.648511][ T29] audit: type=1326 audit(1748912625.799:7232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25347 comm="syz.7.8766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff371fee969 code=0x7ffc0000 [ 361.698993][ T29] audit: type=1326 audit(1748912625.849:7233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25347 comm="syz.7.8766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff371fee969 code=0x7ffc0000 [ 361.722793][ T29] audit: type=1326 audit(1748912625.849:7234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25347 comm="syz.7.8766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff371fee969 code=0x7ffc0000 [ 361.746425][ T29] audit: type=1326 audit(1748912625.849:7235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25347 comm="syz.7.8766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff371fee969 code=0x7ffc0000 [ 361.770053][ T29] audit: type=1326 audit(1748912625.849:7236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25347 comm="syz.7.8766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff371fee969 code=0x7ffc0000 [ 361.816135][T24012] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.898674][T25376] SELinux: syz.1.8780 (25376) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 361.921541][T25384] SELinux: syz.2.8785 (25384) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 362.024675][ T3394] IPVS: starting estimator thread 0... [ 362.138001][T25399] IPVS: using max 2160 ests per chain, 108000 per kthread [ 362.401578][ T1039] IPVS: starting estimator thread 0... [ 362.434470][T25470] ipvlan2: entered promiscuous mode [ 362.449483][T25470] bridge0: port 3(ipvlan2) entered blocking state [ 362.456146][T25470] bridge0: port 3(ipvlan2) entered disabled state [ 362.463427][T25470] ipvlan2: entered allmulticast mode [ 362.468779][T25470] bridge0: entered allmulticast mode [ 362.478055][T25470] ipvlan2: left allmulticast mode [ 362.483191][T25470] bridge0: left allmulticast mode [ 362.505643][T25469] IPVS: using max 1824 ests per chain, 91200 per kthread [ 362.516378][T25479] ipvlan0: entered promiscuous mode [ 362.522221][T25479] ipvlan0: left promiscuous mode [ 362.812967][T25510] bridge0: entered promiscuous mode [ 362.838078][T25510] bridge0: port 3(macvlan2) entered blocking state [ 362.844739][T25510] bridge0: port 3(macvlan2) entered disabled state [ 362.856584][T25510] macvlan2: entered allmulticast mode [ 362.862343][T25510] bridge0: entered allmulticast mode [ 362.875924][T25510] macvlan2: left allmulticast mode [ 362.881208][T25510] bridge0: left allmulticast mode [ 362.890237][T25510] bridge0: left promiscuous mode [ 363.021218][T25540] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 363.052203][T25540] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 363.090152][T25552] bridge0: entered promiscuous mode [ 363.099869][T25552] bridge0: port 3(macvlan2) entered blocking state [ 363.106773][T25552] bridge0: port 3(macvlan2) entered disabled state [ 363.113971][T25552] macvlan2: entered allmulticast mode [ 363.119556][T25552] bridge0: entered allmulticast mode [ 363.125718][T25552] macvlan2: left allmulticast mode [ 363.130984][T25552] bridge0: left allmulticast mode [ 363.139151][T25552] bridge0: left promiscuous mode [ 363.226820][T25571] netlink: 'syz.2.8883': attribute type 10 has an invalid length. [ 363.245457][T25571] team0: Device veth0_macvtap failed to register rx_handler [ 363.314048][T25584] __nla_validate_parse: 6 callbacks suppressed [ 363.314064][T25584] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8877'. [ 363.329344][T25584] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8877'. [ 363.561277][T25614] netlink: 'syz.7.8891': attribute type 10 has an invalid length. [ 363.572395][T25614] team0: Device veth0_macvtap failed to register rx_handler [ 363.630421][T25623] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8894'. [ 363.639487][T25623] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8894'. [ 363.681711][T25626] netdevsim netdevsim7: loading /lib/firmware/. failed with error -22 [ 363.690006][T25626] netdevsim netdevsim7: Direct firmware load for . failed with error -22 [ 364.579922][T25668] loop6: detected capacity change from 0 to 512 [ 364.599805][T25668] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 364.621671][T25668] EXT4-fs (loop6): 1 truncate cleaned up [ 364.636073][T25677] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8919'. [ 364.636195][T25668] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 364.659048][T25677] ipvlan0: entered promiscuous mode [ 364.665615][T25677] ipvlan0: left promiscuous mode [ 364.697825][T25680] loop0: detected capacity change from 0 to 512 [ 364.720496][T25680] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 364.735796][T25680] ext4 filesystem being mounted at /132/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 364.761223][T23952] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.938232][T24044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.186631][T25723] sch_tbf: burst 3092 is lower than device lo mtu (65550) ! [ 365.231939][T25725] vxcan1: entered allmulticast mode [ 365.254672][T25725] pim6reg: entered allmulticast mode [ 365.355140][T25732] loop1: detected capacity change from 0 to 512 [ 365.362211][T25732] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 365.377464][T25732] EXT4-fs (loop1): 1 truncate cleaned up [ 365.383578][T25732] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 365.474398][T24068] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.527526][T25747] bridge0: entered promiscuous mode [ 365.547894][T25747] bridge0: port 3(macvlan2) entered blocking state [ 365.554541][T25747] bridge0: port 3(macvlan2) entered disabled state [ 365.562109][T25747] macvlan2: entered allmulticast mode [ 365.567589][T25747] bridge0: entered allmulticast mode [ 365.577964][T25747] macvlan2: left allmulticast mode [ 365.583152][T25747] bridge0: left allmulticast mode [ 365.599423][T25747] bridge0: left promiscuous mode [ 365.612565][T25751] netdevsim netdevsim7: Direct firmware load for ./file0 failed with error -2 [ 365.934956][T25785] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 365.971297][T25788] loop6: detected capacity change from 0 to 512 [ 365.989202][T25788] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 366.004975][T25788] ext4 filesystem being mounted at /174/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 366.081175][T23952] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 366.196043][T25817] netdevsim netdevsim6: Direct firmware load for ./file0 failed with error -2 [ 366.305851][T25829] loop0: detected capacity change from 0 to 512 [ 366.313013][T25829] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 366.324842][T25829] EXT4-fs (loop0): 1 truncate cleaned up [ 366.331315][T25829] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 366.402497][T24044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 366.640130][ T29] kauditd_printk_skb: 64 callbacks suppressed [ 366.640147][ T29] audit: type=1400 audit(1748912630.789:7301): avc: denied { read append } for pid=25836 comm="syz.0.8993" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 366.656248][T25837] loop9: detected capacity change from 0 to 7 [ 366.670548][ T29] audit: type=1400 audit(1748912630.789:7302): avc: denied { open } for pid=25836 comm="syz.0.8993" path="/dev/loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 366.673312][ T29] audit: type=1400 audit(1748912630.809:7303): avc: denied { ioctl } for pid=25836 comm="syz.0.8993" path="/dev/loop9" dev="devtmpfs" ino=109 ioctlcmd=0x4c0a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 366.701426][T25837] Buffer I/O error on dev loop9, logical block 0, async page read [ 366.734786][T25837] Buffer I/O error on dev loop9, logical block 0, async page read [ 366.742929][T25837] loop9: unable to read partition table [ 366.749526][T25837] loop_reread_partitions: partition scan of loop9 (被ڬdƤݡ [ 366.749526][T25837] U) failed (rc=-5) [ 366.754888][T25838] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8983'. [ 366.779612][T25838] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8983'. [ 366.816104][T25841] loop6: detected capacity change from 0 to 512 [ 366.827994][T25841] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 366.840137][T25841] EXT4-fs (loop6): 1 truncate cleaned up [ 366.847691][T25841] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 366.963341][T23952] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.198385][T25878] loop9: detected capacity change from 0 to 7 [ 367.198724][T25876] bridge0: entered promiscuous mode [ 367.204944][T25878] Buffer I/O error on dev loop9, logical block 0, async page read [ 367.211643][T25876] bridge0: port 3(macvlan2) entered blocking state [ 367.224455][T25876] bridge0: port 3(macvlan2) entered disabled state [ 367.231365][T25876] macvlan2: entered allmulticast mode [ 367.232320][T25878] Buffer I/O error on dev loop9, logical block 0, async page read [ 367.236989][T25876] bridge0: entered allmulticast mode [ 367.250324][T25878] loop9: unable to read partition table [ 367.256061][T25878] loop_reread_partitions: partition scan of loop9 (被ڬdƤݡ [ 367.256061][T25878] U) failed (rc=-5) [ 367.256395][T25876] macvlan2: left allmulticast mode [ 367.275325][T25876] bridge0: left allmulticast mode [ 367.280919][T25876] bridge0: left promiscuous mode [ 367.315493][T25880] loop2: detected capacity change from 0 to 1024 [ 367.339128][T25880] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.368230][T24012] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.401424][T25887] netlink: 'syz.0.9015': attribute type 10 has an invalid length. [ 367.412706][T25887] team0: Device hsr_slave_0 failed to register rx_handler [ 367.501314][T25894] loop0: detected capacity change from 0 to 1024 [ 367.518021][T25894] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.539270][T25894] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #19: comm syz.0.9017: missing EA_INODE flag [ 367.551323][T25894] EXT4-fs (loop0): Remounting filesystem read-only [ 367.560445][T25894] EXT4-fs warning (device loop0): ext4_xattr_block_set:2190: inode #20: comm syz.0.9017: dec ref error=-30 [ 367.562054][ T29] audit: type=1326 audit(1748912631.709:7304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25897 comm="syz.2.9006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7ffc0000 [ 367.595600][ T29] audit: type=1326 audit(1748912631.709:7305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25897 comm="syz.2.9006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f3ec43ae969 code=0x7ffc0000 [ 367.619404][ T29] audit: type=1326 audit(1748912631.709:7306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25897 comm="syz.2.9006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7ffc0000 [ 367.661365][T24044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.674032][T25903] loop1: detected capacity change from 0 to 256 [ 367.681461][T25903] FAT-fs (loop1): bogus number of FAT sectors [ 367.687625][T25903] FAT-fs (loop1): Can't find a valid FAT filesystem [ 367.762148][T25910] hub 9-0:1.0: USB hub found [ 367.772111][T25910] hub 9-0:1.0: 8 ports detected [ 367.848550][T25921] loop1: detected capacity change from 0 to 512 [ 367.890882][T25921] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 367.916240][T25921] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 367.944542][T25921] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 367.978502][T24068] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.005061][T25934] loop1: detected capacity change from 0 to 512 [ 368.020042][T25934] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.9023: corrupted in-inode xattr: invalid ea_ino [ 368.052558][T25934] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.9023: couldn't read orphan inode 15 (err -117) [ 368.066014][T25934] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 368.083842][T25939] loop2: detected capacity change from 0 to 1024 [ 368.087931][T25941] loop0: detected capacity change from 0 to 256 [ 368.118307][T25939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 368.146765][T25939] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #19: comm syz.2.9025: missing EA_INODE flag [ 368.159120][T25939] EXT4-fs (loop2): Remounting filesystem read-only [ 368.166389][T25939] EXT4-fs warning (device loop2): ext4_xattr_block_set:2190: inode #20: comm syz.2.9025: dec ref error=-30 [ 368.178841][T25947] loop0: detected capacity change from 0 to 2048 [ 368.199119][T25947] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 368.212257][T25947] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 368.212340][T24012] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.236138][ T29] audit: type=1400 audit(1748912632.389:7307): avc: denied { setattr } for pid=25946 comm="syz.0.9028" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 368.258296][T25947] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.9028: bg 0: block 345: padding at end of block bitmap is not set [ 368.289048][T25951] hub 9-0:1.0: USB hub found [ 368.293834][T25951] hub 9-0:1.0: 8 ports detected [ 368.300017][T24068] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.309517][T24044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.340366][T25955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9041'. [ 368.349399][T25955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9041'. [ 368.599211][T25961] loop2: detected capacity change from 0 to 2048 [ 368.627475][T25961] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 368.639710][T25961] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 368.655822][T25961] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.9043: bg 0: block 345: padding at end of block bitmap is not set [ 368.681224][T24012] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.193781][T25972] loop6: detected capacity change from 0 to 256 [ 369.203329][T25972] FAT-fs (loop6): bogus number of FAT sectors [ 369.209604][T25972] FAT-fs (loop6): Can't find a valid FAT filesystem [ 369.267355][ T29] audit: type=1400 audit(1748912633.409:7308): avc: denied { remount } for pid=25977 comm="syz.7.9038" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 369.308202][T25980] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 369.308368][ T3391] IPVS: starting estimator thread 0... [ 369.366135][T25992] loop2: detected capacity change from 0 to 256 [ 369.404391][ T29] audit: type=1400 audit(1748912633.549:7309): avc: denied { mount } for pid=25996 comm="syz.2.9048" name="/" dev="ramfs" ino=80604 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 369.405690][T25986] IPVS: using max 1968 ests per chain, 98400 per kthread [ 369.553435][T26009] loop2: detected capacity change from 0 to 512 [ 369.576376][T26009] ext4 filesystem being mounted at /163/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 369.598617][T26009] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 369.628856][ T29] audit: type=1326 audit(1748912633.779:7310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26021 comm="syz.7.9057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff371fee969 code=0x7ffc0000 [ 369.656536][T26022] sd 0:0:1:0: device reset [ 369.693427][T26028] loop6: detected capacity change from 0 to 256 [ 369.717995][T26030] netlink: 20 bytes leftover after parsing attributes in process `syz.7.9063'. [ 369.728056][T26030] netlink: 20 bytes leftover after parsing attributes in process `syz.7.9063'. [ 369.738893][T26032] loop6: detected capacity change from 0 to 2048 [ 369.759630][T26032] ext4 filesystem being mounted at /191/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 369.781830][T26032] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.9061: bg 0: block 345: padding at end of block bitmap is not set [ 369.901849][T26050] netlink: 96 bytes leftover after parsing attributes in process `syz.7.9069'. [ 369.911527][T26052] serio: Serial port ptm0 [ 369.994980][T26059] loop6: detected capacity change from 0 to 512 [ 370.029296][T26059] ext4 filesystem being mounted at /195/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 370.053688][T26065] loop2: detected capacity change from 0 to 256 [ 370.082788][T26059] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 370.099701][T26065] FAT-fs (loop2): bogus number of FAT sectors [ 370.105989][T26065] FAT-fs (loop2): Can't find a valid FAT filesystem [ 370.188853][T26073] openvswitch: netlink: Message has 6 unknown bytes. [ 370.420962][T26091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 370.444601][T26091] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 370.488065][T26096] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 370.596977][T26109] loop6: detected capacity change from 0 to 512 [ 370.628563][T26109] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 370.661064][T26109] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 370.876989][T26091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 370.896754][T26091] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 371.088631][T26139] netlink: 96 bytes leftover after parsing attributes in process `syz.6.9108'. [ 371.637236][T26175] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 371.658787][T26177] tipc: Started in network mode [ 371.663709][T26177] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 371.671357][T26177] tipc: Enabled bearer , priority 10 [ 371.689408][T26175] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 371.735630][ T29] kauditd_printk_skb: 82 callbacks suppressed [ 371.735651][ T29] audit: type=1326 audit(1748912635.879:7393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26178 comm="syz.6.9127" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f92d2b7e969 code=0x0 [ 371.983513][T26201] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 371.983513][T26201] program syz.1.9137 not setting count and/or reply_len properly [ 372.017125][ T29] audit: type=1326 audit(1748912636.099:7394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26198 comm="syz.1.9136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7968ce969 code=0x7ffc0000 [ 372.040818][ T29] audit: type=1326 audit(1748912636.099:7395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26198 comm="syz.1.9136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7ff7968ce969 code=0x7ffc0000 [ 372.064776][ T29] audit: type=1326 audit(1748912636.099:7396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26198 comm="syz.1.9136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7968ce969 code=0x7ffc0000 [ 372.088681][ T29] audit: type=1400 audit(1748912636.129:7397): avc: denied { write } for pid=26200 comm="syz.1.9137" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 372.167160][ T29] audit: type=1400 audit(1748912636.319:7398): avc: denied { read write } for pid=26194 comm="syz.0.9134" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 372.194781][ T3390] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0 [ 372.228347][ T29] audit: type=1400 audit(1748912636.319:7399): avc: denied { open } for pid=26194 comm="syz.0.9134" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 372.239167][ T3390] hid-generic 0000:0000:0000.0013: hidraw0: HID v0.00 Device [syz1] on syz0 [ 372.252114][ T29] audit: type=1400 audit(1748912636.369:7400): avc: denied { block_suspend } for pid=26194 comm="syz.0.9134" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 372.382486][ T29] audit: type=1400 audit(1748912636.449:7401): avc: denied { mount } for pid=26204 comm="syz.1.9139" name="/" dev="configfs" ino=286 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 372.405311][ T29] audit: type=1400 audit(1748912636.449:7402): avc: denied { search } for pid=26204 comm="syz.1.9139" name="/" dev="configfs" ino=286 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 372.546302][T26229] netlink: 43 bytes leftover after parsing attributes in process `syz.6.9149'. [ 372.574459][T26231] x_tables: ip_tables: bpf.1 match: invalid size 528 (kernel) != (user) 536 [ 372.665174][T26241] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9151'. [ 372.696335][T26245] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9155'. [ 372.727536][T26245] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9155'. [ 372.785632][ T3391] tipc: Node number set to 15444650 [ 372.817176][T26255] loop6: detected capacity change from 0 to 512 [ 372.849562][T26255] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 372.888143][T26255] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 373.002446][T26282] loop1: detected capacity change from 0 to 512 [ 373.019767][T26282] EXT4-fs (loop1): too many log groups per flexible block group [ 373.027546][T26282] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 373.037742][T26282] EXT4-fs (loop1): mount failed [ 373.053002][T26288] 8021q: adding VLAN 0 to HW filter on device bond1 [ 373.068086][T26288] 8021q: adding VLAN 0 to HW filter on device bond1 [ 373.086235][T26288] bond1: (slave ip6tnl1): The slave device specified does not support setting the MAC address [ 373.097984][T26288] bond1: (slave ip6tnl1): Error -95 calling set_mac_address [ 373.123189][T26296] vlan2: entered allmulticast mode [ 373.192930][T26311] loop2: detected capacity change from 0 to 512 [ 373.243972][T26311] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 373.298935][T26332] loop6: detected capacity change from 0 to 512 [ 373.307473][T26332] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended [ 373.317967][T26332] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 373.327198][T26332] System zones: 0-2, 18-18, 34-35 [ 373.357657][T26332] __nla_validate_parse: 6 callbacks suppressed [ 373.357678][T26332] netlink: 24 bytes leftover after parsing attributes in process `syz.6.9195'. [ 373.416950][T26346] loop0: detected capacity change from 0 to 1024 [ 373.423516][T26349] loop2: detected capacity change from 0 to 1024 [ 373.442031][T26349] ext4 filesystem being mounted at /195/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 373.459898][T26349] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 373.489176][ T3915] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 86 with error 28 [ 373.502006][ T3915] EXT4-fs (loop2): This should not happen!! Data will be lost [ 373.502006][ T3915] [ 373.511767][ T3915] EXT4-fs (loop2): Total free blocks count 0 [ 373.517805][ T3915] EXT4-fs (loop2): Free/Dirty block details [ 373.523764][ T3915] EXT4-fs (loop2): free_blocks=4293918720 [ 373.529613][ T3915] EXT4-fs (loop2): dirty_blocks=96 [ 373.534940][ T3915] EXT4-fs (loop2): Block reservation details [ 373.540972][ T3915] EXT4-fs (loop2): i_reserved_data_blocks=6 [ 373.627723][T26361] SELinux: failed to load policy [ 373.728830][T26375] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9212'. [ 374.050385][T26404] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 374.130415][T26410] xt_hashlimit: max too large, truncated to 1048576 [ 374.138455][T26409] loop2: detected capacity change from 0 to 1024 [ 374.145467][T26409] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 374.156584][T26409] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 374.173958][T26412] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9228'. [ 374.174517][T26409] JBD2: no valid journal superblock found [ 374.188926][T26409] EXT4-fs (loop2): Could not load journal inode [ 374.237696][T26409] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 374.287410][T26425] loop1: detected capacity change from 0 to 512 [ 374.294122][T26425] EXT4-fs: Ignoring removed mblk_io_submit option [ 374.301326][T26425] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 374.326839][T26425] EXT4-fs (loop1): 1 truncate cleaned up [ 374.361497][T26435] ALSA: seq fatal error: cannot create timer (-19) [ 374.633894][T26453] loop6: detected capacity change from 0 to 128 [ 374.667247][T26455] vhci_hcd: invalid port number 236 [ 374.672592][T26455] vhci_hcd: invalid port number 236 [ 374.681925][T26457] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9248'. [ 374.691067][T26457] netlink: 108 bytes leftover after parsing attributes in process `syz.6.9248'. [ 374.705506][T26457] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9248'. [ 374.716082][T26457] netlink: 108 bytes leftover after parsing attributes in process `syz.6.9248'. [ 374.725231][T26457] netlink: 84 bytes leftover after parsing attributes in process `syz.6.9248'. [ 374.850482][T26472] loop6: detected capacity change from 0 to 128 [ 374.862392][T26474] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.030471][T26474] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.079868][T26474] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.139536][T26474] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.179214][ T3394] Process accounting resumed [ 375.199676][T26496] loop0: detected capacity change from 0 to 1024 [ 375.207594][T26496] EXT4-fs: Ignoring removed orlov option [ 375.219759][T26474] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.231782][T26474] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.243530][T26474] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.257216][T26474] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.288066][T26506] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 375.370880][T26515] loop9: detected capacity change from 0 to 7 [ 375.378071][T26515] Buffer I/O error on dev loop9, logical block 0, async page read [ 375.386024][T26515] Buffer I/O error on dev loop9, logical block 0, async page read [ 375.394905][T26515] loop9: unable to read partition table [ 375.404492][T26515] loop_reread_partitions: partition scan of loop9 (被ڬdƤݡ [ 375.404492][T26515] U) failed (rc=-5) [ 376.082126][T26553] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9290'. [ 376.091295][T26553] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9290'. [ 376.287108][ T3394] Process accounting resumed [ 376.348138][T26571] loop0: detected capacity change from 0 to 128 [ 376.390124][T26573] vhci_hcd: invalid port number 236 [ 376.395412][T26573] vhci_hcd: invalid port number 236 [ 376.412371][T26577] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 376.423386][T26576] vlan2: entered allmulticast mode [ 376.830060][ T29] kauditd_printk_skb: 139 callbacks suppressed [ 376.830077][ T29] audit: type=1326 audit(1748913153.977:7542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26545 comm="syz.2.9288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7fc00000 [ 376.860262][ T29] audit: type=1326 audit(1748913153.977:7543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26545 comm="syz.2.9288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f3ec43ae969 code=0x7fc00000 [ 376.883930][ T29] audit: type=1326 audit(1748913153.977:7544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26545 comm="syz.2.9288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7fc00000 [ 376.907582][ T29] audit: type=1326 audit(1748913153.977:7545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26545 comm="syz.2.9288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7fc00000 [ 376.913269][T26606] loop0: detected capacity change from 0 to 1024 [ 376.932245][ T29] audit: type=1326 audit(1748913153.977:7546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26545 comm="syz.2.9288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7fc00000 [ 376.962404][ T29] audit: type=1326 audit(1748913153.977:7547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26545 comm="syz.2.9288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7fc00000 [ 376.986210][ T29] audit: type=1326 audit(1748913153.977:7548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26545 comm="syz.2.9288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7fc00000 [ 377.010265][ T29] audit: type=1326 audit(1748913153.977:7549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26545 comm="syz.2.9288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7fc00000 [ 377.033883][ T29] audit: type=1326 audit(1748913153.977:7550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26545 comm="syz.2.9288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7fc00000 [ 377.057535][ T29] audit: type=1326 audit(1748913153.977:7551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26545 comm="syz.2.9288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec43ae969 code=0x7fc00000 [ 377.095293][T26606] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 377.106325][T26606] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 377.119800][T26607] vhci_hcd: invalid port number 236 [ 377.125302][T26607] vhci_hcd: invalid port number 236 [ 377.134572][T26606] JBD2: no valid journal superblock found [ 377.140377][T26606] EXT4-fs (loop0): Could not load journal inode [ 377.191947][T26606] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 377.298748][T26636] loop9: detected capacity change from 0 to 7 [ 377.305909][T26636] Buffer I/O error on dev loop9, logical block 0, async page read [ 377.313900][T26636] Buffer I/O error on dev loop9, logical block 0, async page read [ 377.322040][T26636] loop9: unable to read partition table [ 377.360604][T26636] loop_reread_partitions: partition scan of loop9 (被ڬdƤݡ [ 377.360604][T26636] U) failed (rc=-5) [ 377.462931][T26647] loop0: detected capacity change from 0 to 1024 [ 377.470083][T26645] vhci_hcd: invalid port number 236 [ 377.475401][T26645] vhci_hcd: invalid port number 236 [ 377.478763][T26647] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 377.543486][T26651] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 377.899390][T26687] loop6: detected capacity change from 0 to 1024 [ 377.907631][T26687] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 377.918598][T26687] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 377.933320][T26687] JBD2: no valid journal superblock found [ 377.939316][T26687] EXT4-fs (loop6): Could not load journal inode [ 377.970977][T26687] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 378.819350][T26767] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 378.853744][T26774] loop1: detected capacity change from 0 to 1024 [ 379.166545][T26767] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 379.286414][T26767] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 379.369568][T26767] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 379.462423][T26767] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.502300][T26767] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.528032][T26767] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.559391][T26767] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.637342][T26810] __nla_validate_parse: 13 callbacks suppressed [ 379.637369][T26810] netlink: 4344 bytes leftover after parsing attributes in process `syz.2.9401'. [ 379.696796][T26810] netlink: 104 bytes leftover after parsing attributes in process `syz.2.9401'. [ 379.757169][T26816] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9405'. [ 379.766167][T26816] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9405'. [ 379.849905][T26829] loop1: detected capacity change from 0 to 1024 [ 379.874695][T26835] SELinux: failed to load policy [ 379.881327][T26829] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 379.899045][T26838] ALSA: seq fatal error: cannot create timer (-19) [ 379.966816][T26846] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.011333][T26851] loop2: detected capacity change from 0 to 1024 [ 380.100221][T26858] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9421'. [ 380.132267][T26846] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.206614][T26846] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.308612][T26846] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.329192][T26868] loop1: detected capacity change from 0 to 1024 [ 380.336604][T26868] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 380.347625][T26868] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 380.362416][T26868] JBD2: no valid journal superblock found [ 380.368251][T26868] EXT4-fs (loop1): Could not load journal inode [ 380.385880][T26846] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.400749][T26846] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.413294][T26846] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.427205][T26846] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.756309][T26884] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9434'. [ 380.785183][T26884] 8021q: adding VLAN 0 to HW filter on device bond1 [ 380.818450][T26884] 8021q: adding VLAN 0 to HW filter on device bond1 [ 380.835811][T26884] bond1: (slave ip6tnl1): The slave device specified does not support setting the MAC address [ 380.847535][T26884] bond1: (slave ip6tnl1): Error -95 calling set_mac_address [ 380.940406][T26896] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9437'. [ 380.968245][T26901] loop1: detected capacity change from 0 to 1024 [ 380.975096][T26901] EXT4-fs: Ignoring removed orlov option [ 380.986498][T26903] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9440'. [ 381.422461][T26901] ================================================================== [ 381.430629][T26901] BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark [ 381.438667][T26901] [ 381.441055][T26901] write to 0xffff8881254e60f4 of 4 bytes by task 26905 on cpu 1: [ 381.448881][T26901] xas_set_mark+0x12b/0x140 [ 381.453451][T26901] tag_pages_for_writeback+0xc2/0x290 [ 381.458984][T26901] ext4_do_writepages+0x697/0x21c0 [ 381.464146][T26901] ext4_writepages+0x176/0x300 [ 381.468976][T26901] do_writepages+0x1c3/0x310 [ 381.473690][T26901] filemap_write_and_wait_range+0x144/0x340 [ 381.479638][T26901] filemap_invalidate_pages+0xa4/0x1a0 [ 381.485132][T26901] kiocb_invalidate_pages+0x6e/0x80 [ 381.490439][T26901] __iomap_dio_rw+0x5d4/0x1250 [ 381.495239][T26901] iomap_dio_rw+0x40/0x90 [ 381.499606][T26901] ext4_file_write_iter+0xad9/0xf00 [ 381.504842][T26901] iter_file_splice_write+0x5f2/0x970 [ 381.510270][T26901] direct_splice_actor+0x153/0x2a0 [ 381.515414][T26901] splice_direct_to_actor+0x30f/0x680 [ 381.520826][T26901] do_splice_direct+0xda/0x150 [ 381.525625][T26901] do_sendfile+0x380/0x650 [ 381.530085][T26901] __x64_sys_sendfile64+0x105/0x150 [ 381.535321][T26901] x64_sys_call+0xb39/0x2fb0 [ 381.539959][T26901] do_syscall_64+0xd2/0x200 [ 381.544517][T26901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.550450][T26901] [ 381.552798][T26901] read to 0xffff8881254e60f4 of 4 bytes by task 26901 on cpu 0: [ 381.560450][T26901] file_write_and_wait_range+0x10e/0x2c0 [ 381.566140][T26901] generic_buffers_fsync_noflush+0x45/0x120 [ 381.572069][T26901] ext4_sync_file+0x1ab/0x690 [ 381.576802][T26901] vfs_fsync_range+0x10d/0x130 [ 381.581626][T26901] ext4_buffered_write_iter+0x34f/0x3c0 [ 381.587224][T26901] ext4_file_write_iter+0xdbf/0xf00 [ 381.592461][T26901] iter_file_splice_write+0x5f2/0x970 [ 381.597878][T26901] direct_splice_actor+0x153/0x2a0 [ 381.603023][T26901] splice_direct_to_actor+0x30f/0x680 [ 381.608421][T26901] do_splice_direct+0xda/0x150 [ 381.613220][T26901] do_sendfile+0x380/0x650 [ 381.617681][T26901] __x64_sys_sendfile64+0x105/0x150 [ 381.622923][T26901] x64_sys_call+0xb39/0x2fb0 [ 381.627564][T26901] do_syscall_64+0xd2/0x200 [ 381.632121][T26901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.638044][T26901] [ 381.640385][T26901] value changed: 0x02000021 -> 0x04000021 [ 381.646116][T26901] [ 381.648461][T26901] Reported by Kernel Concurrency Sanitizer on: [ 381.654639][T26901] CPU: 0 UID: 0 PID: 26901 Comm: syz.1.9438 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) [ 381.666916][T26901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 381.677005][T26901] ================================================================== [ 381.767605][T26901] ================================================================== [ 381.775730][T26901] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark [ 381.782934][T26901] [ 381.785285][T26901] write to 0xffff8881254e60f4 of 4 bytes by task 26905 on cpu 1: [ 381.793031][T26901] xas_set_mark+0x12b/0x140 [ 381.797585][T26901] __folio_start_writeback+0x1dd/0x440 [ 381.803092][T26901] ext4_bio_write_folio+0x5ad/0x9f0 [ 381.808330][T26901] mpage_submit_folio+0xe4/0x170 [ 381.813320][T26901] mpage_process_page_bufs+0x39b/0x4a0 [ 381.818826][T26901] mpage_prepare_extent_to_map+0x741/0xaa0 [ 381.824669][T26901] ext4_do_writepages+0xa1a/0x21c0 [ 381.829823][T26901] ext4_writepages+0x176/0x300 [ 381.834637][T26901] do_writepages+0x1c3/0x310 [ 381.839272][T26901] filemap_write_and_wait_range+0x144/0x340 [ 381.845209][T26901] filemap_invalidate_pages+0xa4/0x1a0 [ 381.850681][T26901] kiocb_invalidate_pages+0x6e/0x80 [ 381.855894][T26901] __iomap_dio_rw+0x5d4/0x1250 [ 381.860755][T26901] iomap_dio_rw+0x40/0x90 [ 381.865096][T26901] ext4_file_write_iter+0xad9/0xf00 [ 381.870404][T26901] iter_file_splice_write+0x5f2/0x970 [ 381.875898][T26901] direct_splice_actor+0x153/0x2a0 [ 381.881034][T26901] splice_direct_to_actor+0x30f/0x680 [ 381.886441][T26901] do_splice_direct+0xda/0x150 [ 381.891224][T26901] do_sendfile+0x380/0x650 [ 381.895662][T26901] __x64_sys_sendfile64+0x105/0x150 [ 381.900879][T26901] x64_sys_call+0xb39/0x2fb0 [ 381.905484][T26901] do_syscall_64+0xd2/0x200 [ 381.910272][T26901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.916301][T26901] [ 381.918643][T26901] read to 0xffff8881254e60f4 of 4 bytes by task 26901 on cpu 0: [ 381.926365][T26901] xas_find_marked+0x5dc/0x620 [ 381.931154][T26901] find_get_entry+0x5d/0x380 [ 381.935754][T26901] filemap_get_folios_tag+0x92/0x210 [ 381.941049][T26901] mpage_prepare_extent_to_map+0x320/0xaa0 [ 381.946892][T26901] ext4_do_writepages+0x6ea/0x21c0 [ 381.952026][T26901] ext4_writepages+0x176/0x300 [ 381.956821][T26901] do_writepages+0x1c3/0x310 [ 381.961436][T26901] file_write_and_wait_range+0x156/0x2c0 [ 381.967093][T26901] generic_buffers_fsync_noflush+0x45/0x120 [ 381.972998][T26901] ext4_sync_file+0x1ab/0x690 [ 381.977701][T26901] vfs_fsync_range+0x10d/0x130 [ 381.982506][T26901] ext4_buffered_write_iter+0x34f/0x3c0 [ 381.988077][T26901] ext4_file_write_iter+0xdbf/0xf00 [ 381.993296][T26901] iter_file_splice_write+0x5f2/0x970 [ 381.998697][T26901] direct_splice_actor+0x153/0x2a0 [ 382.003819][T26901] splice_direct_to_actor+0x30f/0x680 [ 382.009212][T26901] do_splice_direct+0xda/0x150 [ 382.013984][T26901] do_sendfile+0x380/0x650 [ 382.018422][T26901] __x64_sys_sendfile64+0x105/0x150 [ 382.023644][T26901] x64_sys_call+0xb39/0x2fb0 [ 382.028252][T26901] do_syscall_64+0xd2/0x200 [ 382.032958][T26901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.038878][T26901] [ 382.041211][T26901] value changed: 0x0a000021 -> 0x04000021 [ 382.046934][T26901] [ 382.049267][T26901] Reported by Kernel Concurrency Sanitizer on: [ 382.055425][T26901] CPU: 0 UID: 0 PID: 26901 Comm: syz.1.9438 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) [ 382.067591][T26901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 382.077662][T26901] ==================================================================