last executing test programs: 1.13021526s ago: executing program 1 (id=1260): r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x183822, 0x0) r1 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x0, 0x100, 0x0, 0x333}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000280)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) io_uring_enter(r1, 0x47ba, 0xc3c, 0x0, 0x0, 0x0) 1.035474947s ago: executing program 1 (id=1263): perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) syz_io_uring_setup(0x22f, &(0x7f0000000a80)={0x0, 0x6b57, 0x10000, 0x0, 0x108002ce}, &(0x7f0000000000), &(0x7f0000000a00)) 977.055982ms ago: executing program 1 (id=1267): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000020000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0) openat(r2, &(0x7f00000000c0)='./file0\x00', 0x6a1c2, 0x50) faccessat(r2, &(0x7f0000000000)='./file0\x00', 0x5) 954.267394ms ago: executing program 1 (id=1271): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) bind$unix(r2, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000000)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 747.88874ms ago: executing program 0 (id=1283): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000200)='./file0\x00', 0x800090, &(0x7f0000000240)=ANY=[], 0x6, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==") bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100cb3a}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18) creat(&(0x7f00000002c0)='./file0\x00', 0x109) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) 627.70901ms ago: executing program 3 (id=1287): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x0, 0x2, 0x5, 0x6}) fcntl$lock(r0, 0x7, &(0x7f0000000280)={0x1, 0x1, 0x7, 0x10}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') preadv(r1, &(0x7f00000005c0)=[{&(0x7f0000000040)=""/196, 0xc4}], 0x1, 0x8, 0xffffffff) 627.43315ms ago: executing program 0 (id=1288): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000030000008500000043000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x8}, 0x18) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000640)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000380)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0) 627.17982ms ago: executing program 3 (id=1289): r0 = socket$key(0xf, 0x3, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5") sendmsg$key(r0, &(0x7f0000000400)={0x10000000, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYBLOB="020e0080150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff000000000600330000000000000000000000eafffd8000000000000000000000000000aa000000000000000000000000000000000400"], 0xa8}}, 0x2) 620.58341ms ago: executing program 0 (id=1291): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x1000, 0x2, 0x0, 0x0, 0x8000002, 0x0, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x3, 0x0, 0x5, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, 0x9, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4fd, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x7e98263b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0xc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0xd819ac9, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfffeffff, 0x0, 0x0, 0x80000001, 0x0, 0x10, 0x20, 0x4, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x4, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x3, 0x20000040, 0xffffffff, 0x400, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0) 538.958617ms ago: executing program 0 (id=1292): openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) writev(r2, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2) 470.855232ms ago: executing program 0 (id=1295): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0xf5, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a300000000014000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000) 463.627093ms ago: executing program 0 (id=1296): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12) write(r1, &(0x7f0000004200)='t', 0x1) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffff000) 439.709945ms ago: executing program 3 (id=1298): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x1, &(0x7f00000001c0)=0x0) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x0) io_submit(r1, 0x1, &(0x7f0000000380)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x403, r2, 0x0, 0x0, 0x0, 0x0, 0x2}]) rt_sigprocmask(0x0, &(0x7f00000000c0)={[0xfffffeffffffffff]}, 0x0, 0x8) sendmsg$inet(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0) 355.305592ms ago: executing program 2 (id=1301): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x66, &(0x7f00000068c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd6007000000303a00fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0) 342.204233ms ago: executing program 2 (id=1303): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000200)={[{@max_dir_size_kb}, {@usrjquota}]}, 0x1, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003}) unlink(&(0x7f0000000000)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) 341.116883ms ago: executing program 3 (id=1304): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}, 0x1, 0x0, 0x0, 0x810}, 0x40000) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newlink={0x50, 0x10, 0x503, 0x0, 0x700, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @local}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0) 304.071386ms ago: executing program 4 (id=1305): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=@acquire={0x16c, 0x17, 0x1, 0x2, 0x0, {{@in6=@private0}, @in6=@remote, {@in6=@private0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {{@in6=@mcast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, [@tmpl={0x44, 0x5, [{{@in6=@private2, 0x0, 0x3c}, 0x0, @in=@multicast2}]}]}, 0x16c}}, 0x0) 247.59239ms ago: executing program 4 (id=1306): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) getitimer(0x0, &(0x7f0000000040)) 247.205661ms ago: executing program 4 (id=1307): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x18) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000080)={[{@nobh}, {@usrjquota}]}, 0x1, 0x77e, &(0x7f0000000a80)="$eJzs3d9rW1UcAPDvTX/tl7aCoPOpIGhhLLWzbgo+VHwQwcFAn91CmpXZtBlNOtZS0CGCL4KKb/qyZ3/MN1/98ar/hQ/imNoNJz5I5abJmq1Jl25pMs3nA7c9596bnPO9P849yT3cBNC3xtM/mYjDEfFhEjFam59ExFA1NRgxs7nezfW1fDolsbHx+u9JdZ0b62v5aHhN6mAt83hEfP9exJHM9nLLK6vzuWKxsFTLT1YWzk+WV1aPnlvIzRXmCovHp6anj5147sTxzsX650+rh65+9MrTX838/e5jVz74IYmZOFRb1hhHp4zHeG2bDKWb8DYvd7qwHkt6XQHuSXpqDmye5XE4RmOgmgIA/s/ejogNAKDPJK7/ANBn6t8D3Fhfy9en3n4j0V3XXoqIfZvx1+9vbi4ZrN2z21e9D3rgRnLbnZEkIsY6UP54RHz2zZtfpFPs0X1IgGbeuRQRZ8bGt7f/ybYxC7v1zA7Lhmv/x++Yr/2D7vk27f8836z/l7nV/4km/Z+RJufuvai+x/BWftv5v78Dhewg7f+92DC27WZD/DVjA7XcQ9U+31By9lyxkLZtD0fERAyNpPmpHcqYuP7P9VbLGvt/f3z81udp+en/rTUyvw6O3P6a2Vwldz8xN7p2KeKJwWbxJ7f2f9Ki/3uqzTJefeH9T1stS+NP461P2+OP2uikvbFxOeKppvt/a0RbsuP4xMnq4TBZPyia+Prn1vVv3P/plJZf/yzQDen+P7Bz/GNJ43jN8u7L+PHy6Hetlt09/ubH/3DyRjVdbzou5iqVpamI4eS17fOPbb22nq+vn8Y/8WTz83+n4z/9THimzfgHr/725b3Hv7fS+Gd3tf93n7hyc36gVfnt7f/pamqiNqed9q/dCt7PtgMAAAAAAAAAAAAAAAAAAAAAAACAdmUi4lAkmeytdCaTzW7+hvejcSBTLJUrR86Wlhdno/pb2WMxlKk/6nK04XmoU7Xn4dfzx+7IPxsRj0TEJyP7k/pzFGd7HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1B1s8fv/qV9Gel07AGDP7Ot1BQCArnP9B4D+4/oPAP3H9R8A+o/rPwD0H9d/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9tipkyfTaeOv9bV8mp+9sLI8X7pwdLZQns8uLOez+dLS+excqTRXLGTzpYW7vV+xVDo/HYvLFycrhXJlsryyenqhtLxYOX1uITdXOF0Y6kpUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA75ZXV+VyxWFiS2EqkG6atlTd6XtUOJGY68D4DtcPpAQin+4nkwahGhxPNWovhrrZNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8F/wYAAP//hNkgcA==") faccessat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2) 237.947841ms ago: executing program 2 (id=1308): bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1d, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{}, {0x0, 0x4}, {0x10000000, 0x4, 0x10009, 0x5}], 0x10, 0xfffffff4}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002d000b12d25a80648c2594f90124fc60100c022300040000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 138.723679ms ago: executing program 2 (id=1309): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$tipc(r2, &(0x7f0000003a00)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x9}}, 0x10, 0x0}, 0x0) 103.679011ms ago: executing program 4 (id=1310): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e000000000000000000180002801400038010"], 0x44}, 0x1, 0x0, 0x0, 0x20004080}, 0x0) 91.986853ms ago: executing program 3 (id=1311): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pS \x00'}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000640)='/proc/thread-self/attr/current\x00', 0x2, 0x0) write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:cert_t:s0\x00', 0x1c) 91.137473ms ago: executing program 1 (id=1312): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r1}, 0x18) syz_clone(0x500, 0x0, 0x0, 0x0, 0x0, 0x0) 83.164093ms ago: executing program 2 (id=1313): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20) close(r2) 59.220975ms ago: executing program 3 (id=1314): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r1 = socket$inet6(0xa, 0x3, 0x87) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@remote, @in=@multicast1, 0xfffd, 0x0, 0x4e20, 0x0, 0x2}, {0x0, 0x4, 0x1, 0x0, 0x0, 0x9, 0x0, 0x2}, {0x1ff, 0xffffffffe, 0x4053e5, 0x20}, 0x6, 0x1, 0x1, 0x0, 0x1, 0x1}, {{@in6=@rand_addr=' \x01\x00', 0x1, 0x32}, 0xa, @in6=@private0, 0x3502, 0x1, 0x0, 0x0, 0x6, 0xfffffffd}}, 0xe8) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x9df}, 0x1c) recvmmsg(r0, &(0x7f0000002b80)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2, 0x0) 47.048126ms ago: executing program 2 (id=1315): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18) r1 = syz_io_uring_setup(0x1725, &(0x7f0000000100)={0x0, 0x1452, 0x800, 0x80400002, 0x2d4}, &(0x7f0000000300)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_MKDIRAT={0x25, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x84, 0x0, 0x1}) io_uring_enter(r1, 0x8ba, 0x696d, 0x20, 0x0, 0x0) 46.523946ms ago: executing program 4 (id=1316): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) pipe(&(0x7f0000005880)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$security_selinux(r2, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0) 691.27µs ago: executing program 1 (id=1317): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000080)={0x402, 0x3}, 0x8) sendto$inet(r0, &(0x7f0000000100)="ab", 0x34000, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r1, 0xffffffffffffffff, 0x0) 0s ago: executing program 4 (id=1318): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x1c, r3, 0x301, 0x0, 0x25dfdbfe, {{0x5}, {@void, @val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4004015}, 0x20000000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.42' (ED25519) to the list of known hosts. [ 30.501302][ T29] audit: type=1400 audit(1754818902.532:62): avc: denied { mounton } for pid=3290 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 30.502428][ T3290] cgroup: Unknown subsys name 'net' [ 30.524112][ T29] audit: type=1400 audit(1754818902.532:63): avc: denied { mount } for pid=3290 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 30.551472][ T29] audit: type=1400 audit(1754818902.562:64): avc: denied { unmount } for pid=3290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 30.706857][ T3290] cgroup: Unknown subsys name 'cpuset' [ 30.713138][ T3290] cgroup: Unknown subsys name 'rlimit' [ 30.904053][ T29] audit: type=1400 audit(1754818902.932:65): avc: denied { setattr } for pid=3290 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 30.927356][ T29] audit: type=1400 audit(1754818902.932:66): avc: denied { create } for pid=3290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 30.947819][ T29] audit: type=1400 audit(1754818902.932:67): avc: denied { write } for pid=3290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 30.968144][ T29] audit: type=1400 audit(1754818902.932:68): avc: denied { read } for pid=3290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 30.988391][ T29] audit: type=1400 audit(1754818902.952:69): avc: denied { mounton } for pid=3290 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 30.993977][ T3294] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 31.013179][ T29] audit: type=1400 audit(1754818902.952:70): avc: denied { mount } for pid=3290 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 31.044995][ T29] audit: type=1400 audit(1754818903.052:71): avc: denied { relabelto } for pid=3294 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 31.051047][ T3290] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 32.604987][ T3300] chnl_net:caif_netlink_parms(): no params data found [ 32.667678][ T3300] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.674744][ T3300] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.682130][ T3300] bridge_slave_0: entered allmulticast mode [ 32.688528][ T3300] bridge_slave_0: entered promiscuous mode [ 32.695163][ T3300] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.702224][ T3300] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.709553][ T3300] bridge_slave_1: entered allmulticast mode [ 32.715880][ T3300] bridge_slave_1: entered promiscuous mode [ 32.781544][ T3300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 32.806103][ T3300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 32.855039][ T3300] team0: Port device team_slave_0 added [ 32.863543][ T3300] team0: Port device team_slave_1 added [ 32.874748][ T3311] chnl_net:caif_netlink_parms(): no params data found [ 32.936047][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 32.943063][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 32.968976][ T3300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 32.983245][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 32.990308][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.016315][ T3300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 33.052143][ T3310] chnl_net:caif_netlink_parms(): no params data found [ 33.081790][ T3311] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.088968][ T3311] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.096047][ T3311] bridge_slave_0: entered allmulticast mode [ 33.102367][ T3311] bridge_slave_0: entered promiscuous mode [ 33.110882][ T3311] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.118045][ T3311] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.125153][ T3311] bridge_slave_1: entered allmulticast mode [ 33.131516][ T3311] bridge_slave_1: entered promiscuous mode [ 33.154075][ T3300] hsr_slave_0: entered promiscuous mode [ 33.160155][ T3300] hsr_slave_1: entered promiscuous mode [ 33.174480][ T3309] chnl_net:caif_netlink_parms(): no params data found [ 33.197703][ T3311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.219799][ T3311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.243453][ T3313] chnl_net:caif_netlink_parms(): no params data found [ 33.261947][ T3311] team0: Port device team_slave_0 added [ 33.282969][ T3311] team0: Port device team_slave_1 added [ 33.302883][ T3310] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.309994][ T3310] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.318292][ T3310] bridge_slave_0: entered allmulticast mode [ 33.324506][ T3310] bridge_slave_0: entered promiscuous mode [ 33.335714][ T3311] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.342739][ T3311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.368718][ T3311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.398382][ T3310] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.405530][ T3310] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.412822][ T3310] bridge_slave_1: entered allmulticast mode [ 33.419237][ T3310] bridge_slave_1: entered promiscuous mode [ 33.425550][ T3311] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.432507][ T3311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.458420][ T3311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 33.497999][ T3313] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.505033][ T3313] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.512238][ T3313] bridge_slave_0: entered allmulticast mode [ 33.518804][ T3313] bridge_slave_0: entered promiscuous mode [ 33.525167][ T3309] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.532340][ T3309] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.539471][ T3309] bridge_slave_0: entered allmulticast mode [ 33.545807][ T3309] bridge_slave_0: entered promiscuous mode [ 33.558632][ T3310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.569323][ T3310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.580874][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.587976][ T3313] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.595159][ T3313] bridge_slave_1: entered allmulticast mode [ 33.601658][ T3313] bridge_slave_1: entered promiscuous mode [ 33.607888][ T3309] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.614926][ T3309] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.622064][ T3309] bridge_slave_1: entered allmulticast mode [ 33.628532][ T3309] bridge_slave_1: entered promiscuous mode [ 33.674000][ T3309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.683625][ T3310] team0: Port device team_slave_0 added [ 33.691061][ T3310] team0: Port device team_slave_1 added [ 33.709598][ T3309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.732737][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.743824][ T3311] hsr_slave_0: entered promiscuous mode [ 33.749906][ T3311] hsr_slave_1: entered promiscuous mode [ 33.755651][ T3311] debugfs: 'hsr0' already exists in 'hsr' [ 33.761385][ T3311] Cannot create hsr debugfs directory [ 33.778417][ T3310] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.785348][ T3310] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.811285][ T3310] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.822748][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.834781][ T3309] team0: Port device team_slave_0 added [ 33.841638][ T3309] team0: Port device team_slave_1 added [ 33.847636][ T3310] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.854569][ T3310] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.880615][ T3310] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 33.913428][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.920459][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.946385][ T3309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.962398][ T3313] team0: Port device team_slave_0 added [ 33.976606][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.983556][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.009568][ T3309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 34.025597][ T3313] team0: Port device team_slave_1 added [ 34.051901][ T3310] hsr_slave_0: entered promiscuous mode [ 34.057972][ T3310] hsr_slave_1: entered promiscuous mode [ 34.063772][ T3310] debugfs: 'hsr0' already exists in 'hsr' [ 34.069506][ T3310] Cannot create hsr debugfs directory [ 34.082623][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 34.089606][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.115623][ T3313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 34.136081][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 34.143177][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.169061][ T3313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 34.207587][ T3309] hsr_slave_0: entered promiscuous mode [ 34.213595][ T3309] hsr_slave_1: entered promiscuous mode [ 34.219498][ T3309] debugfs: 'hsr0' already exists in 'hsr' [ 34.225211][ T3309] Cannot create hsr debugfs directory [ 34.231151][ T3300] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 34.244023][ T3300] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 34.271725][ T3300] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 34.291326][ T3313] hsr_slave_0: entered promiscuous mode [ 34.297395][ T3313] hsr_slave_1: entered promiscuous mode [ 34.303316][ T3313] debugfs: 'hsr0' already exists in 'hsr' [ 34.309087][ T3313] Cannot create hsr debugfs directory [ 34.314557][ T3300] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 34.422206][ T3311] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 34.431110][ T3311] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 34.441543][ T3311] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 34.468738][ T3311] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 34.498707][ T3310] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 34.507977][ T3310] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 34.526613][ T3310] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 34.542869][ T3310] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 34.560306][ T3300] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.574624][ T3313] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 34.594034][ T3313] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 34.602666][ T3313] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 34.612131][ T3313] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 34.623804][ T3300] 8021q: adding VLAN 0 to HW filter on device team0 [ 34.638807][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.645852][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.662538][ T3309] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 34.673077][ T3311] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.682336][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.689469][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.701164][ T3309] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 34.709775][ T3309] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 34.725220][ T3309] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 34.748404][ T3311] 8021q: adding VLAN 0 to HW filter on device team0 [ 34.767109][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.774184][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.798490][ T3310] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.813028][ T3310] 8021q: adding VLAN 0 to HW filter on device team0 [ 34.824443][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.831633][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.856364][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.864639][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.871799][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.898517][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.905657][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.950536][ T3300] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 34.962108][ T3309] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.973426][ T3313] 8021q: adding VLAN 0 to HW filter on device team0 [ 34.985423][ T3309] 8021q: adding VLAN 0 to HW filter on device team0 [ 35.013760][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.020855][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.041520][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.048615][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.065392][ T3311] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 35.081625][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.088866][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.104446][ T3310] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 35.117263][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.124314][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.193201][ T3300] veth0_vlan: entered promiscuous mode [ 35.220556][ T3300] veth1_vlan: entered promiscuous mode [ 35.268048][ T3300] veth0_macvtap: entered promiscuous mode [ 35.278361][ T3309] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 35.289079][ T3311] veth0_vlan: entered promiscuous mode [ 35.294912][ T3300] veth1_macvtap: entered promiscuous mode [ 35.312854][ T3311] veth1_vlan: entered promiscuous mode [ 35.321514][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 35.352820][ T3313] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 35.366007][ T3311] veth0_macvtap: entered promiscuous mode [ 35.375794][ T3311] veth1_macvtap: entered promiscuous mode [ 35.384183][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 35.409598][ T296] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.420279][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 35.430955][ T3310] veth0_vlan: entered promiscuous mode [ 35.451859][ T296] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.460759][ T296] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.475930][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 35.486248][ T3310] veth1_vlan: entered promiscuous mode [ 35.492530][ T296] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.510482][ T2520] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.523487][ T3309] veth0_vlan: entered promiscuous mode [ 35.532991][ T2520] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.550970][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 35.551044][ T29] audit: type=1400 audit(1754818907.582:81): avc: denied { mounton } for pid=3300 comm="syz-executor" path="/root/syzkaller.eHbLSG/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 35.558757][ T3309] veth1_vlan: entered promiscuous mode [ 35.588434][ T29] audit: type=1400 audit(1754818907.612:82): avc: denied { mount } for pid=3300 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 35.591889][ T2520] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.610473][ T29] audit: type=1400 audit(1754818907.612:83): avc: denied { mounton } for pid=3300 comm="syz-executor" path="/root/syzkaller.eHbLSG/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 35.627724][ T3309] veth0_macvtap: entered promiscuous mode [ 35.644465][ T29] audit: type=1400 audit(1754818907.612:84): avc: denied { mount } for pid=3300 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 35.658516][ T3310] veth0_macvtap: entered promiscuous mode [ 35.671931][ T29] audit: type=1400 audit(1754818907.612:85): avc: denied { mounton } for pid=3300 comm="syz-executor" path="/root/syzkaller.eHbLSG/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 35.704212][ T29] audit: type=1400 audit(1754818907.622:86): avc: denied { mounton } for pid=3300 comm="syz-executor" path="/root/syzkaller.eHbLSG/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=4608 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 35.731681][ T29] audit: type=1400 audit(1754818907.622:87): avc: denied { unmount } for pid=3300 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 35.752523][ T29] audit: type=1400 audit(1754818907.682:88): avc: denied { mounton } for pid=3300 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 35.771809][ T2520] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.775323][ T29] audit: type=1400 audit(1754818907.682:89): avc: denied { mount } for pid=3300 comm="syz-executor" name="/" dev="gadgetfs" ino=3879 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 35.784870][ T3309] veth1_macvtap: entered promiscuous mode [ 35.816581][ T3310] veth1_macvtap: entered promiscuous mode [ 35.817061][ T3300] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 35.840268][ T3313] veth0_vlan: entered promiscuous mode [ 35.851825][ T3310] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 35.870366][ T29] audit: type=1400 audit(1754818907.892:90): avc: denied { read write } for pid=3300 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 35.874191][ T3310] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 35.910329][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 35.923473][ T3471] loop1: detected capacity change from 0 to 1024 [ 35.930201][ T3313] veth1_vlan: entered promiscuous mode [ 35.943202][ T3313] veth0_macvtap: entered promiscuous mode [ 35.957026][ T3471] ======================================================= [ 35.957026][ T3471] WARNING: The mand mount option has been deprecated and [ 35.957026][ T3471] and is ignored by this kernel. Remove the mand [ 35.957026][ T3471] option from the mount to silence this warning. [ 35.957026][ T3471] ======================================================= [ 36.005964][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.014820][ T3313] veth1_macvtap: entered promiscuous mode [ 36.022376][ T3438] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.037765][ T3475] syz.0.6 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 36.045018][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.055364][ T3438] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.070788][ T3471] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 36.091639][ T3471] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 36.130082][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.138373][ T3438] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.172709][ T3485] loop4: detected capacity change from 0 to 512 [ 36.182509][ T3438] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.199331][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 36.215129][ T3438] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.232089][ T3438] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.262479][ T3485] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.265509][ T3438] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.286686][ T3485] ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 36.301459][ T3485] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.5: corrupted inode contents [ 36.313265][ T3485] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #2: comm syz.4.5: mark_inode_dirty error [ 36.324343][ T2520] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.334303][ T3485] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.5: corrupted inode contents [ 36.350890][ T2520] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.396216][ T2520] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.428557][ T3501] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 36.439247][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.456747][ T2520] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.475819][ T51] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.544720][ T3509] netlink: 197276 bytes leftover after parsing attributes in process `syz.1.15'. [ 36.613899][ T3519] netlink: 96 bytes leftover after parsing attributes in process `syz.0.19'. [ 36.635001][ T3515] loop1: detected capacity change from 0 to 1024 [ 36.674997][ T3515] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 36.704668][ T3525] netlink: 'syz.0.20': attribute type 10 has an invalid length. [ 36.712429][ T3525] netlink: 40 bytes leftover after parsing attributes in process `syz.0.20'. [ 36.722018][ T3525] dummy0: entered promiscuous mode [ 36.760018][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.264682][ T3588] netlink: 'syz.2.52': attribute type 10 has an invalid length. [ 37.362400][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a354200: rx timeout, send abort [ 37.467387][ T3611] smc: net device bond0 applied user defined pnetid SYZ2 [ 37.474697][ T3611] smc: net device bond0 erased user defined pnetid SYZ2 [ 37.508055][ T3613] vhci_hcd: default hub control req: 0007 v0f00 i0006 l0 [ 37.563630][ T3617] loop4: detected capacity change from 0 to 512 [ 37.571515][ T3617] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.65: bad orphan inode 15 [ 37.581509][ T3617] ext4_test_bit(bit=14, block=18) = 1 [ 37.587244][ T3617] is_bad_inode(inode)=0 [ 37.591384][ T3617] NEXT_ORPHAN(inode)=1023 [ 37.595692][ T3617] max_ino=32 [ 37.598895][ T3617] i_nlink=0 [ 37.602435][ T3617] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2962: inode #15: comm syz.4.65: corrupted xattr block 19: invalid header [ 37.616714][ T3617] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 37.626627][ T3617] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 37.639082][ T3617] ext4 filesystem being mounted at /9/qY3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 37.663537][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 37.763577][ T3629] SELinux: Context system_u:object_r:mouse_device_t:s0 is not valid (left unmapped). [ 37.862406][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a354000: rx timeout, send abort [ 37.870638][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a354200: abort rx timeout. Force session deactivation [ 38.003542][ T3637] loop0: detected capacity change from 0 to 512 [ 38.021204][ T3637] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.034139][ T3637] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 38.089303][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.281065][ T3657] openvswitch: netlink: Message has 6 unknown bytes. [ 38.370640][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a354000: abort rx timeout. Force session deactivation [ 38.401131][ T3672] loop0: detected capacity change from 0 to 256 [ 38.413288][ T3672] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 38.423420][ T3672] FAT-fs (loop0): Filesystem has been set read-only [ 38.449187][ T3676] process 'syz.1.87' launched '/dev/fd/6' with NULL argv: empty string added [ 38.497251][ T3678] hub 6-0:1.0: USB hub found [ 38.514886][ T3678] hub 6-0:1.0: 8 ports detected [ 38.523479][ T3684] netlink: 96 bytes leftover after parsing attributes in process `syz.1.91'. [ 38.685760][ T3705] netlink: 8 bytes leftover after parsing attributes in process `syz.2.100'. [ 38.694902][ T3701] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 38.701429][ T3701] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 38.709161][ T3701] vhci_hcd vhci_hcd.0: Device attached [ 38.728885][ T3703] vhci_hcd: connection closed [ 38.729585][ T12] vhci_hcd: stop threads [ 38.738661][ T12] vhci_hcd: release socket [ 38.743099][ T12] vhci_hcd: disconnect device [ 39.121323][ T3728] loop3: detected capacity change from 0 to 32768 [ 39.166962][ T3728] loop3: p1 p3 < > [ 39.289315][ T3770] loop0: detected capacity change from 0 to 1024 [ 39.296015][ T3770] EXT4-fs: Ignoring removed orlov option [ 39.328275][ T3770] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.388612][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.655125][ T3807] loop3: detected capacity change from 0 to 512 [ 39.670938][ T3807] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 39.684068][ T3807] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 39.694254][ T3803] loop4: detected capacity change from 0 to 2048 [ 39.703646][ T3809] hub 2-0:1.0: USB hub found [ 39.708377][ T3809] hub 2-0:1.0: 8 ports detected [ 39.730336][ T3803] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 39.742589][ T3807] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 39.757595][ T3807] EXT4-fs (loop3): 1 truncate cleaned up [ 39.763744][ T3807] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 39.795414][ T3793] loop1: detected capacity change from 0 to 32768 [ 39.795875][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.817123][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.847366][ T3793] loop1: p1 p3 < > [ 39.900466][ T3821] loop0: detected capacity change from 0 to 512 [ 39.918893][ T3821] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 39.970800][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.993772][ T3836] SELinux: failed to load policy [ 40.002711][ T3842] loop3: detected capacity change from 0 to 512 [ 40.039172][ T3842] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 40.059245][ T3842] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.077300][ T3842] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 40.117678][ T3842] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.162: corrupted xattr block 19: overlapping e_value [ 40.131789][ T3842] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 40.141503][ T3842] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.162: corrupted xattr block 19: overlapping e_value [ 40.165668][ T3842] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 40.197434][ T3842] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.162: corrupted xattr block 19: overlapping e_value [ 40.257944][ T3868] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 40.274769][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.489056][ T3899] loop1: detected capacity change from 0 to 512 [ 40.532215][ T3899] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 40.554017][ T3908] Zero length message leads to an empty skb [ 40.564638][ T3899] EXT4-fs (loop1): 1 truncate cleaned up [ 40.581492][ T29] kauditd_printk_skb: 401 callbacks suppressed [ 40.581504][ T29] audit: type=1400 audit(1754818912.612:492): avc: denied { create } for pid=3912 comm="syz.4.193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 40.608447][ T3899] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 40.609386][ T29] audit: type=1400 audit(1754818912.622:493): avc: denied { read write } for pid=3311 comm="syz-executor" name="loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 40.644529][ T29] audit: type=1400 audit(1754818912.622:494): avc: denied { open } for pid=3311 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 40.648342][ T3919] netlink: 8 bytes leftover after parsing attributes in process `syz.2.196'. [ 40.668709][ T29] audit: type=1400 audit(1754818912.622:495): avc: denied { ioctl } for pid=3311 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=100 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 40.668793][ T29] audit: type=1400 audit(1754818912.622:496): avc: denied { write } for pid=3912 comm="syz.4.193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 40.668952][ T29] audit: type=1400 audit(1754818912.652:497): avc: denied { prog_load } for pid=3917 comm="syz.0.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 40.668980][ T29] audit: type=1400 audit(1754818912.652:498): avc: denied { bpf } for pid=3917 comm="syz.0.195" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 40.669005][ T29] audit: type=1400 audit(1754818912.652:499): avc: denied { perfmon } for pid=3917 comm="syz.0.195" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 40.669075][ T29] audit: type=1400 audit(1754818912.652:500): avc: denied { prog_run } for pid=3917 comm="syz.0.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 40.678558][ T29] audit: type=1400 audit(1754818912.712:501): avc: denied { mount } for pid=3897 comm="syz.1.187" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 40.703434][ T3919] netlink: 12 bytes leftover after parsing attributes in process `syz.2.196'. [ 40.833267][ T3919] netlink: 'syz.2.196': attribute type 20 has an invalid length. [ 40.853976][ T2520] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 40.863775][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.867755][ T3919] netlink: 8 bytes leftover after parsing attributes in process `syz.2.196'. [ 40.881640][ T3919] netlink: 12 bytes leftover after parsing attributes in process `syz.2.196'. [ 40.890746][ T3919] netlink: 'syz.2.196': attribute type 20 has an invalid length. [ 40.890801][ T2520] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 40.918572][ T3928] loop3: detected capacity change from 0 to 1764 [ 40.930483][ T2520] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 40.956317][ T2520] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 41.393247][ T3947] netlink: 8 bytes leftover after parsing attributes in process `syz.0.209'. [ 41.428495][ T3996] syz.1.230 uses obsolete (PF_INET,SOCK_PACKET) [ 41.458472][ T4002] mmap: syz.4.232 (4002) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 41.543639][ T4011] SELinux: Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped). [ 41.628304][ T4020] __nla_validate_parse: 3 callbacks suppressed [ 41.628367][ T4020] netlink: 8 bytes leftover after parsing attributes in process `syz.1.242'. [ 41.650337][ T4020] netlink: 312 bytes leftover after parsing attributes in process `syz.1.242'. [ 41.659346][ T4020] netlink: 8 bytes leftover after parsing attributes in process `syz.1.242'. [ 41.985032][ T4032] loop0: detected capacity change from 0 to 32768 [ 42.207139][ T4072] loop2: detected capacity change from 0 to 164 [ 42.244672][ T4072] syz.2.263: attempt to access beyond end of device [ 42.244672][ T4072] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 42.280810][ T4072] syz.2.263: attempt to access beyond end of device [ 42.280810][ T4072] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 42.299603][ T4080] loop1: detected capacity change from 0 to 1024 [ 42.306686][ T4080] EXT4-fs: Ignoring removed bh option [ 42.333286][ T4080] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.363160][ T4089] netlink: 20 bytes leftover after parsing attributes in process `syz.2.267'. [ 42.436844][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.667992][ T4109] netlink: 16 bytes leftover after parsing attributes in process `syz.1.277'. [ 42.719327][ T4119] netlink: 16 bytes leftover after parsing attributes in process `syz.3.279'. [ 42.737407][ T4118] loop4: detected capacity change from 0 to 8192 [ 42.766230][ T4118] syz.4.281: attempt to access beyond end of device [ 42.766230][ T4118] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 42.806864][ T4118] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 42.814837][ T4118] FAT-fs (loop4): Filesystem has been set read-only [ 42.838390][ T4118] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 42.848607][ T4118] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 42.962147][ T4153] netlink: 92 bytes leftover after parsing attributes in process `syz.0.296'. [ 42.971094][ T4153] netem: unknown loss type 0 [ 42.975693][ T4153] netem: change failed [ 43.231071][ T4171] loop2: detected capacity change from 0 to 8192 [ 43.273202][ T4182] 9pnet_fd: Insufficient options for proto=fd [ 43.279420][ T4171] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 43.307612][ T4171] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 1046) [ 43.315935][ T4171] FAT-fs (loop2): Filesystem has been set read-only [ 43.342240][ T3309] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 1046) [ 43.398376][ T4188] loop3: detected capacity change from 0 to 8192 [ 43.445677][ T4204] SELinux: policydb version 0 does not match my version range 15-35 [ 43.481202][ T4204] SELinux: failed to load policy [ 43.535820][ T4216] syzkaller1: entered promiscuous mode [ 43.541402][ T4216] syzkaller1: entered allmulticast mode [ 43.550891][ T4216] PF_CAN: dropped non conform CAN skbuff: dev type 280, len 324 [ 43.644955][ T4239] loop4: detected capacity change from 0 to 512 [ 43.653443][ T4239] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.336: bad orphan inode 15 [ 43.663534][ T4239] ext4_test_bit(bit=14, block=5) = 0 [ 43.669494][ T4239] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 43.684913][ T4239] SELinux: Context system_u:object_r:ptmx_t:s0 is not valid (left unmapped). [ 43.705079][ T4241] vhci_hcd: invalid port number 96 [ 43.710344][ T4241] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 43.728975][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.733258][ T4249] netlink: 8 bytes leftover after parsing attributes in process `wg1'. [ 43.749248][ T4249] netlink: 8 bytes leftover after parsing attributes in process `wg1'. [ 43.758214][ T4249] netlink: 8 bytes leftover after parsing attributes in process `wg1'. [ 43.778651][ T4254] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 44.180997][ T4292] syz.0.352 (4292) used greatest stack depth: 10856 bytes left [ 44.356507][ T4315] Falling back ldisc for ttyS3. [ 44.471576][ T4336] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2 [ 44.771874][ T4373] hsr_slave_0: left promiscuous mode [ 44.781646][ T4373] hsr_slave_1: left promiscuous mode [ 45.232635][ T4415] can0: slcan on ttyS3. [ 45.286425][ T4414] can0 (unregistered): slcan off ttyS3. [ 45.376962][ T4426] loop4: detected capacity change from 0 to 1024 [ 45.383870][ T4426] EXT4-fs: inline encryption not supported [ 45.389734][ T4426] EXT4-fs: Ignoring removed i_version option [ 45.419102][ T4426] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.439465][ T4426] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 45.469938][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.741547][ T4457] program syz.2.425 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 45.755406][ T29] kauditd_printk_skb: 312 callbacks suppressed [ 45.755418][ T29] audit: type=1400 audit(1754818917.782:814): avc: denied { write } for pid=4454 comm="syz.0.424" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 45.791929][ T29] audit: type=1400 audit(1754818917.812:815): avc: denied { map_create } for pid=4460 comm="syz.4.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 45.811005][ T29] audit: type=1400 audit(1754818917.812:816): avc: denied { read write } for pid=3313 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 45.835102][ T29] audit: type=1400 audit(1754818917.812:817): avc: denied { open } for pid=3313 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 45.859101][ T29] audit: type=1400 audit(1754818917.812:818): avc: denied { ioctl } for pid=3313 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 45.884649][ T29] audit: type=1400 audit(1754818917.812:819): avc: denied { perfmon } for pid=4460 comm="syz.4.427" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 45.905471][ T29] audit: type=1400 audit(1754818917.812:820): avc: denied { map_read map_write } for pid=4460 comm="syz.4.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 45.925148][ T29] audit: type=1400 audit(1754818917.822:821): avc: denied { prog_load } for pid=4460 comm="syz.4.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 45.944060][ T29] audit: type=1400 audit(1754818917.822:822): avc: denied { bpf } for pid=4460 comm="syz.4.427" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 45.964472][ T29] audit: type=1400 audit(1754818917.822:823): avc: denied { prog_run } for pid=4460 comm="syz.4.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 45.983998][ T4455] vhci_hcd: invalid port number 85 [ 45.989176][ T4455] vhci_hcd: default hub control req: 0501 v0005 i0055 l0 [ 46.001738][ T4461] loop4: detected capacity change from 0 to 1024 [ 46.027503][ T4469] openvswitch: netlink: Message has 6 unknown bytes. [ 46.046775][ T4461] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.060289][ T4461] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 46.147141][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.356361][ T4506] SELinux: failed to load policy [ 46.500413][ T4534] loop0: detected capacity change from 0 to 256 [ 46.569565][ T4545] loop3: detected capacity change from 0 to 2048 [ 46.670786][ T4560] loop4: detected capacity change from 0 to 1024 [ 46.688030][ T4560] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.754591][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.774791][ T4559] infiniband syz1: set active [ 46.779594][ T4559] infiniband syz1: added bond0 [ 46.804675][ T4566] loop3: detected capacity change from 0 to 512 [ 46.814925][ T4559] RDS/IB: syz1: added [ 46.819297][ T4559] smc: adding ib device syz1 with port count 1 [ 46.825653][ T4559] smc: ib device syz1 port 1 has pnetid [ 46.836637][ T4566] EXT4-fs (loop3): orphan cleanup on readonly fs [ 46.843320][ T4566] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.475: Failed to acquire dquot type 1 [ 46.856464][ T4566] EXT4-fs (loop3): 1 truncate cleaned up [ 46.862873][ T4566] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 46.915066][ T4566] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 46.944812][ T4566] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 8 [ 47.007606][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.098773][ T4559] syz.0.471 (4559) used greatest stack depth: 10616 bytes left [ 47.238690][ T4594] netlink: 'syz.3.486': attribute type 10 has an invalid length. [ 47.260938][ T4594] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.272361][ T4594] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 47.317589][ T4594] syz.3.486 (4594) used greatest stack depth: 10088 bytes left [ 47.410829][ T4608] loop4: detected capacity change from 0 to 2048 [ 47.440965][ T4615] netlink: 'syz.2.494': attribute type 21 has an invalid length. [ 47.471726][ T4608] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 47.502008][ T4615] netlink: 'syz.2.494': attribute type 1 has an invalid length. [ 47.509695][ T4615] __nla_validate_parse: 4 callbacks suppressed [ 47.509749][ T4615] netlink: 144 bytes leftover after parsing attributes in process `syz.2.494'. [ 47.570924][ T4623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.498'. [ 47.668103][ T4608] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 47.686903][ T4608] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 924 with error 28 [ 47.699930][ T4608] EXT4-fs (loop4): This should not happen!! Data will be lost [ 47.699930][ T4608] [ 47.710121][ T4608] EXT4-fs (loop4): Total free blocks count 0 [ 47.716219][ T4608] EXT4-fs (loop4): Free/Dirty block details [ 47.722132][ T4608] EXT4-fs (loop4): free_blocks=2415919104 [ 47.727962][ T4608] EXT4-fs (loop4): dirty_blocks=928 [ 47.733248][ T4608] EXT4-fs (loop4): Block reservation details [ 47.739321][ T4608] EXT4-fs (loop4): i_reserved_data_blocks=58 [ 47.858242][ T4648] netlink: 'syz.2.508': attribute type 1 has an invalid length. [ 47.868858][ T4644] loop0: detected capacity change from 0 to 512 [ 47.885376][ T4644] EXT4-fs: Mount option(s) incompatible with ext3 [ 47.908116][ T4648] 8021q: adding VLAN 0 to HW filter on device bond1 [ 47.954487][ T2520] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 47.974619][ T4656] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 48.021169][ T4656] bond1: (slave batadv1): making interface the new active one [ 48.055416][ T4656] bond1: (slave batadv1): Enslaving as an active interface with an up link [ 48.367869][ C1] hrtimer: interrupt took 38010 ns [ 48.533462][ T4723] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 48.606580][ T4728] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 48.724711][ T4740] loop4: detected capacity change from 0 to 1024 [ 48.756686][ T4740] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 48.801004][ T4740] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.548: Allocating blocks 497-513 which overlap fs metadata [ 48.854040][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.867395][ T4755] bond1: entered promiscuous mode [ 48.872598][ T4755] bond1: entered allmulticast mode [ 48.886271][ T4755] 8021q: adding VLAN 0 to HW filter on device bond1 [ 48.911067][ T4755] bond1 (unregistering): Released all slaves [ 49.134660][ T4789] loop2: detected capacity change from 0 to 128 [ 49.145265][ T4792] loop1: detected capacity change from 0 to 512 [ 49.153165][ T4789] EXT4-fs: Ignoring removed nobh option [ 49.159668][ T4792] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 49.171858][ T4792] EXT4-fs (loop1): 1 truncate cleaned up [ 49.178083][ T4792] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.181879][ T4789] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 49.218831][ T4789] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 49.224138][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.233407][ T4800] loop3: detected capacity change from 0 to 512 [ 49.248301][ T4800] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.265003][ T4800] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 49.288034][ T3309] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 49.317612][ T4804] SELinux: failed to load policy [ 49.358578][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.501043][ T4830] netlink: 'syz.2.582': attribute type 3 has an invalid length. [ 49.516020][ T4836] loop1: detected capacity change from 0 to 164 [ 49.529123][ T4836] syz.1.585: attempt to access beyond end of device [ 49.529123][ T4836] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 49.544880][ T4836] syz.1.585: attempt to access beyond end of device [ 49.544880][ T4836] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 49.633795][ T4849] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 49.656549][ T4850] loop9: detected capacity change from 0 to 7 [ 49.665527][ T4852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.592'. [ 49.674844][ T4852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.592'. [ 49.684265][ T4850] Buffer I/O error on dev loop9, logical block 0, async page read [ 49.692513][ T4850] Buffer I/O error on dev loop9, logical block 0, async page read [ 49.700455][ T4850] loop9: unable to read partition table [ 49.706497][ T4850] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 49.706497][ T4850] ) failed (rc=-5) [ 49.706698][ T4849] netlink: 'syz.0.593': attribute type 4 has an invalid length. [ 49.913523][ T4889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.610'. [ 50.060138][ T4913] netlink: 'syz.2.620': attribute type 3 has an invalid length. [ 50.099310][ T4916] loop2: detected capacity change from 0 to 1024 [ 50.129021][ T4916] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 50.151926][ T4916] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.250594][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.368779][ T4936] netlink: 96 bytes leftover after parsing attributes in process `syz.4.630'. [ 50.378057][ T4934] 9pnet: Unknown protocol version 9 [ 50.663832][ T4955] loop2: detected capacity change from 0 to 8192 [ 50.789157][ T4963] syzkaller1: entered promiscuous mode [ 50.794700][ T4963] syzkaller1: entered allmulticast mode [ 50.826100][ T4966] SELinux: policydb version 0 does not match my version range 15-35 [ 50.836214][ T4966] SELinux: failed to load policy [ 50.841393][ T4967] loop2: detected capacity change from 0 to 2048 [ 50.885458][ T29] kauditd_printk_skb: 527 callbacks suppressed [ 50.885510][ T29] audit: type=1400 audit(1754818922.912:1349): avc: denied { setopt } for pid=4971 comm="syz.4.645" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 50.913843][ T4967] Alternate GPT is invalid, using primary GPT. [ 50.920259][ T4967] loop2: p2 p3 p7 [ 50.946994][ T29] audit: type=1326 audit(1754818922.982:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.2.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18c468ebe9 code=0x7ffc0000 [ 50.970443][ T29] audit: type=1326 audit(1754818922.982:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.2.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18c468ebe9 code=0x7ffc0000 [ 50.996214][ T29] audit: type=1326 audit(1754818923.022:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.2.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f18c468ebe9 code=0x7ffc0000 [ 51.019562][ T29] audit: type=1326 audit(1754818923.022:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.2.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f18c468ec23 code=0x7ffc0000 [ 51.052585][ T29] audit: type=1326 audit(1754818923.032:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.2.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f18c468d69f code=0x7ffc0000 [ 51.075860][ T29] audit: type=1326 audit(1754818923.032:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.2.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f18c468ec77 code=0x7ffc0000 [ 51.099426][ T29] audit: type=1326 audit(1754818923.052:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.2.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f18c468d550 code=0x7ffc0000 [ 51.122946][ T29] audit: type=1326 audit(1754818923.052:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.2.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f18c468e7eb code=0x7ffc0000 [ 51.125503][ T4982] blktrace: Concurrent blktraces are not allowed on sg0 [ 51.146283][ T29] audit: type=1326 audit(1754818923.052:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.2.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f18c468e7eb code=0x7ffc0000 [ 51.222287][ T4990] loop1: detected capacity change from 0 to 512 [ 51.238299][ T4990] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 51.268041][ T4990] EXT4-fs (loop1): 1 truncate cleaned up [ 51.275093][ T4990] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.289756][ T4990] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.390743][ T5008] rdma_rxe: rxe_newlink: failed to add bond0 [ 51.465628][ T5015] dvmrp0: entered allmulticast mode [ 51.480883][ T5022] blktrace: Concurrent blktraces are not allowed on sg0 [ 51.632820][ T5046] netlink: 12 bytes leftover after parsing attributes in process `syz.1.678'. [ 51.663430][ T37] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.673121][ T5046] netlink: 12 bytes leftover after parsing attributes in process `syz.1.678'. [ 51.682244][ T37] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.701313][ T37] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.734899][ T37] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.812177][ T5057] netlink: 'syz.4.682': attribute type 22 has an invalid length. [ 51.819960][ T5057] netlink: 4 bytes leftover after parsing attributes in process `syz.4.682'. [ 51.852656][ T5059] netlink: 8 bytes leftover after parsing attributes in process `syz.1.683'. [ 51.865643][ T5057] netlink: 'syz.4.682': attribute type 22 has an invalid length. [ 51.874483][ T3438] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.884898][ T3438] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.913893][ T3438] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.924046][ T3438] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 52.018265][ T5072] loop4: detected capacity change from 0 to 2048 [ 52.040348][ T5072] Alternate GPT is invalid, using primary GPT. [ 52.046904][ T5072] loop4: p2 p3 p7 [ 52.121363][ T5089] loop1: detected capacity change from 0 to 2048 [ 52.137698][ T5089] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 52.223100][ T5089] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 52.248466][ T5089] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 970 with error 28 [ 52.260988][ T5089] EXT4-fs (loop1): This should not happen!! Data will be lost [ 52.260988][ T5089] [ 52.270979][ T5089] EXT4-fs (loop1): Total free blocks count 0 [ 52.277004][ T5089] EXT4-fs (loop1): Free/Dirty block details [ 52.282973][ T5089] EXT4-fs (loop1): free_blocks=2415919104 [ 52.288792][ T5089] EXT4-fs (loop1): dirty_blocks=976 [ 52.294079][ T5089] EXT4-fs (loop1): Block reservation details [ 52.300082][ T5089] EXT4-fs (loop1): i_reserved_data_blocks=61 [ 52.363097][ T5117] loop0: detected capacity change from 0 to 512 [ 52.377047][ T5119] SELinux: Context system_u:object_r:dhcpc_state_t:s0 is not valid (left unmapped). [ 52.393869][ T5117] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 52.427986][ T5117] EXT4-fs (loop0): 1 truncate cleaned up [ 52.434075][ T5117] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.448844][ T5117] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.469312][ T37] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 52.525326][ T5134] loop0: detected capacity change from 0 to 512 [ 52.547607][ T5134] EXT4-fs (loop0): orphan cleanup on readonly fs [ 52.557379][ T5134] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.714: Failed to acquire dquot type 1 [ 52.574278][ T5134] EXT4-fs (loop0): 1 truncate cleaned up [ 52.581029][ T5134] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 52.610018][ T5134] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 52.635125][ T5151] loop1: detected capacity change from 0 to 2048 [ 52.649155][ T5134] EXT4-fs warning (device loop0): read_mmp_block:115: Error -117 while reading MMP block 8 [ 52.673495][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.700660][ T5151] Alternate GPT is invalid, using primary GPT. [ 52.707164][ T5151] loop1: p2 p3 p7 [ 53.020027][ T5174] dvmrp0: entered allmulticast mode [ 53.045497][ T5176] __nla_validate_parse: 1 callbacks suppressed [ 53.045513][ T5176] netlink: 12 bytes leftover after parsing attributes in process `syz.0.733'. [ 53.065438][ T3438] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.075964][ T3438] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.085314][ T5176] netlink: 12 bytes leftover after parsing attributes in process `syz.0.733'. [ 53.095992][ T3438] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.113891][ T3438] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.320650][ T5185] loop0: detected capacity change from 0 to 2048 [ 53.363975][ T5184] syz.1.737 (5184) used greatest stack depth: 9208 bytes left [ 53.373852][ T5185] Alternate GPT is invalid, using primary GPT. [ 53.380313][ T5185] loop0: p2 p3 p7 [ 53.622688][ T5212] hub 9-0:1.0: USB hub found [ 53.627594][ T5212] hub 9-0:1.0: 8 ports detected [ 53.942316][ T5241] loop4: detected capacity change from 0 to 512 [ 53.956105][ T5241] EXT4-fs (loop4): orphan cleanup on readonly fs [ 53.963114][ T5241] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.763: Failed to acquire dquot type 1 [ 53.977073][ T5241] EXT4-fs (loop4): 1 truncate cleaned up [ 53.983510][ T5241] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 54.004940][ T5241] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 54.015401][ T5241] EXT4-fs warning (device loop4): read_mmp_block:115: Error -117 while reading MMP block 8 [ 54.046273][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.613673][ T5305] capability: warning: `syz.1.791' uses 32-bit capabilities (legacy support in use) [ 54.696910][ T5320] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 54.714809][ T5317] bond1: entered promiscuous mode [ 54.719909][ T5317] bond1: entered allmulticast mode [ 54.730604][ T5317] 8021q: adding VLAN 0 to HW filter on device bond1 [ 54.741559][ T5317] bond1 (unregistering): Released all slaves [ 54.910602][ T5349] syzkaller1: entered promiscuous mode [ 54.916159][ T5349] syzkaller1: entered allmulticast mode [ 54.938992][ T5351] loop3: detected capacity change from 0 to 128 [ 54.939476][ T5353] sd 0:0:1:0: device reset [ 54.955888][ T5351] EXT4-fs: Ignoring removed nobh option [ 54.978058][ T5351] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 55.001487][ T5351] ext4 filesystem being mounted at /158/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 55.050724][ T3313] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 55.170240][ T5367] veth3: entered promiscuous mode [ 55.512730][ T5381] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.732407][ T5406] atomic_op ffff888119dbd528 conn xmit_atomic 0000000000000000 [ 55.759772][ T5410] netlink: 12 bytes leftover after parsing attributes in process `syz.0.839'. [ 55.827597][ T5421] vlan2: entered allmulticast mode [ 55.832873][ T5421] macvlan0: entered allmulticast mode [ 55.838292][ T5421] veth1_vlan: entered allmulticast mode [ 55.866224][ T5429] netlink: 48 bytes leftover after parsing attributes in process `syz.2.847'. [ 55.895333][ T29] kauditd_printk_skb: 189 callbacks suppressed [ 55.895348][ T29] audit: type=1326 audit(1754818927.922:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5430 comm="syz.4.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a03ebebe9 code=0x7ffc0000 [ 55.944491][ T5434] veth3: entered promiscuous mode [ 55.947432][ T29] audit: type=1326 audit(1754818927.962:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5430 comm="syz.4.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f8a03ebebe9 code=0x7ffc0000 [ 55.972845][ T29] audit: type=1326 audit(1754818927.962:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5430 comm="syz.4.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a03ebebe9 code=0x7ffc0000 [ 55.996221][ T29] audit: type=1326 audit(1754818927.962:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5430 comm="syz.4.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7f8a03ebebe9 code=0x7ffc0000 [ 56.019720][ T29] audit: type=1326 audit(1754818927.962:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5430 comm="syz.4.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a03ebebe9 code=0x7ffc0000 [ 56.043107][ T29] audit: type=1326 audit(1754818927.962:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5430 comm="syz.4.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a03ebebe9 code=0x7ffc0000 [ 56.066538][ T29] audit: type=1400 audit(1754818927.972:1550): avc: denied { create } for pid=5433 comm="syz.0.851" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 56.086215][ T29] audit: type=1400 audit(1754818927.972:1551): avc: denied { setopt } for pid=5433 comm="syz.0.851" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 56.105708][ T29] audit: type=1400 audit(1754818927.972:1552): avc: denied { connect } for pid=5433 comm="syz.0.851" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 56.125189][ T29] audit: type=1326 audit(1754818928.132:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18c468ebe9 code=0x7ffc0000 [ 56.284093][ T5462] loop4: detected capacity change from 0 to 512 [ 56.368688][ T5462] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 56.392743][ T5462] EXT4-fs (loop4): mount failed [ 56.422274][ T5471] bridge_slave_0: left allmulticast mode [ 56.427986][ T5471] bridge_slave_0: left promiscuous mode [ 56.433698][ T5471] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.467320][ T5471] bridge_slave_1: left allmulticast mode [ 56.473091][ T5471] bridge_slave_1: left promiscuous mode [ 56.478896][ T5471] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.540422][ T5471] bond0: (slave bond_slave_0): Releasing backup interface [ 56.558803][ T5471] bond0: (slave bond_slave_1): Releasing backup interface [ 56.582769][ T5471] team0: Port device team_slave_0 removed [ 56.591492][ T5471] team0: Port device team_slave_1 removed [ 56.606672][ T5471] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 56.614080][ T5471] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 56.619754][ T5486] loop1: detected capacity change from 0 to 1024 [ 56.645176][ T5471] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 56.652660][ T5471] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 56.661703][ T5486] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.738421][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.756484][ T5474] vlan0: entered promiscuous mode [ 56.788879][ T5474] team0: Port device vlan0 added [ 56.839096][ T5507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.881'. [ 56.884370][ T5507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.881'. [ 56.898254][ T5517] SELinux: policydb magic number 0x80 does not match expected magic number 0xf97cff8c [ 56.908922][ T5517] SELinux: failed to load policy [ 56.934907][ T5520] loop1: detected capacity change from 0 to 128 [ 56.950811][ T5520] FAT-fs (loop1): Directory bread(block 32) failed [ 56.958833][ T5520] FAT-fs (loop1): Directory bread(block 33) failed [ 56.965433][ T5520] FAT-fs (loop1): Directory bread(block 34) failed [ 56.988786][ T5520] FAT-fs (loop1): Directory bread(block 35) failed [ 57.006060][ T5520] FAT-fs (loop1): Directory bread(block 36) failed [ 57.015775][ T5520] FAT-fs (loop1): Directory bread(block 37) failed [ 57.022517][ T5520] FAT-fs (loop1): Directory bread(block 38) failed [ 57.029833][ T5520] FAT-fs (loop1): Directory bread(block 39) failed [ 57.038814][ T5520] FAT-fs (loop1): Directory bread(block 40) failed [ 57.045495][ T5520] FAT-fs (loop1): Directory bread(block 41) failed [ 57.075638][ T5533] loop2: detected capacity change from 0 to 512 [ 57.082905][ T5533] EXT4-fs: Ignoring removed mblk_io_submit option [ 57.096598][ T5533] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 57.107357][ T5533] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 57.117535][ T5533] EXT4-fs (loop2): orphan cleanup on readonly fs [ 57.117961][ T5520] syz.1.887: attempt to access beyond end of device [ 57.117961][ T5520] loop1: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 57.140242][ T5533] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.894: Invalid block bitmap block 0 in block_group 0 [ 57.159918][ T5520] FAT-fs (loop1): Filesystem has been set read-only [ 57.166711][ T5520] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 57.176159][ T5533] EXT4-fs (loop2): Remounting filesystem read-only [ 57.194832][ T5533] EXT4-fs (loop2): 1 orphan inode deleted [ 57.201310][ T5533] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 57.236654][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.294170][ T5558] openvswitch: netlink: Message has 6 unknown bytes. [ 57.396603][ T5579] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 57.396603][ T5579] program syz.0.911 not setting count and/or reply_len properly [ 57.404058][ T5582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.916'. [ 57.468510][ T5592] loop3: detected capacity change from 0 to 512 [ 57.491424][ T5582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.916'. [ 57.504775][ T5598] netlink: 256 bytes leftover after parsing attributes in process `syz.4.922'. [ 57.527683][ T5592] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.545628][ T5592] ext4 filesystem being mounted at /178/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 57.575826][ T5608] netlink: 8 bytes leftover after parsing attributes in process `syz.2.926'. [ 57.588157][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.624877][ T5612] random: crng reseeded on system resumption [ 57.684129][ T5623] loop2: detected capacity change from 0 to 512 [ 57.751793][ T5623] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 57.805390][ T5623] EXT4-fs (loop2): 1 truncate cleaned up [ 57.812512][ T5623] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.815033][ T5641] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 57.872605][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.891444][ T5647] loop4: detected capacity change from 0 to 512 [ 57.907276][ T5646] rdma_op ffff888119dbc180 conn xmit_rdma 0000000000000000 [ 57.923689][ T5649] random: crng reseeded on system resumption [ 57.923956][ T5647] EXT4-fs: Ignoring removed mblk_io_submit option [ 57.941897][ T5647] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 57.973038][ T5647] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 57.999158][ T5647] EXT4-fs (loop4): orphan cleanup on readonly fs [ 58.028420][ T5647] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.943: Invalid block bitmap block 0 in block_group 0 [ 58.065815][ T5647] EXT4-fs (loop4): Remounting filesystem read-only [ 58.075668][ T5647] EXT4-fs (loop4): 1 orphan inode deleted [ 58.087475][ T5647] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 58.119600][ T5673] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 58.130489][ T5670] IPVS: stopping master sync thread 5673 ... [ 58.164427][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.286042][ T5692] vhci_hcd: invalid port number 23 [ 58.302237][ T5694] loop4: detected capacity change from 0 to 1024 [ 58.314078][ T5694] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 58.325066][ T5694] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 58.341464][ T5694] JBD2: no valid journal superblock found [ 58.347237][ T5694] EXT4-fs (loop4): Could not load journal inode [ 58.375637][ T5704] Driver unsupported XDP return value 0 on prog (id 677) dev N/A, expect packet loss! [ 58.403579][ T5708] loop4: detected capacity change from 0 to 512 [ 58.412889][ T5708] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 58.429150][ T5708] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.970: Failed to acquire dquot type 1 [ 58.441354][ T5703] sctp: [Deprecated]: syz.2.967 (pid 5703) Use of struct sctp_assoc_value in delayed_ack socket option. [ 58.441354][ T5703] Use struct sctp_sack_info instead [ 58.459042][ T5708] EXT4-fs (loop4): 1 truncate cleaned up [ 58.465082][ T5708] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.535124][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.587736][ T5731] netlink: 100 bytes leftover after parsing attributes in process `syz.1.981'. [ 58.600782][ T5725] SELinux: failed to load policy [ 58.618070][ T5735] loop1: detected capacity change from 0 to 512 [ 58.623552][ T5733] pim6reg: entered allmulticast mode [ 58.631745][ T5733] pim6reg: left allmulticast mode [ 58.639966][ T5735] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.652639][ T5735] ext4 filesystem being mounted at /187/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 58.676072][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.718842][ T5742] loop1: detected capacity change from 0 to 512 [ 58.729241][ T5742] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 58.742325][ T5742] EXT4-fs (loop1): 1 truncate cleaned up [ 58.748543][ T5742] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.772367][ T5748] netlink: 28 bytes leftover after parsing attributes in process `syz.4.987'. [ 58.784384][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.818883][ T5752] loop4: detected capacity change from 0 to 128 [ 58.830704][ T5752] FAT-fs (loop4): Directory bread(block 32) failed [ 58.838660][ T5752] FAT-fs (loop4): Directory bread(block 33) failed [ 58.845544][ T5752] FAT-fs (loop4): Directory bread(block 34) failed [ 58.852828][ T5752] FAT-fs (loop4): Directory bread(block 35) failed [ 58.859839][ T5752] FAT-fs (loop4): Directory bread(block 36) failed [ 58.866644][ T5752] FAT-fs (loop4): Directory bread(block 37) failed [ 58.873205][ T5752] FAT-fs (loop4): Directory bread(block 38) failed [ 58.879865][ T5752] FAT-fs (loop4): Directory bread(block 39) failed [ 58.886452][ T5752] FAT-fs (loop4): Directory bread(block 40) failed [ 58.893033][ T5752] FAT-fs (loop4): Directory bread(block 41) failed [ 58.938809][ T5752] syz.4.990: attempt to access beyond end of device [ 58.938809][ T5752] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 58.968220][ T5752] FAT-fs (loop4): Filesystem has been set read-only [ 58.975074][ T5752] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 59.041153][ T5768] netlink: 28 bytes leftover after parsing attributes in process `syz.2.998'. [ 59.088312][ T5779] loop2: detected capacity change from 0 to 512 [ 59.096750][ T5779] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 59.129349][ T5787] vlan2: entered allmulticast mode [ 59.134492][ T5787] macvlan0: entered allmulticast mode [ 59.139913][ T5787] veth1_vlan: entered allmulticast mode [ 59.146256][ T5779] EXT4-fs (loop2): orphan cleanup on readonly fs [ 59.154529][ T5786] netlink: 664 bytes leftover after parsing attributes in process `syz.0.1005'. [ 59.164493][ T5779] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1002: bg 0: block 248: padding at end of block bitmap is not set [ 59.179434][ T5779] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1002: Failed to acquire dquot type 1 [ 59.198840][ T5779] EXT4-fs (loop2): 1 truncate cleaned up [ 59.230243][ T5797] loop0: detected capacity change from 0 to 128 [ 59.240670][ T5797] FAT-fs (loop0): Directory bread(block 32) failed [ 59.247272][ T5797] FAT-fs (loop0): Directory bread(block 33) failed [ 59.253915][ T5797] FAT-fs (loop0): Directory bread(block 34) failed [ 59.260856][ T5797] FAT-fs (loop0): Directory bread(block 35) failed [ 59.269321][ T5797] FAT-fs (loop0): Directory bread(block 36) failed [ 59.277376][ T5797] FAT-fs (loop0): Directory bread(block 37) failed [ 59.283939][ T5797] FAT-fs (loop0): Directory bread(block 38) failed [ 59.290759][ T5797] FAT-fs (loop0): Directory bread(block 39) failed [ 59.297450][ T5797] FAT-fs (loop0): Directory bread(block 40) failed [ 59.304073][ T5797] FAT-fs (loop0): Directory bread(block 41) failed [ 59.319612][ T5803] veth0: entered promiscuous mode [ 59.326637][ T5803] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1012'. [ 59.376802][ T5797] syz.0.1008: attempt to access beyond end of device [ 59.376802][ T5797] loop0: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 59.390549][ T5797] FAT-fs (loop0): Filesystem has been set read-only [ 59.418348][ T5797] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 59.431369][ T5809] loop3: detected capacity change from 0 to 512 [ 59.456644][ T5809] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 59.465036][ T5809] EXT4-fs (loop3): orphan cleanup on readonly fs [ 59.500026][ T5809] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1025: Failed to acquire dquot type 1 [ 59.520880][ T5809] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1025: bg 0: block 40: padding at end of block bitmap is not set [ 59.571911][ T5809] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 59.598929][ T5809] EXT4-fs (loop3): 1 truncate cleaned up [ 59.633830][ T5833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1024'. [ 59.642815][ T5833] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1024'. [ 59.660391][ T5829] sctp: [Deprecated]: syz.1.1023 (pid 5829) Use of struct sctp_assoc_value in delayed_ack socket option. [ 59.660391][ T5829] Use struct sctp_sack_info instead [ 59.661163][ T5833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1024'. [ 59.711292][ T5837] loop4: detected capacity change from 0 to 2048 [ 59.754575][ T5847] veth1_to_team: entered promiscuous mode [ 59.762052][ T5844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1031'. [ 59.774244][ T5847] bond_slave_0: entered promiscuous mode [ 59.780643][ T5847] bond_slave_0: left promiscuous mode [ 59.786238][ T5847] veth1_to_team: left promiscuous mode [ 59.813156][ T5856] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1035'. [ 60.072775][ T5896] veth1_to_team: entered promiscuous mode [ 60.075213][ T5893] loop4: detected capacity change from 0 to 1024 [ 60.081470][ T5896] bond_slave_0: entered promiscuous mode [ 60.092614][ T5896] hsr1: Slave A (veth1_to_team) is not up; please bring it up to get a fully working HSR network [ 60.103252][ T5896] hsr1: Slave B (bond_slave_0) is not up; please bring it up to get a fully working HSR network [ 60.113987][ T5895] loop3: detected capacity change from 0 to 1024 [ 60.115494][ T5896] hsr1: entered promiscuous mode [ 60.121880][ T5895] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 60.136395][ T5895] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 60.158512][ T5895] JBD2: no valid journal superblock found [ 60.164270][ T5895] EXT4-fs (loop3): Could not load journal inode [ 60.194713][ T5900] netlink: 'syz.4.1054': attribute type 10 has an invalid length. [ 60.208223][ T5902] blktrace: Concurrent blktraces are not allowed on sg0 [ 60.222422][ T5900] team0: Port device hsr_slave_0 added [ 60.360595][ T5933] loop4: detected capacity change from 0 to 764 [ 60.369279][ T5933] Symlink component flag not implemented [ 60.374933][ T5933] Symlink component flag not implemented [ 60.381034][ T5933] Symlink component flag not implemented (129) [ 60.387224][ T5933] Symlink component flag not implemented (6) [ 60.412260][ T5937] loop4: detected capacity change from 0 to 512 [ 60.421089][ T5937] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 60.429207][ T5937] EXT4-fs (loop4): orphan cleanup on readonly fs [ 60.436329][ T5937] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1072: Failed to acquire dquot type 1 [ 60.448233][ T5937] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1072: bg 0: block 40: padding at end of block bitmap is not set [ 60.462680][ T5937] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 60.471831][ T5937] EXT4-fs (loop4): 1 truncate cleaned up [ 60.901998][ T5971] loop1: detected capacity change from 0 to 512 [ 60.909875][ T5971] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 60.918693][ T5971] EXT4-fs (loop1): orphan cleanup on readonly fs [ 60.925408][ T5971] __quota_error: 191 callbacks suppressed [ 60.925419][ T5971] Quota error (device loop1): dq_insert_tree: Quota tree root isn't allocated! [ 60.940206][ T5971] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota [ 60.949967][ T5971] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1087: Failed to acquire dquot type 1 [ 60.961787][ T5971] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1087: bg 0: block 40: padding at end of block bitmap is not set [ 60.976679][ T5971] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 60.985761][ T5971] EXT4-fs (loop1): 1 truncate cleaned up [ 61.017935][ T5980] loop4: detected capacity change from 0 to 512 [ 61.033806][ T5980] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1092: casefold flag without casefold feature [ 61.049857][ T5980] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1092: couldn't read orphan inode 15 (err -117) [ 61.065505][ T29] audit: type=1326 audit(1754818933.092:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5984 comm="syz.0.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34d489ebe9 code=0x7ffc0000 [ 61.089083][ T29] audit: type=1326 audit(1754818933.092:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5984 comm="syz.0.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7f34d489ebe9 code=0x7ffc0000 [ 61.112425][ T29] audit: type=1326 audit(1754818933.092:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5984 comm="syz.0.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34d489ebe9 code=0x7ffc0000 [ 61.170019][ T29] audit: type=1326 audit(1754818933.202:1733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5992 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9cc57ebe9 code=0x7ffc0000 [ 61.193710][ T29] audit: type=1326 audit(1754818933.202:1734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5992 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9cc57ebe9 code=0x7ffc0000 [ 61.227059][ T29] audit: type=1326 audit(1754818933.252:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5992 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa9cc57ebe9 code=0x7ffc0000 [ 61.250568][ T29] audit: type=1326 audit(1754818933.252:1736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5992 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9cc57ebe9 code=0x7ffc0000 [ 61.274191][ T29] audit: type=1326 audit(1754818933.252:1737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5992 comm="syz.1.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9cc57ebe9 code=0x7ffc0000 [ 61.304409][ T5996] vlan2: entered allmulticast mode [ 61.309579][ T5996] macvlan0: entered allmulticast mode [ 61.314964][ T5996] veth1_vlan: entered allmulticast mode [ 61.352563][ T5998] vlan2: entered allmulticast mode [ 61.357889][ T5998] bridge_slave_0: entered allmulticast mode [ 61.468653][ T6012] loop0: detected capacity change from 0 to 512 [ 61.485674][ T6012] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 61.510182][ T6012] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.1107: corrupted in-inode xattr: overlapping e_value [ 61.527098][ T6018] loop4: detected capacity change from 0 to 1024 [ 61.531356][ T6012] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1107: couldn't read orphan inode 15 (err -117) [ 61.533794][ T6018] EXT4-fs: Ignoring removed bh option [ 61.636610][ T6038] 9pnet_fd: Insufficient options for proto=fd [ 61.934057][ T6083] bridge_slave_0: left allmulticast mode [ 61.939893][ T6083] bridge_slave_0: left promiscuous mode [ 61.945740][ T6083] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.964595][ T6083] bridge_slave_1: left allmulticast mode [ 61.970281][ T6083] bridge_slave_1: left promiscuous mode [ 61.976067][ T6083] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.977590][ T6089] loop3: detected capacity change from 0 to 2048 [ 61.992809][ T6083] bond0: (slave bond_slave_0): Releasing backup interface [ 62.004336][ T6083] bond0: (slave bond_slave_1): Releasing backup interface [ 62.026015][ T6083] team0: Port device team_slave_0 removed [ 62.048329][ T6083] team0: Port device team_slave_1 removed [ 62.055471][ T6083] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 62.062888][ T6083] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 62.073702][ T6083] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 62.081334][ T6083] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 62.098889][ T6083] team0: Port device hsr_slave_0 removed [ 62.150053][ T6090] vlan0: entered promiscuous mode [ 62.158897][ T6090] team0: Port device vlan0 added [ 62.279693][ T3396] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 62.287758][ T3396] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 62.340098][ T6127] loop3: detected capacity change from 0 to 164 [ 62.349469][ T6127] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 62.364427][ T6127] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 62.374383][ T6127] Symlink component flag not implemented [ 62.380144][ T6127] Symlink component flag not implemented [ 62.386424][ T6127] Symlink component flag not implemented (7) [ 62.392483][ T6127] Symlink component flag not implemented (116) [ 62.553194][ T6151] loop1: detected capacity change from 0 to 2048 [ 62.678742][ T6175] loop0: detected capacity change from 0 to 512 [ 62.695832][ T6179] syz_tun: entered promiscuous mode [ 62.708083][ T6179] batadv_slave_0: entered promiscuous mode [ 62.720568][ T6179] debugfs: 'hsr1' already exists in 'hsr' [ 62.726364][ T6179] Cannot create hsr debugfs directory [ 62.734080][ T6175] ext4 filesystem being mounted at /242/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 62.751692][ T6179] hsr1: entered allmulticast mode [ 62.756798][ T6179] syz_tun: entered allmulticast mode [ 62.762149][ T6179] batadv_slave_0: entered allmulticast mode [ 62.772983][ T6175] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.1173: corrupted inode contents [ 62.803465][ T6175] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz.0.1173: mark_inode_dirty error [ 62.849545][ T6175] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.1173: corrupted inode contents [ 62.999429][ T6204] loop2: detected capacity change from 0 to 1024 [ 63.028827][ T6204] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.376834][ T6238] loop4: detected capacity change from 0 to 164 [ 63.390441][ T6238] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 63.407118][ T6240] netlink: 'syz.2.1199': attribute type 3 has an invalid length. [ 63.419271][ T6238] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 63.430314][ T6238] Symlink component flag not implemented [ 63.435967][ T6238] Symlink component flag not implemented [ 63.442499][ T6238] Symlink component flag not implemented (7) [ 63.448892][ T6238] Symlink component flag not implemented (116) [ 63.549776][ T6262] loop4: detected capacity change from 0 to 512 [ 63.575058][ T6262] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 63.589979][ T6262] EXT4-fs (loop4): mount failed [ 63.780647][ T6308] loop3: detected capacity change from 0 to 128 [ 63.793210][ T6308] ext4 filesystem being mounted at /224/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 63.843157][ T6314] netlink: 'syz.2.1230': attribute type 21 has an invalid length. [ 64.056101][ T6334] loop3: detected capacity change from 0 to 512 [ 64.063649][ T6334] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 64.064268][ T6336] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 64.075185][ T6334] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended [ 64.091983][ T6334] EXT4-fs error (device loop3): ext4_orphan_get:1392: comm syz.3.1239: inode #15: comm syz.3.1239: iget: illegal inode # [ 64.105042][ T6334] EXT4-fs (loop3): Remounting filesystem read-only [ 64.116356][ T3371] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3371 comm=kworker/1:2 [ 64.130931][ T6334] 9pnet: p9_errstr2errno: server reported unknown error 1844674 [ 64.191885][ T6352] netlink: 'syz.2.1246': attribute type 13 has an invalid length. [ 64.199800][ T6352] netlink: 'syz.2.1246': attribute type 17 has an invalid length. [ 64.252616][ T6352] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 64.268903][ T6356] sch_tbf: burst 3 is lower than device geneve1 mtu (1514) ! [ 64.340282][ T6368] loop1: detected capacity change from 0 to 164 [ 64.348933][ T6368] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 64.364129][ T6368] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 64.373761][ T6368] Symlink component flag not implemented [ 64.379429][ T6368] Symlink component flag not implemented [ 64.388054][ T6368] Symlink component flag not implemented (7) [ 64.394071][ T6368] Symlink component flag not implemented (116) [ 64.413138][ T6376] netlink: 'syz.3.1258': attribute type 11 has an invalid length. [ 64.421039][ T6376] __nla_validate_parse: 9 callbacks suppressed [ 64.421054][ T6376] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1258'. [ 64.436579][ T6375] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6375 comm=syz.2.1259 [ 64.447263][ T296] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.464658][ T296] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.473595][ T6376] netlink: 'syz.3.1258': attribute type 11 has an invalid length. [ 64.481442][ T6376] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1258'. [ 64.490933][ T296] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.502075][ T296] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.521173][ T6381] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 64.605072][ T6393] loop2: detected capacity change from 0 to 2048 [ 64.630248][ T6399] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1270'. [ 64.719199][ T6418] loop3: detected capacity change from 0 to 128 [ 64.743202][ T6418] ext4 filesystem being mounted at /241/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 64.799705][ T6428] loop0: detected capacity change from 0 to 256 [ 64.839563][ T6428] syz.0.1283: attempt to access beyond end of device [ 64.839563][ T6428] loop0: rw=2049, sector=256, nr_sectors = 288 limit=256 [ 64.860918][ T6428] syz.0.1283: attempt to access beyond end of device [ 64.860918][ T6428] loop0: rw=2049, sector=608, nr_sectors = 416 limit=256 [ 64.876696][ T6428] syz.0.1283: attempt to access beyond end of device [ 64.876696][ T6428] loop0: rw=2049, sector=1056, nr_sectors = 448 limit=256 [ 64.923856][ T6435] loop2: detected capacity change from 0 to 2048 [ 64.944484][ T6435] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 64.959618][ T6435] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 17 with error 28 [ 64.972678][ T6435] EXT4-fs (loop2): This should not happen!! Data will be lost [ 64.972678][ T6435] [ 64.982626][ T6435] EXT4-fs (loop2): Total free blocks count 0 [ 64.983125][ T6447] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 64.988710][ T6435] EXT4-fs (loop2): Free/Dirty block details [ 65.001897][ T6435] EXT4-fs (loop2): free_blocks=2415919104 [ 65.007701][ T6435] EXT4-fs (loop2): dirty_blocks=32 [ 65.012889][ T6435] EXT4-fs (loop2): Block reservation details [ 65.014151][ T6443] loop3: detected capacity change from 0 to 512 [ 65.018904][ T6435] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 65.064405][ T6443] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 65.082719][ T6443] EXT4-fs (loop3): mount failed [ 65.095279][ T6452] loop4: detected capacity change from 0 to 1024 [ 65.112046][ T6457] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1294'. [ 65.122766][ T6459] loop0: detected capacity change from 0 to 128 [ 65.133282][ T6452] ext4 filesystem being mounted at /295/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.238697][ T6476] loop2: detected capacity change from 0 to 128 [ 65.247545][ T6476] ext4 filesystem being mounted at /250/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 65.261236][ T6479] netlink: 'syz.3.1304': attribute type 1 has an invalid length. [ 65.295134][ T6479] bond1: entered promiscuous mode [ 65.300616][ T6479] 8021q: adding VLAN 0 to HW filter on device bond1 [ 65.335557][ T6479] 8021q: adding VLAN 0 to HW filter on device bond1 [ 65.347730][ T6479] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 65.358139][ T6479] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 65.358884][ T6486] loop4: detected capacity change from 0 to 2048 [ 65.374036][ T6486] EXT4-fs: Ignoring removed nobh option [ 65.378835][ T6479] bond1: (slave ip6gre1): making interface the new active one [ 65.387163][ T6479] ip6gre1: entered promiscuous mode [ 65.394740][ T6479] bond1: (slave ip6gre1): Enslaving as an active interface with an up link [ 65.395664][ T6488] netlink: 'syz.2.1308': attribute type 1 has an invalid length. [ 65.411156][ T6488] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.1308'. [ 65.622894][ T6470] ================================================================== [ 65.631011][ T6470] BUG: KCSAN: data-race in xas_clear_mark / xas_find_marked [ 65.638320][ T6470] [ 65.640646][ T6470] write to 0xffff888119833214 of 4 bytes by task 6459 on cpu 0: [ 65.648270][ T6470] xas_clear_mark+0x16b/0x180 [ 65.652954][ T6470] __folio_start_writeback+0x2ce/0x440 [ 65.658425][ T6470] __block_write_full_folio+0x53a/0x8f0 [ 65.663979][ T6470] block_write_full_folio+0x2c2/0x2e0 [ 65.669379][ T6470] mpage_writepages+0x6cf/0x1250 [ 65.674328][ T6470] fat_writepages+0x24/0x30 [ 65.678840][ T6470] do_writepages+0x1c3/0x310 [ 65.683439][ T6470] file_write_and_wait_range+0x156/0x2c0 [ 65.689092][ T6470] __generic_file_fsync+0x46/0x140 [ 65.694213][ T6470] fat_file_fsync+0x49/0x100 [ 65.698803][ T6470] vfs_fsync_range+0x10d/0x130 [ 65.703577][ T6470] generic_file_write_iter+0x1b8/0x2f0 [ 65.709051][ T6470] iter_file_splice_write+0x666/0x9e0 [ 65.714438][ T6470] direct_splice_actor+0x153/0x2a0 [ 65.719570][ T6470] splice_direct_to_actor+0x30f/0x680 [ 65.724945][ T6470] do_splice_direct+0xda/0x150 [ 65.729709][ T6470] do_sendfile+0x380/0x650 [ 65.734147][ T6470] __x64_sys_sendfile64+0x105/0x150 [ 65.739357][ T6470] x64_sys_call+0x2bb0/0x2ff0 [ 65.744046][ T6470] do_syscall_64+0xd2/0x200 [ 65.748559][ T6470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.754477][ T6470] [ 65.756806][ T6470] read to 0xffff888119833214 of 4 bytes by task 6470 on cpu 1: [ 65.764346][ T6470] xas_find_marked+0x5dc/0x620 [ 65.769123][ T6470] find_get_entry+0x5d/0x380 [ 65.773738][ T6470] filemap_get_folios_tag+0x92/0x210 [ 65.779028][ T6470] filemap_fdatawait_range+0x88/0x1d0 [ 65.784418][ T6470] __writeback_single_inode+0xdb/0x7c0 [ 65.789903][ T6470] writeback_single_inode+0x167/0x3e0 [ 65.795286][ T6470] sync_inode_metadata+0x5b/0x90 [ 65.800243][ T6470] __generic_file_fsync+0xf8/0x140 [ 65.805362][ T6470] fat_file_fsync+0x49/0x100 [ 65.809956][ T6470] vfs_fsync_range+0x10d/0x130 [ 65.814732][ T6470] generic_file_write_iter+0x1b8/0x2f0 [ 65.820193][ T6470] iter_file_splice_write+0x666/0x9e0 [ 65.825568][ T6470] direct_splice_actor+0x153/0x2a0 [ 65.830694][ T6470] splice_direct_to_actor+0x30f/0x680 [ 65.836070][ T6470] do_splice_direct+0xda/0x150 [ 65.840853][ T6470] do_sendfile+0x380/0x650 [ 65.845283][ T6470] __x64_sys_sendfile64+0x105/0x150 [ 65.850487][ T6470] x64_sys_call+0x2bb0/0x2ff0 [ 65.855198][ T6470] do_syscall_64+0xd2/0x200 [ 65.859713][ T6470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.865614][ T6470] [ 65.867930][ T6470] value changed: 0x0e000021 -> 0x04000021 [ 65.873653][ T6470] [ 65.875980][ T6470] Reported by Kernel Concurrency Sanitizer on: [ 65.882133][ T6470] CPU: 1 UID: 0 PID: 6470 Comm: syz.0.1296 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) [ 65.894189][ T6470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 65.904241][ T6470] ================================================================== [ 66.031196][ T29] kauditd_printk_skb: 269 callbacks suppressed [ 66.031218][ T29] audit: type=1400 audit(1754818938.062:2005): avc: denied { unmount } for pid=3311 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1