last executing test programs: 653.540204ms ago: executing program 2 (id=6000): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = memfd_create(&(0x7f00000005c0)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10`\xee\xa9\x8b\x06%\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xa96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xd9Jx\xaa\x8f~\xb94a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xd6m\xf7@]iNP\xf1\x1d\xab\x13\xce\x152s\xb8\x85\x98\x84\xbf\x8c\x80{\x16\t\xd6\x17P3\xe9\xebGKL\xd3\x88\xd2\rLG\x8e\xd6\xa72\xf4\x92\xeb&\xa5\xcc\x14FZN\x98%[p\x989\xf6\xf5\xb6\xedk\xe6\xb0\xa1\x8f\x90\xdb\xd6h)\x0f6\x88\x03P\x8ak\xf9\xc9\x82`\xa7Ku\x99\xab\xd4\xb2\xaa1\x99O\x8b\x99-\xe3', 0x1) fsetxattr$security_capability(r4, &(0x7f0000000140), 0x0, 0x0, 0x0) 620.020807ms ago: executing program 2 (id=6001): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="500000000101010200000000000000000a0000000c001980080002ff"], 0x50}}, 0x0) 619.672227ms ago: executing program 2 (id=6002): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r2, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0) 618.832457ms ago: executing program 2 (id=6003): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x4040800) 602.860309ms ago: executing program 2 (id=6004): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) timer_create(0x3, 0x0, &(0x7f00000037c0)=0x0) timer_delete(r3) 567.008523ms ago: executing program 2 (id=6009): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0xf) ioctl$TCFLSH(r3, 0x400455c8, 0x4) 480.662841ms ago: executing program 4 (id=6017): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_open_procfs(0x0, &(0x7f0000000040)='totmaps\x00') 447.807945ms ago: executing program 0 (id=6018): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x40000000}, 0xc) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 402.379279ms ago: executing program 0 (id=6019): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = add_key$keyring(&(0x7f0000000040), &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$restrict_keyring(0x1d, r3, &(0x7f0000000100)='blacklist\x00', &(0x7f0000000140)='\x00') 402.074359ms ago: executing program 4 (id=6020): open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10) r6 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}}) 401.918039ms ago: executing program 0 (id=6021): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000040340000000000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000357500007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) creat(&(0x7f0000000bc0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x120) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0xfd, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c}) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x8800, 0x8) renameat2(r2, &(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r3, &(0x7f0000000040)='./file1\x00', 0x2) 401.024059ms ago: executing program 0 (id=6022): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff) 388.114681ms ago: executing program 0 (id=6023): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000240)=ANY=[@ANYBLOB="130000006bffff"], 0x13) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 381.717641ms ago: executing program 4 (id=6024): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount(0x0, 0x0, 0x0, 0x200000, 0x0) 378.114452ms ago: executing program 0 (id=6025): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x0) read$FUSE(r3, &(0x7f0000001b40)={0x2020}, 0x205c) 362.337123ms ago: executing program 4 (id=6026): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x142, 0x153) write$binfmt_elf64(r3, &(0x7f0000000200)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x4, 0x0, 0x0, 0x0, 0x2, 0x3e, 0xffffffeb, 0x7c, 0x40, 0x82, 0x0, 0x9, 0x38, 0x1, 0xfffe, 0x2, 0x3}, [{0x3, 0xf, 0x8, 0x7ff, 0x0, 0xe5, 0x1, 0x3}], "7a8ce589212f087e93206cd894f3de12ab035639c0c50d12499a7f54e6a062d700885b177d72e104adff9c22d04f51438445416d84edae889f3fedb4dc372c72a6523452c76288bf7638bb85f6b344a855ee82bc13fc9a3bf2fa01fa7487f28637e561fce13976d7c34445fb64fa59175ff33eeb6a"}, 0xed) close(r3) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000) 353.685004ms ago: executing program 4 (id=6027): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x194) getdents(r2, 0x0, 0x0) 303.770479ms ago: executing program 4 (id=6028): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) io_setup(0x5ff, &(0x7f0000000400)=0x0) io_submit(r3, 0x1ffffff0, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000)="96", 0xffffff20}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff}]) 217.148698ms ago: executing program 3 (id=6034): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) write(r3, &(0x7f00000000c0)="8f2a", 0x2) 166.907553ms ago: executing program 3 (id=6035): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000539d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_LOOKUP_ELEM(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./file1\x00', 0x810, &(0x7f0000000340)=ANY=[@ANYRES8=0x0, @ANYRES16], 0x1, 0x256, &(0x7f0000000bc0)="$eJzs2s9rHGUYB/Bn0takqclG/EUL4ose1MvQ5OyhQVoQA4o2QhWkUzPRJeNuyCyBFaE56dWjR8/i0YMgSI9ecvEv6MFbLjn2II6ku9ZtE0sx224pn89lH3jmu/sM8zI8h91789svNtbrfL3oxVSWxdSF2IlbWSzEVPxjJ9547cpvL31w5aN3lldWLr6f0qXly4tLKaX5l3/9+KsfX7nRO/PhT/O/TMfuwid7+0t/7L6we3bvr8uft+vUrlOn20tFutbt9oprVZnW2vVGntJ7VVnUZWp36nLrrv561d3c7KeiszY3u7lV1nUqOv20UfZTr5t6W/1UfFa0OynP8zQ3GxzH6g+3mib2m1NXo2ma09/HmRsxdzNakT2TsmcvZM9fzV7cyc5+Nz3pQXlIHuj57zdNa9KD8lCMvNRnIqpvtle3Vwefg/7yerSjijLORyv+jINjMjSoL729cvF8um0hvq6uD/PXt1dPDPIxzC9GKxaOzi8O8unu/HTMjv7+UrTiuaPzS0fmZ+L1V0fyebTi90+jG1WsxUH2Tv7niEhvvbtyT/7c7esAAJ40ebrj0P5286Cf/1d/kL/ffjgTESP74T371ck4d3LSd0/d/3KjqKpySzG+4uDwPwZjTKg4dZz46eG5vM81Tx9uTcV4hn/qeN8zP6Yxxlec+P/xCb+YeCT+feiHe9kkBgIAAAAAAAAAAOCBPIo/IU76HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMfb3wEAAP//R7zIZg==") rename(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r0}, 0x10) socketpair(0x0, 0x0, 0x0, &(0x7f0000000140)) 166.667563ms ago: executing program 3 (id=6036): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_emit_ethernet(0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd600a843500140600fe"], 0x0) 158.091304ms ago: executing program 3 (id=6038): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000440)=0x1000, 0x4) sendmsg$inet(r3, &(0x7f0000000700)={&(0x7f0000000380)={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000002100)="1a07d7a752", 0x5}], 0x1, &(0x7f0000000680)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2f}, @local}}}], 0x20}, 0x0) 147.871144ms ago: executing program 3 (id=6039): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) prctl$PR_SET_NAME(0xf, 0x0) 137.492246ms ago: executing program 3 (id=6040): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r3, 0x0, 0x0) syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007e3dc410cd0621013ddd010203010902"], 0x0) 92.93568ms ago: executing program 1 (id=6043): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x80001) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_UNREGISTER(r2, 0x8010aa01, &(0x7f0000000380)={&(0x7f0000676000/0x3000)=nil, 0x3000}) 35.082926ms ago: executing program 1 (id=6044): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6(0x10, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000140)=[{0x16}]}, 0x10) 34.833796ms ago: executing program 1 (id=6045): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, 0x0, 0x0) 19.119667ms ago: executing program 1 (id=6046): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) 259.75µs ago: executing program 1 (id=6047): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6(0xa, 0x800000000000002, 0x0) sendmmsg$inet6(r4, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e21, 0x8, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c, 0x0}}], 0x1, 0x0) 0s ago: executing program 1 (id=6048): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) kernel console output (not intermixed with test programs): 1360][ T582] udevd[582]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 59.682532][ T1508] udevd[1508]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory [ 59.820005][ T4178] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #11: comm syz.4.1770: ea_inode with extended attributes [ 59.840987][ T4178] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.1770: error while reading EA inode 11 err=-117 [ 59.861236][ T4178] EXT4-fs (loop4): 1 orphan inode deleted [ 59.867152][ T4178] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue [ 60.236071][ T4243] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #11: comm syz.4.1803: ea_inode with extended attributes [ 60.248928][ T4243] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.1803: error while reading EA inode 11 err=-117 [ 60.261565][ T4243] EXT4-fs (loop4): 1 orphan inode deleted [ 60.267316][ T4243] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue [ 60.360973][ T24] kauditd_printk_skb: 157 callbacks suppressed [ 60.360983][ T24] audit: type=1400 audit(1763225751.535:841): avc: denied { write } for pid=4256 comm="syz.1.1809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 60.422256][ T24] audit: type=1326 audit(1763225751.555:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4274 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 60.458798][ T24] audit: type=1326 audit(1763225751.565:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4274 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 60.482311][ T24] audit: type=1326 audit(1763225751.575:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4274 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 60.520318][ T24] audit: type=1326 audit(1763225751.575:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4274 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 60.544467][ T24] audit: type=1326 audit(1763225751.575:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4274 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 60.567871][ T24] audit: type=1326 audit(1763225751.575:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4274 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 60.591280][ T24] audit: type=1326 audit(1763225751.575:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4274 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 60.604013][ T4263] F2FS-fs (loop4): invalid crc value [ 60.620227][ T24] audit: type=1326 audit(1763225751.575:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4274 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 60.643738][ T24] audit: type=1326 audit(1763225751.575:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4274 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 60.668538][ T4263] F2FS-fs (loop4): Found nat_bits in checkpoint [ 60.700203][ T4263] F2FS-fs (loop4): Start checkpoint disabled! [ 60.718346][ T4263] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 60.808449][ T4263] SELinux: Context system_u:object_r:netcontrol_device_t:s0 is not valid (left unmapped). [ 60.839053][ T372] attempt to access beyond end of device [ 60.839053][ T372] loop4: rw=2049, want=40968, limit=40427 [ 60.978727][ T4319] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.1837' sets config #0 [ 61.098700][ T4000] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 61.338679][ T4000] usb 3-1: Using ep0 maxpacket: 32 [ 61.368803][ T401] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 61.457963][ T4387] /dev/rnullb0: Can't open blockdev [ 61.463339][ T4000] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30 [ 61.503257][ T4000] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 61.531786][ T4397] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 61.534087][ T4000] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 61.547543][ T4397] SELinux: (dev overlay, type overlay) has no security xattr handler [ 61.560438][ T4000] usb 3-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.00 [ 61.560449][ T4000] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.565261][ T4000] usb 3-1: config 0 descriptor?? [ 61.659429][ T4411] 9p: Unknown access argument a [ 61.748745][ T401] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 61.764598][ T401] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 61.776529][ T401] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 61.789562][ T401] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.802885][ T401] usb 5-1: config 0 descriptor?? [ 61.888737][ T4000] usb 3-1: string descriptor 0 read error: -71 [ 61.988719][ T4000] usbhid 3-1:0.0: can't add hid device: -71 [ 61.994764][ T4000] usbhid: probe of 3-1:0.0 failed with error -71 [ 62.006496][ T4000] usb 3-1: USB disconnect, device number 4 [ 62.230418][ T401] usbhid 5-1:0.0: can't add hid device: -71 [ 62.236404][ T401] usbhid: probe of 5-1:0.0 failed with error -71 [ 62.243650][ T401] usb 5-1: USB disconnect, device number 4 [ 62.552829][ T348] print_req_error: 727 callbacks suppressed [ 62.552844][ T348] blk_update_request: I/O error, dev loop0, sector 2056 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 62.561625][ T582] blk_update_request: I/O error, dev loop0, sector 3072 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 62.572120][ T348] blk_update_request: I/O error, dev loop0, sector 2056 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 62.583433][ T1508] blk_update_request: I/O error, dev loop0, sector 3648 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 62.594400][ T348] buffer_io_error: 559 callbacks suppressed [ 62.594410][ T348] Buffer I/O error on dev loop0p1, logical block 1, async page read [ 62.605350][ T582] blk_update_request: I/O error, dev loop0, sector 3072 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 62.612973][ T1508] blk_update_request: I/O error, dev loop0, sector 3648 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 62.618796][ T582] Buffer I/O error on dev loop0p3, logical block 0, async page read [ 62.630896][ T1508] Buffer I/O error on dev loop0p5, logical block 4, async page read [ 62.641200][ T582] blk_update_request: I/O error, dev loop0, sector 3072 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 62.649295][ T1508] blk_update_request: I/O error, dev loop0, sector 3650 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 62.673725][ T582] Buffer I/O error on dev loop0p3, logical block 0, async page read [ 62.679675][ T1508] Buffer I/O error on dev loop0p5, logical block 5, async page read [ 62.691201][ T582] blk_update_request: I/O error, dev loop0, sector 3072 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 62.703346][ T1508] blk_update_request: I/O error, dev loop0, sector 3652 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 62.708533][ T582] Buffer I/O error on dev loop0p3, logical block 0, async page read [ 62.722873][ T1508] Buffer I/O error on dev loop0p5, logical block 6, async page read [ 62.725311][ T582] Buffer I/O error on dev loop0p3, logical block 0, async page read [ 62.741095][ T4548] __nla_validate_parse: 2 callbacks suppressed [ 62.741102][ T4548] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1946'. [ 62.745700][ T1508] Buffer I/O error on dev loop0p5, logical block 7, async page read [ 62.748803][ T582] Buffer I/O error on dev loop0p3, logical block 0, async page read [ 63.236711][ T4628] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1985'. [ 63.432051][ T4658] syz.0.1997[4658] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 63.432104][ T4658] syz.0.1997[4658] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 63.474968][ T4661] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 63.515815][ T4666] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 63.524128][ T4666] overlayfs: missing 'lowerdir' [ 63.670848][ T4683] netlink: 592 bytes leftover after parsing attributes in process `syz.1.2009'. [ 63.958321][ T4674] loop0: p1 p3 < p5 > [ 63.964184][ T4674] loop0: partition table partially beyond EOD, truncated [ 64.239761][ T4722] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2027'. [ 64.319519][ T4730] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2032'. [ 64.536217][ T4747] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #11: comm syz.3.2041: ea_inode with extended attributes [ 64.610650][ T4747] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2041: error while reading EA inode 11 err=-117 [ 64.658830][ T4747] EXT4-fs (loop3): 1 orphan inode deleted [ 64.673807][ T4747] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue [ 64.800691][ T4699] F2FS-fs (loop4): QUOTA feature is enabled, so ignore qf_name [ 64.822497][ T4699] F2FS-fs (loop4): invalid crc value [ 64.853290][ T4699] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 64.870756][ T4780] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2052'. [ 64.882609][ T4699] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=60000, run fsck to fix. [ 64.892143][ T4699] F2FS-fs (loop4): Bad quota inode 2:393216 [ 64.898077][ T4699] F2FS-fs (loop4): Failed to enable quota tracking (type=2, err=-22). Please run fsck to fix. [ 64.908384][ T4699] F2FS-fs (loop4): Cannot turn on quotas: error -22 [ 64.915367][ T4780] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2052'. [ 64.924387][ T4699] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b [ 64.973057][ T4789] netlink: 'syz.3.2060': attribute type 4 has an invalid length. [ 65.182673][ T4811] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2068'. [ 65.221268][ T4821] 9pnet: Could not find request transport: 0xffffffffffffffff [ 65.248066][ T4825] 9pnet: Insufficient options for proto=fd [ 65.540450][ T4883] 9pnet: Could not find request transport: 0xffffffffffffffff [ 65.686125][ T4909] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2114'. [ 65.899090][ T4950] tipc: Enabling of bearer rejected, failed to enable media [ 65.946199][ T24] kauditd_printk_skb: 61 callbacks suppressed [ 65.946211][ T24] audit: type=1326 audit(1763225757.115:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 66.011000][ T24] audit: type=1326 audit(1763225757.115:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 66.056295][ T4946] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2131'. [ 66.074624][ T24] audit: type=1326 audit(1763225757.145:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 66.128908][ T24] audit: type=1326 audit(1763225757.155:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 66.153867][ T24] audit: type=1326 audit(1763225757.155:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 66.177619][ T24] audit: type=1326 audit(1763225757.165:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 66.201904][ T24] audit: type=1326 audit(1763225757.165:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 66.225814][ T24] audit: type=1326 audit(1763225757.165:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 66.258702][ T24] audit: type=1326 audit(1763225757.165:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 66.312652][ T24] audit: type=1326 audit(1763225757.165:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 66.351912][ T4976] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 66.596146][ T4943] F2FS-fs (loop1): QUOTA feature is enabled, so ignore qf_name [ 66.608821][ T4943] F2FS-fs (loop1): invalid crc value [ 66.628906][ T4943] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 66.659472][ T4943] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=60000, run fsck to fix. [ 66.668920][ T4943] F2FS-fs (loop1): Bad quota inode 2:393216 [ 66.675066][ T4943] F2FS-fs (loop1): Failed to enable quota tracking (type=2, err=-22). Please run fsck to fix. [ 66.685744][ T4943] F2FS-fs (loop1): Cannot turn on quotas: error -22 [ 66.699374][ T4943] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b [ 66.768402][ T5024] device veth0 entered promiscuous mode [ 66.960122][ T5044] netlink: 'syz.1.2163': attribute type 4 has an invalid length. [ 67.257365][ T474] kernel write not supported for file [eventfd] (pid: 474 comm: kworker/1:5) [ 67.313345][ T5090] overlayfs: overlapping lowerdir path [ 67.346396][ T5094] netlink: 'syz.4.2196': attribute type 12 has an invalid length. [ 67.820583][ T5163] binder: 5162:5163 ioctl 4018620d 0 returned -22 [ 67.883115][ T5175] SELinux: Context system_u:object_r:auditd_exec_t:s0 is not valid (left unmapped). [ 67.907138][ T5177] __nla_validate_parse: 2 callbacks suppressed [ 67.907147][ T5177] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2238'. [ 68.148348][ T5211] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2254'. [ 68.157465][ T5211] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2254'. [ 68.469855][ T474] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 68.654093][ T5261] fuse: Unknown parameter 'g' [ 68.718667][ T474] usb 1-1: Using ep0 maxpacket: 8 [ 68.762106][ T5264] EXT4-fs (loop4): Ignoring removed bh option [ 68.878751][ T474] usb 1-1: unable to get BOS descriptor or descriptor too short [ 68.903451][ T5264] EXT4-fs error (device loop4): ext4_map_blocks:630: inode #3: block 2: comm syz.4.2271: lblock 2 mapped to illegal pblock 2 (length 1) [ 68.958738][ T474] usb 1-1: config 1 interface 0 altsetting 225 bulk endpoint 0x1 has invalid maxpacket 32 [ 68.971130][ T474] usb 1-1: config 1 interface 0 has no altsetting 0 [ 69.025399][ T5264] EXT4-fs error (device loop4): ext4_map_blocks:630: inode #3: block 48: comm syz.4.2271: lblock 0 mapped to illegal pblock 48 (length 1) [ 69.050882][ T5282] devtmpfs: Unknown parameter 'usrquota_inode_hardlimit' [ 69.060596][ T5264] EXT4-fs error (device loop4): ext4_acquire_dquot:6226: comm syz.4.2271: Failed to acquire dquot type 0 [ 69.098905][ T5264] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 69.128741][ T5264] EXT4-fs error (device loop4): ext4_evict_inode:283: inode #11: comm syz.4.2271: mark_inode_dirty error [ 69.140062][ T474] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 69.154462][ T474] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 69.168679][ T474] usb 1-1: Product: syz [ 69.172913][ T474] usb 1-1: Manufacturer: syz [ 69.177496][ T474] usb 1-1: SerialNumber: syz [ 69.188794][ T5264] EXT4-fs warning (device loop4): ext4_evict_inode:286: couldn't mark inode dirty (err -117) [ 69.218718][ T5219] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 69.245976][ T5264] EXT4-fs (loop4): 1 orphan inode deleted [ 69.270687][ T5264] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,noblock_validity,bh,max_batch_time=0x0000000000000001,nodelalloc,inlinecrypt,,errors=continue [ 69.333899][ T9] EXT4-fs error (device loop4): ext4_map_blocks:630: inode #3: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 1) [ 69.348347][ T9] EXT4-fs error (device loop4): ext4_release_dquot:6262: comm kworker/u4:1: Failed to release dquot type 0 [ 69.350912][ T5314] overlayfs: statfs failed on './file0' [ 69.463691][ T5318] overlayfs: statfs failed on './file0' [ 69.563878][ T474] usb 1-1: USB disconnect, device number 4 [ 69.801345][ T5325] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=118 sclass=netlink_route_socket pid=5325 comm=syz.2.2307 [ 69.849554][ T5331] binder: Bad value for 'max' [ 69.880887][ T5335] device batadv_slave_1 entered promiscuous mode [ 69.888348][ T5334] device batadv_slave_1 left promiscuous mode [ 70.005839][ T5360] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 70.126053][ T280] EXT4-fs error (device loop4): __ext4_get_inode_loc:4438: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 70.139191][ T280] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 70.148694][ T280] EXT4-fs error (device loop4): ext4_quota_off:6545: inode #3: comm syz-executor: mark_inode_dirty error [ 70.288460][ T5390] /dev/nbd4: Can't open blockdev [ 70.321899][ T5384] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue [ 70.335978][ T5384] ext4 filesystem being mounted at /434/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 70.351514][ T5384] EXT4-fs error (device loop2) in ext4_do_update_inode:5336: error 27 [ 70.368526][ T5384] EXT4-fs error (device loop2): ext4_dirty_inode:6143: inode #2: comm syz.2.2331: mark_inode_dirty error [ 70.388906][ T5384] EXT4-fs error (device loop2) in ext4_do_update_inode:5336: error 27 [ 70.402662][ T5384] EXT4-fs error (device loop2): __ext4_ext_dirty:182: inode #2: comm syz.2.2331: mark_inode_dirty error [ 70.478412][ T5422] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2348'. [ 70.641274][ T5453] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=513 sclass=netlink_route_socket pid=5453 comm=syz.4.2363 [ 70.656481][ T5453] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2363'. [ 71.071671][ T5469] F2FS-fs (loop3): Found nat_bits in checkpoint [ 71.130227][ T24] kauditd_printk_skb: 98 callbacks suppressed [ 71.130238][ T24] audit: type=1326 audit(1763225762.305:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.2397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 71.162849][ T5469] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 71.170998][ T24] audit: type=1326 audit(1763225762.335:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.2397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 71.208780][ T24] audit: type=1326 audit(1763225762.335:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.2397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 71.286880][ T24] audit: type=1326 audit(1763225762.335:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.2397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 71.313835][ T5553] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2407'. [ 71.325370][ T5553] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.334655][ T5553] device bridge_slave_0 left promiscuous mode [ 71.341077][ T5553] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.348160][ T24] audit: type=1326 audit(1763225762.335:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.2397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 71.373224][ T24] audit: type=1326 audit(1763225762.335:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.2397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 71.374127][ T5557] tipc: Started in network mode [ 71.396856][ T24] audit: type=1326 audit(1763225762.335:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.2397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 71.401766][ T5557] tipc: Own node identity 4, cluster identity 4711 [ 71.431570][ T5557] tipc: 32-bit node address hash set to 4 [ 71.438054][ T24] audit: type=1326 audit(1763225762.335:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.2397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 71.468858][ T24] audit: type=1326 audit(1763225762.345:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.2397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 71.531976][ T24] audit: type=1326 audit(1763225762.345:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.2397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 71.560000][ T53] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 71.692885][ T5588] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2424'. [ 71.808673][ T53] usb 5-1: Using ep0 maxpacket: 16 [ 71.897033][ T5616] netlink: 'syz.0.2436': attribute type 16 has an invalid length. [ 71.905096][ T5616] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.2436'. [ 71.968775][ T53] usb 5-1: unable to get BOS descriptor or descriptor too short [ 72.048824][ T53] usb 5-1: config 13 has an invalid interface number: 50 but max is 0 [ 72.058184][ T53] usb 5-1: config 13 has no interface number 0 [ 72.076911][ T53] usb 5-1: config 13 interface 50 altsetting 167 bulk endpoint 0x8 has invalid maxpacket 16 [ 72.104719][ T53] usb 5-1: config 13 interface 50 has no altsetting 0 [ 72.196124][ T5556] F2FS-fs (loop1): Test dummy encryption mode enabled [ 72.229641][ T5556] F2FS-fs (loop1): invalid crc value [ 72.238042][ T5665] netlink: 'syz.2.2460': attribute type 4 has an invalid length. [ 72.246393][ T5665] netlink: 'syz.2.2460': attribute type 5 has an invalid length. [ 72.254609][ T5665] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.2460'. [ 72.256983][ T5556] F2FS-fs (loop1): Found nat_bits in checkpoint [ 72.281218][ T53] usb 5-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32 [ 72.290414][ T53] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 72.299039][ T53] usb 5-1: Product: syz [ 72.303221][ T53] usb 5-1: Manufacturer: syz [ 72.307830][ T53] usb 5-1: SerialNumber: syz [ 72.308438][ T5556] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 72.328751][ T5539] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 72.350191][ T5641] F2FS-fs (loop3): invalid crc value [ 72.376928][ T5674] overlayfs: overlapping lowerdir path [ 72.393440][ T5641] F2FS-fs (loop3): Found nat_bits in checkpoint [ 72.404787][ T5676] netlink: 204 bytes leftover after parsing attributes in process `syz.2.2463'. [ 72.436195][ T5641] F2FS-fs (loop3): Start checkpoint disabled! [ 72.442779][ T5641] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 72.543934][ T5681] EXT4-fs (loop0): Unrecognized mount option "mb_optimize_scan=0x0000000000000001" or missing value [ 72.579995][ T7] attempt to access beyond end of device [ 72.579995][ T7] loop3: rw=2049, want=40968, limit=40427 [ 72.592058][ T7] attempt to access beyond end of device [ 72.592058][ T7] loop3: rw=2049, want=41000, limit=40427 [ 72.708796][ T53] usb 5-1: MIDIStreaming interface descriptor not found [ 72.743382][ T53] usb 5-1: USB disconnect, device number 5 [ 73.163386][ T5762] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5762 comm=syz.0.2503 [ 74.022003][ T5854] __nla_validate_parse: 3 callbacks suppressed [ 74.022011][ T5854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2547'. [ 74.039093][ T5852] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2546'. [ 74.105550][ T5866] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 74.202943][ T5887] binder: 5886:5887 ioctl c0306201 200000000100 returned -14 [ 74.226684][ T5884] Alternate GPT is invalid, using primary GPT. [ 74.235561][ T5884] loop0: p1 p2 p3 [ 74.375849][ T5910] netlink: 288 bytes leftover after parsing attributes in process `syz.4.2574'. [ 74.456301][ T348] udevd[348]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 74.457525][ T1508] udevd[1508]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 74.467891][ T582] udevd[582]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 74.645752][ T5944] EXT4-fs (loop0): Ignoring removed oldalloc option [ 74.660140][ T5944] EXT4-fs (loop0): Ignoring removed bh option [ 74.666315][ T5944] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 74.666658][ T5959] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 74.714807][ T5944] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,nobarrier,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue [ 74.715007][ T5959] EXT4-fs (loop4): 1 truncate cleaned up [ 74.787346][ T5959] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 74.906633][ T5978] EXT4-fs (loop1): Unrecognized mount option "mb_optimize_scan=0x0000000000000001" or missing value [ 75.057625][ T6005] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2615'. [ 75.295819][ T6043] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 75.305695][ T6043] EXT4-fs (loop1): Test dummy encryption mode enabled [ 75.313757][ T6043] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 75.320948][ T6043] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 75.331960][ T6043] EXT4-fs (loop1): 1 truncate cleaned up [ 75.337616][ T6043] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid, [ 75.556602][ T6067] Alternate GPT is invalid, using primary GPT. [ 75.570923][ T6067] loop2: p1 p2 p3 [ 75.759538][ T348] udevd[348]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 75.770283][ T582] udevd[582]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 75.783587][ T1508] udevd[1508]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 75.795984][ T6076] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #11: comm syz.3.2649: ea_inode with extended attributes [ 75.824707][ T6076] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2649: error while reading EA inode 11 err=-117 [ 75.826945][ T348] udevd[348]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 75.839462][ T1508] udevd[1508]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 75.847763][ T582] udevd[582]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 75.856730][ T6076] EXT4-fs (loop3): 1 orphan inode deleted [ 75.866089][ T4000] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 75.880088][ T6076] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue [ 75.970827][ T6095] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2656'. [ 76.158713][ T4000] usb 2-1: Using ep0 maxpacket: 8 [ 76.278942][ T4000] usb 2-1: config 0 interface 0 altsetting 247 endpoint 0x81 has an invalid bInterval 202, changing to 11 [ 76.365785][ T4000] usb 2-1: config 0 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 76.525852][ T4000] usb 2-1: config 0 interface 0 has no altsetting 0 [ 76.591205][ T4000] usb 2-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.00 [ 76.604448][ T4000] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.616366][ T4000] usb 2-1: config 0 descriptor?? [ 76.754410][ T24] kauditd_printk_skb: 39 callbacks suppressed [ 76.754422][ T24] audit: type=1326 audit(1763225767.925:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6149 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 76.799806][ T24] audit: type=1326 audit(1763225767.965:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6149 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 76.824851][ T6159] TCP: TCP_TX_DELAY enabled [ 76.851547][ T24] audit: type=1326 audit(1763225767.965:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6149 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 76.882781][ T24] audit: type=1326 audit(1763225767.965:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6149 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 76.906402][ T24] audit: type=1326 audit(1763225767.965:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6149 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 77.211502][ T6079] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem [ 77.265213][ T4000] sony 0003:054C:09CC.0003: hidraw0: USB HID vff.ed Device [HID 054c:09cc] on usb-dummy_hcd.1-1/input0 [ 77.276354][ T4000] sony 0003:054C:09CC.0003: failed to claim input [ 77.312233][ T6181] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2693'. [ 77.324957][ T6181] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2693'. [ 77.378704][ T5] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 77.492934][ T4000] usb 2-1: USB disconnect, device number 3 [ 77.669999][ T6212] device veth1_macvtap left promiscuous mode [ 77.778751][ T5] usb 5-1: config 0 has no interfaces? [ 77.784250][ T5] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 77.794681][ T5] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.824140][ T5] usb 5-1: config 0 descriptor?? [ 77.962300][ T6232] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 77.977125][ T6232] EXT4-fs (loop0): Test dummy encryption mode enabled [ 77.984233][ T6232] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 77.991531][ T6232] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 78.002818][ T6232] EXT4-fs (loop0): 1 truncate cleaned up [ 78.008501][ T6232] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid, [ 78.073730][ T15] usb 5-1: USB disconnect, device number 6 [ 78.642938][ T24] audit: type=1326 audit(1763225769.785:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz.3.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 78.673337][ T24] audit: type=1326 audit(1763225769.785:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz.3.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 78.725599][ T24] audit: type=1326 audit(1763225769.795:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz.3.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 78.785700][ T24] audit: type=1326 audit(1763225769.795:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz.3.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 78.822186][ T24] audit: type=1326 audit(1763225769.795:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz.3.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 78.915029][ T6327] netlink: 172 bytes leftover after parsing attributes in process `syz.4.2761'. [ 79.170881][ T6359] netlink: 'syz.4.2776': attribute type 4 has an invalid length. [ 79.195923][ T6359] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2776'. [ 79.361749][ T6385] cgroup: Invalid name [ 79.760011][ T6402] capability: warning: `syz.0.2796' uses 32-bit capabilities (legacy support in use) [ 79.831484][ T6404] EXT4-fs (loop1): Ignoring removed orlov option [ 79.853559][ T6404] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 79.888787][ T6404] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 79.910607][ T6404] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2219: inode #15: comm syz.1.2797: corrupted in-inode xattr [ 79.923231][ T6404] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.2797: couldn't read orphan inode 15 (err -117) [ 79.936744][ T6404] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue [ 79.957526][ T6425] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2806'. [ 80.243274][ T6455] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 80.259493][ T6455] SELinux: (dev overlay, type overlay) has no security xattr handler [ 80.308679][ T15] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 80.482440][ T6477] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 80.491439][ T6477] ext4 filesystem being mounted at /526/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 80.558687][ T15] usb 2-1: Using ep0 maxpacket: 32 [ 80.655195][ T6501] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2841'. [ 80.664221][ T6501] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2841'. [ 80.718744][ T15] usb 2-1: unable to get BOS descriptor or descriptor too short [ 80.798714][ T15] usb 2-1: config 9 has an invalid interface number: 254 but max is 0 [ 80.806917][ T15] usb 2-1: config 9 has no interface number 0 [ 80.813114][ T15] usb 2-1: config 9 interface 254 has no altsetting 0 [ 80.929968][ T6521] No source specified [ 80.978714][ T15] usb 2-1: New USB device found, idVendor=0af0, idProduct=7601, bcdDevice=53.6c [ 80.994566][ T15] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.004626][ T15] usb 2-1: Product: syz [ 81.009375][ T15] usb 2-1: Manufacturer: syz [ 81.014007][ T15] usb 2-1: SerialNumber: syz [ 81.203227][ T6554] device batadv_slave_1 entered promiscuous mode [ 81.214508][ T6553] device batadv_slave_1 left promiscuous mode [ 81.235904][ T6560] 9pnet: Insufficient options for proto=fd [ 81.339520][ T15] usb 2-1: USB disconnect, device number 4 [ 81.353044][ T6587] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2884'. [ 81.356439][ T6589] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1279 sclass=netlink_xfrm_socket pid=6589 comm=syz.0.2883 [ 81.393631][ T6595] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2887'. [ 81.702955][ T6665] netlink: 'syz.0.2922': attribute type 4 has an invalid length. [ 81.774744][ T6667] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 82.022949][ T6699] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 82.038070][ T6699] FAT-fs (loop2): Filesystem has been set read-only [ 82.048165][ T6699] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 82.057035][ T6699] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 82.209351][ T6729] SELinux: Context system_u:object_r:inetd_var_run_t:s0 is not valid (left unmapped). [ 82.229242][ T24] kauditd_printk_skb: 85 callbacks suppressed [ 82.229254][ T24] audit: type=1400 audit(1763225773.405:1161): avc: denied { relabelto } for pid=6726 comm="syz.4.2952" name="555" dev="tmpfs" ino=3379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:inetd_var_run_t:s0" [ 82.234915][ T6728] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 82.245991][ T24] audit: type=1400 audit(1763225773.415:1162): avc: denied { associate } for pid=6726 comm="syz.4.2952" name="555" dev="tmpfs" ino=3379 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:inetd_var_run_t:s0" [ 82.272278][ T6728] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec018, mo2=0002] [ 82.308964][ T6728] System zones: 1-12 [ 82.318968][ T24] audit: type=1400 audit(1763225773.475:1163): avc: denied { write } for pid=6726 comm="syz.4.2952" name="555" dev="tmpfs" ino=3379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:inetd_var_run_t:s0" [ 82.345327][ T24] audit: type=1400 audit(1763225773.475:1164): avc: denied { add_name } for pid=6726 comm="syz.4.2952" name="cpuacct.usage_percpu" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:inetd_var_run_t:s0" [ 82.372104][ T24] audit: type=1400 audit(1763225773.475:1165): avc: denied { associate } for pid=6726 comm="syz.4.2952" name="cpuacct.usage_percpu" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 82.388914][ T6740] overlayfs: unrecognized mount option "uuid=null" or missing value [ 82.395161][ T24] audit: type=1400 audit(1763225773.475:1166): avc: denied { read append open } for pid=6726 comm="syz.4.2952" path="/555/cpuacct.usage_percpu" dev="tmpfs" ino=3385 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 82.407090][ T6728] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2815: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 82.427342][ T24] audit: type=1400 audit(1763225773.485:1167): avc: denied { remove_name } for pid=280 comm="syz-executor" name="cpuacct.usage_percpu" dev="tmpfs" ino=3385 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:inetd_var_run_t:s0" [ 82.427357][ T24] audit: type=1400 audit(1763225773.485:1168): avc: denied { unlink } for pid=280 comm="syz-executor" name="cpuacct.usage_percpu" dev="tmpfs" ino=3385 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 82.427378][ T24] audit: type=1400 audit(1763225773.485:1169): avc: denied { rmdir } for pid=280 comm="syz-executor" name="555" dev="tmpfs" ino=3379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:inetd_var_run_t:s0" [ 82.525736][ T6728] EXT4-fs (loop1): 1 truncate cleaned up [ 82.548903][ T6728] EXT4-fs (loop1): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,debug,nodiscard,quota,,errors=continue [ 82.764968][ T6777] EXT4-fs (loop4): Ignoring removed nobh option [ 82.780245][ T6777] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 82.792005][ T6777] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 82.804408][ T24] audit: type=1326 audit(1763225773.975:1170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6787 comm="syz.1.2977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 82.830459][ T6777] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,nouid32,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,nodiscard,data_err=ignore,grpquota,nobh,nomblk_io_submit,grpid,dioread_nolock,,errors=continue [ 83.799694][ T6881] netlink: 'syz.3.3019': attribute type 6 has an invalid length. [ 83.928944][ T6914] netlink: 'syz.3.3037': attribute type 12 has an invalid length. [ 83.941679][ T6907] erofs: Unknown parameter '&' [ 84.088691][ T6926] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.095887][ T6926] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.122060][ T6946] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 84.278669][ T6954] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3055'. [ 84.363318][ T6968] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3061'. [ 84.389205][ T6968] tc_dump_action: action bad kind [ 84.440902][ T6977] SELinux: failed to load policy [ 84.456948][ T6981] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 84.484642][ T6981] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,nodiscard,quota,,errors=continue [ 84.496372][ T6981] ext4 filesystem being mounted at /602/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 84.539956][ T7003] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=7003 comm=syz.4.3075 [ 84.666118][ T7028] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 84.676981][ T7028] ext4 filesystem being mounted at /586/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 84.871440][ T7059] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3103'. [ 84.885949][ T7059] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3103'. [ 85.033506][ T7095] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 85.201276][ T7144] netlink: 'syz.2.3141': attribute type 4 has an invalid length. [ 85.220982][ T7144] netlink: 17 bytes leftover after parsing attributes in process `syz.2.3141'. [ 85.254662][ T7149] netlink: 5 bytes leftover after parsing attributes in process `syz.4.3144'. [ 85.300377][ T7157] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3147'. [ 85.441674][ T7179] netem: change failed [ 85.454268][ T7183] netlink: 288 bytes leftover after parsing attributes in process `syz.3.3161'. [ 85.637211][ T7222] netlink: 192 bytes leftover after parsing attributes in process `syz.2.3179'. [ 85.647472][ T7226] cgroup: Need name or subsystem set [ 85.744246][ T7238] incfs: Options parsing error. -22 [ 85.755949][ T7238] incfs: mount failed -22 [ 85.763459][ T7242] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3189'. [ 86.272698][ T9] Bluetooth: hci0: Frame reassembly failed (-84) [ 86.397615][ T7367] bridge: RTM_NEWNEIGH with invalid ether address [ 86.493278][ T7395] IPv6: A: Disabled Multicast RS [ 86.659161][ T25] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 86.874846][ T7459] overlayfs: missing 'lowerdir' [ 86.898695][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 87.038845][ T25] usb 2-1: unable to get BOS descriptor or descriptor too short [ 87.108712][ T25] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 87.118470][ T25] usb 2-1: can't read configurations, error -71 [ 87.325383][ T7502] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.332521][ T7502] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.429599][ T7514] tipc: Failed to remove local publication {66,1,1}/2414333716 [ 87.437435][ T7514] tipc: Failed to remove local publication {66,1,1}/2414333716 [ 87.529428][ T24] kauditd_printk_skb: 137 callbacks suppressed [ 87.529437][ T24] audit: type=1400 audit(1763225778.705:1308): avc: denied { module_load } for pid=7530 comm="syz.1.3328" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1 [ 87.529450][ T7531] Module has invalid ELF structures [ 87.602952][ T24] audit: type=1326 audit(1763225778.775:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7539 comm="syz.1.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 87.633051][ T24] audit: type=1326 audit(1763225778.775:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7539 comm="syz.1.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 87.657840][ T24] audit: type=1326 audit(1763225778.795:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7539 comm="syz.1.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 87.704631][ T24] audit: type=1326 audit(1763225778.795:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7539 comm="syz.1.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 87.728259][ T24] audit: type=1326 audit(1763225778.805:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7539 comm="syz.1.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 87.765016][ T24] audit: type=1326 audit(1763225778.815:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7539 comm="syz.1.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 87.795421][ T24] audit: type=1326 audit(1763225778.825:1315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7539 comm="syz.1.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 87.801192][ T7546] netlink: 'syz.1.3336': attribute type 4 has an invalid length. [ 87.863648][ T7546] netlink: 'syz.1.3336': attribute type 5 has an invalid length. [ 87.876677][ T24] audit: type=1326 audit(1763225778.825:1316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7539 comm="syz.1.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 87.914825][ T7563] IPv6: NLM_F_CREATE should be specified when creating new route [ 87.931975][ T24] audit: type=1326 audit(1763225778.855:1317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7539 comm="syz.1.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 87.983884][ T7569] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.991100][ T7569] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.348688][ T15] Bluetooth: hci0: command 0x1003 tx timeout [ 88.355146][ T7334] Bluetooth: hci0: sending frame failed (-49) [ 88.498715][ T25] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 88.748733][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 88.813906][ T7636] EXT4-fs (loop0): bad s_want_extra_isize: 192 [ 88.868713][ T25] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 88.879038][ T25] usb 5-1: config 135 has 0 interfaces, different from the descriptor's value: 1 [ 89.027679][ T7681] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 89.040303][ T25] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 89.053491][ T7681] ext4 filesystem being mounted at /689/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 89.067342][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.090531][ T25] usb 5-1: Product: syz [ 89.102446][ T25] usb 5-1: Manufacturer: syz [ 89.111473][ T25] usb 5-1: SerialNumber: syz [ 89.290057][ T7707] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 89.299124][ T7707] ext4 filesystem being mounted at /691/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.389239][ T25] usb 5-1: USB disconnect, device number 7 [ 89.933023][ T7739] bridge0: port 3(erspan0) entered blocking state [ 89.940047][ T7739] bridge0: port 3(erspan0) entered disabled state [ 89.946879][ T7739] device erspan0 entered promiscuous mode [ 90.047161][ T7758] netlink: 'syz.0.3432': attribute type 4 has an invalid length. [ 90.055355][ T7758] netlink: 'syz.0.3432': attribute type 5 has an invalid length. [ 90.063146][ T7758] __nla_validate_parse: 8 callbacks suppressed [ 90.063152][ T7758] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.3432'. [ 90.078534][ T7769] device sit0 entered promiscuous mode [ 90.085496][ T7769] netlink: 'syz.3.3438': attribute type 1 has an invalid length. [ 90.093368][ T7769] netlink: 1 bytes leftover after parsing attributes in process `syz.3.3438'. [ 90.152938][ T7771] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 90.164670][ T7771] ext4 filesystem being mounted at /691/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 90.179525][ T7771] EXT4-fs error (device loop0) in ext4_do_update_inode:5336: error 27 [ 90.190185][ T7771] EXT4-fs error (device loop0): ext4_dirty_inode:6143: inode #2: comm syz.0.3439: mark_inode_dirty error [ 90.193762][ T7788] netlink: 152 bytes leftover after parsing attributes in process `syz.4.3445'. [ 90.220242][ T7771] EXT4-fs error (device loop0) in ext4_do_update_inode:5336: error 27 [ 90.235736][ T7771] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #2: comm syz.0.3439: mark_inode_dirty error [ 90.250786][ T7793] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables [ 90.260438][ T7793] xt_CT: You must specify a L4 protocol and not use inversions on it [ 90.351615][ T7816] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3452'. [ 90.428692][ T5] Bluetooth: hci0: command 0x1001 tx timeout [ 90.434860][ T7334] Bluetooth: hci0: sending frame failed (-49) [ 90.570286][ T7838] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 90.579363][ T7838] ext4 filesystem being mounted at /710/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 90.616365][ T7838] EXT4-fs error (device loop1) in ext4_do_update_inode:5336: error 27 [ 90.624864][ T7838] EXT4-fs error (device loop1): ext4_dirty_inode:6143: inode #2: comm syz.1.3469: mark_inode_dirty error [ 90.636267][ T7838] EXT4-fs error (device loop1) in ext4_do_update_inode:5336: error 27 [ 90.644685][ T7838] EXT4-fs error (device loop1): __ext4_ext_dirty:182: inode #2: comm syz.1.3469: mark_inode_dirty error [ 90.831868][ T7861] exfat: Deprecated parameter 'namecase' [ 90.871016][ T7861] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 91.069904][ T7899] syz.1.3497[7899] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 91.069957][ T7899] syz.1.3497[7899] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 91.307151][ T7960] overlayfs: unrecognized mount option "/" or missing value [ 91.448440][ T7984] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3538'. [ 91.841868][ T8058] netlink: 'syz.4.3573': attribute type 3 has an invalid length. [ 92.030744][ T8066] xt_CT: No such helper "pptp" [ 92.292972][ T8085] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.3585: ea_inode with extended attributes [ 92.305958][ T8085] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.3585: error while reading EA inode 11 err=-117 [ 92.318515][ T8085] EXT4-fs (loop0): 1 orphan inode deleted [ 92.324462][ T8085] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue [ 92.455361][ T8109] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8109 comm=syz.0.3596 [ 92.479952][ T8113] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3598'. [ 92.508760][ T53] Bluetooth: hci0: command 0x1009 tx timeout [ 92.547707][ T8134] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 92.848008][ T8205] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3643'. [ 92.959541][ T8225] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18d7c, utbl_chksum : 0xe619d30d) [ 93.076961][ T24] kauditd_printk_skb: 229 callbacks suppressed [ 93.076972][ T24] audit: type=1326 audit(1763225784.245:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8242 comm="syz.1.3661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 93.107767][ T24] audit: type=1326 audit(1763225784.275:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8242 comm="syz.1.3661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 93.136249][ T24] audit: type=1326 audit(1763225784.305:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8242 comm="syz.1.3661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 93.174232][ T24] audit: type=1326 audit(1763225784.305:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8242 comm="syz.1.3661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 93.321826][ T24] audit: type=1326 audit(1763225784.495:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.4.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 93.359138][ T24] audit: type=1326 audit(1763225784.495:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.4.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 93.397851][ T24] audit: type=1326 audit(1763225784.495:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.4.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 93.436374][ T24] audit: type=1326 audit(1763225784.495:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.4.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 93.461464][ T24] audit: type=1326 audit(1763225784.495:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.4.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 93.485772][ T24] audit: type=1326 audit(1763225784.495:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.4.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 93.732915][ T8305] netlink: 'syz.3.3685': attribute type 15 has an invalid length. [ 94.087836][ T8307] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue [ 94.089367][ T8303] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 94.102135][ T8307] ext4 filesystem being mounted at /760/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.134683][ T8307] EXT4-fs error (device loop0) in ext4_do_update_inode:5336: error 27 [ 94.151318][ T8307] EXT4-fs error (device loop0): ext4_dirty_inode:6143: inode #2: comm syz.0.3690: mark_inode_dirty error [ 94.164914][ T8307] EXT4-fs error (device loop0) in ext4_do_update_inode:5336: error 27 [ 94.175349][ T8307] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #2: comm syz.0.3690: mark_inode_dirty error [ 94.367003][ T8343] incfs: Can't find or create .index dir in ./file0 [ 94.374770][ T8343] incfs: mount failed -14 [ 94.484565][ T8351] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 94.649859][ T8381] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 94.658855][ T8381] ext4 filesystem being mounted at /766/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.670112][ T8379] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=8379 comm=syz.3.3719 [ 94.685813][ T8379] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3719'. [ 95.157158][ T8428] F2FS-fs (loop0): Found nat_bits in checkpoint [ 95.270584][ T8428] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 95.414547][ T8482] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 95.423708][ T8482] ext4 filesystem being mounted at /749/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 95.484826][ T8482] EXT4-fs error (device loop4) in ext4_do_update_inode:5336: error 27 [ 95.502900][ T8482] EXT4-fs error (device loop4): ext4_dirty_inode:6143: inode #2: comm syz.4.3766: mark_inode_dirty error [ 95.514489][ T8482] EXT4-fs error (device loop4) in ext4_do_update_inode:5336: error 27 [ 95.522972][ T8482] EXT4-fs error (device loop4): __ext4_ext_dirty:182: inode #2: comm syz.4.3766: mark_inode_dirty error [ 95.544495][ T8507] tipc: Failed to remove local publication {66,1,1}/61640321 [ 95.552324][ T8507] tipc: Failed to remove local publication {66,1,1}/61640321 [ 95.559891][ T8507] tipc: Failed to remove local publication {66,1,1}/61640321 [ 96.511306][ T8579] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3810'. [ 96.698230][ T8605] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 96.797949][ T8637] x_tables: duplicate underflow at hook 1 [ 96.807367][ T8639] overlayfs: failed to resolve './file1': -2 [ 97.008417][ T766] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 97.102054][ T8675] netlink: 100 bytes leftover after parsing attributes in process `syz.0.3856'. [ 97.378420][ T766] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 97.389299][ T766] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 97.403011][ T766] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 97.412341][ T766] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.421820][ T766] usb 3-1: config 0 descriptor?? [ 97.458863][ T766] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 97.717038][ T4000] usb 3-1: USB disconnect, device number 5 [ 98.083206][ T8729] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 98.167635][ T8729] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 98.546895][ T8729] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 98.600960][ T24] kauditd_printk_skb: 738 callbacks suppressed [ 98.600971][ T24] audit: type=1326 audit(1763225789.766:2295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8734 comm="syz.2.3883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 98.630683][ T24] audit: type=1326 audit(1763225789.766:2296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8734 comm="syz.2.3883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 98.688860][ T24] audit: type=1326 audit(1763225789.766:2297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8734 comm="syz.2.3883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 98.721928][ T24] audit: type=1326 audit(1763225789.766:2298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8734 comm="syz.2.3883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 98.763517][ T24] audit: type=1326 audit(1763225789.766:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8734 comm="syz.2.3883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 98.788482][ T24] audit: type=1326 audit(1763225789.766:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8734 comm="syz.2.3883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 98.812926][ T24] audit: type=1326 audit(1763225789.766:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8734 comm="syz.2.3883" exe="/root/syz-executor" sig=0 arch=40000003 syscall=71 compat=1 ip=0x200000000006 code=0x7ffc0000 [ 98.866742][ T24] audit: type=1326 audit(1763225789.766:2302): auid=4294967295 uid=0 gid=12192 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8734 comm="syz.2.3883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 99.022527][ T24] audit: type=1326 audit(1763225789.766:2303): auid=4294967295 uid=0 gid=12192 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8734 comm="syz.2.3883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 99.080632][ T8753] EXT4-fs error (device loop1): ext4_orphan_get:1395: inode #15: comm syz.1.3889: iget: bad i_size value: 38620345925642 [ 99.094303][ T8753] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.3889: couldn't read orphan inode 15 (err -117) [ 99.107250][ T8753] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 99.128768][ T8758] netlink: 140 bytes leftover after parsing attributes in process `syz.2.3890'. [ 99.820869][ T7] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm kworker/u4:0: bg 0: block 5: invalid block bitmap [ 100.055522][ T7] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 100.223778][ T7] EXT4-fs (loop1): This should not happen!! Data will be lost [ 100.223778][ T7] [ 100.247475][ T7] EXT4-fs (loop1): Total free blocks count 0 [ 100.253683][ T7] EXT4-fs (loop1): Free/Dirty block details [ 100.260017][ T7] EXT4-fs (loop1): free_blocks=0 [ 100.265034][ T7] EXT4-fs (loop1): dirty_blocks=16000 [ 100.274586][ T7] EXT4-fs (loop1): Block reservation details [ 100.281112][ T7] EXT4-fs (loop1): i_reserved_data_blocks=16000 [ 100.323369][ T7] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28 [ 100.358816][ T8781] syz.4.3905[8781] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.358873][ T8781] syz.4.3905[8781] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.386401][ T7] EXT4-fs (loop1): This should not happen!! Data will be lost [ 100.386401][ T7] [ 100.399396][ T8783] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 100.418055][ T8783] ext4 filesystem being mounted at /637/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 100.441627][ T24] audit: type=1326 audit(1763225791.616:2304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8789 comm="syz.3.3908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 100.470081][ T8794] netlink: 'syz.0.3910': attribute type 5 has an invalid length. [ 100.576545][ T8805] netlink: 100 bytes leftover after parsing attributes in process `syz.4.3914'. [ 100.598079][ T8811] overlayfs: bad mount option "redirect_dir=on:/" [ 100.965596][ T8879] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 101.630161][ T8923] device ip6_vti0 left promiscuous mode [ 101.636345][ T8923] netlink: 136 bytes leftover after parsing attributes in process `syz.1.3970'. [ 101.645874][ T8923] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 102.003958][ T8957] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3985'. [ 102.084695][ T8964] overlayfs: failed to resolve '/ [ 102.084695][ T8964] 151711938': -2 [ 102.171509][ T8982] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3996'. [ 102.863735][ T9023] netlink: 'syz.1.4015': attribute type 3 has an invalid length. [ 102.871750][ T9023] netlink: 'syz.1.4015': attribute type 3 has an invalid length. [ 103.210977][ T9031] fuse: Invalid rootmode [ 103.327119][ T9047] netlink: 1004 bytes leftover after parsing attributes in process `syz.3.4027'. [ 103.435440][ T9069] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4038'. [ 103.455160][ T9069] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4038'. [ 103.507837][ T9078] fuseblk: Invalid rootmode [ 103.548348][ T9091] device ipip0 entered promiscuous mode [ 103.697726][ T24] kauditd_printk_skb: 385 callbacks suppressed [ 103.697737][ T24] audit: type=1400 audit(1763225794.866:2690): avc: denied { write } for pid=9112 comm="syz.1.4058" name="/" dev="configfs" ino=13756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 103.830996][ T9132] netlink: 182 bytes leftover after parsing attributes in process `syz.4.4067'. [ 103.843490][ T24] audit: type=1326 audit(1763225795.016:2691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9130 comm="syz.0.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 103.898021][ T24] audit: type=1326 audit(1763225795.016:2692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9130 comm="syz.0.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 103.934224][ T24] audit: type=1326 audit(1763225795.036:2693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9130 comm="syz.0.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 103.982358][ T24] audit: type=1326 audit(1763225795.036:2694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9130 comm="syz.0.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 104.012801][ T24] audit: type=1326 audit(1763225795.036:2695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9130 comm="syz.0.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7971ad26c9 code=0x7ffc0000 [ 104.170269][ T9191] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 104.444188][ T9237] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 104.458021][ T9237] ext4 filesystem being mounted at /686/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 104.498864][ T9237] EXT4-fs error (device loop2) in ext4_do_update_inode:5336: error 27 [ 104.514407][ T9237] EXT4-fs error (device loop2): ext4_dirty_inode:6143: inode #2: comm syz.2.4116: mark_inode_dirty error [ 104.526044][ T9237] EXT4-fs error (device loop2) in ext4_do_update_inode:5336: error 27 [ 104.534415][ T9237] EXT4-fs error (device loop2): __ext4_ext_dirty:182: inode #2: comm syz.2.4116: mark_inode_dirty error [ 104.568117][ T9255] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4123'. [ 104.982132][ T24] audit: type=1400 audit(1763225796.156:2696): avc: denied { audit_write } for pid=9293 comm="syz.2.4141" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 105.092347][ T9305] overlayfs: missing 'lowerdir' [ 105.146319][ T9314] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4150'. [ 105.195498][ T9321] IPv6: NLM_F_CREATE should be specified when creating new route [ 105.322561][ T9343] netlink: 188 bytes leftover after parsing attributes in process `syz.4.4165'. [ 105.352103][ T9345] device sit0 left promiscuous mode [ 105.496071][ T9365] syz.2.4176[9365] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 105.496126][ T9365] syz.2.4176[9365] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 105.516245][ T9367] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 105.582597][ T53] ip6_tunnel: M xmit: Local address not yet configured! [ 105.590464][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 105.608237][ T548] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.615275][ T548] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.642392][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 105.661617][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 105.673735][ T548] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.680802][ T548] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.702314][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 105.712431][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 105.721475][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 105.730268][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 105.743142][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 105.752388][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 105.760713][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 105.769074][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 105.781590][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 105.790630][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 105.799275][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 105.807803][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 105.816572][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 105.825194][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 105.833734][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 105.841659][ T24] audit: type=1400 audit(1763225797.006:2697): avc: denied { create } for pid=9402 comm="syz.3.4193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 105.861966][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 105.870168][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 105.878296][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 105.886927][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 105.895662][ T9394] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 105.895711][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 105.908275][ T9394] EXT4-fs (loop2): Test dummy encryption mode enabled [ 105.911246][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 105.925125][ T24] audit: type=1326 audit(1763225797.096:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9406 comm="syz.3.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 105.927668][ T9394] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 105.948768][ T24] audit: type=1326 audit(1763225797.096:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9406 comm="syz.3.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 105.979610][ T9394] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 105.979787][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 105.997127][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 106.005473][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 106.008865][ T9394] EXT4-fs (loop2): 1 truncate cleaned up [ 106.014319][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 106.027334][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 106.035197][ T548] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 106.043042][ T9394] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid, [ 106.403796][ T9498] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 106.459598][ T9510] fuse: Bad value for 'fd' [ 106.608093][ T9547] overlayfs: empty lowerdir [ 106.787850][ T3996] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 106.951552][ T9567] overlayfs: failed to clone upperpath [ 107.013032][ T9579] overlayfs: missing 'lowerdir' [ 107.034412][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 107.038008][ T3996] usb 5-1: Using ep0 maxpacket: 32 [ 107.060550][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 107.068759][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 107.076982][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 107.101037][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 107.109406][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 107.117586][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 107.125816][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 107.134207][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 107.142346][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 107.149847][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 107.207850][ T3996] usb 5-1: unable to get BOS descriptor or descriptor too short [ 107.287906][ T3996] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 107.298302][ T3996] usb 5-1: config 0 has no interfaces? [ 107.547907][ T3996] usb 5-1: language id specifier not provided by device, defaulting to English [ 107.667976][ T3996] usb 5-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55 [ 107.677062][ T3996] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.685273][ T3996] usb 5-1: Product: syz [ 107.689569][ T3996] usb 5-1: Manufacturer: syz [ 107.694970][ T3996] usb 5-1: SerialNumber: syz [ 107.701125][ T3996] usb 5-1: config 0 descriptor?? [ 107.758799][ T9615] incfs: Can't find or create .index dir in ./file0 [ 107.765486][ T9615] incfs: mount failed -14 [ 107.941811][ T310] usb 5-1: USB disconnect, device number 8 [ 108.037513][ T9630] __nla_validate_parse: 5 callbacks suppressed [ 108.037521][ T9630] netlink: 136 bytes leftover after parsing attributes in process `syz.0.4304'. [ 108.053084][ T9630] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 108.078496][ T9634] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=9634 comm=syz.0.4306 [ 108.156537][ T9640] netlink: 'syz.3.4305': attribute type 3 has an invalid length. [ 108.164495][ T9640] netlink: 'syz.3.4305': attribute type 3 has an invalid length. [ 108.232571][ T9642] binder: 9641:9642 ioctl c0306201 0 returned -14 [ 108.423602][ T9649] netlink: 324 bytes leftover after parsing attributes in process `syz.0.4321'. [ 108.433106][ T9649] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4321'. [ 108.516467][ T9664] netlink: 'syz.2.4319': attribute type 5 has an invalid length. [ 108.530034][ T9664] device ip6erspan0 entered promiscuous mode [ 108.582339][ T9680] netlink: 'syz.2.4328': attribute type 27 has an invalid length. [ 108.687711][ T3996] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 108.689773][ T9693] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 109.162217][ T9718] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4345'. [ 109.247919][ T24] kauditd_printk_skb: 82 callbacks suppressed [ 109.247928][ T24] audit: type=1326 audit(1763225800.426:2782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9731 comm="syz.2.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 109.278401][ T3996] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 109.291596][ T3996] usb 2-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 109.297711][ T24] audit: type=1326 audit(1763225800.426:2783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9731 comm="syz.2.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 109.301076][ T3996] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.332812][ T24] audit: type=1326 audit(1763225800.426:2784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9731 comm="syz.2.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 109.356450][ T3996] usb 2-1: config 0 descriptor?? [ 109.361697][ T24] audit: type=1326 audit(1763225800.426:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9731 comm="syz.2.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 109.392158][ T24] audit: type=1326 audit(1763225800.426:2786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9731 comm="syz.2.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 109.443355][ T24] audit: type=1326 audit(1763225800.426:2787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9731 comm="syz.2.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 109.495771][ T24] audit: type=1326 audit(1763225800.426:2788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9731 comm="syz.2.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 109.520601][ T24] audit: type=1326 audit(1763225800.426:2789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9731 comm="syz.2.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 109.545017][ T24] audit: type=1326 audit(1763225800.426:2790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9731 comm="syz.2.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 109.570319][ T24] audit: type=1326 audit(1763225800.426:2791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9731 comm="syz.2.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 109.947694][ C0] ip6_tunnel: M xmit: Local address not yet configured! [ 109.957730][ T3996] usbhid 2-1:0.0: can't add hid device: -71 [ 109.973089][ T3996] usbhid: probe of 2-1:0.0 failed with error -71 [ 110.000220][ T3996] usb 2-1: USB disconnect, device number 7 [ 110.052553][ T9787] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4378'. [ 110.205463][ T9832] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4399'. [ 110.279905][ T9850] netlink: 182 bytes leftover after parsing attributes in process `syz.0.4407'. [ 110.398751][ T9863] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 110.419648][ T9863] EXT4-fs (loop0): Test dummy encryption mode enabled [ 110.426542][ T9863] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 110.434097][ T9863] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 110.460238][ T9884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9884 comm=syz.1.4423 [ 110.473669][ T9863] EXT4-fs (loop0): 1 truncate cleaned up [ 110.479636][ T9863] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid, [ 110.712186][ T9931] netlink: 84 bytes leftover after parsing attributes in process `syz.0.4446'. [ 110.741401][ T9931] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4446'. [ 110.968791][ T9976] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4467'. [ 112.045419][T10093] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 112.052679][T10093] IPv6: NLM_F_CREATE should be set when creating new route [ 112.149522][T10093] device sit0 left promiscuous mode [ 112.268385][T10093] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.275530][T10093] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.728689][T10093] device ip6erspan0 left promiscuous mode [ 112.757767][T10093] device veth0 left promiscuous mode [ 113.857485][ T310] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 114.097413][ T310] usb 5-1: Using ep0 maxpacket: 8 [ 114.217442][ T310] usb 5-1: unable to get BOS descriptor or descriptor too short [ 114.277435][ T310] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 114.285023][ T310] usb 5-1: can't read configurations, error -71 [ 114.427036][T10245] __nla_validate_parse: 3 callbacks suppressed [ 114.427044][T10245] netlink: 52 bytes leftover after parsing attributes in process `syz.1.4589'. [ 114.520583][ T24] kauditd_printk_skb: 92 callbacks suppressed [ 114.520593][ T24] audit: type=1400 audit(1763225805.686:2884): avc: denied { create } for pid=10266 comm="syz.3.4601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 114.555040][T10273] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4604'. [ 114.571546][T10272] EXT4-fs (loop0): dax option not supported [ 114.614078][ T24] audit: type=1400 audit(1763225805.776:2885): avc: denied { getopt } for pid=10289 comm="syz.1.4612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 114.789569][T10293] lo: Caught tx_queue_len zero misconfig [ 115.124156][ T24] audit: type=1326 audit(1763225806.286:2886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.1.4617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 115.378109][ T24] audit: type=1326 audit(1763225806.316:2887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.1.4617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 115.672170][ T24] audit: type=1326 audit(1763225806.316:2888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.1.4617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 115.729159][T10325] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4624'. [ 115.742452][ T24] audit: type=1326 audit(1763225806.316:2889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.1.4617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 115.747784][T10325] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4624'. [ 115.776146][ T24] audit: type=1326 audit(1763225806.326:2890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.1.4617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 115.786372][T10332] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4630'. [ 115.834055][ T24] audit: type=1326 audit(1763225806.336:2891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.1.4617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 115.857771][ T24] audit: type=1326 audit(1763225806.346:2892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.1.4617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 115.882897][ T24] audit: type=1326 audit(1763225806.346:2893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.1.4617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 115.884927][T10336] overlayfs: missing 'lowerdir' [ 116.387481][T10422] EXT4-fs (loop4): dax option not supported [ 116.674700][T10460] syz.0.4689[10460] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 116.674751][T10460] syz.0.4689[10460] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 116.703859][T10456] EXT4-fs (loop2): dax option not supported [ 116.733271][T10465] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 116.746861][T10465] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 116.755228][T10465] EXT4-fs (loop0): orphan cleanup on readonly fs [ 116.762896][T10465] EXT4-fs error (device loop0): ext4_quota_enable:6447: inode #3: comm syz.0.4691: iget: bad i_size value: 1407374883559424 [ 116.776401][T10465] EXT4-fs error (device loop0): ext4_quota_enable:6450: comm syz.0.4691: Bad quota inode: 3, type: 0 [ 116.787560][T10465] EXT4-fs warning (device loop0): ext4_enable_quotas:6491: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 116.802200][T10465] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 116.808947][T10465] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=abort,nodelalloc,dioread_nolock,max_batch_time=0x000000000000000b,max_dir_size_kb=0x0000000000000002,noblock_validity,grpid,acl,nodiscard,,errors=continue [ 117.152434][T10485] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4702'. [ 117.237600][T10503] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4710'. [ 117.302467][T10517] netlink: 17 bytes leftover after parsing attributes in process `syz.0.4716'. [ 117.376543][T10533] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4725'. [ 117.408366][T10539] netlink: 'syz.0.4726': attribute type 32 has an invalid length. [ 117.415550][T10541] device sit0 entered promiscuous mode [ 117.421763][T10541] netlink: 'syz.3.4728': attribute type 1 has an invalid length. [ 117.434324][T10541] netlink: 1 bytes leftover after parsing attributes in process `syz.3.4728'. [ 117.800749][T10591] xt_CT: No such helper "pptp" [ 118.054177][T10612] syz.4.4763 uses obsolete (PF_INET,SOCK_PACKET) [ 118.295525][T10668] device sit0 entered promiscuous mode [ 118.307068][T10668] netlink: 'syz.4.4789': attribute type 1 has an invalid length. [ 118.337322][T10676] netlink: 'syz.1.4794': attribute type 1 has an invalid length. [ 118.366879][T10686] Module has invalid ELF structures [ 118.633419][T10719] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 118.640676][T10719] EXT4-fs (loop0): Test dummy encryption mode enabled [ 118.647527][T10719] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 118.654689][T10719] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 118.706934][T10719] EXT4-fs (loop0): 1 truncate cleaned up [ 118.712842][T10719] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid, [ 118.815575][T10747] xt_CT: No such helper "pptp" [ 118.987329][ C0] ip6_tunnel: M xmit: Local address not yet configured! [ 119.172313][T10775] incfs: Backing dir is not set, filesystem can't be mounted. [ 119.180062][T10775] incfs: mount failed -2 [ 119.288392][T10781] netlink: 'syz.0.4838': attribute type 3 has an invalid length. [ 119.296285][T10781] netlink: 'syz.0.4838': attribute type 3 has an invalid length. [ 119.660176][T10787] EXT4-fs (loop2): Ignoring removed orlov option [ 119.703265][T10787] EXT4-fs (loop2): mounted filesystem without journal. Opts: block_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,norecovery,,errors=continue [ 119.737034][T10807] device sit0 entered promiscuous mode [ 119.768878][T10807] netlink: 'syz.1.4852': attribute type 1 has an invalid length. [ 119.797711][T10807] __nla_validate_parse: 5 callbacks suppressed [ 119.797718][T10807] netlink: 1 bytes leftover after parsing attributes in process `syz.1.4852'. [ 119.830531][T10815] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4856'. [ 120.000782][T10845] netlink: 'syz.3.4869': attribute type 1 has an invalid length. [ 120.009261][ T24] kauditd_printk_skb: 38 callbacks suppressed [ 120.009271][ T24] audit: type=1326 audit(1763225811.187:2932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.1.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 120.009354][T10845] netlink: 1 bytes leftover after parsing attributes in process `syz.3.4869'. [ 120.078119][ T24] audit: type=1326 audit(1763225811.187:2933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.1.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 120.102646][ T24] audit: type=1326 audit(1763225811.217:2934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.1.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 120.127670][ T24] audit: type=1326 audit(1763225811.217:2935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.1.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 120.151895][ T24] audit: type=1326 audit(1763225811.217:2936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.1.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 120.177817][ T24] audit: type=1326 audit(1763225811.217:2937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.1.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 120.231411][T10870] device vlan2 entered promiscuous mode [ 120.243360][ T24] audit: type=1326 audit(1763225811.217:2938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.1.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 120.267416][ T24] audit: type=1326 audit(1763225811.217:2939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.1.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 120.269624][T10870] device bridge0 entered promiscuous mode [ 120.297251][ T24] audit: type=1326 audit(1763225811.217:2940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.1.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 120.326397][ T24] audit: type=1326 audit(1763225811.217:2941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.1.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 120.355638][T10880] xt_CT: No such helper "pptp" [ 120.398826][T10886] fuse: Bad value for 'rootmode' [ 120.519978][T10911] SELinux: Context system_u:object_r:sendmail_exec_t:s0 is not valid (left unmapped). [ 120.544802][T10911] netlink: 'syz.2.4895': attribute type 4 has an invalid length. [ 120.640794][T10932] overlayfs: failed to clone upperpath [ 120.653434][T10937] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4915'. [ 120.740131][T10956] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4922'. [ 120.900531][T10992] tipc: Started in network mode [ 120.906104][T10992] tipc: Own node identity 10001, cluster identity 4711 [ 120.914051][T10992] tipc: 32-bit node address hash set to 10001 [ 120.924245][T10989] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 120.971416][T10989] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 120.983598][T10989] EXT4-fs (loop4): orphan cleanup on readonly fs [ 120.990639][T10989] EXT4-fs error (device loop4): ext4_quota_enable:6447: inode #3: comm syz.4.4936: iget: bad i_size value: 1407374883559424 [ 121.009123][T10989] EXT4-fs error (device loop4): ext4_quota_enable:6450: comm syz.4.4936: Bad quota inode: 3, type: 0 [ 121.027102][T10989] EXT4-fs warning (device loop4): ext4_enable_quotas:6491: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 121.047031][T10989] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 121.053757][T10989] EXT4-fs (loop4): mounted filesystem without journal. Opts: data_err=abort,nodelalloc,dioread_nolock,max_batch_time=0x000000000000000b,max_dir_size_kb=0x0000000000000002,noblock_validity,grpid,acl,nodiscard,,errors=continue [ 121.152413][T11014] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4947'. [ 121.244545][T11032] netlink: 'syz.4.4960': attribute type 1 has an invalid length. [ 121.387800][T11050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4967'. [ 121.397201][T11050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4967'. [ 121.569888][T11074] netlink: 17 bytes leftover after parsing attributes in process `syz.4.4987'. [ 122.444046][T11110] validate_nla: 2 callbacks suppressed [ 122.444054][T11110] netlink: 'syz.0.4995': attribute type 10 has an invalid length. [ 122.457784][T11110] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4995'. [ 122.468082][T11110] device wg0 entered promiscuous mode [ 123.199281][T11135] netlink: 'syz.4.5005': attribute type 4 has an invalid length. [ 123.311312][T11135] netlink: 'syz.4.5005': attribute type 5 has an invalid length. [ 123.344711][T11139] fuse: Bad value for 'fd' [ 123.461985][T11159] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 123.763757][T11188] IPv6: NLM_F_CREATE should be specified when creating new route [ 123.935710][T11200] 9pnet: Insufficient options for proto=fd [ 123.963235][T11193] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 123.978961][T11193] EXT4-fs (loop0): Test dummy encryption mode enabled [ 123.990756][T11193] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 123.998148][T11193] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 124.013152][T11193] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002] [ 124.021373][T11193] System zones: 1-12 [ 124.025949][T11193] EXT4-fs (loop0): 1 truncate cleaned up [ 124.031723][T11193] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,,errors=continue [ 124.337556][T11278] FAT-fs (loop2): bogus logical sector size 128 [ 124.343820][T11278] FAT-fs (loop2): Can't find a valid FAT filesystem [ 124.416149][T11293] fuse: Bad value for 'rootmode' [ 124.424697][T11296] syz.1.5091[11296] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 124.424751][T11296] syz.1.5091[11296] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 124.464149][ T474] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 124.483674][ T474] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 124.509556][T11303] fido_id[11303]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 125.342234][T11339] __nla_validate_parse: 2 callbacks suppressed [ 125.342242][T11339] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5099'. [ 126.301935][T11402] netlink: 'syz.3.5127': attribute type 4 has an invalid length. [ 126.318559][T11402] netlink: 'syz.3.5127': attribute type 5 has an invalid length. [ 126.326623][T11402] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.5127'. [ 126.431164][T11413] netlink: 104 bytes leftover after parsing attributes in process `syz.0.5132'. [ 126.585091][T11436] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 126.597378][T11436] overlayfs: missing 'lowerdir' [ 126.914637][ T24] kauditd_printk_skb: 93 callbacks suppressed [ 126.914648][ T24] audit: type=1400 audit(1763225818.077:3035): avc: denied { append } for pid=11465 comm="syz.0.5157" name="rtc0" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 126.961319][ T24] audit: type=1326 audit(1763225818.117:3036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11469 comm="syz.1.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 127.031874][ T24] audit: type=1326 audit(1763225818.117:3037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11469 comm="syz.1.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 127.060993][ T24] audit: type=1326 audit(1763225818.117:3038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11469 comm="syz.1.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 127.114937][ T24] audit: type=1326 audit(1763225818.117:3039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11469 comm="syz.1.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 127.163292][ T24] audit: type=1326 audit(1763225818.117:3040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11469 comm="syz.1.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 127.213963][ T24] audit: type=1326 audit(1763225818.117:3041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11469 comm="syz.1.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 127.263863][ T24] audit: type=1326 audit(1763225818.127:3042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11469 comm="syz.1.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 127.287487][ T24] audit: type=1326 audit(1763225818.127:3043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11469 comm="syz.1.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 127.311205][ T24] audit: type=1326 audit(1763225818.127:3044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11469 comm="syz.1.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0703d16c9 code=0x7ffc0000 [ 127.408925][T11514] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5179'. [ 127.652885][T11514] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11514 comm=syz.2.5179 [ 127.731089][T11521] xt_hashlimit: size too large, truncated to 1048576 [ 127.770096][T11524] EXT4-fs (loop2): Ignoring removed nobh option [ 127.784897][T11524] EXT4-fs (loop2): Ignoring removed bh option [ 127.793123][T11524] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 127.807706][T11524] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,data_err=abort,barrier=0x0000000000000001,dioread_nolock,grpjquota=,quota,data_err=ignore,grpquota,nobh,user_xattr,bh,minixdf,,errors=continue [ 128.055916][T11548] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 128.094751][T11548] EXT4-fs (loop2): Test dummy encryption mode enabled [ 128.107230][T11548] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 128.114537][T11548] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 128.136067][T11548] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002] [ 128.152130][T11548] System zones: 1-12 [ 128.160038][T11548] EXT4-fs (loop2): 1 truncate cleaned up [ 128.165770][T11548] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,,errors=continue [ 128.337459][T11585] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5207'. [ 128.389708][T11572] F2FS-fs (loop0): invalid crc value [ 128.422595][T11572] F2FS-fs (loop0): Found nat_bits in checkpoint [ 128.454932][T11572] F2FS-fs (loop0): Start checkpoint disabled! [ 128.489918][T11605] syz.3.5216[11605] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 128.489969][T11605] syz.3.5216[11605] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 128.499407][T11572] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 128.961845][T11642] netlink: 'syz.1.5231': attribute type 4 has an invalid length. [ 129.695060][T11713] 9pnet: Insufficient options for proto=fd [ 130.571190][T11759] overlayfs: missing 'lowerdir' [ 130.594347][T11763] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables [ 130.642060][T11769] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5287'. [ 130.716932][T11787] xt_hashlimit: size too large, truncated to 1048576 [ 130.745421][T11792] 9p: Unknown Cache mode m [ 130.908366][T11814] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5308'. [ 131.116244][T11830] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 131.176386][T11835] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5319'. [ 131.682123][T11861] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5330'. [ 132.046228][T11919] tipc: MTU too low for tipc bearer [ 132.242576][T11941] xt_hashlimit: size too large, truncated to 1048576 [ 132.419973][T11953] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5373'. [ 132.446195][T11953] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5373'. [ 132.486313][T11955] cannot load conntrack support for proto=3 [ 132.762768][T11975] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5384'. [ 132.806375][T11975] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5384'. [ 132.978986][ T24] kauditd_printk_skb: 57 callbacks suppressed [ 132.978997][ T24] audit: type=1326 audit(1763225824.147:3102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11994 comm="syz.4.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 133.072721][ T24] audit: type=1326 audit(1763225824.147:3103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11994 comm="syz.4.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 133.166391][ T24] audit: type=1326 audit(1763225824.147:3104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11994 comm="syz.4.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 133.199578][T12011] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 133.306382][ T24] audit: type=1326 audit(1763225824.147:3105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11994 comm="syz.4.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 133.329790][ T24] audit: type=1326 audit(1763225824.147:3106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11994 comm="syz.4.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 133.353366][ T24] audit: type=1326 audit(1763225824.147:3107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11994 comm="syz.4.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 133.376793][ T24] audit: type=1326 audit(1763225824.147:3108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11994 comm="syz.4.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 133.400360][ T24] audit: type=1326 audit(1763225824.147:3109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11994 comm="syz.4.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 133.424220][ T24] audit: type=1326 audit(1763225824.147:3110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11994 comm="syz.4.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 133.447722][ T24] audit: type=1326 audit(1763225824.147:3111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11994 comm="syz.4.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff5203e76c9 code=0x7ffc0000 [ 133.813341][T12071] overlayfs: missing 'lowerdir' [ 133.987341][T12095] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5441'. [ 134.262332][T12127] overlayfs: missing 'lowerdir' [ 134.429147][T12152] netlink: 'syz.3.5468': attribute type 19 has an invalid length. [ 134.468852][T12158] overlayfs: overlapping lowerdir path [ 134.471360][T12156] overlayfs: missing 'lowerdir' [ 134.521288][T12161] overlayfs: missing 'lowerdir' [ 134.631361][T12172] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5477'. [ 134.725644][T12181] overlayfs: missing 'lowerdir' [ 134.771159][T12187] bridge: RTM_NEWNEIGH with invalid ether address [ 134.889836][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 135.247960][T12243] EXT4-fs (loop4): Ignoring removed bh option [ 135.388453][T12243] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 135.398315][T12243] EXT4-fs (loop4): orphan cleanup on readonly fs [ 135.408207][T12243] EXT4-fs error (device loop4): ext4_map_blocks:630: inode #3: block 2: comm syz.4.5503: lblock 2 mapped to illegal pblock 2 (length 1) [ 135.422733][T12243] EXT4-fs error (device loop4): ext4_map_blocks:630: inode #3: block 48: comm syz.4.5503: lblock 0 mapped to illegal pblock 48 (length 1) [ 135.437324][T12243] EXT4-fs error (device loop4): ext4_acquire_dquot:6226: comm syz.4.5503: Failed to acquire dquot type 0 [ 135.448968][T12243] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 135.458711][T12243] EXT4-fs error (device loop4): ext4_evict_inode:283: inode #11: comm syz.4.5503: mark_inode_dirty error [ 135.470259][T12243] EXT4-fs warning (device loop4): ext4_evict_inode:286: couldn't mark inode dirty (err -117) [ 135.480523][T12243] EXT4-fs (loop4): 1 orphan inode deleted [ 135.486458][ T7] EXT4-fs error (device loop4): ext4_map_blocks:630: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 135.580232][ T7] EXT4-fs error (device loop4): ext4_release_dquot:6262: comm kworker/u4:0: Failed to release dquot type 0 [ 135.655745][T12243] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,noblock_validity,bh,max_batch_time=0x0000000000000001,nodelalloc,inlinecrypt,,errors=continue [ 136.301222][T12277] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002] [ 136.309473][T12277] System zones: 1-12 [ 136.313884][T12277] EXT4-fs error (device loop2): dx_probe:796: inode #2: comm syz.2.5524: Directory hole found for htree index block 0 [ 136.326464][T12277] EXT4-fs (loop2): Remounting filesystem read-only [ 136.332983][T12277] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 136.343311][T12277] EXT4-fs error (device loop2): dx_probe:796: inode #2: comm syz.2.5524: Directory hole found for htree index block 0 [ 136.355859][T12277] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 136.364209][T12277] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=Jdebug,jqfmt=vfsold,noquota,bsdgroups,usrjquota="nojournal_checksum,errors=remount-ro,, [ 136.597747][T12317] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002] [ 136.606503][T12317] System zones: 1-12 [ 136.610863][T12317] EXT4-fs error (device loop4): dx_probe:796: inode #2: comm syz.4.5544: Directory hole found for htree index block 0 [ 136.636005][T12317] EXT4-fs (loop4): Remounting filesystem read-only [ 136.642654][T12317] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 136.651231][T12317] EXT4-fs error (device loop4): dx_probe:796: inode #2: comm syz.4.5544: Directory hole found for htree index block 0 [ 136.664431][T12317] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 136.672275][T12325] __nla_validate_parse: 6 callbacks suppressed [ 136.672281][T12325] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5547'. [ 136.672996][T12317] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=Jdebug,jqfmt=vfsold,noquota,bsdgroups,usrjquota="nojournal_checksum,errors=remount-ro,, [ 136.906410][ T2005] Bluetooth: hci0: command 0x1003 tx timeout [ 136.913767][ T7334] Bluetooth: hci0: sending frame failed (-49) [ 137.018224][T12370] bridge: RTM_NEWNEIGH with invalid ether address [ 137.318938][T12387] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14385 sclass=netlink_route_socket pid=12387 comm=syz.2.5576 [ 138.130277][T12431] mmap: syz.1.5597 (12431): VmData 38735872 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 138.186136][ C0] ip6_tunnel: M xmit: Local address not yet configured! [ 138.304028][ T24] kauditd_printk_skb: 34 callbacks suppressed [ 138.304040][ T24] audit: type=1400 audit(1763225829.468:3143): avc: denied { getopt } for pid=12456 comm="syz.1.5609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 138.389813][T12475] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5618'. [ 138.398788][T12475] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5618'. [ 138.986065][ T401] Bluetooth: hci0: command 0x1001 tx timeout [ 138.992123][ T7334] Bluetooth: hci0: sending frame failed (-49) [ 139.503372][T12520] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5638'. [ 139.536936][ T24] audit: type=1326 audit(1763225830.708:3144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.2.5639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 139.566439][ T24] audit: type=1326 audit(1763225830.708:3145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.2.5639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 139.594558][ T24] audit: type=1326 audit(1763225830.708:3146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.2.5639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 139.623117][ T24] audit: type=1326 audit(1763225830.708:3147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.2.5639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 139.635845][T12532] overlayfs: failed to resolve './file1': -2 [ 139.651549][ T24] audit: type=1326 audit(1763225830.708:3148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.2.5639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 139.686269][ T24] audit: type=1326 audit(1763225830.708:3149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.2.5639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 139.711917][ T24] audit: type=1326 audit(1763225830.708:3150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.2.5639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 139.746041][ T24] audit: type=1326 audit(1763225830.708:3151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.2.5639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 139.769643][ T24] audit: type=1326 audit(1763225830.708:3152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.2.5639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32208cc6c9 code=0x7ffc0000 [ 140.264160][T12606] netlink: 108 bytes leftover after parsing attributes in process `syz.2.5679'. [ 140.279880][T12606] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5679'. [ 140.412583][T12639] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5695'. [ 140.421958][T12635] overlayfs: failed to clone upperpath [ 140.659245][T12683] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5725'. [ 140.668740][T12683] netlink: 59 bytes leftover after parsing attributes in process `syz.1.5725'. [ 140.682242][T12683] netlink: 59 bytes leftover after parsing attributes in process `syz.1.5725'. [ 141.041138][T12747] syz.3.5744[12747] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 141.041192][T12747] syz.3.5744[12747] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 141.065971][ T401] Bluetooth: hci0: command 0x1009 tx timeout [ 141.893448][T12903] __nla_validate_parse: 2 callbacks suppressed [ 141.893456][T12903] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5820'. [ 141.935859][ T400] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 142.019578][T12943] fuse: Unknown parameter 'r' [ 142.215859][ T400] usb 5-1: device descriptor read/64, error -71 [ 142.223318][T12980] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5856'. [ 142.377926][T12998] xt_bpf: check failed: parse error [ 142.411357][T13004] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5868'. [ 142.420607][T13004] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5868'. [ 142.429630][T13004] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5868'. [ 142.438577][T13004] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5868'. [ 142.534661][T13020] netlink: 'syz.2.5876': attribute type 27 has an invalid length. [ 142.561176][T13024] kernel profiling enabled (shift: 0) [ 142.605819][ T400] usb 5-1: device descriptor read/64, error -71 [ 142.875886][ T400] usb 5-1: new full-speed USB device number 12 using dummy_hcd [ 142.901731][T13038] netlink: 104 bytes leftover after parsing attributes in process `syz.2.5885'. [ 143.073616][T13070] x_tables: arp_tables: mangle.0 target: invalid size 48 (kernel) != (user) 0 [ 143.156400][ T400] usb 5-1: device descriptor read/64, error -71 [ 143.545766][ T400] usb 5-1: device descriptor read/64, error -71 [ 143.665823][ T400] usb usb5-port1: attempt power cycle [ 144.075847][ T400] usb 5-1: new full-speed USB device number 13 using dummy_hcd [ 144.245779][ T400] usb 5-1: device descriptor read/8, error -71 [ 144.262085][ T24] kauditd_printk_skb: 143 callbacks suppressed [ 144.262095][ T24] audit: type=1326 audit(2000000000.560:3296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13143 comm="syz.3.5935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 144.292413][ T24] audit: type=1326 audit(2000000000.560:3297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13143 comm="syz.3.5935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 144.316219][ T24] audit: type=1326 audit(2000000000.560:3298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13143 comm="syz.3.5935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 144.340209][ T24] audit: type=1326 audit(2000000000.560:3299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13143 comm="syz.3.5935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 144.364281][ T24] audit: type=1326 audit(2000000000.560:3300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13143 comm="syz.3.5935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 144.388555][ T24] audit: type=1326 audit(2000000000.560:3301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13143 comm="syz.3.5935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 144.414133][ T24] audit: type=1326 audit(2000000000.560:3302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13143 comm="syz.3.5935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 144.439113][ T24] audit: type=1326 audit(2000000000.560:3303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13143 comm="syz.3.5935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 144.485191][ T24] audit: type=1326 audit(2000000000.780:3304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13171 comm="syz.3.5949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 144.509782][ T24] audit: type=1326 audit(2000000000.780:3305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13171 comm="syz.3.5949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9e14f0c6c9 code=0x7ffc0000 [ 144.575847][ T400] usb 5-1: device descriptor read/8, error -71 [ 144.586763][T13185] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5955'. [ 145.175308][T13281] netlink: 48 bytes leftover after parsing attributes in process `syz.2.6001'. [ 145.258943][ T297] Bluetooth: hci0: Frame reassembly failed (-84) [ 145.276607][T13297] binder: Bad value for 'stats' [ 145.349809][T13311] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6016'. [ 145.467399][T13333] incfs: iterate_incfs_dir / -22 [ 145.475235][ T280] ------------[ cut here ]------------ [ 145.480802][ T280] WARNING: CPU: 1 PID: 280 at fs/inode.c:304 drop_nlink+0xc5/0x110 [ 145.488730][ T280] Modules linked in: [ 145.492660][ T280] CPU: 0 PID: 280 Comm: syz-executor Not tainted syzkaller #0 [ 145.500153][ T280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 145.510391][ T280] RIP: 0010:drop_nlink+0xc5/0x110 [ 145.515461][ T280] Code: 1b 48 8d bb b8 04 00 00 be 08 00 00 00 e8 93 22 f2 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bb 30 b8 ff <0f> 0b eb 86 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5e ff ff ff 4c [ 145.535463][ T280] RSP: 0018:ffffc90000be7cd0 EFLAGS: 00010293 [ 145.541693][ T280] RAX: ffffffff81ab74e5 RBX: ffff888118c48400 RCX: ffff888124763b40 [ 145.549978][ T280] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 145.558364][ T280] RBP: ffffc90000be7cf8 R08: 0000000000000004 R09: 0000000000000003 [ 145.566538][ T280] R10: fffff5200017cf88 R11: 1ffff9200017cf88 R12: dffffc0000000000 [ 145.574542][ T280] R13: 1ffff11023189089 R14: ffff888118c48448 R15: 0000000000000000 [ 145.582698][ T280] FS: 0000555583de6500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 145.591774][ T280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.598596][ T280] CR2: 0000555583e094e8 CR3: 0000000125d6d000 CR4: 00000000003506a0 [ 145.606711][ T280] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 145.614754][ T280] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 145.622898][ T280] Call Trace: [ 145.626378][ T280] shmem_rmdir+0x5b/0x90 [ 145.630658][ T280] vfs_rmdir+0x1b3/0x3e0 [ 145.634921][ T280] incfs_kill_sb+0xfe/0x210 [ 145.645149][ T280] deactivate_locked_super+0xa0/0x100 [ 145.651642][ T280] deactivate_super+0xaf/0xe0 [ 145.657198][ T280] cleanup_mnt+0x446/0x500 [ 145.661724][ T280] __cleanup_mnt+0x19/0x20 [ 145.670197][ T280] task_work_run+0x127/0x190 [ 145.674915][ T280] exit_to_user_mode_loop+0xcb/0xe0 [ 145.680463][ T280] exit_to_user_mode_prepare+0x76/0xa0 [ 145.686314][ T280] syscall_exit_to_user_mode+0x1d/0x40 [ 145.691812][ T280] do_syscall_64+0x3d/0x40 [ 145.696301][ T280] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 145.702271][ T280] RIP: 0033:0x7ff5203e89f7 [ 145.706783][ T280] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 145.726455][ T280] RSP: 002b:00007fffbe868a18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 145.734897][ T280] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007ff5203e89f7 [ 145.742949][ T280] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffbe868ad0 [ 145.751008][ T280] RBP: 00007fffbe868ad0 R08: 0000000000000000 R09: 0000000000000000 [ 145.759028][ T280] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffbe869b60 [ 145.767046][ T280] R13: 00007ff520469d7d R14: 0000000000023832 R15: 00007fffbe869ba0 [ 145.775048][ T280] ---[ end trace 7e110bbf2e86588b ]--- [ 145.781357][ T280] ================================================================== [ 145.789430][ T280] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60 [ 145.795657][ T280] Write of size 4 at addr 0000000000000170 by task syz-executor/280 [ 145.803607][ T280] [ 145.805926][ T280] CPU: 0 PID: 280 Comm: syz-executor Tainted: G W syzkaller #0 [ 145.814751][ T280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 145.824787][ T280] Call Trace: [ 145.828068][ T280] __dump_stack+0x21/0x24 [ 145.832395][ T280] dump_stack_lvl+0x169/0x1d8 [ 145.837058][ T280] ? thaw_kernel_threads+0x220/0x220 [ 145.842336][ T280] ? show_regs_print_info+0x18/0x18 [ 145.847523][ T280] ? _raw_spin_lock+0x8e/0xe0 [ 145.852190][ T280] ? _raw_spin_trylock_bh+0x130/0x130 [ 145.857550][ T280] ? ihold+0x20/0x60 [ 145.861435][ T280] kasan_report+0xd8/0x130 [ 145.865841][ T280] ? ihold+0x20/0x60 [ 145.869716][ T280] kasan_check_range+0x280/0x290 [ 145.874621][ T280] __kasan_check_write+0x14/0x20 [ 145.879524][ T280] ihold+0x20/0x60 [ 145.883213][ T280] vfs_rmdir+0x247/0x3e0 [ 145.887422][ T280] incfs_kill_sb+0xfe/0x210 [ 145.891895][ T280] deactivate_locked_super+0xa0/0x100 [ 145.897237][ T280] deactivate_super+0xaf/0xe0 [ 145.901880][ T280] cleanup_mnt+0x446/0x500 [ 145.906261][ T280] __cleanup_mnt+0x19/0x20 [ 145.910647][ T280] task_work_run+0x127/0x190 [ 145.915210][ T280] exit_to_user_mode_loop+0xcb/0xe0 [ 145.920378][ T280] exit_to_user_mode_prepare+0x76/0xa0 [ 145.925804][ T280] syscall_exit_to_user_mode+0x1d/0x40 [ 145.931228][ T280] do_syscall_64+0x3d/0x40 [ 145.935618][ T280] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 145.941483][ T280] RIP: 0033:0x7ff5203e89f7 [ 145.945867][ T280] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 145.965443][ T280] RSP: 002b:00007fffbe868a18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 145.973822][ T280] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007ff5203e89f7 [ 145.981764][ T280] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffbe868ad0 [ 145.989722][ T280] RBP: 00007fffbe868ad0 R08: 0000000000000000 R09: 0000000000000000 [ 145.997664][ T280] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffbe869b60 [ 146.005610][ T280] R13: 00007ff520469d7d R14: 0000000000023832 R15: 00007fffbe869ba0 [ 146.013642][ T280] ================================================================== [ 146.021679][ T280] Disabling lock debugging due to kernel taint [ 146.028466][ T280] BUG: kernel NULL pointer dereference, address: 0000000000000170 [ 146.036264][ T280] #PF: supervisor write access in kernel mode [ 146.042308][ T280] #PF: error_code(0x0002) - not-present page [ 146.048259][ T280] PGD 10d3b7067 P4D 10d3b7067 PUD 0 [ 146.053520][ T280] Oops: 0002 [#1] PREEMPT SMP KASAN [ 146.058705][ T280] CPU: 0 PID: 280 Comm: syz-executor Tainted: G B W syzkaller #0 [ 146.067521][ T280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 146.077551][ T280] RIP: 0010:ihold+0x26/0x60 [ 146.082025][ T280] Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 d1 28 b8 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 80 1a f2 ff 41 be 01 00 00 00 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 51 [ 146.101601][ T280] RSP: 0018:ffffc90000be7d10 EFLAGS: 00010246 [ 146.107637][ T280] RAX: ffff888124763b00 RBX: 0000000000000000 RCX: 0000000000000286 [ 146.115584][ T280] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff [ 146.123529][ T280] RBP: ffffc90000be7d20 R08: 0000000000000004 R09: 0000000000000003 [ 146.131470][ T280] R10: fffffbfff0d8ee48 R11: 1ffffffff0d8ee48 R12: 1ffff110238777e2 [ 146.139410][ T280] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 146.147349][ T280] FS: 0000555583de6500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 146.156246][ T280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.162796][ T280] CR2: 0000000000000170 CR3: 0000000125d6d000 CR4: 00000000003506b0 [ 146.170738][ T280] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 146.178681][ T280] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 146.186617][ T280] Call Trace: [ 146.189881][ T280] vfs_rmdir+0x247/0x3e0 [ 146.194095][ T280] incfs_kill_sb+0xfe/0x210 [ 146.198566][ T280] deactivate_locked_super+0xa0/0x100 [ 146.203908][ T280] deactivate_super+0xaf/0xe0 [ 146.208552][ T280] cleanup_mnt+0x446/0x500 [ 146.212937][ T280] __cleanup_mnt+0x19/0x20 [ 146.217323][ T280] task_work_run+0x127/0x190 [ 146.221884][ T280] exit_to_user_mode_loop+0xcb/0xe0 [ 146.227058][ T280] exit_to_user_mode_prepare+0x76/0xa0 [ 146.232485][ T280] syscall_exit_to_user_mode+0x1d/0x40 [ 146.237911][ T280] do_syscall_64+0x3d/0x40 [ 146.242298][ T280] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 146.248155][ T280] RIP: 0033:0x7ff5203e89f7 [ 146.252537][ T280] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 146.272108][ T280] RSP: 002b:00007fffbe868a18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 146.280607][ T280] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007ff5203e89f7 [ 146.288559][ T280] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffbe868ad0 [ 146.296502][ T280] RBP: 00007fffbe868ad0 R08: 0000000000000000 R09: 0000000000000000 [ 146.304444][ T280] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffbe869b60 [ 146.312385][ T280] R13: 00007ff520469d7d R14: 0000000000023832 R15: 00007fffbe869ba0 [ 146.320326][ T280] Modules linked in: [ 146.324201][ T280] CR2: 0000000000000170 [ 146.328324][ T280] ---[ end trace 7e110bbf2e86588c ]--- [ 146.333757][ T280] RIP: 0010:ihold+0x26/0x60 [ 146.338231][ T280] Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 d1 28 b8 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 80 1a f2 ff 41 be 01 00 00 00 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 51 [ 146.357810][ T280] RSP: 0018:ffffc90000be7d10 EFLAGS: 00010246 [ 146.363846][ T280] RAX: ffff888124763b00 RBX: 0000000000000000 RCX: 0000000000000286 [ 146.371795][ T280] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff [ 146.379739][ T280] RBP: ffffc90000be7d20 R08: 0000000000000004 R09: 0000000000000003 [ 146.387684][ T280] R10: fffffbfff0d8ee48 R11: 1ffffffff0d8ee48 R12: 1ffff110238777e2 [ 146.395625][ T280] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 146.403566][ T280] FS: 0000555583de6500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 146.412463][ T280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.419015][ T280] CR2: 0000000000000170 CR3: 0000000125d6d000 CR4: 00000000003506b0 [ 146.426958][ T280] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 146.434908][ T280] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 146.442851][ T280] Kernel panic - not syncing: Fatal exception [ 146.448966][ T280] Kernel Offset: disabled [ 146.453269][ T280] Rebooting in 86400 seconds..