last executing test programs: 13.411611696s ago: executing program 0 (id=577): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r1}, &(0x7f0000000a00), &(0x7f0000000a40)=r0}, 0x20) 13.319434934s ago: executing program 0 (id=581): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0) r1 = gettid() process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000) 13.280024547s ago: executing program 0 (id=583): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x1, 0x7fe2, 0x1, 0x12}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r2}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 13.24265836s ago: executing program 0 (id=584): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ") mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file1\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x110) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]}) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0185879, &(0x7f0000000000)={@desc={0x1, 0x0, @auto='\x00\x00&\x00'}}) 13.083184193s ago: executing program 0 (id=588): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000003c0)={0x0, {0x2, 0x4e20, @rand_addr=0x64010141}, {0x2, 0x4a24, @dev={0xac, 0x14, 0x14, 0x1a}}, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4, 0x0, 0x0, 0x0, 0x8, 0x0, 0x21e, 0x1ff, 0x9}) write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="080000fa"], 0xdc) 12.676477746s ago: executing program 0 (id=598): creat(&(0x7f0000000080)='./file0\x00', 0x1d8) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, &(0x7f00000003c0)='./file0\x00') 12.676045725s ago: executing program 32 (id=598): creat(&(0x7f0000000080)='./file0\x00', 0x1d8) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, &(0x7f00000003c0)='./file0\x00') 10.777757699s ago: executing program 5 (id=599): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ") mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file1\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x110) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]}) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0185879, &(0x7f0000000000)={@desc={0x1, 0x0, @auto='\x00\x00&\x00'}}) 10.652550589s ago: executing program 5 (id=638): socket$kcm(0x2, 0xa, 0x2) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21}, 0x94) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r1}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) 8.91136997s ago: executing program 5 (id=647): bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) fdatasync(r0) statfs(&(0x7f0000000580)='./file0\x00', &(0x7f0000000c00)=""/232) 8.91054605s ago: executing program 33 (id=647): bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) fdatasync(r0) statfs(&(0x7f0000000580)='./file0\x00', &(0x7f0000000c00)=""/232) 1.832981712s ago: executing program 2 (id=847): r0 = socket$inet(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x94, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x22, 0x1, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x2]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}}, 0x0) 1.805742764s ago: executing program 2 (id=848): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) fsetxattr$security_selinux(r0, &(0x7f00000000c0), &(0x7f00000002c0)='system_u:object_r:ssh_keygen_exec_t:s0\x00', 0x27, 0x0) 1.764964937s ago: executing program 2 (id=853): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="a903030000000000000032"], 0x1c}}, 0x4004050) 1.702847762s ago: executing program 2 (id=856): syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 1.459038892s ago: executing program 2 (id=858): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x8) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff) sendfile(r2, r1, 0x0, 0xfffa83) 1.458499992s ago: executing program 6 (id=869): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) write(r1, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffd) 1.456464772s ago: executing program 1 (id=870): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'bridge0\x00', 0x0}) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r1, &(0x7f0000000040)="3f031c000302140006001e00890000004a1b7880610cc945000088a800008100000088a80000", 0x26, 0x1, &(0x7f0000000540)={0xc9, 0x88a8, r2, 0x1, 0x7, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, 0x14) 1.343506211s ago: executing program 1 (id=872): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x100, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbd39}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001740)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00', r0}, 0x10) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000003c0)=0x11) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, 0x0, 0x800) 1.278642267s ago: executing program 3 (id=861): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pS \x00'}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) unshare(0x2040400) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) 1.155681327s ago: executing program 3 (id=862): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000100)=0xfefffff9, 0x4) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x9, 0x7f}, @window={0x3, 0x9, 0x2}, @mss={0x2, 0x400}, @mss={0x2, 0xcb2}, @mss={0x2, 0x3}, @timestamp, @sack_perm], 0x8) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000440)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x0, 0x30, 0x0, "d427443337084e2c155728b371e491e7767150c3194b3eef53f407cb03f98895ecd08a6031349042776e6b75b391a0b25d49d303a71729551360a53f27e07088924cd66920b0d40668542bb510bba12b"}, 0xd8) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) 1.080624593s ago: executing program 1 (id=863): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000005440)=@base={0x12, 0x5, 0x8, 0x9}, 0x50) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r0}, 0x20) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) recvmmsg(r0, &(0x7f0000005040)=[{{&(0x7f0000000000)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, 0x0}, 0x8}, {{0x0, 0x0, &(0x7f00000006c0)=[{0x0}, {&(0x7f0000000480)=""/46, 0x2e}], 0x2, &(0x7f0000000740)=""/91, 0x5b}, 0x7}], 0x2, 0x10000, 0x0) 1.080481833s ago: executing program 3 (id=864): set_mempolicy(0x3, &(0x7f0000000140)=0x7d, 0x5) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, 0x0, 0x0) connect$inet(r0, 0x0, 0x0) sendmmsg(r0, 0x0, 0x0, 0x300) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2) 1.047809455s ago: executing program 1 (id=865): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) close(r0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r1, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000180)='i', 0x20086}], 0x1}}], 0x1, 0x0) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x600, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 1.014122358s ago: executing program 3 (id=866): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x3) mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000300)=@gcm_256={{0x304}, "62648f4b35b737b9", "21c20c7e7ad9ecfe5bccea278546791cbaf728f83c0a7efa8e26655613653bb4", '\x00', "01d787a90d233d89"}, 0x38) 910.456097ms ago: executing program 3 (id=868): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x4, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) getpgrp(0x0) 530.574787ms ago: executing program 6 (id=871): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) cachestat(r0, &(0x7f0000000040), 0x0, 0x0) 530.099367ms ago: executing program 3 (id=882): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffff2}, 0x18) syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=") r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40) mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r1, 0x0) write$cgroup_subtree(r1, &(0x7f00000002c0)=ANY=[], 0x10d53) 520.944498ms ago: executing program 2 (id=874): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1000, 0x1) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 478.866381ms ago: executing program 4 (id=875): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x2}, 0x8) sendto$inet6(r0, &(0x7f0000000b80)="be", 0x1, 0x4008014, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}, 0x1c) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) shutdown(r0, 0x1) 432.299915ms ago: executing program 4 (id=876): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e) connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x0, @broadcast, 'vxcan1\x00'}}, 0x1e) 399.320928ms ago: executing program 4 (id=877): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, 0x0}, 0x94) 293.916616ms ago: executing program 6 (id=878): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800c0001006d6163766c616e0095e5028008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r3], 0x44}}, 0x0) 284.512297ms ago: executing program 4 (id=889): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xfdb}}, @TCA_CT_MARK={0x8, 0x10}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004000}, 0x10000000) 138.652549ms ago: executing program 6 (id=879): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x100, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbd39}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001740)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00', r0}, 0x10) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000003c0)=0x11) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, 0x0, 0x800) 138.449929ms ago: executing program 4 (id=880): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8, 0x13, r0, 0x98aa2000) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000500)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffff77, 0x0, 0x0}, &(0x7f0000000000)=0x40) 138.089729ms ago: executing program 1 (id=881): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="a903030000000000000032"], 0x1c}}, 0x4004050) 120.53287ms ago: executing program 4 (id=883): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe0c, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) pause() 38.906497ms ago: executing program 6 (id=884): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 38.751047ms ago: executing program 1 (id=885): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) write(r1, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffd) 0s ago: executing program 6 (id=886): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x8) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff) sendfile(r2, r1, 0x0, 0xfffa83) kernel console output (not intermixed with test programs): syzkaller syzkaller login: [ 14.228039][ T29] kauditd_printk_skb: 30 callbacks suppressed [ 14.228053][ T29] audit: type=1400 audit(1755230307.667:57): avc: denied { transition } for pid=3176 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 14.232235][ T29] audit: type=1400 audit(1755230307.667:58): avc: denied { noatsecure } for pid=3176 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 14.235077][ T29] audit: type=1400 audit(1755230307.667:59): avc: denied { write } for pid=3176 comm="sh" path="pipe:[2457]" dev="pipefs" ino=2457 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 14.238238][ T29] audit: type=1400 audit(1755230307.667:60): avc: denied { rlimitinh } for pid=3176 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 14.240756][ T29] audit: type=1400 audit(1755230307.667:61): avc: denied { siginh } for pid=3176 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.232' (ED25519) to the list of known hosts. [ 21.437180][ T29] audit: type=1400 audit(1755230314.877:62): avc: denied { mounton } for pid=3286 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 21.438042][ T3286] cgroup: Unknown subsys name 'net' [ 21.459916][ T29] audit: type=1400 audit(1755230314.877:63): avc: denied { mount } for pid=3286 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 21.487243][ T29] audit: type=1400 audit(1755230314.907:64): avc: denied { unmount } for pid=3286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 21.631224][ T3286] cgroup: Unknown subsys name 'cpuset' [ 21.637375][ T3286] cgroup: Unknown subsys name 'rlimit' [ 21.776771][ T29] audit: type=1400 audit(1755230315.217:65): avc: denied { setattr } for pid=3286 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 21.800240][ T29] audit: type=1400 audit(1755230315.217:66): avc: denied { create } for pid=3286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 21.820735][ T29] audit: type=1400 audit(1755230315.217:67): avc: denied { write } for pid=3286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 21.841132][ T29] audit: type=1400 audit(1755230315.217:68): avc: denied { read } for pid=3286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 21.861479][ T29] audit: type=1400 audit(1755230315.247:69): avc: denied { mounton } for pid=3286 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 21.868188][ T3293] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 21.886299][ T29] audit: type=1400 audit(1755230315.247:70): avc: denied { mount } for pid=3286 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 21.918075][ T29] audit: type=1400 audit(1755230315.337:71): avc: denied { relabelto } for pid=3293 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 21.957872][ T3286] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 23.617267][ T3299] chnl_net:caif_netlink_parms(): no params data found [ 23.694177][ T3299] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.701341][ T3299] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.708536][ T3299] bridge_slave_0: entered allmulticast mode [ 23.715126][ T3299] bridge_slave_0: entered promiscuous mode [ 23.742007][ T3299] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.749173][ T3299] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.756461][ T3299] bridge_slave_1: entered allmulticast mode [ 23.762797][ T3299] bridge_slave_1: entered promiscuous mode [ 23.769029][ T3300] chnl_net:caif_netlink_parms(): no params data found [ 23.808481][ T3299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 23.827889][ T3299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 23.841683][ T3305] chnl_net:caif_netlink_parms(): no params data found [ 23.867129][ T3299] team0: Port device team_slave_0 added [ 23.882101][ T3299] team0: Port device team_slave_1 added [ 23.892634][ T3303] chnl_net:caif_netlink_parms(): no params data found [ 23.907418][ T3307] chnl_net:caif_netlink_parms(): no params data found [ 23.934068][ T3299] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 23.941044][ T3299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 23.966961][ T3299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 23.980025][ T3299] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 23.986998][ T3299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.012982][ T3299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.046060][ T3300] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.053263][ T3300] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.060455][ T3300] bridge_slave_0: entered allmulticast mode [ 24.066858][ T3300] bridge_slave_0: entered promiscuous mode [ 24.084179][ T3300] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.091337][ T3300] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.099296][ T3300] bridge_slave_1: entered allmulticast mode [ 24.105706][ T3300] bridge_slave_1: entered promiscuous mode [ 24.113970][ T3305] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.121062][ T3305] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.128233][ T3305] bridge_slave_0: entered allmulticast mode [ 24.134605][ T3305] bridge_slave_0: entered promiscuous mode [ 24.157786][ T3305] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.164877][ T3305] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.172726][ T3305] bridge_slave_1: entered allmulticast mode [ 24.178985][ T3305] bridge_slave_1: entered promiscuous mode [ 24.192661][ T3299] hsr_slave_0: entered promiscuous mode [ 24.198810][ T3299] hsr_slave_1: entered promiscuous mode [ 24.224808][ T3303] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.231912][ T3303] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.239025][ T3303] bridge_slave_0: entered allmulticast mode [ 24.245478][ T3303] bridge_slave_0: entered promiscuous mode [ 24.252604][ T3300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 24.267554][ T3305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 24.277880][ T3305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 24.291597][ T3303] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.298736][ T3303] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.306295][ T3303] bridge_slave_1: entered allmulticast mode [ 24.312771][ T3303] bridge_slave_1: entered promiscuous mode [ 24.319512][ T3300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 24.359218][ T3307] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.366411][ T3307] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.373660][ T3307] bridge_slave_0: entered allmulticast mode [ 24.379950][ T3307] bridge_slave_0: entered promiscuous mode [ 24.386967][ T3305] team0: Port device team_slave_0 added [ 24.400264][ T3300] team0: Port device team_slave_0 added [ 24.406238][ T3307] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.413298][ T3307] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.420720][ T3307] bridge_slave_1: entered allmulticast mode [ 24.427002][ T3307] bridge_slave_1: entered promiscuous mode [ 24.433967][ T3305] team0: Port device team_slave_1 added [ 24.447614][ T3303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 24.457473][ T3300] team0: Port device team_slave_1 added [ 24.477623][ T3303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 24.498630][ T3307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 24.519369][ T3303] team0: Port device team_slave_0 added [ 24.525455][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.532457][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.558366][ T3300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.570006][ T3307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 24.579361][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.586354][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.612392][ T3300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.624104][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.631159][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.657116][ T3305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.670416][ T3303] team0: Port device team_slave_1 added [ 24.693660][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.700706][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.726747][ T3305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.749671][ T3303] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.756653][ T3303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.782576][ T3303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.794021][ T3307] team0: Port device team_slave_0 added [ 24.808423][ T3303] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.815398][ T3303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.841350][ T3303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.852721][ T3307] team0: Port device team_slave_1 added [ 24.876534][ T3300] hsr_slave_0: entered promiscuous mode [ 24.883153][ T3300] hsr_slave_1: entered promiscuous mode [ 24.889021][ T3300] debugfs: 'hsr0' already exists in 'hsr' [ 24.894759][ T3300] Cannot create hsr debugfs directory [ 24.934080][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.941134][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.967085][ T3307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.979671][ T3303] hsr_slave_0: entered promiscuous mode [ 24.985763][ T3303] hsr_slave_1: entered promiscuous mode [ 24.991675][ T3303] debugfs: 'hsr0' already exists in 'hsr' [ 24.997388][ T3303] Cannot create hsr debugfs directory [ 25.004738][ T3305] hsr_slave_0: entered promiscuous mode [ 25.011807][ T3305] hsr_slave_1: entered promiscuous mode [ 25.017651][ T3305] debugfs: 'hsr0' already exists in 'hsr' [ 25.023393][ T3305] Cannot create hsr debugfs directory [ 25.029527][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 25.036494][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 25.062516][ T3307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 25.117189][ T3299] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 25.140792][ T3299] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 25.151358][ T3307] hsr_slave_0: entered promiscuous mode [ 25.157459][ T3307] hsr_slave_1: entered promiscuous mode [ 25.163317][ T3307] debugfs: 'hsr0' already exists in 'hsr' [ 25.169017][ T3307] Cannot create hsr debugfs directory [ 25.181544][ T3299] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 25.210412][ T3299] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 25.321624][ T3305] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 25.334153][ T3305] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 25.344973][ T3305] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 25.355623][ T3305] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 25.375761][ T3303] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 25.392384][ T3303] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 25.403281][ T3299] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.418981][ T3299] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.426104][ T3303] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 25.434439][ T3303] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 25.458030][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.465152][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.481431][ T3300] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 25.490742][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.497783][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.512451][ T3300] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 25.521841][ T3300] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 25.533929][ T3300] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 25.560038][ T3305] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.570870][ T3307] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 25.584412][ T3307] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 25.593104][ T3307] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 25.602929][ T3307] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 25.626210][ T3305] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.655171][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.662335][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.671426][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.678480][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.729920][ T3303] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.752994][ T3299] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.764469][ T3303] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.773222][ T3307] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.783808][ T3300] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.793887][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.801062][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.817360][ T3300] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.827414][ T3307] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.835869][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.842930][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.865921][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.873001][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.883781][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.890998][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.909532][ T3305] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.923000][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.930079][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.946490][ T3303] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 25.959117][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.966203][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.989276][ T3299] veth0_vlan: entered promiscuous mode [ 26.039950][ T3307] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 26.050443][ T3307] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 26.093541][ T3300] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 26.104300][ T3299] veth1_vlan: entered promiscuous mode [ 26.116609][ T3305] veth0_vlan: entered promiscuous mode [ 26.129072][ T3305] veth1_vlan: entered promiscuous mode [ 26.137092][ T3303] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 26.167592][ T3307] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 26.181933][ T3299] veth0_macvtap: entered promiscuous mode [ 26.189334][ T3299] veth1_macvtap: entered promiscuous mode [ 26.197834][ T3305] veth0_macvtap: entered promiscuous mode [ 26.215650][ T3305] veth1_macvtap: entered promiscuous mode [ 26.226949][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.246544][ T3299] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.259155][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 26.269052][ T3299] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 26.300579][ T398] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.317098][ T3300] veth0_vlan: entered promiscuous mode [ 26.330192][ T58] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.339435][ T58] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.348818][ T58] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.360342][ T58] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.371199][ T3300] veth1_vlan: entered promiscuous mode [ 26.381220][ T58] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.396642][ T58] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.409859][ T3307] veth0_vlan: entered promiscuous mode [ 26.419632][ T58] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.438307][ T3307] veth1_vlan: entered promiscuous mode [ 26.462405][ T3305] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 26.469388][ T3300] veth0_macvtap: entered promiscuous mode [ 26.493566][ T3300] veth1_macvtap: entered promiscuous mode [ 26.501961][ T3307] veth0_macvtap: entered promiscuous mode [ 26.502743][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 26.502755][ T29] audit: type=1400 audit(1755230319.937:90): avc: denied { read write } for pid=3305 comm="syz-executor" name="loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 26.509343][ T3307] veth1_macvtap: entered promiscuous mode [ 26.513871][ T29] audit: type=1400 audit(1755230319.947:91): avc: denied { open } for pid=3305 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 26.550669][ T3303] veth0_vlan: entered promiscuous mode [ 26.574691][ T29] audit: type=1400 audit(1755230319.987:92): avc: denied { ioctl } for pid=3305 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=100 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 26.597430][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.600248][ T29] audit: type=1400 audit(1755230320.017:93): avc: denied { map_create } for pid=3468 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 26.626084][ T29] audit: type=1400 audit(1755230320.017:94): avc: denied { bpf } for pid=3468 comm="syz.0.1" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 26.630696][ T3303] veth1_vlan: entered promiscuous mode [ 26.646225][ T29] audit: type=1400 audit(1755230320.017:95): avc: denied { map_read map_write } for pid=3468 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 26.676904][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.685276][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 26.695925][ T29] audit: type=1400 audit(1755230320.057:96): avc: denied { prog_load } for pid=3468 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 26.714757][ T29] audit: type=1400 audit(1755230320.057:97): avc: denied { perfmon } for pid=3468 comm="syz.0.1" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 26.735370][ T29] audit: type=1400 audit(1755230320.057:98): avc: denied { prog_run } for pid=3468 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 26.754430][ T29] audit: type=1400 audit(1755230320.177:99): avc: denied { open } for pid=3468 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 26.755929][ T41] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.785950][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 26.794458][ T41] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.817405][ T41] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.835053][ T41] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.853154][ T41] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.864000][ T3303] veth0_macvtap: entered promiscuous mode [ 26.877438][ T3303] veth1_macvtap: entered promiscuous mode [ 26.886423][ T41] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.909090][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.918514][ T41] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.935718][ T41] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.949541][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 26.961540][ T2203] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.989975][ T2203] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.034827][ T51] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.057320][ T51] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.067570][ T3493] syz.2.10 (3493) used greatest stack depth: 10800 bytes left [ 27.081818][ T3489] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8'. [ 27.179145][ T3507] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 27.225607][ T3507] netlink: 'syz.1.15': attribute type 12 has an invalid length. [ 27.233553][ T3507] netlink: 'syz.1.15': attribute type 29 has an invalid length. [ 27.241420][ T3507] netlink: 148 bytes leftover after parsing attributes in process `syz.1.15'. [ 27.250450][ T3507] netlink: 'syz.1.15': attribute type 2 has an invalid length. [ 27.258058][ T3507] netlink: 23 bytes leftover after parsing attributes in process `syz.1.15'. [ 27.268396][ T3507] netlink: 'syz.1.15': attribute type 12 has an invalid length. [ 27.276147][ T3507] netlink: 'syz.1.15': attribute type 29 has an invalid length. [ 27.283819][ T3507] netlink: 148 bytes leftover after parsing attributes in process `syz.1.15'. [ 27.292702][ T3507] netlink: 'syz.1.15': attribute type 2 has an invalid length. [ 27.300269][ T3507] netlink: 23 bytes leftover after parsing attributes in process `syz.1.15'. [ 27.309993][ T3507] Zero length message leads to an empty skb [ 27.331499][ T3520] program syz.2.21 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 27.389038][ T3518] netlink: 32 bytes leftover after parsing attributes in process `syz.3.20'. [ 27.449431][ T3532] netlink: 96 bytes leftover after parsing attributes in process `syz.4.27'. [ 27.670918][ T3514] Set syz1 is full, maxelem 65536 reached [ 28.022694][ T3577] loop1: detected capacity change from 0 to 512 [ 28.029795][ T3577] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 28.042969][ T3577] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 28.061980][ T3577] EXT4-fs (loop1): 1 truncate cleaned up [ 28.064025][ T3581] team0: Device veth1_vlan failed to register rx_handler [ 28.068218][ T3577] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 28.117017][ T3581] syz.2.48 (3581) used greatest stack depth: 10704 bytes left [ 28.185196][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 28.194367][ T3594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.50'. [ 28.301702][ T3611] vxcan1: entered allmulticast mode [ 28.404986][ T3623] netlink: 12 bytes leftover after parsing attributes in process `syz.2.62'. [ 28.418394][ T3621] IPVS: stopping master sync thread 3624 ... [ 28.424856][ T3624] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 28.441333][ T41] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 28.450130][ T3623] netlink: 12 bytes leftover after parsing attributes in process `syz.2.62'. [ 28.454385][ T41] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 28.489061][ T3630] capability: warning: `syz.1.65' uses deprecated v2 capabilities in a way that may be insecure [ 28.499371][ T41] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 28.526150][ T41] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 28.547923][ T3634] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 28.616452][ T3638] SELinux: failed to load policy [ 28.723952][ T3663] netlink: 'syz.0.80': attribute type 6 has an invalid length. [ 28.749166][ T3668] loop4: detected capacity change from 0 to 256 [ 29.081302][ T3687] loop0: detected capacity change from 0 to 512 [ 29.095500][ T3690] syz.4.94 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 29.105820][ T3687] EXT4-fs: Ignoring removed mblk_io_submit option [ 29.127164][ T3687] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 29.149903][ T3687] EXT4-fs (loop0): 1 truncate cleaned up [ 29.167732][ T3687] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 29.817218][ T3714] loop3: detected capacity change from 0 to 1024 [ 29.824046][ T3714] ======================================================= [ 29.824046][ T3714] WARNING: The mand mount option has been deprecated and [ 29.824046][ T3714] and is ignored by this kernel. Remove the mand [ 29.824046][ T3714] option from the mount to silence this warning. [ 29.824046][ T3714] ======================================================= [ 29.859991][ T3714] EXT4-fs: inline encryption not supported [ 29.866133][ T3714] EXT4-fs: dax option not supported [ 30.001976][ T3696] syz.0.93 (3696) used greatest stack depth: 10696 bytes left [ 30.028723][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 30.117904][ T3730] loop4: detected capacity change from 0 to 512 [ 30.128028][ T3730] EXT4-fs: Ignoring removed i_version option [ 30.143463][ T3730] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e000c018, mo2=0002] [ 30.152044][ T3730] System zones: 0-2, 18-18, 34-35 [ 30.157964][ T3730] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 30.170986][ T3730] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 30.194094][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 30.203728][ T398] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 30.297085][ T3735] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 30.327886][ T3755] loop9: detected capacity change from 0 to 7 [ 30.334337][ T3755] Buffer I/O error on dev loop9, logical block 0, async page read [ 30.342915][ T3757] netlink: 'syz.0.118': attribute type 21 has an invalid length. [ 30.344826][ T3755] Buffer I/O error on dev loop9, logical block 0, async page read [ 30.358590][ T3755] loop9: unable to read partition table [ 30.386295][ T3755] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 30.386295][ T3755] ) failed (rc=-5) [ 30.472229][ T3776] loop2: detected capacity change from 0 to 128 [ 30.480415][ T3776] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 30.525090][ T3776] FAT-fs (loop2): FAT read failed (blocknr 128) [ 30.533236][ T3785] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3785 comm=syz.3.130 [ 30.687183][ T3816] openvswitch: netlink: Message has 6 unknown bytes. [ 30.731831][ T3824] syz.1.147 uses obsolete (PF_INET,SOCK_PACKET) [ 30.790530][ T3824] bridge_slave_0: left allmulticast mode [ 30.796227][ T3824] bridge_slave_0: left promiscuous mode [ 30.802179][ T3824] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.812811][ T3824] bridge_slave_1: left allmulticast mode [ 30.818487][ T3824] bridge_slave_1: left promiscuous mode [ 30.824327][ T3824] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.835109][ T3824] bond0: (slave bond_slave_0): Releasing backup interface [ 30.854392][ T3824] bond0: (slave bond_slave_1): Releasing backup interface [ 30.876802][ T3824] team0: Port device team_slave_0 removed [ 30.894892][ T3824] team0: Port device team_slave_1 removed [ 30.904728][ T3824] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 30.912203][ T3824] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 30.921720][ T3824] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 30.929144][ T3824] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 31.218730][ T3876] SELinux: failed to load policy [ 31.284590][ T3882] netlink: 'syz.3.173': attribute type 7 has an invalid length. [ 31.340670][ T3890] loop3: detected capacity change from 0 to 512 [ 31.354407][ T3890] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm +}[@: Parent and EA inode have the same ino 15 [ 31.366541][ T3890] EXT4-fs (loop3): Remounting filesystem read-only [ 31.377310][ T3890] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 31.390304][ T3890] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 31.401188][ T3890] EXT4-fs (loop3): 1 orphan inode deleted [ 31.407221][ T3890] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 31.450953][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 31.720873][ T29] kauditd_printk_skb: 311 callbacks suppressed [ 31.720897][ T29] audit: type=1400 audit(1755230325.157:411): avc: denied { write } for pid=3928 comm="syz.2.195" path="socket:[6555]" dev="sockfs" ino=6555 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 31.823221][ T3936] loop2: detected capacity change from 0 to 512 [ 31.853625][ T3936] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 31.867047][ T3936] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.882039][ T29] audit: type=1400 audit(1755230325.327:412): avc: denied { append } for pid=3935 comm="syz.2.196" path="/45/file0/hugetlb.1GB.usage_in_bytes" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 31.965354][ T29] audit: type=1400 audit(1755230325.407:413): avc: denied { map } for pid=3935 comm="syz.2.196" path="/45/file0/hugetlb.1GB.usage_in_bytes" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 32.004159][ T3936] syz.2.196 (3936) used greatest stack depth: 10360 bytes left [ 32.022482][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 32.141043][ T29] audit: type=1400 audit(1755230325.577:414): avc: denied { shutdown } for pid=3967 comm="syz.1.204" laddr=fe80::12 lport=34472 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 32.163318][ T3968] syz.1.204 (3968) used greatest stack depth: 10008 bytes left [ 32.227096][ T3973] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3973 comm=syz.2.206 [ 32.267563][ T29] audit: type=1326 audit(1755230325.707:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3976 comm="syz.2.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4a07ebe9 code=0x7ffc0000 [ 32.291567][ T29] audit: type=1326 audit(1755230325.707:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3976 comm="syz.2.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4a07ebe9 code=0x7ffc0000 [ 32.314915][ T29] audit: type=1326 audit(1755230325.717:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3976 comm="syz.2.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f0e4a07ebe9 code=0x7ffc0000 [ 32.338145][ T29] audit: type=1326 audit(1755230325.737:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3976 comm="syz.2.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4a07ebe9 code=0x7ffc0000 [ 32.361462][ T29] audit: type=1326 audit(1755230325.737:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3976 comm="syz.2.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4a07ebe9 code=0x7ffc0000 [ 32.387018][ T29] audit: type=1326 audit(1755230325.737:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3978 comm="syz.2.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f0e4a0b14a5 code=0x7ffc0000 [ 32.432670][ T3984] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 32.469689][ T3980] __nla_validate_parse: 11 callbacks suppressed [ 32.469702][ T3980] netlink: 16 bytes leftover after parsing attributes in process `syz.2.209'. [ 32.593321][ T4003] netlink: 8 bytes leftover after parsing attributes in process `syz.3.219'. [ 32.602294][ T4003] netlink: 4 bytes leftover after parsing attributes in process `syz.3.219'. [ 32.767465][ T4023] netlink: 'syz.3.229': attribute type 10 has an invalid length. [ 32.776054][ T4023] ipvlan0: entered allmulticast mode [ 32.781391][ T4023] veth0_vlan: entered allmulticast mode [ 32.796524][ T4023] team0: Device ipvlan0 failed to register rx_handler [ 32.820667][ T4025] SELinux: Context system_u:object_r:ssh_keygen_exec_t:s0 is not valid (left unmapped). [ 32.831811][ T4029] netlink: 8 bytes leftover after parsing attributes in process `syz.2.232'. [ 32.841638][ T4029] IPVS: Error joining to the multicast group [ 32.908996][ T4043] netlink: 96 bytes leftover after parsing attributes in process `syz.0.239'. [ 32.958718][ T4048] batadv_slave_1: entered promiscuous mode [ 32.969691][ T4050] loop4: detected capacity change from 0 to 1024 [ 32.976476][ T4050] EXT4-fs: Ignoring removed oldalloc option [ 32.982553][ T4050] EXT4-fs: Ignoring removed bh option [ 32.989709][ T4047] batadv_slave_1: left promiscuous mode [ 33.017323][ T4050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.041053][ T4050] netlink: 12 bytes leftover after parsing attributes in process `syz.4.242'. [ 33.117242][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.187882][ T4068] netlink: 12 bytes leftover after parsing attributes in process `syz.1.249'. [ 33.301024][ T4085] ref_ctr_offset mismatch. inode: 0x169 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 33.322245][ T4095] netlink: 20 bytes leftover after parsing attributes in process `syz.2.262'. [ 33.322987][ T4094] netlink: 8 bytes leftover after parsing attributes in process `syz.4.261'. [ 33.332909][ T4095] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 33.393282][ T4104] loop1: detected capacity change from 0 to 128 [ 33.403719][ T4104] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 33.430578][ T4104] ext4 filesystem being mounted at /41/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 33.441666][ T4110] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=256 sclass=netlink_audit_socket pid=4110 comm=syz.4.269 [ 33.519468][ T3299] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 33.590113][ T4131] netlink: 8 bytes leftover after parsing attributes in process `syz.4.279'. [ 33.634775][ T4137] loop3: detected capacity change from 0 to 512 [ 33.648265][ T4137] EXT4-fs: Ignoring removed bh option [ 33.655222][ T4137] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 33.663770][ T4137] EXT4-fs (loop3): fragment/cluster size (4096) != block size (2048) [ 33.707027][ T4143] loop4: detected capacity change from 0 to 512 [ 33.723845][ T4145] loop3: detected capacity change from 0 to 2048 [ 33.731609][ T4145] EXT4-fs: Ignoring removed nobh option [ 33.739161][ T4143] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 33.757374][ T4145] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 33.786807][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.812765][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.976202][ T4179] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0 [ 34.056712][ T4187] loop4: detected capacity change from 0 to 512 [ 34.066444][ T4187] msdos: Unknown parameter 'errconheck' [ 34.176866][ T4209] can0: slcan on ttyS3. [ 34.241018][ T4208] can0 (unregistered): slcan off ttyS3. [ 35.013694][ T4312] process 'syz.4.359' launched '/dev/fd/6' with NULL argv: empty string added [ 35.152759][ T4329] netlink: 'syz.2.367': attribute type 83 has an invalid length. [ 35.223517][ T4340] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 35.262866][ T4344] random: crng reseeded on system resumption [ 35.400751][ T4360] loop3: detected capacity change from 0 to 512 [ 35.410677][ T4360] EXT4-fs: Ignoring removed mblk_io_submit option [ 35.417161][ T4360] ext4: Unknown parameter 'noacl' [ 35.818405][ T4399] netlink: 'syz.0.398': attribute type 6 has an invalid length. [ 36.610271][ T4458] mmap: syz.1.424 (4458) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 36.745553][ T29] kauditd_printk_skb: 202 callbacks suppressed [ 36.745568][ T29] audit: type=1400 audit(1755230330.187:623): avc: denied { mount } for pid=4477 comm="syz.3.433" name="/" dev="configfs" ino=2101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 36.774971][ T29] audit: type=1400 audit(1755230330.197:624): avc: denied { search } for pid=4477 comm="syz.3.433" name="/" dev="configfs" ino=2101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 36.797058][ T29] audit: type=1400 audit(1755230330.197:625): avc: denied { search } for pid=4477 comm="syz.3.433" name="/" dev="configfs" ino=2101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 36.819222][ T29] audit: type=1400 audit(1755230330.197:626): avc: denied { read open } for pid=4477 comm="syz.3.433" path="/" dev="configfs" ino=2101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 36.860631][ T29] audit: type=1326 audit(1755230330.297:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4479 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61ef3ebe9 code=0x7ffc0000 [ 36.884261][ T29] audit: type=1326 audit(1755230330.327:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4479 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61ef3ebe9 code=0x7ffc0000 [ 36.933699][ T4484] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 36.945419][ T29] audit: type=1326 audit(1755230330.327:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4479 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe61ef3ebe9 code=0x7ffc0000 [ 36.968831][ T29] audit: type=1326 audit(1755230330.327:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4479 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61ef3ebe9 code=0x7ffc0000 [ 36.992092][ T29] audit: type=1326 audit(1755230330.327:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4479 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7fe61ef3ebe9 code=0x7ffc0000 [ 37.015294][ T29] audit: type=1326 audit(1755230330.327:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4479 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61ef3ebe9 code=0x7ffc0000 [ 37.143651][ T4499] vhci_hcd: invalid port number 85 [ 37.148899][ T4499] vhci_hcd: default hub control req: 0501 v0005 i0055 l0 [ 37.505798][ T4551] 9pnet_fd: Insufficient options for proto=fd [ 37.522157][ T4554] loop3: detected capacity change from 0 to 128 [ 37.532053][ T4554] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 37.545341][ T4554] ext4 filesystem being mounted at /106/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 37.590419][ T4554] netlink: '+}[@': attribute type 10 has an invalid length. [ 37.597805][ T4554] __nla_validate_parse: 14 callbacks suppressed [ 37.597818][ T4554] netlink: 40 bytes leftover after parsing attributes in process `+}[@'. [ 37.617818][ T4561] loop2: detected capacity change from 0 to 128 [ 37.626831][ T4554] batman_adv: batadv0: Adding interface: macvlan0 [ 37.633329][ T4554] batman_adv: batadv0: The MTU of interface macvlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.663481][ T4561] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 37.668332][ T4554] batman_adv: batadv0: Interface activated: macvlan0 [ 37.671598][ T4561] FAT-fs (loop2): Filesystem has been set read-only [ 37.687097][ T4561] syz.2.470: attempt to access beyond end of device [ 37.687097][ T4561] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 37.710270][ T4561] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 37.718225][ T4561] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 37.727269][ T3300] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 37.727592][ T4561] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 37.756974][ T4561] syz.2.470: attempt to access beyond end of device [ 37.756974][ T4561] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 37.771734][ T4566] syz.2.470: attempt to access beyond end of device [ 37.771734][ T4566] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 37.785755][ T4566] syz.2.470: attempt to access beyond end of device [ 37.785755][ T4566] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 37.800019][ T4561] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 37.807963][ T4561] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 37.834905][ T4578] netlink: 8 bytes leftover after parsing attributes in process `syz.4.478'. [ 37.836376][ T4561] syz.2.470: attempt to access beyond end of device [ 37.836376][ T4561] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 37.843811][ T4578] netlink: 8 bytes leftover after parsing attributes in process `syz.4.478'. [ 37.858129][ T4561] syz.2.470: attempt to access beyond end of device [ 37.858129][ T4561] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 37.884787][ T4561] syz.2.470: attempt to access beyond end of device [ 37.884787][ T4561] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 37.899619][ T4566] syz.2.470: attempt to access beyond end of device [ 37.899619][ T4566] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 37.914277][ T4566] syz.2.470: attempt to access beyond end of device [ 37.914277][ T4566] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 37.931315][ T4561] syz.2.470: attempt to access beyond end of device [ 37.931315][ T4561] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 38.037987][ T4587] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 38.059341][ T4590] netlink: 24 bytes leftover after parsing attributes in process `syz.1.484'. [ 38.084562][ T4593] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 38.183248][ T4604] loop4: detected capacity change from 0 to 512 [ 38.215094][ T4607] syzkaller1: entered promiscuous mode [ 38.220747][ T4607] syzkaller1: entered allmulticast mode [ 38.242566][ T4609] netlink: 16 bytes leftover after parsing attributes in process `syz.1.493'. [ 38.254406][ T4604] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.280941][ T4604] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 38.324244][ T4604] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 38.366768][ T4620] veth3: entered promiscuous mode [ 38.438654][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.505852][ T4632] loop4: detected capacity change from 0 to 1024 [ 38.537841][ T4632] EXT4-fs: Ignoring removed nobh option [ 38.582506][ T4632] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 38.600880][ T4625] loop3: detected capacity change from 0 to 8192 [ 38.626604][ T4632] EXT4-fs warning (device loop4): ext4_rename_delete:3735: inode #12: comm syz.4.499: Deleting old file: nlink 2, error=-2 [ 38.655821][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.683020][ T4650] netlink: 12 bytes leftover after parsing attributes in process `syz.1.504'. [ 38.692529][ T4650] netlink: 12 bytes leftover after parsing attributes in process `syz.1.504'. [ 38.733156][ T4657] loop2: detected capacity change from 0 to 512 [ 38.765650][ T4661] netlink: 152 bytes leftover after parsing attributes in process `syz.1.507'. [ 38.790969][ T4657] ext4: Unknown parameter 'smackfsfloor' [ 38.796959][ T4663] netlink: 'syz.0.508': attribute type 12 has an invalid length. [ 38.804741][ T4663] netlink: 'syz.0.508': attribute type 29 has an invalid length. [ 38.812560][ T4663] netlink: 148 bytes leftover after parsing attributes in process `syz.0.508'. [ 38.921807][ T4678] syzkaller1: entered promiscuous mode [ 38.927359][ T4678] syzkaller1: entered allmulticast mode [ 38.951033][ T4680] veth3: entered promiscuous mode [ 39.196822][ T4684] netlink: 8 bytes leftover after parsing attributes in process `syz.0.518'. [ 39.233744][ T4702] loop3: detected capacity change from 0 to 512 [ 39.255041][ T4702] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #3: comm syz.3.524: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 39.274466][ T4702] EXT4-fs error (device loop3): ext4_quota_enable:7127: comm syz.3.524: Bad quota inode: 3, type: 0 [ 39.286044][ T4702] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 39.302484][ T4702] EXT4-fs (loop3): mount failed [ 39.318283][ T3400] Process accounting resumed [ 39.351055][ T4714] loop3: detected capacity change from 0 to 1024 [ 39.362124][ T4714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 39.374500][ T4714] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 39.389115][ T4714] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.530: lblock 3 mapped to illegal pblock 3 (length 3) [ 39.403292][ T4714] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 39.415780][ T4714] EXT4-fs (loop3): This should not happen!! Data will be lost [ 39.415780][ T4714] [ 39.428290][ T4714] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 39.443299][ T4714] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 4 with error 28 [ 39.455745][ T4714] EXT4-fs (loop3): This should not happen!! Data will be lost [ 39.455745][ T4714] [ 39.465393][ T4714] EXT4-fs (loop3): Total free blocks count 0 [ 39.471478][ T4714] EXT4-fs (loop3): Free/Dirty block details [ 39.477442][ T4714] EXT4-fs (loop3): free_blocks=4293918720 [ 39.483225][ T4714] EXT4-fs (loop3): dirty_blocks=64 [ 39.488454][ T4714] EXT4-fs (loop3): Block reservation details [ 39.500086][ T4714] syz.3.530 (4714) used greatest stack depth: 9320 bytes left [ 39.517098][ T41] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:2: lblock 8 mapped to illegal pblock 8 (length 8) [ 39.540342][ T4721] netlink: 'syz.3.532': attribute type 27 has an invalid length. [ 39.566808][ T4721] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.573989][ T4721] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.618171][ T4730] loop4: detected capacity change from 0 to 512 [ 39.622590][ T4721] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 39.634400][ T4721] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 39.653044][ T4730] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.653433][ T4721] batman_adv: batadv0: Interface deactivated: macvlan0 [ 39.667394][ T4730] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 39.686027][ T4721] ipvlan0: left allmulticast mode [ 39.691135][ T4721] veth0_vlan: left allmulticast mode [ 39.706869][ T4721] veth3: left promiscuous mode [ 39.749200][ T4726] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.759514][ T4726] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.769875][ T4726] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 39.793316][ T2203] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.816930][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.829515][ T2203] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.839110][ T2203] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.855004][ T2203] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.873900][ T4744] loop0: detected capacity change from 0 to 512 [ 39.904657][ T4744] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #3: comm syz.0.539: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 39.924378][ T4744] EXT4-fs error (device loop0): ext4_quota_enable:7127: comm syz.0.539: Bad quota inode: 3, type: 0 [ 39.951351][ T4744] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 39.974462][ T4744] EXT4-fs (loop0): mount failed [ 40.047222][ T4764] loop3: detected capacity change from 0 to 512 [ 40.060389][ T4759] loop0: detected capacity change from 0 to 8192 [ 40.084052][ T4764] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.098994][ T4764] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 40.150333][ T4772] SELinux: failed to load policy [ 40.247420][ T4785] bridge0: entered promiscuous mode [ 40.268539][ T4785] bridge0: port 1(macvlan2) entered blocking state [ 40.275374][ T4785] bridge0: port 1(macvlan2) entered disabled state [ 40.288342][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.303979][ T4785] macvlan2: entered allmulticast mode [ 40.309424][ T4785] bridge0: entered allmulticast mode [ 40.316317][ T4785] macvlan2: left allmulticast mode [ 40.321512][ T4785] bridge0: left allmulticast mode [ 40.330265][ T4785] bridge0: left promiscuous mode [ 40.344850][ T4787] loop2: detected capacity change from 0 to 2048 [ 40.393027][ T4787] loop2: p1 < > p4 [ 40.398301][ T4787] loop2: p4 size 8388608 extends beyond EOD, truncated [ 40.485832][ T4803] loop3: detected capacity change from 0 to 512 [ 40.494282][ T4803] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 40.509311][ T4803] EXT4-fs (loop3): 1 truncate cleaned up [ 40.525977][ T4803] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 40.555614][ T1036] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 40.563187][ T1036] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 40.570709][ T1036] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 40.598424][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.620526][ T1036] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 40.627950][ T1036] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 40.635380][ T1036] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 40.642797][ T1036] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 40.650191][ T1036] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 40.657672][ T1036] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 40.665096][ T1036] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 40.672985][ T4813] loop3: detected capacity change from 0 to 1024 [ 40.685674][ T1036] hid-generic 0000:0000:0000.0001: hidraw0: HID v8.00 Device [syz0] on syz0 [ 40.705134][ T4813] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.788742][ T4821] syzkaller1: entered promiscuous mode [ 40.794347][ T4821] syzkaller1: entered allmulticast mode [ 40.816342][ T4819] SELinux: failed to load policy [ 40.825205][ T4824] loop0: detected capacity change from 0 to 512 [ 40.863553][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.873335][ T4827] bridge_slave_0: left allmulticast mode [ 40.879074][ T4827] bridge_slave_0: left promiscuous mode [ 40.879385][ T4824] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.884915][ T4827] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.898322][ T4824] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 40.917024][ T4827] bridge_slave_1: left allmulticast mode [ 40.922823][ T4827] bridge_slave_1: left promiscuous mode [ 40.928650][ T4827] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.975569][ T4837] loop3: detected capacity change from 0 to 2048 [ 40.992319][ T4827] bond0: (slave bond_slave_0): Releasing backup interface [ 41.003105][ T4827] bond0: (slave bond_slave_1): Releasing backup interface [ 41.015135][ T4827] team0: Port device team_slave_0 removed [ 41.021424][ T4837] loop3: p1 < > p4 [ 41.026402][ T4837] loop3: p4 size 8388608 extends beyond EOD, truncated [ 41.037235][ T4827] team0: Port device team_slave_1 removed [ 41.045370][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.062722][ T4827] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 41.070190][ T4827] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 41.070346][ T4841] loop2: detected capacity change from 0 to 8192 [ 41.085728][ T4827] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 41.093231][ T4827] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 41.218245][ T4855] loop0: detected capacity change from 0 to 512 [ 41.254485][ T4855] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.272336][ T4855] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 41.301692][ T4863] can0: slcan on ttyS3. [ 41.320603][ T4855] loop0: detected capacity change from 512 to 64 [ 41.356039][ T3305] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Out of memory [ 41.380270][ T4865] bridge0: entered promiscuous mode [ 41.385788][ T4862] can0 (unregistered): slcan off ttyS3. [ 41.386468][ T4865] bridge0: port 1(macvlan2) entered blocking state [ 41.392923][ T3305] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz-executor: mark_inode_dirty error [ 41.398236][ T4865] bridge0: port 1(macvlan2) entered disabled state [ 41.454132][ T4865] macvlan2: entered allmulticast mode [ 41.459538][ T4865] bridge0: entered allmulticast mode [ 41.481149][ T4865] macvlan2: left allmulticast mode [ 41.486285][ T4865] bridge0: left allmulticast mode [ 41.501030][ T4865] bridge0: left promiscuous mode [ 41.618784][ T4874] loop4: detected capacity change from 0 to 2048 [ 41.662240][ T4874] loop4: p1 < > p4 [ 41.666940][ T4874] loop4: p4 size 8388608 extends beyond EOD, truncated [ 41.703207][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.794017][ T4894] bridge_slave_0: left allmulticast mode [ 41.799704][ T4894] bridge_slave_0: left promiscuous mode [ 41.805431][ T4894] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.815335][ T4894] bridge_slave_1: left allmulticast mode [ 41.821083][ T4894] bridge_slave_1: left promiscuous mode [ 41.826746][ T4894] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.835287][ T29] kauditd_printk_skb: 128 callbacks suppressed [ 41.835298][ T29] audit: type=1400 audit(1755230335.277:761): avc: denied { mounton } for pid=4896 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 41.873618][ T4894] bond0: (slave bond_slave_0): Releasing backup interface [ 41.888796][ T4894] bond0: (slave bond_slave_1): Releasing backup interface [ 41.911381][ T4894] team0: Port device team_slave_0 removed [ 41.920234][ T4894] team0: Port device team_slave_1 removed [ 41.928253][ T4894] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 41.935722][ T4894] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 41.946456][ T4894] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 41.954073][ T4894] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 42.087324][ T4909] loop4: detected capacity change from 0 to 8192 [ 42.177581][ T4925] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 42.292560][ T4896] chnl_net:caif_netlink_parms(): no params data found [ 42.399353][ T4896] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.406539][ T4896] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.422694][ T4896] bridge_slave_0: entered allmulticast mode [ 42.429229][ T4896] bridge_slave_0: entered promiscuous mode [ 42.436225][ T4896] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.443340][ T4896] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.450928][ T4896] bridge_slave_1: entered allmulticast mode [ 42.457406][ T4896] bridge_slave_1: entered promiscuous mode [ 42.494187][ T4896] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 42.506947][ T4896] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 42.527959][ T4951] ALSA: seq fatal error: cannot create timer (-19) [ 42.556600][ T4953] bridge_slave_0: left allmulticast mode [ 42.562322][ T4953] bridge_slave_0: left promiscuous mode [ 42.568023][ T4953] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.581603][ T4953] bridge_slave_1: left allmulticast mode [ 42.587278][ T4953] bridge_slave_1: left promiscuous mode [ 42.593148][ T4953] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.602761][ T4953] bond0: (slave bond_slave_0): Releasing backup interface [ 42.611815][ T4953] bond0: (slave bond_slave_1): Releasing backup interface [ 42.621407][ T4953] team0: Port device team_slave_0 removed [ 42.628112][ T4953] team0: Port device team_slave_1 removed [ 42.637766][ T4953] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 42.661433][ T4953] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 42.669293][ T4953] batman_adv: batadv0: Removing interface: macvlan0 [ 42.678690][ T4896] team0: Port device team_slave_0 added [ 42.715384][ T4963] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 42.732656][ T4896] team0: Port device team_slave_1 added [ 42.748345][ T4972] __nla_validate_parse: 16 callbacks suppressed [ 42.748362][ T4972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.625'. [ 42.764940][ T4972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.625'. [ 42.782596][ T4972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.625'. [ 42.791849][ T4972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.625'. [ 42.805736][ T4979] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4979 comm=syz.2.629 [ 42.819324][ T4896] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 42.826488][ T4896] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.852474][ T4896] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 42.864597][ T4896] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 42.871575][ T4896] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.878231][ T4972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.625'. [ 42.897507][ T4896] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.914848][ T4983] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 42.917435][ T4972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.625'. [ 42.925964][ T4983] vhci_hcd: default hub control req: 2314 v0008 i0002 l0 [ 42.964224][ T4896] hsr_slave_0: entered promiscuous mode [ 42.970873][ T4896] hsr_slave_1: entered promiscuous mode [ 42.976800][ T4896] debugfs: 'hsr0' already exists in 'hsr' [ 42.982567][ T4896] Cannot create hsr debugfs directory [ 43.063527][ T4988] loop1: detected capacity change from 0 to 8192 [ 43.092650][ T5001] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 43.131819][ T4896] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 43.146244][ T4896] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 43.165185][ T4896] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 43.174023][ T4896] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 43.191916][ T4896] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.198982][ T4896] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.227798][ T4896] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.238589][ T2203] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.261885][ T4896] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.272208][ T51] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.279301][ T51] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.310113][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.317223][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.345868][ T4896] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 43.397028][ T4896] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.505031][ T4896] veth0_vlan: entered promiscuous mode [ 43.512705][ T4896] veth1_vlan: entered promiscuous mode [ 43.526391][ T4896] veth0_macvtap: entered promiscuous mode [ 43.533432][ T4896] veth1_macvtap: entered promiscuous mode [ 43.543589][ T4896] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 43.553926][ T4896] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 43.564738][ T51] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.575471][ T51] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.586016][ T51] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.594937][ T31] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.607718][ T29] audit: type=1400 audit(1755230337.047:762): avc: denied { mount } for pid=4896 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 43.630437][ T29] audit: type=1400 audit(1755230337.047:763): avc: denied { mounton } for pid=4896 comm="syz-executor" path="/root/syzkaller.Frtk8N/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 43.664801][ T5030] loop5: detected capacity change from 0 to 512 [ 43.682404][ T5030] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.695035][ T5030] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.750616][ T5030] loop5: detected capacity change from 512 to 64 [ 43.757624][ T5030] bio_check_eod: 11993 callbacks suppressed [ 43.757633][ T5030] syz.5.599: attempt to access beyond end of device [ 43.757633][ T5030] loop5: rw=2051, sector=104, nr_sectors = 408 limit=64 [ 43.784474][ T4896] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Out of memory [ 43.799951][ T4896] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #2: comm syz-executor: mark_inode_dirty error [ 43.819525][ T5038] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5038 comm=syz.1.639 [ 43.876321][ T5043] netlink: 4 bytes leftover after parsing attributes in process `syz.3.642'. [ 43.885411][ T5043] netlink: 4 bytes leftover after parsing attributes in process `syz.3.642'. [ 43.898490][ T5046] vhci_hcd: invalid port number 85 [ 43.903719][ T5046] vhci_hcd: default hub control req: 0501 v0005 i0055 l0 [ 43.911820][ T5048] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 43.920911][ T5048] vhci_hcd: default hub control req: 2314 v0008 i0002 l0 [ 43.934195][ T5050] netlink: 20 bytes leftover after parsing attributes in process `syz.1.644'. [ 43.953994][ T5043] netlink: 4 bytes leftover after parsing attributes in process `syz.3.642'. [ 43.962882][ T5050] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 43.983369][ T5054] ref_ctr_offset mismatch. inode: 0x253 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 45.471699][ T4896] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.493007][ T51] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.510375][ T5065] loop3: detected capacity change from 0 to 512 [ 45.540139][ T5065] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.541994][ T5060] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 45.569393][ C0] Illegal XDP return value 16128 on prog (id 460) dev veth0_to_hsr, expect packet loss! [ 45.582977][ T5065] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.611823][ T29] audit: type=1326 audit(1755230339.047:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5070 comm="syz.2.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4a07ebe9 code=0x7ffc0000 [ 45.635154][ T29] audit: type=1326 audit(1755230339.047:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5070 comm="syz.2.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f0e4a07ebe9 code=0x7ffc0000 [ 45.658558][ T29] audit: type=1326 audit(1755230339.047:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5070 comm="syz.2.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4a07ebe9 code=0x7ffc0000 [ 45.699295][ T5081] vhci_hcd: invalid port number 85 [ 45.704549][ T5081] vhci_hcd: default hub control req: 0501 v0005 i0055 l0 [ 45.720678][ T5065] loop3: detected capacity change from 512 to 64 [ 45.763226][ T5065] syz.3.651: attempt to access beyond end of device [ 45.763226][ T5065] loop3: rw=2051, sector=104, nr_sectors = 408 limit=64 [ 45.787462][ T3300] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Out of memory [ 45.796910][ T3300] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz-executor: mark_inode_dirty error [ 45.832287][ T5074] chnl_net:caif_netlink_parms(): no params data found [ 45.863656][ T5074] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.870900][ T5074] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.873037][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.886965][ T5074] bridge_slave_0: entered allmulticast mode [ 45.893561][ T5074] bridge_slave_0: entered promiscuous mode [ 45.900221][ T5074] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.907347][ T5074] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.914810][ T5074] bridge_slave_1: entered allmulticast mode [ 45.921426][ T5074] bridge_slave_1: entered promiscuous mode [ 45.936586][ T5074] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.947082][ T5074] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.965601][ T5074] team0: Port device team_slave_0 added [ 45.972107][ T5074] team0: Port device team_slave_1 added [ 45.987093][ T5074] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.994058][ T5074] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.019983][ T5074] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.031219][ T5074] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.038210][ T5074] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.064216][ T5074] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.088084][ T5074] hsr_slave_0: entered promiscuous mode [ 46.094037][ T5074] hsr_slave_1: entered promiscuous mode [ 46.099880][ T5074] debugfs: 'hsr0' already exists in 'hsr' [ 46.105612][ T5074] Cannot create hsr debugfs directory [ 46.164644][ T5074] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 46.173151][ T5074] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 46.182027][ T5074] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 46.190848][ T5074] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 46.206822][ T5074] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.213941][ T5074] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.221293][ T5074] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.228377][ T5074] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.256877][ T5074] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.268820][ T31] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.276581][ T31] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.287744][ T5074] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.297616][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.304703][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.315816][ T398] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.323027][ T398] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.381841][ T5074] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.445135][ T5115] ref_ctr_offset mismatch. inode: 0x2ee offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 46.593100][ T5074] veth0_vlan: entered promiscuous mode [ 46.626386][ T5074] veth1_vlan: entered promiscuous mode [ 46.726459][ T5074] veth0_macvtap: entered promiscuous mode [ 46.734495][ T5074] veth1_macvtap: entered promiscuous mode [ 46.748526][ T5120] chnl_net:caif_netlink_parms(): no params data found [ 46.760394][ T5074] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.774726][ T5074] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.794220][ T2203] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.809554][ T2203] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.832031][ T2203] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.844282][ T2203] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.874049][ T5120] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.881371][ T5120] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.889037][ T5120] bridge_slave_0: entered allmulticast mode [ 46.895916][ T5120] bridge_slave_0: entered promiscuous mode [ 46.902796][ T5120] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.909874][ T5120] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.917083][ T5120] bridge_slave_1: entered allmulticast mode [ 46.923476][ T5120] bridge_slave_1: entered promiscuous mode [ 46.943536][ T5120] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.955718][ T5120] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.965843][ T29] audit: type=1326 audit(1755230340.407:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5168 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53a4aebe9 code=0x7ffc0000 [ 46.989135][ T29] audit: type=1326 audit(1755230340.407:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5168 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53a4aebe9 code=0x7ffc0000 [ 47.016998][ T29] audit: type=1326 audit(1755230340.407:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5168 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe53a4aebe9 code=0x7ffc0000 [ 47.040435][ T29] audit: type=1326 audit(1755230340.407:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5168 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53a4aebe9 code=0x7ffc0000 [ 47.063916][ T29] audit: type=1326 audit(1755230340.407:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5168 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53a4aebe9 code=0x7ffc0000 [ 47.087148][ T29] audit: type=1326 audit(1755230340.437:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5168 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe53a4aebe9 code=0x7ffc0000 [ 47.110419][ T29] audit: type=1326 audit(1755230340.437:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5168 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53a4aebe9 code=0x7ffc0000 [ 47.133892][ T29] audit: type=1326 audit(1755230340.437:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5168 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe53a4aebe9 code=0x7ffc0000 [ 47.157476][ T29] audit: type=1326 audit(1755230340.437:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5168 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53a4aebe9 code=0x7ffc0000 [ 47.180972][ T29] audit: type=1326 audit(1755230340.437:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5168 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe53a4aebe9 code=0x7ffc0000 [ 47.206498][ T5179] ref_ctr_offset mismatch. inode: 0x2e2 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 47.206529][ T5120] team0: Port device team_slave_0 added [ 47.235184][ T5120] team0: Port device team_slave_1 added [ 47.255572][ T5120] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.262669][ T5120] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.288708][ T5120] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.300082][ T5120] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.307046][ T5120] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.333445][ T5120] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.382961][ T5120] hsr_slave_0: entered promiscuous mode [ 47.392804][ T5120] hsr_slave_1: entered promiscuous mode [ 47.398873][ T5120] debugfs: 'hsr0' already exists in 'hsr' [ 47.404727][ T5120] Cannot create hsr debugfs directory [ 47.474584][ T51] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.549820][ T51] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.608488][ T5225] loop6: detected capacity change from 0 to 512 [ 47.632068][ T51] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.647452][ T5225] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.663463][ T5225] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 47.695166][ T5074] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.734237][ T5234] ref_ctr_offset mismatch. inode: 0x32 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000 [ 47.746758][ T51] bridge_slave_1: left allmulticast mode [ 47.752504][ T51] bridge_slave_1: left promiscuous mode [ 47.758229][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.768389][ T51] bridge_slave_0: left allmulticast mode [ 47.774100][ T51] bridge_slave_0: left promiscuous mode [ 47.779842][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.878813][ T5250] __nla_validate_parse: 25 callbacks suppressed [ 47.878824][ T5250] netlink: 12 bytes leftover after parsing attributes in process `syz.6.702'. [ 47.896757][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 47.907641][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 47.917124][ T51] bond0 (unregistering): Released all slaves [ 47.969814][ T51] hsr_slave_0: left promiscuous mode [ 47.977004][ T51] hsr_slave_1: left promiscuous mode [ 47.984887][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 47.992323][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 48.001535][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 48.008935][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 48.042714][ T5260] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=256 sclass=netlink_audit_socket pid=5260 comm=syz.6.714 [ 48.055390][ T51] veth1_macvtap: left promiscuous mode [ 48.070698][ T51] veth0_macvtap: left promiscuous mode [ 48.076323][ T51] veth1_vlan: left promiscuous mode [ 48.081778][ T51] veth0_vlan: left promiscuous mode [ 48.107059][ T5267] netlink: 28 bytes leftover after parsing attributes in process `syz.4.707'. [ 48.116028][ T5267] netlink: 28 bytes leftover after parsing attributes in process `syz.4.707'. [ 48.194650][ T51] team0 (unregistering): Port device team_slave_1 removed [ 48.214319][ T51] team0 (unregistering): Port device team_slave_0 removed [ 48.309083][ T5285] netlink: 104 bytes leftover after parsing attributes in process `syz.6.716'. [ 48.347123][ T5120] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 48.373628][ T5120] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 48.397826][ T5120] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 48.424577][ T5120] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 48.493860][ T5299] netlink: 4 bytes leftover after parsing attributes in process `syz.6.722'. [ 48.512719][ T5299] netlink: 4 bytes leftover after parsing attributes in process `syz.6.722'. [ 48.536495][ T5120] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.557373][ T5120] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.675046][ T51] bond0 (unregistering): Released all slaves [ 48.704414][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.711505][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.723362][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.730504][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.746582][ T51] hsr_slave_0: left promiscuous mode [ 48.753486][ T51] hsr_slave_1: left promiscuous mode [ 48.972276][ T5120] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.035449][ T5345] netlink: 8 bytes leftover after parsing attributes in process `syz.2.738'. [ 49.055841][ T5345] netlink: 312 bytes leftover after parsing attributes in process `syz.2.738'. [ 49.064834][ T5345] netlink: 8 bytes leftover after parsing attributes in process `syz.2.738'. [ 49.074608][ T5120] veth0_vlan: entered promiscuous mode [ 49.085088][ T5120] veth1_vlan: entered promiscuous mode [ 49.102130][ T5120] veth0_macvtap: entered promiscuous mode [ 49.115157][ T5120] veth1_macvtap: entered promiscuous mode [ 49.128061][ T5120] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.144633][ T5120] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.155268][ T5332] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.168060][ T5332] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.195012][ T5332] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.205518][ T5332] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.269012][ T5361] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 49.494900][ T5369] loop4: detected capacity change from 0 to 512 [ 49.503176][ T5369] EXT4-fs: Ignoring removed bh option [ 49.509104][ T5369] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 49.517615][ T5369] EXT4-fs (loop4): fragment/cluster size (4096) != block size (2048) [ 49.775528][ T5391] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 49.818145][ T5397] netlink: 32 bytes leftover after parsing attributes in process `syz.4.761'. [ 49.856364][ T5403] 9pnet_fd: Insufficient options for proto=fd [ 49.950186][ T5420] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 49.995244][ T5424] netlink: 'syz.4.774': attribute type 6 has an invalid length. [ 50.304235][ T5455] IPVS: stopping master sync thread 5457 ... [ 50.415381][ T5472] loop3: detected capacity change from 0 to 512 [ 50.440615][ T5472] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.463252][ T5472] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.553154][ T5489] loop6: detected capacity change from 0 to 2048 [ 50.576067][ T5490] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 50.604695][ T5120] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.619605][ T5489] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 50.751298][ T5074] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.806554][ T5499] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 50.817792][ T5496] IPVS: stopping master sync thread 5499 ... [ 51.079466][ T5507] netlink: '+}[@': attribute type 10 has an invalid length. [ 51.089426][ T5507] batman_adv: batadv0: Adding interface: macvlan0 [ 51.096045][ T5507] batman_adv: batadv0: The MTU of interface macvlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.123208][ T5507] batman_adv: batadv0: Interface activated: macvlan0 [ 51.319465][ T5532] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 51.331533][ T5530] IPVS: stopping master sync thread 5532 ... [ 51.410447][ T5539] loop4: detected capacity change from 0 to 128 [ 51.423506][ T5539] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 51.437011][ T5539] ext4 filesystem being mounted at /158/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 51.479487][ T5526] loop3: detected capacity change from 0 to 2048 [ 51.493142][ T5539] netlink: '+}[@': attribute type 10 has an invalid length. [ 51.510408][ T5539] batman_adv: batadv0: Adding interface: macvlan0 [ 51.512508][ T5540] SELinux: failed to load policy [ 51.516892][ T5539] batman_adv: batadv0: The MTU of interface macvlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.556147][ T5539] batman_adv: batadv0: Interface activated: macvlan0 [ 51.590207][ T3303] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 51.605026][ T5526] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.749066][ T5120] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.838632][ T31] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.857613][ T31] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.868684][ T31] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.878844][ T31] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.944463][ T5574] loop3: detected capacity change from 0 to 512 [ 51.951130][ T5574] msdos: Unknown parameter 'errconheck' [ 52.029087][ T5580] SELinux: failed to load policy [ 52.057167][ T5583] loop6: detected capacity change from 0 to 128 [ 52.065327][ T5583] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 52.077871][ T5583] ext4 filesystem being mounted at /45/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 52.114124][ T5583] netlink: '+}[@': attribute type 10 has an invalid length. [ 52.122660][ T5583] batman_adv: batadv0: Adding interface: macvlan0 [ 52.129083][ T5583] batman_adv: batadv0: The MTU of interface macvlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.154945][ T5583] batman_adv: batadv0: Interface activated: macvlan0 [ 52.184736][ T5074] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 52.199093][ T29] kauditd_printk_skb: 114 callbacks suppressed [ 52.199105][ T29] audit: type=1326 audit(1755230345.637:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e441ebe9 code=0x7ffc0000 [ 52.243791][ T29] audit: type=1326 audit(1755230345.637:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e441ebe9 code=0x7ffc0000 [ 52.267112][ T29] audit: type=1326 audit(1755230345.637:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e441ebe9 code=0x7ffc0000 [ 52.271429][ T5588] loop6: detected capacity change from 0 to 512 [ 52.290374][ T29] audit: type=1326 audit(1755230345.637:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e441ebe9 code=0x7ffc0000 [ 52.290399][ T29] audit: type=1326 audit(1755230345.637:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e441ebe9 code=0x7ffc0000 [ 52.343121][ T29] audit: type=1326 audit(1755230345.637:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e441ebe9 code=0x7ffc0000 [ 52.353629][ T5588] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 52.366402][ T29] audit: type=1326 audit(1755230345.637:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e441ebe9 code=0x7ffc0000 [ 52.381968][ T5588] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.402219][ T29] audit: type=1326 audit(1755230345.637:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e441ebe9 code=0x7ffc0000 [ 52.435903][ T29] audit: type=1326 audit(1755230345.637:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e441ebe9 code=0x7ffc0000 [ 52.459905][ T29] audit: type=1326 audit(1755230345.637:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5585 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e441ebe9 code=0x7ffc0000 [ 52.486843][ T5588] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 52.512733][ T5074] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.539837][ T5594] loop4: detected capacity change from 0 to 128 [ 52.548942][ T5594] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 52.556871][ T5594] FAT-fs (loop4): Filesystem has been set read-only [ 52.571798][ T5594] syz.4.844: attempt to access beyond end of device [ 52.571798][ T5594] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 52.585832][ T5594] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 52.593835][ T5594] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 52.603751][ T5599] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 52.638606][ T5599] syz.4.844: attempt to access beyond end of device [ 52.638606][ T5599] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 52.652355][ T5594] syz.4.844: attempt to access beyond end of device [ 52.652355][ T5594] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 52.654129][ T5599] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 52.673445][ T5599] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 52.673779][ T5594] syz.4.844: attempt to access beyond end of device [ 52.673779][ T5594] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 52.705850][ T5599] syz.4.844: attempt to access beyond end of device [ 52.705850][ T5599] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 52.737475][ T5594] syz.4.844: attempt to access beyond end of device [ 52.737475][ T5594] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 52.750718][ T5599] syz.4.844: attempt to access beyond end of device [ 52.750718][ T5599] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 52.764325][ T5594] syz.4.844: attempt to access beyond end of device [ 52.764325][ T5594] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 52.778015][ T5599] syz.4.844: attempt to access beyond end of device [ 52.778015][ T5599] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 52.808133][ T5594] syz.4.844: attempt to access beyond end of device [ 52.808133][ T5594] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 52.986078][ T5620] loop6: detected capacity change from 0 to 512 [ 53.000782][ T5620] EXT4-fs: Ignoring removed mblk_io_submit option [ 53.011927][ T5620] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 53.106189][ T5627] can0: slcan on ttyS3. [ 53.175002][ T5620] EXT4-fs (loop6): 1 truncate cleaned up [ 53.180928][ T5626] can0 (unregistered): slcan off ttyS3. [ 53.186997][ T5620] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.909396][ T5074] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.922563][ T5652] loop3: detected capacity change from 0 to 128 [ 53.942200][ T5652] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 53.950050][ T5652] FAT-fs (loop3): Filesystem has been set read-only [ 53.960840][ T5652] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 53.968823][ T5652] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 53.982472][ T5659] loop6: detected capacity change from 0 to 512 [ 54.003109][ T5659] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.027222][ T5659] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.142858][ T5074] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.167803][ T5671] __nla_validate_parse: 8 callbacks suppressed [ 54.167820][ T5671] netlink: 4 bytes leftover after parsing attributes in process `syz.6.878'. [ 54.197036][ T5671] bridge0: entered promiscuous mode [ 54.203992][ T5671] bridge0: port 3(macvlan2) entered blocking state [ 54.210642][ T5671] bridge0: port 3(macvlan2) entered disabled state [ 54.217277][ T5671] macvlan2: entered allmulticast mode [ 54.222760][ T5671] bridge0: entered allmulticast mode [ 54.228657][ T5671] macvlan2: left allmulticast mode [ 54.233851][ T5671] bridge0: left allmulticast mode [ 54.239439][ T5671] bridge0: left promiscuous mode [ 54.316406][ T5675] netlink: 8 bytes leftover after parsing attributes in process `syz.1.881'. [ 54.348251][ T5679] can0: slcan on ttyS3. [ 54.380647][ T5676] can0 (unregistered): slcan off ttyS3. [ 54.449440][ T5685] loop6: detected capacity change from 0 to 512 [ 54.495890][ T5685] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.515290][ T5685] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.534589][ T5681] ================================================================== [ 54.542695][ T5681] BUG: KCSAN: data-race in shmem_file_splice_read / shmem_file_splice_read [ 54.551284][ T5681] [ 54.553603][ T5681] write to 0xffff8881041bce28 of 8 bytes by task 5686 on cpu 0: [ 54.561227][ T5681] shmem_file_splice_read+0x470/0x600 [ 54.566596][ T5681] splice_direct_to_actor+0x26c/0x680 [ 54.571964][ T5681] do_splice_direct+0xda/0x150 [ 54.576724][ T5681] do_sendfile+0x380/0x650 [ 54.581161][ T5681] __x64_sys_sendfile64+0x105/0x150 [ 54.586366][ T5681] x64_sys_call+0x2bb0/0x2ff0 [ 54.591041][ T5681] do_syscall_64+0xd2/0x200 [ 54.595555][ T5681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.601448][ T5681] [ 54.603765][ T5681] write to 0xffff8881041bce28 of 8 bytes by task 5681 on cpu 1: [ 54.611389][ T5681] shmem_file_splice_read+0x470/0x600 [ 54.616775][ T5681] splice_direct_to_actor+0x26c/0x680 [ 54.622152][ T5681] do_splice_direct+0xda/0x150 [ 54.626934][ T5681] do_sendfile+0x380/0x650 [ 54.631363][ T5681] __x64_sys_sendfile64+0x105/0x150 [ 54.636566][ T5681] x64_sys_call+0x2bb0/0x2ff0 [ 54.641240][ T5681] do_syscall_64+0xd2/0x200 [ 54.645747][ T5681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.651635][ T5681] [ 54.653950][ T5681] value changed: 0x000000000000b38a -> 0x000000000000b3bb [ 54.661049][ T5681] [ 54.663355][ T5681] Reported by Kernel Concurrency Sanitizer on: [ 54.669514][ T5681] CPU: 1 UID: 0 PID: 5681 Comm: syz.1.885 Not tainted 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT(voluntary) [ 54.681832][ T5681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 54.691885][ T5681] ================================================================== [ 54.749816][ T5685] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 54.969346][ T5074] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.