last executing test programs: 4m24.033324306s ago: executing program 32 (id=323): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000015c0), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000001640)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000000840)={0x4c, r1, 0x1, 0x70bd2d, 0x25dfdc00, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_DEVKEY={0x30, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_ID={0x20, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}]}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000881}, 0x0) 3m57.841835193s ago: executing program 33 (id=1357): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}, {0xc, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x4c840}, 0x800) io_submit(0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600, 0xffff0000, 0x48, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x48) 3m24.224050176s ago: executing program 34 (id=2271): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x98, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x84, 0x1, [@m_tunnel_key={0x80, 0x1, 0x0, 0x0, {{0xf}, {0x50, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x0, 0xffff25d8, 0x0, 0xfffffffd}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xe, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x24040081}, 0x880) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) writev(r0, &(0x7f00000001c0)=[{0x0}], 0x1) 3m3.750872792s ago: executing program 2 (id=2810): r0 = socket$inet6(0xa, 0x5, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) r1 = socket$inet(0x2, 0x80001, 0x84) setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000280)=0x4, 0x4) bind$inet(r1, &(0x7f0000000180)={0x2, 0xde20, @empty}, 0x10) 3m3.711085044s ago: executing program 2 (id=2802): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x8, &(0x7f0000000000)={[{@barrier_val={'barrier', 0x3d, 0x5cb}}, {@data_err_ignore}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ") mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, 0x0, 0x0) getsockopt$netlink(r0, 0x10e, 0x9, 0x0, &(0x7f0000000100)) 3m3.58149967s ago: executing program 2 (id=2804): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3, 0x0, 0xffeffffb}, 0x7fff}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01) write$sndseq(r1, &(0x7f0000000000)=[{0x1e, 0x0, 0x8, 0xfd, @tick=0x8, {}, {}, @result}], 0x1c) 3m3.482396305s ago: executing program 2 (id=2807): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="24000000390009000000000000000000010000000400000004000180080002"], 0x24}}, 0x0) 3m3.37421833s ago: executing program 2 (id=2812): openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x17d) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000040)='./file1\x00', 0x201) r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000001c0)=0x10) 3m3.328051012s ago: executing program 2 (id=2814): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x18, 0x25, 0x301, 0x270bd24, 0x25dfdbff, {0x1}, [@nested={0x4, 0xae}]}, 0x18}}, 0x0) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r1, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_mtu=0x6}) ioctl$sock_netdev_private(r1, 0x8914, &(0x7f0000000000)) 3m1.603324477s ago: executing program 35 (id=2846): socket$kcm(0x10, 0x2, 0x0) perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000001000000b7040000000000008500000033000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200001f000000b703000000000000850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000002, 0x0, 0x21, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x50) 2m48.265562613s ago: executing program 36 (id=2814): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x18, 0x25, 0x301, 0x270bd24, 0x25dfdbff, {0x1}, [@nested={0x4, 0xae}]}, 0x18}}, 0x0) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r1, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_mtu=0x6}) ioctl$sock_netdev_private(r1, 0x8914, &(0x7f0000000000)) 2m25.922040041s ago: executing program 3 (id=3581): r0 = open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0) ftruncate(r0, 0x200002) r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r2 = socket$pppl2tp(0x18, 0x1, 0x1) sendfile(r2, r1, 0x0, 0x80001d00c0d0) 2m25.865333204s ago: executing program 3 (id=3583): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0), 0x8c46, 0x0) r1 = syz_io_uring_setup(0x313f, &(0x7f0000000080)={0x0, 0x3, 0x10100, 0x3, 0x171}, &(0x7f0000000380)=0x0, &(0x7f0000000340)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd=r0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="1a", 0x1}], 0x1}) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)) io_uring_enter(r1, 0x4d10, 0x2, 0x2, 0x0, 0x0) 2m25.766949989s ago: executing program 3 (id=3584): socket$inet_udp(0x2, 0x2, 0x0) set_mempolicy(0x3, &(0x7f0000000140)=0x3, 0x5) r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xf}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_BYTEMODE={0x8, 0xb, 0x1}, @TCA_FQ_PIE_ECN={0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c) 2m25.765834578s ago: executing program 3 (id=3585): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) fsopen(&(0x7f0000000280)='ext4\x00', 0x0) 2m25.692347172s ago: executing program 3 (id=3587): openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000024c0)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x401, 0x70bd2a, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, 0x4982, 0x701ca}, [@IFLA_LINKINFO={0x28, 0x37, 0x0, 0x1, @veth={{0x9}, {0x10, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x10000, 0x48124}}}}}}, @IFLA_PROTO_DOWN={0x5, 0x27, 0x2}]}, 0x50}, 0x1, 0x0, 0x0, 0xc10}, 0x8000) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) 2m25.629938195s ago: executing program 3 (id=3589): r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x206, 0x3601) ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) ioctl$USBDEVFS_BULK(r0, 0x5523, 0x0) 2m10.625018873s ago: executing program 37 (id=3589): r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x206, 0x3601) ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) ioctl$USBDEVFS_BULK(r0, 0x5523, 0x0) 1m27.511424341s ago: executing program 6 (id=4955): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4, 0x0, &(0x7f0000000800)="e3008067", 0x0, 0x407, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffff}, 0x50) r1 = syz_open_dev$sg(&(0x7f00000000c0), 0x6f5e, 0x2) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000040)=0x85) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000390009fffe0f0f000000000003"], 0x78}}, 0x0) 1m27.438844934s ago: executing program 6 (id=4957): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000000)=0x100, 0x4) write(r0, &(0x7f0000000340)="0a000300010000", 0x7) recvmmsg(r0, &(0x7f0000000a80)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000640)=""/154, 0x9a}, 0x5c00}], 0x1, 0x12042, 0x0) 1m27.422592265s ago: executing program 6 (id=4959): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) sendmmsg$inet(r0, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00) 1m27.195404136s ago: executing program 6 (id=4965): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x404, &(0x7f0000000080)={[{@nodelalloc}, {@nobh}, {@grpjquota}, {@bh}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==") creat(&(0x7f0000000200)='./bus\x00', 0x268) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0) preadv2(r0, &(0x7f0000000000)=[{&(0x7f0000000580)=""/4105, 0x1009}], 0x1, 0x1, 0x8, 0x8) 1m27.022855175s ago: executing program 6 (id=4969): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e21, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9}]}, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={r2, 0x76}, 0x8) 1m26.453609853s ago: executing program 6 (id=4983): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000001c0)=0x3) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x60, 0x6}]}) ioctl$PPPIOCSDEBUG(r0, 0x40047440, &(0x7f00000000c0)=0x7) write$ppp(r0, &(0x7f00000008c0)='\x00\x00;', 0x3) 1m26.393415396s ago: executing program 38 (id=4983): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000001c0)=0x3) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x60, 0x6}]}) ioctl$PPPIOCSDEBUG(r0, 0x40047440, &(0x7f00000000c0)=0x7) write$ppp(r0, &(0x7f00000008c0)='\x00\x00;', 0x3) 1m18.167528503s ago: executing program 9 (id=5129): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000007c5e0000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffa}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1m17.961011143s ago: executing program 9 (id=5137): r0 = socket$key(0xf, 0x3, 0x2) recvmmsg(r0, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400}) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@report={0x4c, 0x20, 0x1, 0x6, 0x25dfdbfe, {0x33, {@in=@loopback, @in=@private=0xa010101, 0x4e21, 0xfff, 0x4e24, 0x6, 0xa, 0x20, 0x20, 0x3c}}}, 0x4c}}, 0x0) setsockopt$sock_int(r0, 0x1, 0x4b, &(0x7f0000000040)=0xfd87, 0x4) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0216000002"], 0x10}}, 0x0) 1m17.740276024s ago: executing program 9 (id=5140): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) r2 = pidfd_getfd(r1, r1, 0x0) setns(r2, 0x20000000) 1m17.695178046s ago: executing program 9 (id=5141): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0) mount$bind(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x84000, 0x0) 1m17.551156544s ago: executing program 9 (id=5153): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x130}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x6}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x2c, 0xd, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000) 1m17.363726333s ago: executing program 9 (id=5144): r0 = socket$nl_rdma(0x10, 0x3, 0x14) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x38, 0x1403, 0xc23, 0x70bd2a, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'syz_tun\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0x4000) syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2d, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ipvlan0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000840}, 0x2400c000) 1m17.304233946s ago: executing program 39 (id=5144): r0 = socket$nl_rdma(0x10, 0x3, 0x14) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x38, 0x1403, 0xc23, 0x70bd2a, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'syz_tun\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0x4000) syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2d, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ipvlan0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000840}, 0x2400c000) 39.02772193s ago: executing program 1 (id=6166): r0 = syz_io_uring_setup(0x133d, &(0x7f0000000340)={0x0, 0x7af1, 0x80, 0x4, 0x3da}, &(0x7f0000000200)=0x0, &(0x7f0000000100)=0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f00000003c0)=[0xffffffffffffffff], 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x4004, @fd_index, 0x400000080001001, 0x0, 0x0, 0x2}) io_uring_enter(r0, 0x47f3, 0xfffffffe, 0x0, 0x0, 0x0) 38.784443601s ago: executing program 1 (id=6169): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x2200008, &(0x7f00000003c0)={[{@stripe={'stripe', 0x3d, 0x9}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@grpquota}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@jqfmt_vfsv1}, {@nogrpid}, {@noauto_da_alloc}, {@norecovery}]}, 0x3, 0x586, &(0x7f0000000a40)="$eJzs3c9rFFccAPDvbBJ/t0YQaXsoAQ+1WDcm6Q8LBe2xtFKhvduQrEGycSW7EZMK6qFeeilSKKVC6R/Qe4/Sf6D/Qi9CK0iR0B68bJnNrFmT3WSzWUx0Ph8YfW9mNt958+b78mZnwwaQWyPpP4WI1yPiuyTicMu2wcg2jqzst/z4xlS6JFGvf/FPEkm2rrl/kv1/MKu8FhG/fxNxsrA+bnVxaXayXC7NZ/XR2tzV0eri0qnLc5MzpZnSlfGJiTPvTYx/+MH7fWvr2xf++/Hz+5+c+fb48g+/PjxyN4lzcSjb1tqObbjVWhmJkeycDMW5NTuO9SHYbpLs9AHQk4Esz4ciHQMOx0CW9cDL72ZE1IGcSuQ/5FRzHtC8t+/TffAL49HHKzdA69s/uPLeSOxr3BsdWE6euTNK73eH+xA/jfHb3/fupkts8j7EzWerA30ID+TYrdsRcXpwcP34l2TjX+9ON9483tjaGHn7/QM76X46/3mn3fyn8HT+E23mPwfb5G4vNs//wsM+hOkonf991Hb++3ToGh7Iaq805nxDyaXL5dLpiHg1Ik7E0N60vtHznDPLD+qdtrXO/9Iljd+cC2bH8XBw77OvmZ6sTW6nza0e3Y54Y3X+m8S68X9fY667tv/T83GhyxjHSvfe7LRt8/a3utl9w7pU/yXirbb9v/pEK9n4+eRo43oYbV4V6/1759gfneJvrf39l/b/gY3bP5y0Pq+tbj3Gz/uelDpt6/X635N82SjvWVn1pD5Zq82PRexJPmtdH9fT9eOrr23Wr2f7p+0/cXzj8a/d9b8/Ir7qsv13jt7puOtu6P/pLfX/1gsPPv36p07xu+v/dxulE9mabsa/bg9wO+cOAAAAAAAAdptCRByKpFB8Wi4UisWVz3ccjQOFcqVaO3mpsnBlOhp/KzscQ4Xmk+7DLZ+HGMs+D9usj6+pT0TEkYj4fmB/o16cqpSnd7rxAAAAAAAAAAAAAAAAAAAAsEsc7PD3/6m/fMMUvPx85Tfk16b5349vegJ2Jb//Ib/kP+SX/If8kv+QX/If8kv+Q37Jf8gv+Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAB9deH8+XSpLz++MZXWp68tLsxWrp2aLlVni3MLU8WpyvzV4kylMlMuFacqc5v9vHKlcnVsPBauj9ZK1dpodXHp4lxl4Urt4uW5yZnSxdLQc2kVAAAAAAAAAAAAAAAAAAAAvFiqi0uzk+VyaX5LhT+jl1etFgrbiv68C2djVxxGz4Vks/N8NuuOnkIM7nwDFbZWGMj6e8Odd2hAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA2/g8AAP//AAkuVg==") setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f0000000100), &(0x7f0000001400)=ANY=[], 0x835, 0x0) setxattr$security_ima(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000200), &(0x7f0000000000)=ANY=[], 0x700, 0x0) setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) rename(&(0x7f00000009c0)='./file1\x00', &(0x7f0000000a00)='./file0/file0\x00') 38.716673605s ago: executing program 1 (id=6172): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000400)=0xa8) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000140)={0xffffffd0, 0x2, 0x2, 0x831a, 0x1, "030000000000000000049dd0ffd76d7fcb0b0e", 0x26, 0x201}) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0xff) 38.568330012s ago: executing program 1 (id=6176): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f00000002c0)=@file={0x1, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000002c0)=0x20) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 38.472305507s ago: executing program 1 (id=6180): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e22, @private=0xa010100}], 0x10) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), 0x4) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8) recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) 38.125129954s ago: executing program 1 (id=6187): perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x520, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0xa98, 0x3}, 0x0, 0x1224, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x7c}}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b0000000000701080000000000000000000000010c00034000000000000000080900010073797a30000000001c"], 0xb0}, 0x1, 0x0, 0x0, 0x8458}, 0x80) 38.077068507s ago: executing program 40 (id=6187): perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x520, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0xa98, 0x3}, 0x0, 0x1224, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x7c}}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b0000000000701080000000000000000000000010c00034000000000000000080900010073797a30000000001c"], 0xb0}, 0x1, 0x0, 0x0, 0x8458}, 0x80) 3.473386199s ago: executing program 7 (id=6967): r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001980), 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x2000000d}) read$char_usb(r0, &(0x7f0000000200)=""/89, 0x59) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000000)={0x10000004}) 3.473078038s ago: executing program 5 (id=6968): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x10, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x5}, 0x2002, 0x32, 0x5, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x2711, @host}, 0x10) connect$vsock_stream(r2, &(0x7f0000000300)={0x28, 0x0, 0x2710}, 0x10) 3.44971904s ago: executing program 7 (id=6969): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'team_slave_1\x00', 0x0}) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x5c, r3, 0x1, 0x70bd2a, 0x25dfdc03, {}, [{{0x8, 0x1, r4}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}]}}]}, 0x5c}, 0x1, 0x400000000000000}, 0x48090) 3.397432682s ago: executing program 7 (id=6971): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000500)={0x38, r3, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_IFNAME={0x14}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0xb}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x7}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c800}, 0x0) 3.393296682s ago: executing program 5 (id=6972): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x180c8, &(0x7f00000006c0)=ANY=[@ANYBLOB="6e66732c646f74732c636865636b3d7374726963742c646f74732c6572726f72733d72656d6f756e742d726f2c00fc403bb14281bbfb9b8213bd6284536d64789a24dd73b98b3e33cb47fed8a736464bb62e9e891aa832722dfc28bfa4489b3a127a503e72326b737d0f67c97be6f37ef46154dec39ef8718946ffc8cd4d735a0b101c1722477bbe2f923577ea51f7116f17c3ddf5c497fba2d0bb3272d123b31e9461d4e2d65a42e1174fa269de92e463fc1ca202650fe2628e15341e45dce6c0de2367bdb50cc5b2b462e1d45fc3265f1a88561ab6afb1b73a3b340b5c73055fc6e601843a59f3cdeb36991cfa985453287d4c9d2d6e21adddc57a607369c682e821b20dc0efd51d12f386f3f8e53c05e696e50c7c3f79b1b0bd7e5cfaf3f63d8949c8dd2fd94aa0f259a4cb9412c30c45f9d4d63d267d2a43f03a47fa56b3"], 0x1, 0x242, &(0x7f0000000300)="$eJzs3bFqFFEUBuBjskmWNKYWiwEbq0WtbBeJIA4IK1No5UC0SUSYNKPVPIbP4CP5GKnSjZhZsklcbczm7s58Hyz3wM/Cuc3eLc6d+fDw8/HRl9NP7c/vMR5nMYpo2jbiILZiOzr35uvWRb0bVzUBAGya2aycpu6B1aqqabkTEXt/JMWPJA0BAAAAAAAAAADw35bN/8e5+X8A6DPz//1XVdNyf/7/7Trz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA65217v/3HJ3V/AMDtc/4DwPA4/wFgeJz/ADA8b9+9fz3N88NZlo0jzpq6qItu7fKXr/LDJ9mFg8W3zuq62L7Mn3Z5dj3fif15/mxpvhuPH3X57+zFm/xGvhdHq98+AAAAAAAAAAAAAAAAAAAArIVJdmnp/f7J5G95V115PsCN+/ujeDC6s20AAAAAAAAAAAAAAAAAAADARjv9+u24PDn5WCl6U8TztWjjrouItWijL0XqXyYAAAAAAAAAAAAAAAAAABiexaXf1J0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQDqL9/+vroiIpu2k3i4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQY78CAAD//139ms4=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12) write(r1, &(0x7f0000000a00)="c7", 0x1) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffe) 3.321947896s ago: executing program 7 (id=6974): r0 = syz_open_procfs(0x0, &(0x7f0000000540)='net\x00') fcntl$setstatus(r0, 0x4, 0x40800) r1 = syz_io_uring_setup(0xbd9, &(0x7f00000002c0)={0x0, 0x9009, 0x1000, 0x0, 0x3c3}, &(0x7f00000000c0)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0xa1f, &(0x7f0000000240)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1}) io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0) 3.251152599s ago: executing program 7 (id=6977): pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x11000) pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f}, 0x0, 0x0) io_setup(0x3fc, &(0x7f0000000500)=0x0) io_submit(r2, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0, 0x3be2b02884f95c63}]) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 2.513259166s ago: executing program 8 (id=6983): bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b00000000010000fd0000000900000001"], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5, r0}, 0x38) 2.307997396s ago: executing program 7 (id=6985): syz_usb_connect_ath9k(0x3, 0xfffffffffffffc62, 0x0, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x844) sendmsg$key(r0, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="0203060910"], 0x80}}, 0x0) sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x2, 0x7, 0x0, 0x3, 0x2}, 0x10}}, 0x804) sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0) 2.185167872s ago: executing program 5 (id=6987): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x80000001, 0x8}, 0x204, 0x1, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain) add_key$keyring(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, r2) 1.505861506s ago: executing program 8 (id=6990): r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/rt_cache\x00') r1 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r1, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg$inet(r1, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x20008000) setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x25, &(0x7f0000000a80)=@gcm_128={{0x303}, "9ff3d6661480294c", "5fa3c0bf46782bbee21b09b7446edc75", "5bee93e1", "f11bb8cba3046ce3"}, 0x28) close_range(r0, 0xffffffffffffffff, 0x0) 1.450095508s ago: executing program 5 (id=6993): bpf$PROG_LOAD(0x5, &(0x7f0000001740)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000030000000000000001ffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x63) write$P9_RLERRORu(r0, &(0x7f0000000300)=ANY=[@ANYRESHEX], 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000180)='./file0\x00', &(0x7f00000004c0)=[0x2], 0x0, 0x0, 0x1, 0x1}}, 0x40) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x10012, r0, 0x0) 1.380764602s ago: executing program 5 (id=6995): sched_setaffinity(0x0, 0x0, 0x0) getpid() prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) fsync(0xffffffffffffffff) 1.040145439s ago: executing program 4 (id=7000): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x520, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0xa98, 0x3}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000003}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x8) r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10) 975.108262ms ago: executing program 4 (id=7001): ioprio_set$uid(0x3, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0) r1 = dup(r0) r2 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) sendfile(r0, r2, 0x0, 0x8000fffffffe) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 902.515385ms ago: executing program 4 (id=7002): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000580081044e81f782db44b904", 0x10}], 0x1}, 0x0) ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4c) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bond0\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000080)) 857.468048ms ago: executing program 4 (id=7003): r0 = socket(0xa, 0x3, 0x3a) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syz_tun\x00', 0x0}) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f00000000c0)={0x1, 0x0, 0x0, r2}, 0xc) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000080)={0x4, 0x0, 0xfc, r2}, 0xc) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000040)=0xd, 0x4) 853.068068ms ago: executing program 5 (id=7004): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x840) write$nci(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="7105020202"], 0xfe3b) 808.06071ms ago: executing program 4 (id=7005): r0 = socket$kcm(0xa, 0x2, 0x0) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e22, 0x3, 'sh\x00', 0x1, 0x80005, 0x6f}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e23, 0x2, 0xcd}}, 0x44) sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 780.057211ms ago: executing program 4 (id=7006): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4) bind$inet6(r0, &(0x7f00000006c0)={0xa, 0x4e20, 0x1, @mcast1, 0xc}, 0x1c) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x24, r2, 0x1, 0x70bd24, 0x25dfdbfe, {}, [@FOU_ATTR_PORT={0x6, 0x1, 0x4e20}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}}, 0x4000080) 673.449877ms ago: executing program 8 (id=7007): timer_create(0x2, 0x0, &(0x7f0000044000)=0x0) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf40b9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x7, 0x100}, 0x204, 0x0, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) timer_getoverrun(r0) 481.894487ms ago: executing program 8 (id=7008): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x6, 0x4, 0xfff, 0x9, 0x0, 0xffffffffffffffff, 0x7}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xa, 0x4, 0x8, 0x1}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x2000}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000080850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f00000021c0)={r2, 0x0, 0x0}, 0x10) 475.681247ms ago: executing program 8 (id=7009): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000000209000200737997310000000008000a40fffffffc14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000020000000000000000000100000a3c000000090a010400000000000000000a0000040900020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={0x2c, 0xd, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x1001}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000) 433.012979ms ago: executing program 8 (id=7010): socket(0x10, 0x80002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f00000002c0)=ANY=[@ANYBLOB="b700000040000000bfa30000000000007603000028feffff7a0af0fff8ffffff61a4f0ff000000005d040000000000007f000000000000002704000001ed0a002500000041806aa13e040000000000007b0300fe000000002d03000000000000c600f9ffffff00009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef7054803d0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d85827513acd02b5a655a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f08050e46850600000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf8707f0d5217e9bb5a05d9e22ce67f1231bd236ed200073826593c4e1a0f50a74bb482e486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e9978931485747292c6fe6e188750cf4f87cce2aa7d67c6133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc1caa80e64461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5fea5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87dd4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f6260a483632a2ab447f88dd6efec73a0271a19ca3aa860aa4dcaeebe3d53040b853a7c02a5fcc08b3a572969bbe91c921ac1476027772c87d172ab29967e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f522df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bdaa075fdd88d22230592a790000000000000000000000003527dfd01b47000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7c54d5cb9076b81b7741ec03877afb520400000000000000c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399fa5ee0b41e14a6fe6894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014fa841061e63d40f4e536314beda5738fee012365f963b2a85e7d8075c333475b9f0284405e30700000041285fbe0bdd37220e31d4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe8c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df96d49f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21da4fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696ebc2ab3f4b642f36c9006c0067e24a64aa8c53df824a4ee271e35ed90000800847683c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68ad9fa2b2528798df1c36fc438d9c98f168490b41e158bb2e2d8ed19d44b9cce67c9c522b5136be09ed1b97ea3d5b317508df23e92c56fc2eb74d27d3861d91745b8fb9f6cc20e9f8b174000c62c4a2b212332a073fc5d0be7347e41454cb27e081c43e92ae7f9f046600db85d945a4666b588629ce0809d5c8506308688db21ec04d365497bf900600"/2767], &(0x7f00000001c0)='GPL\x00'}, 0x48) 287.183256ms ago: executing program 0 (id=7011): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='dctcp', 0x5) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cubic', 0x5) sendto$inet(r0, &(0x7f0000000180)="89", 0x1, 0x4c041, 0x0, 0x0) 263.031807ms ago: executing program 0 (id=7012): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) sendmmsg$unix(0xffffffffffffffff, &(0x7f000000b640)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002c00)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x24040040}}], 0x1, 0x0) connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) sendmmsg$inet(r0, &(0x7f0000004d00), 0x7fffffffffffd33, 0x20000890) 204.57166ms ago: executing program 0 (id=7013): perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1) pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x29b0cfbd, 0x41001, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x6, 0x28254, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffbffe, 0x1, @perf_bp={0x0}, 0x0, 0xfff9, 0x8, 0x6, 0x9, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000b80)=ANY=[@ANYBLOB="4c010000", @ANYRES16=0x0, @ANYBLOB="08002abd7000fedbdf25890000000c0099000e0000004c00000028011d80ec00007cdc000d80700000803d0002005003403d132b30514141094452094d3d35504538010a0924093d4e1c08361a4c2949290038243d501a254e51463f2f2a4a1b441f163f02574d0000000d000100180c3603480c0b0660000000190001001b18010903160c050b180b361b09160436480609300000004400018014000300ff89080000000000060006000600020014000300000002000800c1af03000001fcffa50005000400010000000500070002000000050004000100000020000380060001"], 0x14c}, 0x1, 0x0, 0x0, 0x20000005}, 0x4000000) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffffffffffff49, &(0x7f0000000380)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90124fc60100c044002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 161.615382ms ago: executing program 0 (id=7014): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a64000000030a0fdb00000000000000000a0000050900030073797a30000000000900010073797a31000000001400048008000240a04b3d02080001400000000308000540000000001c0008800c00014000000000000000090c000240000000000018ab6e14000000110001"], 0x8c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) r1 = socket$kcm(0xa, 0x922000000003, 0x11) setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote, 0x0, 0x81}, 0x80, &(0x7f0000000080)=[{&(0x7f00000003c0)="ec000900062b2c25fe801d00f7ffffffdc8b851a238466cc80007a911b51818462b4003a009b662db2e044a3", 0x2c}], 0x1}, 0x48100) 89.963236ms ago: executing program 0 (id=7015): syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0xa400) r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x800, 0xffffffff, 0xbfe00000}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x47f6, 0x0, 0x2, 0x0, 0x300) syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x108402) 0s ago: executing program 0 (id=7016): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x180c8, &(0x7f00000006c0)=ANY=[@ANYBLOB="6e66732c646f74732c636865636b3d7374726963742c646f74732c6572726f72733d72656d6f756e742d726f2c00fc403bb14281bbfb9b8213bd6284536d64789a24dd73b98b3e33cb47fed8a736464bb62e9e891aa832722dfc28bfa4489b3a127a503e72326b737d0f67c97be6f37ef46154dec39ef8718946ffc8cd4d735a0b101c1722477bbe2f923577ea51f7116f17c3ddf5c497fba2d0bb3272d123b31e9461d4e2d65a42e1174fa269de92e463fc1ca202650fe2628e15341e45dce6c0de2367bdb50cc5b2b462e1d45fc3265f1a88561ab6afb1b73a3b340b5c73055fc6e601843a59f3cdeb36991cfa985453287d4c9d2d6e21adddc57a607369c682e821b20dc0efd51d12f386f3f8e53c05e696e50c7c3f79b1b0bd7e5cfaf3f63d8949c8dd2fd94aa0f259a4cb9412c30c45f9d4d63d267d2a43f03a47fa56b3"], 0x1, 0x242, &(0x7f0000000300)="$eJzs3bFqFFEUBuBjskmWNKYWiwEbq0WtbBeJIA4IK1No5UC0SUSYNKPVPIbP4CP5GKnSjZhZsklcbczm7s58Hyz3wM/Cuc3eLc6d+fDw8/HRl9NP7c/vMR5nMYpo2jbiILZiOzr35uvWRb0bVzUBAGya2aycpu6B1aqqabkTEXt/JMWPJA0BAAAAAAAAAADw35bN/8e5+X8A6DPz//1XVdNyf/7/7Trz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA65217v/3HJ3V/AMDtc/4DwPA4/wFgeJz/ADA8b9+9fz3N88NZlo0jzpq6qItu7fKXr/LDJ9mFg8W3zuq62L7Mn3Z5dj3fif15/mxpvhuPH3X57+zFm/xGvhdHq98+AAAAAAAAAAAAAAAAAAAArIVJdmnp/f7J5G95V115PsCN+/ujeDC6s20AAAAAAAAAAAAAAAAAAADARjv9+u24PDn5WCl6U8TztWjjrouItWijL0XqXyYAAAAAAAAAAAAAAAAAABiexaXf1J0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQDqL9/+vroiIpu2k3i4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQY78CAAD//139ms4=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12) write(r1, &(0x7f0000000a00)="c7", 0x1) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffe) kernel console output (not intermixed with test programs): stats for /syz0: [ 249.346287][T16948] cache 0 [ 249.364964][T16948] rss 0 [ 249.368918][T16948] shmem 0 [ 249.371890][T16948] mapped_file 0 [ 249.375760][T16948] dirty 0 [ 249.384518][T16948] writeback 0 [ 249.388599][T16948] workingset_refault_anon 41 [ 249.393589][T16948] workingset_refault_file 0 [ 249.398767][T16948] swap 200704 [ 249.402082][T16948] swapcached 200704 [ 249.406067][T16948] pgpgin 55921 [ 249.410550][T16948] pgpgout 55921 [ 249.414046][T16948] pgfault 72121 [ 249.418071][T16948] pgmajfault 22 [ 249.421560][T16948] inactive_anon 0 [ 249.425287][T16948] active_anon 0 [ 249.429239][T16948] inactive_file 0 [ 249.433751][T16948] active_file 0 [ 249.438118][T16948] unevictable 0 [ 249.441713][T16948] hierarchical_memory_limit 314572800 [ 249.448955][T16948] hierarchical_memsw_limit 9223372036854771712 [ 249.462750][T16948] total_cache 0 [ 249.466373][T16948] total_rss 0 [ 249.470155][T16948] total_shmem 0 [ 249.473679][T16948] total_mapped_file 0 [ 249.478065][T16948] total_dirty 0 [ 249.481719][T16948] total_writeback 0 [ 249.485544][T16948] total_workingset_refault_anon 41 [ 249.496969][ T408] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.508382][T16948] total_workingset_refault_file 0 [ 249.513541][T16948] total_swap 200704 [ 249.519523][T16948] total_swapcached 200704 [ 249.525996][T16948] total_pgpgin 55921 [ 249.530497][T16948] total_pgpgout 55921 [ 249.534622][T16948] total_pgfault 72121 [ 249.539668][T16948] total_pgmajfault 22 [ 249.544216][T16948] total_inactive_anon 0 [ 249.549891][T16948] total_active_anon 0 [ 249.554462][T16948] total_inactive_file 0 [ 249.567558][T16948] total_active_file 0 [ 249.571651][T16948] total_unevictable 0 [ 249.575768][T16948] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.5090,pid=16946,uid=0 [ 249.591326][T16948] Memory cgroup out of memory: Killed process 16946 (syz.0.5090) total-vm:96212kB, anon-rss:1232kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 249.610233][ T408] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.647180][T16940] Bluetooth: hci0: command 0x1003 tx timeout [ 249.653660][ T8014] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 249.674540][ T408] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.782624][ T408] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.130581][ T408] batman_adv: batadv0: Removing interface: vlan2 [ 250.168893][ T408] team0: Port device bond0 removed [ 250.175504][ T408] bond0 (unregistering): Released all slaves [ 250.228386][ T408] hsr_slave_0: left promiscuous mode [ 250.237205][ T408] hsr_slave_1: left promiscuous mode [ 250.255907][ T408] veth1_macvtap: left promiscuous mode [ 250.270652][ T408] veth0_macvtap: left promiscuous mode [ 250.285431][ T408] veth1_vlan: left promiscuous mode [ 250.305783][ T408] veth0_vlan: left promiscuous mode [ 250.378070][ T3608] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 250.384442][ T8014] Bluetooth: hci1: command 0x1003 tx timeout [ 250.484653][T17055] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5115'. [ 250.525733][T17055] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5115'. [ 250.833723][T17073] loop5: detected capacity change from 0 to 1024 [ 250.896853][T17073] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.948571][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.034079][T17090] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 251.407126][T17129] loop8: detected capacity change from 0 to 512 [ 252.001503][ T28] kauditd_printk_skb: 453 callbacks suppressed [ 252.001525][ T28] audit: type=1400 audit(2000000168.450:2798): avc: denied { setattr } for pid=17152 comm="syz.5.5142" name="SCTPv6" dev="sockfs" ino=50840 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 252.329569][T17172] chnl_net:caif_netlink_parms(): no params data found [ 252.376896][T17172] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.384410][ T28] audit: type=1400 audit(2000000168.830:2799): avc: denied { connect } for pid=17207 comm="syz.0.5156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 252.405009][T17172] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.412523][T17172] bridge_slave_0: entered allmulticast mode [ 252.419663][T17172] bridge_slave_0: entered promiscuous mode [ 252.427160][T17172] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.434474][T17172] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.442570][T17172] bridge_slave_1: entered allmulticast mode [ 252.450581][T17172] bridge_slave_1: entered promiscuous mode [ 252.468888][T17172] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 252.480115][T17172] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.500245][ T28] audit: type=1400 audit(2000000168.950:2800): avc: denied { create } for pid=17213 comm="syz.0.5158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 252.522269][T17172] team0: Port device team_slave_0 added [ 252.529438][T17172] team0: Port device team_slave_1 added [ 252.541139][ T28] audit: type=1400 audit(2000000168.990:2801): avc: denied { write } for pid=17213 comm="syz.0.5158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 252.557723][T17172] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 252.569216][T17172] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 252.595856][T17172] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 252.622211][T17172] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 252.630501][T17172] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 252.685255][T17219] netlink: 'syz.8.5160': attribute type 6 has an invalid length. [ 252.703303][T17172] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 252.722380][T17219] netlink: 199836 bytes leftover after parsing attributes in process `syz.8.5160'. [ 252.755907][T17172] hsr_slave_0: entered promiscuous mode [ 252.762753][T17172] hsr_slave_1: entered promiscuous mode [ 252.775929][T17172] debugfs: 'hsr0' already exists in 'hsr' [ 252.798635][T17172] Cannot create hsr debugfs directory [ 252.810733][ T28] audit: type=1400 audit(2000000169.260:2802): avc: denied { wake_alarm } for pid=17225 comm="syz.0.5163" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 252.879021][T17231] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5165'. [ 253.050141][ T28] audit: type=1326 audit(2000000169.500:2803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17251 comm="syz.8.5172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 253.115607][ T28] audit: type=1326 audit(2000000169.530:2804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17251 comm="syz.8.5172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 253.143117][ T28] audit: type=1326 audit(2000000169.530:2805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17251 comm="syz.8.5172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 253.180420][ T28] audit: type=1326 audit(2000000169.530:2806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17251 comm="syz.8.5172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 253.280798][ T28] audit: type=1326 audit(2000000169.530:2807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17251 comm="syz.8.5172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 253.324378][T17172] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 253.355949][T17172] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 253.413619][T17172] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 253.467720][T17293] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5189'. [ 253.481942][T17172] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 253.497516][T17300] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5191'. [ 253.511443][T17293] netlink: 'syz.8.5189': attribute type 30 has an invalid length. [ 253.520894][T17300] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5191'. [ 253.566375][T17300] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5191'. [ 253.575979][ T50] netdevsim netdevsim8 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.586992][ T50] netdevsim netdevsim8 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.595878][ T50] netdevsim netdevsim8 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.604508][T17300] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5191'. [ 253.615406][ T408] Bluetooth: hci0: Frame reassembly failed (-84) [ 253.626822][ T50] netdevsim netdevsim8 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.645855][ T50] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.664694][T17319] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 253.670392][ T50] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.689333][T17319] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 253.698680][ T5361] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.717155][ T5361] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.779975][T17172] 8021q: adding VLAN 0 to HW filter on device bond0 [ 253.804812][T17172] 8021q: adding VLAN 0 to HW filter on device team0 [ 253.815579][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.822739][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.836517][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.843869][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.882665][T17172] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 253.954104][T17172] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 254.124765][T17172] veth0_vlan: entered promiscuous mode [ 254.134522][T17172] veth1_vlan: entered promiscuous mode [ 254.155435][T17172] veth0_macvtap: entered promiscuous mode [ 254.164827][T17172] veth1_macvtap: entered promiscuous mode [ 254.179769][T17172] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 254.192681][T17172] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 254.205752][ T408] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.219744][ T408] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.229016][ T408] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.241380][ T408] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.914522][T17469] loop4: detected capacity change from 0 to 512 [ 254.932276][T17469] EXT4-fs (loop4): 1 truncate cleaned up [ 254.950995][T17469] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.982210][T17469] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.5213: bg 0: block 465: padding at end of block bitmap is not set [ 255.032890][T17469] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 255.046782][T17469] EXT4-fs (loop4): This should not happen!! Data will be lost [ 255.046782][T17469] [ 255.056764][T17469] EXT4-fs (loop4): Total free blocks count 0 [ 255.063173][T17469] EXT4-fs (loop4): Free/Dirty block details [ 255.069796][T17469] EXT4-fs (loop4): free_blocks=0 [ 255.079882][T17469] EXT4-fs (loop4): dirty_blocks=2 [ 255.095465][T17469] EXT4-fs (loop4): Block reservation details [ 255.101925][T17469] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 255.175275][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.647123][ T8014] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 255.784410][T17525] vlan4: entered allmulticast mode [ 255.789932][T17525] bridge0: entered allmulticast mode [ 255.795927][T17523] sctp: [Deprecated]: syz.4.5226 (pid 17523) Use of int in maxseg socket option. [ 255.795927][T17523] Use struct sctp_assoc_value instead [ 255.796215][T17525] bridge0: port 2(vlan4) entered blocking state [ 255.818397][T17525] bridge0: port 2(vlan4) entered disabled state [ 256.031622][T17538] netlink: 'syz.1.5234': attribute type 1 has an invalid length. [ 256.085678][T17538] netlink: 'syz.1.5234': attribute type 2 has an invalid length. [ 256.108374][T17538] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5234'. [ 256.583162][T17564] xt_hashlimit: size too large, truncated to 1048576 [ 256.644639][T17573] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5250'. [ 256.699336][T17573] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5250'. [ 257.098898][T17609] netlink: 'syz.0.5257': attribute type 12 has an invalid length. [ 257.107131][T17609] netlink: 'syz.0.5257': attribute type 29 has an invalid length. [ 257.473005][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 257.473022][ T28] audit: type=1326 audit(2000000173.920:2816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17637 comm="syz.8.5270" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x0 [ 257.651803][T17648] loop5: detected capacity change from 0 to 512 [ 257.680003][T17648] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #3: comm syz.5.5274: corrupted inode contents [ 257.692676][T17648] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 257.693001][T17648] EXT4-fs error (device loop5): ext4_dirty_inode:6450: inode #3: comm syz.5.5274: mark_inode_dirty error [ 257.702294][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 257.702330][ C1] EXT4-fs (loop5): initial error at time 2000000174: ext4_do_update_inode:5569: inode 3 [ 257.702402][ C1] EXT4-fs (loop5): last error at time 2000000174: ext4_do_update_inode:5569: inode 3 [ 257.742148][T17648] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 257.742651][T17648] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #3: comm syz.5.5274: corrupted inode contents [ 257.766172][T17648] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 257.766464][T17648] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #3: comm syz.5.5274: mark_inode_dirty error [ 257.835476][T17648] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 257.835963][T17648] Quota error (device loop5): write_blk: dquota write failed [ 257.860845][T17648] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 257.872383][T17648] EXT4-fs error (device loop5): ext4_acquire_dquot:7001: comm syz.5.5274: Failed to acquire dquot type 0 [ 257.884111][T17648] loop5: lost filesystem error report for type 5 error -117 [ 257.885582][T17648] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.5274: corrupted inode contents [ 257.909008][T17648] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 257.909448][T17648] EXT4-fs error (device loop5): ext4_dirty_inode:6450: inode #16: comm syz.5.5274: mark_inode_dirty error [ 257.933204][T17648] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 257.947549][T17648] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.5274: corrupted inode contents [ 258.005569][T17648] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 258.005841][T17648] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #16: comm syz.5.5274: mark_inode_dirty error [ 258.034190][T17648] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 258.034406][T17648] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.5274: corrupted inode contents [ 258.066045][T17648] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 258.066370][T17648] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem [ 258.094012][T17648] loop5: lost filesystem error report for type 5 error -117 [ 258.094294][T17648] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.5274: corrupted inode contents [ 258.117095][T17648] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 258.117426][T17648] EXT4-fs error (device loop5): ext4_truncate:4587: inode #16: comm syz.5.5274: mark_inode_dirty error [ 258.163329][T17648] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem [ 258.172568][T17648] loop5: lost filesystem error report for type 5 error -117 [ 258.172799][T17676] batadv_slave_0: entered promiscuous mode [ 258.187687][T17648] EXT4-fs (loop5): 1 truncate cleaned up [ 258.193787][T17648] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.207690][T17648] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 258.226489][T17648] EXT4-fs warning (device loop5): ext4_es_cache_extent:1082: inode #3: comm syz.5.5274: ES cache extent failed: add [1,1,41,0x1] conflict with existing [1,-2,576460752303423487,0x18] [ 258.226489][T17648] [ 258.237109][ T28] audit: type=1400 audit(2000000174.670:2817): avc: denied { create } for pid=17647 comm="syz.5.5274" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1 [ 258.247855][T17675] batadv_slave_0: left promiscuous mode [ 258.330394][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.385293][T17688] loop5: detected capacity change from 0 to 128 [ 258.485501][T17699] xt_hashlimit: size too large, truncated to 1048576 [ 258.727209][T17730] sctp: [Deprecated]: syz.0.5303 (pid 17730) Use of int in max_burst socket option. [ 258.727209][T17730] Use struct sctp_assoc_value instead [ 258.782944][T17733] vlan2: entered allmulticast mode [ 258.797503][T17733] bridge0: entered allmulticast mode [ 258.802910][ T28] audit: type=1400 audit(2000000175.250:2818): avc: denied { append } for pid=17734 comm="syz.0.5305" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 258.826808][T17733] bridge0: port 3(vlan2) entered blocking state [ 258.851299][T17733] bridge0: port 3(vlan2) entered disabled state [ 258.875634][T17737] loop4: detected capacity change from 0 to 512 [ 258.917872][T17737] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 258.956090][T17737] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.5306: invalid indirect mapped block 4294967295 (level 1) [ 258.985354][T17737] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.5306: invalid indirect mapped block 4294967295 (level 1) [ 258.999709][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 258.999752][ C1] EXT4-fs (loop4): initial error at time 2000000175: ext4_free_branches:1023: inode 11 [ 258.999788][ C1] EXT4-fs (loop4): last error at time 2000000175: ext4_free_branches:1023: inode 11 [ 259.031653][T17737] EXT4-fs (loop4): 2 truncates cleaned up [ 259.038336][T17737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.082987][T17751] netlink: 'syz.0.5311': attribute type 8 has an invalid length. [ 259.121907][T17751] __nla_validate_parse: 2 callbacks suppressed [ 259.121927][T17751] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5311'. [ 259.138474][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.360303][T17763] vxcan0: tx drop: invalid sa for name 0x0000000000000001 [ 259.382327][T17748] loop8: detected capacity change from 0 to 128 [ 259.399339][T17768] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17768 comm=syz.4.5320 [ 259.640324][T17793] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=263 sclass=netlink_audit_socket pid=17793 comm=syz.1.5330 [ 259.672887][T17797] sctp: [Deprecated]: syz.5.5331 (pid 17797) Use of struct sctp_assoc_value in delayed_ack socket option. [ 259.672887][T17797] Use struct sctp_sack_info instead [ 259.679708][T17798] loop8: detected capacity change from 0 to 512 [ 259.736222][T17798] EXT4-fs: Ignoring removed oldalloc option [ 259.774344][T17798] EXT4-fs (loop8): 1 truncate cleaned up [ 259.787723][T17798] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.881484][T17811] loop5: detected capacity change from 0 to 512 [ 259.932736][T17811] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.977230][T17811] ext4 filesystem being mounted at /54/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 260.049190][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.088482][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.262096][T17828] loop5: detected capacity change from 0 to 128 [ 260.288062][T17828] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 260.342491][T17828] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 260.366852][ T5361] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 260.506250][ T28] audit: type=1400 audit(2000000176.950:2819): avc: denied { setopt } for pid=17852 comm="syz.5.5352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 260.669474][ T28] audit: type=1400 audit(2000000177.120:2820): avc: denied { search } for pid=17871 comm="syz.5.5360" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 260.705017][ T28] audit: type=1400 audit(2000000177.120:2821): avc: denied { search } for pid=17871 comm="syz.5.5360" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 260.736915][T17875] loop5: detected capacity change from 0 to 764 [ 261.598914][ T28] audit: type=1326 audit(2000000178.050:2822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17948 comm="syz.0.5389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 261.627266][ T28] audit: type=1326 audit(2000000178.070:2823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17948 comm="syz.0.5389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 262.368972][T18035] loop4: detected capacity change from 0 to 512 [ 262.377986][T18035] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 262.397426][T18035] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 262.631051][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 262.631069][ T28] audit: type=1326 audit(2000000179.080:2828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18050 comm="syz.5.5432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 262.681306][ T28] audit: type=1326 audit(2000000179.120:2829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18050 comm="syz.5.5432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 262.708551][ T28] audit: type=1326 audit(2000000179.120:2830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18050 comm="syz.5.5432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 262.733358][ T28] audit: type=1326 audit(2000000179.120:2831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18050 comm="syz.5.5432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 262.773751][ T28] audit: type=1326 audit(2000000179.120:2832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18050 comm="syz.5.5432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 262.807085][ T28] audit: type=1326 audit(2000000179.120:2833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18050 comm="syz.5.5432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 262.831913][ T28] audit: type=1326 audit(2000000179.120:2834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18050 comm="syz.5.5432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 262.857363][ T28] audit: type=1326 audit(2000000179.120:2835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18050 comm="syz.5.5432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 262.891762][ T28] audit: type=1326 audit(2000000179.120:2836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18050 comm="syz.5.5432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 262.925544][ T28] audit: type=1326 audit(2000000179.120:2837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18050 comm="syz.5.5432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 262.931158][T18059] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5436'. [ 263.012015][T18066] netlink: 'syz.5.5438': attribute type 3 has an invalid length. [ 263.115440][T18074] bridge0: port 3(syz_tun) entered blocking state [ 263.137943][T18074] bridge0: port 3(syz_tun) entered disabled state [ 263.144948][T18074] syz_tun: entered allmulticast mode [ 263.177817][T18074] syz_tun: entered promiscuous mode [ 263.209593][T18074] bridge0: port 3(syz_tun) entered blocking state [ 263.216176][T18074] bridge0: port 3(syz_tun) entered forwarding state [ 263.266395][T18082] Invalid argument reading file caps for ./file0 [ 263.628677][T18094] loop5: detected capacity change from 0 to 128 [ 263.738006][T18114] ipvlan2: entered promiscuous mode [ 263.764899][T18114] team0: Device ipvlan2 failed to register rx_handler [ 264.129041][T18136] loop5: detected capacity change from 0 to 256 [ 264.666826][T18172] SELinux: failed to load policy [ 265.179084][T18203] netlink: 148 bytes leftover after parsing attributes in process `syz.1.5497'. [ 265.442004][T18228] blktrace: Concurrent blktraces are not allowed on loop2 [ 265.941029][T18249] loop4: detected capacity change from 0 to 128 [ 267.108800][T18324] loop8: detected capacity change from 0 to 512 [ 267.157201][T18324] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.211563][T18324] ext4 filesystem being mounted at /260/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 267.292705][T18324] EXT4-fs error (device loop8): ext4_do_update_inode:5569: inode #4: comm syz.8.5549: corrupted inode contents [ 267.342148][T18324] EXT4-fs error (device loop8): ext4_dirty_inode:6450: inode #4: comm syz.8.5549: mark_inode_dirty error [ 267.372233][T18324] EXT4-fs error (device loop8): ext4_do_update_inode:5569: inode #4: comm syz.8.5549: corrupted inode contents [ 267.434093][T18324] EXT4-fs error (device loop8): __ext4_ext_dirty:207: inode #4: comm syz.8.5549: mark_inode_dirty error [ 267.453333][T18324] EXT4-fs error (device loop8): ext4_acquire_dquot:7001: comm syz.8.5549: Failed to acquire dquot type 1 [ 267.529928][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.655525][ T28] kauditd_printk_skb: 99 callbacks suppressed [ 267.655542][ T28] audit: type=1400 audit(2000000184.100:2934): avc: denied { map } for pid=18354 comm="syz.8.5560" path="socket:[55298]" dev="sockfs" ino=55298 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 267.730039][ T28] audit: type=1400 audit(2000000184.140:2935): avc: denied { read accept } for pid=18354 comm="syz.8.5560" path="socket:[55298]" dev="sockfs" ino=55298 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 267.801144][ T28] audit: type=1326 audit(2000000184.240:2936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18349 comm="syz.5.5559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 267.931518][T18368] program syz.5.5566 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 267.947765][T18375] hsr0: entered promiscuous mode [ 267.953567][T18375] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5569'. [ 267.964328][T18375] hsr_slave_0: left promiscuous mode [ 267.973296][ T28] audit: type=1400 audit(2000000184.410:2937): avc: denied { getopt } for pid=18376 comm="syz.4.5570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 267.995125][T18375] hsr_slave_1: left promiscuous mode [ 268.015683][T18375] hsr0 (unregistering): left promiscuous mode [ 268.082906][T18386] loop5: detected capacity change from 0 to 512 [ 268.118084][T18386] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.5574: bad orphan inode 11862016 [ 268.133498][T18386] loop5: lost filesystem error report for type 5 error -117 [ 268.134812][T18386] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 268.155236][T18386] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 268.174486][T18386] Invalid ELF header magic: != ELF [ 268.180049][ T28] audit: type=1400 audit(2000000184.620:2938): avc: denied { module_load } for pid=18385 comm="syz.5.5574" path="/94/file1/bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=system permissive=1 [ 268.243403][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 268.261710][ T28] audit: type=1326 audit(2000000184.710:2939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18397 comm="syz.0.5579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 268.287065][ T28] audit: type=1326 audit(2000000184.710:2940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18397 comm="syz.0.5579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 268.326738][ T28] audit: type=1326 audit(2000000184.740:2941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18397 comm="syz.0.5579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 268.360012][ T28] audit: type=1326 audit(2000000184.740:2942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18397 comm="syz.0.5579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 268.385985][ T28] audit: type=1326 audit(2000000184.740:2943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18397 comm="syz.0.5579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 268.404925][T18402] loop5: detected capacity change from 0 to 512 [ 268.473445][T18407] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18407 comm=syz.5.5583 [ 268.685984][T18423] loop4: detected capacity change from 0 to 256 [ 268.696943][T18423] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 268.828215][ T50] Bluetooth: hci0: Frame reassembly failed (-84) [ 269.588979][T18481] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5613'. [ 269.754469][ T308] Bluetooth: hci1: Frame reassembly failed (-84) [ 269.895538][T18493] loop5: detected capacity change from 0 to 512 [ 269.919797][T18493] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 269.942917][T18493] ext4 filesystem being mounted at /103/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 269.979674][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.233346][T18521] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 270.240226][T18521] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 270.267283][T18521] vhci_hcd vhci_hcd.0: Device attached [ 270.289192][T18524] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(5) [ 270.296206][T18524] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 270.327293][T18524] vhci_hcd vhci_hcd.0: Device attached [ 270.347119][T18521] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(7) [ 270.353752][T18521] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 270.364431][T18521] vhci_hcd vhci_hcd.0: Device attached [ 270.371864][T18521] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 270.397282][T18521] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(11) [ 270.403949][T18521] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 270.420170][T18521] vhci_hcd vhci_hcd.0: Device attached [ 270.426776][T18522] vhci_hcd: connection closed [ 270.426888][T18529] vhci_hcd: connection closed [ 270.432055][ T12] vhci_hcd vhci_hcd.4: stop threads [ 270.432082][T18525] vhci_hcd: connection closed [ 270.442175][T18527] vhci_hcd: connection closed [ 270.443656][ T12] vhci_hcd vhci_hcd.4: release socket [ 270.469463][ T12] vhci_hcd vhci_hcd.4: disconnect device [ 270.485938][ T12] vhci_hcd vhci_hcd.4: stop threads [ 270.491399][ T12] vhci_hcd vhci_hcd.4: release socket [ 270.506163][ T12] vhci_hcd vhci_hcd.4: disconnect device [ 270.512764][ T12] vhci_hcd vhci_hcd.4: stop threads [ 270.518155][ T933] usb 9-1: new low-speed USB device number 2 using vhci_hcd [ 270.532188][ T933] usb 9-1: enqueue for inactive port 0 [ 270.539213][ T12] vhci_hcd vhci_hcd.4: release socket [ 270.545015][ T933] usb 9-1: enqueue for inactive port 0 [ 270.557400][ T12] vhci_hcd vhci_hcd.4: disconnect device [ 270.563766][ T933] usb 9-1: enqueue for inactive port 0 [ 270.570011][ T12] vhci_hcd vhci_hcd.4: stop threads [ 270.577738][ T12] vhci_hcd vhci_hcd.4: release socket [ 270.583563][ T12] vhci_hcd vhci_hcd.4: disconnect device [ 270.648254][ T933] vhci_hcd vhci_hcd.4: vhci_device speed not set [ 270.847202][T16940] Bluetooth: hci0: command 0x1003 tx timeout [ 270.849236][ T3608] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 270.981417][T18557] loop4: detected capacity change from 0 to 256 [ 271.017880][T18557] FAT-fs (loop4): Directory bread(block 64) failed [ 271.026140][T18557] FAT-fs (loop4): Directory bread(block 65) failed [ 271.037113][T18557] FAT-fs (loop4): Directory bread(block 66) failed [ 271.045222][T18557] FAT-fs (loop4): Directory bread(block 67) failed [ 271.052189][T18557] FAT-fs (loop4): Directory bread(block 68) failed [ 271.061547][T18557] FAT-fs (loop4): Directory bread(block 69) failed [ 271.069560][T18557] FAT-fs (loop4): Directory bread(block 70) failed [ 271.078719][T18557] FAT-fs (loop4): Directory bread(block 71) failed [ 271.108563][T18557] FAT-fs (loop4): Directory bread(block 72) failed [ 271.115673][T18557] FAT-fs (loop4): Directory bread(block 73) failed [ 271.148713][T18557] syz.4.5642: attempt to access beyond end of device [ 271.148713][T18557] loop4: rw=8388608, sector=1192, nr_sectors = 4 limit=256 [ 271.560372][T18603] loop5: detected capacity change from 0 to 256 [ 271.576553][T18603] FAT-fs (loop5): Directory bread(block 64) failed [ 271.585105][T18603] FAT-fs (loop5): Directory bread(block 65) failed [ 271.594602][T18603] FAT-fs (loop5): Directory bread(block 66) failed [ 271.607192][T18603] FAT-fs (loop5): Directory bread(block 67) failed [ 271.617867][T18603] FAT-fs (loop5): Directory bread(block 68) failed [ 271.634054][T18603] FAT-fs (loop5): Directory bread(block 69) failed [ 271.652569][T18603] FAT-fs (loop5): Directory bread(block 70) failed [ 271.659984][T18603] FAT-fs (loop5): Directory bread(block 71) failed [ 271.666722][T18603] FAT-fs (loop5): Directory bread(block 72) failed [ 271.673828][T18603] FAT-fs (loop5): Directory bread(block 73) failed [ 271.690193][T18603] syz.5.5660: attempt to access beyond end of device [ 271.690193][T18603] loop5: rw=8388608, sector=1192, nr_sectors = 4 limit=256 [ 271.739526][T18612] batadv_slave_1: entered promiscuous mode [ 271.754016][T18607] loop4: detected capacity change from 0 to 8192 [ 271.766103][T18611] batadv_slave_1: left promiscuous mode [ 271.807472][ T8014] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 272.096285][T18624] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 272.116949][T18624] FAT-fs (loop4): Filesystem has been set read-only [ 272.265621][T18650] loop5: detected capacity change from 0 to 4096 [ 272.313606][T18650] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.366840][T18663] loop8: detected capacity change from 0 to 1024 [ 272.465883][T18663] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 272.498281][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.616024][T18680] loop5: detected capacity change from 0 to 1024 [ 272.636351][T18663] EXT4-fs (loop8): shut down requested (1) [ 272.636506][T18680] EXT4-fs: Ignoring removed oldalloc option [ 272.668786][T18680] EXT4-fs: Ignoring removed bh option [ 272.683083][T18684] loop4: detected capacity change from 0 to 128 [ 272.705622][T18680] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.738870][ T28] kauditd_printk_skb: 45 callbacks suppressed [ 272.738889][ T28] audit: type=1400 audit(2000000189.190:2989): avc: denied { map } for pid=18679 comm="syz.5.5689" path="/124/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 272.818554][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.837950][ T28] audit: type=1400 audit(2000000189.190:2990): avc: denied { execute } for pid=18679 comm="syz.5.5689" path="/124/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 272.926873][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.089135][T18706] loop8: detected capacity change from 0 to 128 [ 273.323604][ T28] audit: type=1400 audit(2000000189.770:2991): avc: denied { append } for pid=18717 comm="syz.5.5708" name="usbmon6" dev="devtmpfs" ino=160 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 273.722339][T18754] netlink: 35284 bytes leftover after parsing attributes in process `syz.5.5724'. [ 273.767105][ T933] IPVS: starting estimator thread 0... [ 273.790406][T18754] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5724'. [ 273.877133][T18759] IPVS: using max 2304 ests per chain, 115200 per kthread [ 273.901224][T18765] netlink: 2 bytes leftover after parsing attributes in process `syz.5.5729'. [ 273.947155][T18765] netlink: 2 bytes leftover after parsing attributes in process `syz.5.5729'. [ 273.967826][T18765] netlink: 2 bytes leftover after parsing attributes in process `syz.5.5729'. [ 273.987339][T18765] netlink: 2 bytes leftover after parsing attributes in process `syz.5.5729'. [ 274.246645][T18799] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5744'. [ 274.269620][T18799] gtp0: entered promiscuous mode [ 274.274893][T18799] gtp0: entered allmulticast mode [ 274.337888][ T28] audit: type=1400 audit(2000000190.790:2992): avc: denied { validate_trans } for pid=18802 comm="syz.4.5746" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 274.413616][ T28] audit: type=1326 audit(2000000190.820:2993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.8.5747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 274.449947][ T28] audit: type=1326 audit(2000000190.830:2994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.8.5747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 274.477894][ T28] audit: type=1326 audit(2000000190.830:2995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.8.5747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 274.502158][ T28] audit: type=1326 audit(2000000190.830:2996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.8.5747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 274.548236][ T28] audit: type=1326 audit(2000000190.830:2997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.8.5747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 274.595627][T18821] loop5: detected capacity change from 0 to 512 [ 274.598928][ T28] audit: type=1326 audit(2000000190.830:2998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.8.5747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 274.655568][T18821] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 274.716661][T18821] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.5753: invalid indirect mapped block 4294967295 (level 1) [ 274.767858][T18821] fserror_report: 3 callbacks suppressed [ 274.767878][T18821] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 274.773709][T18821] EXT4-fs (loop5): Remounting filesystem read-only [ 274.782971][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 274.782996][ C0] EXT4-fs (loop5): initial error at time 2000000191: ext4_free_branches:1023: inode 11 [ 274.783032][ C0] EXT4-fs (loop5): last error at time 2000000191: ext4_free_branches:1023: inode 11 [ 274.820446][T18821] EXT4-fs (loop5): 2 truncates cleaned up [ 274.829376][T18821] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.943763][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.234179][T18875] SELinux: failed to load policy [ 275.348154][T18884] sg_write: data in/out 1502/120 bytes for SCSI command 0x0-- guessing data in; [ 275.348154][T18884] program syz.4.5782 not setting count and/or reply_len properly [ 275.523424][T18889] netlink: 'syz.4.5784': attribute type 12 has an invalid length. [ 275.551150][T18889] netlink: 'syz.4.5784': attribute type 29 has an invalid length. [ 275.559834][T18889] netlink: 148 bytes leftover after parsing attributes in process `syz.4.5784'. [ 275.682634][T18900] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 275.689378][T18900] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 275.727552][T18900] vhci_hcd vhci_hcd.0: Device attached [ 275.748267][T18902] vhci_hcd: connection closed [ 275.748467][ T69] vhci_hcd vhci_hcd.0: stop threads [ 275.759389][ T69] vhci_hcd vhci_hcd.0: release socket [ 275.765176][ T69] vhci_hcd vhci_hcd.0: disconnect device [ 276.914110][T18973] loop5: detected capacity change from 0 to 2048 [ 276.980993][T18973] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.003970][T18973] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 277.066320][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.284942][T19001] loop5: detected capacity change from 0 to 1024 [ 277.349383][T19001] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.479995][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.631166][T19026] loop8: detected capacity change from 0 to 512 [ 277.672493][T19026] EXT4-fs error (device loop8): ext4_orphan_get:1391: inode #15: comm syz.8.5841: inode has both inline data and extents flags [ 277.688653][T19026] loop8: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 277.688835][T19026] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.5841: couldn't read orphan inode 15 (err -117) [ 277.698518][ C0] EXT4-fs (loop8): error count since last fsck: 1 [ 277.698544][ C0] EXT4-fs (loop8): initial error at time 2000000194: ext4_orphan_get:1391: inode 15 [ 277.698582][ C0] EXT4-fs (loop8): last error at time 2000000194: ext4_orphan_get:1391: inode 15 [ 277.747641][T19031] syzkaller1: entered promiscuous mode [ 277.753800][T19031] syzkaller1: entered allmulticast mode [ 277.755686][T19026] loop8: lost filesystem error report for type 5 error -117 [ 277.769966][T19026] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.952505][ T28] kauditd_printk_skb: 22 callbacks suppressed [ 277.952537][ T28] audit: type=1400 audit(2000000194.400:3021): avc: denied { map } for pid=19051 comm="syz.0.5851" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 277.985933][T19052] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 278.007747][T19052] vhci_hcd vhci_hcd.2: invalid port number 96 [ 278.008478][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.014762][T19052] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0 [ 278.111477][T19060] loop8: detected capacity change from 0 to 128 [ 278.242711][ T28] audit: type=1326 audit(2000000194.680:3022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19010 comm="syz.4.5834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff567dec799 code=0x7fc00000 [ 278.356990][T19086] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5865'. [ 278.366820][T19086] netlink: 'syz.1.5865': attribute type 1 has an invalid length. [ 278.375229][T19086] netlink: 'syz.1.5865': attribute type 2 has an invalid length. [ 278.526439][ T12] Bluetooth: hci0: Frame reassembly failed (-84) [ 278.887660][T19110] loop4: detected capacity change from 0 to 512 [ 278.906444][T19110] EXT4-fs: Mount option(s) incompatible with ext2 [ 278.979553][T19118] sctp: [Deprecated]: syz.5.5880 (pid 19118) Use of struct sctp_assoc_value in delayed_ack socket option. [ 278.979553][T19118] Use struct sctp_sack_info instead [ 279.007896][T19122] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5882'. [ 279.025639][T19122] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5882'. [ 279.071587][ T28] audit: type=1400 audit(2000000195.520:3023): avc: denied { getopt } for pid=19125 comm="syz.5.5883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 279.128641][T19136] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5889'. [ 279.147502][ T28] audit: type=1400 audit(2000000195.590:3024): avc: denied { listen } for pid=19133 comm="syz.8.5888" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 279.369875][ T28] audit: type=1326 audit(2000000195.820:3025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19162 comm="syz.4.5901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff567dec799 code=0x7ffc0000 [ 279.410432][ T28] audit: type=1326 audit(2000000195.850:3026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19162 comm="syz.4.5901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff567dec799 code=0x7ffc0000 [ 279.444301][ T28] audit: type=1326 audit(2000000195.850:3027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19162 comm="syz.4.5901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff567dec799 code=0x7ffc0000 [ 279.469182][ T28] audit: type=1326 audit(2000000195.850:3028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19162 comm="syz.4.5901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff567dec799 code=0x7ffc0000 [ 279.495641][ T28] audit: type=1326 audit(2000000195.850:3029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19162 comm="syz.4.5901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff567dec799 code=0x7ffc0000 [ 279.529606][ T28] audit: type=1326 audit(2000000195.850:3030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19162 comm="syz.4.5901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff567dec799 code=0x7ffc0000 [ 279.540729][T19168] netlink: 'syz.5.5903': attribute type 1 has an invalid length. [ 279.645528][T19176] loop5: detected capacity change from 0 to 128 [ 279.712093][T19184] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5910'. [ 279.728716][T19184] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5910'. [ 279.746909][T19184] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5910'. [ 279.758798][T19189] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5908'. [ 279.766560][T19184] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5910'. [ 279.784356][T19184] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5910'. [ 279.808895][T19184] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5910'. [ 279.930245][T19195] syzkaller1: entered promiscuous mode [ 279.941062][T19195] syzkaller1: entered allmulticast mode [ 280.119370][T19215] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 280.126862][ T3517] IPVS: starting estimator thread 0... [ 280.227539][T19222] IPVS: using max 2016 ests per chain, 100800 per kthread [ 280.517353][ T3517] kernel write not supported for file bpf-prog (pid: 3517 comm: kworker/0:5) [ 280.527135][ T8014] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 280.533513][ T3608] Bluetooth: hci0: command 0x1003 tx timeout [ 280.585632][T19242] netlink: 'syz.1.5935': attribute type 2 has an invalid length. [ 280.827502][T19263] loop8: detected capacity change from 0 to 2048 [ 280.900127][ T3517] Process accounting resumed [ 280.943581][T19269] macvtap1: entered promiscuous mode [ 280.950205][T19269] macvtap1: entered allmulticast mode [ 280.957479][T19269] veth1_vlan: entered allmulticast mode [ 281.030540][T19275] netlink: 'syz.8.5948': attribute type 16 has an invalid length. [ 281.146712][T19275] netlink: 'syz.8.5948': attribute type 17 has an invalid length. [ 281.182743][T19286] usb usb1: usbfs: process 19286 (syz.5.5952) did not claim interface 0 before use [ 281.208245][T19288] loop4: detected capacity change from 0 to 512 [ 281.235850][T19288] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.5954: bg 0: block 5: invalid block bitmap [ 281.258528][T19288] loop4: lost filesystem error report for type 5 error -117 [ 281.258728][T19288] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 281.275629][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 281.275654][ C1] EXT4-fs (loop4): initial error at time 2000000197: ext4_validate_block_bitmap:432 [ 281.275682][ C1] EXT4-fs (loop4): last error at time 2000000197: ext4_validate_block_bitmap:432 [ 281.304519][T19288] loop4: lost filesystem error report for type 5 error -117 [ 281.304810][T19288] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.5954: invalid indirect mapped block 3 (level 2) [ 281.331882][T19288] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 281.332160][T19288] EXT4-fs (loop4): 1 orphan inode deleted [ 281.348225][T19288] EXT4-fs (loop4): 1 truncate cleaned up [ 281.354753][T19288] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.472322][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.688814][T19275] bridge0: port 2(bridge_slave_1) entered disabled state [ 281.696960][T19275] bridge0: port 1(bridge_slave_0) entered disabled state [ 282.332820][T19275] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 282.390627][T19275] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 282.934486][T19339] loop4: detected capacity change from 0 to 512 [ 282.987870][T19339] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.003387][T19275] ip6erspan0: left allmulticast mode [ 283.027136][T19339] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 283.071443][T19272] 8021q: adding VLAN 0 to HW filter on device bond0 [ 283.080516][T19272] 8021q: adding VLAN 0 to HW filter on device team0 [ 283.091279][T19272] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 283.091572][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.127728][T19316] batadv_slave_1: entered promiscuous mode [ 283.146507][T19324] batadv_slave_1: left promiscuous mode [ 283.152671][ T5361] netdevsim netdevsim8 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 283.174641][ T5361] netdevsim netdevsim8 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.238464][ T5361] netdevsim netdevsim8 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 283.252723][ T5361] netdevsim netdevsim8 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.290559][ T5361] netdevsim netdevsim8 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 283.309251][ T5361] netdevsim netdevsim8 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.354295][ T5361] netdevsim netdevsim8 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 283.364493][ T5361] netdevsim netdevsim8 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.407569][ T3517] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 283.417278][ T933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 283.629208][T19377] bond1: option primary: mode dependency failed, not supported in mode balance-rr(0) [ 283.647801][T19327] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 283.712491][T19377] bond1 (unregistering): Released all slaves [ 284.687600][T19327] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 284.952896][ T28] kauditd_printk_skb: 31 callbacks suppressed [ 284.952914][ T28] audit: type=1326 audit(2000000201.400:3062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19443 comm="syz.1.6010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d9adc799 code=0x7ffc0000 [ 284.986283][ T28] audit: type=1326 audit(2000000201.440:3063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19443 comm="syz.1.6010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f76d9adc799 code=0x7ffc0000 [ 284.997551][T19442] futex_wake_op: syz.5.6009 tries to shift op by -1; fix this program [ 285.061564][ T28] audit: type=1326 audit(2000000201.440:3064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19443 comm="syz.1.6010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d9adc799 code=0x7ffc0000 [ 285.150218][ T28] audit: type=1326 audit(2000000201.440:3065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19443 comm="syz.1.6010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d9adc799 code=0x7ffc0000 [ 285.196108][T19454] loop5: detected capacity change from 0 to 128 [ 285.247121][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.630293][T19475] sctp: [Deprecated]: syz.1.6025 (pid 19475) Use of struct sctp_assoc_value in delayed_ack socket option. [ 285.630293][T19475] Use struct sctp_sack_info instead [ 285.729877][ T3376] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 286.030928][T19513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 286.042153][T19513] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 286.582278][T19555] netem: incorrect gi model size [ 286.989573][T19596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 286.999290][T19596] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 287.080335][T19602] __nla_validate_parse: 47 callbacks suppressed [ 287.080363][T19602] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6083'. [ 287.097868][T19602] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6083'. [ 287.140829][ T28] audit: type=1326 audit(2000000203.590:3066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19605 comm="syz.4.6085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff567dec799 code=0x7ffc0000 [ 287.170891][ T28] audit: type=1326 audit(2000000203.620:3067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19605 comm="syz.4.6085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff567dacfce code=0x7ffc0000 [ 287.210729][ T28] audit: type=1326 audit(2000000203.620:3068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19605 comm="syz.4.6085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7ff567deda97 code=0x7ffc0000 [ 287.244439][ T28] audit: type=1326 audit(2000000203.620:3069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19605 comm="syz.4.6085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff567dec799 code=0x7ffc0000 [ 287.271312][ T28] audit: type=1326 audit(2000000203.620:3070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19605 comm="syz.4.6085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7ff567deda97 code=0x7ffc0000 [ 287.315597][ T28] audit: type=1326 audit(2000000203.620:3071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19605 comm="syz.4.6085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff567dacfce code=0x7ffc0000 [ 287.392533][T19618] loop5: detected capacity change from 0 to 256 [ 287.616825][T19646] loop5: detected capacity change from 0 to 2048 [ 287.677571][T19646] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.728805][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.755789][T19658] netlink: 'syz.4.6100': attribute type 15 has an invalid length. [ 287.880400][T19676] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 287.904627][T19676] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 288.105776][T19712] netlink: 236 bytes leftover after parsing attributes in process `syz.0.6114'. [ 288.125531][T19712] netlink: 236 bytes leftover after parsing attributes in process `syz.0.6114'. [ 288.460168][T19775] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.761996][T19811] loop4: detected capacity change from 0 to 1024 [ 288.807425][T19811] EXT4-fs (loop4): stripe (9) is not aligned with cluster size (16), stripe is disabled [ 288.809841][T19813] netlink: 'syz.5.6128': attribute type 16 has an invalid length. [ 288.881269][T19813] netlink: 'syz.5.6128': attribute type 17 has an invalid length. [ 288.907489][T19811] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.037130][T19813] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.050726][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.220192][T19813] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 289.313788][T19813] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 289.329710][T19845] loop8: detected capacity change from 0 to 512 [ 289.349777][T19845] EXT4-fs: Ignoring removed nobh option [ 289.365915][T19845] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 289.398273][T19845] EXT4-fs (loop8): 1 truncate cleaned up [ 289.404646][T19845] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 289.419890][T19845] EXT4-fs warning (device loop8): ext4_block_to_path:107: block 563871744 > max in inode 15 [ 289.451329][T19818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 289.460219][T19818] 8021q: adding VLAN 0 to HW filter on device team0 [ 289.483225][T19818] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 289.517343][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.535202][ T36] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.562351][T19850] loop4: detected capacity change from 0 to 2048 [ 289.567239][ T36] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.608356][ T36] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.638312][T19850] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.647756][ T36] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.666509][T19850] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.707889][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.790017][T19865] loop4: detected capacity change from 0 to 2048 [ 290.131478][T19889] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6160'. [ 290.193452][T19895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6163'. [ 290.214830][T19895] netlink: 'syz.1.6163': attribute type 18 has an invalid length. [ 290.233909][T19895] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6163'. [ 290.282973][T19899] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6165'. [ 290.299296][T19899] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 290.398648][ T28] kauditd_printk_skb: 10 callbacks suppressed [ 290.398663][ T28] audit: type=1326 audit(2000000206.850:3082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19905 comm="syz.8.6168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 290.457098][ T28] audit: type=1326 audit(2000000206.850:3083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19905 comm="syz.8.6168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 290.481262][ T28] audit: type=1326 audit(2000000206.850:3084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19905 comm="syz.8.6168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 290.505432][ T28] audit: type=1326 audit(2000000206.850:3085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19905 comm="syz.8.6168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 290.562038][ T28] audit: type=1326 audit(2000000206.880:3086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19905 comm="syz.8.6168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 290.597359][T19910] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6171'. [ 290.629097][ T28] audit: type=1326 audit(2000000206.880:3087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19905 comm="syz.8.6168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 290.655051][ T28] audit: type=1326 audit(2000000206.880:3088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19905 comm="syz.8.6168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 290.681004][ T28] audit: type=1326 audit(2000000206.880:3089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19905 comm="syz.8.6168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 290.712257][ T28] audit: type=1326 audit(2000000206.880:3090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19905 comm="syz.8.6168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 290.778621][T19915] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6171'. [ 290.787968][ T28] audit: type=1326 audit(2000000206.880:3091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19905 comm="syz.8.6168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6fa02ce007 code=0x7ffc0000 [ 290.922539][T19932] batadv0: entered promiscuous mode [ 290.947325][T19932] macvtap2: entered promiscuous mode [ 290.953038][T19932] macvtap2: entered allmulticast mode [ 290.963052][T19932] batadv0: entered allmulticast mode [ 290.977312][T19932] 8021q: adding VLAN 0 to HW filter on device macvtap2 [ 291.071405][T19932] batadv0: left allmulticast mode [ 291.079420][T19932] batadv0: left promiscuous mode [ 291.552979][T19976] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 291.567687][T19976] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 291.623750][T19952] chnl_net:caif_netlink_parms(): no params data found [ 291.637140][T19980] loop5: detected capacity change from 0 to 2048 [ 291.768076][T19952] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.777360][T19952] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.784785][T19952] bridge_slave_0: entered allmulticast mode [ 291.791778][T19952] bridge_slave_0: entered promiscuous mode [ 291.799017][T19952] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.806291][T19952] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.813809][T19952] bridge_slave_1: entered allmulticast mode [ 291.821115][T19952] bridge_slave_1: entered promiscuous mode [ 291.860901][T19952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 291.892953][T19952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 291.934490][T19952] team0: Port device team_slave_0 added [ 291.957888][T19952] team0: Port device team_slave_1 added [ 291.989962][T19952] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 292.003321][T19952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 292.044824][T19952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 292.088597][T19952] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 292.104641][T19952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 292.167085][T19952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 292.213868][T20018] __nla_validate_parse: 1 callbacks suppressed [ 292.213886][T20018] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6217'. [ 292.236356][T20016] syzkaller1: entered promiscuous mode [ 292.242110][T20016] syzkaller1: entered allmulticast mode [ 292.252054][T19952] hsr_slave_0: entered promiscuous mode [ 292.267635][T19952] hsr_slave_1: entered promiscuous mode [ 292.360417][T19952] debugfs: 'hsr0' already exists in 'hsr' [ 292.366795][T19952] Cannot create hsr debugfs directory [ 292.744774][T20060] loop8: detected capacity change from 0 to 512 [ 292.861106][T19952] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 292.892453][T19952] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 292.910452][T19952] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 292.958290][T19952] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 293.061487][T20090] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6238'. [ 293.076664][T20090] netlink: 24 bytes leftover after parsing attributes in process `syz.8.6238'. [ 293.097603][T20090] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6238'. [ 293.119844][T20090] netlink: 24 bytes leftover after parsing attributes in process `syz.8.6238'. [ 293.139895][T19952] 8021q: adding VLAN 0 to HW filter on device bond0 [ 293.161513][T19952] 8021q: adding VLAN 0 to HW filter on device team0 [ 293.179231][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 293.186462][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 293.198312][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 293.205457][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 293.242534][T20101] netlink: 'syz.8.6240': attribute type 83 has an invalid length. [ 293.434701][T19952] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 293.801521][T19952] veth0_vlan: entered promiscuous mode [ 293.828267][T19952] veth1_vlan: entered promiscuous mode [ 293.880466][T19952] veth0_macvtap: entered promiscuous mode [ 293.939664][T19952] veth1_macvtap: entered promiscuous mode [ 293.954975][T19952] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 293.976085][T19952] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 293.989597][T20189] sg_read: process 916 (syz.8.6258) changed security contexts after opening file descriptor, this is not allowed. [ 294.019733][ T30] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.047624][ T36] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.071773][ T36] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.103568][ T36] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.016259][T20310] netlink: 'syz.4.6290': attribute type 4 has an invalid length. [ 295.287698][T20324] SELinux: policydb table sizes (0,0) do not match mine (8,7) [ 295.298922][T20324] SELinux: failed to load policy [ 295.353290][T20329] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6295'. [ 295.401987][T20329] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6295'. [ 295.412131][ T3608] Bluetooth: hci0: command 0x1003 tx timeout [ 295.417190][ T8014] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 295.434696][T20329] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6295'. [ 295.544736][T20348] loop7: detected capacity change from 0 to 512 [ 295.722958][T20348] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.741982][ T28] kauditd_printk_skb: 34 callbacks suppressed [ 295.741998][ T28] audit: type=1400 audit(2000000212.190:3126): avc: denied { write } for pid=20363 comm="syz.8.6304" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 295.800576][T20370] loop4: detected capacity change from 0 to 512 [ 295.861862][T20348] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 295.872919][T20370] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.6306: Directory hole found for htree index block 0 [ 295.936606][T20370] loop4: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117 [ 295.936819][T20370] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 295.946089][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 295.946112][ C1] EXT4-fs (loop4): initial error at time 2000000212: dx_probe:791: inode 2 [ 295.946138][ C1] EXT4-fs (loop4): last error at time 2000000212: dx_probe:791: inode 2 [ 295.993287][T20370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.011001][T20348] netlink: 111804 bytes leftover after parsing attributes in process `syz.7.6300'. [ 296.040422][ T28] audit: type=1400 audit(2000000212.490:3127): avc: denied { remount } for pid=20368 comm="syz.4.6306" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 296.051502][T20348] netlink: zone id is out of range [ 296.083963][T20370] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 296.089247][T20348] netlink: del zone limit has 4 unknown bytes [ 296.532365][T20422] loop8: detected capacity change from 0 to 2048 [ 296.539874][T19952] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.581362][T20422] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.608649][T20422] ext4 filesystem being mounted at /422/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 296.710134][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.763714][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.932242][T20460] loop4: detected capacity change from 0 to 2048 [ 296.987559][T20460] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.021986][ T28] audit: type=1400 audit(2000000213.470:3128): avc: denied { unmount } for pid=14150 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 297.022571][T20460] ext4 filesystem being mounted at /257/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 297.064184][T20474] loop7: detected capacity change from 0 to 2048 [ 297.088535][T20474] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6334'. [ 297.222028][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.332533][ T28] audit: type=1400 audit(2000000213.780:3129): avc: denied { accept } for pid=20492 comm="syz.8.6343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 297.389668][T20495] loop5: detected capacity change from 0 to 128 [ 297.522879][T20499] SELinux: failed to load policy [ 297.593100][T20501] bond1: entered promiscuous mode [ 297.776543][T20513] loop7: detected capacity change from 0 to 1024 [ 297.804259][T20519] loop5: detected capacity change from 0 to 1024 [ 297.812322][T20513] EXT4-fs: inline encryption not supported [ 297.848640][T20513] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.863702][T20519] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 298.027269][T20519] __nla_validate_parse: 1 callbacks suppressed [ 298.027287][T20519] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6353'. [ 298.048392][T19952] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.059328][T20529] loop8: detected capacity change from 0 to 512 [ 298.099790][T20532] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6355'. [ 298.115534][T20529] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 298.150293][T20519] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6353'. [ 298.167289][T20532] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 298.181257][T20529] ext4 filesystem being mounted at /434/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 298.205618][T20532] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 298.224064][T20529] EXT4-fs (loop8): shut down requested (0) [ 298.258332][T20529] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop8 ino=15 [ 298.277656][T20529] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop8 ino=15 [ 298.304277][T20529] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop8 ino=15 [ 298.304277][ T28] audit: type=1400 audit(2000000214.750:3130): avc: denied { write } for pid=20528 comm="syz.8.6356" name="file1" dev="loop8" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 298.379347][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.417266][ T28] audit: type=1400 audit(2000000214.770:3131): avc: denied { open } for pid=20528 comm="syz.8.6356" path="/434/file0/file1" dev="loop8" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 298.449097][ T28] audit: type=1400 audit(2000000214.900:3132): avc: denied { lock } for pid=20548 comm="syz.7.6361" path="socket:[61849]" dev="sockfs" ino=61849 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 298.646469][T20558] netlink: 'syz.7.6366': attribute type 5 has an invalid length. [ 298.668212][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.765791][ T28] audit: type=1326 audit(2000000215.210:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20563 comm="syz.5.6369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 298.767911][T20566] netlink: 'syz.7.6368': attribute type 4 has an invalid length. [ 298.858356][ T28] audit: type=1326 audit(2000000215.250:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20563 comm="syz.5.6369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 298.909321][ T28] audit: type=1326 audit(2000000215.250:3135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20563 comm="syz.5.6369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 299.017289][T20574] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6372'. [ 299.028801][T20574] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 299.076689][T20574] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 299.612689][T20613] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6390'. [ 299.625179][T20613] netlink: 'syz.0.6390': attribute type 7 has an invalid length. [ 299.633952][T20613] netlink: 'syz.0.6390': attribute type 8 has an invalid length. [ 299.642150][T20613] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6390'. [ 299.658669][T20613] erspan0: entered promiscuous mode [ 299.665072][T20613] gretap0: entered promiscuous mode [ 299.671867][T20613] erspan0: left promiscuous mode [ 299.683862][T20613] gretap0: left promiscuous mode [ 299.739256][T20625] loop5: detected capacity change from 0 to 128 [ 299.746600][T20625] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 299.866455][T20635] netlink: 104 bytes leftover after parsing attributes in process `syz.5.6400'. [ 299.904962][T20637] loop5: detected capacity change from 0 to 512 [ 299.912231][T20637] EXT4-fs: Ignoring removed oldalloc option [ 299.965544][T20637] EXT4-fs (loop5): 1 truncate cleaned up [ 299.978343][T20637] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 300.014506][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 300.825546][T20706] netlink: 64859 bytes leftover after parsing attributes in process `syz.8.6430'. [ 300.905555][ T28] kauditd_printk_skb: 24 callbacks suppressed [ 300.905571][ T28] audit: type=1326 audit(2000000217.350:3160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20707 comm="syz.7.6431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9785c799 code=0x7ffc0000 [ 300.971972][ T28] audit: type=1326 audit(2000000217.350:3161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20707 comm="syz.7.6431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9785c799 code=0x7ffc0000 [ 301.000111][ T28] audit: type=1326 audit(2000000217.350:3162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20707 comm="syz.7.6431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7fcd9785c799 code=0x7ffc0000 [ 301.038453][ T28] audit: type=1326 audit(2000000217.350:3163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20707 comm="syz.7.6431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9785c799 code=0x7ffc0000 [ 301.091706][ T28] audit: type=1326 audit(2000000217.350:3164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20707 comm="syz.7.6431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd9785c799 code=0x7ffc0000 [ 301.465637][ T28] audit: type=1400 audit(2000000217.910:3165): avc: denied { mount } for pid=20745 comm="syz.8.6448" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 301.680658][T20750] loop7: detected capacity change from 0 to 764 [ 301.694713][T20754] loop8: detected capacity change from 0 to 1024 [ 301.704728][T20750] rock: directory entry would overflow storage [ 301.718580][T20750] rock: sig=0x4f50, size=4, remaining=3 [ 301.725105][T20754] EXT4-fs: Ignoring removed bh option [ 301.737093][T20750] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 301.763118][ T28] audit: type=1326 audit(2000000218.210:3166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20755 comm="syz.0.6453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 301.806045][T20754] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 301.824220][ T28] audit: type=1326 audit(2000000218.240:3167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20755 comm="syz.0.6453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 301.838605][T20754] ext4 filesystem being mounted at /457/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 301.849647][ T28] audit: type=1326 audit(2000000218.240:3168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20755 comm="syz.0.6453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 301.882929][ T28] audit: type=1326 audit(2000000218.240:3169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20755 comm="syz.0.6453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 301.932771][T20751] EXT4-fs error (device loop8): ext4_map_blocks:818: inode #15: comm syz.8.6452: lblock 0 mapped to illegal pblock 0 (length 1) [ 301.946642][T20751] EXT4-fs error (device loop8): ext4_map_blocks:776: inode #15: comm syz.8.6452: lblock 0 mapped to illegal pblock 0 (length 1) [ 301.973462][T20751] EXT4-fs error (device loop8): ext4_map_blocks:776: inode #15: comm syz.8.6452: lblock 0 mapped to illegal pblock 0 (length 1) [ 301.997281][T20751] EXT4-fs error (device loop8): ext4_map_blocks:776: inode #15: comm syz.8.6452: lblock 0 mapped to illegal pblock 0 (length 1) [ 302.013988][T20751] EXT4-fs error (device loop8): ext4_map_blocks:776: inode #15: comm syz.8.6452: lblock 0 mapped to illegal pblock 0 (length 1) [ 302.038765][T20751] EXT4-fs error (device loop8): ext4_map_blocks:776: inode #15: comm syz.8.6452: lblock 0 mapped to illegal pblock 0 (length 1) [ 302.067942][T20751] EXT4-fs error (device loop8): ext4_map_blocks:776: inode #15: comm syz.8.6452: lblock 0 mapped to illegal pblock 0 (length 1) [ 302.117139][T20751] EXT4-fs error (device loop8): ext4_map_blocks:776: inode #15: comm syz.8.6452: lblock 0 mapped to illegal pblock 0 (length 1) [ 302.166077][T20751] EXT4-fs error (device loop8): ext4_map_blocks:776: inode #15: comm syz.8.6452: lblock 0 mapped to illegal pblock 0 (length 1) [ 302.197525][T20751] EXT4-fs error (device loop8): ext4_map_blocks:776: inode #15: comm syz.8.6452: lblock 0 mapped to illegal pblock 0 (length 1) [ 302.212215][T20784] netlink: 104 bytes leftover after parsing attributes in process `syz.4.6463'. [ 302.223412][T20779] loop7: detected capacity change from 0 to 8192 [ 302.308878][T20788] loop4: detected capacity change from 0 to 512 [ 302.319163][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 302.349333][T20788] EXT4-fs (loop4): 1 truncate cleaned up [ 302.357815][T20788] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 302.373129][T20788] EXT4-fs error (device loop4): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.4.6466: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 302.438325][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 302.507609][T20804] loop4: detected capacity change from 0 to 512 [ 302.531182][T20804] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 302.555015][T20804] ext4 filesystem being mounted at /273/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 302.701798][T20817] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6477'. [ 303.105025][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.132783][T20854] loop5: detected capacity change from 0 to 1024 [ 303.173751][T20854] EXT4-fs: inline encryption not supported [ 303.202392][T20854] EXT4-fs: Ignoring removed i_version option [ 303.263419][T20862] smc: net device bond0 applied user defined pnetid SYZ2 [ 303.273212][T20854] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 303.287609][T20862] netlink: 14 bytes leftover after parsing attributes in process `syz.8.6499'. [ 303.333869][T20854] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4222: comm syz.5.6495: Allocating blocks 497-513 which overlap fs metadata [ 303.358032][T20862] smc: removing net device bond0 with user defined pnetid SYZ2 [ 303.380878][T20862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 303.392225][T20852] EXT4-fs (loop5): pa ffff888107aab150: logic 256, phys. 369, len 9 [ 303.400328][T20852] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5465: group 0, free 0, pa_free 1 [ 303.437443][T20862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 303.460295][T20862] bond0 (unregistering): Released all slaves [ 303.495780][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.568450][T20875] sch_tbf: burst 0 is lower than device syzkaller0 mtu (1500) ! [ 304.213558][T19327] IPVS: starting estimator thread 0... [ 304.291872][T20936] loop7: detected capacity change from 0 to 128 [ 304.307300][T20927] IPVS: using max 2304 ests per chain, 115200 per kthread [ 304.315168][T20936] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 304.347795][T20936] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 304.411240][T20942] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6520'. [ 304.436778][T20942] netlink: 32 bytes leftover after parsing attributes in process `syz.7.6520'. [ 304.446507][T20942] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6520'. [ 304.456582][T20942] netlink: 32 bytes leftover after parsing attributes in process `syz.7.6520'. [ 305.025377][T21025] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=58 sclass=netlink_audit_socket pid=21025 comm=syz.8.6529 [ 305.116376][T21033] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6532'. [ 305.151740][T21033] smc: adding net device bond0 with user defined pnetid SYZ2 [ 305.194653][T21037] SELinux: Context : is not valid (left unmapped). [ 305.619380][T21070] syzkaller1: entered promiscuous mode [ 305.635559][T21070] syzkaller1: entered allmulticast mode [ 305.799953][T21082] xt_hashlimit: size too large, truncated to 1048576 [ 305.887585][ T3608] Bluetooth: hci0: command 0x1003 tx timeout [ 305.893739][ T8014] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 306.012403][T21088] batadv_slave_1: entered promiscuous mode [ 306.038044][T21087] batadv_slave_1: left promiscuous mode [ 306.187976][T21102] IPv6: NLM_F_REPLACE set, but no existing node found! [ 306.267893][T21105] syzkaller1: entered promiscuous mode [ 306.284381][T21105] syzkaller1: entered allmulticast mode [ 306.945356][T21123] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bridge, syncid = 2, id = 0 [ 307.426417][ T28] kauditd_printk_skb: 358 callbacks suppressed [ 307.426436][ T28] audit: type=1400 audit(2000000223.870:3528): avc: denied { create } for pid=21152 comm="syz.7.6581" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=chr_file permissive=1 [ 307.493410][ T28] audit: type=1400 audit(2000000223.940:3529): avc: denied { setopt } for pid=21158 comm="syz.7.6585" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 307.765817][T21183] loop8: detected capacity change from 0 to 128 [ 307.802543][T21183] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 307.816411][T21183] ext4 filesystem being mounted at /486/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 307.843688][T14150] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 308.087075][T21193] loop8: detected capacity change from 0 to 512 [ 308.098503][T21193] EXT4-fs: Mount option(s) incompatible with ext2 [ 308.485091][T21209] loop4: detected capacity change from 0 to 1024 [ 308.492472][T21209] EXT4-fs: Ignoring removed oldalloc option [ 308.499255][T21209] EXT4-fs: Ignoring removed bh option [ 308.509296][T21209] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 308.543841][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.713059][T21223] loop7: detected capacity change from 0 to 512 [ 308.725990][T21223] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 308.765549][T19952] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.968294][T21234] hsr0: entered promiscuous mode [ 308.976414][T21234] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6614'. [ 309.257152][T21256] netlink: 'syz.8.6625': attribute type 9 has an invalid length. [ 309.265228][T21256] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6625'. [ 309.278932][T21256] netlink: 'syz.8.6625': attribute type 9 has an invalid length. [ 309.290995][T21256] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6625'. [ 309.327157][ T8014] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 309.377793][T19328] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 309.403023][T21263] batadv_slave_1: entered promiscuous mode [ 309.411136][T19328] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 309.434977][T21262] batadv_slave_1: left promiscuous mode [ 309.490716][T21275] 9p: Unknown uid 00000000004294967295 [ 309.496446][ T28] audit: type=1400 audit(2000000225.940:3530): avc: denied { getopt } for pid=21274 comm="syz.8.6632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 309.674490][T21294] ip6gre1: entered promiscuous mode [ 309.688683][T21294] ip6gre1: entered allmulticast mode [ 309.706582][T19764] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 309.715701][T21294] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 309.732699][ T3519] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 309.740733][T19764] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 309.907163][ T28] audit: type=1400 audit(2000000226.350:3531): avc: denied { read open } for pid=21314 comm="syz.4.6649" path="/" dev="configfs" ino=2069 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 310.032010][T21324] loop7: detected capacity change from 0 to 512 [ 310.047233][T21324] EXT4-fs: Ignoring removed nobh option [ 310.063240][T21324] EXT4-fs (loop7): 1 orphan inode deleted [ 310.069573][T21324] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 310.183443][T19952] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.276841][ T28] audit: type=1400 audit(2000000226.720:3532): avc: denied { lock } for pid=21337 comm="syz.8.6658" path="socket:[64510]" dev="sockfs" ino=64510 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 310.359578][ T3519] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 310.425461][ T28] audit: type=1400 audit(2000000226.870:3533): avc: denied { mount } for pid=21346 comm="syz.8.6661" name="/" dev="autofs" ino=65543 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 310.607145][T19297] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 310.656538][T21363] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6668'. [ 310.670129][T21363] netlink: 64 bytes leftover after parsing attributes in process `syz.0.6668'. [ 310.703781][T21367] loop4: detected capacity change from 0 to 512 [ 310.736122][T21367] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 310.757192][T21363] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6668'. [ 310.822015][T21367] ext4 filesystem being mounted at /303/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 310.877321][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.898662][T21378] netlink: 36 bytes leftover after parsing attributes in process `syz.8.6673'. [ 310.940824][T21380] loop8: detected capacity change from 0 to 128 [ 310.986928][T21380] syz.8.6674: attempt to access beyond end of device [ 310.986928][T21380] loop8: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 311.035722][T21382] loop4: detected capacity change from 0 to 128 [ 311.043672][T21383] syz.8.6674: attempt to access beyond end of device [ 311.043672][T21383] loop8: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 311.058885][T21383] syz.8.6674: attempt to access beyond end of device [ 311.058885][T21383] loop8: rw=2049, sector=138, nr_sectors = 6 limit=128 [ 311.093179][T21383] syz.8.6674: attempt to access beyond end of device [ 311.093179][T21383] loop8: rw=8390657, sector=138, nr_sectors = 2 limit=128 [ 311.122554][T21383] Buffer I/O error on dev loop8, logical block 69, lost async page write [ 311.153526][T21383] syz.8.6674: attempt to access beyond end of device [ 311.153526][T21383] loop8: rw=8390657, sector=140, nr_sectors = 2 limit=128 [ 311.194796][T21382] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 311.217874][T21383] Buffer I/O error on dev loop8, logical block 70, lost async page write [ 311.226615][T21383] syz.8.6674: attempt to access beyond end of device [ 311.226615][T21383] loop8: rw=8390657, sector=142, nr_sectors = 2 limit=128 [ 311.271835][T21382] ext4 filesystem being mounted at /304/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 311.288322][T21383] Buffer I/O error on dev loop8, logical block 71, lost async page write [ 311.309725][T21380] syz.8.6674: attempt to access beyond end of device [ 311.309725][T21380] loop8: rw=8390657, sector=142, nr_sectors = 2 limit=128 [ 311.357801][T21380] Buffer I/O error on dev loop8, logical block 71, lost async page write [ 311.394416][T17172] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 311.468099][T21399] netlink: 88 bytes leftover after parsing attributes in process `syz.7.6681'. [ 311.494158][ T28] audit: type=1326 audit(2000000227.940:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21400 comm="syz.0.6682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 311.524530][T21401] syz.0.6682 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 311.537193][ T28] audit: type=1326 audit(2000000227.970:3535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21400 comm="syz.0.6682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 311.561728][ T28] audit: type=1326 audit(2000000227.970:3536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21400 comm="syz.0.6682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 311.590684][T21404] loop7: detected capacity change from 0 to 128 [ 311.647052][ T28] audit: type=1326 audit(2000000227.970:3537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21400 comm="syz.0.6682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f841b0bc799 code=0x7ffc0000 [ 311.850711][T21417] loop7: detected capacity change from 0 to 1024 [ 311.927854][T21417] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 311.951412][T21417] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4222: comm syz.7.6688: Allocating blocks 385-513 which overlap fs metadata [ 311.993354][T21424] syzkaller1: entered promiscuous mode [ 312.004742][T15628] EXT4-fs (loop7): pa ffff888107a86460: logic 16, phys. 129, len 24 [ 312.012942][T15628] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5465: group 0, free 0, pa_free 8 [ 312.019672][T21424] syzkaller1: entered allmulticast mode [ 312.134514][T19952] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.171531][T21426] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6691'. [ 312.180793][T21426] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6691'. [ 312.278193][T21429] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=59426 sclass=netlink_route_socket pid=21429 comm=syz.5.6692 [ 312.506465][ T28] kauditd_printk_skb: 23 callbacks suppressed [ 312.506535][ T28] audit: type=1326 audit(2000000228.950:3561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21451 comm="syz.5.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 312.549311][ T28] audit: type=1326 audit(2000000228.950:3562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21451 comm="syz.5.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 312.573599][ T28] audit: type=1326 audit(2000000228.950:3563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21451 comm="syz.5.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 312.597780][ T28] audit: type=1326 audit(2000000228.950:3564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21451 comm="syz.5.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 312.621978][ T28] audit: type=1326 audit(2000000228.950:3565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21451 comm="syz.5.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 312.664145][ T28] audit: type=1326 audit(2000000228.950:3566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21451 comm="syz.5.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 312.697083][ T28] audit: type=1326 audit(2000000228.950:3567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21451 comm="syz.5.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 312.729270][ T28] audit: type=1326 audit(2000000228.990:3568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21451 comm="syz.5.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 312.764537][ T28] audit: type=1326 audit(2000000228.990:3569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21451 comm="syz.5.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 312.791985][T21458] vhci_hcd vhci_hcd.3: default hub control req: 010b v0000 i0000 l0 [ 312.797267][ T28] audit: type=1326 audit(2000000228.990:3570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21451 comm="syz.5.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4846ecc799 code=0x7ffc0000 [ 313.032162][T21464] loop5: detected capacity change from 0 to 128 [ 313.101505][T21464] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 313.140228][T21464] ext4 filesystem being mounted at /303/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 313.268346][T16472] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 313.843560][T21500] loop4: detected capacity change from 0 to 512 [ 313.868187][T21500] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 313.880918][T21500] ext4 filesystem being mounted at /311/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 313.967079][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 313.994971][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.408362][T21531] __nla_validate_parse: 9 callbacks suppressed [ 314.408380][T21531] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6737'. [ 314.447415][T21531] netlink: 64 bytes leftover after parsing attributes in process `syz.5.6737'. [ 314.456522][T21531] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6737'. [ 314.583857][T21539] loop5: detected capacity change from 0 to 4096 [ 314.616675][T21539] EXT4-fs: Ignoring removed bh option [ 314.624736][T21539] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 314.679221][T16472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.899171][T21551] loop8: detected capacity change from 0 to 512 [ 314.906561][T21551] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem [ 314.941154][T21551] EXT4-fs error (device loop8): ext4_orphan_get:1417: comm syz.8.6744: bad orphan inode 14 [ 314.965492][T21551] loop8: lost filesystem error report for type 5 error -117 [ 314.965724][T21551] ext4_test_bit(bit=13, block=18) = 1 [ 314.973097][ C0] EXT4-fs (loop8): error count since last fsck: 1 [ 314.973120][ C0] EXT4-fs (loop8): initial error at time 2000000231: ext4_orphan_get:1417 [ 314.973193][ C0] EXT4-fs (loop8): last error at time 2000000231: ext4_orphan_get:1417 [ 315.002087][T21551] is_bad_inode(inode)=0 [ 315.006449][T21551] NEXT_ORPHAN(inode)=0 [ 315.011061][T21551] max_ino=32 [ 315.014295][T21551] i_nlink=1 [ 315.017924][T21551] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 315.050310][T21546] loop5: detected capacity change from 0 to 32768 [ 315.057349][T21551] ext2 filesystem being mounted at /524/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 315.084796][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.095275][ T3307] loop5: p1 p3 < > [ 315.102533][T21546] loop5: p1 p3 < > [ 315.229049][T21565] ªªªªªª: renamed from vlan0 [ 315.275733][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 315.279155][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 315.319736][T21572] netlink: 'syz.4.6751': attribute type 1 has an invalid length. [ 315.329669][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 315.329748][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 315.390427][T21572] 8021q: adding VLAN 0 to HW filter on device bond1 [ 315.729538][T21596] loop7: detected capacity change from 0 to 512 [ 315.738634][T21596] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 315.750425][T21596] EXT4-fs (loop7): 1 truncate cleaned up [ 315.756776][T21596] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 315.790804][T19952] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.824285][T21605] loop4: detected capacity change from 0 to 128 [ 315.830925][T21604] loop7: detected capacity change from 0 to 512 [ 315.840144][T21604] EXT4-fs (loop7): 1 truncate cleaned up [ 315.846882][T21604] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 315.875307][T21604] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 315.905897][T19952] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.183790][T21627] loop8: detected capacity change from 0 to 512 [ 316.204645][T21627] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 316.242303][T21627] ext4 filesystem being mounted at /528/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 316.288795][T21627] EXT4-fs error (device loop8): ext4_lookup:1785: inode #15: comm syz.8.6773: invalid fast symlink length 10 [ 316.309338][T21632] SELinux: ebitmap start bit (32) is not a multiple of the map unit size (64) [ 316.318364][T21627] EXT4-fs (loop8): Remounting filesystem read-only [ 316.325296][T21632] SELinux: failed to load policy [ 316.341329][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.433738][T21639] syzkaller0: tun_chr_ioctl cmd 1074025678 [ 316.439800][T21639] syzkaller0: group set to 0 [ 316.815831][T21670] loop8: detected capacity change from 0 to 512 [ 316.825549][T21670] EXT4-fs error (device loop8): ext4_iget_extra_inode:5025: inode #12: comm syz.8.6791: corrupted in-inode xattr: bad e_name length [ 316.839987][T21670] loop8: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 316.840575][T21670] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.6791: couldn't read orphan inode 12 (err -117) [ 316.849967][ C1] EXT4-fs (loop8): error count since last fsck: 1 [ 316.849988][ C1] EXT4-fs (loop8): initial error at time 2000000233: ext4_iget_extra_inode:5025: inode 12 [ 316.850019][ C1] EXT4-fs (loop8): last error at time 2000000233: ext4_iget_extra_inode:5025: inode 12 [ 316.889349][T21670] loop8: lost filesystem error report for type 5 error -117 [ 316.891048][T21670] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 316.970888][T21674] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6792'. [ 317.455811][T21680] bond2: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 317.481144][T21680] bond2: (slave lo): Enslaving as an active interface with an up link [ 317.509384][T21680] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 317.654430][T21688] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 317.829820][ T28] kauditd_printk_skb: 47 callbacks suppressed [ 317.829838][ T28] audit: type=1400 audit(2000000234.280:3618): avc: denied { read } for pid=21697 comm="syz.7.6802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 317.926077][T21702] syz_tun: entered allmulticast mode [ 317.932400][T21702] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6804'. [ 317.942345][T21553] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 317.954606][T21702] syz_tun (unregistering): left allmulticast mode [ 317.957270][T21670] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6791'. [ 317.994578][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 318.113969][T21696] loop4: detected capacity change from 0 to 32768 [ 318.182055][ T3302] loop4: p1 p3 < > [ 318.192124][T21696] loop4: p1 p3 < > [ 318.376943][ T28] audit: type=1400 audit(2000000234.820:3619): avc: denied { unmount } for pid=19952 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 318.446790][T21734] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6819'. [ 318.474997][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 318.481726][T21734] netlink: 'syz.4.6819': attribute type 26 has an invalid length. [ 318.500161][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 318.527298][T21734] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6819'. [ 318.552365][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 318.558041][T21734] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6819'. [ 318.563868][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 318.607203][T21734] netlink: 'syz.4.6819': attribute type 26 has an invalid length. [ 318.616140][T21734] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6819'. [ 318.632731][ T28] audit: type=1400 audit(2000000235.080:3620): avc: denied { getopt } for pid=21739 comm="syz.5.6821" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 318.742711][T21744] loop5: detected capacity change from 0 to 512 [ 318.797945][T21744] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 318.810959][T21746] bridge_slave_0: left allmulticast mode [ 318.839966][T21746] bridge_slave_0: left promiscuous mode [ 318.863437][T21746] bridge0: port 1(bridge_slave_0) entered disabled state [ 318.879890][T21746] bridge_slave_1: left allmulticast mode [ 318.889674][T21746] bridge_slave_1: left promiscuous mode [ 318.895704][T21746] bridge0: port 2(bridge_slave_1) entered disabled state [ 318.910675][T21746] bond0: (slave bond_slave_0): Releasing backup interface [ 318.934317][T21755] netlink: 'syz.4.6830': attribute type 10 has an invalid length. [ 318.934780][T21746] bond0: (slave bond_slave_1): Releasing backup interface [ 318.961840][T21746] team0: Port device team_slave_0 removed [ 318.971971][T21746] team0: Port device team_slave_1 removed [ 318.979572][T21746] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 318.987472][T21746] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 319.004289][T21746] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 319.050610][T21755] bond0: entered promiscuous mode [ 319.059862][T21755] bond_slave_0: entered promiscuous mode [ 319.073148][T21755] bond_slave_1: entered promiscuous mode [ 319.085702][T21755] bridge0: port 4(bond0) entered blocking state [ 319.093880][T21755] bridge0: port 4(bond0) entered disabled state [ 319.103402][T21755] bond0: entered allmulticast mode [ 319.111048][T21755] bond_slave_0: entered allmulticast mode [ 319.118113][T21755] bond_slave_1: entered allmulticast mode [ 319.144731][T21755] bridge0: port 4(bond0) entered blocking state [ 319.151852][T21755] bridge0: port 4(bond0) entered forwarding state [ 319.164173][T21761] loop8: detected capacity change from 0 to 512 [ 319.176869][T21761] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 319.199560][T21761] ext4 filesystem being mounted at /543/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 319.697814][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.012015][T21814] loop7: detected capacity change from 0 to 128 [ 320.623563][T21832] loop8: detected capacity change from 0 to 1024 [ 320.664899][T21832] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 320.850633][T21848] loop7: detected capacity change from 0 to 512 [ 320.870299][T21848] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended [ 320.906040][T21848] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem [ 320.939417][T21848] EXT4-fs (loop7): warning: checktime reached, running e2fsck is recommended [ 320.955346][T14150] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.981000][T21848] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 321.004986][T21848] System zones: 0-2, 18-18, 34-34 [ 321.026892][T21848] EXT4-fs error (device loop7): ext4_orphan_get:1417: comm syz.7.6867: bad orphan inode 15 [ 321.091260][T21848] loop7: lost filesystem error report for type 5 error -117 [ 321.091470][T21848] ext4_test_bit(bit=14, block=18) = 1 [ 321.098934][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 321.098971][ C0] EXT4-fs (loop7): initial error at time 2000000237: ext4_orphan_get:1417 [ 321.098996][ C0] EXT4-fs (loop7): last error at time 2000000237: ext4_orphan_get:1417 [ 321.157054][T21848] is_bad_inode(inode)=0 [ 321.174656][T21848] NEXT_ORPHAN(inode)=2264924160 [ 321.189913][T21848] max_ino=32 [ 321.197169][T21848] i_nlink=0 [ 321.205678][T21848] EXT4-fs error (device loop7): ext4_do_update_inode:5569: inode #15: comm syz.7.6867: corrupted inode contents [ 321.227240][T21848] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 321.227487][T21848] EXT4-fs error (device loop7): ext4_dirty_inode:6450: inode #15: comm syz.7.6867: mark_inode_dirty error [ 321.286817][T21848] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 321.287114][T21848] EXT4-fs error (device loop7): ext4_do_update_inode:5569: inode #15: comm syz.7.6867: corrupted inode contents [ 321.335893][T21848] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 321.336137][T21848] EXT4-fs error (device loop7): ext4_xattr_delete_inode:2999: inode #15: comm syz.7.6867: mark_inode_dirty error [ 321.372893][T21862] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 321.374689][T21848] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 321.397829][T21848] EXT4-fs error (device loop7): ext4_xattr_delete_inode:3002: inode #15: comm syz.7.6867: mark inode dirty (error -117) [ 321.430224][T21848] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 321.430526][T21848] EXT4-fs warning (device loop7): ext4_evict_inode:275: xattr delete (err -117) [ 321.457696][T21848] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 321.641104][T21875] __nla_validate_parse: 3 callbacks suppressed [ 321.641123][T21875] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6879'. [ 321.936560][T19952] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.979985][T21893] loop5: detected capacity change from 0 to 128 [ 322.018376][T21893] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 322.078956][T21893] ext4 filesystem being mounted at /345/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 322.094734][ T28] audit: type=1326 audit(2000000238.530:3621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21904 comm="syz.8.6891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 322.134862][ T28] audit: type=1326 audit(2000000238.570:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21904 comm="syz.8.6891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 322.176368][ T28] audit: type=1326 audit(2000000238.570:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21904 comm="syz.8.6891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 322.201880][ T28] audit: type=1326 audit(2000000238.570:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21904 comm="syz.8.6891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 322.226542][ T28] audit: type=1326 audit(2000000238.650:3625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21904 comm="syz.8.6891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 322.253901][ T28] audit: type=1326 audit(2000000238.700:3626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21904 comm="syz.8.6891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 322.302137][ T28] audit: type=1326 audit(2000000238.700:3627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21904 comm="syz.8.6891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 322.328266][T16472] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 322.393906][T21913] loop5: detected capacity change from 0 to 128 [ 322.427942][T21913] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 322.474578][T21913] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 322.519078][T15636] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 322.576664][T21927] loop5: detected capacity change from 0 to 128 [ 322.838350][ T50] kworker/u8:3: attempt to access beyond end of device [ 322.838350][ T50] loop5: rw=1, sector=145, nr_sectors = 40 limit=128 [ 322.856079][ T50] kworker/u8:3: attempt to access beyond end of device [ 322.856079][ T50] loop5: rw=1, sector=193, nr_sectors = 8 limit=128 [ 322.875232][ T50] kworker/u8:3: attempt to access beyond end of device [ 322.875232][ T50] loop5: rw=1, sector=209, nr_sectors = 8 limit=128 [ 322.893075][ T50] kworker/u8:3: attempt to access beyond end of device [ 322.893075][ T50] loop5: rw=1, sector=225, nr_sectors = 8 limit=128 [ 322.907606][ T50] kworker/u8:3: attempt to access beyond end of device [ 322.907606][ T50] loop5: rw=1, sector=241, nr_sectors = 8 limit=128 [ 322.922543][ T50] kworker/u8:3: attempt to access beyond end of device [ 322.922543][ T50] loop5: rw=1, sector=257, nr_sectors = 8 limit=128 [ 322.936874][ T50] kworker/u8:3: attempt to access beyond end of device [ 322.936874][ T50] loop5: rw=1, sector=273, nr_sectors = 8 limit=128 [ 322.952020][ T50] kworker/u8:3: attempt to access beyond end of device [ 322.952020][ T50] loop5: rw=1, sector=289, nr_sectors = 8 limit=128 [ 322.967947][ T50] kworker/u8:3: attempt to access beyond end of device [ 322.967947][ T50] loop5: rw=1, sector=305, nr_sectors = 8 limit=128 [ 322.981688][ T50] kworker/u8:3: attempt to access beyond end of device [ 322.981688][ T50] loop5: rw=1, sector=321, nr_sectors = 8 limit=128 [ 323.044048][T21951] loop7: detected capacity change from 0 to 256 [ 323.069086][T21951] FAT-fs (loop7): bogus number of FAT sectors [ 323.087078][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 323.095396][T21951] FAT-fs (loop7): Can't find a valid FAT filesystem [ 323.120649][ T28] kauditd_printk_skb: 55 callbacks suppressed [ 323.120668][ T28] audit: type=1400 audit(2000000239.570:3683): avc: denied { read } for pid=21954 comm="syz.0.6911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 323.143258][T21947] Invalid option length (63724) for dns_resolver key [ 323.470575][T21945] loop8: detected capacity change from 0 to 256 [ 324.241435][ T28] audit: type=1400 audit(2000000240.690:3684): avc: denied { append } for pid=22009 comm="syz.4.6930" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 324.284606][T19328] kernel write not supported for file bpf-prog (pid: 19328 comm: kworker/1:9) [ 324.372479][T22020] ipip0: entered promiscuous mode [ 324.378889][T22020] ipip0: entered allmulticast mode [ 324.434545][T22024] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 324.445969][T22024] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 325.446073][T22061] loop8: detected capacity change from 0 to 128 [ 325.698872][T22082] loop4: detected capacity change from 0 to 512 [ 325.746305][T22082] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 325.773319][T22082] ext4 filesystem being mounted at /369/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 325.798121][T22082] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6961'. [ 325.807603][T22082] netlink: 56 bytes leftover after parsing attributes in process `syz.4.6961'. [ 325.899732][T17172] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 325.960965][T22110] loop5: detected capacity change from 0 to 512 [ 328.537794][T19325] IPVS: starting estimator thread 0... [ 328.657573][T22271] IPVS: using max 1680 ests per chain, 84000 per kthread [ 328.696705][ T28] audit: type=1326 audit(2000000245.140:3685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22285 comm="syz.8.7007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 328.731209][ T28] audit: type=1326 audit(2000000245.180:3686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22285 comm="syz.8.7007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 328.765255][ T28] audit: type=1326 audit(2000000245.180:3687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22285 comm="syz.8.7007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 328.824946][ T28] audit: type=1326 audit(2000000245.180:3688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22285 comm="syz.8.7007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa02cc799 code=0x7ffc0000 [ 329.155537][T22325] netlink: 199828 bytes leftover after parsing attributes in process `syz.0.7013'. [ 329.488882][T22336] ================================================================== [ 329.497055][T22336] BUG: KCSAN: data-race in shmem_file_splice_read / shmem_file_splice_read [ 329.505711][T22336] [ 329.508071][T22336] write to 0xffff88815434d0a8 of 8 bytes by task 22335 on cpu 1: [ 329.515917][T22336] shmem_file_splice_read+0x470/0x600 [ 329.521408][T22336] splice_direct_to_actor+0x26e/0x670 [ 329.526841][T22336] do_splice_direct+0x119/0x1a0 [ 329.531747][T22336] do_sendfile+0x382/0x650 [ 329.536275][T22336] __x64_sys_sendfile64+0x105/0x150 [ 329.541678][T22336] x64_sys_call+0x2dc4/0x3020 [ 329.546409][T22336] do_syscall_64+0x12c/0x370 [ 329.551052][T22336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.556982][T22336] [ 329.559340][T22336] write to 0xffff88815434d0a8 of 8 bytes by task 22336 on cpu 0: [ 329.567318][T22336] shmem_file_splice_read+0x470/0x600 [ 329.573016][T22336] splice_direct_to_actor+0x26e/0x670 [ 329.578433][T22336] do_splice_direct+0x119/0x1a0 [ 329.583397][T22336] do_sendfile+0x382/0x650 [ 329.587841][T22336] __x64_sys_sendfile64+0x105/0x150 [ 329.593081][T22336] x64_sys_call+0x2dc4/0x3020 [ 329.597807][T22336] do_syscall_64+0x12c/0x370 [ 329.602435][T22336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.608369][T22336] [ 329.610732][T22336] value changed: 0x0000000000001f05 -> 0x0000000000001f06 [ 329.618027][T22336] [ 329.620368][T22336] Reported by Kernel Concurrency Sanitizer on: [ 329.626545][T22336] CPU: 0 UID: 0 PID: 22336 Comm: syz.0.7016 Tainted: G W syzkaller #0 PREEMPT(full) [ 329.637704][T22336] Tainted: [W]=WARN [ 329.641738][T22336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 329.651853][T22336] ================================================================== [ 331.489523][T22261] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512