last executing test programs: 2m44.427992095s ago: executing program 32 (id=2547): sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c0002800500010000000000080007400000000008000340"], 0x80}}, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 2m39.944708676s ago: executing program 1 (id=2679): r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x1, 0x2) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 2m39.911351808s ago: executing program 1 (id=2680): perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x40, 0x7, 0x0, 0x0, 0xd000, 0x4, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x2, @perf_bp={0x0, 0x2}, 0x986, 0xfc, 0x4, 0x0, 0x81, 0x9, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_elf32(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="7f454c4601f5f014ab0800000000000002003e00010000809a010000380000008b0000000600000005002000020001000100200000f2ffff04"], 0x78) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4000005, 0x10012, r0, 0x0) 2m39.832970423s ago: executing program 1 (id=2682): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f00000003c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffff9}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 2m39.801034434s ago: executing program 1 (id=2686): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x2014050, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) umount2(&(0x7f00000000c0)='./file0\x00', 0x4) 2m39.747427458s ago: executing program 1 (id=2689): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ioctl$TIOCSERGETLSR(r0, 0x5459, 0x0) 2m39.54071476s ago: executing program 1 (id=2698): r0 = socket(0x2b, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000000, 0x0, 0x1, 0x1, 0x0, 0x4}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x600}, 0x8000000, 0x0, 0xff, 0x0, 0x4}, 0x20) 2m39.499044592s ago: executing program 33 (id=2698): r0 = socket(0x2b, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000000, 0x0, 0x1, 0x1, 0x0, 0x4}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x600}, 0x8000000, 0x0, 0xff, 0x0, 0x4}, 0x20) 2m39.279428415s ago: executing program 2 (id=2709): socket$netlink(0x10, 0x3, 0x0) unshare(0x28000600) r0 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000000c0), 0x8) 2m39.222909198s ago: executing program 2 (id=2710): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="850000002200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/ipc\x00') sendmsg$inet(0xffffffffffffffff, 0x0, 0x200000c0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r0, 0x0, 0xcc0, 0xfffffffffffffde6, &(0x7f00000001c0)="348b0d151f8218e3c73697e4080049c416b90900000093291cfc5e8b99005e8b9900", 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 2m39.139024483s ago: executing program 2 (id=2715): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0xc, &(0x7f0000001480)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r1, r0}, 0xc) 2m39.053538328s ago: executing program 2 (id=2720): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x2014050, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) umount2(&(0x7f00000000c0)='./file0\x00', 0x4) 2m38.995235422s ago: executing program 2 (id=2721): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$chown(0x4, r0, 0xee01, 0x0) keyctl$setperm(0x5, r0, 0x30925) keyctl$KEYCTL_MOVE(0x1e, r0, 0x0, 0x0, 0x0) 2m38.742343796s ago: executing program 2 (id=2739): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20) syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0) recvfrom(r0, 0x0, 0x0, 0x40, 0x0, 0x0) 2m38.687808419s ago: executing program 34 (id=2739): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20) syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0) recvfrom(r0, 0x0, 0x0, 0x40, 0x0, 0x0) 1m51.138384351s ago: executing program 0 (id=4377): ppoll(0x0, 0x0, 0x0, 0x0, 0x0) chdir(&(0x7f0000000480)='./cgroup\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='pids.current\x00', 0x275a, 0x0) preadv(r0, &(0x7f0000001240)=[{&(0x7f0000001300)=""/231, 0xe7}], 0x1, 0xe12, 0x200000c) 1m50.262054003s ago: executing program 0 (id=4393): r0 = fsopen(&(0x7f00000000c0)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x7) openat(r1, &(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10000, 0x102) 1m50.180961267s ago: executing program 0 (id=4396): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x7b64, &(0x7f0000000280)=[{&(0x7f0000000100)="5c00000012006bab9e3fe3d8fd8978f45225d9ee000000007ea60860160af36504000100080ec000000002009ee517c356a7b0251e61e659ad3af435cf01c937e786a6d0bdd7fcf50e4509c5cc68b7ed9c232d786c35fe0000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 1m49.829870077s ago: executing program 6 (id=4409): r0 = syz_open_procfs(0x0, &(0x7f0000000ec0)='fdinfo\x00') timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) getdents(r0, &(0x7f0000000000)=""/6, 0x7d) 1m49.742470393s ago: executing program 6 (id=4412): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='pagemap\x00') pread64(r0, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000) 1m49.527560545s ago: executing program 6 (id=4415): r0 = syz_io_uring_setup(0x12c3, &(0x7f0000000300)={0x0, 0x5079, 0x3000, 0x8020002, 0x31a}, &(0x7f00000002c0), &(0x7f0000000000)) r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0xb, 0x1c1942) ioctl$USBDEVFS_IOCTL(r1, 0x4004550c, 0x0) poll(&(0x7f0000000140)=[{r0, 0x100}], 0x1, 0x8000) 1m49.363346475s ago: executing program 6 (id=4429): mkdir(&(0x7f0000000200)='./file1\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) unlink(&(0x7f00000002c0)='./file1\x00') 1m49.239615352s ago: executing program 7 (id=4419): r0 = fsopen(&(0x7f00000000c0)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x7) openat(r1, &(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10000, 0x102) 1m49.234086852s ago: executing program 0 (id=4431): mkdir(&(0x7f0000000200)='./file1\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) unlink(&(0x7f00000002c0)='./file1\x00') 1m49.233720772s ago: executing program 6 (id=4422): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80a61, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000140)=0x90) write$tun(r0, &(0x7f0000000180)=ANY=[@ANYRESOCT, @ANYRESDEC], 0xfdef) 1m49.217807463s ago: executing program 7 (id=4423): perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x40, 0x7, 0x0, 0x0, 0xd000, 0x4, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x2, @perf_bp={0x0, 0x2}, 0x986, 0xfc, 0x4, 0x0, 0x81, 0x9, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_elf32(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="7f454c4602f5f014000000000000000002000000010000809a013ed737995d44700000380000008b00d674cb29edea13b3200000000500060020"], 0x3c) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4000005, 0x12, r0, 0x94628000) 1m49.214503723s ago: executing program 0 (id=4424): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x0}, &(0x7f00000001c0)="03", 0x1, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000300)) keyctl$search(0xa, r0, &(0x7f0000000280)='user\x00', &(0x7f00000002c0)={'syz', 0x0}, r0) 1m49.180487575s ago: executing program 7 (id=4425): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000100000004"], 0x48) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mlockall(0x7) 1m48.990024536s ago: executing program 0 (id=4427): mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x2) r1 = dup2(r0, r0) ioctl$BLKTRACESTOP(r1, 0x80081280, 0x0) 1m48.940686439s ago: executing program 35 (id=4427): mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x2) r1 = dup2(r0, r0) ioctl$BLKTRACESTOP(r1, 0x80081280, 0x0) 1m48.837163505s ago: executing program 6 (id=4434): r0 = perf_event_open(&(0x7f0000000a00)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x650b9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800004, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) lgetxattr(0x0, &(0x7f00000008c0)=@known='trusted.overlay.redirect\x00', 0x0, 0x0) 1m48.836973355s ago: executing program 36 (id=4434): r0 = perf_event_open(&(0x7f0000000a00)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x650b9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800004, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) lgetxattr(0x0, &(0x7f00000008c0)=@known='trusted.overlay.redirect\x00', 0x0, 0x0) 1m48.75958224s ago: executing program 7 (id=4436): mkdir(&(0x7f0000000200)='./file1\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) unlink(&(0x7f00000002c0)='./file1\x00') 1m48.695812163s ago: executing program 7 (id=4438): ppoll(0x0, 0x0, 0x0, 0x0, 0x0) chdir(&(0x7f0000000480)='./cgroup\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='pids.current\x00', 0x275a, 0x0) preadv(r0, &(0x7f0000001240)=[{&(0x7f0000001300)=""/231, 0xe7}], 0x1, 0xe12, 0x200000c) 1m48.455639467s ago: executing program 7 (id=4442): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f00000006c0)=[@in={0x2, 0x0, @local}], 0x10) 1m48.408796881s ago: executing program 37 (id=4442): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f00000006c0)=[@in={0x2, 0x0, @local}], 0x10) 994.587212ms ago: executing program 3 (id=7939): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000380)=0x5, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000640)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000200)='Q', 0x29c2d}], 0x1}, 0x0) 978.376263ms ago: executing program 8 (id=7940): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x8402, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x8001, 0xf7f}, 0x108a08, 0x2, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syncfs(r0) 857.427579ms ago: executing program 3 (id=7942): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x40}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30) 740.391796ms ago: executing program 5 (id=7944): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) membarrier(0x4, 0x0) 637.869702ms ago: executing program 8 (id=7948): ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f0000000040)={0x3, 0x3, 0x1, 'queue0\x00', 0x80000000}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @local}, 0x10) 637.547682ms ago: executing program 8 (id=7949): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) dup2(r1, r0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000001840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140d0000060a09"], 0xd3c}, 0x1, 0x0, 0x0, 0x40010}, 0x0) 576.098336ms ago: executing program 8 (id=7952): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, 0x0, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17], 0x0, [0x5, 0x4, 0x19, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8001]}}]}}]}, 0x8c}}, 0x0) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002"], 0x44}}, 0x10) 534.330608ms ago: executing program 8 (id=7955): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f00000007c0)=[{{&(0x7f0000000300)={0xa, 0x4e20, 0x4, @remote, 0x7}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000280)="e9", 0x1}], 0x1}}], 0x1, 0x931766f6319eed44) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000400)={0x0, 0x25, 0xf58, 0x0, 0x3, 0x1, 0xfffd, 0x6, {0x0, @in={{0x2, 0x4e23, @remote}}, 0x4, 0x2, 0x0, 0x5}}, &(0x7f0000000200)=0xb0) 487.182571ms ago: executing program 8 (id=7956): r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00') chown(&(0x7f0000001840)='./file1\x00', 0x0, 0x0) 484.888571ms ago: executing program 4 (id=7957): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1) sendto$inet6(r0, 0x0, 0x0, 0x200c8084, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @remote}, 0x1c) sendto$inet6(r0, &(0x7f0000000300)="2501d6b1d1b89073ff7420b4c3b61f000000714fa228ee1f5b480000000000000000000000000000000000bd05a4e831d602528be2bae07a5a9e11acdddc37139f81cd38ff6932b375c0fea4efa95b675b744fab4e403b14480ff8dd4c39f147d7cd24a4bef9e5b23764c5080599121cf427f1750b46cf5aa5ec90082b8b31de8385ed44925bacb58da5ff58ef1909d675b20a07713be77021fef2", 0xfffffffffffffd28, 0x40, 0x0, 0xffffffffffffff4c) 447.241933ms ago: executing program 9 (id=7958): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800) 434.422654ms ago: executing program 4 (id=7959): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@ipv6_newroute={0x2c, 0x18, 0x1, 0x70bd2c, 0x0, {0xa, 0x80, 0x14, 0x0, 0xfe, 0x4, 0xff, 0x6, 0x2000}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x6}, @RTA_EXPIRES={0x8, 0x17, 0x5}]}, 0x2c}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 343.227569ms ago: executing program 9 (id=7960): ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f0000000040)={0x3, 0x3, 0x1, 'queue0\x00', 0x80000000}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @local}, 0x10) 342.93855ms ago: executing program 5 (id=7961): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) sendto$inet(r0, 0x0, 0x0, 0x4060, &(0x7f00000002c0)={0x2, 0x4e21, @broadcast}, 0x10) 307.507761ms ago: executing program 3 (id=7962): r0 = memfd_create(&(0x7f0000000780)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d \x06\x00\x00\x00\x97A\xc2\xd8\xf0Uq!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19\xe5\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\x16\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xf1k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9k\x83\xfc\xa4\xad4\x03\xa2X\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xdfY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96?\x00\x00\x00\x00\x00\x00\x00\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKl\xcc\xa4:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcb\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93>m\xd7q\'\xdf\xfajo\xd8n\xa7\xecJi\xde\xdf\x7f\xe3\xc4*Z 4\xe8S$\xa1H=\xdf\x05\xf3\xc3T\xd1\xdd\xc6f\xa4\xb4\x96\\\xa0\xf9\x0f\x17\x11{\xb6\x9d\xd21\xc1\x90Vj\x13r\x00\x00\xde\x03\xab\xff\x8as0\xc6E\xca\"\xd9*\x9a\x15\xb95r\x8f\xaaj\x82\xd6\xd2%\xed\xa2WQ\xec2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xccX\xfdRB\xffU\xe9\xfa\x1f\xf6\xce\b\xde@\x061\xc6z\xe4\xe0\xc9?\xa7\x94>\x9c\xd1\xa5o\x04\xaaim\xae\xfe\xc7f\xa3\x96\xd7\xb4c)r{\r#\xddI&\n\xf2\xec\xd4\xff\x9f\x136zZ-2\x80\xfbH+\x9b8\xf3\xed\xdf\xa2my\xb28c[\xc3\xfe\xb5M\x84\x97\xa5\'s\xe9\xdc=)I\xabLt2\x9c\v\xd9S', 0x6) fallocate(r0, 0x0, 0x9, 0x4) read(r0, &(0x7f0000000080)=""/221, 0xdd) read(r0, &(0x7f0000000000)=""/22, 0x16) 290.630243ms ago: executing program 5 (id=7963): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) listen(r0, 0x20) accept4(r0, 0x0, 0x0, 0x80000) shutdown(r0, 0x0) 289.944372ms ago: executing program 9 (id=7973): r0 = semget$private(0x0, 0x6, 0x0) semtimedop(r0, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0) semop(r0, &(0x7f00000000c0)=[{0x2}], 0x1) semctl$IPC_RMID(r0, 0x0, 0x0) 258.859755ms ago: executing program 3 (id=7964): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0x10, &(0x7f0000000500)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 258.525044ms ago: executing program 4 (id=7965): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) dup2(r1, r0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000001840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140d0000060a09"], 0xd3c}, 0x1, 0x0, 0x0, 0x40010}, 0x0) 222.379807ms ago: executing program 4 (id=7966): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x0, 0x8000, 0x1402}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x2d, 0x6, 0x8057}]}}]}, 0x60}}, 0x24044092) 199.392318ms ago: executing program 5 (id=7967): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f00000007c0)=[{{&(0x7f0000000300)={0xa, 0x4e20, 0x4, @remote, 0x7}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000280)="e9", 0x1}], 0x1}}], 0x1, 0x931766f6319eed44) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000400)={0x0, 0x25, 0xf58, 0x0, 0x3, 0x1, 0xfffd, 0x6, {0x0, @in={{0x2, 0x4e23, @remote}}, 0x4, 0x2, 0x0, 0x5}}, &(0x7f0000000200)=0xb0) 123.677512ms ago: executing program 5 (id=7968): r0 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1e0411, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfefffffe, 0x1, @perf_bp={0x0, 0x1}, 0x6025, 0x4005, 0xb, 0x3, 0x80, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x88534, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x4}, 0x120, 0x10000, 0x4, 0x6, 0x8, 0x20007, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffbfffffffffffff, r0, 0x2) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0xffffffffffff7fff) 122.984253ms ago: executing program 9 (id=7979): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f00000007c0)=[{{&(0x7f0000000300)={0xa, 0x4e20, 0x4, @remote, 0x7}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000280)="e9", 0x1}], 0x1}}], 0x1, 0x931766f6319eed44) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000400)={0x0, 0x25, 0xf58, 0x0, 0x3, 0x1, 0xfffd, 0x6, {0x0, @in={{0x2, 0x4e23, @remote}}, 0x4, 0x2, 0x0, 0x5}}, &(0x7f0000000200)=0xb0) 79.731015ms ago: executing program 9 (id=7969): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1) sendto$inet6(r0, 0x0, 0x0, 0x200c8084, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @remote}, 0x1c) sendto$inet6(r0, &(0x7f0000000300)="2501d6b1d1b89073ff7420b4c3b61f000000714fa228ee1f5b480000000000000000000000000000000000bd05a4e831d602528be2bae07a5a9e11acdddc37139f81cd38ff6932b375c0fea4efa95b675b744fab4e403b14480ff8dd4c39f147d7cd24a4bef9e5b23764c5080599121cf427f1750b46cf5aa5ec90082b8b31de8385ed44925bacb58da5ff58ef1909d675b20a07713be77021fef2", 0xfffffffffffffd28, 0x40, 0x0, 0xffffffffffffff4c) 79.580935ms ago: executing program 4 (id=7970): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800) 48.126197ms ago: executing program 3 (id=7971): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xa83b, 0x10, 0x2, 0x3b}, &(0x7f00000001c0)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000100)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x19, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 39.417937ms ago: executing program 9 (id=7972): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_pid(r1, &(0x7f0000000000), 0xfdef) recvmsg$unix(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/79, 0xce80}], 0x300}, 0x0) 36.308697ms ago: executing program 5 (id=7974): r0 = socket$inet6(0xa, 0x3, 0x38) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x2014, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @remote, 0x3}, 0x1c) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xf338}], 0x1) 24.647448ms ago: executing program 4 (id=7975): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x40}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30) 0s ago: executing program 3 (id=7976): ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f0000000040)={0x3, 0x3, 0x1, 'queue0\x00', 0x80000000}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @local}, 0x10) kernel console output (not intermixed with test programs): llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 185.219022][T17576] sctp: [Deprecated]: syz.8.5748 (pid 17576) Use of int in maxseg socket option. [ 185.219022][T17576] Use struct sctp_assoc_value instead [ 185.233916][ T29] kauditd_printk_skb: 22 callbacks suppressed [ 185.233934][ T29] audit: type=1400 audit(953.208:1598): avc: denied { setopt } for pid=17577 comm="syz.9.5749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 185.310446][T17589] netlink: 564 bytes leftover after parsing attributes in process `syz.5.5754'. [ 185.320051][T17589] netlink: 564 bytes leftover after parsing attributes in process `syz.5.5754'. [ 185.346857][T17592] tmpfs: Bad value for 'nr_inodes' [ 185.620940][T17604] loop8: detected capacity change from 0 to 1024 [ 185.639598][T17604] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 185.656237][T17604] EXT4-fs error (device loop8): ext4_map_blocks:825: inode #15: comm syz.8.5758: lblock 0 mapped to illegal pblock 0 (length 1) [ 185.674875][T17604] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 185.687491][T17604] EXT4-fs (loop8): This should not happen!! Data will be lost [ 185.687491][T17604] [ 185.703129][T17610] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5760'. [ 185.714146][T14009] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 185.733875][T17612] netlink: 774 bytes leftover after parsing attributes in process `syz.8.5761'. [ 185.743298][T17612] netlink: 'syz.8.5761': attribute type 1 has an invalid length. [ 185.846800][T17621] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 185.853310][T17621] pim6reg0: linktype set to 769 [ 186.525342][T17609] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 186.533920][T17609] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 186.566632][T17644] loop3: detected capacity change from 0 to 1024 [ 186.583965][T17644] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 186.603819][T17644] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: comm syz.3.5773: lblock 0 mapped to illegal pblock 0 (length 1) [ 186.617578][T17644] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 186.630160][T17644] EXT4-fs (loop3): This should not happen!! Data will be lost [ 186.630160][T17644] [ 186.653562][T10100] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 186.687688][T17651] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5774'. [ 186.769151][T17653] netlink: 774 bytes leftover after parsing attributes in process `syz.3.5776'. [ 186.778278][T17653] netlink: 'syz.3.5776': attribute type 1 has an invalid length. [ 186.963142][T17649] loop5: detected capacity change from 0 to 1024 [ 187.027417][T17649] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 187.070814][T17671] loop9: detected capacity change from 0 to 512 [ 187.079290][T17673] tmpfs: Bad value for 'nr_inodes' [ 187.081222][T17671] EXT4-fs: Ignoring removed orlov option [ 187.103946][T17671] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem [ 187.123940][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 187.131310][T17671] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 187.144196][T17671] EXT4-fs error (device loop9): ext4_iget_extra_inode:5073: inode #15: comm syz.9.5783: corrupted in-inode xattr: e_value size too large [ 187.159946][T17671] EXT4-fs error (device loop9): ext4_orphan_get:1396: comm syz.9.5783: couldn't read orphan inode 15 (err -117) [ 187.176495][T17671] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 187.179554][ T29] audit: type=1326 audit(955.168:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17677 comm="syz.8.5788" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb159b8aeb9 code=0x0 [ 187.212638][T17671] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 187.222279][T17671] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended [ 187.232125][T17671] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 187.240778][T17671] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 187.261221][T14016] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.462793][T17702] sctp: [Deprecated]: syz.5.5798 (pid 17702) Use of int in max_burst socket option. [ 187.462793][T17702] Use struct sctp_assoc_value instead [ 187.619677][T17717] loop5: detected capacity change from 0 to 512 [ 187.630699][T17717] EXT4-fs: Ignoring removed orlov option [ 187.645053][T17717] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 187.663287][T17717] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 187.678983][T17717] EXT4-fs error (device loop5): ext4_iget_extra_inode:5073: inode #15: comm syz.5.5805: corrupted in-inode xattr: e_value size too large [ 187.705944][T17717] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.5805: couldn't read orphan inode 15 (err -117) [ 187.736714][T17717] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 187.753597][T17717] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 187.763493][T17717] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended [ 187.773570][T17717] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 187.782410][T17717] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 187.804468][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.891811][T17735] loop5: detected capacity change from 0 to 4096 [ 187.904678][T17735] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 188.027289][T17743] sctp: [Deprecated]: syz.9.5824 (pid 17743) Use of int in max_burst socket option. [ 188.027289][T17743] Use struct sctp_assoc_value instead [ 188.653315][T17789] netlink: 'syz.9.5836': attribute type 1 has an invalid length. [ 188.661338][T17789] __nla_validate_parse: 2 callbacks suppressed [ 188.661356][T17789] netlink: 128 bytes leftover after parsing attributes in process `syz.9.5836'. [ 188.686803][ T29] audit: type=1400 audit(956.668:1600): avc: denied { ioctl } for pid=17792 comm="syz.4.5838" path="socket:[51501]" dev="sockfs" ino=51501 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 188.719621][T17793] vlan2: entered allmulticast mode [ 188.725498][T17793] vlan0: entered allmulticast mode [ 188.730723][T17793] veth0_vlan: entered allmulticast mode [ 188.762068][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.918437][T17798] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5839'. [ 189.099295][T17812] loop3: detected capacity change from 0 to 128 [ 189.165412][ T29] audit: type=1400 audit(957.118:1601): avc: denied { remount } for pid=17811 comm="syz.3.5849" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 189.243782][T17826] netlink: 236 bytes leftover after parsing attributes in process `syz.5.5841'. [ 189.253186][T17826] netlink: 236 bytes leftover after parsing attributes in process `syz.5.5841'. [ 189.296096][T17831] loop3: detected capacity change from 0 to 1024 [ 189.340520][T17831] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 189.357909][T17832] loop9: detected capacity change from 0 to 8192 [ 189.378829][T17832] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 189.399828][T10100] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 189.437137][T17843] loop8: detected capacity change from 0 to 512 [ 189.440014][T17832] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 189.444836][T17843] EXT4-fs: Ignoring removed oldalloc option [ 189.452827][T17832] FAT-fs (loop9): Filesystem has been set read-only [ 189.472218][T17843] EXT4-fs error (device loop8): ext4_xattr_inode_iget:437: comm syz.8.5863: Parent and EA inode have the same ino 15 [ 189.482991][T17832] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 189.499417][T17832] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 189.508402][T17843] EXT4-fs error (device loop8): ext4_xattr_inode_iget:437: comm syz.8.5863: Parent and EA inode have the same ino 15 [ 189.508907][T17832] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 189.530832][T17832] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 189.536792][T17850] loop3: detected capacity change from 0 to 1024 [ 189.540029][T17832] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 189.540061][T17832] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 189.540086][T17832] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 189.574445][T17832] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 189.584850][T17851] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 189.591747][T17850] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 189.606029][T17843] EXT4-fs (loop8): 1 orphan inode deleted [ 189.612459][T17843] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 189.636577][T10100] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.690028][T14009] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.810304][T17875] netlink: 31 bytes leftover after parsing attributes in process `syz.4.5876'. [ 189.819457][T17875] netlink: 208 bytes leftover after parsing attributes in process `syz.4.5876'. [ 189.882212][T17878] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5874'. [ 189.894131][T17877] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 189.915422][T17877] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 190.206706][T17875] netlink: 31 bytes leftover after parsing attributes in process `syz.4.5876'. [ 190.326881][T17884] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=24 sclass=netlink_audit_socket pid=17884 comm=syz.4.5879 [ 190.356213][T17886] loop5: detected capacity change from 0 to 1024 [ 190.404131][T17886] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.439052][T17894] loop8: detected capacity change from 0 to 128 [ 190.555045][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.635167][T17916] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5892'. [ 190.700377][T17919] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5894'. [ 191.019132][T17933] loop5: detected capacity change from 0 to 128 [ 191.134229][T17944] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 191.145593][T17944] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 191.167150][T17949] netlink: 'syz.4.5907': attribute type 12 has an invalid length. [ 191.473467][T17967] loop9: detected capacity change from 0 to 128 [ 191.543108][T17971] loop3: detected capacity change from 0 to 128 [ 191.565646][T17971] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 191.630168][T10100] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 192.247720][T18024] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 192.259015][T18024] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8801e019, mo2=0000] [ 192.268298][T18024] EXT4-fs error (device loop9): ext4_map_blocks:783: inode #3: block 2: comm syz.9.5941: lblock 2 mapped to illegal pblock 2 (length 1) [ 192.282948][T18024] Quota error (device loop9): qtree_write_dquot: dquota write failed [ 192.291639][T18024] EXT4-fs error (device loop9): ext4_map_blocks:783: inode #3: block 48: comm syz.9.5941: lblock 0 mapped to illegal pblock 48 (length 1) [ 192.306008][T18024] Quota error (device loop9): v2_write_file_info: Can't write info structure [ 192.315049][T18024] EXT4-fs error (device loop9): ext4_acquire_dquot:6986: comm syz.9.5941: Failed to acquire dquot type 0 [ 192.326929][T18024] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 192.336830][T18024] EXT4-fs error (device loop9): ext4_evict_inode:253: inode #11: comm syz.9.5941: mark_inode_dirty error [ 192.353688][T18024] EXT4-fs warning (device loop9): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 192.366113][T18024] EXT4-fs (loop9): 1 orphan inode deleted [ 192.376335][T18037] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 192.388322][T18024] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 192.402504][ T364] EXT4-fs error (device loop9): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 192.443884][ T364] Quota error (device loop9): remove_tree: Can't read quota data block 1 [ 192.452642][ T364] EXT4-fs error (device loop9): ext4_release_dquot:7022: comm kworker/u8:4: Failed to release dquot type 0 [ 192.506466][T14016] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.523367][T14016] EXT4-fs error (device loop9): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 192.551096][T14016] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 192.564375][T14016] EXT4-fs error (device loop9): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error [ 193.289631][T18106] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 193.363240][T18116] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 193.369651][T18116] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 193.454273][T18127] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096 [ 193.665876][T18151] ipvlan0: entered promiscuous mode [ 193.894220][T18162] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096 [ 194.243835][ T29] audit: type=1400 audit(962.228:1602): avc: denied { execute } for pid=18173 comm="syz.5.6009" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=52135 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 194.458116][T18199] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6021'. [ 194.496421][T18203] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6024'. [ 194.547699][T18211] ipvlan0: entered promiscuous mode [ 194.764506][T18238] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6040'. [ 194.806413][T18244] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6043'. [ 194.857262][T18252] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6047'. [ 194.907587][T18256] set_capacity_and_notify: 1 callbacks suppressed [ 194.907606][T18256] loop9: detected capacity change from 0 to 4096 [ 194.929414][T18256] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.040105][T14016] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.338949][T18303] loop3: detected capacity change from 0 to 4096 [ 195.354613][T18303] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.509915][T10100] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.618546][T18333] netlink: 48 bytes leftover after parsing attributes in process `syz.8.6080'. [ 195.671940][T18340] 9p: Bad value for 'rfdno' [ 195.738211][T18352] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 195.745572][T18352] IPv6: NLM_F_CREATE should be set when creating new route [ 195.752951][T18352] IPv6: NLM_F_CREATE should be set when creating new route [ 195.760650][T18352] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 195.877300][T18372] netlink: 48 bytes leftover after parsing attributes in process `syz.3.6100'. [ 195.965270][T18388] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 195.972781][T18388] IPv6: NLM_F_CREATE should be set when creating new route [ 195.980035][T18388] IPv6: NLM_F_CREATE should be set when creating new route [ 195.988101][T18388] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 196.095563][T18405] netlink: 48 bytes leftover after parsing attributes in process `syz.4.6116'. [ 196.172951][ T29] audit: type=1326 audit(964.158:1603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18418 comm="syz.4.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 196.199060][ T29] audit: type=1326 audit(964.178:1604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18418 comm="syz.4.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 196.222039][ T29] audit: type=1326 audit(964.178:1605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18418 comm="syz.4.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 196.245113][ T29] audit: type=1326 audit(964.178:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18418 comm="syz.4.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 196.268648][ T29] audit: type=1326 audit(964.178:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18418 comm="syz.4.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 196.292340][ T29] audit: type=1326 audit(964.178:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18418 comm="syz.4.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 196.367213][T18432] loop3: detected capacity change from 0 to 128 [ 196.547539][T18456] loop9: detected capacity change from 0 to 1024 [ 196.562673][T18456] EXT4-fs: Ignoring removed orlov option [ 196.578701][T18456] EXT4-fs: Ignoring removed bh option [ 196.600843][T18456] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 196.619728][T18456] EXT4-fs error (device loop9): __ext4_remount:6789: comm syz.9.6139: Abort forced by user [ 196.631593][T18456] EXT4-fs (loop9): Remounting filesystem read-only [ 196.638449][T18456] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 196.666011][T14016] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.781310][T18482] 9p: Could not find request transport: 0x0000000000000004 [ 196.821847][T18488] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6152'. [ 196.968542][T18506] loop8: detected capacity change from 0 to 1024 [ 196.975345][T18506] EXT4-fs: Ignoring removed orlov option [ 196.981586][T18506] EXT4-fs: Ignoring removed bh option [ 197.007301][T18509] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 197.019889][T18506] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 197.035866][T18506] EXT4-fs error (device loop8): __ext4_remount:6789: comm syz.8.6160: Abort forced by user [ 197.046591][T18506] EXT4-fs (loop8): Remounting filesystem read-only [ 197.053155][T18506] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 197.072564][T14009] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.121172][T18519] 9p: Could not find request transport: 0x0000000000000004 [ 197.309631][T18535] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6172'. [ 197.333952][T18537] netlink: 'syz.4.6173': attribute type 2 has an invalid length. [ 197.446644][T18548] 9p: Could not find request transport: 0x0000000000000004 [ 197.550189][T18565] veth1_vlan: left allmulticast mode [ 197.555903][T18565] macvlan0: left allmulticast mode [ 197.563564][T18565] netlink: 'syz.3.6186': attribute type 2 has an invalid length. [ 197.645379][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 197.645397][ T29] audit: type=1400 audit(965.628:1627): avc: denied { nlmsg_read } for pid=18572 comm="syz.5.6190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 197.672456][ T29] audit: type=1400 audit(965.628:1628): avc: denied { audit_write } for pid=18572 comm="syz.5.6190" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 197.693647][ T29] audit: type=1107 audit(965.628:1629): pid=18572 uid=0 auid=0 ses=1 subj=root:sysadm_r:sysadm_t msg='' [ 197.705433][ T29] audit: type=1400 audit(965.648:1630): avc: denied { mounton } for pid=18574 comm="syz.5.6191" path=2F3639372FE91F7189591E9233614B dev="tmpfs" ino=3599 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 197.895199][T18586] loop8: detected capacity change from 0 to 512 [ 197.903227][T18586] EXT4-fs: Ignoring removed oldalloc option [ 197.911603][T18586] EXT4-fs error (device loop8): ext4_iget_extra_inode:5073: inode #15: comm syz.8.6196: corrupted in-inode xattr: invalid ea_ino [ 197.936505][T18586] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.6196: couldn't read orphan inode 15 (err -117) [ 197.949871][T18586] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 197.974635][T18593] netlink: 'syz.9.6198': attribute type 2 has an invalid length. [ 197.978455][T18586] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #13: comm syz.8.6196: invalid indirect mapped block 234881024 (level 0) [ 198.013402][T14009] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.023805][T18595] sctp: [Deprecated]: syz.9.6200 (pid 18595) Use of int in max_burst socket option. [ 198.023805][T18595] Use struct sctp_assoc_value instead [ 198.201247][ T29] audit: type=1107 audit(966.188:1631): pid=18609 uid=0 auid=0 ses=2 subj=root:sysadm_r:sysadm_t msg='' [ 198.327842][T18614] bond1: entered promiscuous mode [ 198.336091][T18614] 8021q: adding VLAN 0 to HW filter on device bond1 [ 198.345065][T18614] team0: Port device bond1 added [ 198.393666][T18623] loop9: detected capacity change from 0 to 512 [ 198.402000][T18623] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem [ 198.424206][T18623] EXT4-fs error (device loop9): ext4_validate_block_bitmap:432: comm syz.9.6212: bg 0: block 104: invalid block bitmap [ 198.438034][T18623] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 198.447278][T18623] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #11: comm syz.9.6212: invalid indirect mapped block 1 (level 1) [ 198.461042][T18623] EXT4-fs (loop9): 1 truncate cleaned up [ 198.467139][T18623] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.519018][T14016] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.527451][T18632] sctp: [Deprecated]: syz.8.6225 (pid 18632) Use of int in max_burst socket option. [ 198.527451][T18632] Use struct sctp_assoc_value instead [ 198.618861][ T29] audit: type=1400 audit(966.608:1632): avc: denied { wake_alarm } for pid=18640 comm="syz.3.6218" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 198.668373][T18647] loop9: detected capacity change from 0 to 128 [ 198.689975][T18647] EXT4-fs: Ignoring removed nobh option [ 198.698118][ T29] audit: type=1400 audit(966.668:1633): avc: denied { ioctl } for pid=18644 comm="syz.4.6220" path="socket:[53849]" dev="sockfs" ino=53849 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 198.722630][ T29] audit: type=1400 audit(966.668:1634): avc: denied { bind } for pid=18648 comm="syz.3.6222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 198.742223][ T29] audit: type=1400 audit(966.668:1635): avc: denied { name_bind } for pid=18648 comm="syz.3.6222" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 198.763110][ T29] audit: type=1400 audit(966.668:1636): avc: denied { node_bind } for pid=18648 comm="syz.3.6222" saddr=fc01:: src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 198.798020][T18651] loop5: detected capacity change from 0 to 512 [ 198.834094][T18651] EXT4-fs: Ignoring removed oldalloc option [ 198.851930][T18651] EXT4-fs error (device loop5): ext4_iget_extra_inode:5073: inode #15: comm syz.5.6219: corrupted in-inode xattr: invalid ea_ino [ 198.852279][T18647] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 198.878795][T18651] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.6219: couldn't read orphan inode 15 (err -117) [ 198.908476][T18651] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 198.939612][T18651] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.6219: invalid indirect mapped block 234881024 (level 0) [ 198.960479][T14016] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 199.021669][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.158114][T18677] sctp: [Deprecated]: syz.4.6232 (pid 18677) Use of int in max_burst socket option. [ 199.158114][T18677] Use struct sctp_assoc_value instead [ 199.206373][T18681] loop9: detected capacity change from 0 to 1024 [ 199.225441][T18681] EXT4-fs: Ignoring removed mblk_io_submit option [ 199.264143][T18681] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 199.332879][T18681] EXT4-fs error (device loop9): ext4_map_blocks:825: inode #15: block 3: comm syz.9.6234: lblock 3 mapped to illegal pblock 3 (length 3) [ 199.357453][T18681] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 199.370155][T18681] EXT4-fs (loop9): This should not happen!! Data will be lost [ 199.370155][T18681] [ 199.413295][ T52] EXT4-fs error (device loop9): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:3: lblock 8 mapped to illegal pblock 8 (length 5) [ 199.446846][ T52] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 5 with error 117 [ 199.459479][ T52] EXT4-fs (loop9): This should not happen!! Data will be lost [ 199.459479][ T52] [ 199.470353][ T52] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 112: padding at end of block bitmap is not set [ 199.494339][ T52] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 117 [ 199.507302][ T52] EXT4-fs (loop9): This should not happen!! Data will be lost [ 199.507302][ T52] [ 199.544335][T14016] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 199.709718][T18729] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 199.876744][T14016] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.940743][T18747] can0: slcan on ttyS3. [ 199.952254][T18748] set_capacity_and_notify: 1 callbacks suppressed [ 199.952273][T18748] loop5: detected capacity change from 0 to 1024 [ 199.979313][T18748] EXT4-fs: Ignoring removed mblk_io_submit option [ 200.013032][T18748] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 200.036131][T18747] can0 (unregistered): slcan off ttyS3. [ 200.061694][T18748] EXT4-fs error (device loop5): ext4_map_blocks:825: inode #15: block 3: comm syz.5.6265: lblock 3 mapped to illegal pblock 3 (length 3) [ 200.105669][T18748] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 200.118308][T18748] EXT4-fs (loop5): This should not happen!! Data will be lost [ 200.118308][T18748] [ 200.128550][T18768] program syz.9.6273 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 200.271532][ T2321] EXT4-fs error (device loop5): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:6: lblock 8 mapped to illegal pblock 8 (length 5) [ 200.288276][ T2321] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 5 with error 117 [ 200.300748][ T2321] EXT4-fs (loop5): This should not happen!! Data will be lost [ 200.300748][ T2321] [ 200.318119][ T2321] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 112: padding at end of block bitmap is not set [ 200.347971][ T2321] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 117 [ 200.360700][ T2321] EXT4-fs (loop5): This should not happen!! Data will be lost [ 200.360700][ T2321] [ 200.388416][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 200.426712][T18785] loop8: detected capacity change from 0 to 128 [ 200.436193][T18785] EXT4-fs: Ignoring removed nobh option [ 200.505634][T10100] cgroup: fork rejected by pids controller in /syz3 [ 200.533457][T18785] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 200.571528][T14009] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 201.260027][T18854] loop5: detected capacity change from 0 to 128 [ 201.289768][T18854] EXT4-fs: Ignoring removed nobh option [ 201.311466][T18854] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 201.377452][ T9223] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 201.435093][T18834] chnl_net:caif_netlink_parms(): no params data found [ 201.530717][T18834] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.538033][T18834] bridge0: port 1(bridge_slave_0) entered disabled state [ 201.546142][T18876] loop5: detected capacity change from 0 to 1024 [ 201.559373][T18834] bridge_slave_0: entered allmulticast mode [ 201.566287][T18834] bridge_slave_0: entered promiscuous mode [ 201.573510][T18834] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.580664][T18834] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.588029][T18834] bridge_slave_1: entered allmulticast mode [ 201.594779][T18834] bridge_slave_1: entered promiscuous mode [ 201.602106][T18876] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.613431][T18834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 201.629223][T18834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 201.660916][T18834] team0: Port device team_slave_0 added [ 201.671354][T18834] team0: Port device team_slave_1 added [ 201.688257][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.702734][T18834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 201.709774][T18834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 201.736033][T18834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.748949][T18834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 201.756077][T18834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 201.782928][T18834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 201.815280][T18834] hsr_slave_0: entered promiscuous mode [ 201.821639][T18834] hsr_slave_1: entered promiscuous mode [ 201.827583][T18834] debugfs: 'hsr0' already exists in 'hsr' [ 201.833368][T18834] Cannot create hsr debugfs directory [ 201.860775][T18885] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 201.973160][T18834] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.021280][T18834] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.060721][T18834] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.124721][T18834] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.227496][T18834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 202.239957][T18834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 202.249105][T18834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 202.264272][T18834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 202.356389][T18834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.363197][T14016] cgroup: fork rejected by pids controller in /syz9 [ 202.369780][T18834] 8021q: adding VLAN 0 to HW filter on device team0 [ 202.380492][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.387671][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 202.414823][T18834] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 202.425437][T18834] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 202.439074][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.446398][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 202.536771][T18834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 202.685574][T18956] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18956 comm=syz.4.6347 [ 202.710799][T18834] veth0_vlan: entered promiscuous mode [ 202.729485][T18834] veth1_vlan: entered promiscuous mode [ 202.775011][T18834] veth0_macvtap: entered promiscuous mode [ 202.785143][T14009] cgroup: fork rejected by pids controller in /syz8 [ 202.799791][ T29] kauditd_printk_skb: 26 callbacks suppressed [ 202.799833][ T29] audit: type=1326 audit(970.778:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18961 comm="syz.4.6351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 202.818765][T18834] veth1_macvtap: entered promiscuous mode [ 202.829301][ T29] audit: type=1326 audit(970.778:1664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18961 comm="syz.4.6351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 202.858744][ T29] audit: type=1326 audit(970.778:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18961 comm="syz.4.6351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 202.873433][T18834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 202.881807][ T29] audit: type=1326 audit(970.778:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18961 comm="syz.4.6351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 202.912393][ T29] audit: type=1326 audit(970.778:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18961 comm="syz.4.6351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 202.935398][ T29] audit: type=1326 audit(970.788:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18961 comm="syz.4.6351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 202.952284][T18834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 202.958567][ T29] audit: type=1326 audit(970.788:1669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18961 comm="syz.4.6351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 202.970897][ T52] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.988874][ T29] audit: type=1326 audit(970.788:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18961 comm="syz.4.6351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 203.061404][ T29] audit: type=1326 audit(970.888:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18961 comm="syz.4.6351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 203.084597][ T29] audit: type=1326 audit(970.888:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18961 comm="syz.4.6351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 203.113406][ T37] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.166898][ T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.198789][ T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.387068][T18991] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 203.475327][T18965] chnl_net:caif_netlink_parms(): no params data found [ 203.632544][T19008] netlink: 7 bytes leftover after parsing attributes in process `syz.3.6362'. [ 203.652616][ T37] bridge_slave_1: left promiscuous mode [ 203.658374][ T37] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.691421][ T37] bridge_slave_0: left allmulticast mode [ 203.697110][ T37] bridge_slave_0: left promiscuous mode [ 203.702846][ T37] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.871258][ T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 203.891219][ T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 203.903504][ T37] bond0 (unregistering): Released all slaves [ 203.917376][T18965] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.924886][T18965] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.949370][T18965] bridge_slave_0: entered allmulticast mode [ 203.958413][T18965] bridge_slave_0: entered promiscuous mode [ 203.975836][T18965] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.982997][T18965] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.990632][T18965] bridge_slave_1: entered allmulticast mode [ 204.029731][T18965] bridge_slave_1: entered promiscuous mode [ 204.097319][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 204.105013][ T37] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 204.166976][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 204.174636][ T37] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 204.269438][ T37] veth1_macvtap: left promiscuous mode [ 204.279604][ T37] veth0_macvtap: left promiscuous mode [ 204.285151][ T37] veth1_vlan: left promiscuous mode [ 204.413185][ T37] team0 (unregistering): Port device team_slave_1 removed [ 204.424364][ T37] team0 (unregistering): Port device team_slave_0 removed [ 204.479205][T18965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 204.513502][T18965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.548549][T18965] team0: Port device team_slave_0 added [ 204.565557][T18965] team0: Port device team_slave_1 added [ 204.628281][T18965] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 204.635278][T18965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 204.661542][T18965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 204.672635][T19052] netlink: 71 bytes leftover after parsing attributes in process `syz.3.6377'. [ 204.673623][T18965] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 204.688837][T18965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 204.715392][T18965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 204.729375][T19048] netlink: 7 bytes leftover after parsing attributes in process `syz.5.6375'. [ 204.779005][T18993] chnl_net:caif_netlink_parms(): no params data found [ 204.803914][T18965] hsr_slave_0: entered promiscuous mode [ 204.810144][T18965] hsr_slave_1: entered promiscuous mode [ 204.816686][ T37] IPVS: stop unused estimator thread 0... [ 204.928710][ T37] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.967331][T18993] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.974633][T18993] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.984330][T18993] bridge_slave_0: entered allmulticast mode [ 204.991774][T18993] bridge_slave_0: entered promiscuous mode [ 205.000203][T18993] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.007451][T18993] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.014873][T18993] bridge_slave_1: entered allmulticast mode [ 205.025182][T18993] bridge_slave_1: entered promiscuous mode [ 205.045921][ T37] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.061473][T19086] netlink: 7 bytes leftover after parsing attributes in process `syz.4.6392'. [ 205.097217][T19090] netlink: 71 bytes leftover after parsing attributes in process `syz.4.6395'. [ 205.101859][T18993] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.130126][T18993] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.145600][ T37] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.176889][T18965] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.189798][T18993] team0: Port device team_slave_0 added [ 205.196380][T18993] team0: Port device team_slave_1 added [ 205.209308][ T37] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.225400][T19084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 205.227569][T18993] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 205.241031][T18993] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 205.241343][T19084] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 205.267364][T18993] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 205.293098][T18965] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.306250][T18993] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 205.313390][T18993] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 205.340615][T18993] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.389276][T18993] hsr_slave_0: entered promiscuous mode [ 205.395802][T18993] hsr_slave_1: entered promiscuous mode [ 205.403097][T18993] debugfs: 'hsr0' already exists in 'hsr' [ 205.408859][T18993] Cannot create hsr debugfs directory [ 205.417952][T18965] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.442341][ T37] bridge_slave_1: left allmulticast mode [ 205.448132][ T37] bridge_slave_1: left promiscuous mode [ 205.453866][ T37] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.461569][ T37] bridge_slave_0: left allmulticast mode [ 205.467212][ T37] bridge_slave_0: left promiscuous mode [ 205.473172][ T37] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.561137][ T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 205.571428][ T37] bond0 (unregistering): (slave c@0Ù): Releasing backup interface [ 205.580825][ T37] bond0 (unregistering): Released all slaves [ 205.594986][T18965] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.640549][ T37] hsr_slave_0: left promiscuous mode [ 205.646246][ T37] hsr_slave_1: left promiscuous mode [ 205.651939][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 205.659673][ T37] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 205.667372][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 205.674948][ T37] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 205.685170][ T37] veth1_macvtap: left promiscuous mode [ 205.691067][ T37] veth0_macvtap: left promiscuous mode [ 205.696713][ T37] veth1_vlan: left promiscuous mode [ 205.702104][ T37] veth0_vlan: left promiscuous mode [ 205.764463][ T37] team0 (unregistering): Port device team_slave_1 removed [ 205.774356][ T37] team0 (unregistering): Port device team_slave_0 removed [ 205.854111][T18965] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 205.863326][T18965] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 205.888177][T18965] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 205.910184][T18965] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 206.032383][T18965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.045600][T18965] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.055729][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.062900][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.084272][ T1569] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.091481][ T1569] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.165812][T19147] netlink: 71 bytes leftover after parsing attributes in process `syz.5.6406'. [ 206.258820][T18965] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.545212][T18965] veth0_vlan: entered promiscuous mode [ 206.554145][T18965] veth1_vlan: entered promiscuous mode [ 206.572078][T18965] veth0_macvtap: entered promiscuous mode [ 206.580170][T18965] veth1_macvtap: entered promiscuous mode [ 206.590854][T18965] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 206.602159][T18965] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 206.613478][ T31] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.623633][ T31] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.626814][T19177] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 206.633511][ T31] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.642832][T19177] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 206.650288][ T31] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.708126][T18993] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 206.719605][T18993] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 206.733684][T18993] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 206.747088][T18993] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 206.841509][T18993] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.859885][T18993] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.870367][T14237] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.877523][T14237] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.904628][T14237] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.912041][T14237] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.006608][T18993] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 207.203823][T18993] veth0_vlan: entered promiscuous mode [ 207.217664][T18993] veth1_vlan: entered promiscuous mode [ 207.236458][T18993] veth0_macvtap: entered promiscuous mode [ 207.266966][T18993] veth1_macvtap: entered promiscuous mode [ 207.293140][T18993] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 207.310339][T18993] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 207.326952][ T364] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.360134][ T364] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.374567][ T364] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.404293][ T364] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.615850][T19266] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 207.624533][T19266] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 207.749991][T19297] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6451'. [ 208.617335][T19370] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6481'. [ 208.626758][T19370] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 208.705182][T19378] wireguard0: entered promiscuous mode [ 208.710864][T19378] wireguard0: entered allmulticast mode [ 208.857931][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 208.858029][ T29] audit: type=1326 audit(976.838:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19399 comm="syz.9.6494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 208.877696][T19403] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6496'. [ 208.889035][ T29] audit: type=1326 audit(976.848:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19399 comm="syz.9.6494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 208.896885][T19403] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 208.920263][ T29] audit: type=1326 audit(976.848:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19399 comm="syz.9.6494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 208.920313][ T29] audit: type=1326 audit(976.848:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19399 comm="syz.9.6494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 208.973263][ T29] audit: type=1326 audit(976.848:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19399 comm="syz.9.6494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 208.977358][T19407] netlink: 'syz.4.6498': attribute type 3 has an invalid length. [ 208.997014][ T29] audit: type=1326 audit(976.848:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19399 comm="syz.9.6494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 209.028085][ T29] audit: type=1326 audit(976.848:1698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19399 comm="syz.9.6494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 209.052115][ T29] audit: type=1326 audit(976.848:1699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19399 comm="syz.9.6494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 209.065122][T19408] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6497'. [ 209.075942][ T29] audit: type=1326 audit(976.848:1700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19399 comm="syz.9.6494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 209.117144][T19408] netlink: 24 bytes leftover after parsing attributes in process `syz.9.6497'. [ 209.255488][T19421] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6505'. [ 209.353964][T19429] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6518'. [ 209.510835][T19434] loop9: detected capacity change from 0 to 256 [ 209.676705][ T29] audit: type=1326 audit(977.658:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19447 comm="syz.5.6517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 209.715781][T19452] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6520'. [ 209.759179][T19458] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6530'. [ 209.774958][T19458] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6530'. [ 209.792797][T19462] netlink: 'syz.3.6534': attribute type 3 has an invalid length. [ 209.865439][T19475] program syz.3.6529 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 209.876672][T19478] loop5: detected capacity change from 0 to 256 [ 209.912218][T19480] loop3: detected capacity change from 0 to 1024 [ 209.931251][T19480] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 209.978975][T19480] EXT4-fs: Ignoring sb option on remount [ 209.984839][T19480] EXT4-fs (loop3): stripe (249) is not aligned with cluster size (16), stripe is disabled [ 210.010685][T19480] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 210.060499][T18834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.191980][T19507] loop3: detected capacity change from 0 to 128 [ 210.253385][T19509] bio_check_eod: 219 callbacks suppressed [ 210.253405][T19509] syz.3.6544: attempt to access beyond end of device [ 210.253405][T19509] loop3: rw=1, sector=145, nr_sectors = 16 limit=128 [ 210.272952][T19509] syz.3.6544: attempt to access beyond end of device [ 210.272952][T19509] loop3: rw=1, sector=169, nr_sectors = 8 limit=128 [ 210.286758][T19509] syz.3.6544: attempt to access beyond end of device [ 210.286758][T19509] loop3: rw=1, sector=185, nr_sectors = 8 limit=128 [ 210.300613][T19509] syz.3.6544: attempt to access beyond end of device [ 210.300613][T19509] loop3: rw=1, sector=201, nr_sectors = 8 limit=128 [ 210.314269][T19509] syz.3.6544: attempt to access beyond end of device [ 210.314269][T19509] loop3: rw=1, sector=217, nr_sectors = 8 limit=128 [ 210.327897][T19509] syz.3.6544: attempt to access beyond end of device [ 210.327897][T19509] loop3: rw=1, sector=233, nr_sectors = 8 limit=128 [ 210.341255][T19509] syz.3.6544: attempt to access beyond end of device [ 210.341255][T19509] loop3: rw=1, sector=249, nr_sectors = 8 limit=128 [ 210.354501][T19509] syz.3.6544: attempt to access beyond end of device [ 210.354501][T19509] loop3: rw=1, sector=265, nr_sectors = 8 limit=128 [ 210.368034][T19509] syz.3.6544: attempt to access beyond end of device [ 210.368034][T19509] loop3: rw=1, sector=281, nr_sectors = 8 limit=128 [ 210.381580][T19509] syz.3.6544: attempt to access beyond end of device [ 210.381580][T19509] loop3: rw=1, sector=297, nr_sectors = 8 limit=128 [ 210.425772][T19513] loop9: detected capacity change from 0 to 256 [ 210.886476][T19549] loop8: detected capacity change from 0 to 1024 [ 210.901309][T19549] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none. [ 210.915741][T19549] netlink: 20 bytes leftover after parsing attributes in process `syz.8.6572'. [ 210.957428][T18993] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 211.011369][T19562] loop5: detected capacity change from 0 to 1024 [ 211.018625][T19562] EXT4-fs: Ignoring removed bh option [ 211.024548][T19562] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 211.039497][T19562] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.088954][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.497204][T19593] loop5: detected capacity change from 0 to 128 [ 211.763514][T14237] buffer_io_error: 4531 callbacks suppressed [ 211.763533][T14237] Buffer I/O error on dev loop5, logical block 696, lost async page write [ 212.376194][T19656] loop9: detected capacity change from 0 to 2048 [ 212.432620][T19656] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 212.451839][T19656] EXT4-fs error (device loop9): ext4_find_extent:939: inode #2: comm syz.9.6607: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 212.522322][T19656] EXT4-fs (loop9): Remounting filesystem read-only [ 212.541882][T18965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.651853][T19673] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6615'. [ 212.669412][T19675] loop9: detected capacity change from 0 to 1024 [ 212.689995][T19675] EXT4-fs: Ignoring removed oldalloc option [ 212.696247][T19675] EXT4-fs: Ignoring removed bh option [ 212.753680][T19675] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 212.868198][T18965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.167358][T19718] bridge0: entered promiscuous mode [ 213.208097][T19719] EXT4-fs: Ignoring removed oldalloc option [ 213.214229][T19719] EXT4-fs: Ignoring removed bh option [ 213.218365][T19718] macvlan2: entered promiscuous mode [ 213.308463][T19719] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 213.390407][T18993] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.614447][ T3427] Process accounting resumed [ 213.671691][T19755] EXT4-fs: Ignoring removed oldalloc option [ 213.677788][T19755] EXT4-fs: Ignoring removed bh option [ 213.722502][T19755] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 213.761105][T18834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.106035][ T3427] Process accounting resumed [ 214.238517][T19787] macvlan2: entered promiscuous mode [ 214.244075][T19787] bridge0: entered promiscuous mode [ 214.621242][ T3427] Process accounting resumed [ 214.626619][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 214.626636][ T29] audit: type=1400 audit(982.608:1721): avc: denied { write } for pid=19810 comm="syz.9.6681" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 214.717496][T19820] bridge0: entered promiscuous mode [ 214.723404][T19820] macvlan2: entered promiscuous mode [ 214.737579][ T29] audit: type=1326 audit(982.718:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19817 comm="syz.3.6673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 214.760952][ T29] audit: type=1326 audit(982.718:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19817 comm="syz.3.6673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 214.784385][ T29] audit: type=1326 audit(982.718:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19817 comm="syz.3.6673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 214.808109][ T29] audit: type=1326 audit(982.718:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19817 comm="syz.3.6673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 214.831448][ T29] audit: type=1326 audit(982.718:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19817 comm="syz.3.6673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f247c6bac22 code=0x7ffc0000 [ 214.854872][ T29] audit: type=1326 audit(982.718:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19817 comm="syz.3.6673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f247c6bac22 code=0x7ffc0000 [ 214.878255][ T29] audit: type=1326 audit(982.718:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19817 comm="syz.3.6673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 214.901824][ T29] audit: type=1326 audit(982.718:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19817 comm="syz.3.6673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 214.925363][ T29] audit: type=1326 audit(982.718:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19817 comm="syz.3.6673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 216.127416][T19900] __nla_validate_parse: 3 callbacks suppressed [ 216.127436][T19900] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6711'. [ 217.392586][T19980] set_capacity_and_notify: 2 callbacks suppressed [ 217.392603][T19980] loop8: detected capacity change from 0 to 512 [ 217.423107][T19982] loop9: detected capacity change from 0 to 1024 [ 217.430583][T19980] EXT4-fs: Ignoring removed i_version option [ 217.436720][T19980] EXT4-fs: Ignoring removed bh option [ 217.443114][T19982] EXT4-fs: Ignoring removed orlov option [ 217.462029][T19982] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 217.517014][T18965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.524068][T19980] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 217.577161][T18993] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.929098][T20022] netlink: 16186 bytes leftover after parsing attributes in process `syz.8.6761'. [ 217.984731][T14237] Bluetooth: hci0: Frame reassembly failed (-84) [ 218.262858][ C0] vcan0: j1939_tp_rxtimer: 0xffff8881051aa600: rx timeout, send abort [ 218.771327][ C0] vcan0: j1939_tp_rxtimer: 0xffff8881051aa600: abort rx timeout. Force session deactivation [ 218.885885][T20054] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.6776'. [ 218.946340][T20063] loop3: detected capacity change from 0 to 512 [ 218.962584][T20063] EXT4-fs: Ignoring removed i_version option [ 218.968783][T20063] EXT4-fs: Ignoring removed bh option [ 219.009390][T20063] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.064764][T18834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.104765][T20077] batadv_slave_0: entered promiscuous mode [ 219.124871][T20076] batadv_slave_0: left promiscuous mode [ 219.184425][T20087] loop3: detected capacity change from 0 to 1764 [ 219.399476][T20110] loop5: detected capacity change from 0 to 512 [ 219.417535][T20110] EXT4-fs: Ignoring removed i_version option [ 219.423716][T20110] EXT4-fs: Ignoring removed bh option [ 219.429814][T20115] batadv_slave_0: entered promiscuous mode [ 219.443500][T20114] batadv_slave_0: left promiscuous mode [ 219.482337][T20110] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.496239][T20121] bpf: Bad value for 'uid' [ 219.528991][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.594544][T20135] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 219.661042][T20137] loop8: detected capacity change from 0 to 1764 [ 220.008781][T20156] bpf: Bad value for 'uid' [ 220.037884][T20031] Bluetooth: hci0: command 0x1003 tx timeout [ 220.037940][ T5049] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 220.265072][T20189] bpf: Bad value for 'uid' [ 220.639316][ T364] Bluetooth: hci0: Frame reassembly failed (-84) [ 220.857403][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 220.857472][ T29] audit: type=1400 audit(988.838:1760): avc: denied { bind } for pid=20213 comm="syz.8.6845" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 221.111422][ T29] audit: type=1326 audit(989.098:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20240 comm="syz.8.6859" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x0 [ 222.020359][ T29] audit: type=1326 audit(990.008:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20285 comm="syz.5.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 222.048613][ T29] audit: type=1326 audit(990.008:1763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20285 comm="syz.5.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 222.072503][ T29] audit: type=1326 audit(990.008:1764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20285 comm="syz.5.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 222.096391][ T29] audit: type=1326 audit(990.008:1765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20285 comm="syz.5.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 222.119617][ T29] audit: type=1326 audit(990.008:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20285 comm="syz.5.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 222.143211][ T29] audit: type=1326 audit(990.008:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20285 comm="syz.5.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 222.166250][ T29] audit: type=1326 audit(990.008:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20285 comm="syz.5.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 222.189533][ T29] audit: type=1326 audit(990.008:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20285 comm="syz.5.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 222.333424][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811aacd400: rx timeout, send abort [ 222.477077][T20322] loop5: detected capacity change from 0 to 1024 [ 222.509944][T20322] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 222.525685][T20322] EXT4-fs error (device loop5): ext4_map_blocks:825: inode #15: block 3: comm syz.5.6893: lblock 3 mapped to illegal pblock 3 (length 3) [ 222.540358][T20322] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 222.553015][T20322] EXT4-fs (loop5): This should not happen!! Data will be lost [ 222.553015][T20322] [ 222.585763][T14237] EXT4-fs error (device loop5): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:8: lblock 8 mapped to illegal pblock 8 (length 8) [ 222.606836][T14237] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 222.619289][T14237] EXT4-fs (loop5): This should not happen!! Data will be lost [ 222.619289][T14237] [ 222.638722][T20333] netlink: 'syz.8.6896': attribute type 1 has an invalid length. [ 222.656021][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 222.677826][T20031] Bluetooth: hci0: command 0x1003 tx timeout [ 222.683916][ T5049] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 222.841689][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811aacd400: abort rx timeout. Force session deactivation [ 222.928120][ T2321] Bluetooth: hci0: Frame reassembly failed (-84) [ 223.173372][T20373] loop9: detected capacity change from 0 to 764 [ 223.181214][T20373] /dev/loop9: Can't open blockdev [ 223.524490][T20405] loop3: detected capacity change from 0 to 1024 [ 223.565038][T20405] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 223.600492][T18834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.630262][T20416] netlink: 104 bytes leftover after parsing attributes in process `syz.3.6936'. [ 223.660561][T20419] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 33554436, id = 0 [ 223.671201][T20418] IPVS: stopping master sync thread 20419 ... [ 223.729790][T20423] loop3: detected capacity change from 0 to 164 [ 223.738897][T20423] ISOFS: unable to read i-node block [ 223.744254][T20423] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 223.784564][T20425] loop9: detected capacity change from 0 to 1024 [ 223.814043][T20425] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 223.832561][T20425] EXT4-fs error (device loop9): ext4_map_blocks:825: inode #15: block 3: comm syz.9.6940: lblock 3 mapped to illegal pblock 3 (length 3) [ 223.847319][T20425] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 223.859820][T20425] EXT4-fs (loop9): This should not happen!! Data will be lost [ 223.859820][T20425] [ 223.911451][ T31] EXT4-fs error (device loop9): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:1: lblock 8 mapped to illegal pblock 8 (length 8) [ 223.953191][ T31] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 223.965848][ T31] EXT4-fs (loop9): This should not happen!! Data will be lost [ 223.965848][ T31] [ 223.979560][T18965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 224.088051][T20442] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 33554436, id = 0 [ 224.088169][T20437] IPVS: stopping master sync thread 20442 ... [ 224.178970][T20453] loop5: detected capacity change from 0 to 1024 [ 224.209454][T20453] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 224.236986][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.272397][T20462] netlink: 'syz.3.6965': attribute type 8 has an invalid length. [ 224.280563][T20462] netem: change failed [ 224.619400][ C1] vcan0: j1939_tp_rxtimer: 0xffff88811aade800: rx timeout, send abort [ 224.997769][T20031] Bluetooth: hci0: command 0x1003 tx timeout [ 224.997841][ T5049] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 225.127661][ C1] vcan0: j1939_tp_rxtimer: 0xffff88811aade800: abort rx timeout. Force session deactivation [ 225.212909][T20491] loop8: detected capacity change from 0 to 164 [ 225.240644][T20491] ISOFS: unable to read i-node block [ 225.246107][T20491] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 225.403494][T20515] loop9: detected capacity change from 0 to 512 [ 225.419850][T20515] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 225.479060][T20515] EXT4-fs (loop9): 1 truncate cleaned up [ 225.492542][T20515] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 225.535607][T18965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.624057][T20523] sch_fq: defrate 0 ignored. [ 225.660530][T20529] loop5: detected capacity change from 0 to 256 [ 225.693673][T20529] Invalid ELF header magic: != ELF [ 225.784471][T20543] loop9: detected capacity change from 0 to 164 [ 225.812665][T20543] ISOFS: unable to read i-node block [ 225.818172][T20543] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 225.882417][ T29] kauditd_printk_skb: 43 callbacks suppressed [ 225.882437][ T29] audit: type=1326 audit(993.868:1813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20555 comm="syz.5.6994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 225.921315][ T29] audit: type=1326 audit(993.868:1814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20555 comm="syz.5.6994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1a9e3eb78e code=0x7ffc0000 [ 225.944573][ T29] audit: type=1326 audit(993.868:1815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20555 comm="syz.5.6994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 225.967802][ T29] audit: type=1326 audit(993.868:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20555 comm="syz.5.6994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 225.969589][T20560] sch_fq: defrate 0 ignored. [ 225.991093][ T29] audit: type=1326 audit(993.868:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20555 comm="syz.5.6994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 226.039144][ T29] audit: type=1326 audit(993.978:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20555 comm="syz.5.6994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 226.062457][ T29] audit: type=1326 audit(993.978:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20555 comm="syz.5.6994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9e42aeb9 code=0x7ffc0000 [ 226.196923][T20565] Invalid ELF header magic: != ELF [ 226.267581][T20592] sch_fq: defrate 0 ignored. [ 226.311713][ T29] audit: type=1326 audit(994.298:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20598 comm="syz.4.7016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 226.335341][ T29] audit: type=1326 audit(994.298:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20598 comm="syz.4.7016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 226.358935][ T29] audit: type=1326 audit(994.298:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20598 comm="syz.4.7016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f560314b78e code=0x7ffc0000 [ 226.430323][T20613] bpf: Bad value for 'gid' [ 226.582738][T20632] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.589946][T20632] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.215502][T20649] netlink: 20 bytes leftover after parsing attributes in process `syz.8.7037'. [ 227.224815][T20649] netlink: 64 bytes leftover after parsing attributes in process `syz.8.7037'. [ 227.254471][T20649] netlink: 20 bytes leftover after parsing attributes in process `syz.8.7037'. [ 227.263817][T20649] netlink: 64 bytes leftover after parsing attributes in process `syz.8.7037'. [ 227.513807][T20682] netlink: 'syz.5.7054': attribute type 10 has an invalid length. [ 227.522028][T20682] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7054'. [ 227.534981][T20682] bridge0: Device is already in use. [ 227.707279][T20705] bpf: Bad value for 'gid' [ 227.835534][T20716] set_capacity_and_notify: 1 callbacks suppressed [ 227.835553][T20716] loop8: detected capacity change from 0 to 1764 [ 227.858040][T20716] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 227.870381][T20716] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 227.919866][T20718] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7072'. [ 227.929450][T20718] netlink: 64 bytes leftover after parsing attributes in process `syz.5.7072'. [ 227.949125][T20718] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7072'. [ 227.958172][T20718] netlink: 64 bytes leftover after parsing attributes in process `syz.5.7072'. [ 228.239173][T20752] option changes via remount are deprecated (pid=20751 comm=syz.9.7082) [ 228.556051][T20773] loop3: detected capacity change from 0 to 1024 [ 228.591057][T20773] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 228.632968][T18834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.750485][T20792] program syz.3.7103 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 229.776692][T20847] loop5: detected capacity change from 0 to 1764 [ 229.805503][T20847] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 229.849482][T20847] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 229.865208][T20856] __nla_validate_parse: 4 callbacks suppressed [ 229.865225][T20856] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7130'. [ 230.247582][T20883] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7145'. [ 230.510501][T20918] netlink: 48 bytes leftover after parsing attributes in process `syz.8.7160'. [ 230.906715][ T29] kauditd_printk_skb: 20 callbacks suppressed [ 230.906734][ T29] audit: type=1326 audit(1004.889:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20952 comm="syz.8.7175" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x0 [ 231.000442][T20967] sctp: [Deprecated]: syz.8.7181 (pid 20967) Use of struct sctp_assoc_value in delayed_ack socket option. [ 231.000442][T20967] Use struct sctp_sack_info instead [ 231.495234][T20991] bond1 (unregistering): Released all slaves [ 231.562147][T21000] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7197'. [ 231.571912][T21000] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7197'. [ 231.623555][ T29] audit: type=1400 audit(1005.609:1844): avc: denied { getopt } for pid=21003 comm="syz.4.7199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 231.732660][T21023] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7209'. [ 231.765575][T21023] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7209'. [ 231.817895][T21027] bond3 (unregistering): Released all slaves [ 231.894366][T21034] loop5: detected capacity change from 0 to 128 [ 231.942796][T21037] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7213'. [ 232.019766][T21049] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14385 sclass=netlink_route_socket pid=21049 comm=syz.5.7219 [ 232.113852][T21061] loop9: detected capacity change from 0 to 128 [ 232.147800][T21065] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7237'. [ 232.184475][T21070] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7229'. [ 232.540990][ T29] audit: type=1326 audit(1006.529:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21075 comm="syz.9.7241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 232.543126][ T3392] kernel write not supported for file /1978/loginuid (pid: 3392 comm: kworker/0:4) [ 232.564404][ T29] audit: type=1326 audit(1006.529:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21075 comm="syz.9.7241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 232.603107][ T29] audit: type=1326 audit(1006.589:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21075 comm="syz.9.7241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 232.626304][ T29] audit: type=1326 audit(1006.589:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21075 comm="syz.9.7241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 232.649882][ T29] audit: type=1326 audit(1006.589:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21075 comm="syz.9.7241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 232.673259][ T29] audit: type=1326 audit(1006.589:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21075 comm="syz.9.7241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 232.697666][ T29] audit: type=1326 audit(1006.589:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21075 comm="syz.9.7241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 232.721023][ T29] audit: type=1326 audit(1006.589:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21075 comm="syz.9.7241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 232.776391][T21086] af_packet: tpacket_rcv: packet too big, clamped from 70 to 4294967286. macoff=82 [ 233.031136][T21126] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14385 sclass=netlink_route_socket pid=21126 comm=syz.9.7255 [ 233.073334][ T3392] kernel write not supported for file /378/loginuid (pid: 3392 comm: kworker/0:4) [ 233.134941][T21140] 9p: Bad value for 'rfdno' [ 233.165230][T21142] syzkaller0: tun_chr_ioctl cmd 1074025681 [ 233.215806][T21150] netlink: 'syz.4.7267': attribute type 10 has an invalid length. [ 233.228279][T21150] bond0: option arp_all_targets: invalid value (196616) [ 233.234195][T21152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 233.246167][T21152] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 233.312409][T21161] loop5: detected capacity change from 0 to 512 [ 233.325314][T21161] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 233.334497][T21161] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 233.344047][T21161] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 233.354211][T21161] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 233.362558][T21161] System zones: 0-2, 18-18, 34-35 [ 233.368415][T21161] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.395615][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.838354][T21192] syzkaller0: tun_chr_ioctl cmd 1074025681 [ 233.924207][T21199] loop8: detected capacity change from 0 to 512 [ 233.931583][T21199] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended [ 233.940835][T21199] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem [ 233.958740][T21199] EXT4-fs (loop8): warning: mounting unchecked fs, running e2fsck is recommended [ 233.978294][T21199] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 233.987828][T21199] System zones: 0-2, 18-18, 34-35 [ 233.995947][T21199] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 234.030324][T18993] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.063326][T21205] loop3: detected capacity change from 0 to 512 [ 234.070561][T21205] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 234.079737][T21205] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 234.091943][T21205] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 234.111036][T21205] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 234.122222][T21205] System zones: 0-2, 18-18, 34-35 [ 234.128430][T21205] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 234.155298][T18834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.310253][T21232] loop9: detected capacity change from 0 to 1024 [ 234.320910][T21232] EXT4-fs: Ignoring removed oldalloc option [ 234.327076][T21232] EXT4-fs: Ignoring removed bh option [ 234.384597][T21232] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 234.414881][T21246] netlink: 'syz.5.7307': attribute type 14 has an invalid length. [ 234.541820][T18965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.935612][T21316] loop8: detected capacity change from 0 to 512 [ 234.944950][T21316] EXT4-fs: Ignoring removed bh option [ 234.957464][T21316] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem [ 234.967307][T21316] EXT4-fs (loop8): 1 truncate cleaned up [ 234.973916][T21316] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 235.089282][T18993] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.224576][T21345] loop3: detected capacity change from 0 to 1024 [ 235.234223][T21345] EXT4-fs: Ignoring removed oldalloc option [ 235.240454][T21345] EXT4-fs: Ignoring removed bh option [ 235.278062][T21345] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 235.323082][T21357] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 235.349608][T21357] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 235.423232][T18834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.459980][T21368] netlink: 'syz.3.7363': attribute type 14 has an invalid length. [ 235.783742][T21397] loop8: detected capacity change from 0 to 1024 [ 235.803066][T21397] EXT4-fs: Ignoring removed oldalloc option [ 235.809136][T21397] EXT4-fs: Ignoring removed bh option [ 235.833851][T21397] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.059362][ T29] audit: type=1326 audit(1010.039:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21415 comm="syz.3.7385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 236.082449][ T29] audit: type=1326 audit(1010.039:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21415 comm="syz.3.7385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 236.106841][ T29] audit: type=1326 audit(1010.039:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21415 comm="syz.3.7385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 236.130290][ T29] audit: type=1326 audit(1010.039:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21415 comm="syz.3.7385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 236.153841][ T29] audit: type=1326 audit(1010.049:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21415 comm="syz.3.7385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 236.176896][ T29] audit: type=1326 audit(1010.049:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21415 comm="syz.3.7385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 236.200488][ T29] audit: type=1326 audit(1010.049:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21415 comm="syz.3.7385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 236.227840][ T29] audit: type=1326 audit(1010.049:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21415 comm="syz.3.7385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 236.248851][T18993] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.251734][ T29] audit: type=1326 audit(1010.049:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21415 comm="syz.3.7385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 236.283859][ T29] audit: type=1326 audit(1010.099:1862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21415 comm="syz.3.7385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c6baeb9 code=0x7ffc0000 [ 236.370346][T21437] loop5: detected capacity change from 0 to 512 [ 236.398292][T21437] EXT4-fs: Ignoring removed bh option [ 236.431629][T21447] loop3: detected capacity change from 0 to 512 [ 236.437904][T21437] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 236.449783][T21437] EXT4-fs (loop5): 1 truncate cleaned up [ 236.455565][T21444] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 236.474088][T21437] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 236.514234][T21447] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.7410: ea_inode with extended attributes [ 236.528955][T21447] EXT4-fs (loop3): Remounting filesystem read-only [ 236.535629][T21447] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -30) [ 236.545304][T21447] EXT4-fs (loop3): 1 orphan inode deleted [ 236.558246][T21447] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 236.629669][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.325878][T18834] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 237.926537][T21577] loop5: detected capacity change from 0 to 7 [ 238.000585][ T3300] Buffer I/O error on dev loop5, logical block 0, async page read [ 238.013142][ T3300] Buffer I/O error on dev loop5, logical block 0, async page read [ 238.023149][ T3300] Buffer I/O error on dev loop5, logical block 0, async page read [ 238.031614][ T3300] Buffer I/O error on dev loop5, logical block 0, async page read [ 238.040181][ T3300] Buffer I/O error on dev loop5, logical block 0, async page read [ 238.250998][T21604] __nla_validate_parse: 7 callbacks suppressed [ 238.251017][T21604] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7476'. [ 238.294449][T21604] vlan3: entered promiscuous mode [ 238.663232][T21632] loop5: detected capacity change from 0 to 7 [ 238.749101][ T3300] Buffer I/O error on dev loop5, logical block 0, async page read [ 238.757361][ T3300] Buffer I/O error on dev loop5, logical block 0, async page read [ 238.765910][ T3300] Buffer I/O error on dev loop5, logical block 0, async page read [ 238.775142][ T3300] Buffer I/O error on dev loop5, logical block 0, async page read [ 238.783605][ T3300] Buffer I/O error on dev loop5, logical block 0, async page read [ 238.916947][T21653] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7498'. [ 238.938024][T21653] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.003371][T21653] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.027211][T21661] netlink: 'syz.5.7502': attribute type 62 has an invalid length. [ 239.084619][T21653] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.166138][T21653] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.192703][T21673] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7509'. [ 239.206754][T21673] vlan4: entered promiscuous mode [ 239.264434][T21681] loop3: detected capacity change from 0 to 128 [ 239.271456][ T1569] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.285363][T21681] bio_check_eod: 213 callbacks suppressed [ 239.285383][T21681] syz.3.7512: attempt to access beyond end of device [ 239.285383][T21681] loop3: rw=2049, sector=138, nr_sectors = 8 limit=128 [ 239.306905][ T1569] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.324833][T21681] syz.3.7512: attempt to access beyond end of device [ 239.324833][T21681] loop3: rw=2049, sector=146, nr_sectors = 8 limit=128 [ 239.350340][ T1569] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.360387][ T31] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.361273][T21681] syz.3.7512: attempt to access beyond end of device [ 239.361273][T21681] loop3: rw=8390657, sector=152, nr_sectors = 2 limit=128 [ 239.388007][T21681] syz.3.7512: attempt to access beyond end of device [ 239.388007][T21681] loop3: rw=2049, sector=170, nr_sectors = 8 limit=128 [ 239.407873][T21681] syz.3.7512: attempt to access beyond end of device [ 239.407873][T21681] loop3: rw=8390657, sector=176, nr_sectors = 2 limit=128 [ 239.424085][T21681] syz.3.7512: attempt to access beyond end of device [ 239.424085][T21681] loop3: rw=2049, sector=178, nr_sectors = 8 limit=128 [ 239.444066][T21681] syz.3.7512: attempt to access beyond end of device [ 239.444066][T21681] loop3: rw=8390657, sector=184, nr_sectors = 2 limit=128 [ 239.460863][T21681] syz.3.7512: attempt to access beyond end of device [ 239.460863][T21681] loop3: rw=2049, sector=202, nr_sectors = 8 limit=128 [ 239.478226][T21681] syz.3.7512: attempt to access beyond end of device [ 239.478226][T21681] loop3: rw=8390657, sector=208, nr_sectors = 2 limit=128 [ 239.501236][T21681] syz.3.7512: attempt to access beyond end of device [ 239.501236][T21681] loop3: rw=2049, sector=210, nr_sectors = 8 limit=128 [ 239.655814][T21710] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7526'. [ 239.668534][T21710] vlan2: entered promiscuous mode [ 239.816712][T21731] netlink: 'syz.9.7536': attribute type 62 has an invalid length. [ 239.900403][T21737] loop9: detected capacity change from 0 to 8192 [ 239.909776][T21737] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 239.921352][T21737] FAT-fs (loop9): error, fat_free_clusters: deleting FAT entry beyond EOF [ 239.930010][T21737] FAT-fs (loop9): Filesystem has been set read-only [ 240.253687][T21755] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7547'. [ 240.389039][T21771] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 240.784332][T21807] program syz.3.7573 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 240.813249][T21811] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7575'. [ 240.952630][T21828] loop8: detected capacity change from 0 to 8192 [ 240.961723][T21828] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 240.968925][T21826] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 240.976055][T21833] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7595'. [ 240.996668][T21828] FAT-fs (loop8): error, fat_free_clusters: deleting FAT entry beyond EOF [ 241.005458][T21828] FAT-fs (loop8): Filesystem has been set read-only [ 241.091064][T21841] netlink: 4768 bytes leftover after parsing attributes in process `syz.5.7589'. [ 241.111544][ T29] kauditd_printk_skb: 47 callbacks suppressed [ 241.111563][ T29] audit: type=1400 audit(1015.089:1910): avc: denied { write } for pid=21842 comm="syz.9.7590" path="socket:[64665]" dev="sockfs" ino=64665 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 241.314187][ T29] audit: type=1326 audit(1015.299:1911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21853 comm="syz.5.7594" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1a9e42aeb9 code=0x0 [ 241.706735][T21872] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 241.890143][T21887] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7610'. [ 241.927088][T21891] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7613'. [ 241.949837][T21891] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.020893][T21891] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.074035][T21891] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.123699][T21891] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.172053][T21906] program syz.8.7619 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 242.198142][T14237] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.214986][T14237] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.223958][T14237] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.248939][T21914] loop8: detected capacity change from 0 to 512 [ 242.275881][T21914] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 242.312841][T21919] loop5: detected capacity change from 0 to 1024 [ 242.327954][ T364] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.337535][T21914] EXT4-fs (loop8): 1 truncate cleaned up [ 242.354036][T21919] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 242.358000][T21914] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 242.364423][T21919] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 242.437886][T21919] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 242.449347][T21919] EXT4-fs error (device loop5): ext4_get_journal_inode:5849: inode #5: comm syz.5.7624: unexpected bad inode w/o EXT4_IGET_BAD [ 242.463288][T21919] EXT4-fs (loop5): no journal found [ 242.463852][T18993] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.468568][T21919] EXT4-fs (loop5): can't get journal size [ 242.486028][T21919] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 242.525641][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.604271][ T29] audit: type=1326 audit(1016.589:1912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21932 comm="syz.9.7631" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f261341aeb9 code=0x0 [ 242.684961][T21943] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.817858][ T29] audit: type=1400 audit(1016.729:1913): avc: denied { unmount } for pid=21945 comm="syz.4.7637" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1 [ 242.931128][T21943] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.003699][T21943] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.060690][T21943] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.128259][ T1569] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 243.139894][ T1569] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 243.151817][ T1569] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 243.184174][ T1569] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 243.323193][ T31] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 243.488247][ T29] audit: type=1400 audit(1017.479:1914): avc: denied { read } for pid=21989 comm="syz.8.7656" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 243.512350][ T29] audit: type=1400 audit(1017.479:1915): avc: denied { open } for pid=21989 comm="syz.8.7656" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 243.544738][ T29] audit: type=1326 audit(1017.499:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.9.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 243.568251][ T29] audit: type=1326 audit(1017.499:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.9.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 243.591862][ T29] audit: type=1326 audit(1017.499:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.9.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 243.615247][ T29] audit: type=1326 audit(1017.499:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.9.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f261341aeb9 code=0x7ffc0000 [ 243.767453][T21997] loop9: detected capacity change from 0 to 512 [ 243.775383][T21997] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 243.787586][T21997] EXT4-fs (loop9): 1 truncate cleaned up [ 243.793901][T21997] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 243.843210][T18965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 245.448394][T14237] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 245.514082][T22062] program syz.8.7686 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 245.704981][ T364] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 245.734044][T22088] loop8: detected capacity change from 0 to 1024 [ 245.751772][T22088] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 245.761668][T22088] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 245.777647][T22088] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 245.789046][T22088] EXT4-fs error (device loop8): ext4_get_journal_inode:5849: inode #5: comm syz.8.7702: unexpected bad inode w/o EXT4_IGET_BAD [ 245.810587][T22088] EXT4-fs (loop8): no journal found [ 245.815983][T22088] EXT4-fs (loop8): can't get journal size [ 245.823612][T22088] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 245.896802][T18993] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 246.147265][ T29] kauditd_printk_skb: 32 callbacks suppressed [ 246.147284][ T29] audit: type=1326 audit(1020.129:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22119 comm="syz.8.7726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 246.179655][ T29] audit: type=1326 audit(1020.169:1953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22119 comm="syz.8.7726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 246.203385][ T29] audit: type=1326 audit(1020.169:1954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22119 comm="syz.8.7726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 246.227448][ T29] audit: type=1326 audit(1020.169:1955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22119 comm="syz.8.7726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 246.250813][ T29] audit: type=1326 audit(1020.169:1956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22119 comm="syz.8.7726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 246.274410][ T29] audit: type=1326 audit(1020.169:1957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22119 comm="syz.8.7726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 246.297586][ T29] audit: type=1326 audit(1020.169:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22119 comm="syz.8.7726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 246.324619][ T29] audit: type=1326 audit(1020.259:1959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22122 comm="syz.4.7714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 246.348108][ T29] audit: type=1326 audit(1020.259:1960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22122 comm="syz.4.7714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 246.371942][ T29] audit: type=1326 audit(1020.259:1961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22122 comm="syz.4.7714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f560318aeb9 code=0x7ffc0000 [ 246.401747][T22132] __nla_validate_parse: 1 callbacks suppressed [ 246.401765][T22132] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7717'. [ 246.435022][T14237] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.487647][T22132] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.516869][T14237] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.583267][T22132] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.610010][T14237] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.680584][T22132] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.735729][T14237] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.789095][T22132] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.873767][T14237] bridge_slave_1: left allmulticast mode [ 246.879591][T14237] bridge_slave_1: left promiscuous mode [ 246.881490][T22182] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7744'. [ 246.885316][T14237] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.943087][T14237] bridge_slave_0: left allmulticast mode [ 246.948879][T14237] bridge_slave_0: left promiscuous mode [ 246.954820][T14237] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.102401][T14237] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 247.115162][T14237] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 247.125110][T14237] bond0 (unregistering): Released all slaves [ 247.136128][T22184] erspan0: entered promiscuous mode [ 247.151136][ T2321] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.178869][ T1569] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.198440][T14237] hsr_slave_0: left promiscuous mode [ 247.204876][T14237] hsr_slave_1: left promiscuous mode [ 247.210677][T14237] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 247.218297][T14237] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 247.225947][T14237] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 247.233681][T14237] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 247.247318][T14237] veth1_macvtap: left promiscuous mode [ 247.253448][T14237] veth0_macvtap: left promiscuous mode [ 247.261055][T14237] veth1_vlan: left promiscuous mode [ 247.266460][T14237] veth0_vlan: left promiscuous mode [ 247.340799][T14237] team0 (unregistering): Port device team_slave_1 removed [ 247.350307][T14237] team0 (unregistering): Port device team_slave_0 removed [ 247.385940][ T2321] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.407919][ T1569] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.427397][T22140] chnl_net:caif_netlink_parms(): no params data found [ 247.468785][T22140] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.475926][T22140] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.483484][T22140] bridge_slave_0: entered allmulticast mode [ 247.493981][T22140] bridge_slave_0: entered promiscuous mode [ 247.501503][T22140] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.508616][T22140] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.516427][T22140] bridge_slave_1: entered allmulticast mode [ 247.523425][T22140] bridge_slave_1: entered promiscuous mode [ 247.543197][T22140] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 247.553891][T22140] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 247.576760][T22140] team0: Port device team_slave_0 added [ 247.584046][T22140] team0: Port device team_slave_1 added [ 247.602001][T22140] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 247.609004][T22140] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 247.635676][T22140] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 247.637835][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 247.647868][T22140] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 247.661293][T22140] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 247.687793][T22140] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 247.720093][T22140] hsr_slave_0: entered promiscuous mode [ 247.726573][T22140] hsr_slave_1: entered promiscuous mode [ 247.732843][T22140] debugfs: 'hsr0' already exists in 'hsr' [ 247.738656][T22140] Cannot create hsr debugfs directory [ 248.253116][T22140] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 248.262151][T22140] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 248.271195][T22140] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 248.279634][T22140] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 248.314681][T22140] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.327119][T22140] 8021q: adding VLAN 0 to HW filter on device team0 [ 248.337065][ T2321] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.344275][ T2321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 248.355038][T14237] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.362193][T14237] bridge0: port 2(bridge_slave_1) entered forwarding state [ 248.425479][T22140] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 248.490972][T22140] veth0_vlan: entered promiscuous mode [ 248.499059][T22140] veth1_vlan: entered promiscuous mode [ 248.514663][T22140] veth0_macvtap: entered promiscuous mode [ 248.522422][T22140] veth1_macvtap: entered promiscuous mode [ 248.533650][T22140] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 248.544466][T22140] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 248.555977][ T52] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.565924][ T52] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.576541][ T52] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.589410][ T52] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.855086][T22334] loop9: detected capacity change from 0 to 1024 [ 248.869644][T22334] EXT4-fs: Ignoring removed bh option [ 248.881416][T22334] EXT4-fs: Ignoring removed nomblk_io_submit option [ 248.894748][T22334] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e841c01c, mo2=0003] [ 248.905230][T22334] System zones: 0-1, 3-36 [ 248.914071][T22341] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7761'. [ 248.928790][T22334] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.975210][T18965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.079027][T22366] loop9: detected capacity change from 0 to 2048 [ 249.148951][T22366] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.187105][T18965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.227594][T22388] loop8: detected capacity change from 0 to 128 [ 249.237845][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 249.305534][T22396] macvtap0: entered promiscuous mode [ 249.320856][T22396] macvtap0: left promiscuous mode [ 249.326139][T22400] loop5: detected capacity change from 0 to 512 [ 249.344680][T22400] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 249.368052][T22400] EXT4-fs (loop5): 1 truncate cleaned up [ 249.394944][T22406] netlink: 'syz.8.7790': attribute type 21 has an invalid length. [ 249.400551][T22408] loop9: detected capacity change from 0 to 1024 [ 249.403279][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 249.417451][T22406] netlink: 'syz.8.7790': attribute type 1 has an invalid length. [ 249.418548][T22400] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.425500][T22406] netlink: 'syz.8.7790': attribute type 2 has an invalid length. [ 249.445606][T22406] netlink: 9062 bytes leftover after parsing attributes in process `syz.8.7790'. [ 249.477391][T22408] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.493657][T22408] EXT4-fs warning (device loop9): ext4_rmdir:3185: inode #11: comm syz.9.7791: empty directory 'file1' has too many links (111) [ 249.550457][T18965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.568217][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.625894][T22428] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 249.643675][T22428] pim6reg0: linktype set to 65534 [ 249.955555][T22469] loop8: detected capacity change from 0 to 4096 [ 249.969120][T22475] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 249.976443][T22475] IPv6: NLM_F_CREATE should be set when creating new route [ 249.997709][T22469] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.043860][T18993] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.343708][T22515] loop8: detected capacity change from 0 to 1024 [ 250.371442][T22515] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.387397][T22515] EXT4-fs warning (device loop8): ext4_rmdir:3185: inode #11: comm syz.8.7849: empty directory 'file1' has too many links (111) [ 250.417378][T18993] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.493466][T22531] loop8: detected capacity change from 0 to 1024 [ 250.505306][T22531] EXT4-fs: Ignoring removed orlov option [ 250.529702][T22537] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 250.535492][T22537] pim6reg0: linktype set to 65534 [ 250.541484][T22539] netlink: 'syz.4.7850': attribute type 21 has an invalid length. [ 250.549789][T22539] netlink: 'syz.4.7850': attribute type 1 has an invalid length. [ 250.557773][T22539] netlink: 'syz.4.7850': attribute type 2 has an invalid length. [ 250.565592][T22539] netlink: 9062 bytes leftover after parsing attributes in process `syz.4.7850'. [ 250.584234][T22531] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.669014][T18993] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.767704][T22559] loop5: detected capacity change from 0 to 1024 [ 250.798866][T22559] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.819742][T22559] EXT4-fs warning (device loop5): ext4_rmdir:3185: inode #11: comm syz.5.7858: empty directory 'file1' has too many links (111) [ 250.861717][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.883634][T22570] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7860'. [ 250.907660][T22570] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.941411][T22574] netlink: 'syz.3.7864': attribute type 21 has an invalid length. [ 250.949446][T22574] netlink: 'syz.3.7864': attribute type 1 has an invalid length. [ 250.957408][T22574] netlink: 'syz.3.7864': attribute type 2 has an invalid length. [ 250.965290][T22574] netlink: 9062 bytes leftover after parsing attributes in process `syz.3.7864'. [ 251.039479][T22570] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 251.081733][T22581] loop5: detected capacity change from 0 to 1024 [ 251.091211][T22581] EXT4-fs: Ignoring removed orlov option [ 251.091641][T22570] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 251.123708][T22581] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.163737][T22570] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 251.189403][ T9223] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.204749][T22585] macvtap0: entered promiscuous mode [ 251.211095][T22585] macvtap0: left promiscuous mode [ 251.257085][ T52] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.277793][ T52] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.286060][ T52] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.299097][ T52] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.521856][T22603] netlink: 12 bytes leftover after parsing attributes in process `syz.9.7875'. [ 251.591668][T22609] tap0: tun_chr_ioctl cmd 1074025677 [ 251.607014][T22609] tap0: linktype set to 768 [ 252.097898][T22654] tap0: tun_chr_ioctl cmd 1074025677 [ 252.103530][T22654] tap0: linktype set to 768 [ 252.828946][T22723] netlink: 32 bytes leftover after parsing attributes in process `syz.3.7933'. [ 252.838203][ C0] vcan0: j1939_tp_rxtimer: 0xffff888129c25200: rx timeout, send abort [ 252.846601][T22723] netlink: 32 bytes leftover after parsing attributes in process `syz.3.7933'. [ 252.850850][T22725] netlink: 68 bytes leftover after parsing attributes in process `syz.9.7934'. [ 253.184212][ T29] kauditd_printk_skb: 86 callbacks suppressed [ 253.184231][ T29] audit: type=1326 audit(1027.169:2048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22739 comm="syz.8.7940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 253.215104][ T29] audit: type=1326 audit(1027.199:2049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22739 comm="syz.8.7940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 253.238641][ T29] audit: type=1326 audit(1027.199:2050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22739 comm="syz.8.7940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 253.261989][ T29] audit: type=1326 audit(1027.199:2051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22739 comm="syz.8.7940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 253.292744][ T29] audit: type=1326 audit(1027.199:2052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22739 comm="syz.8.7940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 253.316236][ T29] audit: type=1326 audit(1027.199:2053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22739 comm="syz.8.7940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 253.332940][T22745] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7942'. [ 253.339622][ C0] vcan0: j1939_tp_rxtimer: 0xffff888129c25200: abort rx timeout. Force session deactivation [ 253.339642][ T29] audit: type=1326 audit(1027.199:2054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22739 comm="syz.8.7940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 253.382088][ T29] audit: type=1326 audit(1027.199:2055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22739 comm="syz.8.7940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 253.405574][ T29] audit: type=1326 audit(1027.249:2056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22739 comm="syz.8.7940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c5a2aeb9 code=0x7ffc0000 [ 253.452055][T22745] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.516890][T22745] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.533246][T22759] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2566 sclass=netlink_xfrm_socket pid=22759 comm=syz.8.7949 [ 253.556314][T22761] netlink: 104 bytes leftover after parsing attributes in process `syz.4.7951'. [ 253.577090][T22745] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.633543][T22745] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.705654][ T31] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 253.720987][ T31] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 253.743334][T22780] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 253.751915][T22780] IPv6: NLM_F_CREATE should be set when creating new route [ 253.759500][T22780] IPv6: NLM_F_CREATE should be set when creating new route [ 253.766816][T22780] IPv6: NLM_F_CREATE should be set when creating new route [ 253.778444][ T31] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 253.792481][ T31] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 253.820694][T22780] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 253.892353][T22793] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2566 sclass=netlink_xfrm_socket pid=22793 comm=syz.4.7965 [ 253.951277][T22798] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7966'. [ 253.960602][T22798] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 254.143262][ T3000] ================================================================== [ 254.151481][ T3000] BUG: KCSAN: data-race in d_make_discardable / path_lookupat [ 254.159155][ T3000] [ 254.161476][ T3000] write to 0xffff88811ad8b9c0 of 4 bytes by task 3300 on cpu 1: [ 254.169103][ T3000] d_make_discardable+0x4f/0xa0 [ 254.173989][ T3000] simple_unlink+0x68/0x80 [ 254.178545][ T3000] shmem_unlink+0x12d/0x140 [ 254.183080][ T3000] vfs_unlink+0x28b/0x440 [ 254.187442][ T3000] do_unlinkat+0x1e2/0x4b0 [ 254.192054][ T3000] __x64_sys_unlink+0x2e/0x40 [ 254.196375][T22817] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7975'. [ 254.197012][ T3000] x64_sys_call+0x2f48/0x3000 [ 254.197046][ T3000] do_syscall_64+0xc0/0x2a0 [ 254.197071][ T3000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.221760][ T3000] [ 254.224439][ T3000] read to 0xffff88811ad8b9c0 of 4 bytes by task 3000 on cpu 0: [ 254.232070][ T3000] path_lookupat+0x1d8/0x500 [ 254.236674][ T3000] filename_lookup+0x190/0x390 [ 254.241539][ T3000] do_readlinkat+0x7d/0x340 [ 254.246321][ T3000] __x64_sys_readlink+0x47/0x60 [ 254.251277][ T3000] x64_sys_call+0x2af1/0x3000 [ 254.255967][ T3000] do_syscall_64+0xc0/0x2a0 [ 254.260483][ T3000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.266470][ T3000] [ 254.268975][ T3000] value changed: 0x08300080 -> 0x00004080 [ 254.274875][ T3000] [ 254.277200][ T3000] Reported by Kernel Concurrency Sanitizer on: [ 254.283446][ T3000] CPU: 0 UID: 0 PID: 3000 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) [ 254.292789][ T3000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 254.302937][ T3000] ================================================================== [ 254.324098][T22817] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.369883][T22817] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.399381][T22817] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.452942][T22817] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.515151][ T31] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.526757][ T31] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.539579][T14237] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.551154][T14237] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.007836][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 257.015442][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 257.023107][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!