last executing test programs: 1m59.364659476s ago: executing program 3 (id=4): ptrace(0x10, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0x2}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) ptrace$setregs(0xd, 0x0, 0x9, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3200"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r0 = socket$kcm(0x2, 0xa, 0x2) ptrace$getregset(0x4204, 0x0, 0x200, &(0x7f00000001c0)={0x0}) syz_open_dev$MSR(&(0x7f0000000040), 0x7, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8918, &(0x7f0000000000)={'ipvlan0\x00', @random="0200ff7fffff"}) 1m59.165145421s ago: executing program 3 (id=9): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0) mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) mount$bpf(0x200000000000, &(0x7f0000000000)='./file0\x00', 0x0, 0x225451, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) 1m58.925072312s ago: executing program 3 (id=12): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000013c0), 0x82000, 0x0) ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000026c0)=0x3d) readv(r1, &(0x7f00000003c0)=[{&(0x7f0000000400)=""/117, 0x75}], 0x1) ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000000)={0xffffffff, 0xee3, 0x6, 0x8, 0xe, "9921ad6b5444906edf680000a6a900105700"}) 1m43.862791095s ago: executing program 32 (id=12): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000013c0), 0x82000, 0x0) ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000026c0)=0x3d) readv(r1, &(0x7f00000003c0)=[{&(0x7f0000000400)=""/117, 0x75}], 0x1) ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000000)={0xffffffff, 0xee3, 0x6, 0x8, 0xe, "9921ad6b5444906edf680000a6a900105700"}) 1m26.968735835s ago: executing program 0 (id=448): perf_event_open(0x0, 0x0, 0x400000000, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'pimreg\x00', 0x5005}) socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x42718, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0xc, 0x0, 0x7ffc0002}]}) socket$kcm(0x11, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@nodelalloc}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x10000005}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@resgid}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@barrier_val={'barrier', 0x3d, 0x81}}], [{@flag='ro'}]}, 0xfd, 0x573, &(0x7f0000000640)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ") truncate(&(0x7f0000000100)='./file0/file0\x00', 0x5) 1m26.270715096s ago: executing program 0 (id=457): socket$xdp(0x2c, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r0 = syz_io_uring_setup(0x44cd, &(0x7f00000004c0)={0x0, 0x5331, 0x10100, 0x1000006, 0x1e5}, &(0x7f0000000240)=0x0, &(0x7f0000000140)=0x0) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x2d3e, 0xec84, 0x0, 0x0, 0x0) 1m25.910758442s ago: executing program 0 (id=464): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f00000000c0)=0x8, 0x4) r1 = dup(r0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0xfff1, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x400d1}, 0x0) bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r2 = socket$inet6(0xa, 0x2, 0x0) r3 = dup(r2) bind$unix(r3, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) 1m25.85325215s ago: executing program 0 (id=466): syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) munmap(&(0x7f000045e000/0x1000)=nil, 0x1000) mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000) mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil) mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil) mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) 1m25.777569979s ago: executing program 0 (id=469): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2125099, 0x0) io_setup(0x4, &(0x7f00000014c0)=0x0) r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00') io_submit(r0, 0x1, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0xfffe, r1, 0x0}]) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) 1m25.605836222s ago: executing program 0 (id=471): socketpair(0x1, 0x20000000000001, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x6, 0x2, 0xb, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10) close(r0) 1m10.571834791s ago: executing program 33 (id=471): socketpair(0x1, 0x20000000000001, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x6, 0x2, 0xb, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10) close(r0) 1.374425832s ago: executing program 2 (id=1803): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x80b0, 0x4d, 0x800020, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x77a3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) socketpair$tipc(0x1e, 0x2, 0x0, 0x0) r0 = fsopen(&(0x7f0000000140)='bpf\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0xb) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) getsockopt$ARPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) 1.128412884s ago: executing program 2 (id=1805): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x4c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x1c, 0x2, [@TCA_CAKE_AUTORATE={0x8}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x2}, @TCA_CAKE_INGRESS={0x8}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14) sendto$inet6(r0, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0) 1.074857251s ago: executing program 4 (id=1806): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0xcf47, 0x4cc, 0xffff, 0x9dff, 0x1, "8003e3ffff072000"}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x4000000, 0x0, 0x3, 0x7fff, 0x16, "b0bf2ebb48c849ac0000000003000018bfff40"}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_open_pts(r0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000040, &(0x7f0000000180)={0xa, 0x4e20, 0x8041, @empty, 0x627bcafb}, 0x1c) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x4) 978.962423ms ago: executing program 2 (id=1811): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x1c, 0x20, 0x9, 0x2, 0x25dfdbff, {0x2}, [@typed={0x8, 0x8, 0x0, 0x0, @fd=r0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r1, 0x0, 0x40000) syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) uname(&(0x7f0000000080)=""/161) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) 978.766973ms ago: executing program 5 (id=1812): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x10021, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}, 0x0, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x400}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0018001c0000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0) 932.464099ms ago: executing program 1 (id=1813): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.avg_queue_size\x00', 0x26e1, 0x0) close(r0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x80001, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20702, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8914, &(0x7f0000000080)) write$cgroup_pid(r0, &(0x7f00000005c0), 0x12) write$cgroup_pid(r0, &(0x7f0000000440), 0x12) 930.909789ms ago: executing program 6 (id=1823): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0xffb2) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "3f60eb8f2777c39a", "5985e81ad0d9585bc175cbecd3f55eb699e3070cc206f3ba527c85bde06fbf19", "51001100", "b200"}, 0x38) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='cpuacct.usage_all\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000200)=ANY=[], 0x3261e) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x4, &(0x7f0000000100)=@gcm_128={{0x303}, "05840db599701cd2", "0cf1d93a8b4bbb09f0785cb41a0293b4", "08d9a3d8", "dc39744acdfa00d0"}, 0x28) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x100000d, 0x6031, 0xffffffffffffffff, 0x0) 886.845355ms ago: executing program 2 (id=1814): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0) splice(r0, 0x0, r4, 0x0, 0x82, 0x0) write$bt_hci(r4, 0x0, 0x7) socket$nl_route(0x10, 0x3, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) write(r2, 0x0, 0x0) 849.8732ms ago: executing program 1 (id=1815): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1fc0}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x8, 0x2, 0x3}, 0xfefffffd, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x4000080) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14) sendto$inet6(r0, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0) 639.095957ms ago: executing program 6 (id=1816): socket$key(0xf, 0x3, 0x2) socket$inet_mptcp(0x2, 0x1, 0x106) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00006e3000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x7f9, &(0x7f0000000040)={0x0, 0xc8df, 0xfc00, 0xa, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xfff1, 0xffff}, {0xe, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x20040000) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 615.9097ms ago: executing program 6 (id=1817): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x28}}, 0x40000) sendmsg$NFQNL_MSG_VERDICT_BATCH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)={0x14, 0x3, 0x3, 0x101}, 0x14}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x35, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000018000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f0000000300)={0x0, 0x0, 0x2c, 0x4, 0x104, 0x1}) 615.80332ms ago: executing program 1 (id=1818): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x2000) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00') r1 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000340)=0x152, 0x4) fcntl$setsig(0xffffffffffffffff, 0xa, 0x33) sendto$inet6(r1, 0x0, 0x0, 0x4, &(0x7f0000000080)={0xa, 0x4e22, 0x8, @empty, 0x9}, 0x1c) recvmmsg(r1, &(0x7f0000000040)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f80)=""/129, 0x81}, 0xdb31}], 0x1, 0x40002042, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) lseek(r0, 0x2000, 0x0) 562.916637ms ago: executing program 1 (id=1819): socket$pppoe(0x18, 0x1, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000c40)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004) connect$nfc_llcp(r0, &(0x7f0000000100)={0x27, r2, 0xffffffffffffffff, 0x4, 0x53, 0x7, "07cbdd3199047dc26d311f0f244b25ba35ea8f61cd07e107dab26da8d164f15b35c0b7669366c634dd2326e7f6dccdec8306910919e39811abd472ad0eab81", 0xd}, 0x60) close(0x4) 562.826097ms ago: executing program 5 (id=1820): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e4000000000000000805000400030000000900020073797a3100000000050005000200000014000300686173683a69702c706f72742c6970000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x20044095}, 0x8042) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) close(0x4) r3 = socket$netlink(0x10, 0x3, 0x14) close_range(r3, 0xffffffffffffffff, 0x0) 555.237348ms ago: executing program 1 (id=1821): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) select(0x20000088, &(0x7f0000000080), 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x300}, &(0x7f0000000200)={0x0, 0x2710}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$USBDEVFS_GETDRIVER(0xffffffffffffffff, 0x41045508, &(0x7f0000000040)={0x0, "1f959c15fddc07b38b2e0b20dc04fa1a4d0a64b7bf417c6773a5b3671b98d10678f278ecbd128b2fb5fb74eb19d7b380f8ee91386af619c5d9de38c4e3cb0c0e2b24307088f30f026cde55a1ab0b7da73ce93ee5f0d7a795ffc332ee14f666a5788136b68ad783ba2c9e5e95282a16589ce583402255d99985ed4e8506869fff48cefb84f849505545824707b4f1e5bfcd26f9a781ae27f2889c8129e8f56caa6848deba2082edf6cf0c0228416ef7133484518c77afc03fcd574a87c704e5042a0c10af469b2e765d39c50a1235ed03db6b1262229ab8bb3a4aa673a70d9a8a5e630154fcd9a221a46ae6a0b79284eb4b061617e2fbf6039a38fbfddb498259"}) 531.567231ms ago: executing program 6 (id=1822): r0 = syz_io_uring_setup(0x49d, &(0x7f0000000300)={0x0, 0x44df, 0x1, 0x3, 0x33f}, &(0x7f0000000280)=0x0, &(0x7f0000000080)) r2 = eventfd(0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r3 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0x20c89e, 0xc000, 0x8, 0xc1}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50) io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f00000000c0)=r2, 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) io_uring_enter(r0, 0x627, 0x1764, 0x9, 0x0, 0x0) 509.691414ms ago: executing program 5 (id=1824): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x20, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}], 0x1, 0x4001) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000280)=0x8) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) dup2(r0, r3) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0x4}], 0x1c) sendto$inet6(r3, &(0x7f0000000040)='l', 0x1, 0x7ddfdbdfafa51cdd, &(0x7f0000000100)={0xa, 0x4e23, 0x2, @loopback, 0xffffffff}, 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=r2], 0x9) 496.823706ms ago: executing program 1 (id=1825): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000180)=0x800, 0x4) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000040)=0x20000, 0x4) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'dummy0\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x1, 0x800, 0x2}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0) 414.841286ms ago: executing program 5 (id=1826): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc) r2 = syz_io_uring_setup(0x497, &(0x7f0000000300)={0x0, 0x77bc, 0x10, 0x3, 0x285}, &(0x7f00000001c0)=0x0, &(0x7f00000003c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0}) io_uring_enter(r2, 0x3498, 0x969, 0xffff000000000000, 0x0, 0x0) getpeername$qrtr(r1, 0x0, &(0x7f0000000040)) dup3(r2, r0, 0x80000) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0xc0, &(0x7f0000000700)=0x5, 0x0, 0x4) 408.669257ms ago: executing program 6 (id=1836): socket$nl_generic(0x10, 0x3, 0x10) pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0x8) write$binfmt_aout(r1, &(0x7f00000001c0)=ANY=[], 0xff2e) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$TCSETS(r1, 0x40045431, &(0x7f00000000c0)={0x0, 0x5, 0x400007f, 0x4000006, 0x3, "42341f9b1000007e4f00"}) r2 = syz_open_pts(r1, 0x103100) dup3(r2, r1, 0x0) splice(r1, 0x0, r0, 0x0, 0x7ffff000, 0x0) 381.545421ms ago: executing program 4 (id=1827): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) getpgid(r0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x204000, &(0x7f0000001600)={[{@debug}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@data_err_ignore}, {@nobarrier}, {@usrjquota}, {@orlov}, {@nogrpid}, {@discard}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x57d, &(0x7f0000001bc0)="$eJzs3d9rW1UcAPDvTX/sp66DMdQHKezByVy6tv6YIGw+ig4H+j5Dm5XRdBlNOtY62PbgQHyRIYg4EP8A330c/gH6Vwx0MGQUffClctObLWuS/lpqM+/nA3c7557bnHty7jn5ntyEBJBbo+k/hYiXI+LrJOJQS9lgZIWjq8ctP7o+lW5JrKx88mcSSbaveXyS/X8gy7wUEb98EXGi0F5vbXFptlSplOez/Fh97spYbXHp5KW50kx5pnx5YnLy9FuTE+++83bP2vr6+b+/+/jeB6e/Orb87U8PDt9J4mwczMpa2/EMbrZmRmM0e06G4uyaA8d7UFk/SXb7BNiWgWycD0U6BxyKgWzUA/9/NyJiBcipxPiHnGrGAc21fY/Wwc+Nh++vLoDa2z+4+t5I7G2sjfYvJ0+tjNL17kgP6k/r+PmPu3fSLdrfh3hqWX2jB/UBNN28FRGnBgfb578km/+271TjzeP1ra0jb68/sJvupfHPG53in8Lj+Cc6xD8HOozd7dh4/Bce9KCartL4772O8e/jqWtkIMu90Ij5hpKLlyrlUxHxYkQcj6E9aX69+zmnl++vdCtrjf/SLa2/GQtm5/FgcM/TfzNdqpeepc2tHt6KeOVJ/JtE2/y/txGEru3/9Pk4nyZ+/XLDOo6W777arWzj9rfqfQS88mPEax37/0nonax/f3KscT2MNa+Kdn/dPvpbt/q31v7eS/t///rtH0la79fWtl7HD3v/KXcr2+71P5x82kgPZ/uuler1+fGI4eSj9v0TT/62mW8en7b/+LH1579O1/++iPhsk+2/feR210P7of+nt9T/W0/c//Dz77vVv7n+f7OROp7t2cz8t9kTfJbnDgAAAAAAAPpNISIORlIoPk4XCoXs8x1HYn+hUq3VT1ysLlyejsZ3ZUdiqNC8032o5fMQ49nnYZv5iTX5yYg4HBHfDOxr5ItT1cr0bjceAAAAAAAAAAAAAAAAAAAA+sSBDt//LxZXy34f2O2zA3acn/yG/Npw/Pfil56AvuT1H/LL+If8Mv4hv4x/yC/jH/LL+If8Mv4hv4x/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6Knz586l28ryo+tTaX766uLCbPXqyelybbY4tzBVnKrOXynOVKszlXJxqjrX4SEetmYq1eqV8YlYuDZWL9fqY7XFpQtz1YXL9QuX5koz5Qvlof+sZQAAAAAAAAAAAAAAAAAAAPD8qC0uzZYqlfK8RNfEmeiL09h2Itmol89kF8OWHjmyxODuN1BiBxIbzRzDOz85AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDm3wAAAP//ny01TQ==") r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000040)='.\x00', 0xa4000061) read(r1, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0) 333.038257ms ago: executing program 6 (id=1828): bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x100, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, @perf_config_ext={0x3, 0xe09}, 0x4, 0x0, 0x7, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file0\x00', 0x800090, &(0x7f0000000240)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c696f636861727365743d64656661756c742c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c726f6469722c757466383d302c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c756e695f786c6174653d302c646d61736b3d30303030303030303030303030303030303030303030312c747a3d5554432c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c726f6469722c696f636861727365743d63703733372c73686f72746e616d653d77696e39352c696f636861727365743d6370313235312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c6e6f6e756d7461696c02002c00"], 0x1, 0x2e2, &(0x7f0000000c00)="$eJzs3T9rJGUcB/DfbGb/nCK7hZUIDmhhdVyutdkgdyCm8tjitNDg3YFkF+ECEf/gepXY2Vj6CgTBF2JjZynYCnaecDAyszPZnb3JxgQ3ovl8irsnzzzfeX7PzCQ7TZ689+Ls8F4WDx599ksMBkl0xv2Ix0mMohO1L6Jh/HUAAP9lj/M8fs8XIpL1D/ufv9qQHWy9OgBgG5qf/6dJy3/vFiN+uLzaAIDtuHP37Tf39vdvvZVlg7g9+/J4kkRE8f/i+N6D+CCmcT9uxDCeRJQvCt0o3xaK5u08z+dpVhjFK7P58aRIzt79sTr/3m8RZX43hjEqu07eNsr8G/u3drOFlfy8qOOZav5xkb8Zw3j+JNzI32zJx6QXr768Uv/1GMZP78eHMY17ZRHL/Oe7WfZ6/s0fn75TlFfkk/nxpF+OW8p36snnl3yPAAAAAAAAAAAAAAAAAAAAAAD4/7le7Z3Tj3L/nqKr2n9n50nxRTey2qi5P88in9QnWu4PFJ08z+d5fFvvr3Mjy7K8GrjMp/FCWm0sCAAAAAAAAAAAAAAAAAAAAFfc0cefHB5Mp/cf/iONejeANCL+vBNx0fOMV3peis2D+9WcB9Npp2o2x6SrPbFTj0kiNpZRLOKsUp+L9Z5rF1nytadqrhrffd+aKlZ0lEbbocHZk3bb5zpn46Pu4jq2jqmfrsODpP0a9k+KHxQ3LtZvXC/aZ++uX/DeaRXWj+LfW06v9dDw3Jel92zZmG8YE8mm74vXfl2UvbKKxpheeVVb492qsRJfezbOfJ7L+GARf/pnRWK3DgAAAAAAAAAAAAAAAAAA2Krlb/+2HHy0MdrJ+1srCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu1fLv/1eNiPWelUbaDLeOaTZ68fDo31obAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAV8dfAQAA//+aUFRU") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) write$cgroup_type(r1, &(0x7f0000000180), 0x13bb711e) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(0xffffffffffffffff, 0xedd, 0x8acb, 0x41, 0x0, 0x0) 222.659581ms ago: executing program 4 (id=1829): r0 = socket$pptp(0x18, 0x1, 0x2) r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4) bind$inet(r1, &(0x7f0000e15000)={0x2, 0x4e20, @multicast1}, 0x2e) listen(r1, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4) bind$inet(r2, &(0x7f0000e15000)={0x2, 0x4e20, @multicast1}, 0x10) listen(r2, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 167.788638ms ago: executing program 5 (id=1830): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r2, 0xffffffffffffffff, 0x0) 132.253983ms ago: executing program 4 (id=1831): socket$nl_route(0x10, 0x3, 0x0) socket$igmp6(0xa, 0x3, 0x2) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x1b7f, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x0, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 105.940496ms ago: executing program 5 (id=1832): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x8a) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000000), 0x560c89bb) r2 = creat(&(0x7f0000000200)='./file0\x00', 0x20) r3 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0x1}) io_uring_enter(r3, 0x627, 0x4c1, 0x43, 0x0, 0x30) splice(r0, 0x0, r2, 0x0, 0x8000, 0x0) 60.255142ms ago: executing program 2 (id=1833): pipe(&(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x1) close(r1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) connect$inet(r2, &(0x7f0000000200)={0x2, 0x4e24, @remote}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) sendmmsg(r2, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000a00)='E', 0x1}], 0x1}}], 0x1, 0x4000045) splice(r0, 0x0, r1, 0x0, 0xfffd, 0x0) 14.858208ms ago: executing program 4 (id=1834): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x28}}, 0x40000) sendmsg$NFQNL_MSG_VERDICT_BATCH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)={0x14, 0x3, 0x3, 0x101}, 0x14}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x35, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000018000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f0000000300)={0x0, 0x0, 0x2c, 0x4, 0x104, 0x1}) 14.372428ms ago: executing program 2 (id=1845): memfd_create(&(0x7f0000000040)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) timerfd_create(0x0, 0x80000) socket$nl_route(0x10, 0x3, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0}, 0x119310, 0x1, 0x1, 0x4, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) socket$inet6(0xa, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet(0x2, 0xa, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000001000010700000000000000000a000000060001001700000008000a00", @ANYRES32=r1], 0x24}}, 0x0) 0s ago: executing program 4 (id=1835): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e4000000000000000805000400030000000900020073797a3100000000050005000200000014000300686173683a69702c706f72742c6970000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x20044095}, 0x8042) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) close(0x4) r3 = socket$netlink(0x10, 0x3, 0x14) close_range(r3, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): yz.1.372: invalid block [ 66.064936][ T4673] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.372: couldn't read orphan inode 11 (err -117) [ 66.127632][ T4673] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.232039][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.507589][ T4688] syzkaller0: entered allmulticast mode [ 66.520894][ T4688] syzkaller0: entered promiscuous mode [ 66.538523][ T4688] syzkaller0 (unregistering): left allmulticast mode [ 66.545547][ T4688] syzkaller0 (unregistering): left promiscuous mode [ 66.814676][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 66.814693][ T29] audit: type=1326 audit(1768801386.387:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4694 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 66.887259][ T29] audit: type=1326 audit(1768801386.467:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4694 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 66.910743][ T29] audit: type=1326 audit(1768801386.467:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4694 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 66.934069][ T29] audit: type=1326 audit(1768801386.467:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4694 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 67.329146][ T4707] netlink: 4 bytes leftover after parsing attributes in process `syz.4.384'. [ 67.357102][ T29] audit: type=1400 audit(1768801386.937:383): avc: denied { name_bind } for pid=4708 comm="syz.1.385" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 67.667793][ T4720] geneve2: entered promiscuous mode [ 67.673115][ T4720] geneve2: entered allmulticast mode [ 67.767480][ T4725] bond2: entered allmulticast mode [ 67.781510][ T4725] ip6gretap1: entered allmulticast mode [ 67.800065][ T4725] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link [ 68.222978][ T29] audit: type=1400 audit(1768801387.797:384): avc: denied { getattr } for pid=4755 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=508 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 68.295594][ T29] audit: type=1400 audit(1768801387.867:385): avc: denied { read } for pid=4757 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=508 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 68.317484][ T29] audit: type=1400 audit(1768801387.867:386): avc: denied { open } for pid=4757 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=508 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 68.452588][ T29] audit: type=1400 audit(1768801388.027:387): avc: denied { create } for pid=4754 comm="dhcpcd-run-hook" name="resolv.conf.eth2.ipv4ll" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 68.476164][ T29] audit: type=1400 audit(1768801388.027:388): avc: denied { write } for pid=4754 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.eth2.ipv4ll" dev="tmpfs" ino=1878 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 69.266237][ T3929] kernel write not supported for file 252/net/vlan/vlan1 (pid: 3929 comm: kworker/1:8) [ 69.334725][ T4835] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 69.341445][ T4835] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 69.349044][ T4835] vhci_hcd vhci_hcd.0: Device attached [ 69.361452][ T4833] netlink: 8 bytes leftover after parsing attributes in process `syz.1.413'. [ 69.396667][ T4835] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(5) [ 69.403487][ T4835] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 69.411549][ T4835] vhci_hcd vhci_hcd.0: Device attached [ 69.448263][ T4835] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(7) [ 69.454851][ T4835] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 69.462608][ T4835] vhci_hcd vhci_hcd.0: Device attached [ 69.486753][ T4835] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(9) [ 69.493380][ T4835] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 69.501123][ T4835] vhci_hcd vhci_hcd.0: Device attached [ 69.512608][ T4835] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(11) [ 69.519350][ T4835] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 69.526971][ T4835] vhci_hcd vhci_hcd.0: Device attached [ 69.535857][ T3929] vhci_hcd vhci_hcd.5: vhci_device speed not set [ 69.568710][ T4835] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 69.596433][ T4835] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 69.619452][ T3929] usb 11-1: new full-speed USB device number 2 using vhci_hcd [ 69.633421][ T4835] vhci_hcd vhci_hcd.0: pdev(5) rhport(7) sockfd(17) [ 69.640175][ T4835] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 69.647937][ T4835] vhci_hcd vhci_hcd.0: Device attached [ 69.666559][ T4860] vhci_hcd: connection closed [ 69.666779][ T53] vhci_hcd vhci_hcd.5: stop threads [ 69.677460][ T53] vhci_hcd vhci_hcd.5: release socket [ 69.682878][ T53] vhci_hcd vhci_hcd.5: disconnect device [ 69.689500][ T4852] vhci_hcd: connection closed [ 69.689688][ T4848] vhci_hcd: connection closed [ 69.689700][ T4845] vhci_hcd: connection closed [ 69.689981][ T4839] vhci_hcd: connection closed [ 69.704581][ T4836] vhci_hcd: connection reset by peer [ 69.820320][ T53] vhci_hcd vhci_hcd.5: stop threads [ 69.825650][ T53] vhci_hcd vhci_hcd.5: release socket [ 69.831216][ T53] vhci_hcd vhci_hcd.5: disconnect device [ 69.886682][ T53] vhci_hcd vhci_hcd.5: stop threads [ 69.892148][ T53] vhci_hcd vhci_hcd.5: release socket [ 69.897710][ T53] vhci_hcd vhci_hcd.5: disconnect device [ 69.924541][ T53] vhci_hcd vhci_hcd.5: stop threads [ 69.930247][ T53] vhci_hcd vhci_hcd.5: release socket [ 69.936079][ T53] vhci_hcd vhci_hcd.5: disconnect device [ 69.962709][ T53] vhci_hcd vhci_hcd.5: stop threads [ 69.968114][ T53] vhci_hcd vhci_hcd.5: release socket [ 69.973559][ T53] vhci_hcd vhci_hcd.5: disconnect device [ 70.000261][ T53] vhci_hcd vhci_hcd.5: stop threads [ 70.005549][ T53] vhci_hcd vhci_hcd.5: release socket [ 70.011256][ T53] vhci_hcd vhci_hcd.5: disconnect device [ 70.162112][ T4872] loop4: detected capacity change from 0 to 8192 [ 70.466260][ T3322] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 70.474343][ T3322] FAT-fs (loop4): Filesystem has been set read-only [ 70.597073][ T4877] netlink: 'syz.4.419': attribute type 1 has an invalid length. [ 70.803807][ T4877] 8021q: adding VLAN 0 to HW filter on device bond3 [ 70.880889][ T4881] bond3 (unregistering): Released all slaves [ 71.420330][ T4904] team0: Port device vlan2 added [ 71.639730][ T4918] netlink: 8 bytes leftover after parsing attributes in process `syz.5.435'. [ 71.896368][ T4926] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 71.935771][ T4926] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 71.982864][ T29] kauditd_printk_skb: 11 callbacks suppressed [ 71.982881][ T29] audit: type=1400 audit(1768801391.557:400): avc: denied { write } for pid=4928 comm="syz.1.438" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 72.043429][ T4933] netlink: 8 bytes leftover after parsing attributes in process `syz.5.441'. [ 72.049392][ T29] audit: type=1400 audit(1768801391.557:401): avc: denied { ioctl } for pid=4928 comm="syz.1.438" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 72.052743][ T4933] netlink: 8 bytes leftover after parsing attributes in process `syz.5.441'. [ 72.078681][ T29] audit: type=1400 audit(1768801391.567:402): avc: denied { ioctl } for pid=4930 comm="syz.5.440" path="socket:[10508]" dev="sockfs" ino=10508 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 72.113022][ T29] audit: type=1400 audit(1768801391.567:403): avc: denied { append } for pid=4930 comm="syz.5.440" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 72.528615][ T4945] loop1: detected capacity change from 0 to 256 [ 72.531837][ T4939] syz.2.444 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0 [ 72.549593][ T4939] CPU: 0 UID: 0 PID: 4939 Comm: syz.2.444 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 72.549636][ T4939] Tainted: [W]=WARN [ 72.549644][ T4939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 72.549658][ T4939] Call Trace: [ 72.549665][ T4939] [ 72.549671][ T4939] __dump_stack+0x1d/0x30 [ 72.549726][ T4939] dump_stack_lvl+0x95/0xd0 [ 72.549822][ T4939] dump_stack+0x15/0x1b [ 72.549848][ T4939] dump_header+0x80/0x240 [ 72.549916][ T4939] oom_kill_process+0x295/0x350 [ 72.549946][ T4939] out_of_memory+0x97d/0xb80 [ 72.550035][ T4939] try_charge_memcg+0x62e/0xa10 [ 72.550158][ T4939] obj_cgroup_charge_pages+0xa6/0x150 [ 72.550256][ T4939] __memcg_kmem_charge_page+0x9e/0x170 [ 72.550286][ T4939] __alloc_frozen_pages_noprof+0x18a/0x350 [ 72.550316][ T4939] alloc_pages_mpol+0xb3/0x260 [ 72.550355][ T4939] alloc_pages_noprof+0x8f/0x130 [ 72.550411][ T4939] __vmalloc_node_range_noprof+0xa46/0x12b0 [ 72.550451][ T4939] __kvmalloc_node_noprof+0x471/0x680 [ 72.550490][ T4939] ? ip_set_alloc+0x24/0x30 [ 72.550530][ T4939] ? ip_set_alloc+0x24/0x30 [ 72.550564][ T4939] ip_set_alloc+0x24/0x30 [ 72.550673][ T4939] hash_netiface_create+0x282/0x740 [ 72.550729][ T4939] ? __pfx_hash_netiface_create+0x10/0x10 [ 72.550773][ T4939] ip_set_create+0x3cf/0x970 [ 72.550858][ T4939] ? __nla_parse+0x40/0x60 [ 72.550885][ T4939] nfnetlink_rcv_msg+0x509/0x5d0 [ 72.551006][ T4939] netlink_rcv_skb+0x123/0x220 [ 72.551041][ T4939] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 72.551076][ T4939] nfnetlink_rcv+0x167/0x1720 [ 72.551192][ T4939] ? mas_wr_store_type+0xa75/0xcd0 [ 72.551302][ T4939] ? prep_new_page+0x4f/0x1f0 [ 72.551326][ T4939] ? get_page_from_freelist+0x13a5/0x1400 [ 72.551419][ T4939] ? xas_create+0xb89/0xbe0 [ 72.551508][ T4939] ? _raw_spin_lock_bh+0x56/0xb0 [ 72.551535][ T4939] ? should_fail_ex+0x30/0x280 [ 72.551559][ T4939] ? selinux_nlmsg_lookup+0x99/0x890 [ 72.551649][ T4939] ? __rcu_read_unlock+0x33/0x70 [ 72.551674][ T4939] ? __netlink_lookup+0x276/0x2b0 [ 72.551703][ T4939] netlink_unicast+0x5c0/0x690 [ 72.551735][ T4939] netlink_sendmsg+0x5c8/0x6f0 [ 72.551825][ T4939] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.551907][ T4939] __sock_sendmsg+0x145/0x170 [ 72.551935][ T4939] ____sys_sendmsg+0x31e/0x4a0 [ 72.552048][ T4939] ___sys_sendmsg+0x195/0x1e0 [ 72.552161][ T4939] __x64_sys_sendmsg+0xd4/0x160 [ 72.552205][ T4939] x64_sys_call+0x17ba/0x3000 [ 72.552249][ T4939] do_syscall_64+0xc0/0x2a0 [ 72.552272][ T4939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.552293][ T4939] RIP: 0033:0x7fc12b3aacb9 [ 72.552312][ T4939] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 72.552335][ T4939] RSP: 002b:00007fc129e07028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.552405][ T4939] RAX: ffffffffffffffda RBX: 00007fc12b625fa0 RCX: 00007fc12b3aacb9 [ 72.552421][ T4939] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004 [ 72.552436][ T4939] RBP: 00007fc12b418bf7 R08: 0000000000000000 R09: 0000000000000000 [ 72.552450][ T4939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 72.552464][ T4939] R13: 00007fc12b626038 R14: 00007fc12b625fa0 R15: 00007fff06374898 [ 72.552484][ T4939] [ 72.552501][ T4939] memory: usage 307200kB, limit 307200kB, failcnt 1642 [ 72.597428][ T4945] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 72.597865][ T4939] memory+swap: usage 307656kB, limit 9007199254740988kB, failcnt 0 [ 72.817527][ T29] audit: type=1326 audit(1768801392.387:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4948 comm="syz.0.448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3047acb9 code=0x7ffc0000 [ 72.835429][ T4939] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0 [ 72.842775][ T29] audit: type=1326 audit(1768801392.387:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4948 comm="syz.0.448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3047acb9 code=0x7ffc0000 [ 72.850857][ T4939] Memory cgroup stats for [ 72.858886][ T29] audit: type=1326 audit(1768801392.387:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4948 comm="syz.0.448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fef3047acb9 code=0x7ffc0000 [ 72.858966][ T29] audit: type=1326 audit(1768801392.387:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4948 comm="syz.0.448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3047acb9 code=0x7ffc0000 [ 72.858999][ T29] audit: type=1326 audit(1768801392.387:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4948 comm="syz.0.448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fef3047acb9 code=0x7ffc0000 [ 72.859030][ T29] audit: type=1326 audit(1768801392.387:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4948 comm="syz.0.448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3047acb9 code=0x7ffc0000 [ 72.881960][ T4950] loop0: detected capacity change from 0 to 1024 [ 72.883734][ T4939] /syz2: [ 73.084797][ T4953] openvswitch: netlink: Missing key (keys=40, expected=100) [ 73.097238][ T4939] cache 434176 [ 73.100766][ T4939] rss 12288 [ 73.103900][ T4939] shmem 0 [ 73.107010][ T4939] mapped_file 0 [ 73.110571][ T4939] dirty 0 [ 73.113531][ T4939] writeback 0 [ 73.117005][ T4939] workingset_refault_anon 1481 [ 73.121787][ T4939] workingset_refault_file 2091 [ 73.126813][ T4939] swap 466944 [ 73.130239][ T4939] swapcached 28672 [ 73.134063][ T4939] pgpgin 23344 [ 73.137571][ T4939] pgpgout 23231 [ 73.141487][ T4939] pgfault 27571 [ 73.145065][ T4939] pgmajfault 325 [ 73.148769][ T4939] inactive_anon 24576 [ 73.152770][ T4939] active_anon 4096 [ 73.156579][ T4939] inactive_file 356352 [ 73.160717][ T4939] active_file 0 [ 73.164278][ T4939] unevictable 0 [ 73.168081][ T4939] hierarchical_memory_limit 314572800 [ 73.173695][ T4939] hierarchical_memsw_limit 9223372036854771712 [ 73.180322][ T4939] total_cache 434176 [ 73.184514][ T4939] total_rss 12288 [ 73.188360][ T4939] total_shmem 0 [ 73.192113][ T4939] total_mapped_file 0 [ 73.196418][ T4939] total_dirty 0 [ 73.200324][ T4939] total_writeback 0 [ 73.204258][ T4939] total_workingset_refault_anon 1481 [ 73.209838][ T4939] total_workingset_refault_file 2091 [ 73.215156][ T4939] total_swap 466944 [ 73.219275][ T4939] total_swapcached 28672 [ 73.223632][ T4939] total_pgpgin 23344 [ 73.227972][ T4939] total_pgpgout 23231 [ 73.232215][ T4939] total_pgfault 27571 [ 73.236432][ T4939] total_pgmajfault 325 [ 73.240715][ T4939] total_inactive_anon 24576 [ 73.245244][ T4939] total_active_anon 4096 [ 73.249568][ T4939] total_inactive_file 356352 [ 73.254278][ T4939] total_active_file 0 [ 73.258371][ T4939] total_unevictable 0 [ 73.262443][ T4939] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.444,pid=4938,uid=0 [ 73.277328][ T4939] Memory cgroup out of memory: Killed process 4938 (syz.2.444) total-vm:94132kB, anon-rss:1328kB, file-rss:22152kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:0 [ 73.308620][ T4950] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.394111][ T4968] loop5: detected capacity change from 0 to 512 [ 73.421196][ T4968] EXT4-fs: inline encryption not supported [ 73.427178][ T4968] EXT4-fs: Ignoring removed nomblk_io_submit option [ 73.434840][ T4968] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 73.436657][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.443656][ T4968] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 73.479265][ T4974] netlink: 14 bytes leftover after parsing attributes in process `syz.1.458'. [ 73.550827][ T4968] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.455: Failed to acquire dquot type 1 [ 73.606460][ T4968] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 46 vs 41 free clusters [ 73.621098][ T4968] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.455: corrupted inode contents [ 73.646420][ T4968] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #12: comm syz.5.455: mark_inode_dirty error [ 73.658750][ T4968] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.455: corrupted inode contents [ 73.671103][ T4968] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.455: mark_inode_dirty error [ 73.683053][ T4968] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.455: corrupted inode contents [ 73.695964][ T4968] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem [ 73.705056][ T4968] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.455: corrupted inode contents [ 73.718007][ T4968] EXT4-fs error (device loop5): ext4_truncate:4635: inode #12: comm syz.5.455: mark_inode_dirty error [ 73.729581][ T4968] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem [ 73.739179][ T4968] EXT4-fs (loop5): 1 truncate cleaned up [ 73.746121][ T4968] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.749588][ T4984] loop4: detected capacity change from 0 to 2048 [ 73.804540][ T4984] EXT4-fs: Ignoring removed bh option [ 73.862922][ T4984] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.893595][ T4183] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.919080][ T4984] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.937399][ T4984] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.460: bg 0: block 345: padding at end of block bitmap is not set [ 73.959070][ T4984] EXT4-fs (loop4): Remounting filesystem read-only [ 74.035181][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.377411][ T5003] Set syz1 is full, maxelem 65536 reached [ 74.444136][ T5027] netlink: 'syz.1.476': attribute type 1 has an invalid length. [ 74.567081][ T5027] 8021q: adding VLAN 0 to HW filter on device bond1 [ 74.672927][ T5033] bond1: (slave veth5): Enslaving as an active interface with a down link [ 74.701246][ T3929] usb 11-1: enqueue for inactive port 0 [ 74.719403][ T3929] usb 11-1: enqueue for inactive port 0 [ 74.773241][ T5027] bond1 (unregistering): (slave veth5): Releasing active interface [ 74.797522][ T5027] bond1 (unregistering): Released all slaves [ 74.816110][ T3929] vhci_hcd vhci_hcd.5: vhci_device speed not set [ 75.168342][ T5057] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.204153][ T5061] veth1_to_bond: entered promiscuous mode [ 75.240103][ T5057] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.327461][ T5057] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.414311][ T5057] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.470958][ T5074] netlink: 28 bytes leftover after parsing attributes in process `syz.2.495'. [ 75.529513][ T4079] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.559451][ T4079] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.599314][ T4079] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.620133][ T4079] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.682995][ T5056] veth1_to_bond: left promiscuous mode [ 75.865051][ T5036] syz.4.478 (5036) used greatest stack depth: 7048 bytes left [ 76.000127][ T5090] loop1: detected capacity change from 0 to 512 [ 76.007897][ T5090] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 76.030062][ T5090] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.059153][ T5090] ext4 filesystem being mounted at /115/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 76.485589][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.596848][ T5114] netlink: 12 bytes leftover after parsing attributes in process `syz.1.510'. [ 76.670651][ T5121] netlink: 87 bytes leftover after parsing attributes in process `syz.2.513'. [ 77.134955][ T29] kauditd_printk_skb: 30 callbacks suppressed [ 77.134973][ T29] audit: type=1400 audit(1768801396.707:438): avc: denied { watch } for pid=5138 comm="syz.2.520" path="/" dev="ramfs" ino=11674 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1 [ 77.452984][ T5154] loop5: detected capacity change from 0 to 1024 [ 77.466861][ T5154] EXT4-fs: Ignoring removed bh option [ 77.498540][ T5154] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.729512][ T29] audit: type=1400 audit(1768801397.307:439): avc: denied { map } for pid=5153 comm="syz.5.526" path="/68/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 77.752699][ T29] audit: type=1400 audit(1768801397.307:440): avc: denied { execute } for pid=5153 comm="syz.5.526" path="/68/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 77.761737][ T5154] EXT4-fs error (device loop5): mb_free_blocks:2037: group 0, inode 15: block 273:freeing already freed block (bit 17); block bitmap corrupt. [ 77.853840][ T5154] EXT4-fs (loop5): Remounting filesystem read-only [ 77.872394][ T5154] EXT4-fs warning (device loop5): ext4_convert_unwritten_extents:4984: inode #15: block 64: len 64: ext4_ext_map_blocks returned -30 [ 77.942572][ T29] audit: type=1400 audit(1768801397.517:441): avc: denied { associate } for pid=5169 comm="syz.2.531" name="core" scontext=root:object_r:etc_runtime_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1 [ 78.090004][ T29] audit: type=1326 audit(1768801397.667:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d94cacb9 code=0x7ffc0000 [ 78.113672][ T29] audit: type=1326 audit(1768801397.667:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d94cacb9 code=0x7ffc0000 [ 78.315559][ T4183] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.373091][ T29] audit: type=1326 audit(1768801397.727:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f86d94cacb9 code=0x7ffc0000 [ 78.396801][ T29] audit: type=1326 audit(1768801397.727:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d94cacb9 code=0x7ffc0000 [ 78.420559][ T29] audit: type=1326 audit(1768801397.727:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d94cacb9 code=0x7ffc0000 [ 78.444204][ T29] audit: type=1326 audit(1768801397.727:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f86d94cacb9 code=0x7ffc0000 [ 78.674777][ T5203] netlink: 12 bytes leftover after parsing attributes in process `syz.2.546'. [ 78.778198][ T5203] macvlan2: entered promiscuous mode [ 78.783564][ T5203] macvlan2: entered allmulticast mode [ 78.797607][ T5211] netlink: 12 bytes leftover after parsing attributes in process `syz.4.545'. [ 78.844258][ T5203] bond1: (slave macvlan2): Opening slave failed [ 79.428527][ T5219] netlink: 176 bytes leftover after parsing attributes in process `syz.1.549'. [ 79.509644][ T5223] loop5: detected capacity change from 0 to 512 [ 79.548881][ T5223] EXT4-fs warning (device loop5): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 79.577937][ T5223] EXT4-fs (loop5): mount failed [ 79.763450][ T5238] netlink: 199828 bytes leftover after parsing attributes in process `syz.4.557'. [ 80.017200][ T5254] netlink: 8 bytes leftover after parsing attributes in process `syz.4.561'. [ 80.775607][ T5268] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.867749][ T5268] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.928482][ T5268] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.008122][ T5268] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.046813][ T5277] loop5: detected capacity change from 0 to 1024 [ 81.068171][ T5277] EXT4-fs: Ignoring removed nobh option [ 81.073822][ T5277] EXT4-fs: Ignoring removed nomblk_io_submit option [ 81.087943][ T31] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.114033][ T31] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.127211][ T5277] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.146410][ T31] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.170873][ T31] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.256374][ T4183] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.411210][ T5297] loop5: detected capacity change from 0 to 128 [ 81.427786][ T5297] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 81.441461][ T5297] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 81.894879][ T5310] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 81.939267][ T5310] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 81.998711][ T5310] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.180665][ T29] kauditd_printk_skb: 97 callbacks suppressed [ 82.180684][ T29] audit: type=1400 audit(1768801401.757:544): avc: denied { shutdown } for pid=5311 comm="syz.1.582" lport=5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 82.219779][ T5310] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.275902][ T29] audit: type=1400 audit(1768801401.767:545): avc: denied { read } for pid=5311 comm="syz.1.582" path="socket:[12298]" dev="sockfs" ino=12298 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 82.573597][ T4079] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 82.627434][ T29] audit: type=1400 audit(1768801402.207:546): avc: denied { connect } for pid=5331 comm="syz.5.591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 82.631202][ T5334] netlink: 8 bytes leftover after parsing attributes in process `syz.1.590'. [ 82.655741][ T5334] netlink: 8 bytes leftover after parsing attributes in process `syz.1.590'. [ 82.661735][ T5310] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.692273][ T29] audit: type=1400 audit(1768801402.257:547): avc: denied { bind } for pid=5335 comm="syz.2.592" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 82.712329][ T29] audit: type=1400 audit(1768801402.257:548): avc: denied { name_bind } for pid=5335 comm="syz.2.592" src=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 82.733353][ T29] audit: type=1400 audit(1768801402.257:549): avc: denied { node_bind } for pid=5335 comm="syz.2.592" src=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 82.755650][ T5341] capability: warning: `syz.5.591' uses deprecated v2 capabilities in a way that may be insecure [ 82.767501][ T29] audit: type=1400 audit(1768801402.307:550): avc: denied { setopt } for pid=5338 comm="syz.2.593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 82.788052][ T29] audit: type=1400 audit(1768801402.307:551): avc: denied { connect } for pid=5338 comm="syz.2.593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 82.831599][ T5343] netlink: 12 bytes leftover after parsing attributes in process `syz.2.594'. [ 82.972843][ T5310] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.058334][ T29] audit: type=1400 audit(1768801402.637:552): avc: denied { read } for pid=5348 comm="syz.1.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 83.143959][ T29] audit: type=1400 audit(1768801402.717:553): avc: denied { create } for pid=5355 comm="syz.5.600" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 83.314519][ T5364] sch_tbf: burst 1821 is lower than device lo mtu (65550) ! [ 83.572335][ T31] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.740141][ T37] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.880860][ T31] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.002507][ T31] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.464761][ T5396] loop1: detected capacity change from 0 to 512 [ 84.507487][ T5396] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.536635][ T5396] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.588454][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.635355][ T5407] netlink: 4 bytes leftover after parsing attributes in process `syz.2.615'. [ 84.665981][ T5407] netlink: 12 bytes leftover after parsing attributes in process `syz.2.615'. [ 84.816030][ T5422] netlink: 12 bytes leftover after parsing attributes in process `syz.2.619'. [ 84.938824][ T5438] netlink: 8 bytes leftover after parsing attributes in process `syz.2.622'. [ 85.064854][ T5447] loop5: detected capacity change from 0 to 128 [ 85.091949][ T5447] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 85.142814][ T5447] program syz.5.625 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 85.179694][ T4090] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 85.401192][ T5477] pim6reg1: entered promiscuous mode [ 85.406774][ T5477] pim6reg1: entered allmulticast mode [ 86.905220][ T5573] delete_channel: no stack [ 87.418780][ T5631] netlink: 32 bytes leftover after parsing attributes in process `syz.4.648'. [ 87.457348][ T29] kauditd_printk_skb: 47 callbacks suppressed [ 87.457363][ T29] audit: type=1400 audit(1768801407.037:601): avc: denied { connect } for pid=5633 comm="syz.5.649" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 87.549180][ T29] audit: type=1400 audit(1768801407.127:602): avc: denied { connect } for pid=5638 comm="syz.5.651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 87.569547][ T29] audit: type=1400 audit(1768801407.127:603): avc: denied { read } for pid=5638 comm="syz.5.651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 88.026495][ T5676] lo: entered allmulticast mode [ 88.036535][ T5675] lo: left allmulticast mode [ 88.565622][ T5738] netlink: 20 bytes leftover after parsing attributes in process `syz.1.659'. [ 89.061993][ T5757] ip6gre1: entered promiscuous mode [ 89.068052][ T5757] ip6gre1: entered allmulticast mode [ 89.227924][ T29] audit: type=1400 audit(1768801408.807:604): avc: denied { mounton } for pid=5759 comm="syz.4.667" path="/proc/354/task" dev="proc" ino=12675 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 89.318199][ T29] audit: type=1400 audit(1768801408.847:605): avc: denied { getopt } for pid=5767 comm="syz.1.668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 89.403932][ T5781] netlink: 8 bytes leftover after parsing attributes in process `syz.1.671'. [ 89.475741][ T4090] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.531033][ T5783] loop1: detected capacity change from 0 to 128 [ 89.639578][ T4090] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.780869][ T5763] chnl_net:caif_netlink_parms(): no params data found [ 89.830231][ T4090] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.882651][ T4090] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.946768][ T5763] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.953908][ T5763] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.983294][ T5804] netlink: 12 bytes leftover after parsing attributes in process `syz.1.679'. [ 89.993174][ T5763] bridge_slave_0: entered allmulticast mode [ 90.000599][ T5763] bridge_slave_0: entered promiscuous mode [ 90.009231][ T5763] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.016509][ T5763] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.025424][ T5763] bridge_slave_1: entered allmulticast mode [ 90.033706][ T5763] bridge_slave_1: entered promiscuous mode [ 90.094017][ T5763] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.171297][ T5763] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.187117][ T4090] bridge0: port 3(dummy0) entered disabled state [ 90.207141][ T4090] bridge_slave_1: left allmulticast mode [ 90.212922][ T4090] bridge_slave_1: left promiscuous mode [ 90.218690][ T4090] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.241664][ T5819] loop5: detected capacity change from 0 to 2048 [ 90.267214][ T4090] bridge_slave_0: left allmulticast mode [ 90.272945][ T4090] bridge_slave_0: left promiscuous mode [ 90.278851][ T4090] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.327908][ T5819] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.380250][ T29] audit: type=1326 audit(1768801409.957:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5818 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 90.404423][ T29] audit: type=1326 audit(1768801409.957:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5818 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 90.428811][ T29] audit: type=1326 audit(1768801409.997:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5818 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 90.452135][ T29] audit: type=1326 audit(1768801409.997:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5818 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 90.476459][ T29] audit: type=1326 audit(1768801409.997:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5818 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 90.517094][ T4183] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.532907][ T4090] dvmrp0 (unregistering): left allmulticast mode [ 90.798307][ T4090] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 90.808672][ T4090] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 90.818979][ T4090] bond0 (unregistering): Released all slaves [ 90.880184][ T5763] team0: Port device team_slave_0 added [ 90.895235][ T4090] tipc: Disabling bearer [ 90.900797][ T4090] tipc: Left network mode [ 90.907342][ T5763] team0: Port device team_slave_1 added [ 90.934484][ T5763] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.942227][ T5763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.968572][ T5763] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.991334][ T5763] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.998663][ T5763] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.025384][ T5763] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.047603][ T4090] hsr_slave_0: left promiscuous mode [ 91.053543][ T4090] hsr_slave_1: left promiscuous mode [ 91.059777][ T4090] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 91.067292][ T4090] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 91.074887][ T4090] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 91.083104][ T4090] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 91.094194][ T4090] veth1_macvtap: left promiscuous mode [ 91.099880][ T4090] veth0_macvtap: left promiscuous mode [ 91.105479][ T4090] veth1_vlan: left promiscuous mode [ 91.125892][ T4090] veth0_vlan: left promiscuous mode [ 91.224326][ T4090] team0 (unregistering): Port device team_slave_1 removed [ 91.235680][ T4090] team0 (unregistering): Port device team_slave_0 removed [ 91.295185][ T5875] netlink: 8 bytes leftover after parsing attributes in process `syz.4.696'. [ 91.449721][ T5763] hsr_slave_0: entered promiscuous mode [ 91.457710][ T5763] hsr_slave_1: entered promiscuous mode [ 91.467377][ T5763] debugfs: 'hsr0' already exists in 'hsr' [ 91.473173][ T5763] Cannot create hsr debugfs directory [ 91.745034][ T5763] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 91.757660][ T5913] netlink: 12 bytes leftover after parsing attributes in process `syz.1.705'. [ 91.767779][ T5763] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 91.777010][ T5763] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 91.789969][ T5913] netlink: 12 bytes leftover after parsing attributes in process `syz.1.705'. [ 91.789995][ T12] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 91.790030][ T12] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 91.825271][ T5763] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 91.869510][ T5916] netlink: 4 bytes leftover after parsing attributes in process `syz.4.706'. [ 91.880967][ T5924] netlink: 28 bytes leftover after parsing attributes in process `syz.1.708'. [ 91.892993][ T12] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 91.904179][ T5916] bridge_slave_1: left allmulticast mode [ 91.910077][ T5916] bridge_slave_1: left promiscuous mode [ 91.916552][ T5916] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.934593][ T5916] bridge_slave_0: left allmulticast mode [ 91.940352][ T5916] bridge_slave_0: left promiscuous mode [ 91.946822][ T5916] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.037707][ T12] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 92.094984][ T5763] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.125321][ T5763] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.141372][ T383] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.148605][ T383] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.172832][ T5763] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 92.183351][ T5763] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 92.199286][ T383] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.206448][ T383] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.316421][ T5763] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.547571][ T5763] veth0_vlan: entered promiscuous mode [ 92.555731][ T5763] veth1_vlan: entered promiscuous mode [ 92.580235][ T5763] veth0_macvtap: entered promiscuous mode [ 92.588062][ T5763] veth1_macvtap: entered promiscuous mode [ 92.601186][ T5763] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.614685][ T5763] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.628779][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.641800][ T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.660882][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.678884][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 92.678966][ T29] audit: type=1400 audit(1768801412.257:618): avc: denied { mounton } for pid=5763 comm="syz-executor" path="/root/syzkaller.iHGCWV/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=14020 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 92.684771][ T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.032969][ T6011] netlink: 8 bytes leftover after parsing attributes in process `syz.2.722'. [ 93.042628][ T6011] netlink: 8 bytes leftover after parsing attributes in process `syz.2.722'. [ 93.092268][ T29] audit: type=1400 audit(1768801412.667:619): avc: denied { getopt } for pid=6012 comm="syz.2.723" lport=141 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 93.527225][ T29] audit: type=1400 audit(1768801413.107:620): avc: denied { watch } for pid=6032 comm="syz.2.730" path="/176/file0" dev="tmpfs" ino=933 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 93.640956][ T29] audit: type=1400 audit(1768801413.217:621): avc: denied { execute } for pid=6039 comm="syz.2.732" path="/file1" dev="ramfs" ino=14100 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1 [ 93.918044][ T6056] syzkaller0: entered promiscuous mode [ 93.923684][ T6056] syzkaller0: entered allmulticast mode [ 94.290280][ T6075] netlink: 2028 bytes leftover after parsing attributes in process `syz.4.744'. [ 94.299601][ T6075] netlink: 24 bytes leftover after parsing attributes in process `syz.4.744'. [ 94.942722][ T29] audit: type=1326 audit(1768801414.517:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6096 comm="syz.6.753" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fddc09bacb9 code=0x0 [ 95.352202][ T29] audit: type=1400 audit(1768801414.927:623): avc: denied { read } for pid=6103 comm="syz.2.755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 95.799700][ T6123] netlink: 8 bytes leftover after parsing attributes in process `syz.6.762'. [ 95.808961][ T6123] netlink: 8 bytes leftover after parsing attributes in process `syz.6.762'. [ 95.856493][ T6127] veth0_vlan: entered allmulticast mode [ 95.869196][ T6129] netlink: 'syz.1.764': attribute type 1 has an invalid length. [ 95.883959][ T29] audit: type=1326 audit(1768801415.457:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6118 comm="syz.2.760" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x0 [ 95.923599][ T6127] veth0_vlan: left promiscuous mode [ 95.926085][ T29] audit: type=1400 audit(1768801415.487:625): avc: denied { getopt } for pid=6128 comm="syz.1.764" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 95.930291][ T6127] veth0_vlan: entered promiscuous mode [ 96.047544][ T6138] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.054852][ T6138] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.099208][ T6138] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 96.110917][ T6138] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 96.160028][ T383] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 96.168575][ T383] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.177618][ T6141] netlink: 'syz.4.768': attribute type 27 has an invalid length. [ 96.195524][ T383] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 96.204191][ T383] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.372443][ T29] audit: type=1400 audit(1768801415.947:626): avc: denied { shutdown } for pid=6154 comm="syz.5.772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 96.420952][ T6158] netlink: 24 bytes leftover after parsing attributes in process `syz.5.773'. [ 96.434288][ T6141] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 96.446047][ T6141] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 96.504516][ T6141] bond2: left allmulticast mode [ 96.509583][ T6141] ip6gretap1: left allmulticast mode [ 96.518182][ T383] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 96.526808][ T383] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.574939][ T6144] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.584648][ T6144] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.598074][ T6144] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 96.645664][ T383] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 96.654386][ T383] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.704377][ T383] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.739598][ T383] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.754357][ T383] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.773810][ T383] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.940286][ T6191] netlink: 24 bytes leftover after parsing attributes in process `syz.1.784'. [ 97.408112][ T29] audit: type=1326 audit(1768801416.987:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6218 comm="syz.6.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddc09bacb9 code=0x7ffc0000 [ 97.585836][ T6225] veth0_vlan: entered allmulticast mode [ 97.628918][ T6225] veth0_vlan: left promiscuous mode [ 97.635470][ T6225] veth0_vlan: entered promiscuous mode [ 97.785440][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 97.785458][ T29] audit: type=1326 audit(1768801417.357:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.2.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 97.855434][ T29] audit: type=1326 audit(1768801417.387:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.2.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 97.879038][ T29] audit: type=1326 audit(1768801417.397:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.2.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 97.902424][ T29] audit: type=1326 audit(1768801417.397:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.2.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 97.925849][ T29] audit: type=1326 audit(1768801417.397:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.2.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 97.949958][ T29] audit: type=1326 audit(1768801417.447:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.2.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 97.973403][ T29] audit: type=1326 audit(1768801417.447:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.2.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 97.996744][ T29] audit: type=1326 audit(1768801417.497:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.2.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 98.020431][ T29] audit: type=1326 audit(1768801417.497:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.2.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 98.048236][ T29] audit: type=1400 audit(1768801417.627:658): avc: denied { create } for pid=6231 comm="syz.2.802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 98.302883][ T6240] netlink: 240 bytes leftover after parsing attributes in process `syz.2.802'. [ 98.338349][ T6230] Set syz1 is full, maxelem 65536 reached [ 98.383025][ T6245] netlink: 12 bytes leftover after parsing attributes in process `syz.4.805'. [ 98.612308][ T6257] loop4: detected capacity change from 0 to 512 [ 98.642033][ T6257] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.723521][ T6257] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.752266][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.880665][ T6272] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 98.889487][ T6272] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 98.902365][ T6272] ref_ctr_offset mismatch. inode: 0x3e0 offset: 0x0 ref_ctr_offset(old): 0x100 ref_ctr_offset(new): 0x0 [ 98.927434][ T6264] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 98.943158][ T6264] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 98.958592][ T6264] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.033614][ T6264] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.107114][ T6264] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.173057][ T6264] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.241918][ T4085] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.280944][ T4085] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.314665][ T4085] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.347614][ T4085] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.660990][ T6285] loop1: detected capacity change from 0 to 512 [ 99.676224][ T6285] msdos: Unknown parameter 'errors&remount-ro' [ 100.867410][ T6316] Invalid ELF header len 1 [ 101.075652][ T6330] netlink: 8 bytes leftover after parsing attributes in process `syz.5.836'. [ 101.085448][ T6330] netlink: 8 bytes leftover after parsing attributes in process `syz.5.836'. [ 101.164903][ T6332] loop5: detected capacity change from 0 to 512 [ 101.184687][ T6332] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 101.229896][ T6334] sch_tbf: burst 1821 is lower than device lo mtu (65550) ! [ 101.325470][ T6341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.840'. [ 102.613186][ T6409] loop6: detected capacity change from 0 to 512 [ 102.624758][ T6408] netlink: 40 bytes leftover after parsing attributes in process `syz.5.867'. [ 102.646622][ T6408] netlink: 32 bytes leftover after parsing attributes in process `syz.5.867'. [ 102.687264][ T6409] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.865: inode has both inline data and extents flags [ 102.721308][ T6409] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.865: couldn't read orphan inode 15 (err -117) [ 102.746137][ T6409] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.885392][ T6417] loop5: detected capacity change from 0 to 1024 [ 102.919495][ T5763] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.943282][ T6417] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 102.961541][ T29] kauditd_printk_skb: 312 callbacks suppressed [ 102.961558][ T29] audit: type=1400 audit(1768801422.537:971): avc: denied { create } for pid=6420 comm="syz.6.872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 103.049561][ T6417] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 103.065738][ T29] audit: type=1400 audit(1768801422.587:972): avc: denied { ioctl } for pid=6420 comm="syz.6.872" path="socket:[16442]" dev="sockfs" ino=16442 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 103.091342][ T29] audit: type=1400 audit(1768801422.597:973): avc: denied { write } for pid=6420 comm="syz.6.872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 103.132407][ T6417] EXT4-fs error (device loop5): ext4_get_journal_inode:5849: inode #32: comm syz.5.870: iget: special inode unallocated [ 103.179245][ T6417] EXT4-fs (loop5): Remounting filesystem read-only [ 103.198271][ T6417] EXT4-fs (loop5): no journal found [ 103.203602][ T6417] EXT4-fs (loop5): can't get journal size [ 103.241773][ T6417] EXT4-fs (loop5): filesystem is read-only [ 103.296176][ T6417] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 103.537647][ T6453] loop1: detected capacity change from 0 to 1024 [ 103.554744][ T6453] EXT4-fs: Ignoring removed nomblk_io_submit option [ 103.593450][ T6453] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 103.602820][ T29] audit: type=1400 audit(1768801423.167:974): avc: denied { lock } for pid=6461 comm="syz.6.883" path="socket:[15761]" dev="sockfs" ino=15761 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 103.637360][ T6453] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.671885][ T4183] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.710724][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.764128][ T6478] netlink: 28 bytes leftover after parsing attributes in process `syz.1.886'. [ 103.963878][ T29] audit: type=1400 audit(1768801423.537:975): avc: denied { ioctl } for pid=6489 comm="syz.1.890" path="socket:[16767]" dev="sockfs" ino=16767 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 104.098071][ T6511] loop1: detected capacity change from 0 to 1024 [ 104.109295][ T6511] EXT4-fs: Ignoring removed bh option [ 104.132903][ T6511] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.319411][ T6511] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.896: Allocating blocks 385-513 which overlap fs metadata [ 104.386488][ T6511] EXT4-fs (loop1): pa ffff8881072b8150: logic 16, phys. 129, len 24 [ 104.394762][ T6511] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8 [ 104.530896][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.151893][ T6497] Set syz1 is full, maxelem 65536 reached [ 105.392641][ T6560] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 105.420380][ T6560] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 105.477953][ T6560] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.018975][ T6560] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.058802][ T6589] netlink: 'syz.1.914': attribute type 32 has an invalid length. [ 106.416369][ T29] audit: type=1400 audit(1768801425.987:976): avc: denied { listen } for pid=6606 comm="syz.4.915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 106.466223][ T29] audit: type=1400 audit(1768801426.027:977): avc: denied { accept } for pid=6606 comm="syz.4.915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 106.485739][ T29] audit: type=1400 audit(1768801426.027:978): avc: denied { shutdown } for pid=6606 comm="syz.4.915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 106.511416][ T6560] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.534970][ T6611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.917'. [ 106.544590][ T6611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.917'. [ 106.798413][ T6607] cgroup: fork rejected by pids controller in /syz4 [ 106.952436][ T6560] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.163912][ T6660] netlink: 12 bytes leftover after parsing attributes in process `syz.1.926'. [ 107.413572][ T6665] loop6: detected capacity change from 0 to 8192 [ 107.464155][ T383] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.472675][ T383] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.551110][ T6665] bio_check_eod: 414 callbacks suppressed [ 107.551177][ T6665] syz.6.929: attempt to access beyond end of device [ 107.551177][ T6665] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 107.600063][ T12] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.718079][ T5763] FAT-fs (loop6): error, invalid access to FAT (entry 0x0000e1b1) [ 107.726008][ T5763] FAT-fs (loop6): Filesystem has been set read-only [ 107.734408][ T2112] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.798868][ T29] audit: type=1400 audit(1768801427.377:979): avc: denied { mount } for pid=6678 comm="syz.2.933" name="/" dev="rpc_pipefs" ino=16194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1 [ 107.805057][ T6682] netlink: 8 bytes leftover after parsing attributes in process `syz.4.935'. [ 107.841711][ T6682] netlink: 16 bytes leftover after parsing attributes in process `syz.4.935'. [ 107.923691][ T6692] netlink: 'syz.4.938': attribute type 1 has an invalid length. [ 107.936685][ T29] audit: type=1400 audit(1768801427.497:980): avc: denied { mount } for pid=6689 comm="syz.6.939" name="/" dev="gadgetfs" ino=3894 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 107.980106][ T6692] bond3: entered promiscuous mode [ 107.985691][ T6692] 8021q: adding VLAN 0 to HW filter on device bond3 [ 108.000689][ T29] audit: type=1400 audit(1768801427.557:981): avc: denied { unmount } for pid=5763 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 108.072099][ T6692] 8021q: adding VLAN 0 to HW filter on device bond4 [ 108.101173][ T6692] bond3: (slave bond4): making interface the new active one [ 108.109257][ T6692] bond4: entered promiscuous mode [ 108.226857][ T6692] bond3: (slave bond4): Enslaving as an active interface with an up link [ 108.742436][ T6735] ref_ctr increment failed for inode: 0x4dc offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff88810005d7c0 [ 108.754143][ T6734] uprobe: syz.2.951:6734 failed to unregister, leaking uprobe [ 109.482191][ T6757] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=6757 comm=syz.6.960 [ 109.496994][ T6757] netlink: 232 bytes leftover after parsing attributes in process `syz.6.960'. [ 110.734856][ T29] audit: type=1326 audit(1768801430.307:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6781 comm="syz.5.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 110.915590][ T29] audit: type=1326 audit(1768801430.337:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6781 comm="syz.5.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 110.939726][ T29] audit: type=1326 audit(1768801430.347:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6781 comm="syz.5.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 110.964280][ T29] audit: type=1326 audit(1768801430.347:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6781 comm="syz.5.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 110.988701][ T29] audit: type=1326 audit(1768801430.347:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6781 comm="syz.5.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 111.012375][ T29] audit: type=1326 audit(1768801430.347:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6781 comm="syz.5.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 111.035929][ T29] audit: type=1326 audit(1768801430.347:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6781 comm="syz.5.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 111.060303][ T29] audit: type=1326 audit(1768801430.347:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6781 comm="syz.5.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 111.083714][ T29] audit: type=1326 audit(1768801430.347:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6781 comm="syz.5.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 112.620515][ T6911] loop5: detected capacity change from 0 to 128 [ 112.874102][ T6931] loop1: detected capacity change from 0 to 2048 [ 112.922492][ T6931] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.987155][ T6942] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1004'. [ 112.996381][ T6942] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1004'. [ 113.064459][ T6931] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.091310][ T6946] loop6: detected capacity change from 0 to 512 [ 113.110958][ T6948] netlink: 'syz.4.1007': attribute type 1 has an invalid length. [ 113.137344][ T6946] loop6: detected capacity change from 0 to 512 [ 113.162781][ T6948] 8021q: adding VLAN 0 to HW filter on device bond5 [ 113.175417][ T6946] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 113.197980][ T6946] EXT4-fs (loop6): orphan cleanup on readonly fs [ 113.212536][ T6948] bond5: (slave dummy0): making interface the new active one [ 113.220877][ T6946] EXT4-fs error (device loop6): ext4_xattr_inode_iget:446: comm syz.6.1006: error while reading EA inode 32 err=-116 [ 113.260970][ T29] kauditd_printk_skb: 49 callbacks suppressed [ 113.260989][ T29] audit: type=1326 audit(1768801432.837:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6953 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 113.291694][ T6946] EXT4-fs (loop6): Remounting filesystem read-only [ 113.297978][ T6948] bond5: (slave dummy0): Enslaving as an active interface with an up link [ 113.307579][ T6946] EXT4-fs (loop6): 1 orphan inode deleted [ 113.313815][ T6946] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 113.325260][ T6955] bond5: entered promiscuous mode [ 113.332580][ T29] audit: type=1326 audit(1768801432.837:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6953 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 113.343645][ T6955] dummy0: entered promiscuous mode [ 113.357893][ T29] audit: type=1326 audit(1768801432.877:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6953 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 113.384798][ T29] audit: type=1326 audit(1768801432.877:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6953 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 113.396675][ T6947] bond5: left promiscuous mode [ 113.411038][ T29] audit: type=1326 audit(1768801432.877:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6953 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 113.438305][ T6947] dummy0: left promiscuous mode [ 113.443316][ T29] audit: type=1326 audit(1768801432.877:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6953 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 113.467633][ T29] audit: type=1326 audit(1768801432.877:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6953 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 113.491411][ T29] audit: type=1326 audit(1768801432.877:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6953 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 113.515703][ T29] audit: type=1326 audit(1768801432.877:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6953 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 113.539282][ T29] audit: type=1326 audit(1768801432.877:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6953 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 113.564056][ T6946] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000. [ 113.600713][ T6963] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1012'. [ 113.615196][ T5763] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.796389][ T6978] bond5: (slave dummy0): Releasing active interface [ 113.835570][ T6978] bond0: (slave bond_slave_0): Releasing backup interface [ 113.848528][ T6978] bond0: (slave bond_slave_1): Releasing backup interface [ 113.866767][ T6978] team0: Port device team_slave_0 removed [ 113.884687][ T6978] team0: Port device team_slave_1 removed [ 113.899201][ T6978] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 113.907171][ T6978] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 113.915615][ T6978] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 113.938540][ T6982] team0: No ports can be present during mode change [ 113.996172][ T6990] netlink: 'syz.5.1024': attribute type 1 has an invalid length. [ 114.020419][ T6990] 8021q: adding VLAN 0 to HW filter on device bond1 [ 114.052186][ T6994] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1023'. [ 114.054868][ T6990] bond1: (slave dummy0): making interface the new active one [ 114.081768][ T6990] bond1: (slave dummy0): Enslaving as an active interface with an up link [ 114.116843][ T6990] bond1: entered promiscuous mode [ 114.160383][ T6990] dummy0: entered promiscuous mode [ 114.174913][ T6989] bond1: left promiscuous mode [ 114.180072][ T6989] dummy0: left promiscuous mode [ 114.762167][ T7025] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1038'. [ 114.795992][ T7027] bridge_slave_0: left allmulticast mode [ 114.801870][ T7027] bridge_slave_0: left promiscuous mode [ 114.807764][ T7027] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.817063][ T7027] bridge_slave_1: left allmulticast mode [ 114.822798][ T7027] bridge_slave_1: left promiscuous mode [ 114.828784][ T7027] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.838159][ T7027] bond0: (slave bond_slave_0): Releasing backup interface [ 114.846974][ T7027] bond0: (slave bond_slave_1): Releasing backup interface [ 114.856097][ T7027] team0: Port device team_slave_0 removed [ 114.862942][ T7027] team0: Port device team_slave_1 removed [ 114.869914][ T7027] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 114.878188][ T7027] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 114.886294][ T7027] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 114.906283][ T7031] team0: Mode changed to "loadbalance" [ 114.934143][ T7035] netlink: 'syz.1.1042': attribute type 1 has an invalid length. [ 114.949109][ T7035] 8021q: adding VLAN 0 to HW filter on device bond1 [ 114.966198][ T7035] bond1: entered promiscuous mode [ 114.971860][ T7034] bond1: left promiscuous mode [ 115.410786][ T7063] rdma_op ffff8881043c7980 conn xmit_rdma 0000000000000000 [ 115.536688][ T3426] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 115.550053][ T3426] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 115.582676][ T7072] loop4: detected capacity change from 0 to 2048 [ 115.619443][ T7072] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.971589][ T3426] hid-generic 0003:0000:0009.0003: unknown main item tag 0x0 [ 115.979108][ T3426] hid-generic 0003:0000:0009.0003: unknown main item tag 0x0 [ 115.986559][ T3426] hid-generic 0003:0000:0009.0003: unknown main item tag 0x0 [ 115.994063][ T3426] hid-generic 0003:0000:0009.0003: unknown main item tag 0x0 [ 116.001599][ T3426] hid-generic 0003:0000:0009.0003: unknown main item tag 0x0 [ 116.009072][ T3426] hid-generic 0003:0000:0009.0003: unknown main item tag 0x0 [ 116.016588][ T3426] hid-generic 0003:0000:0009.0003: unknown main item tag 0x0 [ 116.024020][ T3426] hid-generic 0003:0000:0009.0003: unknown main item tag 0x0 [ 116.031806][ T3426] hid-generic 0003:0000:0009.0003: unknown main item tag 0x0 [ 116.041833][ T3426] hid-generic 0003:0000:0009.0003: hidraw1: USB HID v0.01 Device [syz1] on syz0 [ 116.077675][ T7093] fido_id[7093]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 116.140310][ T7095] gtp0: entered promiscuous mode [ 116.304470][ T7112] veth6: entered promiscuous mode [ 116.309680][ T7112] veth6: entered allmulticast mode [ 116.379525][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.692311][ T7117] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 116.704150][ T7117] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 117.213145][ T7137] tmpfs: Unsupported parameter 'huge' [ 118.316855][ T7160] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1090'. [ 118.361301][ T7160] netlink: 'syz.2.1090': attribute type 10 has an invalid length. [ 118.375235][ T7160] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 119.091141][ T7194] loop6: detected capacity change from 0 to 1024 [ 119.096218][ T29] kauditd_printk_skb: 76 callbacks suppressed [ 119.096262][ T29] audit: type=1400 audit(1768801438.657:1126): avc: denied { execute } for pid=7190 comm="syz.4.1102" path="/proc/601/task/602/net/vlan/vlan1" dev="proc" ino=4026533298 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=file permissive=1 [ 119.141062][ T7194] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.156569][ T29] audit: type=1400 audit(1768801438.737:1127): avc: denied { read write } for pid=7192 comm="syz.6.1103" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 119.179512][ T29] audit: type=1400 audit(1768801438.737:1128): avc: denied { open } for pid=7192 comm="syz.6.1103" path="/88/file1/file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 119.203408][ T29] audit: type=1400 audit(1768801438.767:1129): avc: denied { watch watch_reads } for pid=7192 comm="syz.6.1103" path="/88/file1" dev="loop6" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 119.226890][ T29] audit: type=1400 audit(1768801438.767:1130): avc: denied { watch } for pid=7192 comm="syz.6.1103" path="/88/file1/file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 119.250122][ T29] audit: type=1400 audit(1768801438.767:1131): avc: denied { remove_name } for pid=7192 comm="syz.6.1103" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 119.273051][ T29] audit: type=1400 audit(1768801438.767:1132): avc: denied { unlink } for pid=7192 comm="syz.6.1103" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 119.310488][ T5763] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.342017][ T7200] netlink: 'syz.6.1104': attribute type 4 has an invalid length. [ 119.342345][ T7198] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1105'. [ 119.380319][ T7200] netlink: 'syz.6.1104': attribute type 4 has an invalid length. [ 119.425650][ T29] audit: type=1400 audit(1768801438.997:1133): avc: denied { read } for pid=7201 comm="syz.6.1106" name="ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 119.480324][ T29] audit: type=1400 audit(1768801438.997:1134): avc: denied { open } for pid=7201 comm="syz.6.1106" path="/dev/ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 119.504771][ T29] audit: type=1400 audit(1768801439.007:1135): avc: denied { ioctl } for pid=7201 comm="syz.6.1106" path="/dev/ptp0" dev="devtmpfs" ino=247 ioctlcmd=0x3d0f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 119.534876][ T7204] io-wq is not configured for unbound workers [ 119.620932][ T7214] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1112'. [ 119.682526][ T7214] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1112'. [ 119.709133][ T7219] IPv6: sit2: Disabled Multicast RS [ 119.805652][ T7227] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1116'. [ 119.814756][ T7227] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1116'. [ 119.849723][ T7229] netlink: 'syz.5.1117': attribute type 4 has an invalid length. [ 119.904617][ T7234] netlink: 'syz.5.1117': attribute type 4 has an invalid length. [ 119.998507][ T7242] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1122'. [ 120.094579][ T7250] loop6: detected capacity change from 0 to 128 [ 120.106429][ T7250] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿ' [ 120.162250][ T7260] netlink: 'syz.2.1132': attribute type 4 has an invalid length. [ 120.172438][ T7260] netlink: 'syz.2.1132': attribute type 4 has an invalid length. [ 120.641089][ T7272] loop4: detected capacity change from 0 to 764 [ 122.011720][ T7288] tipc: Started in network mode [ 122.016837][ T7288] tipc: Node identity fe800000000000000000000000000016, cluster identity 4711 [ 122.047993][ T7288] tipc: Enabled bearer , priority 10 [ 122.539014][ T7315] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1153'. [ 122.646006][ T7323] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1158'. [ 122.672203][ T7323] 8021q: adding VLAN 0 to HW filter on device bond2 [ 122.691448][ T7323] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1158'. [ 122.706761][ T7323] macsec1: entered promiscuous mode [ 122.712163][ T7323] bond2: entered promiscuous mode [ 122.717485][ T7323] macsec1: entered allmulticast mode [ 122.722801][ T7323] bond2: entered allmulticast mode [ 122.830344][ T7338] loop5: detected capacity change from 0 to 512 [ 122.846655][ T7341] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 122.874277][ T7340] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 122.965089][ T7345] 8021q: adding VLAN 0 to HW filter on device bond2 [ 123.016411][ T7345] macvlan2: entered promiscuous mode [ 123.021788][ T7345] macvlan2: entered allmulticast mode [ 123.110375][ T7359] loop6: detected capacity change from 0 to 512 [ 123.147667][ T7359] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.154330][ T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1) [ 123.166207][ T6149] tipc: Node number set to 4269801494 [ 123.169392][ T7359] ext4 filesystem being mounted at /104/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 123.203174][ T7359] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.1172: corrupted inode contents [ 123.238174][ T7359] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #2: comm syz.6.1172: mark_inode_dirty error [ 123.264884][ T7359] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.1172: corrupted inode contents [ 123.291590][ T7359] sctp: [Deprecated]: syz.6.1172 (pid 7359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 123.291590][ T7359] Use struct sctp_sack_info instead [ 123.342593][ T7379] __nla_validate_parse: 2 callbacks suppressed [ 123.342611][ T7379] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1179'. [ 123.349264][ T7359] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.1172: corrupted inode contents [ 123.369529][ T7379] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1179'. [ 123.414066][ T7381] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1180'. [ 123.439638][ T7359] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #2: comm syz.6.1172: mark_inode_dirty error [ 123.468961][ T7359] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.1172: corrupted inode contents [ 123.488754][ T7359] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.1172: mark_inode_dirty error [ 123.501068][ T7359] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.1172: corrupted inode contents [ 123.513494][ T7359] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #2: comm syz.6.1172: mark_inode_dirty error [ 123.532631][ T7385] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 123.534657][ T7376] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.1172: corrupted inode contents [ 123.556829][ T7385] batman_adv: batadv0: Adding interface: gretap1 [ 123.563207][ T7385] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 123.595874][ T7385] batman_adv: batadv0: Interface activated: gretap1 [ 123.620602][ T7389] netlink: 65039 bytes leftover after parsing attributes in process `syz.4.1183'. [ 123.652278][ T5763] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.834900][ T7457] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1210'. [ 125.115547][ T7472] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1216'. [ 125.201125][ T7472] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.208373][ T7472] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.294291][ T7472] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 125.308016][ T7472] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 125.381075][ T4090] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.406368][ T4090] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.425831][ T4090] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.465941][ T4090] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.511969][ T7488] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1223'. [ 125.658732][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 125.658756][ T29] audit: type=1326 audit(1768801445.239:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 125.724875][ T29] audit: type=1326 audit(1768801445.269:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 125.748637][ T29] audit: type=1326 audit(1768801445.269:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 125.772366][ T29] audit: type=1326 audit(1768801445.269:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 125.795917][ T29] audit: type=1326 audit(1768801445.269:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 125.819756][ T29] audit: type=1326 audit(1768801445.269:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 125.843355][ T29] audit: type=1326 audit(1768801445.269:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 125.866891][ T29] audit: type=1326 audit(1768801445.269:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 125.890681][ T29] audit: type=1326 audit(1768801445.279:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 125.914393][ T29] audit: type=1326 audit(1768801445.279:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 126.094623][ T7511] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bond, syncid = 0, id = 0 [ 126.440843][ T7523] syzkaller0: entered promiscuous mode [ 126.446592][ T7523] syzkaller0: entered allmulticast mode [ 126.715646][ T7543] netlink: 'syz.5.1246': attribute type 1 has an invalid length. [ 126.741360][ T7543] 8021q: adding VLAN 0 to HW filter on device bond3 [ 126.773491][ T7543] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1246'. [ 126.782802][ T7543] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1246'. [ 126.834296][ T7543] macsec1: entered promiscuous mode [ 126.839615][ T7543] bond3: entered promiscuous mode [ 126.844983][ T7543] macsec1: entered allmulticast mode [ 126.850354][ T7543] bond3: entered allmulticast mode [ 127.148972][ T7563] netlink: 'syz.5.1254': attribute type 10 has an invalid length. [ 127.157325][ T7563] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1254'. [ 127.178648][ T7563] dummy0: entered promiscuous mode [ 127.183928][ T7563] dummy0: entered allmulticast mode [ 127.198595][ T7563] bond1: (slave dummy0): Releasing active interface [ 127.217865][ T7563] bridge0: port 3(dummy0) entered blocking state [ 127.224498][ T7563] bridge0: port 3(dummy0) entered disabled state [ 127.433117][ T7572] syzkaller0: entered promiscuous mode [ 127.438745][ T7572] syzkaller0: entered allmulticast mode [ 129.586813][ T7685] tipc: Failed to remove unknown binding: 66,0,0/0:4021533247/4021533248 [ 129.606032][ T7685] tipc: Failed to remove unknown binding: 66,0,0/0:4021533247/4021533248 [ 129.634513][ T7687] netlink: 'syz.2.1302': attribute type 13 has an invalid length. [ 130.161240][ T7711] Process accounting resumed [ 130.711366][ T7738] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1321'. [ 130.779308][ T7742] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1323'. [ 130.801487][ T7742] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1323'. [ 131.033948][ T29] kauditd_printk_skb: 457 callbacks suppressed [ 131.033967][ T29] audit: type=1326 audit(1768801450.609:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7765 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 131.079347][ T29] audit: type=1326 audit(1768801450.609:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7765 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 131.102947][ T29] audit: type=1326 audit(1768801450.649:1615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7765 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 131.126645][ T29] audit: type=1326 audit(1768801450.649:1616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7765 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 131.150494][ T29] audit: type=1326 audit(1768801450.649:1617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7765 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 131.174242][ T29] audit: type=1326 audit(1768801450.649:1618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7765 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 131.197990][ T29] audit: type=1326 audit(1768801450.649:1619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7765 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 131.221479][ T29] audit: type=1326 audit(1768801450.649:1620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7765 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 131.245131][ T29] audit: type=1326 audit(1768801450.649:1621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7765 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 131.268718][ T29] audit: type=1326 audit(1768801450.649:1622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7765 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f46a8b9acb9 code=0x7ffc0000 [ 131.501903][ T7784] loop5: detected capacity change from 0 to 2048 [ 131.509101][ T3485] IPVS: starting estimator thread 0... [ 131.537810][ T7784] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 131.582911][ T7794] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1344'. [ 131.607432][ T7794] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1344'. [ 131.635861][ T7785] IPVS: using max 2208 ests per chain, 110400 per kthread [ 131.755141][ T7799] netlink: 'syz.2.1346': attribute type 3 has an invalid length. [ 131.774041][ T7799] netlink: 'syz.2.1346': attribute type 3 has an invalid length. [ 131.860957][ T7784] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 131.876768][ T7784] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 131.889401][ T7784] EXT4-fs (loop5): This should not happen!! Data will be lost [ 131.889401][ T7784] [ 131.899121][ T7784] EXT4-fs (loop5): Total free blocks count 0 [ 131.905224][ T7784] EXT4-fs (loop5): Free/Dirty block details [ 131.911188][ T7784] EXT4-fs (loop5): free_blocks=2415919104 [ 131.916958][ T7784] EXT4-fs (loop5): dirty_blocks=2896 [ 131.922269][ T7784] EXT4-fs (loop5): Block reservation details [ 131.928388][ T7784] EXT4-fs (loop5): i_reserved_data_blocks=181 [ 132.064958][ T4183] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 132.157049][ T7816] netlink: 176 bytes leftover after parsing attributes in process `syz.4.1350'. [ 132.255467][ T7819] syzkaller0: entered allmulticast mode [ 132.261527][ T7819] syzkaller0: entered promiscuous mode [ 132.286994][ T7819] syzkaller0 (unregistering): left allmulticast mode [ 132.293788][ T7819] syzkaller0 (unregistering): left promiscuous mode [ 132.710036][ T7829] netlink: 'syz.6.1356': attribute type 13 has an invalid length. [ 133.501795][ T7842] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1362'. [ 133.675716][ T7848] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1364'. [ 133.793554][ T7856] netlink: 'syz.5.1366': attribute type 1 has an invalid length. [ 133.807647][ T7852] loop6: detected capacity change from 0 to 128 [ 133.824929][ T7852] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 133.842589][ T7852] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 133.917084][ T7863] bond4: (slave veth9): Enslaving as an active interface with a down link [ 133.952019][ T7856] bond4: entered promiscuous mode [ 133.957193][ T7856] bond4: entered allmulticast mode [ 133.963397][ T7856] 8021q: adding VLAN 0 to HW filter on device bond4 [ 134.689026][ T4085] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 134.804307][ T7888] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1377'. [ 134.805534][ T7889] netlink: 'syz.4.1376': attribute type 13 has an invalid length. [ 135.007292][ T7896] ref_ctr_offset mismatch. inode: 0x6c1 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1f00000000 [ 135.160604][ T7900] syzkaller0: entered promiscuous mode [ 135.166492][ T7900] syzkaller0: entered allmulticast mode [ 135.684719][ T7928] xt_CT: You must specify a L4 protocol and not use inversions on it [ 135.720824][ T7933] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1397'. [ 135.765397][ T7935] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1398'. [ 135.774777][ T7935] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1398'. [ 135.828625][ T7928] loop5: detected capacity change from 0 to 512 [ 135.860240][ T7928] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 135.892581][ T7928] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (19288!=33349) [ 135.902461][ T7928] EXT4-fs (loop5): group descriptors corrupted! [ 136.107551][ T7946] netlink: 'syz.4.1403': attribute type 1 has an invalid length. [ 136.170560][ T7946] 8021q: adding VLAN 0 to HW filter on device bond6 [ 136.186825][ T7946] bond6: (slave geneve2): making interface the new active one [ 136.196800][ T7946] bond6: (slave geneve2): Enslaving as an active interface with an up link [ 136.205519][ T579] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.256742][ T579] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.290175][ T579] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.316409][ T579] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.511313][ T7965] netlink: 'syz.2.1411': attribute type 4 has an invalid length. [ 136.525390][ T7967] netlink: 'syz.1.1410': attribute type 13 has an invalid length. [ 136.533441][ T7965] netlink: 'syz.2.1411': attribute type 4 has an invalid length. [ 136.631964][ T10] IPVS: starting estimator thread 0... [ 136.735922][ T7970] IPVS: using max 2208 ests per chain, 110400 per kthread [ 137.046488][ T7995] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1421'. [ 137.599866][ T8032] loop5: detected capacity change from 0 to 2048 [ 137.641319][ T8032] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.723002][ T8032] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 137.738971][ T8032] EXT4-fs (loop5): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 17 with error 28 [ 137.751446][ T8032] EXT4-fs (loop5): This should not happen!! Data will be lost [ 137.751446][ T8032] [ 137.761149][ T8032] EXT4-fs (loop5): Total free blocks count 0 [ 137.767282][ T8032] EXT4-fs (loop5): Free/Dirty block details [ 137.773231][ T8032] EXT4-fs (loop5): free_blocks=2415919504 [ 137.779025][ T8032] EXT4-fs (loop5): dirty_blocks=32 [ 137.784203][ T8032] EXT4-fs (loop5): Block reservation details [ 137.790243][ T8032] EXT4-fs (loop5): i_reserved_data_blocks=2 [ 137.843527][ T8042] syzkaller1: entered promiscuous mode [ 137.849311][ T8042] syzkaller1: entered allmulticast mode [ 137.900612][ T8044] EXT4-fs (loop5): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 138.028987][ T29] kauditd_printk_skb: 36 callbacks suppressed [ 138.029006][ T29] audit: type=1400 audit(1768801457.609:1659): avc: denied { ioctl } for pid=8031 comm="syz.5.1437" path="/262/file1/file1" dev="loop5" ino=15 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 138.564306][ T29] audit: type=1326 audit(1768801458.139:1660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8076 comm="syz.2.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 138.599038][ T29] audit: type=1326 audit(1768801458.169:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8076 comm="syz.2.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 138.667839][ T29] audit: type=1400 audit(1768801458.219:1662): avc: denied { append } for pid=8079 comm="syz.5.1451" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 139.202067][ T29] audit: type=1400 audit(1768801458.759:1663): avc: denied { create } for pid=8094 comm="syz.6.1457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 139.259640][ T29] audit: type=1400 audit(1768801458.839:1664): avc: denied { write } for pid=8094 comm="syz.6.1457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 139.427465][ T29] audit: type=1326 audit(1768801459.009:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8103 comm="syz.2.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 139.457994][ T29] audit: type=1326 audit(1768801459.029:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8103 comm="syz.2.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 139.481651][ T29] audit: type=1326 audit(1768801459.029:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8103 comm="syz.2.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 139.505282][ T29] audit: type=1326 audit(1768801459.029:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8103 comm="syz.2.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 139.836543][ T8135] kernel profiling enabled (shift: 63) [ 139.842114][ T8135] profiling shift: 63 too large [ 139.982546][ T8141] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1474'. [ 140.445314][ T8149] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1477'. [ 140.697131][ T8159] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1481'. [ 140.855219][ T8159] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1481'. [ 142.176981][ T8166] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1484'. [ 142.203084][ T8166] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1484'. [ 142.486591][ T8174] mmap: syz.5.1487 (8174) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 142.918878][ T8195] loop5: detected capacity change from 0 to 128 [ 143.042120][ T8202] Trying to write to read-only block-device loop5 [ 143.069536][ T8202] syz.5.1497: attempt to access beyond end of device [ 143.069536][ T8202] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 143.131176][ T8202] syz.5.1497: attempt to access beyond end of device [ 143.131176][ T8202] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 143.154959][ T29] kauditd_printk_skb: 16 callbacks suppressed [ 143.155028][ T29] audit: type=1326 audit(1768801462.729:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8204 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 143.187394][ T8202] syz.5.1497: attempt to access beyond end of device [ 143.187394][ T8202] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 143.246895][ T29] audit: type=1326 audit(1768801462.769:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8204 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 143.270499][ T29] audit: type=1326 audit(1768801462.769:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8204 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 143.295255][ T29] audit: type=1326 audit(1768801462.769:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8204 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 143.319575][ T29] audit: type=1326 audit(1768801462.799:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8204 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc12b3ac547 code=0x7ffc0000 [ 143.343319][ T29] audit: type=1326 audit(1768801462.799:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8204 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fc12b36b58e code=0x7ffc0000 [ 143.367233][ T29] audit: type=1326 audit(1768801462.799:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8204 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc12b36b58e code=0x7ffc0000 [ 143.391360][ T29] audit: type=1326 audit(1768801462.799:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8204 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc12b36b58e code=0x7ffc0000 [ 143.393212][ T8202] syz.5.1497: attempt to access beyond end of device [ 143.393212][ T8202] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 143.415494][ T29] audit: type=1326 audit(1768801462.799:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8204 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc12b36b58e code=0x7ffc0000 [ 143.415534][ T29] audit: type=1326 audit(1768801462.799:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8204 comm="syz.2.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 143.520760][ T8202] syz.5.1497: attempt to access beyond end of device [ 143.520760][ T8202] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 143.566546][ T8202] syz.5.1497: attempt to access beyond end of device [ 143.566546][ T8202] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 143.589628][ T8202] syz.5.1497: attempt to access beyond end of device [ 143.589628][ T8202] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 143.617351][ T8202] syz.5.1497: attempt to access beyond end of device [ 143.617351][ T8202] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 143.631096][ T8202] syz.5.1497: attempt to access beyond end of device [ 143.631096][ T8202] loop5: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 143.645153][ T8202] syz.5.1497: attempt to access beyond end of device [ 143.645153][ T8202] loop5: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 143.823436][ T8221] loop6: detected capacity change from 0 to 1024 [ 143.885396][ T8221] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.035194][ T8245] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1512'. [ 144.127426][ T8221] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.632538][ T8274] loop5: detected capacity change from 0 to 256 [ 144.959876][ T8280] netlink: 'syz.6.1526': attribute type 83 has an invalid length. [ 145.383075][ T8301] netlink: 'syz.2.1535': attribute type 4 has an invalid length. [ 145.531106][ T8308] netlink: 'syz.2.1537': attribute type 13 has an invalid length. [ 145.614531][ T8308] 8021q: adding VLAN 0 to HW filter on device bond0 [ 145.625107][ T8308] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 146.441478][ T8327] loop4: detected capacity change from 0 to 512 [ 146.472867][ T8327] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1544: bg 0: block 393: padding at end of block bitmap is not set [ 146.491923][ T8327] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 146.501753][ T8327] EXT4-fs (loop4): 2 truncates cleaned up [ 146.509023][ T8327] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.526434][ T8327] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1544'. [ 146.535573][ T8327] hsr_slave_0: left promiscuous mode [ 146.542075][ T8327] hsr_slave_1: left promiscuous mode [ 146.679303][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.323669][ T8382] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1565'. [ 147.332921][ T8382] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 147.341080][ T8382] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 147.722097][ T8398] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1573'. [ 147.770599][ T8402] loop4: detected capacity change from 0 to 512 [ 147.781762][ T53] Bluetooth: hci0: Frame reassembly failed (-84) [ 147.786784][ T8402] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000101) [ 147.814683][ T8405] tipc: Failed to remove unknown binding: 66,1,1/4269801494:2189717767/2189717769 [ 147.835138][ T8405] tipc: Failed to remove unknown binding: 66,1,1/4269801494:2189717767/2189717769 [ 147.844593][ T8405] tipc: Failed to remove unknown binding: 66,1,1/4269801494:2189717767/2189717769 [ 147.846685][ T8402] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1575'. [ 148.049393][ T8414] syzkaller0: entered promiscuous mode [ 148.055067][ T8414] syzkaller0: entered allmulticast mode [ 148.150688][ T8431] loop4: detected capacity change from 0 to 512 [ 148.157118][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 148.157138][ T29] audit: type=1326 audit(1768801467.729:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f86d948b58e code=0x7ffc0000 [ 148.187220][ T29] audit: type=1326 audit(1768801467.729:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f86d94caae7 code=0x7ffc0000 [ 148.210749][ T29] audit: type=1326 audit(1768801467.729:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f86d948b58e code=0x7ffc0000 [ 148.234330][ T29] audit: type=1326 audit(1768801467.729:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f86d94ca94b code=0x7ffc0000 [ 148.259262][ T29] audit: type=1326 audit(1768801467.769:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f86d948b58e code=0x7ffc0000 [ 148.283698][ T29] audit: type=1326 audit(1768801467.769:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f86d948b58e code=0x7ffc0000 [ 148.308017][ T29] audit: type=1326 audit(1768801467.769:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f86d94c9b97 code=0x7ffc0000 [ 148.319117][ T8431] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 148.332049][ T29] audit: type=1326 audit(1768801467.769:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f86d94cbf4a code=0x7ffc0000 [ 148.346492][ T8431] ext4 filesystem being mounted at /308/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 148.379564][ T8429] tipc: Enabling of bearer rejected, already enabled [ 148.385286][ T29] audit: type=1326 audit(1768801467.959:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f86d948b58e code=0x7ffc0000 [ 148.411098][ T29] audit: type=1326 audit(1768801467.959:1733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f86d94c9167 code=0x7ffc0000 [ 148.437790][ T8431] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 148.453167][ T8431] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 28 [ 148.465528][ T8431] EXT4-fs (loop4): This should not happen!! Data will be lost [ 148.465528][ T8431] [ 148.475348][ T8431] EXT4-fs (loop4): Total free blocks count 0 [ 148.481431][ T8431] EXT4-fs (loop4): Free/Dirty block details [ 148.487410][ T8431] EXT4-fs (loop4): free_blocks=65280 [ 148.492727][ T8431] EXT4-fs (loop4): dirty_blocks=2 [ 148.497811][ T8431] EXT4-fs (loop4): Block reservation details [ 148.503818][ T8431] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 148.510692][ T8443] kernel profiling enabled (shift: 17) [ 148.538496][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.591076][ T8449] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1590'. [ 148.699270][ T8464] loop5: detected capacity change from 0 to 512 [ 148.881252][ T8484] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1602'. [ 149.394615][ T8519] loop5: detected capacity change from 0 to 8192 [ 149.544203][ T8525] loop5: detected capacity change from 0 to 1024 [ 149.598158][ T8525] EXT4-fs: Ignoring removed oldalloc option [ 149.627659][ T8525] 9p: Bad value for 'rfdno' [ 149.815910][ T4232] Bluetooth: hci0: command 0x1003 tx timeout [ 149.817439][ T44] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 149.882037][ T8535] bridge0: port 3(dummy0) entered disabled state [ 149.896961][ T8535] bridge_slave_0: left allmulticast mode [ 149.902899][ T8535] bridge_slave_0: left promiscuous mode [ 149.908890][ T8535] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.928233][ T8535] bridge_slave_1: left allmulticast mode [ 149.933966][ T8535] bridge_slave_1: left promiscuous mode [ 149.939923][ T8535] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.968601][ T8535] bond0: (slave bond_slave_0): Releasing backup interface [ 149.980504][ T8535] bond0: (slave bond_slave_1): Releasing backup interface [ 150.001570][ T8535] team0: Port device team_slave_0 removed [ 150.021135][ T8535] team0: Port device team_slave_1 removed [ 150.038112][ T8535] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 150.045571][ T8535] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 150.068557][ T8535] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 150.076103][ T8535] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 150.100111][ T8535] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 150.996630][ T8590] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.058409][ T8590] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.147101][ T8590] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.198378][ T8590] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.266686][ T4074] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.284472][ T4074] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.297334][ T4074] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.318355][ T4074] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.470014][ T8611] netlink: 'syz.1.1650': attribute type 2 has an invalid length. [ 151.477916][ T8611] netlink: 199792 bytes leftover after parsing attributes in process `syz.1.1650'. [ 151.798075][ T8628] tipc: Enabled bearer , priority 0 [ 151.806453][ T8627] tipc: Resetting bearer [ 151.827032][ T8627] tipc: Disabling bearer [ 152.364147][ T8651] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1664'. [ 152.376445][ T8651] netlink: 'syz.2.1664': attribute type 5 has an invalid length. [ 152.385029][ T8651] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1664'. [ 152.564850][ T8651] geneve2: entered promiscuous mode [ 152.582152][ T8651] geneve2: entered allmulticast mode [ 152.648344][ T1620] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 65535 - 0 [ 152.656901][ T1620] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 65535 - 0 [ 152.675506][ T1620] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 65535 - 0 [ 152.690445][ T1620] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 65535 - 0 [ 152.732120][ T8661] loop6: detected capacity change from 0 to 512 [ 152.740957][ T8661] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 152.768541][ T8661] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #17: comm syz.6.1668: inode has both inline data and extents flags [ 152.800489][ T8661] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.1668: couldn't read orphan inode 17 (err -117) [ 152.830858][ T8661] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.881989][ T5763] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.041369][ T8682] netlink: 'syz.6.1676': attribute type 1 has an invalid length. [ 153.059447][ T8682] bond1: entered promiscuous mode [ 153.064995][ T8682] 8021q: adding VLAN 0 to HW filter on device bond1 [ 153.068841][ T8685] tipc: Failed to remove unknown binding: 66,0,0/0:1563196515/1563196516 [ 153.099345][ T8682] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1676'. [ 153.111529][ T8685] tipc: Failed to remove unknown binding: 66,0,0/0:1563196515/1563196516 [ 153.112112][ T8682] bond1: entered allmulticast mode [ 153.270015][ T29] kauditd_printk_skb: 98 callbacks suppressed [ 153.270033][ T29] audit: type=1400 audit(1768801472.849:1832): avc: denied { read write } for pid=8699 comm="syz.6.1683" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 153.300748][ T29] audit: type=1400 audit(1768801472.849:1833): avc: denied { open } for pid=8699 comm="syz.6.1683" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 153.802238][ T8732] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1695'. [ 153.938418][ T8741] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1699'. [ 154.353882][ T8749] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1700'. [ 154.635049][ T8766] SET target dimension over the limit! [ 154.755494][ T8778] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1713'. [ 154.779608][ T8778] 8021q: adding VLAN 0 to HW filter on device bond7 [ 154.787870][ T29] audit: type=1326 audit(1768801474.359:1834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8779 comm="syz.5.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 154.811604][ T29] audit: type=1326 audit(1768801474.359:1835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8779 comm="syz.5.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 154.835047][ T29] audit: type=1326 audit(1768801474.359:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8779 comm="syz.5.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 154.858804][ T29] audit: type=1326 audit(1768801474.359:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8779 comm="syz.5.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 154.882372][ T29] audit: type=1326 audit(1768801474.359:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8779 comm="syz.5.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 154.905784][ T29] audit: type=1326 audit(1768801474.359:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8779 comm="syz.5.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 154.929410][ T29] audit: type=1326 audit(1768801474.359:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8779 comm="syz.5.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 154.952934][ T29] audit: type=1326 audit(1768801474.359:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8779 comm="syz.5.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f2dbaa4acb9 code=0x7ffc0000 [ 154.991465][ T8784] syzkaller0: entered promiscuous mode [ 154.997706][ T8784] syzkaller0: entered allmulticast mode [ 155.019140][ T8778] bond7: (slave ip6tnl1): refused to change device type [ 155.182151][ T8802] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1722'. [ 155.255658][ T1620] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.268190][ T1620] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.300085][ T1620] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.329707][ T1620] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.705977][ T8836] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1734'. [ 156.599616][ T8897] netlink: 'syz.2.1758': attribute type 4 has an invalid length. [ 156.607508][ T8897] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1758'. [ 157.298674][ T8943] IPVS: set_ctl: invalid protocol: 45813 10.1.1.2:20004 [ 157.307542][ T8943] loop6: detected capacity change from 0 to 128 [ 157.732527][ T8966] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1787'. [ 157.764436][ T8966] 8021q: adding VLAN 0 to HW filter on device bond2 [ 157.788397][ T8966] bond2: (slave ip6tnl1): refused to change device type [ 157.821326][ T8975] netlink: 'syz.4.1790': attribute type 1 has an invalid length. [ 157.846533][ T8975] bond8: entered promiscuous mode [ 157.851746][ T8975] bond8: entered allmulticast mode [ 157.860554][ T8975] 8021q: adding VLAN 0 to HW filter on device bond8 [ 157.877142][ T8975] bridge4: entered promiscuous mode [ 157.882566][ T8975] bridge4: entered allmulticast mode [ 157.888968][ T8975] bond8: (slave bridge4): Enslaving as a backup interface with an up link [ 157.945976][ T37] bond8: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 158.065914][ T53] bond8: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 158.275840][ T29] kauditd_printk_skb: 37 callbacks suppressed [ 158.275859][ T29] audit: type=1326 audit(1768801477.849:1879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 158.306322][ T29] audit: type=1326 audit(1768801477.859:1880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 158.330810][ T29] audit: type=1326 audit(1768801477.889:1881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 158.354579][ T29] audit: type=1326 audit(1768801477.889:1882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 158.378152][ T29] audit: type=1326 audit(1768801477.889:1883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 158.401760][ T29] audit: type=1326 audit(1768801477.889:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 158.425373][ T29] audit: type=1326 audit(1768801477.889:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 158.449473][ T29] audit: type=1326 audit(1768801477.889:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 158.473167][ T29] audit: type=1326 audit(1768801477.899:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 158.496615][ T29] audit: type=1326 audit(1768801477.899:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fc12b3aacb9 code=0x7ffc0000 [ 158.570701][ T9016] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1805'. [ 158.753619][ T9030] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1812'. [ 158.833822][ T9040] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1815'. [ 158.933925][ T9030] vlan2: entered promiscuous mode [ 158.957075][ T9030] syz_tun: entered promiscuous mode [ 159.306990][ T9074] loop4: detected capacity change from 0 to 1024 [ 159.313737][ T9074] EXT4-fs: Ignoring removed orlov option [ 159.320049][ T9074] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 159.347240][ T9074] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002] [ 159.355403][ T9074] System zones: 0-1, 3-12 [ 159.362117][ T9074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.380896][ T9079] loop6: detected capacity change from 0 to 256 [ 159.440186][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.693142][ T4074] ================================================================== [ 159.701366][ T4074] BUG: KCSAN: data-race in __fat_write_inode / copy_folio_from_iter_atomic [ 159.710015][ T4074] [ 159.712357][ T4074] write to 0xffff888166c609bc of 4 bytes by task 9083 on cpu 0: [ 159.720002][ T4074] __fat_write_inode+0x236/0x530 [ 159.724977][ T4074] fat_sync_inode+0x1a/0x30 [ 159.729506][ T4074] fat_truncate_blocks+0x1cc/0x5a0 [ 159.734653][ T4074] fat_write_end+0xba/0x160 [ 159.739191][ T4074] generic_perform_write+0x311/0x490 [ 159.744543][ T4074] __generic_file_write_iter+0x9e/0x120 [ 159.750167][ T4074] generic_file_write_iter+0x8d/0x310 [ 159.755574][ T4074] vfs_write+0x5a6/0x9f0 [ 159.759838][ T4074] ksys_write+0xdc/0x1a0 [ 159.764124][ T4074] __x64_sys_write+0x40/0x50 [ 159.768741][ T4074] x64_sys_call+0x2847/0x3000 [ 159.773461][ T4074] do_syscall_64+0xc0/0x2a0 [ 159.777983][ T4074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.783902][ T4074] [ 159.786268][ T4074] read to 0xffff888166c60800 of 2048 bytes by task 4074 on cpu 1: [ 159.794094][ T4074] copy_folio_from_iter_atomic+0x75f/0x1170 [ 159.800033][ T4074] generic_perform_write+0x2c1/0x490 [ 159.805371][ T4074] shmem_file_write_iter+0xc5/0xf0 [ 159.810635][ T4074] lo_rw_aio+0x67d/0x730 [ 159.814906][ T4074] loop_process_work+0x56c/0xac0 [ 159.819870][ T4074] loop_workfn+0x31/0x40 [ 159.824134][ T4074] process_scheduled_works+0x4cd/0x9d0 [ 159.829738][ T4074] worker_thread+0x581/0x770 [ 159.834353][ T4074] kthread+0x488/0x510 [ 159.838452][ T4074] ret_from_fork+0x148/0x280 [ 159.844041][ T4074] ret_from_fork_asm+0x1a/0x30 [ 159.848839][ T4074] [ 159.851291][ T4074] Reported by Kernel Concurrency Sanitizer on: [ 159.857471][ T4074] CPU: 1 UID: 0 PID: 4074 Comm: kworker/u8:11 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 159.869039][ T4074] Tainted: [W]=WARN [ 159.872944][ T4074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 159.883017][ T4074] Workqueue: loop6 loop_workfn [ 159.887810][ T4074] ================================================================== [ 160.297536][ T9079] bio_check_eod: 55 callbacks suppressed [ 160.297551][ T9079] syz.6.1828: attempt to access beyond end of device [ 160.297551][ T9079] loop6: rw=2049, sector=256, nr_sectors = 32 limit=256 [ 160.307394][ T9083] syz.6.1828: attempt to access beyond end of device [ 160.307394][ T9083] loop6: rw=2049, sector=1344, nr_sectors = 32 limit=256 [ 160.320044][ T9079] syz.6.1828: attempt to access beyond end of device [ 160.320044][ T9079] loop6: rw=2049, sector=384, nr_sectors = 32 limit=256 [ 160.330982][ T9083] syz.6.1828: attempt to access beyond end of device [ 160.330982][ T9083] loop6: rw=2049, sector=1408, nr_sectors = 96 limit=256 [ 160.344934][ T9079] syz.6.1828: attempt to access beyond end of device [ 160.344934][ T9079] loop6: rw=2049, sector=448, nr_sectors = 32 limit=256 [ 160.359640][ T9083] syz.6.1828: attempt to access beyond end of device [ 160.359640][ T9083] loop6: rw=2049, sector=1536, nr_sectors = 64 limit=256 [ 160.373144][ T9079] syz.6.1828: attempt to access beyond end of device [ 160.373144][ T9079] loop6: rw=2049, sector=512, nr_sectors = 32 limit=256 [ 160.386032][ T9083] syz.6.1828: attempt to access beyond end of device [ 160.386032][ T9083] loop6: rw=2049, sector=1632, nr_sectors = 64 limit=256 [ 160.386128][ T9083] syz.6.1828: attempt to access beyond end of device [ 160.386128][ T9083] loop6: rw=2049, sector=1728, nr_sectors = 64 limit=256 [ 160.386285][ T9083] syz.6.1828: attempt to access beyond end of device [ 160.386285][ T9083] loop6: rw=2049, sector=1824, nr_sectors = 96 limit=256