last executing test programs: 1.999622505s ago: executing program 4 (id=2817): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0xb, 0x42, 0x3e, 0x42}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0, 0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000180)}, 0x20) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000280)}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x7, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000240)='GPL\x00', 0x8, 0x1005, &(0x7f00000014c0)=""/4101, 0x41100, 0xc}, 0x94) 1.903891534s ago: executing program 4 (id=2818): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10) socket$unix(0x1, 0x1, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r1, &(0x7f0000000680)=[{{&(0x7f0000000200)={0xa, 0x4e23, 0x11, @loopback, 0x2}, 0x1c, &(0x7f0000001b40)=[{&(0x7f0000000840)="3a4547dd7400"/16, 0x10}], 0x1}}], 0x1, 0x400c800) 1.25281835s ago: executing program 3 (id=2829): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x10, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x1}, 0x2002, 0x32, 0x7, 0x7, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x4e, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x480, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x4ac269ba, 0xaea}, 0x11aa0, 0x30, 0x10000, 0x0, 0x18bb, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='cpu>00||!') 1.082879705s ago: executing program 0 (id=2838): socket$netlink(0x10, 0x3, 0xc) setreuid(0xffffffffffffffff, 0xee01) r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_ENTRIES(r0, 0x0, 0x83, 0x0, &(0x7f0000000340)) io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0) 1.060928941s ago: executing program 3 (id=2839): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) close_range(r0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000840)='fdinfo\x00') lseek(r1, 0x7, 0x1) getdents(r1, 0x0, 0x51) 979.916264ms ago: executing program 3 (id=2840): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000e50100000095"], 0x0, 0x1002, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94) r0 = io_uring_setup(0x1f0, &(0x7f0000000440)={0x0, 0x8272, 0x40, 0x3, 0x117}) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000640)=[{0x0}], 0x178) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff02"], 0x0}, 0x94) io_uring_register$IORING_REGISTER_FILES(r0, 0x1e, &(0x7f0000000000)=[r0], 0x1) 979.805654ms ago: executing program 4 (id=2841): r0 = socket$nl_generic(0x10, 0x3, 0x10) read(r0, &(0x7f0000000440)=""/138, 0x8a) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000002880), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11072abd7000ffdbdf250500000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x28008000}, 0x40000) 950.379018ms ago: executing program 0 (id=2842): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000008"], 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f0000000000)="ec231f1c7ea9336d181a02000000", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 949.461767ms ago: executing program 3 (id=2843): io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000080)=[@ioring_restriction_register_op={0x0, 0x1d}], 0x1) r0 = creat(&(0x7f0000000000)='./file1\x00', 0x96) fstat(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) syz_io_uring_setup(0x71d5, &(0x7f0000000000)={0x0, 0x4d9, 0x0, 0x4, 0x308}, &(0x7f00000000c0), &(0x7f0000000140)) 912.86728ms ago: executing program 0 (id=2844): r0 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0xe1, 0xf40b9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x1, @perf_config_ext={0x7, 0x100}, 0x204, 0x0, 0x43a1b976, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0xa) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff3]}, 0x8, 0x80000) 882.369473ms ago: executing program 3 (id=2846): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1}, 0x94) socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200}) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1, 0x2, 0x1, 0xffffffffffffbbfe, 0x0, 0x0, 0x0, 0xfffffffe}, 0xffffffffffffffff, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080)) 858.322238ms ago: executing program 4 (id=2847): r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x9}, 0x48) r2 = socket(0x1, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r1, &(0x7f0000000100), &(0x7f00000001c0)=@tcp=r2}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r1, &(0x7f0000000100), &(0x7f0000000140)=@udp6=r0, 0x1}, 0x20) 814.869999ms ago: executing program 3 (id=2848): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) 770.79098ms ago: executing program 4 (id=2849): r0 = syz_io_uring_setup(0x4e0, &(0x7f00000000c0)={0x0, 0x79b1, 0x3180, 0x8000, 0x400252}, &(0x7f0000000640)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_READ=@pass_buffer={0x16, 0x20, 0x4000, @fd_index=0x5, 0xc16, 0x0, 0x0, 0x8, 0x0, {0x0, r3}}) io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0) 657.622727ms ago: executing program 4 (id=2851): bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xe, 0x4, 0x4, 0x1ffff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) 644.094624ms ago: executing program 0 (id=2852): ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x0, 0x0, 0x17, 0x5, 0x89, 0x0}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD") renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file0/file0\x00', 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="08000000020003000b"], 0x0) 542.083433ms ago: executing program 0 (id=2855): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000000c0)=0xa, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="10031200e0ff020002004788aa96a13bb100001100007fca1a00", 0x1000a, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) readv(r0, &(0x7f0000000cc0)=[{&(0x7f0000000800)=""/224, 0xe0}], 0x1) 484.543341ms ago: executing program 2 (id=2856): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='veth1_to_team\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x804, &(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10) setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000040)=0xfffd, 0x4) recvmmsg(r0, &(0x7f00000007c0)=[{{0x0, 0x0, 0x0}, 0x8}], 0x1, 0x0, 0x0) 484.361161ms ago: executing program 0 (id=2857): timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x3fd4, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) mknodat$loop(0xffffffffffffffff, 0x0, 0x200, 0x1) 484.235411ms ago: executing program 2 (id=2858): bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) setresuid(0x0, 0xee01, 0x0) semctl$SETVAL(0x0, 0x0, 0x10, 0x0) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000080)="240000004e0025000307f4f9002304000a04f55f08000100020100020800038005000000", 0x24) 416.683297ms ago: executing program 2 (id=2859): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f9cf02e, 0x2, @perf_config_ext={0x5, 0x6}, 0x0, 0x5bd20d9e, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0x11, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 243.918361ms ago: executing program 2 (id=2860): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$binfmt_elf64(r0, &(0x7f00000003c0)=ANY=[], 0x78) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x4001, 0x3, 0x208, 0x250, 0x700001b, 0x148, 0x0, 0x148, 0x350, 0x206, 0x240, 0x350, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @rand_addr, 0x0, 0x0, 'tunl0\x00', 'macvlan1\x00', {0xff}, {}, 0x2f}, 0x1ea, 0x70, 0xd8, 0x0, {0x390, 0x8f00}}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x268) 158.217733ms ago: executing program 1 (id=2862): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0xda92b92eb38eb61c) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000001f) close_range(r1, 0xffffffffffffffff, 0x0) 157.661993ms ago: executing program 2 (id=2863): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000540)) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fbdbdf251e00000008000300", @ANYRES32=r2, @ANYBLOB="50002f800c0002000203aaaaaaaaaaaa0c000380080001000200000034000380080001"], 0x6c}, 0x1, 0x0, 0x0, 0x20040814}, 0x4880) 96.715071ms ago: executing program 1 (id=2864): unshare(0x22020600) r0 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) syz_clone3(&(0x7f0000000340)={0x200000000, 0x0, 0x0, 0x0, {0x3a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) 77.643337ms ago: executing program 1 (id=2865): prctl$PR_SET_SECUREBITS(0x1c, 0x15) setuid(0xee00) fchmodat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0xfffffe43) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) creat(&(0x7f0000000100)='./file0\x00', 0x0) 64.961334ms ago: executing program 2 (id=2866): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000005"], 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f0000000240)=r1}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x53f, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 20.448215ms ago: executing program 1 (id=2867): r0 = syz_io_uring_setup(0x3c3, &(0x7f0000001480)={0x0, 0x124a, 0x80, 0x0, 0x1f}, &(0x7f00000008c0)=0x0, &(0x7f0000000180)=0x0) r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0xa3d8, 0x0, 0x0, 0x0, 0x1, {0x2}}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0) 402.391µs ago: executing program 1 (id=2868): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x80000}, 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x10, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r2, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50) 0s ago: executing program 1 (id=2869): r0 = syz_io_uring_setup(0x4e3, &(0x7f00000001c0)={0x0, 0x79ae, 0x3180, 0x20008002, 0x400252}, &(0x7f0000000640)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_SYMLINKAT={0x26, 0x12, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0, 0x1}) unshare(0x20040600) io_uring_enter(r0, 0x627, 0xe7, 0x43, 0x0, 0x0) kernel console output (not intermixed with test programs): 00000001) [ 67.626388][ T5823] bond1 (unregistering): Released all slaves [ 67.641435][ T5816] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 67.653900][ T5816] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 67.655278][ T4762] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.664577][ T5817] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 67.684001][ T5816] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 67.780654][ T5840] loop3: detected capacity change from 0 to 128 [ 68.475465][ T5873] loop2: detected capacity change from 0 to 1024 [ 68.539388][ T5873] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.573455][ T5873] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 68.590766][ T5873] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 28 [ 68.603262][ T5873] EXT4-fs (loop2): This should not happen!! Data will be lost [ 68.603262][ T5873] [ 68.613093][ T5873] EXT4-fs (loop2): Total free blocks count 0 [ 68.619227][ T5873] EXT4-fs (loop2): Free/Dirty block details [ 68.625225][ T5873] EXT4-fs (loop2): free_blocks=20480 [ 68.630615][ T5873] EXT4-fs (loop2): dirty_blocks=64 [ 68.635828][ T5873] EXT4-fs (loop2): Block reservation details [ 68.642043][ T5888] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 68.654472][ T5873] EXT4-fs (loop2): i_reserved_data_blocks=4 [ 68.740358][ T5894] EXT4-fs: Ignoring removed orlov option [ 68.750788][ T5894] EXT4-fs: Ignoring removed nobh option [ 68.784850][ T5894] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.828409][ T28] kauditd_printk_skb: 32 callbacks suppressed [ 68.828428][ T28] audit: type=1400 audit(1772398633.204:601): avc: denied { lock } for pid=5893 comm="syz.1.857" path="/189/file1/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 68.907949][ T5904] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.928298][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.952608][ T5904] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.030840][ T5919] syzkaller1: entered promiscuous mode [ 69.071321][ T5919] syzkaller1: entered allmulticast mode [ 69.173264][ T5923] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #18: comm syz.2.855: corrupted inode contents [ 69.195254][ T5923] loop2: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 69.195497][ T5923] EXT4-fs error (device loop2): ext4_dirty_inode:6450: inode #18: comm syz.2.855: mark_inode_dirty error [ 69.225900][ T5923] loop2: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 69.262213][ T5923] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #18: comm syz.2.855: corrupted inode contents [ 69.292906][ T5935] sctp: [Deprecated]: syz.1.873 (pid 5935) Use of struct sctp_assoc_value in delayed_ack socket option. [ 69.292906][ T5935] Use struct sctp_sack_info instead [ 69.329562][ T5923] loop2: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 69.329708][ T5923] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #18: comm syz.2.855: mark_inode_dirty error [ 69.355745][ T5935] set_capacity_and_notify: 2 callbacks suppressed [ 69.355760][ T5935] loop1: detected capacity change from 0 to 2048 [ 69.377787][ T5923] loop2: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 69.379315][ T5923] EXT4-fs error (device loop2): ext4_xattr_delete_inode:3002: inode #18: comm syz.2.855: mark inode dirty (error -117) [ 69.408392][ T5923] loop2: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 69.408561][ T5923] EXT4-fs warning (device loop2): ext4_evict_inode:275: xattr delete (err -117) [ 69.424111][ T5952] Invalid logical block size (5) [ 69.438409][ T3301] loop1: p3 < > p4 < > [ 69.443140][ T3301] loop1: partition table partially beyond EOD, truncated [ 69.486057][ T4762] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.495536][ T3301] loop1: p3 start 4284289 is beyond EOD, truncated [ 69.505973][ T5935] loop1: p3 < > p4 < > [ 69.511212][ T5935] loop1: partition table partially beyond EOD, truncated [ 69.539511][ T5935] loop1: p3 start 4284289 is beyond EOD, truncated [ 69.553905][ T5964] loop2: detected capacity change from 0 to 512 [ 69.581330][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 69.634541][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 69.665131][ T5964] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.719243][ T28] audit: type=1400 audit(1772398634.094:602): avc: denied { mounton } for pid=5974 comm="syz.4.886" path="/proc/415" dev="proc" ino=13069 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 69.727826][ T5964] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.770927][ T28] audit: type=1400 audit(1772398634.144:603): avc: denied { read append } for pid=5962 comm="syz.2.879" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 69.795370][ T28] audit: type=1400 audit(1772398634.144:604): avc: denied { open } for pid=5962 comm="syz.2.879" path="/85/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 69.824073][ T28] audit: type=1400 audit(1772398634.174:605): avc: denied { write } for pid=5962 comm="syz.2.879" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 69.849010][ T28] audit: type=1400 audit(1772398634.174:606): avc: denied { setattr } for pid=5962 comm="syz.2.879" path="/85/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 69.881303][ T28] audit: type=1400 audit(1772398634.254:607): avc: denied { ioctl } for pid=5962 comm="syz.2.879" path="/85/file1/file1" dev="loop2" ino=15 ioctlcmd=0x6609 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 70.028997][ T28] audit: type=1326 audit(1772398634.404:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5989 comm="syz.4.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 70.053094][ T28] audit: type=1326 audit(1772398634.434:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5989 comm="syz.4.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 70.076700][ T28] audit: type=1326 audit(1772398634.434:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5989 comm="syz.4.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 70.161317][ T4762] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.303764][ T6007] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 70.319597][ T6007] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 71.053879][ T6041] SELinux: failed to load policy [ 71.148854][ T6049] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 71.214626][ T6055] loop2: detected capacity change from 0 to 512 [ 71.234001][ T6055] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.247621][ T6055] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.404140][ T36] Bluetooth: hci0: Frame reassembly failed (-84) [ 71.444534][ T4762] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.573096][ T6092] Invalid argument reading file caps for ./file0 [ 71.635086][ T6098] loop1: detected capacity change from 0 to 128 [ 71.775637][ T6110] netlink: 792 bytes leftover after parsing attributes in process `syz.2.942'. [ 71.785015][ T6110] netlink: 792 bytes leftover after parsing attributes in process `syz.2.942'. [ 71.800614][ T6110] netlink: 20 bytes leftover after parsing attributes in process `syz.2.942'. [ 71.857896][ T6117] capability: warning: `syz.2.945' uses deprecated v2 capabilities in a way that may be insecure [ 71.923236][ T6113] SELinux: failed to load policy [ 72.015418][ T6125] batadv_slave_1: entered promiscuous mode [ 72.046663][ T6124] batadv_slave_1: left promiscuous mode [ 72.415784][ T6150] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 72.437358][ T6150] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 72.535907][ T6162] loop0: detected capacity change from 0 to 512 [ 72.548931][ T6164] loop2: detected capacity change from 0 to 256 [ 72.594691][ T6162] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.608374][ T6162] ext4 filesystem being mounted at /191/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.622492][ T6168] loop2: detected capacity change from 0 to 512 [ 72.646198][ T6168] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.667895][ T6168] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.691962][ T6168] EXT4-fs (loop2): shut down requested (0) [ 72.710542][ T4762] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.769362][ T6172] EXT4-fs error (device loop0): ext4_do_update_inode:5569: inode #18: comm syz.0.962: corrupted inode contents [ 72.785427][ T6172] loop0: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 72.793464][ T6172] EXT4-fs error (device loop0): ext4_dirty_inode:6450: inode #18: comm syz.0.962: mark_inode_dirty error [ 72.831797][ T6172] loop0: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 72.832082][ T6172] EXT4-fs error (device loop0): ext4_do_update_inode:5569: inode #18: comm syz.0.962: corrupted inode contents [ 72.854041][ T6172] loop0: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 72.854254][ T6172] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2999: inode #18: comm syz.0.962: mark_inode_dirty error [ 72.875800][ T6172] loop0: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 72.875996][ T6172] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3002: inode #18: comm syz.0.962: mark inode dirty (error -117) [ 72.897832][ T6172] loop0: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 72.898047][ T6172] EXT4-fs warning (device loop0): ext4_evict_inode:275: xattr delete (err -117) [ 72.931662][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.026124][ T6182] loop1: detected capacity change from 0 to 4096 [ 73.041062][ T6182] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.121977][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.266549][ T9] kernel read not supported for file /rfkill (pid: 9 comm: kworker/0:0) [ 73.284407][ T6206] loop1: detected capacity change from 0 to 512 [ 73.299261][ T6206] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.317079][ T6206] ext4 filesystem being mounted at /218/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.375151][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.429876][ T6076] Bluetooth: hci0: command 0x1003 tx timeout [ 73.436206][ T3551] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 73.875268][ T6265] loop3: detected capacity change from 0 to 512 [ 73.899452][ T6265] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.1003: inode has both inline data and extents flags [ 73.922965][ T6265] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1003: couldn't read orphan inode 15 (err -117) [ 73.935097][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 73.935119][ C0] EXT4-fs (loop3): initial error at time 1772398638: ext4_orphan_get:1391: inode 15 [ 73.935156][ C0] EXT4-fs (loop3): last error at time 1772398638: ext4_orphan_get:1391: inode 15 [ 73.970115][ T28] kauditd_printk_skb: 19 callbacks suppressed [ 73.970134][ T28] audit: type=1400 audit(1772398638.344:629): avc: denied { bind } for pid=6269 comm="syz.2.1005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 74.101203][ T6265] loop3: lost filesystem error report for type 5 error -117 [ 74.102781][ T6265] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.168614][ T28] audit: type=1400 audit(1772398638.544:630): avc: denied { accept } for pid=6278 comm="syz.2.1008" path="socket:[13876]" dev="sockfs" ino=13876 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 74.219836][ T28] audit: type=1400 audit(1772398638.564:631): avc: denied { setattr } for pid=6263 comm="syz.3.1003" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 74.224640][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.365360][ T28] audit: type=1326 audit(1772398638.744:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09fa01c799 code=0x7ffc0000 [ 74.429819][ T28] audit: type=1326 audit(1772398638.744:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09fa01c799 code=0x7ffc0000 [ 74.544629][ T28] audit: type=1326 audit(1772398638.744:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09fa01c799 code=0x7ffc0000 [ 74.584685][ T28] audit: type=1326 audit(1772398638.744:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09fa01c799 code=0x7ffc0000 [ 74.640677][ T28] audit: type=1326 audit(1772398638.744:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f09fa01c799 code=0x7ffc0000 [ 74.668447][ T28] audit: type=1326 audit(1772398638.744:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09fa01c799 code=0x7ffc0000 [ 74.692895][ T28] audit: type=1326 audit(1772398638.744:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09fa01c799 code=0x7ffc0000 [ 74.755616][ T6324] syzkaller1: entered promiscuous mode [ 74.769644][ T6324] syzkaller1: entered allmulticast mode [ 75.136908][ T6360] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1043'. [ 75.186064][ T6360] netlink: 'syz.0.1043': attribute type 20 has an invalid length. [ 75.188133][ T6364] netlink: 'syz.2.1045': attribute type 4 has an invalid length. [ 75.210671][ T6360] netlink: 'syz.0.1043': attribute type 21 has an invalid length. [ 75.385131][ T6372] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 75.416154][ T6372] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 75.501410][ T6381] loop4: detected capacity change from 0 to 512 [ 75.528779][ T6381] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 75.566427][ T6381] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.589235][ T6381] ext4 filesystem being mounted at /218/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 75.676839][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.721242][ T6392] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1055'. [ 75.848446][ T6401] loop0: detected capacity change from 0 to 1024 [ 75.920373][ T6401] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.994160][ T6416] loop3: detected capacity change from 0 to 128 [ 76.130563][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.199630][ T6429] loop0: detected capacity change from 0 to 256 [ 76.211469][ T6429] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 76.254863][ T6429] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 76.340209][ T6438] loop2: detected capacity change from 0 to 128 [ 76.932617][ T6478] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1094'. [ 77.123440][ T6481] loop0: detected capacity change from 0 to 8192 [ 77.145260][ T6481] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 77.489882][ T6512] loop3: detected capacity change from 0 to 512 [ 77.547930][ T6512] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.607100][ T6512] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.818582][ T6528] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #18: comm syz.3.1110: corrupted inode contents [ 77.889046][ T6528] fserror_report: 1 callbacks suppressed [ 77.889064][ T6528] loop3: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 77.915203][ T6538] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1119'. [ 77.935322][ T6528] EXT4-fs error (device loop3): ext4_dirty_inode:6450: inode #18: comm syz.3.1110: mark_inode_dirty error [ 77.975306][ T6538] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1119'. [ 77.985518][ T6528] loop3: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 77.987935][ T6528] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #18: comm syz.3.1110: corrupted inode contents [ 78.032755][ T6528] loop3: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 78.032909][ T6528] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2999: inode #18: comm syz.3.1110: mark_inode_dirty error [ 78.067388][ T6528] loop3: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 78.067576][ T6528] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3002: inode #18: comm syz.3.1110: mark inode dirty (error -117) [ 78.103480][ T6528] loop3: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117 [ 78.103647][ T6528] EXT4-fs warning (device loop3): ext4_evict_inode:275: xattr delete (err -117) [ 78.223342][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.612412][ T6564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 78.630050][ T6564] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 78.662599][ T6570] loop0: detected capacity change from 0 to 2048 [ 78.691429][ T6570] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.712087][ T6570] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 78.736697][ T6578] netlink: 'syz.3.1136': attribute type 4 has an invalid length. [ 78.745044][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.890052][ T3419] kernel read not supported for file /usbmon6 (pid: 3419 comm: kworker/0:4) [ 78.915499][ T6593] loop3: detected capacity change from 0 to 256 [ 78.935144][ T6593] FAT-fs (loop3): Directory bread(block 64) failed [ 78.941936][ T6593] FAT-fs (loop3): Directory bread(block 65) failed [ 78.948574][ T6593] FAT-fs (loop3): Directory bread(block 66) failed [ 78.955388][ T6593] FAT-fs (loop3): Directory bread(block 67) failed [ 78.962143][ T6593] FAT-fs (loop3): Directory bread(block 68) failed [ 78.969010][ T6593] FAT-fs (loop3): Directory bread(block 69) failed [ 78.975653][ T6593] FAT-fs (loop3): Directory bread(block 70) failed [ 78.982357][ T6593] FAT-fs (loop3): Directory bread(block 71) failed [ 78.988959][ T6593] FAT-fs (loop3): Directory bread(block 72) failed [ 78.995515][ T6593] FAT-fs (loop3): Directory bread(block 73) failed [ 79.030523][ T6595] loop3: detected capacity change from 0 to 512 [ 79.042629][ T6595] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.057083][ T6595] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 79.079204][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.114325][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 79.114368][ T28] audit: type=1400 audit(1772398643.494:664): avc: denied { setopt } for pid=6600 comm="syz.3.1146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 79.221569][ T6608] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.284038][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.465846][ T6630] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1157'. [ 79.672688][ T6642] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.747063][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.785539][ T6650] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 79.797296][ T6650] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e854e018, mo2=0003] [ 79.810311][ T6650] System zones: 0-1, 15-15, 18-18, 34-34 [ 79.817612][ T6650] EXT4-fs (loop3): orphan cleanup on readonly fs [ 79.824530][ T6650] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 79.834152][ T6650] EXT4-fs warning (device loop3): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 79.848821][ T6650] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 79.856370][ T6650] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #16: comm syz.3.1166: iget: bad extended attribute block 1 [ 79.868977][ T6650] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 79.869179][ T6650] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1166: couldn't read orphan inode 16 (err -117) [ 79.879742][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 79.891281][ T6650] loop3: lost filesystem error report for type 5 error -117 [ 79.896709][ C0] EXT4-fs (loop3): initial error at time 1772398644: ext4_orphan_get:1391 [ 79.897353][ T6650] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 79.904038][ C0] : inode 16 [ 79.904067][ C0] EXT4-fs (loop3): last error at time 1772398644: ext4_orphan_get:1396 [ 79.950646][ T6650] EXT4-fs (loop3): shut down requested (2) [ 80.014402][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.055250][ T4539] Bluetooth: hci0: Frame reassembly failed (-84) [ 80.072357][ T70] Bluetooth: hci0: Frame reassembly failed (-84) [ 80.158599][ T6670] netlink: 'syz.3.1173': attribute type 4 has an invalid length. [ 80.381421][ T28] audit: type=1326 audit(1772398644.754:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09fa01c799 code=0x7ffc0000 [ 80.412462][ T28] audit: type=1326 audit(1772398644.784:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09fa01c799 code=0x7ffc0000 [ 80.436758][ T28] audit: type=1326 audit(1772398644.784:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f09fa01c799 code=0x7ffc0000 [ 80.524922][ T28] audit: type=1326 audit(1772398644.784:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f09fa01c502 code=0x7ffc0000 [ 80.566131][ T6698] set_capacity_and_notify: 4 callbacks suppressed [ 80.566151][ T6698] loop4: detected capacity change from 0 to 4096 [ 80.572860][ T28] audit: type=1326 audit(1772398644.784:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f09f9fdcfce code=0x7ffc0000 [ 80.609342][ T28] audit: type=1326 audit(1772398644.784:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f09fa01c5c7 code=0x7ffc0000 [ 80.633019][ T28] audit: type=1326 audit(1772398644.784:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f09f9fdcfce code=0x7ffc0000 [ 80.637842][ T6700] vlan3: entered allmulticast mode [ 80.659764][ T28] audit: type=1326 audit(1772398644.784:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f09f9fdcfce code=0x7ffc0000 [ 80.684837][ T6700] hsr0: entered allmulticast mode [ 80.691719][ T6698] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.695729][ T6700] hsr_slave_0: entered allmulticast mode [ 80.711009][ T6700] hsr_slave_1: entered allmulticast mode [ 80.719649][ T6698] EXT4-fs error (device loop4): ext4_get_first_dir_block:3547: inode #12: block 80: comm syz.4.1186: bad entry in directory: directory entry overrun - offset=12, inode=6, rec_len=4096, size=4096 fake=0 [ 80.742703][ T6698] EXT4-fs error (device loop4): ext4_get_first_dir_block:3550: inode #12: comm syz.4.1186: directory missing '..' [ 80.767202][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.850116][ T6709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 80.867021][ T6709] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 81.132855][ T6733] loop3: detected capacity change from 0 to 512 [ 81.155178][ T6733] EXT4-fs error (device loop3): ext4_iget_extra_inode:5025: inode #12: comm syz.3.1200: corrupted in-inode xattr: bad e_name length [ 81.179911][ T6733] loop3: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 81.180883][ T6733] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1200: couldn't read orphan inode 12 (err -117) [ 81.190108][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 81.190125][ C0] EXT4-fs (loop3): initial error at time 1772398645: ext4_iget_extra_inode:5025: inode 12 [ 81.190152][ C0] EXT4-fs (loop3): last error at time 1772398645: ext4_iget_extra_inode:5025: inode 12 [ 81.257836][ T6733] loop3: lost filesystem error report for type 5 error -117 [ 81.258393][ T6733] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.278126][ T6742] ref_ctr_offset mismatch. inode: 0x544 offset: 0x0 ref_ctr_offset(old): 0x44 ref_ctr_offset(new): 0x0 [ 81.300477][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.482978][ T6762] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1213'. [ 81.588145][ T6776] veth1_to_bond: entered allmulticast mode [ 81.624259][ T6775] veth1_to_bond: left allmulticast mode [ 81.633031][ T6782] loop4: detected capacity change from 0 to 128 [ 81.889833][ T6806] Process accounting resumed [ 82.069866][ T3551] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 82.076007][ T6076] Bluetooth: hci0: command 0x1003 tx timeout [ 82.218914][ T6839] xt_limit: Overflow, try lower: 0/0 [ 82.276685][ T6847] loop3: detected capacity change from 0 to 512 [ 82.286876][ T6847] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 82.300883][ T6847] EXT4-fs (loop3): 1 truncate cleaned up [ 82.307139][ T6847] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.334221][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.408334][ T9] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 82.421869][ T9] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 82.449201][ T6856] net_ratelimit: 3319 callbacks suppressed [ 82.449217][ T6856] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 82.459834][ T9] IPVS: starting estimator thread 0... [ 82.549815][ T6861] IPVS: using max 2592 ests per chain, 129600 per kthread [ 82.779967][ T6875] netlink: 'syz.4.1264': attribute type 3 has an invalid length. [ 82.810310][ T6875] netlink: 'syz.4.1264': attribute type 4 has an invalid length. [ 82.828637][ T6875] netlink: 9067 bytes leftover after parsing attributes in process `syz.4.1264'. [ 83.259825][ T3412] IPVS: starting estimator thread 0... [ 83.360414][ T6890] IPVS: using max 2592 ests per chain, 129600 per kthread [ 83.447245][ T6896] loop4: detected capacity change from 0 to 512 [ 83.498322][ T6896] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.593725][ T4519] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.648975][ T4519] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.703120][ T4519] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.710840][ T6921] netlink: 'syz.1.1284': attribute type 21 has an invalid length. [ 83.735355][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.767119][ T4519] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.788694][ T6932] batadv_slave_0: entered promiscuous mode [ 83.795584][ T6930] batadv_slave_0: left promiscuous mode [ 83.897098][ T4519] bridge_slave_1: left allmulticast mode [ 83.909219][ T4519] bridge_slave_1: left promiscuous mode [ 83.919590][ T4519] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.927667][ T4519] bridge_slave_0: left allmulticast mode [ 83.933604][ T4519] bridge_slave_0: left promiscuous mode [ 83.939686][ T4519] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.039781][ T4519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 84.167836][ T4519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 84.187911][ T4519] bond0 (unregistering): Released all slaves [ 84.262381][ T4519] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 84.275922][ T4519] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 84.283976][ T4519] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 84.292192][ T4519] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 84.308669][ T4519] veth1_macvtap: left promiscuous mode [ 84.317739][ T4519] veth0_macvtap: left promiscuous mode [ 84.344790][ T4519] veth1_vlan: left promiscuous mode [ 84.350365][ T4519] veth0_vlan: left promiscuous mode [ 84.357847][ T6960] loop3: detected capacity change from 0 to 256 [ 84.508986][ T4519] team0 (unregistering): Port device team_slave_1 removed [ 84.519148][ T4519] team0 (unregistering): Port device team_slave_0 removed [ 84.613619][ T6917] chnl_net:caif_netlink_parms(): no params data found [ 84.737011][ T6992] tipc: Started in network mode [ 84.742630][ T6992] tipc: Node identity da12876da6e6, cluster identity 4711 [ 84.750315][ T6992] tipc: Enabled bearer , priority 17 [ 84.783339][ T7002] loop3: detected capacity change from 0 to 512 [ 84.791994][ T6917] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.792113][ T28] kauditd_printk_skb: 36 callbacks suppressed [ 84.792126][ T28] audit: type=1326 audit(1772398649.174:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6999 comm="syz.4.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 84.830607][ T7002] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 84.853095][ T6917] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.868305][ T28] audit: type=1326 audit(1772398649.224:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6999 comm="syz.4.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 84.870543][ T6917] bridge_slave_0: entered allmulticast mode [ 84.894269][ T28] audit: type=1326 audit(1772398649.224:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6999 comm="syz.4.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 84.923403][ T7002] EXT4-fs (loop3): 1 truncate cleaned up [ 84.923662][ T6917] bridge_slave_0: entered promiscuous mode [ 84.938386][ T6917] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.948200][ T6917] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.966007][ T6917] bridge_slave_1: entered allmulticast mode [ 84.969768][ T7002] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.972972][ T6917] bridge_slave_1: entered promiscuous mode [ 84.994460][ T28] audit: type=1326 audit(1772398649.224:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6999 comm="syz.4.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 85.022889][ T28] audit: type=1326 audit(1772398649.224:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6999 comm="syz.4.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 85.045219][ T7002] EXT4-fs warning (device loop3): ext4_group_extend:1890: can't read last block, resize aborted [ 85.048110][ T28] audit: type=1326 audit(1772398649.224:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6999 comm="syz.4.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 85.059131][ T4519] IPVS: stop unused estimator thread 0... [ 85.087210][ T6917] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.112960][ T6917] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.120090][ T28] audit: type=1326 audit(1772398649.224:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6999 comm="syz.4.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 85.147382][ T6917] team0: Port device team_slave_0 added [ 85.159928][ T28] audit: type=1326 audit(1772398649.224:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6999 comm="syz.4.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 85.160021][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.197755][ T6917] team0: Port device team_slave_1 added [ 85.227431][ T6917] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.242768][ T6917] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.276768][ T6917] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.288298][ T28] audit: type=1326 audit(1772398649.224:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6999 comm="syz.4.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 85.300123][ T6917] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.331653][ T28] audit: type=1326 audit(1772398649.224:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6999 comm="syz.4.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 85.358143][ T6917] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.385173][ T6917] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.452225][ T6917] hsr_slave_0: entered promiscuous mode [ 85.458427][ T6917] hsr_slave_1: entered promiscuous mode [ 85.464525][ T6917] debugfs: 'hsr0' already exists in 'hsr' [ 85.470369][ T6917] Cannot create hsr debugfs directory [ 85.749843][ T9] tipc: Node number set to 2096400237 [ 85.801349][ T6917] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 85.812201][ T6917] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 85.821754][ T6917] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 85.832394][ T6917] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 85.878909][ T6917] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.897864][ T6917] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.907732][ T4519] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.915070][ T4519] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.937028][ T6917] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 85.947707][ T6917] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 85.962500][ T4519] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.969618][ T4519] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.067445][ T7124] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1326'. [ 86.072644][ T6917] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.205915][ T6917] veth0_vlan: entered promiscuous mode [ 86.216152][ T6917] veth1_vlan: entered promiscuous mode [ 86.249232][ T6917] veth0_macvtap: entered promiscuous mode [ 86.256871][ T6917] veth1_macvtap: entered promiscuous mode [ 86.270861][ T6917] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.284339][ T6917] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.296010][ T4541] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.305720][ T4541] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.320452][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.334914][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.629653][ T7186] lo: entered allmulticast mode [ 86.636133][ T7186] lo: left allmulticast mode [ 86.797569][ T7204] loop3: detected capacity change from 0 to 2048 [ 86.819321][ T7204] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.895363][ T7204] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 86.923708][ T7204] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 968 with error 28 [ 86.949876][ T7204] EXT4-fs (loop3): This should not happen!! Data will be lost [ 86.949876][ T7204] [ 86.961982][ T7204] EXT4-fs (loop3): Total free blocks count 0 [ 86.968202][ T7204] EXT4-fs (loop3): Free/Dirty block details [ 86.974512][ T7204] EXT4-fs (loop3): free_blocks=2415919104 [ 86.980398][ T7204] EXT4-fs (loop3): dirty_blocks=976 [ 86.988185][ T7204] EXT4-fs (loop3): Block reservation details [ 87.003046][ T7204] EXT4-fs (loop3): i_reserved_data_blocks=61 [ 87.357555][ T70] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 968 with error 28 [ 87.401378][ T7266] loop4: detected capacity change from 0 to 128 [ 87.547928][ T7281] loop4: detected capacity change from 0 to 256 [ 87.868568][ T7332] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1380'. [ 87.892809][ T7332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1380'. [ 87.912582][ T7332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1380'. [ 88.309119][ T7385] loop4: detected capacity change from 0 to 512 [ 88.394858][ T7385] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1393: invalid indirect mapped block 256 (level 2) [ 88.447292][ T7385] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 88.449764][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 88.465396][ C1] EXT4-fs (loop4): initial error at time 1772398652: ext4_free_branches:1023: inode 11 [ 88.475185][ C1] EXT4-fs (loop4): last error at time 1772398652: ext4_free_branches:1023: inode 11 [ 88.489331][ T7385] EXT4-fs (loop4): 2 truncates cleaned up [ 88.523204][ T7385] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.563944][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.651483][ T7414] loop4: detected capacity change from 0 to 128 [ 88.959049][ T7430] GUP no longer grows the stack in syz.3.1411 (7430): 200000009000-200000018000 (200000006000) [ 88.969600][ T7430] CPU: 1 UID: 0 PID: 7430 Comm: syz.3.1411 Not tainted syzkaller #0 PREEMPT(full) [ 88.969635][ T7430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 88.969725][ T7430] Call Trace: [ 88.969735][ T7430] [ 88.969745][ T7430] __dump_stack+0x1d/0x30 [ 88.969772][ T7430] dump_stack_lvl+0x95/0xd0 [ 88.969795][ T7430] dump_stack+0x15/0x1b [ 88.969821][ T7430] __get_user_pages+0x195b/0x1ea0 [ 88.969906][ T7430] __gup_longterm_locked+0x2fa/0xe30 [ 88.969953][ T7430] ? try_grab_folio_fast+0x24e/0x370 [ 88.970035][ T7430] gup_fast_fallback+0x1f3/0x13c0 [ 88.970071][ T7430] pin_user_pages_fast+0x5f/0x90 [ 88.970155][ T7430] io_pin_pages+0xba/0x170 [ 88.970249][ T7430] io_region_pin_pages+0x58/0xf0 [ 88.970276][ T7430] io_create_region+0x2c4/0x330 [ 88.970377][ T7430] io_allocate_scq_urings+0x127/0x3d0 [ 88.970479][ T7430] io_uring_create+0x30a/0x510 [ 88.970587][ T7430] __se_sys_io_uring_setup+0x1cb/0x1e0 [ 88.970629][ T7430] __x64_sys_io_uring_setup+0x31/0x40 [ 88.970729][ T7430] x64_sys_call+0x2962/0x3020 [ 88.970762][ T7430] do_syscall_64+0x12c/0x370 [ 88.970787][ T7430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.970822][ T7430] RIP: 0033:0x7f777801c799 [ 88.970842][ T7430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 88.970864][ T7430] RSP: 002b:00007f7776a6f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 88.970991][ T7430] RAX: ffffffffffffffda RBX: 00007f7778295fa0 RCX: 00007f777801c799 [ 88.971010][ T7430] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000001b7b [ 88.971027][ T7430] RBP: 00007f77780b2bd9 R08: 0000000000000000 R09: 0000000000000000 [ 88.971043][ T7430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.971058][ T7430] R13: 00007f7778296038 R14: 00007f7778295fa0 R15: 00007ffe2bf9f288 [ 88.971087][ T7430] [ 89.204755][ T7414] bio_check_eod: 11049 callbacks suppressed [ 89.204843][ T7414] syz.4.1404: attempt to access beyond end of device [ 89.204843][ T7414] loop4: rw=8390657, sector=128, nr_sectors = 1 limit=128 [ 89.225313][ T7414] Buffer I/O error on dev loop4, logical block 128, lost async page write [ 89.314161][ T7436] netlink: 'syz.4.1414': attribute type 2 has an invalid length. [ 89.484192][ T7445] loop3: detected capacity change from 0 to 256 [ 89.728338][ T7470] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1428'. [ 89.758396][ T7472] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1430'. [ 89.951443][ T28] kauditd_printk_skb: 13 callbacks suppressed [ 89.951514][ T28] audit: type=1400 audit(1772398654.334:732): avc: denied { create } for pid=7500 comm="syz.3.1445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 89.993692][ T28] audit: type=1400 audit(1772398654.374:733): avc: denied { write } for pid=7500 comm="syz.3.1445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 90.198479][ T28] audit: type=1400 audit(1772398654.554:734): avc: denied { unmount } for pid=7520 comm="syz.3.1454" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 90.299417][ T7532] can0: slcan on ttyS3. [ 90.409963][ T7537] can0 (unregistered): slcan off ttyS3. [ 90.428856][ T3369] IPVS: starting estimator thread 0... [ 90.435749][ T7532] can0: slcan on ttyS3. [ 90.446363][ T7544] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1460'. [ 90.484511][ T7544] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1460'. [ 90.529819][ T7544] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1460'. [ 90.529893][ T7548] IPVS: using max 2544 ests per chain, 127200 per kthread [ 90.554303][ T28] audit: type=1400 audit(1772398654.934:735): avc: denied { write } for pid=7557 comm="syz.0.1463" name="rtc0" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 90.594764][ T28] audit: type=1400 audit(1772398654.964:736): avc: denied { ioctl } for pid=7557 comm="syz.0.1463" path="/dev/rtc0" dev="devtmpfs" ino=245 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 90.642212][ T7531] can0 (unregistered): slcan off ttyS3. [ 90.697537][ T28] audit: type=1400 audit(1772398655.064:737): avc: denied { mount } for pid=7568 comm="syz.0.1466" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 90.780698][ T7578] loop3: detected capacity change from 0 to 512 [ 90.783087][ T7581] loop4: detected capacity change from 0 to 256 [ 90.796082][ T7578] EXT4-fs: Ignoring removed nomblk_io_submit option [ 90.817445][ T7581] FAT-fs (loop4): bogus number of FAT sectors [ 90.821143][ T7578] ext4: Unknown parameter 'fowner>00000000000000060928' [ 90.857119][ T7581] FAT-fs (loop4): Can't find a valid FAT filesystem [ 90.981095][ T7594] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 91.119533][ T7605] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1476'. [ 91.134250][ T7605] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1476'. [ 91.471647][ T7637] veth0: entered promiscuous mode [ 91.477613][ T7637] veth0: left promiscuous mode [ 91.585252][ T35] kernel write not supported for file /sg0 (pid: 35 comm: kworker/1:1) [ 91.772868][ T28] audit: type=1400 audit(1772398656.144:738): avc: denied { mounton } for pid=7658 comm="syz.1.1503" path="/332/file0" dev="tmpfs" ino=1734 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 91.885489][ T28] audit: type=1400 audit(1772398656.264:739): avc: denied { open } for pid=7667 comm="syz.0.1506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 91.910375][ T28] audit: type=1400 audit(1772398656.264:740): avc: denied { kernel } for pid=7667 comm="syz.0.1506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 91.981048][ T28] audit: type=1400 audit(1772398656.364:741): avc: denied { write } for pid=7675 comm="syz.1.1508" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 92.434040][ T7709] netlink: 'syz.1.1523': attribute type 2 has an invalid length. [ 92.609230][ T3419] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 92.621300][ T3419] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 92.783552][ T7738] netlink: 'syz.2.1535': attribute type 2 has an invalid length. [ 93.134645][ T7765] loop3: detected capacity change from 0 to 128 [ 93.345233][ T7785] __nla_validate_parse: 2 callbacks suppressed [ 93.345254][ T7785] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1557'. [ 93.787367][ T7811] loop4: detected capacity change from 0 to 1024 [ 93.814966][ T7811] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.847248][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.934188][ T7819] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 93.961081][ T7819] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 94.087123][ T7827] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1574'. [ 94.096433][ T7827] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1574'. [ 94.494425][ T7843] loop3: detected capacity change from 0 to 512 [ 94.513585][ T7843] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.1582: inode has both inline data and extents flags [ 94.533502][ T7843] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 94.533669][ T7843] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1582: couldn't read orphan inode 15 (err -117) [ 94.542900][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 94.542917][ C1] EXT4-fs (loop3): initial error at time 1772398658: ext4_orphan_get:1391: inode 15 [ 94.542961][ C1] EXT4-fs (loop3): last error at time 1772398658: ext4_orphan_get:1391: inode 15 [ 94.582836][ T7843] loop3: lost filesystem error report for type 5 error -117 [ 94.590394][ T7843] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.642967][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.790929][ T7866] syzkaller1: entered promiscuous mode [ 94.796518][ T7866] syzkaller1: entered allmulticast mode [ 94.809667][ T70] Bluetooth: hci0: Frame reassembly failed (-84) [ 94.911867][ T7872] SELinux: failed to load policy [ 94.968483][ T7880] netlink: 'syz.3.1600': attribute type 12 has an invalid length. [ 94.976474][ T7880] netlink: 'syz.3.1600': attribute type 29 has an invalid length. [ 94.982450][ T7882] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1601'. [ 94.985116][ T7880] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1600'. [ 95.045171][ T28] kauditd_printk_skb: 31 callbacks suppressed [ 95.045188][ T28] audit: type=1400 audit(1772398659.424:773): avc: denied { append } for pid=7889 comm="syz.2.1605" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 95.235752][ T28] audit: type=1400 audit(1772398659.614:774): avc: denied { cpu } for pid=7900 comm="syz.3.1610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 95.331556][ T7899] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 95.344588][ T7899] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 95.388784][ T7910] xt_hashlimit: size too large, truncated to 1048576 [ 95.410068][ T7912] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1615'. [ 95.475528][ T7917] loop4: detected capacity change from 0 to 1024 [ 95.501319][ T7917] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.549649][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.570352][ T7924] loop3: detected capacity change from 0 to 128 [ 95.578624][ T7924] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002] [ 95.590679][ T7924] System zones: 1-3, 19-19, 35-36 [ 95.596556][ T7924] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 95.610718][ T7924] ext4 filesystem being mounted at /194/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 95.635219][ T7929] loop4: detected capacity change from 0 to 512 [ 95.642238][ T7929] EXT4-fs: Ignoring removed nobh option [ 95.642456][ T5193] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 95.656961][ T7929] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 95.668746][ T7929] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.1621: iget: bad i_size value: 38620345925642 [ 95.683153][ T7929] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 95.684248][ T7929] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1621: couldn't read orphan inode 15 (err -117) [ 95.693788][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 95.693807][ C1] EXT4-fs (loop4): initial error at time 1772398660: ext4_orphan_get:1391: inode 15 [ 95.693839][ C1] EXT4-fs (loop4): last error at time 1772398660: ext4_orphan_get:1391: inode 15 [ 95.731856][ T7929] loop4: lost filesystem error report for type 5 error -117 [ 95.732518][ T7929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.778814][ T7929] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1621: bg 0: block 5: invalid block bitmap [ 95.791455][ T7929] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 95.804172][ T7929] EXT4-fs (loop4): This should not happen!! Data will be lost [ 95.804172][ T7929] [ 95.814313][ T7929] EXT4-fs (loop4): Total free blocks count 0 [ 95.820404][ T7929] EXT4-fs (loop4): Free/Dirty block details [ 95.826835][ T7929] EXT4-fs (loop4): free_blocks=0 [ 95.833028][ T7929] EXT4-fs (loop4): dirty_blocks=1 [ 95.838367][ T7929] EXT4-fs (loop4): Block reservation details [ 95.844531][ T7929] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 95.869558][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.657680][ T28] audit: type=1326 audit(1772398661.034:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7981 comm="syz.4.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 96.710983][ T28] audit: type=1326 audit(1772398661.034:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7981 comm="syz.4.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 96.734518][ T28] audit: type=1326 audit(1772398661.034:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7981 comm="syz.4.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=102 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 96.758710][ T28] audit: type=1326 audit(1772398661.034:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7981 comm="syz.4.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 96.783139][ T28] audit: type=1326 audit(1772398661.034:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7981 comm="syz.4.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb4ac799 code=0x7ffc0000 [ 96.849291][ T7984] pim6reg1: entered promiscuous mode [ 96.861635][ T7984] pim6reg1: entered allmulticast mode [ 96.879813][ T3551] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 96.880255][ T6076] Bluetooth: hci0: command 0x1003 tx timeout [ 97.111330][ T28] audit: type=1326 audit(1772398661.484:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8007 comm="syz.3.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f777801c799 code=0x7ffc0000 [ 97.155107][ T28] audit: type=1326 audit(1772398661.494:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8007 comm="syz.3.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f777801c799 code=0x7ffc0000 [ 97.179683][ T28] audit: type=1326 audit(1772398661.494:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8007 comm="syz.3.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f777801c799 code=0x7ffc0000 [ 97.223090][ T8016] loop4: detected capacity change from 0 to 1024 [ 97.249667][ T8016] EXT4-fs: inline encryption not supported [ 97.264040][ T8016] EXT4-fs: Ignoring removed bh option [ 97.298707][ T8016] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.337252][ T8016] EXT4-fs error (device loop4): mb_free_blocks:2047: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt. [ 97.353776][ T8016] EXT4-fs (loop4): Remounting filesystem read-only [ 97.393547][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.794905][ T7868] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 98.230291][ T8093] sctp: [Deprecated]: syz.0.1684 (pid 8093) Use of struct sctp_assoc_value in delayed_ack socket option. [ 98.230291][ T8093] Use struct sctp_sack_info instead [ 98.465642][ T8106] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1691'. [ 98.706701][ T8115] loop4: detected capacity change from 0 to 512 [ 98.901351][ T8115] ------------[ cut here ]------------ [ 98.907773][ T8115] EA inode 11 i_nlink=2 [ 98.908143][ T8115] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x313/0x350, CPU#0: syz.4.1695/8115 [ 98.924763][ T8115] Modules linked in: [ 98.929573][ T8115] CPU: 0 UID: 0 PID: 8115 Comm: syz.4.1695 Not tainted syzkaller #0 PREEMPT(full) [ 98.940541][ T8115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 98.951588][ T8115] RIP: 0010:ext4_xattr_inode_update_ref+0x332/0x350 [ 98.958841][ T8115] Code: 84 5a 99 ff 4c 8d 2d 8d ea 5d 05 49 8d 7e 40 e8 f4 f0 b5 ff 49 8b 6e 40 4c 89 e7 e8 28 ec b5 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 02 ff ff ff e8 df 44 dd 03 66 66 66 66 66 66 2e [ 98.979592][ T8115] RSP: 0018:ffffc900024df778 EFLAGS: 00010246 [ 98.986330][ T8115] RAX: ffff8881049d2b78 RBX: ffff88811a8cca68 RCX: ffffffff81bffab8 [ 98.995073][ T8115] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff871de530 [ 99.003912][ T8115] RBP: 000000000000000b R08: 000188811a8cca1b R09: 0000000000000000 [ 99.013499][ T8115] R10: ffffc900024df6a8 R11: 0001c900024df6a8 R12: ffff88811a8cca18 [ 99.022117][ T8115] R13: ffffffff871de530 R14: ffff88811a8cc9d0 R15: 0000000000000001 [ 99.049228][ T8115] FS: 00007ff8f9f076c0(0000) GS:ffff8882ae8dc000(0000) knlGS:0000000000000000 [ 99.058437][ T8115] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.065641][ T8115] CR2: 0000000034747865 CR3: 0000000113d34000 CR4: 00000000003506f0 [ 99.083981][ T8115] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 99.092463][ T8115] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 99.101911][ T8115] Call Trace: [ 99.105410][ T8115] [ 99.108933][ T8115] ext4_xattr_inode_dec_ref_all+0x57c/0x880 [ 99.115590][ T8115] ? errseq_check+0x2c/0x50 [ 99.121513][ T8115] ext4_xattr_delete_inode+0x6c1/0x7a0 [ 99.127652][ T8115] ? ext4_truncate+0x92b/0xb00 [ 99.133792][ T8115] ext4_evict_inode+0xa1f/0xd60 [ 99.139281][ T8115] ? __pfx_ext4_evict_inode+0x10/0x10 [ 99.145552][ T8115] evict+0x2af/0x510 [ 99.150622][ T8115] ? iput+0x401/0x580 [ 99.155500][ T8115] iput+0x41a/0x580 [ 99.160232][ T8115] ext4_process_orphan+0x1a9/0x1c0 [ 99.165778][ T8115] ext4_orphan_cleanup+0x6a8/0xa00 [ 99.171633][ T8115] ext4_fill_super+0x3408/0x37c0 [ 99.177182][ T8115] ? set_blocksize+0x14c/0x270 [ 99.182843][ T8115] ? setup_bdev_super+0x30e/0x370 [ 99.188503][ T8115] ? __pfx_ext4_fill_super+0x10/0x10 [ 99.195529][ T8115] get_tree_bdev_flags+0x291/0x300 [ 99.201393][ T8115] ? __pfx_ext4_fill_super+0x10/0x10 [ 99.207403][ T8115] get_tree_bdev+0x1f/0x30 [ 99.212652][ T8115] ext4_get_tree+0x1c/0x30 [ 99.217720][ T8115] vfs_get_tree+0x57/0x1d0 [ 99.222821][ T8115] do_new_mount+0x288/0x8d0 [ 99.228512][ T8115] path_mount+0x4d0/0xbc0 [ 99.234293][ T8115] __se_sys_mount+0x28c/0x2e0 [ 99.239851][ T8115] __x64_sys_mount+0x67/0x80 [ 99.245110][ T8115] x64_sys_call+0x2d61/0x3020 [ 99.250531][ T8115] do_syscall_64+0x12c/0x370 [ 99.255642][ T8115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.262173][ T8115] RIP: 0033:0x7ff8fb4ada0a [ 99.267261][ T8115] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 99.288315][ T8115] RSP: 002b:00007ff8f9f06e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 99.297284][ T8115] RAX: ffffffffffffffda RBX: 00007ff8f9f06ee0 RCX: 00007ff8fb4ada0a [ 99.306417][ T8115] RDX: 00002000000009c0 RSI: 0000200000000540 RDI: 00007ff8f9f06ea0 [ 99.315092][ T8115] RBP: 00002000000009c0 R08: 00007ff8f9f06ee0 R09: 0000000000800718 [ 99.323783][ T8115] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000540 [ 99.332333][ T8115] R13: 00007ff8f9f06ea0 R14: 000000000000048d R15: 0000200000000200 [ 99.341411][ T8115] [ 99.345441][ T8115] ---[ end trace 0000000000000000 ]--- [ 99.359398][ T8115] EXT4-fs (loop4): 1 orphan inode deleted [ 99.509079][ T8115] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.812328][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.892760][ T8152] netlink: 'syz.2.1707': attribute type 4 has an invalid length. [ 100.092893][ T8166] xt_hashlimit: size too large, truncated to 1048576 [ 100.558387][ T8207] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 100.588001][ T8207] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 100.656954][ T8168] loop4: detected capacity change from 0 to 65536 [ 100.709438][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 100.709481][ T28] audit: type=1400 audit(1772398665.074:784): avc: denied { watch } for pid=8167 comm="syz.4.1715" path="/366/file0" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1 [ 101.124519][ T8236] loop4: detected capacity change from 0 to 1024 [ 101.207859][ T8242] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1749'. [ 101.230143][ T8242] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1749'. [ 101.239421][ T8242] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1749'. [ 101.264293][ T8236] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.303680][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.411812][ T8258] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1755'. [ 101.685820][ T8278] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1761'. [ 101.730537][ T8280] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 102.076294][ T8294] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1769'. [ 102.099371][ T8294] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 102.154280][ T8294] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 102.254029][ T28] audit: type=1400 audit(1772398666.634:785): avc: denied { ioctl } for pid=8306 comm="syz.1.1775" path="socket:[21515]" dev="sockfs" ino=21515 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 102.488083][ T8328] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1785'. [ 102.553946][ T8328] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 102.588564][ T8328] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 102.617569][ T8328] bond0 (unregistering): Released all slaves [ 102.745791][ T8341] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 102.846443][ T28] audit: type=1400 audit(1772398667.224:786): avc: denied { sys_module } for pid=8349 comm="syz.0.1795" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 102.895029][ T8350] erspan0: entered promiscuous mode [ 102.936096][ T8350] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1795'. [ 102.957271][ T28] audit: type=1400 audit(1772398667.334:787): avc: denied { create } for pid=8357 comm="syz.4.1797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 102.999793][ T28] audit: type=1400 audit(1772398667.364:788): avc: denied { create } for pid=8357 comm="syz.4.1797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 103.170273][ T8364] loop4: detected capacity change from 0 to 8192 [ 103.343964][ T8379] loop4: detected capacity change from 0 to 1024 [ 103.375970][ T8379] EXT4-fs: Ignoring removed orlov option [ 103.397420][ T8379] EXT4-fs (loop4): stripe (9) is not aligned with cluster size (16), stripe is disabled [ 103.427999][ T8379] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.453161][ T8389] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1810'. [ 103.483053][ T8389] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 103.507937][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.538852][ T8389] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 103.656404][ T8401] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1816'. [ 103.712948][ T8409] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1819'. [ 103.724592][ T8409] gtp0: entered promiscuous mode [ 103.729571][ T8409] gtp0: entered allmulticast mode [ 103.767416][ T8411] syzkaller1: entered promiscuous mode [ 103.773769][ T8411] syzkaller1: entered allmulticast mode [ 103.809980][ T8413] sctp: [Deprecated]: syz.1.1818 (pid 8413) Use of struct sctp_assoc_value in delayed_ack socket option. [ 103.809980][ T8413] Use struct sctp_sack_info instead [ 104.044856][ T8419] netlink: 'syz.0.1823': attribute type 15 has an invalid length. [ 104.310936][ T8430] loop3: detected capacity change from 0 to 512 [ 104.340128][ T8430] EXT4-fs: Ignoring removed oldalloc option [ 104.353528][ T8432] loop4: detected capacity change from 0 to 512 [ 104.361552][ T8430] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 104.389311][ T8430] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.1829: bad orphan inode 131083 [ 104.406974][ T8432] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 104.411411][ T8430] loop3: lost filesystem error report for type 5 error -117 [ 104.429748][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 104.443566][ C1] EXT4-fs (loop3): initial error at time 1772398668: ext4_orphan_get:1417 [ 104.452286][ C1] EXT4-fs (loop3): last error at time 1772398668: ext4_orphan_get:1417 [ 104.463130][ T8430] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.463457][ T8432] EXT4-fs (loop4): 1 truncate cleaned up [ 104.493491][ T8432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.571776][ T8432] EXT4-fs error (device loop4): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.4.1830: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 104.602570][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.689052][ T8432] EXT4-fs (loop4): Remounting filesystem read-only [ 104.709429][ T8432] EXT4-fs warning (device loop4): ext4_rename_delete:3729: inode #2: comm syz.4.1830: Deleting old file: nlink 5, error=-117 [ 104.726726][ T8439] team0 (unregistering): Port device team_slave_0 removed [ 104.771056][ T8439] team0 (unregistering): Port device team_slave_1 removed [ 104.805384][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.908518][ T28] audit: type=1400 audit(1772398669.284:789): avc: denied { map } for pid=8452 comm="syz.1.1839" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 104.979925][ T28] audit: type=1400 audit(1772398669.284:790): avc: denied { execute } for pid=8452 comm="syz.1.1839" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 105.901713][ T8491] SELinux: Context u:object_r:app_data_file:s0:c512,c768 is not valid (left unmapped). [ 105.904087][ T28] audit: type=1400 audit(1772398670.284:791): avc: denied { relabelfrom } for pid=8490 comm="syz.3.1855" name="RDS" dev="sockfs" ino=21084 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 105.964731][ T28] audit: type=1400 audit(1772398670.284:792): avc: denied { mac_admin } for pid=8490 comm="syz.3.1855" capability=33 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 106.034241][ T28] audit: type=1400 audit(1772398670.334:793): avc: denied { relabelto } for pid=8490 comm="syz.3.1855" name="RDS" dev="sockfs" ino=21084 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=rds_socket permissive=1 trawcon="u:object_r:app_data_file:s0:c512,c768" [ 106.079344][ T8501] loop3: detected capacity change from 0 to 164 [ 106.110614][ T8501] ISOFS: Bad logical zone size 2816 [ 106.188142][ T8505] bond2: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 106.211485][ T8505] bond2 (unregistering): Released all slaves [ 106.595355][ T8516] vhci_hcd vhci_hcd.4: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 106.843688][ T28] audit: type=1400 audit(1772398671.224:794): avc: denied { bind } for pid=8535 comm="syz.0.1874" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 107.153011][ T8561] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1884'. [ 107.274500][ T8487] loop4: detected capacity change from 0 to 1024 [ 107.299780][ T8572] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 107.308772][ T8570] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 107.406207][ T28] audit: type=1326 audit(1772398671.774:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8573 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 107.445124][ T28] audit: type=1326 audit(1772398671.774:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8573 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 107.514046][ T28] audit: type=1326 audit(1772398671.774:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8573 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 107.538486][ T28] audit: type=1326 audit(1772398671.774:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8573 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 107.563068][ T28] audit: type=1326 audit(1772398671.774:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8573 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 107.586859][ T28] audit: type=1326 audit(1772398671.774:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8573 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 108.328401][ T8620] lo: Caught tx_queue_len zero misconfig [ 108.372288][ T8626] loop4: detected capacity change from 0 to 512 [ 108.392543][ T8626] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.405742][ T8626] ext4 filesystem being mounted at /396/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.436519][ T8636] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1916'. [ 108.445850][ T8636] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1916'. [ 108.448859][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.153929][ T8669] serio: Serial port ptm0 [ 109.336832][ T8686] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8686 comm=syz.0.1938 [ 109.492525][ T8700] loop4: detected capacity change from 0 to 512 [ 109.506713][ T8700] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 109.532270][ T8700] EXT4-fs (loop4): orphan cleanup on readonly fs [ 109.550184][ T8700] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.1945: Block bitmap for bg 0 marked uninitialized [ 109.584377][ T8700] loop4: lost filesystem error report for type 5 error -117 [ 109.584524][ T8700] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 109.591979][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 109.592004][ C0] EXT4-fs (loop4): initial error at time 1772398673: ext4_read_block_bitmap_nowait:517 [ 109.592033][ C0] EXT4-fs (loop4): last error at time 1772398673: ext4_read_block_bitmap_nowait:517 [ 109.639975][ T8700] loop4: lost filesystem error report for type 5 error -117 [ 109.640247][ T8700] EXT4-fs (loop4): 1 orphan inode deleted [ 109.650387][ T8720] netlink: 'syz.1.1953': attribute type 3 has an invalid length. [ 109.667258][ T8700] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 109.699483][ T8700] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 109.709684][ T8700] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 109.720934][ T8700] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.1945: Block bitmap for bg 0 marked uninitialized [ 109.735293][ T8700] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.1945: Block bitmap for bg 0 marked uninitialized [ 109.750869][ T8700] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.1945: Block bitmap for bg 0 marked uninitialized [ 109.785372][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.152741][ T8767] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.160088][ T8767] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.248878][ T8775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1976'. [ 110.285528][ T8781] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 110.301235][ T8783] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 110.482889][ T8793] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1984'. [ 110.692245][ T8801] loop4: detected capacity change from 0 to 512 [ 110.722733][ T8801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.740457][ T8801] ext4 filesystem being mounted at /404/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.874815][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.941802][ T8806] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.949001][ T8806] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.021923][ T8810] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1990'. [ 111.031423][ T8810] netlink: 'syz.4.1990': attribute type 30 has an invalid length. [ 111.045989][ T4541] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.055599][ T4541] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.069086][ T8810] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1990'. [ 111.078319][ T4541] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.088019][ T8810] netlink: 'syz.4.1990': attribute type 30 has an invalid length. [ 111.117230][ T4541] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.117643][ T8812] netlink: 63 bytes leftover after parsing attributes in process `syz.1.1991'. [ 111.302606][ T8831] loop3: detected capacity change from 0 to 1024 [ 111.322714][ T8831] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.351651][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.615635][ T28] kauditd_printk_skb: 22 callbacks suppressed [ 111.615688][ T28] audit: type=1400 audit(1772398675.994:823): avc: denied { create } for pid=8846 comm="syz.1.2007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 111.674265][ T28] audit: type=1400 audit(1772398675.994:824): avc: denied { ioctl } for pid=8846 comm="syz.1.2007" path="socket:[23554]" dev="sockfs" ino=23554 ioctlcmd=0x89e5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 111.926430][ T28] audit: type=1400 audit(1772398676.304:825): avc: denied { append } for pid=8876 comm="syz.0.2020" name="random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 112.131411][ T8891] loop3: detected capacity change from 0 to 1024 [ 112.152343][ T8891] EXT4-fs: Ignoring removed orlov option [ 112.173040][ T8891] EXT4-fs: Ignoring removed nobh option [ 112.254876][ T8891] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.406331][ T8901] sctp: [Deprecated]: syz.0.2029 (pid 8901) Use of int in max_burst socket option. [ 112.406331][ T8901] Use struct sctp_assoc_value instead [ 112.527535][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.580845][ T28] audit: type=1400 audit(1772398676.964:826): avc: denied { mount } for pid=8911 comm="syz.3.2033" name="/" dev="hugetlbfs" ino=23672 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 112.639390][ T28] audit: type=1400 audit(1772398676.964:827): avc: denied { create } for pid=8911 comm="syz.3.2033" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=blk_file permissive=1 [ 112.718940][ T30] Bluetooth: hci0: Frame reassembly failed (-84) [ 112.934525][ T8920] pim6reg1: entered promiscuous mode [ 112.936234][ T8914] loop3: detected capacity change from 0 to 512 [ 112.968883][ T8920] pim6reg1: entered allmulticast mode [ 113.046099][ T28] audit: type=1400 audit(1772398677.424:828): avc: denied { create } for pid=8924 comm="syz.4.2040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 113.136756][ T28] audit: type=1400 audit(1772398677.424:829): avc: denied { connect } for pid=8924 comm="syz.4.2040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 113.159644][ T28] audit: type=1400 audit(1772398677.424:830): avc: denied { write } for pid=8924 comm="syz.4.2040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 113.179828][ T28] audit: type=1400 audit(1772398677.424:831): avc: denied { ioctl } for pid=8924 comm="syz.4.2040" path="socket:[23697]" dev="sockfs" ino=23697 ioctlcmd=0x8907 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 113.206980][ T8914] EXT4-fs (loop3): 1 orphan inode deleted [ 113.230431][ T28] audit: type=1400 audit(1772398677.444:832): avc: denied { read } for pid=8924 comm="syz.4.2040" path="socket:[23697]" dev="sockfs" ino=23697 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 113.230856][ T8914] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.376015][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.278223][ T8980] sctp: [Deprecated]: syz.4.2065 (pid 8980) Use of struct sctp_assoc_value in delayed_ack socket option. [ 114.278223][ T8980] Use struct sctp_sack_info instead [ 114.789798][ T6076] Bluetooth: hci0: command 0x1003 tx timeout [ 114.789816][ T3551] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 114.816190][ T9035] SELinux: ebitmap: start bit 0 comes after start bit 384 [ 114.830821][ T9035] SELinux: failed to load policy [ 114.974739][ T9053] loop4: detected capacity change from 0 to 256 [ 114.984718][ T9053] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 115.013741][ T9053] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 115.419281][ T9074] sctp: [Deprecated]: syz.4.2109 (pid 9074) Use of struct sctp_assoc_value in delayed_ack socket option. [ 115.419281][ T9074] Use struct sctp_sack_info instead [ 115.693154][ T9097] loop3: detected capacity change from 0 to 4096 [ 115.703297][ T8918] Bluetooth: hci0: Opcode 0x080f failed: -4 [ 115.722958][ T9097] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.772272][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.959322][ T9131] loop3: detected capacity change from 0 to 512 [ 115.971072][ T9131] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.053028][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.302682][ T9166] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2149'. [ 116.480125][ T9174] xt_hashlimit: size too large, truncated to 1048576 [ 117.227883][ T9219] team_slave_1: Caught tx_queue_len zero misconfig [ 117.385205][ T9225] loop4: detected capacity change from 0 to 2048 [ 117.401814][ T9227] veth0_to_bridge: Caught tx_queue_len zero misconfig [ 117.430650][ T9225] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.451024][ T9232] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2175'. [ 117.472187][ T9232] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2175'. [ 117.495932][ T9232] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2175'. [ 117.505382][ T36] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 117.525160][ T36] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 117.553573][ T36] EXT4-fs (loop4): This should not happen!! Data will be lost [ 117.553573][ T36] [ 117.565947][ T9236] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 117.598375][ T36] EXT4-fs (loop4): Total free blocks count 0 [ 117.604712][ T36] EXT4-fs (loop4): Free/Dirty block details [ 117.611608][ T9236] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 117.620231][ T36] EXT4-fs (loop4): free_blocks=2415919504 [ 117.626306][ T36] EXT4-fs (loop4): dirty_blocks=16 [ 117.631644][ T36] EXT4-fs (loop4): Block reservation details [ 117.638367][ T36] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 117.645914][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.745822][ T28] kauditd_printk_skb: 40 callbacks suppressed [ 117.745849][ T28] audit: type=1400 audit(1772398682.124:873): avc: denied { getopt } for pid=9246 comm="syz.1.2182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 117.777892][ T9251] loop4: detected capacity change from 0 to 256 [ 117.854486][ T9249] SELinux: ebitmap: truncated map [ 117.862996][ T9249] SELinux: failed to load policy [ 118.006834][ T28] audit: type=1400 audit(1772398682.384:874): avc: denied { connect } for pid=9269 comm="syz.2.2193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 118.198436][ T28] audit: type=1326 audit(1772398682.574:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9276 comm="syz.1.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 118.230569][ T28] audit: type=1326 audit(1772398682.574:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9276 comm="syz.1.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 118.255152][ T28] audit: type=1326 audit(1772398682.614:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9276 comm="syz.1.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 118.279669][ T28] audit: type=1326 audit(1772398682.614:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9276 comm="syz.1.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 118.343593][ T28] audit: type=1326 audit(1772398682.614:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9276 comm="syz.1.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 118.357821][ T9286] syzkaller1: entered promiscuous mode [ 118.368011][ T28] audit: type=1326 audit(1772398682.684:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9276 comm="syz.1.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 118.407939][ T28] audit: type=1326 audit(1772398682.684:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9276 comm="syz.1.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 118.460325][ T9286] syzkaller1: entered allmulticast mode [ 118.493147][ T28] audit: type=1326 audit(1772398682.784:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9276 comm="syz.1.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc75b6ac799 code=0x7ffc0000 [ 118.639516][ T9292] loop3: detected capacity change from 0 to 8192 [ 118.700519][ T3301] loop3: p1 p2 p3 p4 [ 118.712477][ T3301] loop3: p3 start 117772289 is beyond EOD, truncated [ 118.719863][ T3301] loop3: p4 size 262144 extends beyond EOD, truncated [ 118.762307][ T9292] loop3: p1 p2 p3 p4 [ 118.776593][ T9292] loop3: p3 start 117772289 is beyond EOD, truncated [ 118.809516][ T9292] loop3: p4 size 262144 extends beyond EOD, truncated [ 118.967071][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 118.967202][ T4601] udevd[4601]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 118.978036][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 119.044237][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 119.061869][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 119.387663][ T9372] sock: sock_set_timeout: `syz.1.2235' (pid 9372) tries to set negative timeout [ 119.831913][ T9408] netlink: 'syz.0.2250': attribute type 25 has an invalid length. [ 119.848783][ T9408] netlink: 'syz.0.2250': attribute type 7 has an invalid length. [ 119.864331][ T9408] netlink: 'syz.0.2250': attribute type 2 has an invalid length. [ 120.113055][ T9429] tipc: Started in network mode [ 120.125085][ T9429] tipc: Node identity fe80000000000000000000000000002, cluster identity 4711 [ 120.134684][ T9429] tipc: Enabled bearer , priority 10 [ 120.765472][ T9491] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.776546][ T9491] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.951525][ T9485] Set syz1 is full, maxelem 65536 reached [ 121.139958][ T9] tipc: Node number set to 4269801504 [ 121.641200][ T9568] bridge0: port 3(syz_tun) entered blocking state [ 121.648266][ T9568] bridge0: port 3(syz_tun) entered disabled state [ 121.655538][ T9568] syz_tun: entered allmulticast mode [ 121.662055][ T9568] syz_tun: entered promiscuous mode [ 122.535379][ T9611] block device autoloading is deprecated and will be removed. [ 122.790997][ T9615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.809707][ T9615] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 123.020919][ T9624] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2334'. [ 123.266300][ T9641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2345'. [ 123.277785][ T9641] netlink: 'syz.0.2345': attribute type 1 has an invalid length. [ 123.302351][ T28] kauditd_printk_skb: 109 callbacks suppressed [ 123.302370][ T28] audit: type=1326 audit(1772398687.684:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.0.2346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 123.332449][ T28] audit: type=1326 audit(1772398687.684:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.0.2346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 123.356444][ T28] audit: type=1326 audit(1772398687.684:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.0.2346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 123.380387][ T28] audit: type=1326 audit(1772398687.684:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.0.2346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 123.404011][ T28] audit: type=1326 audit(1772398687.684:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.0.2346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 123.427813][ T28] audit: type=1326 audit(1772398687.684:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.0.2346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 123.462666][ C1] vcan0: j1939_tp_rxtimer: 0xffff88811b0f5a00: rx timeout, send abort [ 123.471612][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811b0f5a00: 0x30000: (3) A timeout occurred and this is the connection abort to close the session. [ 123.476202][ T28] audit: type=1326 audit(1772398687.854:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.0.2346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 123.557159][ T28] audit: type=1326 audit(1772398687.934:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.0.2346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 123.690253][ T28] audit: type=1326 audit(1772398688.064:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.0.2346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 123.754865][ T28] audit: type=1326 audit(1772398688.064:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.0.2346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f80a5aac502 code=0x7ffc0000 [ 123.908368][ T9668] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2357'. [ 123.932627][ T9668] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2357'. [ 123.967156][ T9675] loop4: detected capacity change from 0 to 1024 [ 123.990569][ T9675] EXT4-fs: inline encryption not supported [ 124.006084][ T9679] bridge0: port 3(syz_tun) entered blocking state [ 124.013024][ T9675] EXT4-fs: Ignoring removed nobh option [ 124.018761][ T9675] EXT4-fs: Ignoring removed nobh option [ 124.025742][ T9679] bridge0: port 3(syz_tun) entered disabled state [ 124.032953][ T9679] syz_tun: entered allmulticast mode [ 124.038437][ T9675] EXT4-fs: Ignoring removed bh option [ 124.077768][ T9679] syz_tun: entered promiscuous mode [ 124.098880][ T9679] bridge0: port 3(syz_tun) entered blocking state [ 124.105411][ T9679] bridge0: port 3(syz_tun) entered forwarding state [ 124.116175][ T9675] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.200012][ T9675] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4222: comm syz.4.2359: Allocating blocks 497-513 which overlap fs metadata [ 124.351580][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.527990][ T4541] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 124.543786][ T4541] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 124.554242][ T4541] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 124.563403][ T4541] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 124.683187][ T9728] loop2: detected capacity change from 0 to 256 [ 124.865344][ T9746] loop3: detected capacity change from 0 to 512 [ 125.303266][ T9771] netlink: 88 bytes leftover after parsing attributes in process `syz.0.2399'. [ 125.438804][ T9777] syzkaller1: entered promiscuous mode [ 125.454599][ T9777] syzkaller1: entered allmulticast mode [ 126.220779][ T9814] netlink: 'syz.3.2419': attribute type 16 has an invalid length. [ 126.228663][ T9814] netlink: 'syz.3.2419': attribute type 17 has an invalid length. [ 126.241922][ T9814] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 126.363559][ T9822] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 126.382959][ T9822] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 126.633542][ T9843] tipc: Enabled bearer , priority 10 [ 126.736229][ T35] kernel read not supported for file /vcs (pid: 35 comm: kworker/1:1) [ 126.978288][ T9876] loop2: detected capacity change from 0 to 4096 [ 126.991292][ T9876] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.097737][ T6917] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.285590][ T9897] bond0: entered promiscuous mode [ 127.290257][ T9898] loop3: detected capacity change from 0 to 512 [ 127.292183][ T9897] bond_slave_0: entered promiscuous mode [ 127.310698][ T9897] bond_slave_1: entered promiscuous mode [ 127.312726][ T9898] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 127.318110][ T9897] batadv0: entered promiscuous mode [ 127.348589][ T9897] debugfs: 'hsr0' already exists in 'hsr' [ 127.355774][ T9902] loop2: detected capacity change from 0 to 128 [ 127.362837][ T9897] Cannot create hsr debugfs directory [ 127.364059][ T9898] EXT4-fs (loop3): 1 truncate cleaned up [ 127.368905][ T9897] 8021q: adding VLAN 0 to HW filter on device hsr0 [ 127.389462][ T9898] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.410112][ T9897] bond0: left promiscuous mode [ 127.415387][ T9902] syz.2.2458: attempt to access beyond end of device [ 127.415387][ T9902] loop2: rw=2049, sector=154, nr_sectors = 6 limit=128 [ 127.429072][ T9897] bond_slave_0: left promiscuous mode [ 127.437829][ T9902] syz.2.2458: attempt to access beyond end of device [ 127.437829][ T9902] loop2: rw=8390657, sector=158, nr_sectors = 2 limit=128 [ 127.453403][ T9897] bond_slave_1: left promiscuous mode [ 127.458982][ T9902] Buffer I/O error on dev loop2, logical block 79, lost async page write [ 127.467767][ T9897] batadv0: left promiscuous mode [ 127.468003][ T9902] syz.2.2458: attempt to access beyond end of device [ 127.468003][ T9902] loop2: rw=8390657, sector=160, nr_sectors = 2 limit=128 [ 127.487464][ T9902] Buffer I/O error on dev loop2, logical block 80, lost async page write [ 127.496318][ T9902] syz.2.2458: attempt to access beyond end of device [ 127.496318][ T9902] loop2: rw=2049, sector=162, nr_sectors = 6 limit=128 [ 127.499258][ T9906] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 127.512763][ T9902] syz.2.2458: attempt to access beyond end of device [ 127.512763][ T9902] loop2: rw=8390657, sector=166, nr_sectors = 2 limit=128 [ 127.553755][ T9902] Buffer I/O error on dev loop2, logical block 83, lost async page write [ 127.564199][ T9902] syz.2.2458: attempt to access beyond end of device [ 127.564199][ T9902] loop2: rw=8390657, sector=168, nr_sectors = 2 limit=128 [ 127.570431][ T9906] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 127.579094][ T9902] Buffer I/O error on dev loop2, logical block 84, lost async page write [ 127.640524][ T9902] syz.2.2458: attempt to access beyond end of device [ 127.640524][ T9902] loop2: rw=2049, sector=202, nr_sectors = 6 limit=128 [ 127.661107][ T9902] syz.2.2458: attempt to access beyond end of device [ 127.661107][ T9902] loop2: rw=8390657, sector=206, nr_sectors = 2 limit=128 [ 127.675604][ T9902] Buffer I/O error on dev loop2, logical block 103, lost async page write [ 127.686053][ T9906] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 127.710673][ T9902] syz.2.2458: attempt to access beyond end of device [ 127.710673][ T9902] loop2: rw=8390657, sector=208, nr_sectors = 2 limit=128 [ 127.725085][ T9902] Buffer I/O error on dev loop2, logical block 104, lost async page write [ 127.734274][ T9902] syz.2.2458: attempt to access beyond end of device [ 127.734274][ T9902] loop2: rw=2049, sector=210, nr_sectors = 6 limit=128 [ 127.748737][ T9902] Buffer I/O error on dev loop2, logical block 107, lost async page write [ 127.758242][ T9902] Buffer I/O error on dev loop2, logical block 108, lost async page write [ 127.767862][ T9902] Buffer I/O error on dev loop2, logical block 119, lost async page write [ 127.776909][ T9902] Buffer I/O error on dev loop2, logical block 120, lost async page write [ 127.810501][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.064056][ T9938] netlink: 'syz.3.2472': attribute type 2 has an invalid length. [ 128.256944][ T9953] syzkaller1: entered promiscuous mode [ 128.271637][ T9953] syzkaller1: entered allmulticast mode [ 128.406218][ T28] kauditd_printk_skb: 168 callbacks suppressed [ 128.406237][ T28] audit: type=1400 audit(1772398692.784:1170): avc: denied { override_creds } for pid=9967 comm="syz.1.2488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 128.464999][ T28] audit: type=1400 audit(1772398692.794:1171): avc: denied { ioctl } for pid=9966 comm="syz.2.2486" path="socket:[26341]" dev="sockfs" ino=26341 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 128.499122][ T9977] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 128.499122][ T9977] The task syz.3.2487 (9977) triggered the difference, watch for misbehavior. [ 128.522485][ T28] audit: type=1400 audit(1772398692.834:1172): avc: denied { read } for pid=9973 comm="syz.4.2489" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 128.578950][ T28] audit: type=1400 audit(1772398692.954:1173): avc: denied { setopt } for pid=9978 comm="syz.2.2490" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 128.619795][ T28] audit: type=1400 audit(1772398692.984:1174): avc: denied { read } for pid=9978 comm="syz.2.2490" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 128.672335][ T9975] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 128.698519][ T9975] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 128.753718][ T28] audit: type=1400 audit(1772398693.104:1175): avc: denied { execmem } for pid=9973 comm="syz.4.2489" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 128.845975][ T28] audit: type=1400 audit(1772398693.224:1176): avc: denied { ioctl } for pid=9991 comm="syz.2.2494" path="socket:[26363]" dev="sockfs" ino=26363 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 128.889906][ T28] audit: type=1400 audit(1772398693.264:1177): avc: denied { write } for pid=9991 comm="syz.2.2494" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 128.985364][ T9998] loop2: detected capacity change from 0 to 1024 [ 129.028767][ T9998] EXT4-fs: Ignoring removed bh option [ 129.036426][ T9998] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 129.047240][ T28] audit: type=1400 audit(1772398693.414:1178): avc: denied { name_connect } for pid=9999 comm="syz.0.2496" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 129.069241][ T9998] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 129.078946][ T9998] EXT4-fs error (device loop2): ext4_map_blocks:776: inode #3: block 2: comm syz.2.2497: lblock 2 mapped to illegal pblock 2 (length 1) [ 129.093055][ T9998] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 129.093279][ T9998] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 129.102429][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 129.102465][ C0] EXT4-fs (loop2): initial error at time 1772398693: ext4_map_blocks:776: inode 3: block 2 [ 129.102521][ C0] EXT4-fs (loop2): last error at time 1772398693: ext4_map_blocks:776: inode 3: block 2 [ 129.148261][ T9998] EXT4-fs error (device loop2): ext4_map_blocks:776: inode #3: block 48: comm syz.2.2497: lblock 0 mapped to illegal pblock 48 (length 1) [ 129.162633][ T9998] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 129.162866][ T9998] EXT4-fs error (device loop2): ext4_acquire_dquot:7001: comm syz.2.2497: Failed to acquire dquot type 0 [ 129.184031][ T9998] loop2: lost filesystem error report for type 5 error -117 [ 129.192703][ T9998] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 129.225355][ T9998] loop2: lost filesystem error report for type 5 error -117 [ 129.225569][ T9998] EXT4-fs error (device loop2): ext4_evict_inode:255: inode #11: comm syz.2.2497: mark_inode_dirty error [ 129.287592][ T9998] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 129.287777][ T9998] EXT4-fs warning (device loop2): ext4_evict_inode:258: couldn't mark inode dirty (err -117) [ 129.315567][ T9998] EXT4-fs (loop2): 1 orphan inode deleted [ 129.322066][ T9998] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.350233][ T9998] EXT4-fs (loop2): shut down requested (1) [ 129.370019][ T6917] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.630870][T10033] loop7: detected capacity change from 0 to 7 [ 129.637346][T10033] loop7: unable to read partition table [ 129.646808][T10033] loop_reread_partitions: partition scan of loop7 (7x~Sj̖P@?X) failed (rc=-5) [ 130.107934][T10063] loop2: detected capacity change from 0 to 1024 [ 130.136933][T10063] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.204339][ T6917] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.234558][T10070] loop2: detected capacity change from 0 to 128 [ 130.340756][T10084] netlink: 'syz.0.2531': attribute type 2 has an invalid length. [ 130.518882][T10107] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2541'. [ 130.581355][T10116] loop2: detected capacity change from 0 to 512 [ 130.602594][T10116] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.623170][T10116] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.680465][ T6917] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.162948][T10137] netlink: 27 bytes leftover after parsing attributes in process `syz.3.2553'. [ 131.215042][T10142] loop3: detected capacity change from 0 to 1024 [ 131.224124][T10142] EXT4-fs: Ignoring removed bh option [ 131.246080][T10142] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 131.258315][T10142] ext4 filesystem being mounted at /376/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 131.279079][T10142] EXT4-fs error (device loop3): ext4_map_blocks:818: inode #15: comm syz.3.2555: lblock 0 mapped to illegal pblock 0 (length 1) [ 131.295080][T10142] EXT4-fs error (device loop3): ext4_map_blocks:776: inode #15: comm syz.3.2555: lblock 0 mapped to illegal pblock 0 (length 1) [ 131.309582][T10142] EXT4-fs error (device loop3): ext4_map_blocks:776: inode #15: comm syz.3.2555: lblock 0 mapped to illegal pblock 0 (length 1) [ 131.325668][T10142] EXT4-fs error (device loop3): ext4_map_blocks:776: inode #15: comm syz.3.2555: lblock 0 mapped to illegal pblock 0 (length 1) [ 131.340026][T10142] EXT4-fs error (device loop3): ext4_map_blocks:776: inode #15: comm syz.3.2555: lblock 0 mapped to illegal pblock 0 (length 1) [ 131.369297][T10142] EXT4-fs error (device loop3): ext4_map_blocks:776: inode #15: comm syz.3.2555: lblock 0 mapped to illegal pblock 0 (length 1) [ 131.385223][T10142] EXT4-fs error (device loop3): ext4_map_blocks:776: inode #15: comm syz.3.2555: lblock 0 mapped to illegal pblock 0 (length 1) [ 131.401161][T10153] EXT4-fs error (device loop3): ext4_free_blocks:6724: comm syz.3.2555: Freeing blocks not in datazone - block = 0, count = 1 [ 131.435008][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 131.946862][T10208] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2584'. [ 131.956084][T10208] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2584'. [ 132.664227][T10254] loop4: detected capacity change from 0 to 512 [ 132.685042][T10254] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 132.717233][T10254] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.2606: bad orphan inode 131083 [ 132.739064][T10254] loop4: lost filesystem error report for type 5 error -117 [ 132.742486][T10254] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 132.768238][ T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 132.844399][ T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 132.877533][ T9] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz0] on syz1 [ 132.936347][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.944290][T10264] fido_id[10264]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 133.010952][T10270] loop3: detected capacity change from 0 to 128 [ 133.437333][ T28] kauditd_printk_skb: 67 callbacks suppressed [ 133.437351][ T28] audit: type=1400 audit(1772398697.784:1244): avc: denied { create } for pid=10283 comm="syz.3.2618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 133.546511][ T28] audit: type=1400 audit(1772398697.904:1245): avc: denied { name_bind } for pid=10293 comm="syz.1.2619" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=tcp_socket permissive=1 [ 133.580222][ T28] audit: type=1400 audit(1772398697.954:1246): avc: denied { accept } for pid=10291 comm="syz.2.2621" lport=54276 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 133.684763][T10307] loop3: detected capacity change from 0 to 128 [ 133.691821][T10307] EXT4-fs: Ignoring removed nobh option [ 133.720088][T10307] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 133.746146][ T28] audit: type=1400 audit(1772398698.124:1247): avc: denied { ioctl } for pid=10311 comm="syz.0.2630" path="socket:[27871]" dev="sockfs" ino=27871 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 133.762362][T10307] ext4 filesystem being mounted at /390/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 133.791661][ T28] audit: type=1400 audit(1772398698.124:1248): avc: denied { bind } for pid=10311 comm="syz.0.2630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 133.835242][ T28] audit: type=1400 audit(1772398698.204:1249): avc: denied { map } for pid=10306 comm="syz.3.2628" path="/390/mnt/file1" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 133.890439][ T28] audit: type=1400 audit(1772398698.204:1250): avc: denied { execute } for pid=10306 comm="syz.3.2628" path="/390/mnt/file1" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 133.915066][ T28] audit: type=1400 audit(1772398698.294:1251): avc: denied { write } for pid=10316 comm="syz.2.2632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 133.944859][ T28] audit: type=1400 audit(1772398698.324:1252): avc: denied { create } for pid=10318 comm="syz.4.2634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 133.967343][ T28] audit: type=1400 audit(1772398698.344:1253): avc: denied { write } for pid=10318 comm="syz.4.2634" path="socket:[27879]" dev="sockfs" ino=27879 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 133.968378][ T5193] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 134.050786][T10322] loop3: detected capacity change from 0 to 1024 [ 134.067540][T10322] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.232514][ T5193] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.173572][T10384] loop2: detected capacity change from 0 to 512 [ 136.222047][T10384] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.259022][T10389] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 136.263040][T10396] syzkaller1: entered promiscuous mode [ 136.268627][T10384] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.286069][T10396] syzkaller1: entered allmulticast mode [ 136.304919][ T6917] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.337578][T10405] loop2: detected capacity change from 0 to 128 [ 137.018005][T10422] loop4: detected capacity change from 0 to 1024 [ 137.059935][T10422] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.966924][T10434] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 137.976138][T10434] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 139.351145][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.539271][T10452] loop4: detected capacity change from 0 to 128 [ 139.560485][ T28] kauditd_printk_skb: 11 callbacks suppressed [ 139.560501][ T28] audit: type=1400 audit(1772398703.944:1265): avc: denied { read } for pid=3038 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 139.598249][T10452] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 139.621907][T10452] ext4 filesystem being mounted at /514/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 139.680633][ T3309] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 139.772506][T10467] tipc: Resetting bearer [ 139.827859][T10472] xt_hashlimit: size too large, truncated to 1048576 [ 140.101223][ T28] audit: type=1400 audit(1772398704.484:1266): avc: denied { mount } for pid=10477 comm="syz.4.2696" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 140.158170][T10483] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 140.189323][ T28] audit: type=1400 audit(1772398704.564:1267): avc: denied { create } for pid=10484 comm="syz.4.2699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 140.217396][T10485] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 140.238048][ T28] audit: type=1400 audit(1772398704.594:1268): avc: denied { bind } for pid=10484 comm="syz.4.2699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 140.279186][ T28] audit: type=1400 audit(1772398704.644:1269): avc: denied { write } for pid=10484 comm="syz.4.2699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 140.369045][ T28] audit: type=1400 audit(1772398704.744:1270): avc: denied { read write } for pid=10490 comm="syz.1.2702" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 140.371131][T10493] 9p: Bad value for 'rfdno' [ 140.408687][T10500] bridge_slave_1: Caught tx_queue_len zero misconfig [ 140.441155][ T28] audit: type=1400 audit(1772398704.744:1271): avc: denied { open } for pid=10490 comm="syz.1.2702" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 140.500588][T10502] pim6reg1: entered promiscuous mode [ 140.505922][T10502] pim6reg1: entered allmulticast mode [ 140.814842][T10519] syzkaller1: entered promiscuous mode [ 140.820898][T10519] syzkaller1: entered allmulticast mode [ 141.133652][ T28] audit: type=1400 audit(1772398705.514:1272): avc: denied { map } for pid=10538 comm="syz.4.2723" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 141.271460][T10555] loop2: detected capacity change from 0 to 1024 [ 141.277424][T10549] serio: Serial port ptm0 [ 141.299385][T10554] loop4: detected capacity change from 0 to 4096 [ 141.388600][T10555] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 141.390385][T10554] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.419266][T10555] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 141.429129][T10555] EXT4-fs error (device loop2): ext4_acquire_dquot:7001: comm syz.2.2729: Failed to acquire dquot type 0 [ 141.450405][T10555] loop2: lost filesystem error report for type 5 error -5 [ 141.451029][T10555] EXT4-fs (loop2): 1 truncate cleaned up [ 141.463953][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 141.463980][ C1] EXT4-fs (loop2): initial error at time 1772398705: ext4_acquire_dquot:7001 [ 141.464028][ C1] EXT4-fs (loop2): last error at time 1772398705: ext4_acquire_dquot:7001 [ 141.518189][T10554] EXT4-fs error (device loop4): ext4_do_update_inode:5569: inode #15: comm syz.4.2728: corrupted inode contents [ 141.541266][T10563] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10563 comm=syz.0.2732 [ 141.554835][T10555] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.576049][T10554] EXT4-fs error (device loop4): ext4_dirty_inode:6450: inode #15: comm syz.4.2728: mark_inode_dirty error [ 141.616233][T10555] EXT4-fs error (device loop2): ext4_acquire_dquot:7001: comm syz.2.2729: Failed to acquire dquot type 0 [ 141.623097][T10554] EXT4-fs error (device loop4): ext4_do_update_inode:5569: inode #15: comm syz.4.2728: corrupted inode contents [ 141.678194][ T6917] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.680334][T10554] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.2728: mark_inode_dirty error [ 141.713789][T10554] EXT4-fs error (device loop4): ext4_do_update_inode:5569: inode #15: comm syz.4.2728: corrupted inode contents [ 141.726742][T10554] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.2728: mark_inode_dirty error [ 141.739377][T10554] EXT4-fs error (device loop4): ext4_do_update_inode:5569: inode #15: comm syz.4.2728: corrupted inode contents [ 141.755266][ T3419] hid-generic FFFF:0003:0000.0005: unknown main item tag 0x0 [ 141.765508][ T3419] hid-generic FFFF:0003:0000.0005: unknown main item tag 0x0 [ 141.785254][T10554] EXT4-fs error (device loop4): ext4_truncate:4587: inode #15: comm syz.4.2728: mark_inode_dirty error [ 141.799991][ T3419] hid-generic FFFF:0003:0000.0005: hidraw0: HID v0.03 Device [syz1] on syz1 [ 141.829447][T10577] fido_id[10577]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 141.829878][T10554] EXT4-fs error (device loop4) in ext4_setattr:5983: Corrupt filesystem [ 141.895534][T10564] EXT4-fs error (device loop4): ext4_do_update_inode:5569: inode #15: comm syz.4.2728: corrupted inode contents [ 142.087764][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.447295][T10639] netlink: 'syz.2.2765': attribute type 29 has an invalid length. [ 142.469661][T10639] netlink: 'syz.2.2765': attribute type 29 has an invalid length. [ 142.488570][T10639] netlink: 500 bytes leftover after parsing attributes in process `syz.2.2765'. [ 142.609889][T10651] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10651 comm=syz.4.2770 [ 142.909130][T10672] loop3: detected capacity change from 0 to 164 [ 142.931960][T10672] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 142.986507][T10674] xt_hashlimit: size too large, truncated to 1048576 [ 143.205955][T10680] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2782'. [ 143.406856][T10694] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2788'. [ 143.496763][T10700] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 143.563891][T10704] SELinux: Context system_u:object_r:ppp_device_t:s0 is not valid (left unmapped). [ 143.986708][T10747] IPVS: You probably need to specify IP address on multicast interface. [ 144.005254][T10747] IPVS: Error connecting to the multicast addr [ 144.276275][T10764] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2820'. [ 144.620021][ T28] kauditd_printk_skb: 34 callbacks suppressed [ 144.620038][ T28] audit: type=1400 audit(1772398709.004:1305): avc: denied { read } for pid=10770 comm="syz.1.2823" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 144.716127][T10783] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2830'. [ 144.725877][T10783] netlink: 'syz.0.2830': attribute type 30 has an invalid length. [ 144.745348][ T4541] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.759282][ T4541] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.768750][ T4541] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.778403][ T4541] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.858516][T10800] loop2: detected capacity change from 0 to 1024 [ 144.878588][T10800] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a055c01c, mo2=0002] [ 144.892004][T10800] System zones: 0-1, 3-36 [ 144.938938][T10800] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.951910][ T28] audit: type=1400 audit(1772398709.304:1306): avc: denied { getopt } for pid=10802 comm="syz.0.2838" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 145.092105][ T6917] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.106913][ T28] audit: type=1326 audit(1772398709.484:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10816 comm="syz.0.2844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 145.165184][ T28] audit: type=1326 audit(1772398709.484:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10816 comm="syz.0.2844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 145.190277][ T28] audit: type=1326 audit(1772398709.524:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10816 comm="syz.0.2844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 145.218533][ T28] audit: type=1326 audit(1772398709.524:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10816 comm="syz.0.2844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 145.242911][ T28] audit: type=1326 audit(1772398709.524:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10816 comm="syz.0.2844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a5aac799 code=0x7ffc0000 [ 145.359100][ T28] audit: type=1400 audit(1772398709.734:1312): avc: denied { setopt } for pid=10837 comm="syz.2.2854" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 145.496272][T10847] netlink: 'syz.2.2858': attribute type 3 has an invalid length. [ 145.752885][ T28] audit: type=1400 audit(1772398710.124:1313): avc: denied { append } for pid=10852 comm="syz.1.2861" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 145.821445][T10857] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2863'. [ 145.821903][ T28] audit: type=1400 audit(1772398710.164:1314): avc: denied { map } for pid=10852 comm="syz.1.2861" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 145.913693][T10862] ================================================================== [ 145.921831][T10862] BUG: KCSAN: data-race in bq_flush_to_queue / cpu_map_kthread_run [ 145.929847][T10862] [ 145.932187][T10862] write to 0xffff888119bdd6c0 of 8 bytes by task 10864 on cpu 0: [ 145.940006][T10862] cpu_map_kthread_run+0x4fe/0x1680 [ 145.945227][T10862] kthread+0x22a/0x280 [ 145.949323][T10862] ret_from_fork+0x150/0x360 [ 145.954043][T10862] ret_from_fork_asm+0x1a/0x30 [ 145.958831][T10862] [ 145.961174][T10862] read to 0xffff888119bdd6c0 of 8 bytes by task 10862 on cpu 1: [ 145.968845][T10862] bq_flush_to_queue+0x124/0x360 [ 145.973815][T10862] cpu_map_enqueue+0x1ad/0x1c0 [ 145.978598][T10862] xdp_do_redirect_frame+0x27b/0x580 [ 145.983919][T10862] bpf_test_run_xdp_live+0xac3/0x1360 [ 145.989321][T10862] bpf_prog_test_run_xdp+0x57b/0xa10 [ 145.994627][T10862] bpf_prog_test_run+0x204/0x340 [ 145.999591][T10862] __sys_bpf+0x52e/0x7e0 [ 146.003849][T10862] __x64_sys_bpf+0x41/0x50 [ 146.008304][T10862] x64_sys_call+0x10cb/0x3020 [ 146.013419][T10862] do_syscall_64+0x12c/0x370 [ 146.018041][T10862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.024128][T10862] [ 146.026459][T10862] value changed: 0xffff888124242070 -> 0x0000000000000000 [ 146.033578][T10862] [ 146.035909][T10862] Reported by Kernel Concurrency Sanitizer on: [ 146.042071][T10862] CPU: 1 UID: 0 PID: 10862 Comm: syz.2.2866 Tainted: G W syzkaller #0 PREEMPT(full) [ 146.053087][T10862] Tainted: [W]=WARN [ 146.056899][T10862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 146.066966][T10862] ==================================================================