last executing test programs: 3m4.07826526s ago: executing program 1 (id=344): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68a75f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014000000008080002"], 0x1ec}, 0x1, 0x0, 0x0, 0x4000840}, 0x0) 3m3.925049559s ago: executing program 1 (id=347): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x38}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0) 3m3.855872723s ago: executing program 1 (id=348): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=@newqdisc={0x58, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x8000, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x6, 0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4, 0x8002}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0xc, 0xc89f, 0xffff5ef5, 0x0, 0x19, 0x3, 0x2800}}, {0x4}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x803}, 0x20004004) 3m3.810546376s ago: executing program 1 (id=349): r0 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$TIOCL_BLANKSCREEN(r0, 0x560e, &(0x7f0000000000)) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000040)={0x8, 0x41}) 3m3.605481808s ago: executing program 1 (id=355): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) 3m3.21597189s ago: executing program 1 (id=360): r0 = socket(0x11, 0xa, 0x0) write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7) sendmsg$can_bcm(r0, &(0x7f0000000140)={&(0x7f0000000000), 0x12, &(0x7f0000000080)={0x0, 0x4}, 0x8}, 0x0) 2m47.842187509s ago: executing program 32 (id=360): r0 = socket(0x11, 0xa, 0x0) write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7) sendmsg$can_bcm(r0, &(0x7f0000000140)={&(0x7f0000000000), 0x12, &(0x7f0000000080)={0x0, 0x4}, 0x8}, 0x0) 1m53.793318908s ago: executing program 5 (id=2538): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4) sendmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x4000010}, 0x4000010) recvmsg$unix(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)}, 0x2062) 1m53.761750361s ago: executing program 5 (id=2539): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000180), 0x4) 1m53.739107652s ago: executing program 5 (id=2540): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x6, @remote, 0x2}}, 0x0, 0x0, 0x6, 0x0, "3f114438efdaca16d374b49a365be44d5e860ea3ba676c0b5047b80e2c3535d5bd9db3c8572560f4d1be5cd41f7716082ee3589f099942e6f1c395ddb8160381baadf27900"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x20000000, @remote}}, 0x0, 0x0, 0x0, 0x0, "ddfd3b7ed7c6a1c172a987ae5ce3cafd64c9a736831a5912d606798fb75c9981c4b3ac0e06891ff18bc5543ed57215a3c45f9154dfa319e52a15a2b9acf80c07fb1a854dad742eef6187f2304844c296"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000004c0)={@in6={{0xa, 0x4e20, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x6}}, 0x0, 0x0, 0x0, 0x0, "abf1df964b38b7f9595ee641a4a0414b0121e0b9dccd97477da74a510c0f61951406a0e3f6a699d14967c3bb07085a6c0d3bf00d2e8c9c5fa92a8839ce262db0f8c84425bd81204809c9bf14178d6745"}, 0xd8) 1m53.633838858s ago: executing program 5 (id=2542): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x2014050, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) umount2(&(0x7f00000000c0)='./file0\x00', 0x4) 1m53.629850108s ago: executing program 5 (id=2544): write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xfffffd26) capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7}) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000)) 1m53.361467854s ago: executing program 5 (id=2552): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee5, 0x11, r1, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000001180)={'broute\x00', 0x0, 0x0, 0x0, [0x5, 0x1000, 0x1, 0x81, 0x4a3e, 0x5], 0x0, 0x0}, 0x78) 1m53.336728285s ago: executing program 33 (id=2552): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee5, 0x11, r1, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000001180)={'broute\x00', 0x0, 0x0, 0x0, [0x5, 0x1000, 0x1, 0x81, 0x4a3e, 0x5], 0x0, 0x0}, 0x78) 17.137831988s ago: executing program 0 (id=5836): r0 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0xc840) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=@newtfilter={0x78, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x6}, {}, {0x7, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0x44, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth1_to_team\x00'}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xffc, 0xb709, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}, @TCA_U32_LINK={0x4}]}}, @TCA_CHAIN={0x8, 0xb, 0x4}]}, 0x78}, 0x1, 0x0, 0x0, 0x4004884}, 0x24040084) 17.075948871s ago: executing program 0 (id=5839): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r1, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e) close_range(r0, 0xffffffffffffffff, 0x0) 17.009288565s ago: executing program 0 (id=5842): socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x8) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_clone3(&(0x7f0000000240)={0x200a00000, 0x0, 0x0, 0x0, {0x2c}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) 17.007217145s ago: executing program 0 (id=5844): mkdir(&(0x7f0000000200)='./file1\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) unlink(&(0x7f00000002c0)='./file1\x00') 16.943606619s ago: executing program 0 (id=5848): openat$dir(0xffffff9c, &(0x7f0000000580)='./file0\x00', 0x4041, 0x148) r0 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=0x0, &(0x7f00000007c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r0, 0x4d10, 0x2, 0x2, 0x0, 0x0) 16.667979955s ago: executing program 0 (id=5856): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_ext={0x1c, 0x8, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffff8}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r0, &(0x7f0000000180), &(0x7f0000000540)=""/119}, 0x20) 16.667763925s ago: executing program 34 (id=5856): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_ext={0x1c, 0x8, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffff8}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r0, &(0x7f0000000180), &(0x7f0000000540)=""/119}, 0x20) 2.111783226s ago: executing program 6 (id=6352): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xffffffffffffffff) sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x3ec0) pselect6(0x40, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0xfffffffffffffff9, 0x80000000000, 0x0, 0xfffffffffffff30a, 0x5}, &(0x7f0000000000)={0x1c, 0x26d7, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x6, 0x9}, 0x0, 0x0, 0x0) 2.04578387s ago: executing program 6 (id=6353): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0) shutdown(r0, 0x0) sendfile(r0, r1, 0x0, 0xdc) 2.04567075s ago: executing program 6 (id=6354): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="8f6846f7407a2fe8cf5cab11cf5f66ba", 0x10) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 2.002673563s ago: executing program 6 (id=6355): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000480)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000180)={'c', ' *:* ', 'rwm\x00'}, 0xa) 1.950265516s ago: executing program 6 (id=6357): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000080)=0xfffffffd, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x9, @loopback, 0x266}, 0x1c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x56202326, @empty, 0x4000008}, 0x1c) 1.457250774s ago: executing program 4 (id=6367): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r1 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000240)=0x8) 1.404155428s ago: executing program 4 (id=6368): prlimit64(0x0, 0x8, &(0x7f0000000080), 0x0) newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) setresuid(0xee01, r0, r0) mlock2(&(0x7f0000341000/0x3000)=nil, 0x3000, 0x1) 1.269362276s ago: executing program 4 (id=6372): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000010000008500000086000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x28, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0xa000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) bpf$MAP_CREATE(0x0, 0x0, 0x48) 1.064953548s ago: executing program 6 (id=6379): syz_usb_connect$uac1(0x2, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0}) write(r0, &(0x7f0000000000)="fa", 0xfffffdef) 855.606899ms ago: executing program 3 (id=6380): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00') fchdir(r0) readlinkat(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup\x00', 0xfffffffffffffffe, 0xfe9c) openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup\x00', &(0x7f0000000040)={0x200000, 0x0, 0x22}, 0x18) 805.013193ms ago: executing program 3 (id=6381): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8001}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0xa, 0x300) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 699.727399ms ago: executing program 7 (id=6383): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000780)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea6f464160af36514001ac00800020004000200060005000364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 640.753012ms ago: executing program 7 (id=6384): syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x2004000, &(0x7f0000000180)=ANY=[@ANYRES64=0x0], 0xfe, 0x122e, &(0x7f0000001280)="$eJzs3E1rXFUYB/DHSdrExLyotVpBerAb3VySLNwoSJAUpANK2witINyaiQ65zoTcITAiRldu3fgB3IpLd4K4001c+BncZePShXqlM+lL7GjQau8Qfr/NPMy5f3jO3OHAGebcg5c+fW9rs8w28140Hno5GtsRk7+lSNGIWz6K51/87vtnrly7fmm12Vy7nNLF1avLL6SU5s9/8+YHXz77bW/2ja/mv56K/cW3Dn5e+Wn/7P65g9+vvtsuU7tMnW4v5elGt9vLbxSttNEut7KUXi9aedlK7U7Z2jkyvll0t7f7Ke9szM1s77TKMuWdftpq9VOvm3o7/ZS/k7c7KcuyNDcT3I/1L36pqiqiqk7F6aiqqno4ZqIRj8RczMdCLMaj8Vg8HmfiiTgbT8ZTcW5wVd19AwAAAAAAAAAAAAAAAAAAwMky6vz/7D3n/z+LGHX+/3zNzQMAAAAAAAAAAAAAAAAAAMAJceXa9Uurzeba5ZSmI4pPdtd314evw/HVzWhHEa1YioX4NQan/4eG9elori2lgcX4uNg7zO/trk8czS8PHidwT/7iq8215WE+Hc1Pxczd+ZVYiDOj8yt/yl8Y5KfjuQt35bNYiB/fjm4UsRE3s3fyHy6n9Mprzdv5H/aHc9+o8b4AAADAfylLt43cv2fZX40P88f9PnBzf710Z38eixGH+cl4erLeuRNR9t/fyouitVN7cauj4Tt7ETEmjf3rohERY9DG3xSnjr1mtobGPp+NuI/4xJEv0lh8zmNeTI8aOm7lmPhf1yUejMObPlV3HwAAAAAAAAAAAPwzD+IPhnXPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mAHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXwUAAP//3m/GvA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc) 554.859557ms ago: executing program 3 (id=6385): syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x2000, @fd_index=0x3, 0x0, &(0x7f0000000440)}) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4}) ioctl$sock_netdev_private(r0, 0x89f3, &(0x7f0000000000)) 500.69272ms ago: executing program 3 (id=6386): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000005c0)={{0xa, 0xfffc, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x33}}}, {0xa, 0x0, 0x1, @empty}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}}, 0x5c) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x2, 0x4) 431.483995ms ago: executing program 3 (id=6387): perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xeffffffb, 0x1, @perf_config_ext={0x3fffffffc, 0xffffffffffffffff}, 0x102802, 0x0, 0x0, 0x3, 0xfff, 0x8001, 0x7fff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) futex(&(0x7f00000040c0), 0x6, 0x0, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) futex(&(0x7f00000040c0), 0x87, 0x3, 0x0, 0x0, 0x2) 365.861958ms ago: executing program 7 (id=6388): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f00001d8000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) write$cgroup_subtree(r0, &(0x7f00000000c0)={[{0x7a916e971c0e550f, 'blkio'}]}, 0x7) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x88661, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x1, 0x6, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 358.746788ms ago: executing program 3 (id=6389): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) mq_getsetattr(0xffffffffffffffff, 0x0, 0x0) 314.352741ms ago: executing program 2 (id=6390): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0xa, 0x4e21, 0x80000, @local, 0xfffffffe}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@hopopts_2292={{0x18, 0x29, 0x36, {0x73}}}, @hopopts_2292={{0x18, 0x29, 0x36, {0x2}}}], 0x30}, 0x40c0) 296.070213ms ago: executing program 4 (id=6391): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x100000000000009, 0x3c033, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x8312, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x400000000, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x21, 0x0, 0x0, 0x100000, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000000, 0x0, 0x200000000000000}, 0x50) 270.509004ms ago: executing program 2 (id=6392): socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000100)={0x0, 0x0}) close(r0) setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x127) recvmsg(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000840)=""/165, 0xa5}], 0x1, &(0x7f0000001a80)=""/161, 0xa1}, 0x2000) 236.748836ms ago: executing program 2 (id=6393): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0x60, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 204.506348ms ago: executing program 2 (id=6394): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x4, 0x0, 0x8}]}}, 0x0, 0x26}, 0x28) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d800000024008106", 0x8}], 0x1}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe00002a"], 0xfe33) 164.10187ms ago: executing program 2 (id=6395): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) syz_mount_image$msdos(&(0x7f00000006c0), &(0x7f0000000280)='./file0\x00', 0xc0, &(0x7f0000000080)=ANY=[@ANYBLOB="646f74732c6e66732c71756965742c6e6f646f74732c636865636b3d7374726963742c6e66733d7374616c655f72772c646f74732c6572726f72733d636f6e74696e7565008000000000000074732c00"], 0x1, 0x246, &(0x7f00000016c0)="$eJzs3TFu01AcBvB/2rQNZaAzYrDEwlQBN7BQkBCWkII8wISlwtIiJHcxTDkGZ+BIHKNTNyNqixS3MFRu3ca/nxT5Uz45eW/Jy/Be8uHR58ODL8ef6p/fYzZLYhqxjNOIvdiIzWhM2uvGWd6O85YBANw1i0WRDj0GejS5+FRZpsVWROxcaPIfNzMoAAAAAAAAAAAA+mb/PwCMj/3/668s02K3/f72N/v/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOGc1vWD+j+PoccHAPTP+g8A42P9B4Dxsf4DwPi8fff+dZpl80WSzCJOllVe5c216V++yuZPkzN7q7tOqirfanM2f9b0Sbffbe9/fmm/HU8eN/3v7sWbrNPvxMF1Tx4AAAAAAAAAAAAAAAAAAABuif3kj875/s2m3/9X36Rzvw/QOb8/jYfTG5sGAAAAAAAAAAAAAAAAAAAA3GnHX78dFkdHH0thpOH+JdW9uMILzuI2TEfoKQz9yQQAAAAAAAAAAAAAAAAAAOOzOvQ79EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDir//+/vtB9z0lMhpksAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsNZ+BQAA///TbZE4") mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) 156.44905ms ago: executing program 7 (id=6396): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000440000004400000009000000000000000000000905000000070000000000001201000000000000000100000d010000000000000002000000000000000000000d000000000000000000000002"], 0x0, 0x65, 0x0, 0x0, 0x1}, 0x28) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e24, @multicast2}}, 0x3, 0x200}, 0x90) 146.961201ms ago: executing program 4 (id=6397): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x8, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x5}, 0x0, 0x10000, 0x8, 0x5, 0x8, 0x20005, 0x7, 0x0, 0x0, 0x0, 0x20004006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0xf1, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0xf1ffffff, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_HH_FLOWS_LIMIT={0x4}]}}]}, 0x38}}, 0x0) 89.168155ms ago: executing program 7 (id=6398): r0 = socket$inet6(0xa, 0x3, 0x8) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x1, 0xd95b}, 0x28) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000000)=0x7c, 0x4) sendmmsg$inet6(r0, &(0x7f0000000400)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @empty, 0x20}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x002'], 0x28}}], 0x1, 0x20000000) 88.611445ms ago: executing program 4 (id=6399): syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x21881e, &(0x7f00000000c0)={[{@user_xattr}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@stripe={'stripe', 0x3d, 0x5}}]}, 0x3, 0x50f, &(0x7f0000000680)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOUCQqgSokeQtiHxRlHsOIqd0oQ9pGeuSFTiBEf+AG5IPSFx5ILgxqUckPgRgRokDoNmPMk6WbuJNokdxZ+PNJr35s36+32bnffWL4lfACPrdkTsR8RERLwbEbP59UJ+xFudI73vk4NHK4cHj1YKkSTv/LOQtafXouvPpG7lr1mOiO9/O+JHhSfjtnb3Npbr9dp2Xp9vN7bmW7t799Yby2u1tdpmtbq0uLTwxv3Xq5fW15caE3npix//Yf9rP0nTmsmvdPfjMnW6XjqOkxqPiO9eRbAhGMv7MzHsRHgqxYh4PiJezp7/2RjLvpoAwE2WJLORzHbXAYCbrpitgRWKlXwtYCaKxUqls4b3QkwX681W++7D5s7mametbC5KxYfr9dpCvlY4F6VCWl/Myo/r1VP1+xHxXET8bHIqq1dWmvXVYf7HBwBG2K1T8/9/JjvzPwBww5WHnQAAMHDmfwAYPeZ/ABg95n8AGD2d+X9q2GkAAAPk/T8AjB7zPwCMlO+9/XZ6JIf551+vvre7s9F8795qrbVRaeysVFaa21uVtWZzLfvMnsZZr1dvNrcWX4ud9+e+vtVqz7d29x40mjub7QfZ53o/qJWyu/YH0DMAoJ/nXvroz4V0Rn5zKjuiay+H0lAzA65acdgJAEMzNuwEgKGx2xeMrgu8x7c8ADdEjy16j/3+W0lS7vULQkmSJFebFnCF7nzO+j+Mqq71fz8FDCPG+j+MLuv/MLqSpHDePf/jvDcCANebNX6gz/f/n8/Pv86/OfDD1dN3fHiVWQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD1drT/byXfC3wmisVKJeKZiJiLUuHher22EBHPRsSfJkuTaX1xyDkDABdV/Fsh3//rzuyrMyeaXrx1XJyIiB//4p2fv7/cbm//MWKi8K/Jo+vtD/Pr1cFnDwCc7Wiezs5db+Q/OXi0cnQMMp+/fzMiyp34hwcTcXgcfzzGs3M5ShEx/e9CXu8odK1dXMT+BxHx2V79L8RMtgbS2fn0dPw09jMDjV88Eb+YtXXO6d/FZy4hFxg1H6Xjz1u9nr9i3M7OvZ//cjZCXVw+/qUvtXKYjYGP4x+Nf2N9xr/b543x2u++0ylNPdn2QcTnxyOOYh92jT9H8Qt94r96+sX6DIh/+cKLL/fLLfllxJ3oHb871ny7sTXf2t27t95YXqut1Tar1aXFpYU37r9enc/WqOf7zwb/ePPus/3a0v5P94lfPqP/X+4b8aRf/e/dH3zpU+J/9ZVe8YvxwqfET+fEr5wz/vL0b8r92tL4q336f9bX/+4543/8170ntg0HAIantbu3sVyv17b7Fn47ffY9CgoDKaT/ZK9BGj0L3xhUrIno3fTTVzrP9KmmJHmqWCfHicfvHC9j1Q24Do4f+oj477CTAQAAAAAAAAAAAAAAehrEbywNu48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcXP8PAAD//9140jY=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x80) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfe}], 0x1, 0x5405, 0x0, 0x0) sendfile(r0, r0, 0x0, 0x7a680000) 23.448718ms ago: executing program 7 (id=6400): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) membarrier(0x4, 0x0) 0s ago: executing program 2 (id=6401): mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sendmmsg$inet(r0, &(0x7f0000001380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) socket(0x10, 0x3, 0x0) kernel console output (not intermixed with test programs): 128 [ 162.133131][T12407] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3869'. [ 162.227243][T12417] loop3: detected capacity change from 0 to 1024 [ 162.260586][T12417] EXT4-fs: Ignoring removed bh option [ 162.270951][T12417] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 162.316879][T12417] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #3: block 1: comm syz.3.3873: lblock 1 mapped to illegal pblock 1 (length 1) [ 162.340701][T12417] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.3873: Failed to acquire dquot type 0 [ 162.355252][T12417] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.3873: Freeing blocks not in datazone - block = 0, count = 4096 [ 162.381987][T12417] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.3873: Invalid inode bitmap blk 0 in block_group 0 [ 162.408067][ T12] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 162.435109][ T12] __quota_error: 24 callbacks suppressed [ 162.435131][ T12] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 162.453387][ T12] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:0: Failed to release dquot type 0 [ 162.473321][T12417] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem [ 162.483651][T12417] EXT4-fs (loop3): 1 orphan inode deleted [ 162.509757][T12417] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 162.523130][T12435] loop2: detected capacity change from 0 to 128 [ 162.537463][T12435] FAT-fs (loop2): Directory bread(block 162) failed [ 162.546989][T12435] FAT-fs (loop2): Directory bread(block 163) failed [ 162.555015][T12435] FAT-fs (loop2): Directory bread(block 164) failed [ 162.571988][T12435] FAT-fs (loop2): Directory bread(block 165) failed [ 162.579105][T12435] FAT-fs (loop2): Directory bread(block 166) failed [ 162.586090][T12435] FAT-fs (loop2): Directory bread(block 167) failed [ 162.594269][T12435] FAT-fs (loop2): Directory bread(block 168) failed [ 162.601607][T12435] FAT-fs (loop2): Directory bread(block 169) failed [ 162.609185][T12435] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 162.634154][T12435] FAT-fs (loop2): Directory bread(block 162) failed [ 162.641569][T12435] FAT-fs (loop2): Directory bread(block 163) failed [ 162.668544][T12435] syz.2.3880: attempt to access beyond end of device [ 162.668544][T12435] loop2: rw=8388611, sector=226, nr_sectors = 6 limit=128 [ 162.689597][T12435] syz.2.3880: attempt to access beyond end of device [ 162.689597][T12435] loop2: rw=8390659, sector=232, nr_sectors = 2 limit=128 [ 162.732585][T12445] loop3: detected capacity change from 0 to 256 [ 162.757185][T12445] FAT-fs (loop3): error, clusters badly computed (0 != 128) [ 162.767206][T12445] FAT-fs (loop3): Filesystem has been set read-only [ 162.777132][T12445] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 162.788566][T12445] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 162.879775][T12452] bond1: option lacp_rate: invalid value (45) [ 162.899223][T12452] bond1 (unregistering): Released all slaves [ 163.069069][T12468] loop3: detected capacity change from 0 to 128 [ 163.355061][ T12] kworker/u8:0: attempt to access beyond end of device [ 163.355061][ T12] loop3: rw=1, sector=145, nr_sectors = 16 limit=128 [ 163.392420][ T12] kworker/u8:0: attempt to access beyond end of device [ 163.392420][ T12] loop3: rw=1, sector=169, nr_sectors = 8 limit=128 [ 163.415173][ T12] kworker/u8:0: attempt to access beyond end of device [ 163.415173][ T12] loop3: rw=1, sector=185, nr_sectors = 8 limit=128 [ 163.446151][ T12] kworker/u8:0: attempt to access beyond end of device [ 163.446151][ T12] loop3: rw=1, sector=201, nr_sectors = 8 limit=128 [ 163.475111][ T12] kworker/u8:0: attempt to access beyond end of device [ 163.475111][ T12] loop3: rw=1, sector=217, nr_sectors = 8 limit=128 [ 163.495281][ T12] kworker/u8:0: attempt to access beyond end of device [ 163.495281][ T12] loop3: rw=1, sector=233, nr_sectors = 8 limit=128 [ 163.567696][ T12] kworker/u8:0: attempt to access beyond end of device [ 163.567696][ T12] loop3: rw=1, sector=249, nr_sectors = 8 limit=128 [ 163.611512][ T12] kworker/u8:0: attempt to access beyond end of device [ 163.611512][ T12] loop3: rw=1, sector=265, nr_sectors = 8 limit=128 [ 163.770493][T12513] loop4: detected capacity change from 0 to 128 [ 163.799337][T12513] EXT4-fs mount: 24 callbacks suppressed [ 163.799361][T12513] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 163.828952][T12514] loop3: detected capacity change from 0 to 1024 [ 163.836913][T12514] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 163.849316][T12514] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 163.868433][T12513] ext4 filesystem being mounted at /801/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 163.880288][T12514] JBD2: no valid journal superblock found [ 163.886288][T12514] EXT4-fs (loop3): Could not load journal inode [ 163.895946][T12514] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 163.960136][ T3322] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 163.986362][T12523] loop3: detected capacity change from 0 to 512 [ 164.046929][T12523] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.068402][T12533] loop4: detected capacity change from 0 to 256 [ 164.096866][T12523] ext4 filesystem being mounted at /784/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.112124][T12533] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 164.182578][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.203069][T12539] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 164.220356][T12539] team0: Port device batadv1 added [ 164.226128][ T29] audit: type=1400 audit(1770114684.924:1195): avc: denied { write } for pid=12542 comm="syz.2.3928" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 164.270815][T12545] loop3: detected capacity change from 0 to 512 [ 164.299513][T12545] EXT4-fs (loop3): orphan cleanup on readonly fs [ 164.309391][T12545] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.3927: bad orphan inode 13 [ 164.327570][T12545] ext4_test_bit(bit=12, block=18) = 1 [ 164.333103][T12545] is_bad_inode(inode)=0 [ 164.337305][T12545] NEXT_ORPHAN(inode)=2130706432 [ 164.342376][T12545] max_ino=32 [ 164.345613][T12545] i_nlink=1 [ 164.397945][T12545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 164.488707][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.515557][T12564] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3935'. [ 164.731238][T12586] FAT-fs (loop4): error, clusters badly computed (0 != 128) [ 164.738877][T12586] FAT-fs (loop4): Filesystem has been set read-only [ 164.750865][T12586] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 164.766400][T12586] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 165.038274][T12625] netlink: 'syz.0.3963': attribute type 1 has an invalid length. [ 165.047311][T12625] netlink: 'syz.0.3963': attribute type 2 has an invalid length. [ 165.381473][ C1] vcan0: j1939_tp_rxtimer: 0xffff88812fd4ae00: rx timeout, send abort [ 165.502331][T12655] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3976'. [ 165.553942][ T29] audit: type=1326 audit(1770114686.254:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12658 comm="syz.2.3979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42bf67aeb9 code=0x7ffc0000 [ 165.592093][ T29] audit: type=1326 audit(1770114686.254:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12658 comm="syz.2.3979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42bf67aeb9 code=0x7ffc0000 [ 165.616051][ T29] audit: type=1326 audit(1770114686.254:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12658 comm="syz.2.3979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42bf67aeb9 code=0x7ffc0000 [ 165.641543][ T29] audit: type=1326 audit(1770114686.254:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12658 comm="syz.2.3979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42bf67aeb9 code=0x7ffc0000 [ 165.667949][ T29] audit: type=1326 audit(1770114686.254:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12658 comm="syz.2.3979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f42bf67aeb9 code=0x7ffc0000 [ 165.695215][ T29] audit: type=1326 audit(1770114686.264:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12658 comm="syz.2.3979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42bf67aeb9 code=0x7ffc0000 [ 165.720350][ T29] audit: type=1326 audit(1770114686.334:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12658 comm="syz.2.3979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42bf67aeb9 code=0x7ffc0000 [ 165.745180][ T29] audit: type=1326 audit(1770114686.334:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12658 comm="syz.2.3979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f42bf67ac22 code=0x7ffc0000 [ 165.856710][T12678] netlink: 'syz.3.3985': attribute type 29 has an invalid length. [ 165.890285][ C1] vcan0: j1939_tp_rxtimer: 0xffff88812fd4ae00: abort rx timeout. Force session deactivation [ 166.064647][T12695] netlink: 'syz.6.3993': attribute type 2 has an invalid length. [ 166.073195][T12695] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3993'. [ 166.267624][T12710] dvmrp6: entered allmulticast mode [ 166.298016][T12712] rock: directory entry would overflow storage [ 166.304255][T12712] rock: sig=0x4543, size=28, remaining=18 [ 166.546436][T12724] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4006'. [ 166.557031][T12724] netlink: 'syz.6.4006': attribute type 18 has an invalid length. [ 166.566619][T12724] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4006'. [ 166.674360][T12728] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 166.699267][T12728] ext4 filesystem being mounted at /819/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 166.768773][ T3322] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 166.895108][T12748] netlink: 'syz.4.4018': attribute type 3 has an invalid length. [ 166.903140][T12748] netlink: 764 bytes leftover after parsing attributes in process `syz.4.4018'. [ 166.934560][T12752] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4019'. [ 167.340827][T12799] bond1: invalid ARP target 0.0.0.0 specified for addition [ 167.348175][T12799] bond1: option arp_ip_target: invalid value (0) [ 167.364538][T12799] bond1 (unregistering): Released all slaves [ 167.410402][T12807] set_capacity_and_notify: 3 callbacks suppressed [ 167.410423][T12807] loop2: detected capacity change from 0 to 512 [ 167.438860][T12807] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 167.455935][T12807] EXT4-fs (loop2): 1 truncate cleaned up [ 167.468440][T12807] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 167.503642][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.975911][ T37] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.021056][ T37] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.081066][ T37] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.132206][ T37] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.256078][ T37] bridge_slave_1: left allmulticast mode [ 168.262224][ T37] bridge_slave_1: left promiscuous mode [ 168.268499][ T37] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.279465][ T37] bridge_slave_0: left allmulticast mode [ 168.285545][ T37] bridge_slave_0: left promiscuous mode [ 168.292128][ T37] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.309285][ T37] tipc: Resetting bearer [ 168.465790][ T37] tipc: Disabling bearer [ 168.505427][T12895] loop4: detected capacity change from 0 to 512 [ 168.517078][T12895] EXT4-fs: Ignoring removed nobh option [ 168.533694][T12895] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 168.559137][T12895] EXT4-fs (loop4): 1 truncate cleaned up [ 168.571104][T12895] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.602726][ T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 168.620873][ T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 168.634969][ T37] bond0 (unregistering): Released all slaves [ 168.644138][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.655843][ T37] bond1 (unregistering): Released all slaves [ 168.687691][T12907] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4075'. [ 168.701780][T12849] chnl_net:caif_netlink_parms(): no params data found [ 168.741217][ T37] tipc: Disabling bearer [ 168.746629][ T37] tipc: Left network mode [ 168.780300][ T37] hsr_slave_0: left promiscuous mode [ 168.786625][ T37] hsr_slave_1: left promiscuous mode [ 168.793157][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 168.800780][ T37] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 168.814952][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 168.822763][ T37] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 168.831370][ T37] batman_adv: batadv0: Interface deactivated: ipvlan2 [ 168.838673][ T37] batman_adv: batadv0: Removing interface: ipvlan2 [ 168.867371][ T37] veth1_macvtap: left promiscuous mode [ 168.877609][ T37] veth0_macvtap: left promiscuous mode [ 168.893378][ T37] veth1_vlan: left promiscuous mode [ 169.003475][T12930] netlink: 'syz.6.4085': attribute type 2 has an invalid length. [ 169.012179][T12930] netlink: 132 bytes leftover after parsing attributes in process `syz.6.4085'. [ 169.030155][ T37] team0 (unregistering): Port device team_slave_1 removed [ 169.040992][ T37] team0 (unregistering): Port device C removed [ 169.088406][T12931] tap0: tun_chr_ioctl cmd 1074025676 [ 169.093892][T12931] tap0: owner set to 0 [ 169.107405][T12849] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.114818][T12849] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.122233][T12849] bridge_slave_0: entered allmulticast mode [ 169.129721][T12849] bridge_slave_0: entered promiscuous mode [ 169.137180][T12849] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.144610][T12849] bridge0: port 2(bridge_slave_1) entered disabled state [ 169.151926][T12849] bridge_slave_1: entered allmulticast mode [ 169.159607][T12849] bridge_slave_1: entered promiscuous mode [ 169.180858][T12849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 169.192359][T12849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 169.238942][T12849] team0: Port device team_slave_0 added [ 169.264939][T12849] team0: Port device team_slave_1 added [ 169.340191][T12849] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 169.347324][T12849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 169.374036][T12849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 169.401029][T12849] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 169.408169][T12849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 169.435230][T12849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 169.477806][T12962] tmpfs: Bad value for 'nr_inodes' [ 169.539758][T12849] hsr_slave_0: entered promiscuous mode [ 169.558038][T12849] hsr_slave_1: entered promiscuous mode [ 169.566613][T12849] debugfs: 'hsr0' already exists in 'hsr' [ 169.572452][T12849] Cannot create hsr debugfs directory [ 169.814031][ T29] kauditd_printk_skb: 31 callbacks suppressed [ 169.814047][ T29] audit: type=1326 audit(1770114690.514:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12996 comm="syz.6.4105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 169.899603][T13003] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 169.905454][T13003] pim6reg0: linktype set to 65534 [ 169.925595][ T29] audit: type=1326 audit(1770114690.514:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12996 comm="syz.6.4105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 169.951410][ T29] audit: type=1326 audit(1770114690.514:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12996 comm="syz.6.4105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 169.976789][ T29] audit: type=1326 audit(1770114690.514:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12996 comm="syz.6.4105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 170.002171][ T29] audit: type=1326 audit(1770114690.514:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12996 comm="syz.6.4105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 170.026635][ T29] audit: type=1326 audit(1770114690.514:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12996 comm="syz.6.4105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 170.052665][ T29] audit: type=1326 audit(1770114690.514:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12996 comm="syz.6.4105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 170.079070][ T29] audit: type=1326 audit(1770114690.514:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12996 comm="syz.6.4105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 170.105485][ T29] audit: type=1326 audit(1770114690.514:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12996 comm="syz.6.4105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 170.131048][ T29] audit: type=1326 audit(1770114690.514:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12996 comm="syz.6.4105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 170.292041][T13027] netlink: 'syz.0.4115': attribute type 2 has an invalid length. [ 170.299904][T13027] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4115'. [ 170.383792][T12849] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 170.400900][T12849] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 170.419907][T12849] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 170.434646][T12849] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 170.572657][T12849] 8021q: adding VLAN 0 to HW filter on device bond0 [ 170.628703][T12849] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.657355][ T3437] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.664831][ T3437] bridge0: port 1(bridge_slave_0) entered forwarding state [ 170.721330][ T3437] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.728984][ T3437] bridge0: port 2(bridge_slave_1) entered forwarding state [ 170.760946][T13079] loop6: detected capacity change from 0 to 1024 [ 170.772213][T13079] EXT4-fs: inline encryption not supported [ 170.778377][T13079] EXT4-fs: Ignoring removed i_version option [ 170.853772][T13079] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.909168][T13079] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 171.001652][ T9294] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.058724][T12849] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 171.071455][T13113] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4137'. [ 171.078215][T13110] pim6reg1: tun_chr_ioctl cmd 1074025677 [ 171.091075][T13110] pim6reg1: linktype set to 0 [ 171.099445][T13115] loop3: detected capacity change from 0 to 128 [ 171.114760][T13115] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 171.129817][T13115] ext4 filesystem being mounted at /822/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 171.248825][T12849] veth0_vlan: entered promiscuous mode [ 171.257432][T12849] veth1_vlan: entered promiscuous mode [ 171.262300][ T3319] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 171.283860][T12849] veth0_macvtap: entered promiscuous mode [ 171.292535][T12849] veth1_macvtap: entered promiscuous mode [ 171.305746][T12849] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 171.330122][T12849] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 171.351100][ T31] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.377725][ T31] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.428600][ T31] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.448242][ T31] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.738597][T13175] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4150'. [ 171.826318][T13188] loop3: detected capacity change from 0 to 512 [ 171.841769][T13186] tap0: tun_chr_ioctl cmd 1074025677 [ 171.855827][T13186] tap0: linktype set to 804 [ 171.862793][T13188] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 171.930863][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.977459][T13198] team0: Device gtp0 is of different type [ 172.001827][T13204] loop3: detected capacity change from 0 to 512 [ 172.012156][T13204] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 172.157456][T13212] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4167'. [ 172.370986][T13241] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4179'. [ 172.384991][T13241] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4179'. [ 172.459756][T13246] : renamed from vlan1 (while UP) [ 172.461899][T13247] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4181'. [ 172.552708][T13253] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4185'. [ 172.694335][T13265] program syz.6.4191 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 172.745416][T13271] loop4: detected capacity change from 0 to 512 [ 172.776892][T13273] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4195'. [ 172.797209][T13271] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.813997][T13271] ext4 filesystem being mounted at /852/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 172.858689][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.157918][T13305] dummy0: entered promiscuous mode [ 173.181368][T13305] dummy0: left promiscuous mode [ 173.308227][T13321] loop3: detected capacity change from 0 to 512 [ 173.340200][T13321] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 173.421575][T13321] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.4217: Unimplemented hash flags: 0x0001 [ 173.434494][T13321] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.4217: Corrupt directory, running e2fsck is recommended [ 173.449070][T13321] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.4217: path /835/file0: bad entry in directory: directory entry overrun - offset=0, inode=4294967295, rec_len=196612, size=1024 fake=0 [ 173.573455][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.598464][T13341] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4226'. [ 173.635391][T13345] program syz.3.4228 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 173.710436][T13352] loop6: detected capacity change from 0 to 512 [ 173.717187][T13353] program syz.3.4230 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 173.731726][T13352] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 173.756709][T13352] EXT4-fs (loop6): orphan cleanup on readonly fs [ 173.764128][T13352] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:517: comm syz.6.4231: Block bitmap for bg 0 marked uninitialized [ 173.779738][T13352] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 173.790936][T13352] EXT4-fs (loop6): 1 orphan inode deleted [ 173.798490][T13352] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 173.837278][T13352] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended [ 173.857732][T13352] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 173.907218][ T9294] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.402167][T13399] SELinux: security_context_str_to_sid (E) failed with errno=-22 [ 174.456736][T13403] loop4: detected capacity change from 0 to 512 [ 174.473875][T13403] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 174.500430][T13403] EXT4-fs (loop4): orphan cleanup on readonly fs [ 174.511075][T13403] EXT4-fs error (device loop4): __ext4_iget:5426: inode #11: block 8: comm syz.4.4252: invalid block [ 174.537917][T13403] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4252: couldn't read orphan inode 11 (err -117) [ 174.563004][T13403] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 174.627226][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.697137][T13413] vlan2: entered allmulticast mode [ 174.718821][T13415] program syz.0.4257 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 175.207433][T13457] option changes via remount are deprecated (pid=13456 comm=syz.2.4277) [ 175.217902][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 175.217963][ T29] audit: type=1400 audit(1770114695.904:1248): avc: denied { remount } for pid=13456 comm="syz.2.4277" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 175.297838][ T29] audit: type=1400 audit(1770114695.994:1249): avc: denied { unmount } for pid=12849 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 175.326167][T13465] loop6: detected capacity change from 0 to 512 [ 175.383158][T13465] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 175.418281][T13465] EXT4-fs (loop6): 1 truncate cleaned up [ 175.438260][T13465] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 175.512024][T13482] loop3: detected capacity change from 0 to 256 [ 175.538466][ T29] audit: type=1400 audit(1770114696.244:1250): avc: denied { lock } for pid=13463 comm="syz.6.4280" path="/316/file1/file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 175.589232][ T29] audit: type=1400 audit(1770114696.244:1251): avc: denied { link } for pid=13463 comm="syz.6.4280" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 175.646266][ T9294] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.659885][T13482] bio_check_eod: 103 callbacks suppressed [ 175.659911][T13482] syz.3.4288: attempt to access beyond end of device [ 175.659911][T13482] loop3: rw=2049, sector=256, nr_sectors = 4 limit=256 [ 175.858621][T13507] netlink: 'syz.2.4298': attribute type 12 has an invalid length. [ 175.866777][T13507] __nla_validate_parse: 3 callbacks suppressed [ 175.866862][T13507] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4298'. [ 175.888124][T13507] bond0: option primary_reselect: invalid value (8) [ 175.902684][T13510] af_packet: tpacket_rcv: packet too big, clamped from 112 to 4294967272. macoff=96 [ 176.015303][T13519] 9p: Could not find request transport: 0x0000000000000004 [ 176.036990][T13520] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4305'. [ 176.167033][T13538] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 176.174755][T13538] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 176.199232][T13537] netlink: 'syz.0.4314': attribute type 1 has an invalid length. [ 176.462129][ T29] audit: type=1400 audit(1770114697.164:1252): avc: denied { connect } for pid=13566 comm="syz.2.4328" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 176.630936][T13579] loop2: detected capacity change from 0 to 128 [ 176.650850][T13579] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 176.745032][ T29] audit: type=1400 audit(1770114697.444:1253): avc: denied { nlmsg_read } for pid=13590 comm="syz.0.4339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 176.779681][T13593] loop6: detected capacity change from 0 to 164 [ 176.964380][ T29] audit: type=1400 audit(1770114697.664:1254): avc: denied { mount } for pid=13610 comm="syz.6.4347" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 177.087213][T13628] loop2: detected capacity change from 0 to 512 [ 177.118690][T13628] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 177.131950][ T29] audit: type=1326 audit(1770114697.834:1255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13547 comm="syz.4.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7fc00000 [ 177.158666][T13628] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 177.261129][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.350161][T13648] loop4: detected capacity change from 0 to 1024 [ 177.360703][ T29] audit: type=1326 audit(1770114698.064:1256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.6.4366" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f087c2faeb9 code=0x0 [ 177.476333][T13658] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 177.545120][T13670] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4374'. [ 177.616842][T13676] program syz.2.4377 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 177.687753][T13682] EXT4-fs: inline encryption not supported [ 177.695576][T13680] netlink: 'syz.4.4379': attribute type 5 has an invalid length. [ 177.706440][ T31] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 177.721087][T13680] ip6erspan0: entered promiscuous mode [ 177.740280][T13682] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 177.772367][ T29] audit: type=1400 audit(1770114698.474:1257): avc: denied { mount } for pid=13687 comm="syz.3.4382" name="/" dev="configfs" ino=1381 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 177.831728][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.231542][T13734] netlink: 277 bytes leftover after parsing attributes in process `syz.2.4403'. [ 178.260615][T13730] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 178.298190][T13733] set_capacity_and_notify: 3 callbacks suppressed [ 178.298211][T13733] loop6: detected capacity change from 0 to 8192 [ 178.600342][T13763] loop3: detected capacity change from 0 to 256 [ 178.715924][T13773] netlink: 'syz.6.4422': attribute type 10 has an invalid length. [ 178.724197][T13773] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4422'. [ 178.735864][T13756] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 178.774214][T13756] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 178.783971][T13773] team0: Port device geneve1 added [ 179.126419][T13796] loop6: detected capacity change from 0 to 1024 [ 179.154170][T13796] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.191877][T13796] EXT4-fs: Ignoring sb option on remount [ 179.200826][T13796] EXT4-fs (loop6): stripe (249) is not aligned with cluster size (16), stripe is disabled [ 179.206952][T13806] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 179.229820][T13796] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000. [ 179.290995][ T9294] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.479848][T13824] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 179.741740][T13841] SELinux: failed to load policy [ 179.883448][T13847] pimreg: tun_chr_ioctl cmd 1074812118 [ 179.979520][T13851] SELinux: security_context_str_to_sid (E) failed with errno=-22 [ 179.997242][T13853] loop2: detected capacity change from 0 to 1024 [ 180.041120][T13853] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 180.060060][T13853] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 180.087205][T13853] EXT4-fs error (device loop2): ext4_map_blocks:825: inode #15: block 3: comm syz.2.4455: lblock 3 mapped to illegal pblock 3 (length 3) [ 180.104042][T13861] ALSA: seq fatal error: cannot create timer (-19) [ 180.111770][T13853] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 180.124982][T13853] EXT4-fs (loop2): This should not happen!! Data will be lost [ 180.124982][T13853] [ 180.135772][T13864] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4459'. [ 180.135865][T13864] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4459'. [ 180.149737][T13865] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4455: bg 0: block 112: padding at end of block bitmap is not set [ 180.194592][ T37] EXT4-fs error (device loop2): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:2: lblock 8 mapped to illegal pblock 8 (length 5) [ 180.212504][ T37] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 5 with error 117 [ 180.226068][ T37] EXT4-fs (loop2): This should not happen!! Data will be lost [ 180.226068][ T37] [ 180.259097][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 180.355415][T13882] loop2: detected capacity change from 0 to 256 [ 180.374720][T13882] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 180.398604][T13882] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 180.424752][T13881] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 180.435938][T13882] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 180.497199][T13881] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 180.513139][T13882] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 180.538465][T13881] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 180.550471][T13896] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 180.566471][T13896] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 180.580094][T13882] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 180.762418][T13910] loop6: detected capacity change from 0 to 128 [ 180.799519][T13910] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 180.847077][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 180.847096][ T29] audit: type=1400 audit(1770114701.544:1273): avc: denied { watch } for pid=13909 comm="syz.6.4482" path="/359/file0/file0" dev="loop6" ino=129 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1 [ 181.025292][T13927] loop6: detected capacity change from 0 to 512 [ 181.074719][T13927] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.101359][T13927] ext4 filesystem being mounted at /361/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.250591][ T9294] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.362832][T13941] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 181.371032][T13941] pim6reg0: linktype set to 769 [ 181.391394][T13942] loop3: detected capacity change from 0 to 512 [ 181.449587][T13942] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.4493: error while reading EA inode 32 err=-116 [ 181.491764][T13942] EXT4-fs (loop3): Remounting filesystem read-only [ 181.509965][T13942] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -30) [ 181.520554][T13942] EXT4-fs (loop3): 1 orphan inode deleted [ 181.526705][T13942] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 181.574839][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.607973][ T29] audit: type=1400 audit(1770114702.304:1274): avc: denied { lock } for pid=13951 comm="syz.2.4499" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=38793 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 181.672089][T13957] loop3: detected capacity change from 0 to 128 [ 181.706628][T13957] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 181.749718][T13957] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 181.808038][T13957] ext2 filesystem being mounted at /891/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.853119][ T29] audit: type=1400 audit(1770114702.554:1275): avc: denied { append } for pid=13956 comm="syz.3.4497" path="/891/file0/pids.current" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 181.878819][ T29] audit: type=1400 audit(1770114702.554:1276): avc: denied { map } for pid=13956 comm="syz.3.4497" path="/891/file0/pids.current" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 181.957061][ T3319] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 182.058991][T13982] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4510'. [ 182.068328][T13982] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4510'. [ 182.424034][ T29] audit: type=1400 audit(1770114703.124:1277): avc: denied { write } for pid=14012 comm="syz.4.4524" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1 [ 182.533828][T14024] netlink: 180 bytes leftover after parsing attributes in process `syz.3.4528'. [ 182.732777][T14042] loop6: detected capacity change from 0 to 2048 [ 182.768987][T14042] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842e01c, mo2=0082] [ 182.777406][T14042] System zones: 0-7 [ 182.782424][T14042] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 182.813430][ T9294] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.872284][T14050] netlink: 'syz.6.4539': attribute type 2 has an invalid length. [ 182.906492][ T29] audit: type=1400 audit(1770114703.604:1278): avc: denied { shutdown } for pid=14051 comm="syz.6.4540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 182.985160][T14058] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4542'. [ 183.110612][ T29] audit: type=1400 audit(1770114703.814:1279): avc: denied { map } for pid=14072 comm="syz.4.4550" path="socket:[40005]" dev="sockfs" ino=40005 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 183.134093][ T29] audit: type=1400 audit(1770114703.814:1280): avc: denied { read accept } for pid=14072 comm="syz.4.4550" path="socket:[40005]" dev="sockfs" ino=40005 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 183.185636][T14081] netlink: 774 bytes leftover after parsing attributes in process `syz.4.4554'. [ 183.333149][T14101] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4563'. [ 183.477895][ T29] audit: type=1400 audit(1770114704.174:1281): avc: denied { accept } for pid=14118 comm="syz.4.4572" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1 [ 183.581361][T14133] loop3: detected capacity change from 0 to 1764 [ 183.639857][T14140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4582'. [ 183.678785][T14145] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4585'. [ 183.704582][T14149] loop6: detected capacity change from 0 to 512 [ 183.718177][T14150] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4586'. [ 183.738994][T14150] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4586'. [ 183.748930][T14149] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 183.791607][T14157] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=24 sclass=netlink_audit_socket pid=14157 comm=syz.4.4590 [ 183.978268][ T29] audit: type=1326 audit(1770114704.614:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14166 comm="syz.3.4595" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1e3dcfaeb9 code=0x0 [ 184.212768][T14189] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 184.220103][T14189] IPv6: NLM_F_CREATE should be set when creating new route [ 184.768881][T14229] tap0: tun_chr_ioctl cmd 2147767517 [ 185.956468][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 185.956486][ T29] audit: type=1400 audit(1770114706.654:1304): avc: denied { name_bind } for pid=14308 comm="syz.3.4660" src=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 186.209047][T14332] xt_hashlimit: size too large, truncated to 1048576 [ 186.320996][T14343] xt_hashlimit: size too large, truncated to 1048576 [ 186.484954][T14358] dvmrp1: tun_chr_ioctl cmd 1074025677 [ 186.491747][T14358] dvmrp1: linktype set to 825 [ 186.669580][T14383] batadv_slave_0: entered promiscuous mode [ 186.683366][T14382] batadv_slave_0: left promiscuous mode [ 186.698659][T14386] vhci_hcd vhci_hcd.4: invalid port number 255 [ 186.704926][T14386] vhci_hcd vhci_hcd.4: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 186.801544][T14398] netem: change failed [ 186.849315][T14402] loop6: detected capacity change from 0 to 512 [ 186.898710][T14402] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 186.937807][T14402] ext4 filesystem being mounted at /404/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 186.965874][T14415] program syz.2.4709 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 186.994981][T14402] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #2: block 18: comm syz.6.4702: lblock 23 mapped to illegal pblock 18 (length 1) [ 187.028358][T14402] EXT4-fs (loop6): Remounting filesystem read-only [ 187.077781][ T9294] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.109023][ T29] audit: type=1326 audit(1770114707.804:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 187.134516][ T29] audit: type=1326 audit(1770114707.804:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 187.158541][ T29] audit: type=1326 audit(1770114707.804:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 187.184793][ T29] audit: type=1326 audit(1770114707.804:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 187.210767][ T29] audit: type=1326 audit(1770114707.814:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 187.234660][ T29] audit: type=1326 audit(1770114707.814:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 187.258637][ T29] audit: type=1326 audit(1770114707.814:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 187.284004][ T29] audit: type=1326 audit(1770114707.814:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 187.309166][ T29] audit: type=1326 audit(1770114707.814:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 187.383208][T14433] loop4: detected capacity change from 0 to 1024 [ 187.401790][T14433] EXT4-fs: Ignoring removed oldalloc option [ 187.408476][T14433] EXT4-fs: Ignoring removed bh option [ 187.442812][T14433] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.488827][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.597016][T14458] __nla_validate_parse: 5 callbacks suppressed [ 187.597034][T14458] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4727'. [ 187.645745][T14462] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 187.653156][T14462] IPv6: NLM_F_CREATE should be set when creating new route [ 187.660428][T14462] IPv6: NLM_F_CREATE should be set when creating new route [ 187.667731][T14462] IPv6: NLM_F_CREATE should be set when creating new route [ 187.747339][T14477] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4736'. [ 187.836964][T14484] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4740'. [ 187.955646][T14496] loop6: detected capacity change from 0 to 512 [ 187.995829][T14496] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 188.061992][T14507] Process accounting resumed [ 188.148050][T14518] loop4: detected capacity change from 0 to 128 [ 188.158806][T14518] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 188.190205][T14518] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 188.259312][ T37] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 188.370486][T14543] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4769'. [ 188.379634][T14543] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4769'. [ 188.388619][T14543] netlink: 'syz.6.4769': attribute type 19 has an invalid length. [ 188.396523][T14543] netlink: 'syz.6.4769': attribute type 20 has an invalid length. [ 188.609652][T14554] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4775'. [ 188.640266][T14557] netlink: 176 bytes leftover after parsing attributes in process `syz.6.4774'. [ 188.819848][T14573] xt_hashlimit: size too large, truncated to 1048576 [ 188.852996][T14581] loop3: detected capacity change from 0 to 1024 [ 188.957802][T14581] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 188.968355][T14581] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 189.000433][T14581] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 189.070836][T14581] EXT4-fs error (device loop3): ext4_get_journal_inode:5849: inode #5: comm syz.3.4787: unexpected bad inode w/o EXT4_IGET_BAD [ 189.093729][T14581] EXT4-fs (loop3): no journal found [ 189.099242][T14581] EXT4-fs (loop3): can't get journal size [ 189.148469][T14597] loop4: detected capacity change from 0 to 1024 [ 189.155761][T14581] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 189.196058][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.205840][T14597] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 189.231091][T14597] ext4 filesystem being mounted at /975/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 189.263083][T14597] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4793: bg 0: block 112: padding at end of block bitmap is not set [ 189.279460][T14597] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 44 with error 117 [ 189.292104][T14597] EXT4-fs (loop4): This should not happen!! Data will be lost [ 189.292104][T14597] [ 189.312181][T14607] loop6: detected capacity change from 0 to 128 [ 189.370812][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 189.779537][T14633] loop6: detected capacity change from 0 to 128 [ 189.933031][T14643] loop4: detected capacity change from 0 to 512 [ 189.943190][T14644] loop6: detected capacity change from 0 to 1024 [ 189.960226][T14643] EXT4-fs error (device loop4): ext4_iget_extra_inode:5073: inode #15: comm syz.4.4814: corrupted in-inode xattr: invalid ea_ino [ 189.965861][T14644] EXT4-fs: Ignoring removed bh option [ 189.993476][T14643] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4814: couldn't read orphan inode 15 (err -117) [ 190.026500][T14643] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.063139][T14644] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.117124][T14644] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.4812: Allocating blocks 497-513 which overlap fs metadata [ 190.141315][T14644] EXT4-fs (loop6): Remounting filesystem read-only [ 190.148746][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.162059][T14662] loop3: detected capacity change from 0 to 1024 [ 190.196048][T14664] netlink: 'syz.4.4821': attribute type 3 has an invalid length. [ 190.228092][ T9294] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.238678][T14662] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 190.261175][T14662] ext4 filesystem being mounted at /948/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 190.363071][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 190.461022][T14679] loop4: detected capacity change from 0 to 4096 [ 190.490930][T14679] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.520806][T14689] netlink: 'syz.3.4830': attribute type 2 has an invalid length. [ 190.570635][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.626016][T14696] netlink: 'syz.0.4833': attribute type 14 has an invalid length. [ 190.696328][T14701] loop3: detected capacity change from 0 to 512 [ 190.729034][T14701] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 190.780195][T14701] EXT4-fs (loop3): 1 truncate cleaned up [ 190.789268][T14701] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.840645][T14718] loop4: detected capacity change from 0 to 1024 [ 190.870902][T14718] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.886093][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.902884][T14718] EXT4-fs warning (device loop4): ext4_rmdir:3185: inode #11: comm syz.4.4844: empty directory 'file1' has too many links (111) [ 190.939951][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.972763][T14730] vcan0: tx drop: invalid da for name 0x00000000000000c7 [ 191.267469][T14759] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 191.288625][T14759] EXT4-fs (loop2): orphan cleanup on readonly fs [ 191.316042][T14759] EXT4-fs warning (device loop2): ext4_enable_quotas:7221: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 191.339479][T14759] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 191.348966][T14759] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #13: comm syz.2.4863: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 191.368579][T14759] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.4863: couldn't read orphan inode 13 (err -117) [ 191.383908][T14759] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 191.394516][T14759] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 191.410430][ T29] kauditd_printk_skb: 45 callbacks suppressed [ 191.410450][ T29] audit: type=1400 audit(1770114712.114:1359): avc: denied { read } for pid=14764 comm="syz.6.4865" name="file0" dev="loop6" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 191.447951][T14759] EXT4-fs warning (device loop2): ext4_enable_quotas:7221: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 191.538581][ T29] audit: type=1400 audit(1770114712.234:1360): avc: denied { create } for pid=14774 comm="syz.6.4868" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 191.558642][ T29] audit: type=1400 audit(1770114712.234:1361): avc: denied { listen } for pid=14774 comm="syz.6.4868" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 191.578526][ T29] audit: type=1400 audit(1770114712.234:1362): avc: denied { ioctl } for pid=14774 comm="syz.6.4868" path="socket:[41477]" dev="sockfs" ino=41477 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 191.585266][T14781] program syz.0.4871 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 191.674432][T14783] sctp: [Deprecated]: syz.6.4872 (pid 14783) Use of int in maxseg socket option. [ 191.674432][T14783] Use struct sctp_assoc_value instead [ 191.703913][T14790] ieee802154 phy0 wpan0: encryption failed: -22 [ 192.540917][T14816] bond0: option all_slaves_active: invalid value (129) [ 192.556057][T14818] netlink: 104 bytes leftover after parsing attributes in process `syz.6.4887'. [ 192.621447][T14823] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 192.691222][T14823] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 193.048199][T14860] ext4 filesystem being mounted at /962/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 193.127581][ T29] audit: type=1400 audit(1770114713.824:1363): avc: denied { unmount } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 193.392085][T14887] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 193.449154][T14891] netlink: 'syz.2.4921': attribute type 1 has an invalid length. [ 193.457029][T14891] netlink: 128 bytes leftover after parsing attributes in process `syz.2.4921'. [ 193.529848][T14895] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4923'. [ 193.594958][ T29] audit: type=1326 audit(1770114714.294:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14902 comm="syz.4.4927" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x0 [ 193.638624][ T29] audit: type=1400 audit(1770114714.344:1365): avc: denied { getopt } for pid=14913 comm="syz.2.4931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 193.684145][T14912] sctp: [Deprecated]: syz.3.4932 (pid 14912) Use of struct sctp_assoc_value in delayed_ack socket option. [ 193.684145][T14912] Use struct sctp_sack_info instead [ 193.759171][T14921] sctp: [Deprecated]: syz.2.4934 (pid 14921) Use of int in maxseg socket option. [ 193.759171][T14921] Use struct sctp_assoc_value instead [ 193.884480][T14939] set_capacity_and_notify: 4 callbacks suppressed [ 193.884541][T14939] loop2: detected capacity change from 0 to 1024 [ 193.911031][T14941] netlink: 92 bytes leftover after parsing attributes in process `syz.6.4944'. [ 193.933204][T14939] EXT4-fs mount: 6 callbacks suppressed [ 193.933222][T14939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 193.988857][T14939] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.4945: Allocating blocks 497-513 which overlap fs metadata [ 194.009530][T14939] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.4945: Allocating blocks 497-513 which overlap fs metadata [ 194.073045][T14938] EXT4-fs (loop2): pa ffff888107a9e540: logic 48, phys. 177, len 21 [ 194.081460][T14938] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1 [ 194.163518][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.240071][T14976] program syz.0.4960 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 194.274302][T14980] blkio.reset_stats is deprecated [ 194.553281][ T29] audit: type=1400 audit(1770114715.254:1366): avc: denied { mount } for pid=15009 comm="syz.2.4975" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 194.593913][T15012] netlink: 27 bytes leftover after parsing attributes in process `syz.4.4976'. [ 194.631638][T15016] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4978'. [ 194.646175][ T29] audit: type=1400 audit(1770114715.354:1367): avc: denied { read } for pid=15013 comm="syz.2.4977" name="file0" dev="tmpfs" ino=871 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 194.721243][T15020] loop4: detected capacity change from 0 to 1024 [ 194.728573][T15020] EXT4-fs: inline encryption not supported [ 194.734759][T15020] EXT4-fs: Ignoring removed i_version option [ 194.787372][T15020] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 194.842389][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.882801][T15038] Falling back ldisc for ptm0. [ 194.954559][ T29] audit: type=1326 audit(1770114715.654:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15044 comm="syz.4.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 195.031116][T15051] netem: change failed [ 195.238142][T15064] program syz.6.4998 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 195.329252][T15075] loop5: detected capacity change from 0 to 7 [ 195.406837][T15082] loop4: detected capacity change from 0 to 1024 [ 195.439133][T15082] EXT4-fs: Ignoring removed bh option [ 195.512811][T15082] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 195.560651][ C0] invalid error, dev loop5, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 195.570859][ C0] buffer_io_error: 6315 callbacks suppressed [ 195.570893][ C0] Buffer I/O error on dev loop5, logical block 0, lost async page write [ 195.615391][T15082] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 195.687179][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.729592][T15115] Falling back ldisc for ttyS3. [ 195.734664][T15116] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.5025'. [ 196.103128][T15154] program syz.2.5043 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 196.141322][T15158] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5037'. [ 196.745798][T15167] loop4: detected capacity change from 0 to 512 [ 196.770528][T15167] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 196.826919][T15167] EXT4-fs (loop4): 1 truncate cleaned up [ 196.842136][T15167] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 196.885645][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.936068][T15183] veth1_to_bond: entered allmulticast mode [ 196.953176][T15182] veth1_to_bond: left allmulticast mode [ 197.025872][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 197.025891][ T29] audit: type=1400 audit(1770114717.724:1378): avc: denied { bind } for pid=15188 comm="syz.4.5059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 197.058017][ T29] audit: type=1400 audit(1770114717.764:1379): avc: denied { listen } for pid=15188 comm="syz.4.5059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 197.097198][T15192] netlink: 'syz.3.5058': attribute type 10 has an invalid length. [ 197.105244][T15192] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5058'. [ 197.136488][T15198] loop4: detected capacity change from 0 to 1024 [ 197.149616][T15198] EXT4-fs: Ignoring removed orlov option [ 197.155410][T15198] EXT4-fs: inline encryption not supported [ 197.170420][T15192] team0: Port device geneve1 added [ 197.204660][T15198] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869) [ 197.215650][T15198] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 197.228965][T15198] EXT4-fs (loop4): invalid journal inode [ 197.234913][T15198] EXT4-fs (loop4): can't get journal size [ 197.241691][T15198] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 197.271722][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.359956][T15214] loop3: detected capacity change from 0 to 512 [ 197.381186][T15214] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 197.405583][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.071564][T15269] netlink: 52 bytes leftover after parsing attributes in process `syz.3.5093'. [ 198.143976][ T29] audit: type=1326 audit(1770114718.844:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15280 comm="syz.2.5098" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd2a474aeb9 code=0x0 [ 198.673806][ T29] audit: type=1400 audit(1770114719.374:1381): avc: denied { write } for pid=15308 comm="syz.0.5109" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 198.766624][T15317] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5113'. [ 198.775867][T15317] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5113'. [ 198.897451][ T29] audit: type=1400 audit(1770114719.594:1382): avc: denied { ioctl } for pid=15329 comm="syz.0.5119" path="socket:[42855]" dev="sockfs" ino=42855 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 199.063628][T15347] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5128'. [ 199.076654][T15347] macvlan2: entered allmulticast mode [ 199.082149][T15347] veth1_vlan: entered allmulticast mode [ 199.285483][T15362] loop4: detected capacity change from 0 to 2048 [ 199.294150][T15362] EXT4-fs: Invalid want_extra_isize 9 [ 199.898886][T15388] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5144'. [ 200.245972][T15428] netlink: 'syz.6.5163': attribute type 39 has an invalid length. [ 200.394784][T15444] netlink: 15 bytes leftover after parsing attributes in process `syz.6.5170'. [ 200.651066][T15466] program syz.0.5180 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 200.895952][T15499] netlink: 88 bytes leftover after parsing attributes in process `syz.2.5196'. [ 200.989338][T15509] loop2: detected capacity change from 0 to 1024 [ 201.021252][T15509] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 201.046263][T15509] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 201.075975][T15509] EXT4-fs error (device loop2): ext4_map_blocks:825: inode #15: comm syz.2.5201: lblock 0 mapped to illegal pblock 0 (length 1) [ 201.093762][T15509] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 201.106864][T15524] delete_channel: no stack [ 201.107867][ T29] audit: type=1400 audit(1770114721.814:1383): avc: denied { write } for pid=15523 comm="syz.6.5207" path="socket:[43835]" dev="sockfs" ino=43835 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 201.111601][T15509] EXT4-fs (loop2): This should not happen!! Data will be lost [ 201.111601][T15509] [ 201.149787][T15526] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #15: comm syz.2.5201: lblock 0 mapped to illegal pblock 0 (length 1) [ 201.216873][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 201.622912][T15559] smc: net device hsr0 applied user defined pnetid SYZ2 [ 201.630578][T15559] smc: net device hsr0 erased user defined pnetid SYZ2 [ 201.954416][ T29] audit: type=1400 audit(1770114722.654:1384): avc: denied { write } for pid=15571 comm="syz.3.5228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 202.291388][T15582] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5234'. [ 202.291413][T15582] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5234'. [ 202.292171][T15582] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5234'. [ 202.321147][T15582] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5234'. [ 202.575455][T15601] pim6reg9: entered allmulticast mode [ 202.677016][T15611] loop3: detected capacity change from 0 to 256 [ 202.884359][T15635] loop3: detected capacity change from 0 to 512 [ 202.904085][T15635] EXT4-fs: Ignoring removed bh option [ 202.932710][T15635] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 202.970342][T15635] EXT4-fs (loop3): 1 truncate cleaned up [ 202.978396][T15635] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 203.088084][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.174903][T15673] loop4: detected capacity change from 0 to 128 [ 203.209105][T15673] EXT4-fs: Ignoring removed nobh option [ 203.219453][T15673] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 203.245223][T15673] ext4 filesystem being mounted at /1049/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 203.281779][ T3322] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 203.406159][ T29] audit: type=1400 audit(1770114724.104:1385): avc: denied { nlmsg_write } for pid=15697 comm="syz.4.5287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 203.427545][ T29] audit: type=1400 audit(1770114724.104:1386): avc: denied { nlmsg_read } for pid=15697 comm="syz.4.5287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 203.500425][T15704] 9p: Bad value for 'rfdno' [ 203.533422][ T29] audit: type=1326 audit(1770114724.234:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15711 comm="syz.3.5292" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1e3dcfaeb9 code=0x0 [ 203.916804][T15749] loop2: detected capacity change from 0 to 2048 [ 203.958170][T15749] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 203.999137][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.065900][ T31] tipc: Subscription rejected, illegal request [ 204.147115][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x7 [ 204.154917][ T1039] hid-generic 0000:0000:0000.0005: ignoring exceeding usage max [ 204.167265][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 204.195923][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 204.203526][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 204.211230][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 204.219262][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 204.227238][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 204.234807][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 204.242276][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 204.249943][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 204.273870][ T1039] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz0] on syz0 [ 204.319786][T15774] fido_id[15774]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 204.510328][T15795] bond3: option resend_igmp: invalid value (18345) [ 204.517165][T15795] bond3: option resend_igmp: allowed values 0 - 255 [ 204.525198][T15795] bond3 (unregistering): Released all slaves [ 204.627231][T15808] __nla_validate_parse: 5 callbacks suppressed [ 204.627309][T15808] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5334'. [ 204.656170][T15810] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5335'. [ 204.670282][ T29] audit: type=1326 audit(1770114725.374:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15768 comm="syz.2.5318" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd2a474aeb9 code=0x0 [ 204.761290][T15818] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5340'. [ 205.108221][T15854] loop3: detected capacity change from 0 to 512 [ 205.129728][T15854] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.5356: invalid indirect mapped block 256 (level 2) [ 205.143773][T15862] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5357'. [ 205.160240][T15854] EXT4-fs (loop3): 2 truncates cleaned up [ 205.166612][T15854] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.183905][T15854] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5356'. [ 205.290394][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.342197][T15878] loop3: detected capacity change from 0 to 512 [ 205.367607][ T29] audit: type=1400 audit(1770114726.064:1389): avc: denied { audit_read } for pid=15876 comm="syz.6.5366" capability=37 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 205.379716][T15881] serio: Serial port ttyS3 [ 205.396305][T15878] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002] [ 205.431387][T15878] System zones: 1-12 [ 205.437999][T15878] EXT4-fs error (device loop3): ext4_iget_extra_inode:5073: inode #15: comm syz.3.5364: corrupted in-inode xattr: e_value size too large [ 205.454589][T15878] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5364: couldn't read orphan inode 15 (err -117) [ 205.468556][T15878] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 205.499928][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.878049][T15942] netlink: 'syz.6.5394': attribute type 62 has an invalid length. [ 206.105758][T15961] loop2: detected capacity change from 0 to 1024 [ 206.120452][T15961] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 206.150367][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.210056][T15965] loop2: detected capacity change from 0 to 8192 [ 206.226243][T15967] loop4: detected capacity change from 0 to 512 [ 206.245543][T15967] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 206.266708][T15967] EXT4-fs (loop4): 1 truncate cleaned up [ 206.273309][T15967] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 206.394771][T15975] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5407'. [ 206.409980][T15975] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5407'. [ 206.439733][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.542568][T15994] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5416'. [ 206.760503][T16014] vxcan0: tx address claim with dest, not broadcast [ 206.785897][T16016] loop4: detected capacity change from 0 to 512 [ 206.792989][T16016] EXT4-fs: Ignoring removed nobh option [ 206.799312][T16016] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 206.811304][T16016] EXT4-fs (loop4): 1 truncate cleaned up [ 206.817890][T16016] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 206.853919][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.926123][T16028] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5429'. [ 206.969524][T16034] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5433'. [ 207.185003][T16054] IPVS: stopping master sync thread 16055 ... [ 207.191544][T16055] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 33554436, id = 0 [ 207.254488][ T29] audit: type=1400 audit(1770114727.954:1390): avc: denied { bind } for pid=16058 comm="syz.4.5444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 207.320636][ T29] audit: type=1400 audit(1770114727.954:1391): avc: denied { connect } for pid=16058 comm="syz.4.5444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 207.351403][T16066] program syz.3.5447 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 207.423218][T16074] loop4: detected capacity change from 0 to 1024 [ 207.432826][T16074] EXT4-fs: Ignoring removed oldalloc option [ 207.468586][T16074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.493476][T16074] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 207.500572][T16078] netlink: 'syz.2.5452': attribute type 62 has an invalid length. [ 207.549594][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.586158][T16084] block device autoloading is deprecated and will be removed. [ 207.600716][T16087] loop2: detected capacity change from 0 to 512 [ 207.631229][T16087] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 207.699520][T16087] EXT4-fs (loop2): 1 truncate cleaned up [ 207.727397][T16087] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.776047][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.779290][ T2965] Process accounting resumed [ 207.846644][T16111] loop0: detected capacity change from 0 to 1024 [ 207.918140][T16111] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.975502][T16111] EXT4-fs (loop0): shut down requested (1) [ 207.999645][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 208.010302][T16127] SELinux: Context system_u:object_r:initrc_exec_t:s0 is not valid (left unmapped). [ 208.027683][ T29] audit: type=1400 audit(1770114728.734:1392): avc: denied { relabelto } for pid=16126 comm="syz.4.5473" name="cgroup.subtree_control" dev="cgroup2" ino=272 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:initrc_exec_t:s0" [ 208.057841][ T29] audit: type=1400 audit(1770114728.734:1393): avc: denied { associate } for pid=16126 comm="syz.4.5473" name="cgroup.subtree_control" dev="cgroup2" ino=272 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:initrc_exec_t:s0" [ 208.199290][T16148] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16148 comm=syz.2.5485 [ 208.337060][T16164] loop4: detected capacity change from 0 to 128 [ 208.375305][T16164] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 208.397794][T16164] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 208.541220][T16184] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 208.559465][T16184] ext4 filesystem being mounted at /1096/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 208.623152][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 208.697061][ T29] audit: type=1400 audit(1770114729.394:1394): avc: denied { ioctl } for pid=16199 comm="syz.0.5508" path="" dev="cgroup2" ino=174 ioctlcmd=0xf503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 208.862045][ T29] audit: type=1400 audit(1770114729.554:1395): avc: denied { bind } for pid=16217 comm="syz.6.5516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 209.045938][T16230] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 209.136571][T16245] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 209.171828][T16245] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1838 with error 28 [ 209.186995][T16245] EXT4-fs (loop4): This should not happen!! Data will be lost [ 209.186995][T16245] [ 209.196948][T16245] EXT4-fs (loop4): Total free blocks count 0 [ 209.203011][T16245] EXT4-fs (loop4): Free/Dirty block details [ 209.209036][T16245] EXT4-fs (loop4): free_blocks=2415919104 [ 209.214848][T16245] EXT4-fs (loop4): dirty_blocks=1856 [ 209.220224][T16245] EXT4-fs (loop4): Block reservation details [ 209.226242][T16245] EXT4-fs (loop4): i_reserved_data_blocks=116 [ 209.402464][ T29] audit: type=1326 audit(1770114730.094:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16256 comm="syz.2.5534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a474aeb9 code=0x7ffc0000 [ 209.426556][ T29] audit: type=1326 audit(1770114730.094:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16256 comm="syz.2.5534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a474aeb9 code=0x7ffc0000 [ 209.451771][ T29] audit: type=1326 audit(1770114730.094:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16256 comm="syz.2.5534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7fd2a474aeb9 code=0x7ffc0000 [ 209.476808][ T29] audit: type=1326 audit(1770114730.094:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16256 comm="syz.2.5534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a474aeb9 code=0x7ffc0000 [ 209.500987][ T29] audit: type=1326 audit(1770114730.094:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16256 comm="syz.2.5534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7fd2a474aeb9 code=0x7ffc0000 [ 209.524785][ T29] audit: type=1326 audit(1770114730.094:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16256 comm="syz.2.5534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a474aeb9 code=0x7ffc0000 [ 209.548332][ T29] audit: type=1326 audit(1770114730.094:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16256 comm="syz.2.5534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a474aeb9 code=0x7ffc0000 [ 209.699193][T16279] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5545'. [ 209.748053][ T37] Bluetooth: hci0: Frame reassembly failed (-84) [ 209.755257][T16281] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5544'. [ 209.792142][T16290] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5549'. [ 209.905233][T16298] program syz.3.5553 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 209.921062][ T12] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 16 with error 28 [ 209.934842][T16296] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5552'. [ 210.199869][ T29] audit: type=1326 audit(1770114730.904:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16331 comm="syz.4.5570" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f30a45aaeb9 code=0x0 [ 210.792870][T16376] set_capacity_and_notify: 4 callbacks suppressed [ 210.792905][T16376] loop2: detected capacity change from 0 to 1024 [ 210.810832][T16376] EXT4-fs: inline encryption not supported [ 210.817058][T16376] EXT4-fs: Ignoring removed i_version option [ 210.833479][T16376] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 210.863552][T16376] EXT4-fs error (device loop2): mb_free_blocks:2037: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 210.899830][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.037989][T16386] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 211.037989][T16386] The task syz.6.5594 (16386) triggered the difference, watch for misbehavior. [ 211.153413][T16396] loop3: detected capacity change from 0 to 128 [ 211.154235][T16394] loop2: detected capacity change from 0 to 2048 [ 211.180889][T16394] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.237252][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.247384][T16402] loop4: detected capacity change from 0 to 512 [ 211.256686][T16402] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 211.310965][T16404] loop2: detected capacity change from 0 to 256 [ 211.347562][T16404] FAT-fs (loop2): Directory bread(block 64) failed [ 211.358561][T16404] FAT-fs (loop2): Directory bread(block 65) failed [ 211.366694][T16404] FAT-fs (loop2): Directory bread(block 66) failed [ 211.375877][T16404] FAT-fs (loop2): Directory bread(block 67) failed [ 211.390355][T16404] FAT-fs (loop2): Directory bread(block 68) failed [ 211.400550][T16404] FAT-fs (loop2): Directory bread(block 69) failed [ 211.408643][T16404] FAT-fs (loop2): Directory bread(block 70) failed [ 211.416078][T16404] FAT-fs (loop2): Directory bread(block 71) failed [ 211.423213][T16404] FAT-fs (loop2): Directory bread(block 72) failed [ 211.431004][T16404] FAT-fs (loop2): Directory bread(block 73) failed [ 211.581508][T16422] pim6reg: entered allmulticast mode [ 211.589101][T16422] pim6reg: left allmulticast mode [ 211.684914][T16430] loop4: detected capacity change from 0 to 512 [ 211.694833][T16430] EXT4-fs: Ignoring removed mblk_io_submit option [ 211.708416][T16430] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 211.736083][T16430] EXT4-fs (loop4): 1 truncate cleaned up [ 211.743610][T16430] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.771840][T16430] EXT4-fs (loop4): shut down requested (0) [ 211.793121][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.807824][ T44] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 211.967851][T16458] loop2: detected capacity change from 0 to 128 [ 211.995956][T16458] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 212.010660][T16463] loop0: detected capacity change from 0 to 764 [ 212.018808][T16463] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 212.049271][T16458] ext4 filesystem being mounted at /306/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 212.094760][T16458] EXT4-fs error (device loop2): ext4_validate_block_bitmap:423: comm syz.2.5627: bg 0: bad block bitmap checksum [ 212.179470][T12849] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 212.665078][T16528] loop3: detected capacity change from 0 to 512 [ 212.690133][T16528] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 212.740711][T16528] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 212.776770][T16528] ext4 filesystem being mounted at /1116/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 212.834084][T16551] pim6reg: entered allmulticast mode [ 212.840299][T16549] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2 [ 212.853235][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.866179][T16551] pim6reg: left allmulticast mode [ 212.895889][T16553] SELinux: failure in selinux_parse_skb(), unable to parse packet [ 213.071114][T16569] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5679'. [ 213.135438][T16572] loop0: detected capacity change from 0 to 256 [ 213.522210][T16580] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities [ 213.543655][T16582] EXT4-fs: inline encryption not supported [ 213.549811][T16582] EXT4-fs: inline encryption not supported [ 213.613773][T16582] EXT4-fs: Ignoring removed oldalloc option [ 213.645733][T16582] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 213.677743][T16582] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5685: invalid indirect mapped block 2683928664 (level 1) [ 213.749480][T16582] EXT4-fs (loop4): 1 truncate cleaned up [ 213.757238][T16582] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 213.800064][T16582] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5685: Invalid block bitmap block 3 in block_group 0 [ 213.837263][T16582] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5685: Invalid block bitmap block 3 in block_group 0 [ 213.858867][T16582] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5685: Invalid block bitmap block 3 in block_group 0 [ 213.949849][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.404090][T16644] vxcan0: tx address claim with dlc 0 [ 214.619906][T16662] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5722'. [ 214.719063][T16673] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5728'. [ 214.738400][T16673] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5728'. [ 214.765850][ T29] kauditd_printk_skb: 33 callbacks suppressed [ 214.765893][ T29] audit: type=1400 audit(1770114735.464:1437): avc: denied { bind } for pid=16676 comm="syz.0.5729" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 214.907915][T16691] netlink: 'syz.0.5736': attribute type 25 has an invalid length. [ 214.915840][T16691] netlink: 'syz.0.5736': attribute type 7 has an invalid length. [ 214.924999][T16691] netlink: 'syz.0.5736': attribute type 1 has an invalid length. [ 214.933111][T16691] netlink: 156 bytes leftover after parsing attributes in process `syz.0.5736'. [ 214.942330][T16691] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.192483][ T29] audit: type=1326 audit(1770114735.894:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16703 comm="syz.0.5740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a12aaeb9 code=0x7ffc0000 [ 215.216273][ T29] audit: type=1326 audit(1770114735.894:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16703 comm="syz.0.5740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f27a12aaeb9 code=0x7ffc0000 [ 215.240691][ T29] audit: type=1326 audit(1770114735.894:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16703 comm="syz.0.5740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a12aaeb9 code=0x7ffc0000 [ 215.265308][ T29] audit: type=1326 audit(1770114735.894:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16703 comm="syz.0.5740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f27a12aaeb9 code=0x7ffc0000 [ 215.289924][ T29] audit: type=1326 audit(1770114735.894:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16703 comm="syz.0.5740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a12aaeb9 code=0x7ffc0000 [ 215.414229][ T29] audit: type=1326 audit(1770114735.974:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16703 comm="syz.0.5740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a12aaeb9 code=0x7ffc0000 [ 215.623102][ T29] audit: type=1400 audit(1770114736.324:1444): avc: denied { getopt } for pid=16701 comm="syz.4.5741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 215.875777][T16735] netlink: 220 bytes leftover after parsing attributes in process `syz.6.5756'. [ 215.992485][T16743] bridge0: entered promiscuous mode [ 216.007914][T16743] macvlan3: entered promiscuous mode [ 216.139838][T16762] program syz.2.5768 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 216.210886][ T29] audit: type=1326 audit(1770114736.914:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16763 comm="syz.6.5769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 216.235122][ T29] audit: type=1326 audit(1770114736.914:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16763 comm="syz.6.5769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f087c2faeb9 code=0x7ffc0000 [ 216.420618][T16784] set_capacity_and_notify: 2 callbacks suppressed [ 216.420635][T16784] loop2: detected capacity change from 0 to 512 [ 216.465207][T16792] sctp: [Deprecated]: syz.0.5784 (pid 16792) Use of int in maxseg socket option. [ 216.465207][T16792] Use struct sctp_assoc_value instead [ 216.726869][T16825] netlink: 36 bytes leftover after parsing attributes in process `syz.6.5798'. [ 216.878263][T16838] netlink: 'syz.4.5803': attribute type 10 has an invalid length. [ 216.888762][T16838] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 216.899226][T16838] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 216.911925][T16838] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 217.197298][T16867] 9p: Bad value for 'rfdno' [ 217.507162][T16896] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5832'. [ 217.602089][T16907] netlink: 'syz.0.5836': attribute type 3 has an invalid length. [ 217.749337][T16929] netlink: 76 bytes leftover after parsing attributes in process `syz.6.5846'. [ 217.925631][T16937] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 218.450370][T16984] netlink: 14593 bytes leftover after parsing attributes in process `syz.6.5869'. [ 218.506391][T16956] chnl_net:caif_netlink_parms(): no params data found [ 218.544985][T16992] loop2: detected capacity change from 0 to 512 [ 218.562796][T16956] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.570189][T16956] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.612495][T16956] bridge_slave_0: entered allmulticast mode [ 218.612542][T16998] program syz.4.5873 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 218.630436][T16956] bridge_slave_0: entered promiscuous mode [ 218.647012][T16956] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.647446][T16992] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 218.654551][T16956] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.678702][T16956] bridge_slave_1: entered allmulticast mode [ 218.689283][T16956] bridge_slave_1: entered promiscuous mode [ 218.740701][T16992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5870'. [ 218.755890][T16956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 218.769691][T16956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 218.796739][T16956] team0: Port device team_slave_0 added [ 218.803768][T16956] team0: Port device team_slave_1 added [ 218.840861][T16956] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.847902][T16956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 218.874448][T16956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.921949][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.935650][T16956] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.942961][T16956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 218.969196][T16956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 219.041396][T16956] hsr_slave_0: entered promiscuous mode [ 219.054026][T16956] hsr_slave_1: entered promiscuous mode [ 219.078008][T16956] debugfs: 'hsr0' already exists in 'hsr' [ 219.084161][T16956] Cannot create hsr debugfs directory [ 219.238267][T16956] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 219.258724][T16956] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 219.286349][T16956] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 219.305915][T16956] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 219.385784][T16956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 219.401183][T16956] 8021q: adding VLAN 0 to HW filter on device team0 [ 219.421191][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.428474][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 219.456602][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.463828][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.502603][T17062] loop3: detected capacity change from 0 to 1024 [ 219.553861][T17062] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.578180][T17062] ext4 filesystem being mounted at /1162/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 219.634829][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.653625][T16956] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.999880][T16956] veth0_vlan: entered promiscuous mode [ 220.031798][T16956] veth1_vlan: entered promiscuous mode [ 220.098613][T16956] veth0_macvtap: entered promiscuous mode [ 220.120799][T16956] veth1_macvtap: entered promiscuous mode [ 220.161586][T16956] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 220.188453][T16956] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 220.201785][ T3437] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.243854][ T3437] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.281923][ T3437] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.303379][ T3437] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.354843][T17150] loop2: detected capacity change from 0 to 512 [ 220.367037][T17152] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5931'. [ 220.393261][T17152] netlink: 'syz.6.5931': attribute type 15 has an invalid length. [ 220.409780][T17156] netlink: 'syz.7.5857': attribute type 12 has an invalid length. [ 220.422933][T17150] EXT4-fs: Ignoring removed i_version option [ 220.472431][T17158] netlink: 64 bytes leftover after parsing attributes in process `syz.4.5933'. [ 220.487168][T17150] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 220.520798][T17167] tap0: tun_chr_ioctl cmd 2148553947 [ 220.614572][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.731242][T17180] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5944'. [ 220.825285][ T29] kauditd_printk_skb: 40 callbacks suppressed [ 220.825304][ T29] audit: type=1400 audit(1770114741.524:1487): avc: denied { mounton } for pid=17191 comm="syz.3.5948" path=2F313137352FE91F7189591E9233614B dev="tmpfs" ino=6054 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 220.872446][T17194] loop7: detected capacity change from 0 to 4096 [ 220.883779][T17194] EXT4-fs: Ignoring removed mblk_io_submit option [ 220.899236][T17194] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 220.919517][T17194] EXT4-fs (loop7): shut down requested (2) [ 220.952759][T16956] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.997811][T17201] loop7: detected capacity change from 0 to 128 [ 221.018255][T17201] FAT-fs (loop7): error, corrupted file size (i_pos 548, 512) [ 221.025862][T17201] FAT-fs (loop7): Filesystem has been set read-only [ 221.198237][T17208] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) ! [ 221.801330][T17246] program syz.3.5969 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 221.822153][T17248] netlink: 'syz.4.5970': attribute type 39 has an invalid length. [ 221.924323][T17262] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5977'. [ 221.935204][T17262] syz_tun: refused to change device tx_queue_len [ 222.116861][ T29] audit: type=1326 audit(1770114742.804:1488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17272 comm="syz.4.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 222.141321][ T29] audit: type=1326 audit(1770114742.804:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17272 comm="syz.4.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 222.166811][ T29] audit: type=1326 audit(1770114742.804:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17272 comm="syz.4.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 222.191363][ T29] audit: type=1326 audit(1770114742.804:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17272 comm="syz.4.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 222.220133][ T29] audit: type=1326 audit(1770114742.804:1492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17272 comm="syz.4.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 222.269667][ T29] audit: type=1326 audit(1770114742.964:1493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17272 comm="syz.4.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 222.293474][ T29] audit: type=1326 audit(1770114742.974:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17272 comm="syz.4.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30a45aaeb9 code=0x7ffc0000 [ 222.441257][T17288] loop7: detected capacity change from 0 to 512 [ 222.466996][T17288] EXT4-fs: Ignoring removed oldalloc option [ 222.513805][T17288] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 222.573464][T16956] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.740378][T17309] loop7: detected capacity change from 0 to 4096 [ 222.750994][ T29] audit: type=1400 audit(1770114743.454:1495): avc: denied { map } for pid=17312 comm="syz.2.6000" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 222.795564][T17309] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 222.810717][T17324] sock: sock_set_timeout: `syz.6.6004' (pid 17324) tries to set negative timeout [ 222.863456][T17329] loop3: detected capacity change from 0 to 1024 [ 222.888431][T16956] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.923398][T17329] ext4 filesystem being mounted at /1182/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 222.938530][T17329] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.6007: Freeing blocks not in datazone - block = 0, count = 16 [ 222.954766][T17335] tap0: tun_chr_ioctl cmd 1074025681 [ 223.005108][T17343] loop3: detected capacity change from 0 to 2048 [ 223.088518][ T29] audit: type=1400 audit(1770114743.794:1496): avc: denied { read } for pid=17349 comm="syz.2.6016" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 223.902946][T17426] netlink: 92 bytes leftover after parsing attributes in process `syz.4.6052'. [ 223.930768][T17426] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6052'. [ 224.025361][T17445] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6061'. [ 224.035586][T17445] netlink: 'syz.2.6061': attribute type 5 has an invalid length. [ 224.109354][T17453] loop2: detected capacity change from 0 to 512 [ 224.136919][T17453] EXT4-fs mount: 4 callbacks suppressed [ 224.136939][T17453] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 224.175452][T17449] loop3: detected capacity change from 0 to 8192 [ 224.188118][T17453] ext4 filesystem being mounted at /376/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 224.235176][T17461] team0: Device gtp0 is of different type [ 224.275782][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.290552][T17467] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 224.298370][T17467] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 224.306528][T17467] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 224.315707][T17467] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 224.422736][T17478] tipc: New replicast peer: 255.255.255.255 [ 224.430550][T17478] tipc: Enabled bearer , priority 10 [ 224.579956][T17486] loop2: detected capacity change from 0 to 8192 [ 224.590432][T17490] program syz.4.6082 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 224.618431][T17486] loop2: p2 p3 p4[EZD] [ 224.628432][T17486] loop2: p3 start 331781 is beyond EOD, truncated [ 224.635203][T17486] loop2: p4 size 197376 extends beyond EOD, truncated [ 224.943700][T17512] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6090'. [ 225.000753][T17518] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 225.034561][T17520] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6095'. [ 225.262018][T17546] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6108'. [ 225.278798][T17546] veth1_macvtap: left promiscuous mode [ 225.314946][T17550] loop3: detected capacity change from 0 to 512 [ 225.345157][T17550] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 225.364624][T17550] EXT4-fs (loop3): orphan cleanup on readonly fs [ 225.372654][T17550] EXT4-fs error (device loop3): ext4_orphan_get:1391: comm syz.3.6110: inode #15: comm syz.3.6110: iget: illegal inode # [ 225.388439][T17550] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.6110: couldn't read orphan inode 15 (err -117) [ 225.401707][T17550] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 225.475162][T17564] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 225.497019][T17564] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 225.547582][ T9641] tipc: Node number set to 2 [ 225.553564][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.639225][T17575] loop7: detected capacity change from 0 to 1024 [ 225.662673][T17575] EXT4-fs: Ignoring removed oldalloc option [ 225.669038][T17575] EXT4-fs: Ignoring removed bh option [ 225.700317][T17575] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 225.722969][T17575] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4215: comm syz.7.6120: Allocating blocks 449-513 which overlap fs metadata [ 225.756592][T16956] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.798260][T17590] program syz.7.6126 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 225.856133][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 225.856151][ T29] audit: type=1326 audit(1770114749.556:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17591 comm="syz.7.6127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d3556aeb9 code=0x7ffc0000 [ 225.904674][ T29] audit: type=1326 audit(1770114749.596:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17591 comm="syz.7.6127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7f9d3556aeb9 code=0x7ffc0000 [ 225.929000][ T29] audit: type=1326 audit(1770114749.596:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17591 comm="syz.7.6127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d3556aeb9 code=0x7ffc0000 [ 225.953731][ T29] audit: type=1326 audit(1770114749.596:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17591 comm="syz.7.6127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d3556aeb9 code=0x7ffc0000 [ 225.978192][ T29] audit: type=1326 audit(1770114749.596:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17591 comm="syz.7.6127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f9d3556aeb9 code=0x7ffc0000 [ 226.002663][ T29] audit: type=1326 audit(1770114749.596:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17591 comm="syz.7.6127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d3556aeb9 code=0x7ffc0000 [ 226.027512][ T29] audit: type=1326 audit(1770114749.596:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17591 comm="syz.7.6127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d3556aeb9 code=0x7ffc0000 [ 226.153642][ T29] audit: type=1400 audit(1770114749.856:1531): avc: denied { accept } for pid=17606 comm="syz.2.6134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 226.545488][T17644] loop3: detected capacity change from 0 to 512 [ 226.581321][T17648] EXT4-fs: Ignoring removed nomblk_io_submit option [ 226.601069][T17644] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.616758][T17648] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 226.658135][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.670649][T12849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.737858][ T29] audit: type=1400 audit(1770114750.446:1532): avc: denied { connect } for pid=17657 comm="syz.3.6155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 226.801641][ T29] audit: type=1400 audit(1770114750.506:1533): avc: denied { read } for pid=17657 comm="syz.3.6155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 227.134777][T17661] Set syz1 is full, maxelem 65536 reached [ 227.243011][T17687] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 227.280257][T17687] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 227.369320][T17699] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 227.747430][T17744] macvtap0: entered promiscuous mode [ 227.761856][T17744] macvtap0: left promiscuous mode [ 227.776529][T17751] program syz.7.6195 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 227.791172][T17753] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6197'. [ 227.962185][T17767] tipc: Enabling of bearer rejected, failed to enable media [ 227.973126][T17766] set_capacity_and_notify: 3 callbacks suppressed [ 227.973244][T17766] loop3: detected capacity change from 0 to 1024 [ 228.006215][T17766] EXT4-fs: Ignoring removed orlov option [ 228.012167][T17766] EXT4-fs: Ignoring removed nomblk_io_submit option [ 228.055313][T17766] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 228.127635][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.273322][T17793] loop4: detected capacity change from 0 to 128 [ 228.312024][T17796] loop3: detected capacity change from 0 to 512 [ 228.325448][T17793] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 228.340250][T17796] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 228.367457][T17796] EXT4-fs (loop3): 1 truncate cleaned up [ 228.374567][T17793] ext4 filesystem being mounted at /1226/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 228.378726][T17796] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 228.431873][T17796] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.6215: invalid indirect mapped block 4294901760 (level 0) [ 228.462413][T17796] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.6215: invalid indirect mapped block 4294967295 (level 1) [ 228.478100][ T3322] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 228.543998][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.691950][T17814] program syz.4.6221 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 228.704352][T17817] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 228.731624][T17818] loop7: detected capacity change from 0 to 512 [ 228.758748][T17818] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 228.791518][T17818] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 228.860468][T16956] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 228.949660][T17834] delete_channel: no stack [ 229.388949][T17881] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6253'. [ 229.616486][T17897] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6260'. [ 229.741925][T17904] loop3: detected capacity change from 0 to 4096 [ 229.754864][T17904] EXT4-fs: Ignoring removed bh option [ 229.785544][T17904] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.000919][T17921] loop4: detected capacity change from 0 to 1764 [ 230.047665][T17924] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6272'. [ 230.132719][T17930] loop7: detected capacity change from 0 to 512 [ 230.145150][T17934] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6277'. [ 230.200914][ T9641] IPVS: starting estimator thread 0... [ 230.221919][T17930] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.256714][T17930] ext4 filesystem being mounted at /75/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 230.272592][T17944] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6280'. [ 230.298467][T17940] IPVS: using max 2160 ests per chain, 108000 per kthread [ 230.322699][T17930] EXT4-fs: Ignoring removed orlov option [ 230.354591][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.366322][T17930] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 230.377002][T17930] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 230.409368][T17930] EXT4-fs error (device loop7): __ext4_remount:6789: comm syz.7.6275: Abort forced by user [ 230.451033][T17930] EXT4-fs (loop7): Remounting filesystem read-only [ 230.459232][T17930] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 230.482137][T16956] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.525251][T17962] loop2: detected capacity change from 0 to 128 [ 230.675080][T17973] netlink: 16410 bytes leftover after parsing attributes in process `syz.2.6293'. [ 230.750070][T17980] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6295'. [ 231.054190][T18004] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6307'. [ 231.063882][T18004] netlink: 56 bytes leftover after parsing attributes in process `syz.6.6307'. [ 231.083363][T18004] macvlan0: entered allmulticast mode [ 231.089125][T18004] veth1_vlan: entered allmulticast mode [ 231.196482][T18012] loop3: detected capacity change from 0 to 1024 [ 231.245668][T18012] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 231.283125][T18021] loop2: detected capacity change from 0 to 764 [ 231.305844][T18012] ext4 filesystem being mounted at /1234/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 231.349170][T18021] rock: directory entry would overflow storage [ 231.355569][T18021] rock: sig=0x5245, size=8, remaining=5 [ 231.486161][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 231.705529][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 231.705546][ T29] audit: type=1326 audit(1770114755.406:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18036 comm="syz.2.6322" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd2a474aeb9 code=0x0 [ 232.009531][T18064] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18064 comm=syz.7.6333 [ 232.072502][T18072] EXT4-fs error (device loop3): ext4_iget_extra_inode:5073: inode #15: comm syz.3.6337: corrupted in-inode xattr: invalid ea_ino [ 232.086914][T18072] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.6337: couldn't read orphan inode 15 (err -117) [ 232.101186][T18072] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 232.144619][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.210815][ T29] audit: type=1400 audit(1770114755.916:1536): avc: denied { read } for pid=18080 comm="syz.3.6341" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 232.238165][ T29] audit: type=1400 audit(1770114755.916:1537): avc: denied { open } for pid=18080 comm="syz.3.6341" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 232.263404][ T29] audit: type=1400 audit(1770114755.916:1538): avc: denied { ioctl } for pid=18080 comm="syz.3.6341" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 232.848911][T18121] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.856512][T18121] bridge0: port 1(bridge_slave_0) entered forwarding state [ 232.873974][T18121] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 232.985516][T18121] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 233.083443][T18126] set_capacity_and_notify: 1 callbacks suppressed [ 233.083460][T18126] loop4: detected capacity change from 0 to 512 [ 233.115252][T18126] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.6363: inode has both inline data and extents flags [ 233.138175][T18126] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.6363: couldn't read orphan inode 15 (err -117) [ 233.174878][T18126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 233.256650][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.370602][T18144] loop7: detected capacity change from 0 to 128 [ 233.380186][T18144] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 233.490011][T18151] syz.7.6370: attempt to access beyond end of device [ 233.490011][T18151] loop7: rw=2049, sector=217, nr_sectors = 128 limit=128 [ 233.533402][ T2000] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 233.548196][ T2000] kworker/u8:6: attempt to access beyond end of device [ 233.548196][ T2000] loop7: rw=1, sector=345, nr_sectors = 696 limit=128 [ 233.596767][T18159] atomic_op ffff8881264f5528 conn xmit_atomic 0000000000000000 [ 233.614154][T18162] loop6: detected capacity change from 0 to 7 [ 233.627872][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 233.637969][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.650590][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 233.660274][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.669756][T18162] loop6: unable to read partition table [ 233.670141][ C1] invalid error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x8800 phys_seg 1 prio class 2 [ 233.683967][T18162] loop_reread_partitions: partition scan of loop6 (Sj̖P=ý?}X %`ր5) failed (rc=-5) [ 233.688115][ C1] invalid error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x8800 phys_seg 1 prio class 2 [ 233.710938][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x880700 phys_seg 1 prio class 2 [ 233.722692][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 233.732788][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.746025][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 233.755835][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.765936][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 233.776058][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.776831][T18167] loop7: detected capacity change from 0 to 128 [ 233.790907][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 233.800655][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.810088][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 233.820188][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.820161][T18167] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 234.162644][T18177] loop7: detected capacity change from 0 to 8192 [ 234.592581][T18203] netlink: 'syz.4.6397': attribute type 3 has an invalid length. [ 234.639622][T18202] loop2: detected capacity change from 0 to 512 [ 234.670693][T18207] loop4: detected capacity change from 0 to 512 [ 234.741022][ T2] ================================================================== [ 234.749248][ T2] BUG: KCSAN: data-race in copy_process / free_pid [ 234.755901][ T2] [ 234.758256][ T2] read-write to 0xffffffff86a60018 of 4 bytes by task 18212 on cpu 0: [ 234.766517][ T2] free_pid+0xb9/0x1d0 [ 234.770633][ T2] free_pids+0x9e/0xb0 [ 234.774749][ T2] release_task+0x9a7/0xb60 [ 234.779402][ T2] do_exit+0xd56/0x1590 [ 234.783589][ T2] do_group_exit+0xfe/0x140 [ 234.788139][ T2] get_signal+0xe4f/0xf60 [ 234.792680][ T2] arch_do_signal_or_restart+0x96/0x450 [ 234.798265][ T2] exit_to_user_mode_loop+0x6a/0x6f0 [ 234.803799][ T2] do_syscall_64+0x1d3/0x2a0 [ 234.808463][ T2] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.814449][ T2] [ 234.816795][ T2] read to 0xffffffff86a60018 of 4 bytes by task 2 on cpu 1: [ 234.824192][ T2] copy_process+0x16e4/0x1f10 [ 234.828945][ T2] kernel_clone+0x16b/0x5b0 [ 234.833678][ T2] kernel_thread+0xe5/0x120 [ 234.838319][ T2] kthreadd+0x26b/0x330 [ 234.842610][ T2] ret_from_fork+0x148/0x280 [ 234.847239][ T2] ret_from_fork_asm+0x1a/0x30 [ 234.852685][ T2] [ 234.855398][ T2] value changed: 0x80000120 -> 0x8000011f [ 234.861239][ T2] [ 234.863608][ T2] Reported by Kernel Concurrency Sanitizer on: [ 234.869846][ T2] CPU: 1 UID: 0 PID: 2 Comm: kthreadd Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 234.881177][ T2] Tainted: [W]=WARN [ 234.885007][ T2] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 234.895178][ T2] ================================================================== SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 234.930654][ T29] audit: type=1400 audit(1770114758.616:1539): avc: denied { write } for pid=3301 comm="syz-executor" path="pipe:[1818]" dev="pipefs" ino=1818 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 235.006230][T18207] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 235.007846][ T29] audit: type=1400 audit(1770114758.656:1540): avc: denied { recv } for pid=4059 comm="udevd" saddr=10.128.0.163 src=43562 daddr=10.128.0.72 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 235.079761][T18207] ext4 filesystem being mounted at /1260/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 235.261483][T18166] bridge0: port 3(syz_tun) entered disabled state [ 235.269531][T18166] syz_tun (unregistering): left allmulticast mode [ 235.276122][T18166] syz_tun (unregistering): left promiscuous mode [ 235.282765][T18166] bridge0: port 3(syz_tun) entered disabled state [ 235.366683][ T12] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.463629][ T8405] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.502853][ T12] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.601624][ T12] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.652062][ T12] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.712712][ T12] bridge_slave_1: left allmulticast mode [ 235.718986][ T12] bridge_slave_1: left promiscuous mode [ 235.724705][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.733121][ T12] bridge_slave_0: left allmulticast mode [ 235.739072][ T12] bridge_slave_0: left promiscuous mode [ 235.744960][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.831124][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 235.842123][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 235.853880][ T12] bond0 (unregistering): Released all slaves [ 235.906568][ T12] hsr_slave_0: left promiscuous mode [ 235.913166][ T12] hsr_slave_1: left promiscuous mode [ 235.919429][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 235.926959][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 235.934683][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 235.942301][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 235.955852][ T12] veth0_macvtap: left promiscuous mode [ 235.961947][ T12] veth1_vlan: left promiscuous mode [ 235.967270][ T12] veth0_vlan: left promiscuous mode [ 236.054543][ T12] team0 (unregistering): Port device team_slave_1 removed [ 236.065120][ T12] team0 (unregistering): Port device team_slave_0 removed [ 236.344604][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.381006][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.441044][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.511101][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.582786][ T12] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.631091][ T12] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.681278][ T12] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.742470][ T12] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.833401][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.902106][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.951905][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.011722][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.101418][ T12] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.139570][ T12] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.199503][ T12] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.270088][ T12] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.345784][ T12] bridge_slave_0: left promiscuous mode [ 237.351714][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.361633][ T12] bridge_slave_1: left promiscuous mode [ 237.367434][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.375798][ T12] bridge_slave_0: left allmulticast mode [ 237.381558][ T12] bridge_slave_0: left promiscuous mode [ 237.388833][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.397136][ T12] bridge_slave_1: left allmulticast mode [ 237.403100][ T12] bridge_slave_1: left promiscuous mode [ 237.409251][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.417175][ T12] bridge_slave_0: left allmulticast mode [ 237.424280][ T12] bridge_slave_0: left promiscuous mode [ 237.430413][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.439307][ T12] bridge_slave_1: left allmulticast mode [ 237.445169][ T12] bridge_slave_1: left promiscuous mode [ 237.451023][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.458986][ T12] bridge_slave_0: left allmulticast mode [ 237.465223][ T12] bridge_slave_0: left promiscuous mode [ 237.471640][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.483540][ T12] tipc: Resetting bearer [ 237.621972][ T12] dvmrp6 (unregistering): left allmulticast mode [ 237.679901][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 237.692068][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 237.702006][ T12] bond0 (unregistering): Released all slaves [ 237.725984][ T12] team0: Port device geneve1 removed [ 237.765276][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 237.775904][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 237.786900][ T12] bond0 (unregistering): Released all slaves [ 237.794835][ T12] bond1 (unregistering): Released all slaves [ 237.870843][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 237.881937][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 237.893445][ T12] bond0 (unregistering): Released all slaves [ 237.902732][ T12] tipc: Disabling bearer [ 237.934340][ T12] team0: Port device geneve1 removed [ 237.970646][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 237.980437][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 237.990492][ T12] bond0 (unregistering): Released all slaves [ 238.057573][ T12] tipc: Disabling bearer [ 238.063249][ T12] tipc: Left network mode [ 238.069325][ T12] tipc: Left network mode [ 238.083431][ T12] hsr_slave_0: left promiscuous mode [ 238.090647][ T12] hsr_slave_1: left promiscuous mode [ 238.096676][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 238.104444][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 238.113057][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 238.120901][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 238.131337][ T12] hsr_slave_0: left promiscuous mode [ 238.137168][ T12] hsr_slave_1: left promiscuous mode [ 238.143606][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 238.151269][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 238.159148][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 238.166659][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 238.176893][ T12] hsr_slave_0: left promiscuous mode [ 238.182928][ T12] hsr_slave_1: left promiscuous mode [ 238.189961][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 238.197584][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 238.206377][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 238.214443][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 238.224711][ T12] hsr_slave_0: left promiscuous mode [ 238.231699][ T12] hsr_slave_1: left promiscuous mode [ 238.255877][ T12] veth0_virt_wifi: left promiscuous mode [ 238.262315][ T12] veth1_macvtap: left promiscuous mode [ 238.268003][ T12] veth0_macvtap: left promiscuous mode [ 238.273627][ T12] veth1_vlan: left promiscuous mode [ 238.279138][ T12] veth0_vlan: left promiscuous mode [ 238.285158][ T12] veth1_macvtap: left promiscuous mode [ 238.293257][ T12] veth0_macvtap: left promiscuous mode [ 238.299174][ T12] veth1_vlan: left allmulticast mode [ 238.304499][ T12] veth1_vlan: left promiscuous mode [ 238.309851][ T12] veth0_vlan: left promiscuous mode [ 238.316444][ T12] veth1_vlan: left allmulticast mode [ 238.322373][ T12] veth1_macvtap: left promiscuous mode [ 238.328401][ T12] veth0_macvtap: left promiscuous mode [ 238.334014][ T12] veth1_vlan: left promiscuous mode [ 238.339388][ T12] veth0_vlan: left promiscuous mode [ 238.345708][ T12] veth0_virt_wifi: left promiscuous mode [ 238.352033][ T12] veth1_macvtap: left promiscuous mode [ 238.357695][ T12] veth0_macvtap: left promiscuous mode [ 238.363313][ T12] veth1_vlan: left allmulticast mode [ 238.368905][ T12] veth1_vlan: left promiscuous mode [ 238.374836][ T12] veth0_vlan: left promiscuous mode [ 238.541489][ T12] pim6reg9 (unregistering): left allmulticast mode [ 238.584105][ T12] team0 (unregistering): Port device team_slave_1 removed [ 238.594821][ T12] team0 (unregistering): Port device team_slave_0 removed [ 238.659128][ T12] team0 (unregistering): Port device team_slave_1 removed [ 238.669553][ T12] team0 (unregistering): Port device C removed [ 238.702703][ T12] pim6reg9 (unregistering): left allmulticast mode [ 238.740648][ T12] team0 (unregistering): Port device team_slave_1 removed [ 238.752805][ T12] team0 (unregistering): Port device team_slave_0 removed [ 238.788721][ T12] pim6reg9 (unregistering): left allmulticast mode [ 238.830991][ T12] team0 (unregistering): Port device team_slave_1 removed [ 238.841442][ T12] team0 (unregistering): Port device team_slave_0 removed [ 241.176586][ T12] IPVS: stop unused estimator thread 0... [ 241.183643][ T12] IPVS: stop unused estimator thread 0... [ 241.189915][ T12] IPVS: stop unused estimator thread 0...