last executing test programs: 2m22.603420707s ago: executing program 32 (id=2039): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x4) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x10) 2m1.339074583s ago: executing program 4 (id=2922): bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0) 2m1.116269704s ago: executing program 4 (id=2926): unshare(0x2c020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="05"], 0x10) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000780)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB='&'], 0x10) 2m0.478038555s ago: executing program 4 (id=2941): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r1, 0x400455c8, 0x0) ioctl$sock_bt_hci(r0, 0x400448cb, &(0x7f0000000240)) 1m58.402357967s ago: executing program 4 (id=2974): mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='proc\x00', 0x810c03, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='./file0\x00') 1m58.322649471s ago: executing program 4 (id=2976): r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x3, @local}}, 0x1e) r1 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r1, &(0x7f0000000200)={0x18, 0x2, {0xfeff, @local}}, 0x1e) connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @private=0xa010101}}, 0x1e) 1m58.097293422s ago: executing program 4 (id=2984): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000001140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=""/17, 0x11}, 0x6}], 0x1, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000100)=0x5, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 1m58.038254095s ago: executing program 33 (id=2984): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000001140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=""/17, 0x11}, 0x6}], 0x1, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000100)=0x5, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 1m36.822123789s ago: executing program 2 (id=3636): syz_clone3(&(0x7f0000000080)={0x180801400, &(0x7f0000000000), 0x0, 0x0, {0x3d}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_io_uring_setup(0x10e, &(0x7f0000000980)={0x0, 0xf872, 0x10000, 0x3, 0x4}, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r0, 0x3596, 0x0, 0x49, 0x0, 0x0) wait4(0xffffffffffffffff, 0x0, 0x40000000, 0x0) 1m36.60563441s ago: executing program 2 (id=3639): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) close(r0) socket(0x28, 0x1, 0x0) r1 = syz_io_uring_setup(0x3c2a, &(0x7f00000004c0)={0x0, 0x575c, 0x1, 0x3, 0x334}, &(0x7f0000000080), &(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 1m36.510679484s ago: executing program 2 (id=3641): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440)=[{{&(0x7f0000000280)={0x2, 0x4e22, @private=0xa010101}, 0x10, 0x0}}], 0x1, 0x48000) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c40)={0xc0, 0x0, 0x2, 0x101, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_NAT={0x54, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_TUPLE={0x34, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010102}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @rand_addr=0x64010100}}}]}, @CTA_EXPECT_NAT_TUPLE={0x14, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}]}, @CTA_EXPECT_NAT={0x54, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0x20, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x40091}, 0x4008000) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400}) 1m36.421820878s ago: executing program 2 (id=3644): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10000, &(0x7f0000000080)={[{@quota}, {@delalloc}, {@acl}, {@journal_dev={'journal_dev', 0x3d, 0x11}}, {@usrjquota}, {@bsdgroups}]}, 0x1, 0x4f6, &(0x7f0000001000)="$eJzs3M9vVNUeAPDvnXZogcejj8cjoQ+1gMbGxBYKCgs3mJi40MSIC1k2bSGVAQztQkgjQ2JwTeLeuDTuNHGrS+PKPwAXLkwMCVE2gKsxd+bedjpzpzMttbXt55MMnHN/nB/3njNz7j29N4AdayT9J4n4V0Tci4j9jejyDUYa/z1+uDD15OHCVFRrtfO/J/XtHqXxTL7f3iwyWooofZK0JNgwd+Pm5clKZeZ6VOvx8fkrH47P3bj58uyVyUszl2auTpw9e/rUyTOvTryyLO2IGOxaqYL80no9Gv742pHDb164+/ZUf2tizfXoKN/rj2rXTSM/th280JzeNrCvKZy01+vWhhaGng1mzbCc9v+FyrELm10gYMPUarXaQOfV1Vqr221LgC0ric0uAbA58h/69Po3/zSWlDdi+LHpHpxrXAA9erhQuxUx9Xix/v1RyrYpt1zfplYYM63KSES8X/3z8/QTK92H+GWdMgQAdrzvz2XDwCRaxn+lONS03b+zOZShiPhPRByIiP9GxMGI+F/Esm2XSSJqK+R/sHXBYv7fZLMIpftrrVsv0vHfa9ncVv7J8s03GerLYvsi8gHzzInsmIxGeeDibGXmZIf0d3XJv3n8l37S/POxYFaO+/0tg83pyfnJtdW23YPbEcP9rfVP+tMTl0/jJBFxOCKGV5HuUFN49qUvjyxGWi4rute/rlYwpbcu82e1LyJebJz/aiw7/0s5Js3zk6W2+cnxwajMnBhPW8GJwkL++NOddzrl37X+3/7aussbZ747//QVz6Tnf09T+498/nap/kNJRLI4XzsXUetbXR53fv60nu7I8fZ1a23/u5L36uG8f300OT9//WTEruSt9uUTS/vm8Xz7tP6jx4v7/4Fsn/RI/D8i0kb8TEQ8G9GXl/1oRByLiIKqLfrh9ec/6LSux/b/t0nrP134/Zdk7aB+/pfm63sM5OmnS/ouH733ZLh44j6r//6Vz//pemg0W1L8/Zcs+4rotaTrcAgBAADgH68U9b/9L40thkulsbHGPaCDsadUuTY3/1xEXJ1uPCMwFOXSxdnKTH5DbijKSX7/c6gpPtESP5XdN/6sb3c9PjZ1rTK92ZWHHW5vvc8nbf0/9dsq7/MCW9A2eg4NWKVu/f/Q3Q0qCLDh/P7DztXU/zu92aLqL2Vge/L7DztXUf+/FV+t+OyC7wzY+mr6MuxoK/f/7u/bBLau/nh3MVx/7LnwaVtgOzL+hx2p+0PyA6t+9n8pUBsoXjUYBW8MGFxTFl0Duwvy2pRAOrJaxwTLEdHbxrvXkkU+BOz8hofS6hIciPZVfbHSXknxexwiotpxr/SodC3PpUO9Nv6eA/k7Uda72Xy91E/LPZ7upw243gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALaVvwIAAP//CB3NTQ==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) ftruncate(r0, 0x3) 1m36.246485647s ago: executing program 2 (id=3647): openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x17d) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000040)='./file1\x00', 0x201) r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000001c0)=0x10) 1m36.245870627s ago: executing program 2 (id=3658): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x9}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) timer_settime(r0, 0x1, &(0x7f0000000000), 0x0) 1m21.035876475s ago: executing program 34 (id=3658): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x9}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) timer_settime(r0, 0x1, &(0x7f0000000000), 0x0) 1m18.49318299s ago: executing program 1 (id=3835): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)={0xc0, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @private0}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x2c, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}}, @CTA_NAT_V6_MINIP={0x14, 0x4, @private2}]}]}, 0xc0}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="a00000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000300c0002800500010000000000440002802c00018014000300fe8000000000000000000000000000aa14000400000000000000000000000000000000000c0002800500010000000000060003400000000008000740000000000400068041dd036f5f08ae5cc7b8ac55f6f39af6258ce4"], 0xa0}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c00028005000100000000000800074000000400180006801400040020"], 0xac}}, 0x0) 1m18.443764743s ago: executing program 1 (id=3836): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xe, 0x3, 0x1, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000051}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001400)=@newqdisc={0x170, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x140, 0x2, [@TCA_GRED_PARMS={0x38, 0x1, {0x100, 0x5, 0x400, 0x10, 0x81, 0x8000101, 0xe, 0xc40, 0x7fffffff, 0xfffffffd, 0x1b, 0xa, 0xff, 0x6, 0xca11, 0xffff}}, @TCA_GRED_STAB={0x104, 0x2, "abcc61b4e508c02286f1bafc7a22c407a52b0e13291c865d493f15736245f220cd4e40006df455836aa3bd3aaa2c9b95578719c46f89e01798d28b6d63cf7465ea95bd97b018b7afaccdcb28bb42d677b73c44e790f0875fb4b795ca95b7dd712d2c5d69945535f92f74a71236743acd06103cd77bd07f2df5989ee40e409b077cc85e96554beb53c986a216051bd5979a8cfcfe9f98be58ffcf44f6cfda8579dbaedceee578bfd1fb554b6e185e9315425ef0a3fc69d17ede93fc7c46357990f7acfdb8216ea52f604b9f12033688caa4b04adecfc926b3f6ca25bcb5432905e3f30ccbf10cf0f2d00858ba2bbd2702b8d4a7a7c744fbaa2fa35b1c586020d6"}]}}]}, 0x170}, 0x1, 0x0, 0x0, 0x48c5}, 0x24008004) 1m18.338097558s ago: executing program 1 (id=3837): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x5, 0xb, 0x0, 0x0, 0xe}, 0x94) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) unshare(0x2c020400) msgget$private(0x0, 0x722) msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x2000, 0x0) 1m18.281687051s ago: executing program 1 (id=3838): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f0000000500)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000200)='./file0/../file0/../file0/../file0\x00', 0x89901) move_mount(r0, &(0x7f0000000480)='./file0/../file0/../file0/../file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 1m18.207164034s ago: executing program 1 (id=3839): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote, 0x4, 0x0, 0x0, 0x6}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/anycast6\x00') read$eventfd(r1, &(0x7f0000000040), 0x8) 1m18.042874042s ago: executing program 1 (id=3840): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x0, 0xb801b, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7a, 0x0, @perf_config_ext={0x1, 0xf60e}, 0xb093, 0x800000, 0x43a1bd76, 0x2, 0x6, 0x6, 0x8, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r2, 0xfeffff, 0x680, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40) 1m17.994348755s ago: executing program 35 (id=3840): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x0, 0xb801b, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7a, 0x0, @perf_config_ext={0x1, 0xf60e}, 0xb093, 0x800000, 0x43a1bd76, 0x2, 0x6, 0x6, 0x8, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r2, 0xfeffff, 0x680, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40) 1m4.618764962s ago: executing program 0 (id=4165): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) lseek(r0, 0x7, 0x4) 1m4.356918205s ago: executing program 0 (id=4173): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="f800000016008502000000000000000020010000000000000000000000000002a600000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032"], 0xf8}}, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty, 0x1}, 0x1c) sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[], 0x134}}, 0x0) 1m4.273514379s ago: executing program 0 (id=4178): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x10, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x1, @perf_bp={0x0, 0x1}, 0x2022, 0x1000032, 0x43a1bd56, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0xfffffffffffffffe, 0x80802) ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {0x0, 0x1}, 0x4, 0xc4, &(0x7f00000000c0)={0x67a0442c92ff72d1, 0xd, 0x6, 0x7, 0x2}, 0x57, 0xa867, 0xfffffffd, 0x0, 0x7fffffff, 0x63, 0x0}) 1m4.159088615s ago: executing program 0 (id=4184): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0) mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0) mount$bpf(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x20000, 0x0) mount$bpf(0x200000000000, &(0x7f0000000000)='.\x00', 0x0, 0x8b7848, 0x0) 1m4.156857325s ago: executing program 0 (id=4194): perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xd}, 0x106200, 0x10004, 0x7, 0x5, 0x2, 0x5, 0xb, 0x0, 0x0, 0x0, 0x20000008}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000c40)={{0x80}, 'port0\x00', 0x49, 0xfe8ee28a1d9fac77, 0xa, 0x1006, 0x4, 0x40, 0x3, 0x0, 0x6, 0x6}) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0xc0a85320, &(0x7f0000000880)={{0x80}, 'port0\x00', 0x79, 0x150625, 0x3, 0x2, 0x20107, 0x6, 0x8, 0x0, 0x5, 0xa}) 1m4.0476767s ago: executing program 0 (id=4189): socket(0x2d, 0x2, 0x0) r0 = syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=0x0) syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x8000000, 0x80, 0x0, 0x368}, &(0x7f00000000c0)=0x0, &(0x7f00000005c0)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r0, 0x48e9, 0x0, 0x0, 0x0, 0x0) 1m4.012418682s ago: executing program 36 (id=4189): socket(0x2d, 0x2, 0x0) r0 = syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=0x0) syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x8000000, 0x80, 0x0, 0x368}, &(0x7f00000000c0)=0x0, &(0x7f00000005c0)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r0, 0x48e9, 0x0, 0x0, 0x0, 0x0) 28.27761099s ago: executing program 8 (id=4994): modify_ldt$write2(0x11, &(0x7f00000001c0)={0x4, 0xffffffffdfffefff, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10) r0 = syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setregs(0xd, r0, 0x7fff, &(0x7f0000000240)="12d6cacc400cb28384641a92606ff1d67f7718dadaa571f32ee2eb179974146cb14384e0e9a430de36da9cfa0941cbdb45400dbbf771a9f0d840b73de0cb08d1d3be1afc468f2a26a39cdfba80aa009e0b6b4bab31776e6f4b3cbe471b323c3e805335edbad98b115636442e777dce7bc27e899b8bc13ebd3a9b22f3813b493bcddc5ecc46eada6853") ptrace$setregset(0x4205, r0, 0x1, &(0x7f0000000000)={&(0x7f0000000100)="023a3b32a8530d0648444f138d9c176b04f0f91de6b9fe513adb984dcb636b3f33825c376f2b590f", 0x28}) 28.235547142s ago: executing program 8 (id=4996): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000480)={@val={0x0, 0x3}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x1, 0x4, 0x1c, 0x68, 0x0, 0x4, 0x2, 0x0, @rand_addr=0x64010102, @broadcast}, {0x14, 0xbe, 0x0, @loopback}}}}}}, 0x2e) 28.161306975s ago: executing program 8 (id=4997): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f00000000c0)=0xa, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0xb64, 0x4) sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800) recvmmsg(r0, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0}, 0x75}], 0x1, 0x2100, 0x0) 28.06642623s ago: executing program 8 (id=4999): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0) move_mount(0xffffffffffffff9c, &(0x7f0000000480)='./file0/../file0/../file0/../file0\x00', r0, &(0x7f0000000300)='./file0\x00', 0x0) 28.06621605s ago: executing program 8 (id=5000): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/partitions\x00', 0x0, 0x0) r1 = syz_io_uring_setup(0x49c, &(0x7f00000000c0)={0x0, 0x79ae, 0x3100, 0x8000, 0x3, 0x0, r0}, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r0, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1}) io_uring_enter(r1, 0x627, 0x4c1, 0x43, 0x0, 0x30) 27.894362649s ago: executing program 8 (id=5005): r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049ce) write$binfmt_elf64(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="7f454c4603000702810000000000000003003e00f9ffffffd80100000000000040000000000000008b00000000000000330d0000050038000300780007"], 0xe8) lsetxattr$security_capability(&(0x7f0000002580)='./file0\x00', &(0x7f00000025c0), 0x0, 0x0, 0x0) close(r0) execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 27.846762611s ago: executing program 37 (id=5005): r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049ce) write$binfmt_elf64(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="7f454c4603000702810000000000000003003e00f9ffffffd80100000000000040000000000000008b00000000000000330d0000050038000300780007"], 0xe8) lsetxattr$security_capability(&(0x7f0000002580)='./file0\x00', &(0x7f00000025c0), 0x0, 0x0, 0x0) close(r0) execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 5.554403188s ago: executing program 3 (id=5515): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000100)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@dioread_lock}, {@barrier}, {@bsdgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR") r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x3214, 0x240401) syz_usb_disconnect(r0) syz_usb_connect(0x6, 0x36, &(0x7f00000002c0)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x40085503, &(0x7f0000000100)=0xb) 2.228291701s ago: executing program 3 (id=5515): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000100)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@dioread_lock}, {@barrier}, {@bsdgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR") r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x3214, 0x240401) syz_usb_disconnect(r0) syz_usb_connect(0x6, 0x36, &(0x7f00000002c0)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x40085503, &(0x7f0000000100)=0xb) 1.421700171s ago: executing program 3 (id=5571): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x8, 0xdd5}, 0x0, 0x7, 0x10000, 0xd, 0x5, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000200)={0x2, 0x1, @multicast1}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x7000000) 1.421289731s ago: executing program 6 (id=5574): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=@newqdisc={0x45c, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xb, 0x0, 0xf, 0x8, 0x81, 0xb7}, {0xa8, 0x2, 0xc3, 0x5, 0x9, 0x3}, 0x8, 0x80000000, 0x1e2c}}, @TCA_TBF_RTAB={0xfffffffffffffec1, 0x2, [0x0, 0xa, 0x8, 0x6, 0x8, 0x201, 0x800084d, 0x5, 0x9, 0xe0dc, 0x92, 0xfffffffe, 0x6, 0x0, 0x7, 0x0, 0x94, 0x9, 0x7, 0x10, 0x8, 0x818f, 0x4, 0x8, 0x34, 0x6, 0x3, 0x5, 0xa4, 0xc, 0x8, 0x7fffffff, 0x8, 0x0, 0x3, 0x4, 0x7, 0x6, 0x1000, 0x6, 0x0, 0xf, 0x8001, 0x9, 0xa, 0x4, 0x2, 0x65, 0xbac, 0xc0, 0x80, 0x2cf6, 0x4, 0x49, 0x10, 0x8, 0x4, 0x4, 0x101, 0xffffffb0, 0x8, 0x862e, 0x9, 0x8, 0x1ff, 0x80000001, 0x4, 0x0, 0x190, 0x7fff, 0x6, 0x6000, 0x8000, 0x24, 0x5, 0x5, 0x65, 0xfffffff7, 0x8000, 0x2, 0x1, 0x5, 0x5, 0x8, 0x9, 0xdfc0, 0xd, 0x8, 0x0, 0x8000, 0xd3d, 0x6, 0xfffffffd, 0x400, 0x8, 0xe9f, 0xada3, 0x9, 0x8, 0x8000, 0x9, 0x6, 0x401, 0x5, 0x0, 0xffffffff, 0x8000, 0x4, 0x1000, 0xac3, 0x800, 0x0, 0x5, 0xfffffff8, 0x0, 0x5, 0x8, 0x3, 0x9, 0x400, 0xfffffff6, 0x56f, 0x28, 0x4935a2c4, 0x1, 0x5, 0xba03, 0xffff, 0xb06, 0x0, 0x4, 0x81, 0x1, 0x2, 0x9, 0xf814, 0x0, 0x3, 0x9, 0x10000, 0x94b4, 0x6, 0x80000001, 0x8000, 0x6, 0x9, 0x4, 0x3, 0xa, 0xf, 0x2, 0xfffffffa, 0xff, 0x90000000, 0x2, 0x4, 0x7, 0x8000, 0x2, 0x0, 0x6, 0x6, 0x0, 0x2, 0x86, 0x10001, 0x4, 0x8, 0x4, 0x2eaf, 0xffff, 0x8, 0x40000006, 0x7, 0x404, 0x5, 0x1000, 0x99, 0x7fff, 0x0, 0x9, 0x1ff, 0x7, 0x2206e57f, 0x3, 0x778, 0x9, 0x3552, 0x4, 0x1, 0xde00, 0x5, 0x80, 0x10, 0x3, 0xeb12, 0x7, 0x4, 0x200, 0xffffffff, 0x56f, 0x8, 0x7, 0x0, 0x3, 0x3, 0x101, 0x80000000, 0x5, 0x30, 0xffff8000, 0x7, 0x1, 0x0, 0x0, 0xffffffff, 0x3, 0x7, 0x1000, 0xfffff060, 0x5, 0x7, 0xb, 0x3, 0x9, 0x1, 0x8001, 0x3, 0x7ffffc01, 0x5b07707f, 0x7, 0x2, 0x3, 0x3, 0x0, 0x8, 0x0, 0x0, 0x4, 0x8000, 0x80000000, 0x4, 0x8, 0x8000, 0x52, 0x0, 0x3, 0x9, 0x0, 0x9, 0x5, 0x6, 0x5c, 0x1ff, 0x1, 0x2]}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x8004001}, 0x0) 1.22949091s ago: executing program 6 (id=5577): ioctl$BTRFS_IOC_SNAP_DESTROY(0xffffffffffffffff, 0x5000940f, &(0x7f0000001340)={{}, "ef76a246643a4aa43e73d0adc9d09860243e782ee13c72c0e1835171aa55ccc7e2be28a246c8be8ea57bf0c8693d6bfedd99986355a151cbc1eca6dc3f9b891256c8004d244062ce0763f7ad7b12d8b1ab6f60b3376eb2139c6f3d60181599030da6f8bbe4c055b5b68365ef6c657074be2a229a87509e3489025f159acbcb4f0060f138d19817f2c2bf8284afdd1f2dd8a33b806bb261ae7b8d1b9ed570254c93a984d740f6d689facd2c9007b93a5eabe81f015314d21f7e143a0778e0fb689db0ee657438f8a10dc40be3d90d000907cefe75b5142972e0f6e66e75736a1660f15ca8bb497f6dabb28a9c89f6c15a344ca9b4dce0daf976f780dbfba3a8c9581490b91559fd0858a398623482032658d80bc92f294e8e4263b0ea9c044d687e9c13c30de0c0ee0504dc3855819addbf341392ad192fc45ea4b7c12e3fd72b8bd5501c4b16ae821b3f7799d99aee82aa47c96c2fd0b203a0104e54765167ea7fac8b2e799cc8bb29dd39f34847d3207d22e820ada0cd49058046179d9de5da19ef6950d396a248caf9127827214ea471c0d03674418a983642ee9bb1e1be875271196d46bb4e916346f909573928ae31e38f23c573958e41000514c8361813681e4fe109f787d98261ba38ffe73082761702f304c4011a9ed8d68f4e159a44e5f3fe40e7c23c8059d5825374b2a41a7224571f122a12bdef6722dc9a057efdcbd66966807e54398f483948bdd4866aa97b0565f848806a3d13caaaa1be9799a379195b2bf00709a6bc4255b0b2512e3a743fdf60266596e079ea5fd6828b86190f9e002d1d2fc109f6669f3cb191bf5e64dd6e963b7693b9deb418077e1eddf84c8e2da77974f17770be18250eb18c29f8db6c6bec5da93f7b4ee348140eb5dfa6c42ee96c2f73c4f649b055099cc274b253bef12462633470d55213b133a46d710ef476d71091fc2eef69ad8a9369f7b32550dbf8cfeb00a1a7121ef13c3655299e74e31a294b11a7f0717a38aad63d8bb9d731a72c10dbe2765504cb3630e3684fd48b1bb7c3d9205d866d6e4273e721736af34870b70d747357c49aff37c3f7fc9815e8b40c8b1bf72a95d46429e6ead7bc7a539dd34eca4fb129b93d231b97e0799df0e98d2f48f7a3b8a2c79f68a2eecf6f5462e7ff8d2bb7c81bc8b220971cfa28e09410486a15745598ddbfd2c3c37be10817a6b98ad26142e57be9d3ee1df3c79343ce375240e89b0aa477b60315be57f507b754285a5a1c737730283cbbe84c2cdb63ad1bb3a464e3f1ceeaf238714818308d187bb777ef2c352898c4cf9fd5a0a77da3ab0aaeec0133ddec37dd3dc529dbb0a24b8366bb1574121582e19eeda3b4f8c83994ef59f212ba583d4a4c15b1642fcc58be8e0f5f12c3c6a6dc8c6dd4f0f609ee5a9e765270a7f1b39ec41616b3ee06c8bc0f672bf594e5008eba2642d9d4fe067dcb91ed48301a531ac10cab77f50d9030c060aee7cd4836cbe1b4022c1f3408034f99593bb33b1e8ae43d9e0b886606d846b953e6ad9267e3d691acd4bbbc82e19f6a6d363bd678b72e253b9e84786b47b079d396a8953c2944f93541a7eef3d39036c8502564d853153b47fe80e201fce2a733a448f0d05e41ae5effae73967d0b0c6ea1b1a4681b1c0eb1c2bbdc987b8a27f0690bdd88f3668f78da3a847e1bf42980ec938c763265da4b33615b57c4122d0bdf2c2a7a6485b6391a52216063a8746da19d0bf1ee4d8a4b4df373171ddd0467a7f1611d6c34b84525282515091498ac2287761965cdb1d0382567df406d50a9f7dd19ffa8149b26a7b01cf6326999fb95ed470a516ab3f52dda75a5199cbdce239e5ab8c8fedc36f7899cfd02aaf80a852558010dfd89e0120801ab5d081bd08a1e1c8af21600f461e5a9c48c45b4fbc7cecf06d1d61e0263e22f30d9a63a69a4f932d310cc17d947299f6f95dc85defd7c936df9a497960990713ea5fc4973ec6bbd4552f00624d52ec9daa4b5846fd20ceadf9fce961045ff3c9e4e4627d520c249c16244fca3c20a25f20cd02205af3ccea103d46ea61e94c557df5dd9a56ac082a969f9f91e1a6ab39c405f1cd28295304038bc7bbef16e7b7cbb7f1bec9ecadac7d93b7965aefa0f27bc82c0f53591e49a8fb54ce8d23da4dc8cf840cdd4ba4b45b93a6d594edbd0728e2d6f8487e414f63d6d3e76d74afba05ced7f0d0dab6f29a93f0e67eef5140a94728ecf887cdba504ddb04065c3e15b8c11090bce4bcb348e7bd179d61cf65c4ad35b8b787cd2ba4e082cb4e267ad65d3f471aa90accf5ec0f718f8d662e9adfc6a93829abf4d4d941d788ecf54b9d02ff58b6dab46b25f4eada6c4b53d98758d3e5685272789482a8f8f12ad3b34a1215e086b1d6573cdb5307a6bcb02811e3eb8b45d10f73a00ef887f9b273a756ca386a4b8ad4579f8e6fc0ab04d0c8798e7152529cacf99d5bfa441f79ffd6bb07ee793c11a72668f81e61a7b6d6405f988c8edbd9d4232f5e3e8ed3b218b938ab1e3722900131ad7001e2e272357bbbfd1b6792d6060317eaa9486a1baa9339584bb384eb0b25e797cf4a758c9f9aa5e48d15b21ab199c5e76348a5b5b620d31e798da36c0ea9948d9bc22d5698ad8ea6f24bd2c9244653002404b0a9e3efb37ca9a7d5269917b7acfea2ed464ff5ddfcf6cef0797d7b621c873ed45d24c07024ab939b720f478154b70536f176c52bb7a28ff10920348c05cd88eb9ccb7e9f67da80ee0a443b17c5f2b84f0f75600c1e7d559cf3aec6b45a4d333de4dfb335bc47822585643ca4bcd0662c6c4c7aa0b492864a13541b3729c7e921340bf4a2c94318811958815ebc6c6c9162568d71065035765cd0551055e17f75f7aa9035340af9d0e7fe7039539e08bb046467e9f5ad3e82265cfb51dac6fc44cbbe8ae9a1daa5be4ede30a9a78a3b2a10b6e4674f5a18dbae4e1f29735f8b398c7447566de63bdf9ec85e07599ef9a39566a89c9b4a88e10c8a48428fe26a5f5120e6765e3b0f291e6de891e6b709999e66fb08964391f05367d88b9e70d61051f609fbacc4e7afdb207015f60d6dbdb3be7569b74d988c133fc9a7df2fcb0b832f9c7dfcd8433ce5b5d38d63b2e5164d6c31333cad834875d76fe00848ce06758a4bbd3b55880e97b0a4a2b3dbccb094037a92fc658fbbc18a4915f684595311b7e97d900d4950fe7e8a0022043424851d834d86bebb7b0381fd03f7a56d876525a0af86e6e6f74ca41d30636d883c362fcc8420cf40cae06b9e8f31eb87bb3ebbcb32125ff8c9668dec79b1ab61f1259428095b042d426b386b9ca3fb99b529e771ec55b8862a72c4a70747e4f7320fdcc3efe2ecc215b3c1f7ac35d872bbbc5e9f43aac26d18f23e27c85462c4dc84ccece381b5ddd53f2185d34b2f2115343190534459c88cfb795f704ad8e662afecabfe88b287025164f657894eb32363d48193e344f0f48accc45733a15d119430be337038bb0c612c08e3a168638f0a3d2fadece482b9d18d8f0ceeab3614466b6838b40a56018c1322b139e2a029e554739f3e8ff0f1cb191b9dcd0bbb5ac9e6d3a110100e427132fa8fddaaffd0f003acfb1817acb5bf3e99b2f6bff46cfcd521bf2cec83da960358677da69b7d0bf95578cbb2e4d63f1d005b5fa807f407a95c7fd498aa0c1d71b516319adc95fd1a46f15c739536aaec871809008d0c1bb768784c8b2ee30ad7e50ce8c75afedca00207eadcbdba0423fb5b4a4e937710243894f0e9549375ed80029f40b7909b0fa69ebe37741ca36fcb2d5d865941dc1898dfad6d2576cb1aa2d2cfc60272d6f74309d4c48215cabf7c5fe682e2588a1c712cde6c25fd7ed31f54499e00ae428ab70c7e7f51c97a59cdffaaaaf201f60535b5f17ed4d621aa191d8db4bb980a5067050dabaa3121fc2928cea79063d85ace3aecc70c143194b0eacd88073e8a5664c079635ce40854c06e32b2c13d3d2146d998ab50128d1f1e920bb4b669f748826d14b4eb1b9b3ab61c434a573f80868c41ee4b6eb650782306dfb8fb29abe116fc7d1de9a88aa771e72a75bf51b38057dda017ee98b897f08ecd6697f221bc66ef6f33826b871808586a70f3912e992432c72ba7ae15a2a33d36d1f9c222db564af4e9a2bb11625741adf131dd34c3190192db89ef550efc7f28f74b73294e04ee983387a83b6211fab7c708024f9ae725e6a6da35d7b26ba228693e9ea729601bff4b75183ba6ab63c71e7a857b2f6e48c25c5490faf02d092edbc0363386588a1fc9fbd05f712a63f674276b84a64eefb784adfba62843a26771cb044869fea17fddbb96d0f5fbe49c2aa9ab7f3899d509246fce10014871d6a641db7a5cdf23ce1b5521a01c2c0d4d31d90cd55f7146677ab6673ebdfbeffef3644c840425bad1df4d39cf7c15f0028b03c5108f82370c8b606adb85274f821a56bf65507b7fe54ccd9dc7525af73eb1d394c7537b83cbe31e287eef8f75ff05fe0f8a7411ffe5bc01d6bb25fe02d54ec5f16b8f4b2ae39ef5c02cd68898dc8a973ef78bb47575280224dbec26f58fa5f3572a81c65179c7168270207f0ab212c5d4b25192c202a450ee69d30da5f0cbd04ec2dfbe50f543defb05cba93ab47eaf059511be1c804678f7f0c62d7a8f781d9c5ecc6605e74530c6eb0243ea39f8e6fe62c7a023a449aa78bb12783a2549da5510b986dd0da5db3a79e05a35829cc8ec26264518546afdea17de00e32cd8a837d0a012c09292f176dbb939b9c208c9d35d3c648ee201abe85357e6ba979f674ca7523f0271ddf37ede8056e38819c99e1b754ffbaa696f68bfabf36a02535793d0ac3a041b456f5abce5f456bbe52bcadd59b08038b70ea95334fbc2b056457e8606b5f04b5472525eee2ccdcbc06871e2827bc848cd478067aebda31e9bec4abf4f59648d53c0cacccc6ae45c1798151381712584fc329daa7878d97ba5a3e47de68469fdaa4266911d004487fa8e031a192ab34aa7fee05d5d0d573be65be3d8be1340e80a35ce06ed354661caeb36da53bb0e397eed7c390cfd0bb1320b369949fd86ca7e8f723b16c4a09363e8718e70d5761882be06d1255411440d12440b847f1764a8fbf8ea34d72fbeed0edbce393a229a9e7350e7f61d302de9644e79ac1c1c03800d5200a70a4e3c52a3afa695f3bee03d74c474ca74f30e31c538d6b54a59201a277f79f81dca00542ec1e0bfcff82f60670f76d8e3319884f1f12a5e9017faff1e3d675f24fac61492d972abb187df888e31de64ee3f58df8578f164c98843a93823058eee4fcd654b41ab2acf4eb15af1882d27c3a9a62fac6f688f153d189324b18d29fe67ef69a52e588fd66a25ff810d9c9f1fe5835dfbf99255440e4240681bb6d5e5e9d1d325436f8d339878fa3f01ba2de2b4fc652215c890b524c540016d9ca807bf1e7706bd882c0c003b1b6ce95538bcb56c73a2ab514cd1dac9e77db3c28a60088ff312b755b9a0ff6deda0ecbf07bf6697cc796da8343f2167cb555e533be0472914e7c71629cfc065adf8b86488d13f9806b7c4693d62f154cb77feb4df0ff78fd71deb6f2bddaeb42df43f5d7aeb3aa2b89c0f720380529b10e732c8b092b54a62584f3d8edd7219a6d771954e09bc9a2d613a2bb1be3365c3075cc235487649126da0fe416063e1b301f7cef8f8f09314f92bedd53eea8410b5ae7e118e7f9ec1fa89b9291f5df4174c87e678fcbebe24e82b351e8011be9851dffbb96cdbb5fbcfde7c0e2"}) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={0xffffffffffffffff}, 0x2, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x2, @empty, 0xffffffff}, {0xa, 0x4e20, 0x101, @remote, 0x7}, r1, 0x6}}, 0x48) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f00000000c0)={0xc, 0x8, 0xfa00, {&(0x7f00000025c0)}}, 0x10) 1.150089124s ago: executing program 6 (id=5580): sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x6c}, 0x1, 0x0, 0x0, 0x20000004}, 0x4) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x1, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10) sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0) 987.685662ms ago: executing program 7 (id=5586): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xa, 0x5, 0x2, 0x9, 0x0, 0x1, 0x10000}, 0x50) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000000c0)=@bpf_lsm={0x6, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0xc, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffff7}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000000), 0x9, r0}, 0x38) bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r1, r0}, 0xc) 982.379382ms ago: executing program 6 (id=5587): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'tunl0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x2, 0x4}}}]}, 0x3c}}, 0x4000010) sendmmsg$inet(r0, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0) 956.804024ms ago: executing program 7 (id=5588): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000004c0)='./file3\x00', 0x4002, &(0x7f0000001140)={[{@discard}, {@debug}, {@resgid}, {@stripe={'stripe', 0x3d, 0x1}}]}, 0x1, 0xbd2, &(0x7f0000000540)="$eJzs3N1rXGUaAPDnnEymaZvtpMuybPdmsyxLC8tOky4p27KwrVS88ULQW6EhnZSQ6QdJpCbNxUT/AVGvBW8EtShe2OveKHrrjba3ihdCkdgoiGjkzEeSNjNJ2s70hPb3g3fO+553Zp7nmcPMOS/MTABPrOHsJo04FBFnk4hSc38aEcV6byCi1rjfyvLixE/LixNJrK4+/30SSUTcWV6caD1X0tzubw4GIuKLp5L446ub487OL0yPV6uVmeb46NyFy0dn5xf+PXVh/HzlfOXi6PH/jh0bOz5yYqxrtf789anrP/79mW9rv7z367Uf3ngniVMx2JzbWEe3DMfw2muyUSEixrsdLCd9zXo21pkUtnlQ2uOkAADoKN1wDffnKEVfrF+8leKTL3NNDgAAAOiK1b6IVQAAAOAxl1j/AwAAwGOu9T2AO8uLE62W7zcSHq3bpyNiqFH/SrM1ZgpRq28Hoj8i9t1JYuPPWpPGwx7acER8c+vEh1mLHv0OeSu1pYj4S7vjn9TrH6r/intz/WlEjHQh/vA9423q7+tCyLs8TP2nuhD/PusHgK64cbpxItt8/kvXrn+izfmv0Obc9SDanP+6fo7fSuv6b2XT9d96/X0drv+e22GMq+++daXTXFb//64//UGrZfGz7bZPuu2frOzM7aWIvxba1Z+s1Z90qP/sDmOUfrtS6TT3wPV3yerbEYejff0tydb/T3R0cqpaGWncto2x9PnY+53i511/dvz3dai/9f9PnY7/5R3GePHMmY827by13t26/vS7YvJCvVds7nl5fG5uZjSimDy7ef+xrXNp3af1HFn9R/6x9fu/Xf3ZZ0Kt+Tpka4Gl5jYbv3JPzP9fu/pxp3xa6788j/+5Dsd/Y/2fFTYf/9d2GOOfn75+pNPcxvVv1rL4rbUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSkETEYSVpe66dpuRyxPyL+FPvS6qXZuX9NXnrp4rlsLmIo+tPJqWplJCJKjXGSjUfr/fXxsXvG/4mIgxHxZmlvfVyeuFQ9l3fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArNkfEYORpOWISCNipZSm5XLeWQEAAABddyDvBAAAAICeG8o7AQAAAKDnrP8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADosYN/u3EziYjayb31lik25/pzzQzotTTvBIDc9OWdAJCbQt4JALm5zzW+ywV4DCXbzA90nNnT9VwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2L0OH7pxM4mI2sm99ZYpNuf6c80M6LU07wSA3PR1mhiIiMKjzQV4tLzF4clljQ8k28wPrN+ndvfMnp7lBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDuM1hvSVqOiGJzX7kc8YeIGIr+ZHKqWhmJiAMR8VWpf082Hs05ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALpvdn5herxarcxknTSanbU9OuudpPGK1XZLPjoP2SnGrkhjl3by/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPs/ML0+PVamVmNu9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLzNzi9Mj1erlZkedvKuEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/PweAAD//1pFCiI=") bind$inet6(0xffffffffffffffff, 0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x100) fcntl$setlease(r0, 0x400, 0x0) 948.843054ms ago: executing program 3 (id=5589): getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x82, 0x0, &(0x7f0000001040)) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb010018030000000000007c0000007c00000002000000000000000000000e0000000000000000000000000600000d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000900000000000000000000000900000000000000000000000a02"], 0x0, 0x96}, 0x28) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1}, 0x28) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r1, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x8, 0x0, 0x8, 0x29, 0x0}}, 0x10) 887.171007ms ago: executing program 6 (id=5591): r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x4000000) mkdir(&(0x7f0000000280)='./file0\x00', 0x112) openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x418103, 0x4, 0xf}, 0x18) rmdir(&(0x7f00000000c0)='./file0\x00') 866.535868ms ago: executing program 3 (id=5593): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10400, &(0x7f0000000300), 0x0, 0x486, &(0x7f00000009c0)="$eJzs3M1vFOUfAPDvzLbl9+OtiIjKi1TR2PjS0oLKwYtGb5qY6AEvJrUtBFmooSURQrQag0dD4t14Mkb/Ak96MerJxKveDQlRYgJ60DUzO7NsS3ehZcsW9vNJpn2enWf3eb4788w8M8/uBtCzhrI/ScTGiPglIgbr2YUFhur/rlw6O/nXpbOTSdRqr/6e5OUuXzo7WRYtn7ehyAynEemHSVHJQrOnzxybaMqPzh1/e3T29Jknjx6fODJ9ZPrE+MGDB/aPPfP0+FMdiTOL6/KOd2d2JX2vn3958tD5N3/4qi8itu+ur2+O46akGxrJoSzwP2q5xcUe6Uhla8empnTS18WGsCyViMg2V3/e/wejElc33mC8+EFXGwesquzctK716vkacAdLotstALqjPNFn17/l0m68kHZ2+NF1F5+rXwBlcV8plvqavkas/atY/30RcWj+70+zJYrt8M/G5hJ32jsOAHTbN9n454mlxn9pbG8qt7mYQ9kSEXdFxNaIuDsitkXEPRF52XuL8cxy1KeGKo38tePP9MKKg7sB2fjv2WJua+H4rz7uqtVq/1aK3KY8/v7k8NHq9L7iPRmO/nVZfqxNHd++8PPHrdYNNY3/siWrvxwLFu240LfoBt3UxNxEpwalF9+P2NG3VPxJYyYgiYj7I2LH8l56c5k4+tgXu1oVun78bXRgnqn2WcSj9e0/H4viLyXt5ydH/xfV6X2j5V5xrR9/OvdKq/pvKv4OyLb/+oX7/6ISg38m5XxttTp9cnb5dZz79aOW15Qr3f8HktfyOeuB4rF3JubmTo5FDCQv5fkFj49ffW6ZL8tn8Q/vXbr/by2ek8W/MyKynXh3RDwQEXuKtj8YEQ9FxN428X///MNvrTz+1ZXFP7Xk8a+x/29ZuP2Xn6gc++7rVvXf2PY/kKeGi0fy4991tG5OVKezw/qK92YAAAC4/aQRsTGSdKSRTtORkfpn+LfF+rQ6Mzv3+OGZUyem6t8R2BL9aXmna7C4H5pdbY8l88Ur1u+Pjhf3isv7pfuL+8afVP6f50cmZ6pTXY4det2GFv0/81ul260DVp3va0HvWtz/feQUeofzP/Qu/R96l/4Pvaup/3956tzOPPFe/ndPY8WScwFtfjkEuD04/0Pv0v+hd+n/0Lv0f+hJN/O9/pUk1t2yugZuaVwdTHzevyaacb1EpO3KvBG3vGGxJt6WTieStj9msYqJbh+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuO/AAAA//9BP+7o") mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)='devpts\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005c48, 0x0) 778.797832ms ago: executing program 7 (id=5596): perf_event_open(&(0x7f0000000280)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x40008, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x100000001}, 0x61c4, 0x2, 0x800003, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x55430000) remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x0, 0x5, 0x20000) 736.332114ms ago: executing program 6 (id=5597): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x34, r2, 0x1, 0xff1f0000, 0x0, {0x2}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x34}}, 0x0) 617.0003ms ago: executing program 3 (id=5598): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'team_slave_1\x00', 0x0}) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x60, r2, 0x1, 0x70bd27, 0x25dfdc03, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r1}}}]}}]}, 0x60}, 0x1, 0x400000000000000}, 0x48090) 520.921135ms ago: executing program 5 (id=5599): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x2014, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000200)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f700000000000000000000000000000000000000000000000000000000000000060000000000000000050000000a004e200e8a34c38f36f0c7eb2700d609bcf41076d88144448ebe7994dd1b33d7c8787734cc315672f62261ceeede940774fd94d2767288cfb3a20882449d601ff878eedd3d57c9eb3a723b62102bd534c8a304a975d752e82cc8d5f969771c94a1d69cfd8694e29b9468fca5df65ece31ed7c209325604001fcd06adc3ac391f60a3523d6d0b4a8a"], 0x310) 456.659078ms ago: executing program 5 (id=5601): r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200)) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x7, 0x7}, 0x106200, 0x10004, 0x20da, 0x5, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect) ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, &(0x7f0000000000)=0x1) 301.278726ms ago: executing program 5 (id=5602): syz_mount_image$msdos(&(0x7f00000008c0), &(0x7f0000000000)='.\x02\x00', 0x4000, &(0x7f0000010300)=ANY=[@ANYBLOB="646973636172642c646f74732c646f74732c6e6f646f74732c636865636b3d7374726963742c646f74732c0080fcdc5c3dd34a5bee25f099008bade73ed878442a18112f260a6de8f9de23ca03128aff6e012a1d950f746fd8a192b6e048d4bcb62d5ee3a79d7ff9522014e3c0881f4cdda0cd5c0458cae665", @ANYRES8, @ANYBLOB="480739ec7f920fa6747a8d8b349973cf30a48915269c162dc20ae93cf8fbfa28624f375bdec0b1a8ea75b79c5d3d4d8ed5ac8a1508fb15b3ac020fccfcbbabba643c13fc7eac589762cbeb037eb9a48ae4fd4672bf3d1185e4693115a4b61ffece04ed4a690feb7ce885c8cec3623bb08fe74fd339982f378771670bc977462814b8835519212d0c4f23e8276671e88a5ac111f89af06d91333e6fe2cdf1e466adbd"], 0x1, 0x11f0, &(0x7f0000001b00)="$eJzs209rY1UYB+C3mdR2MrZT/43ObDzoRjcXZxauZlOkBZmAMjMRZgThDk01JCYhN4tkcDHgzpWfQ1y6E8Qv0G/hrgiim3FjpE1a2xq1BZtYfJ7NfcnvnNxz4CZwQt7d219+2twusu28H6WFhSh3FyM9TZGiFJdi7Em8+fnmL1/ce/Dwznq1unE3pc31+zffTimtvvrdh599/dr3/SsffLP67VLsrH20+9OtH3au7Vzf/e3+J40iNYrU7vRTnh51Ov38UauethpFM0vp/VY9L+qp0S7qvWP5dqvT7Q5T3t5aqXR79aJIeXuYmvVh6ndSvzdM+cd5o52yLEsrleCk0Wg0Ou3Y2ldP90b/Wjmcevl2Ja7Es7ESq3E11uK5eD5eiBfjpbgWL8crcf1M7w8AAAAAAAAAAAAAAAAAAACcxn7/f4xGi/HMfmf/5dD/DwAAAAAAAAAAAAAAAAAAALOm/x8AAAAAAAAAAAAAAAAAAADmT/8/AAAAAAAAAAAAAAAAAAAAzN+9Bw/vrFerG3dTWo748cmgNqiNr+N8893qxltp39ofs34eDGqXDvOb4zwdz5eiMslvTc2X443Xx/le9s571aN5KWo3Yuv8tw8AAAD/C1k6NPV8n2V/lY+rI78PnDjfl+NGedodlyfX0dXz2A9nUwwfN/NWq94rhosHxeN/uSjHaQcvTFZ1LstQXPBiafJ07L1yUP8nFnakKMc/jCn93fQpn8q5FbP/LmL2/vzsAQAAAAAAAAAAcBHM4u+EJ+9Zms9WAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5nB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwE4BAAD//z4uiDQ=") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = fspick(r0, &(0x7f00000000c0)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) 263.222117ms ago: executing program 9 (id=5604): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1, 0x17, &(0x7f00000004c0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x6, 0x20, &(0x7f0000000000)=""/32, 0x41000, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\b\x00'/20]) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$sock_timeval(r0, 0x1, 0x2, 0x0, 0x48) getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000005c0)=0x98) 217.31427ms ago: executing program 9 (id=5605): r0 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfec9}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x1c, 0x0, @fd_index=0x6, 0x0, 0x0, 0x0, {0x842a}}) io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f0000000040)={0xfffffffffffffdef, r0, 0x31, {0x5, 0x10001}, 0x6}, 0x1) 216.77751ms ago: executing program 5 (id=5606): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc80, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x44, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x12, r2, {0x0, 0xe}, {0xffff, 0xffff}, {0x2, 0xc}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_FWMARK={0x8, 0x12, 0xbdf}, @TCA_CAKE_SPLIT_GSO={0x8, 0x11, 0xfffffffc}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x800c051}, 0x44080) 205.20908ms ago: executing program 7 (id=5607): r0 = socket$kcm(0x2, 0x5, 0x84) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) setsockopt$sock_attach_bpf(r0, 0x84, 0x6e, &(0x7f0000000000)=r3, 0x10) 169.217862ms ago: executing program 9 (id=5608): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0xffffffff) r0 = inotify_init() inotify_add_watch(r0, &(0x7f00000000c0)='./file0\x00', 0xd2000424) mkdir(&(0x7f0000000480)='./bus\x00', 0x0) setxattr$system_posix_acl(&(0x7f0000000000)='./bus\x00', &(0x7f0000000080)='system.posix_acl_default\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100006000000000020"], 0x24, 0x0) 168.680962ms ago: executing program 7 (id=5609): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0xa8, 0x24, 0xf0b, 0x70bd2c, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x2, 0xc}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x78, 0x2, {{0x8, 0x1, 0x7fff, 0x2, 0xf, 0xfff}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0xa, 0xffff7fff, 0x8ff4, 0x8}}]}, @TCA_NETEM_REORDER={0xc, 0x3, {0x58, 0x2}}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x3, 0x6, 0x0, 0x1, 0x6, 0x8ef}}, @TCA_NETEM_ECN={0x8, 0x7, 0x1}]}}}]}, 0xa8}}, 0x4000010) 148.755983ms ago: executing program 5 (id=5610): r0 = syz_clone(0x80000400, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x4206, r0) tkill(r0, 0x12) ptrace(0x4208, r0) ptrace$getsig(0x4202, r0, 0x16, 0x0) 148.432933ms ago: executing program 9 (id=5611): syz_mount_image$ext4(&(0x7f0000000240)='ext2\x00', &(0x7f0000000f00)='./file1\x00', 0x800, &(0x7f0000000180), 0x1, 0x27e, &(0x7f0000000500)="$eJzs3T1oO2UcB/DfXZJ/34JWBRHFFxARLZS6CSLoolAQKSKCChURJ2mFanFrnFwcdFbp5FLEzeooLsVF6Fq1Q0UQsThYHHSIXC6RmCZaL82l/+TzgfTuubsnv0vJ97mH0lwCmFqLEfFYRFQiYikiahGRdB9wT/5YbDd35w7WI5rNZ35NWsfl7Vyn30JENCLi4YhqZ9/2/gsnvx89ef+7b9bu+3j/+bkSXlqld8PpyfFTZx89/c5nqw9tp+1t9fay+3Vcottv7LOxmkTcPIJiV0VSHfcZcBFrb336bRaSWyLi3lb+a5G2I/ve1rWvavHgh4P6vv/L4R1lnitw+ZrNWnYNbDSBqZO25sBJuhwR+XqaLi/nc/jvKvPpa5tbbyy9ulnZeKV71Chj+g6MSj3i+IkvZj5f6Mn/T5U8/8DkyvL/7Nre99n62bm/lAET6c58keV/6aWdB0L+YerIP0yG+QJ95B8mQr1gJ/mH613B7BbI/60/Hj5arBhwpVww/z+XeU5AOcz/YYLVOiuNvrvlH6bXhfPvX31h4nTy79IP06f7+g8ATJfmzLg/gQyMy7jHHwAAAAAAAAAAAAAAAAAA4LzduYP1ziMiKaXm1x9EnD4eEdXe+tH6YoO0tZxt/Zz/LckO+1uSd2u7Vqj+i3cPc/bD+2T0n76u9rRnuxs3/DDy+v/qm7tG87xv/7M58A6WOxsRjezglWr1/Psvab//irvpP/bXXh6ywP/Um+pHniuj6uDf4p97ZdQfbPUo4sts/FnpN/6kcVtr2X/8qXffYrmg1/8Y8gkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAozV8BAAD///BWbAI=") syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2268260, 0x0, 0x0, 0x0, &(0x7f00000007c0)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x820f8, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) open_by_handle_at(r0, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xc, 0xa}}, 0x0) 118.568655ms ago: executing program 7 (id=5612): socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = io_uring_setup(0x4822, &(0x7f0000000100)={0x0, 0x7437, 0x80}) close_range(r2, 0xffffffffffffffff, 0x0) sendmsg$tipc(r1, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20040018}, 0x0) recvmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0) 81.254277ms ago: executing program 5 (id=5613): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r1, 0x400448e3, &(0x7f0000000280)) 58.758488ms ago: executing program 9 (id=5614): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000280)={'vxcan1\x00', 0x0}) sendmsg$can_j1939(r0, &(0x7f00000004c0)={&(0x7f00000002c0)={0x1d, r2, 0x1, {0x1}}, 0x18, &(0x7f0000000400)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x4097) 0s ago: executing program 9 (id=5615): r0 = perf_event_open(&(0x7f0000000a00)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x650b9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0xe}, 0x8, 0x32, 0x43a1bd76, 0x7, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f000000b240)=ANY=[@ANYBLOB="140000002e00f10326bd7000fdffffff06"], 0x14}}, 0x4044080) kernel console output (not intermixed with test programs): pe=1400 audit(1773693766.763:1860): avc: denied { create } for pid=14430 comm="syz.8.4290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 193.184802][ T28] audit: type=1400 audit(1773693766.793:1861): avc: denied { connect } for pid=14434 comm="syz.6.4291" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 193.231816][ T28] audit: type=1400 audit(1773693766.803:1862): avc: denied { read } for pid=14436 comm="syz.6.4293" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 193.289455][ T28] audit: type=1400 audit(1773693766.803:1863): avc: denied { open } for pid=14436 comm="syz.6.4293" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 193.393649][ T28] audit: type=1400 audit(1773693766.823:1864): avc: denied { getopt } for pid=14436 comm="syz.6.4293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 193.498289][ T28] audit: type=1400 audit(1773693766.823:1865): avc: denied { ioctl } for pid=14436 comm="syz.6.4293" path="/dev/nvram" dev="devtmpfs" ino=98 ioctlcmd=0x7041 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 193.524280][ T28] audit: type=1400 audit(1773693766.993:1866): avc: denied { ioctl } for pid=14438 comm="syz.6.4294" path="socket:[40382]" dev="sockfs" ino=40382 ioctlcmd=0xf511 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 193.614855][ T28] audit: type=1400 audit(1773693767.003:1867): avc: denied { create } for pid=14449 comm="syz.9.4299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 193.688206][T14464] loop7: detected capacity change from 0 to 1024 [ 193.717527][T14464] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 193.758914][T12860] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.834957][T14481] loop9: detected capacity change from 0 to 128 [ 193.944632][T14488] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4314'. [ 193.972011][T14488] gtp0: entered promiscuous mode [ 193.977261][T14488] gtp0: entered allmulticast mode [ 194.213269][T14508] netlink: 63 bytes leftover after parsing attributes in process `syz.5.4323'. [ 194.450563][T14522] netlink: 212916 bytes leftover after parsing attributes in process `syz.5.4329'. [ 194.480922][T14520] SELinux: failed to load policy [ 194.665722][T14550] loop5: detected capacity change from 0 to 512 [ 194.691965][T14550] EXT4-fs: Ignoring removed oldalloc option [ 194.702144][T14550] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 194.733985][T14550] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.4340: iget: bad i_size value: 38620345925642 [ 194.770268][T14561] loop6: detected capacity change from 0 to 256 [ 194.794898][T14561] vfat: Unknown parameter '0xffffffffffffffffÿÿÿÿÿÿÿÿÿÿ18446744073709551615ÿÿÿÿÿÿÿÿ' [ 194.845681][T14550] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 194.845862][T14550] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4340: couldn't read orphan inode 15 (err -117) [ 194.855197][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 194.855213][ C1] EXT4-fs (loop5): initial error at time 1773693768: ext4_orphan_get:1391: inode 15 [ 194.855246][ C1] EXT4-fs (loop5): last error at time 1773693768: ext4_orphan_get:1391: inode 15 [ 194.904483][T14550] loop5: lost filesystem error report for type 5 error -117 [ 194.905149][T14550] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.017092][T14571] SELinux: Context system_u:object_r:ppp_device_t:s0 is not valid (left unmapped). [ 195.174710][T14558] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 195.199791][ T4531] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 195.225235][ T4531] EXT4-fs (loop5): This should not happen!! Data will be lost [ 195.225235][ T4531] [ 195.242026][ T4531] EXT4-fs (loop5): Total free blocks count 0 [ 195.248585][ T4531] EXT4-fs (loop5): Free/Dirty block details [ 195.255699][ T4531] EXT4-fs (loop5): free_blocks=0 [ 195.260931][ T4531] EXT4-fs (loop5): dirty_blocks=6823 [ 195.266611][ T4531] EXT4-fs (loop5): Block reservation details [ 195.272976][ T4531] EXT4-fs (loop5): i_reserved_data_blocks=6823 [ 195.324773][T14578] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4347'. [ 195.411521][ T4531] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28 [ 195.624186][T14595] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4355'. [ 195.786829][T14605] loop5: detected capacity change from 0 to 1024 [ 195.835404][T14605] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.867276][T14605] ext4 filesystem being mounted at /368/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 195.927722][T14614] loop7: detected capacity change from 0 to 128 [ 195.945332][T14605] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4359: bg 0: block 112: padding at end of block bitmap is not set [ 196.005880][T14605] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 7 with max blocks 1 with error 28 [ 196.020179][T14616] netlink: 'syz.7.4363': attribute type 5 has an invalid length. [ 196.048355][T14605] EXT4-fs (loop5): This should not happen!! Data will be lost [ 196.048355][T14605] [ 196.073136][T14605] EXT4-fs (loop5): Total free blocks count 0 [ 196.088000][T14605] EXT4-fs (loop5): Free/Dirty block details [ 196.101544][T14605] EXT4-fs (loop5): free_blocks=0 [ 196.114350][T14605] EXT4-fs (loop5): dirty_blocks=0 [ 196.133079][T14605] EXT4-fs (loop5): Block reservation details [ 196.144669][T14605] EXT4-fs (loop5): i_reserved_data_blocks=0 [ 196.217480][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 196.264037][T14621] netlink: 212916 bytes leftover after parsing attributes in process `syz.8.4365'. [ 196.414438][T14629] tipc: Enabled bearer , priority 10 [ 196.473959][T14634] netlink: 63 bytes leftover after parsing attributes in process `syz.7.4370'. [ 196.531676][T14639] netlink: 2 bytes leftover after parsing attributes in process `syz.5.4372'. [ 196.577382][T14639] netlink: 2 bytes leftover after parsing attributes in process `syz.5.4372'. [ 196.945434][T14681] loop6: detected capacity change from 0 to 512 [ 196.960063][T14681] EXT4-fs: Ignoring removed oldalloc option [ 196.977038][T14681] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 196.996402][T14685] xt_hashlimit: size too large, truncated to 1048576 [ 197.021434][T14681] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.4390: iget: bad i_size value: 38620345925642 [ 197.076920][T14681] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 197.084542][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 197.093679][T14681] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.4390: couldn't read orphan inode 15 (err -117) [ 197.100126][ C1] EXT4-fs (loop6): initial error at time 1773693770: ext4_orphan_get:1391: inode 15 [ 197.121332][ C1] EXT4-fs (loop6): last error at time 1773693770: ext4_orphan_get:1391: inode 15 [ 197.139331][T14681] loop6: lost filesystem error report for type 5 error -117 [ 197.139874][T14681] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 197.301943][T14697] sctp: [Deprecated]: syz.7.4395 (pid 14697) Use of int in max_burst socket option deprecated. [ 197.301943][T14697] Use struct sctp_assoc_value instead [ 197.413721][ T23] tipc: Node number set to 4280614912 [ 197.850118][ T28] kauditd_printk_skb: 19 callbacks suppressed [ 197.850132][ T28] audit: type=1400 audit(1773693771.463:1887): avc: denied { read } for pid=14720 comm="syz.8.4405" name="usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 197.891022][ T28] audit: type=1400 audit(1773693771.503:1888): avc: denied { open } for pid=14720 comm="syz.8.4405" path="/dev/usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 197.944552][ T28] audit: type=1400 audit(1773693771.553:1889): avc: denied { ioctl } for pid=14720 comm="syz.8.4405" path="/dev/usbmon7" dev="devtmpfs" ino=163 ioctlcmd=0x9203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 198.010015][ T28] audit: type=1400 audit(1773693771.623:1890): avc: denied { append } for pid=14720 comm="syz.8.4405" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 198.036456][ T28] audit: type=1400 audit(1773693771.623:1891): avc: denied { listen } for pid=14730 comm="syz.7.4408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 198.060260][T14733] can0: slcan on ptm0. [ 198.075076][ T28] audit: type=1400 audit(1773693771.623:1892): avc: denied { accept } for pid=14730 comm="syz.7.4408" lport=53584 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 198.536439][ T4531] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm kworker/u8:14: bg 0: block 5: invalid block bitmap [ 198.566583][ T4531] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 198.592557][ T4531] EXT4-fs (loop6): This should not happen!! Data will be lost [ 198.592557][ T4531] [ 198.617307][ T4531] EXT4-fs (loop6): Total free blocks count 0 [ 198.630413][ T4531] EXT4-fs (loop6): Free/Dirty block details [ 198.637604][ T4531] EXT4-fs (loop6): free_blocks=0 [ 198.645723][ T4531] EXT4-fs (loop6): dirty_blocks=13568 [ 198.651235][ T4531] EXT4-fs (loop6): Block reservation details [ 198.657522][ T4531] EXT4-fs (loop6): i_reserved_data_blocks=13568 [ 198.674433][ T4524] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28 [ 200.804703][T14727] can0 (unregistered): slcan off ptm0. [ 200.926780][T14777] batadv_slave_1: entered promiscuous mode [ 200.974957][T14776] batadv_slave_1: left promiscuous mode [ 201.125221][T14803] xt_hashlimit: size too large, truncated to 1048576 [ 201.176343][ T28] audit: type=1400 audit(1773693774.793:1893): avc: denied { mount } for pid=14807 comm="syz.9.4428" name="/" dev="ramfs" ino=41503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 201.252196][T14818] __nla_validate_parse: 2 callbacks suppressed [ 201.252212][T14818] netlink: 68 bytes leftover after parsing attributes in process `syz.6.4430'. [ 201.262535][ T28] audit: type=1400 audit(1773693774.833:1894): avc: denied { create } for pid=14807 comm="syz.9.4428" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=chr_file permissive=1 [ 201.342840][ T28] audit: type=1400 audit(1773693774.953:1895): avc: denied { append } for pid=14823 comm="syz.7.4432" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 201.434552][ T28] audit: type=1400 audit(1773693774.953:1896): avc: denied { open } for pid=14823 comm="syz.7.4432" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 201.585650][T14845] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4438'. [ 201.606690][T14845] chnl_net:caif_netlink_parms(): no params data found [ 201.725255][T14860] syzkaller1: entered promiscuous mode [ 201.730803][T14860] syzkaller1: entered allmulticast mode [ 201.923106][T14886] loop7: detected capacity change from 0 to 764 [ 201.953236][T14886] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 202.003911][T14893] loop5: detected capacity change from 0 to 1024 [ 202.055805][T14893] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 202.071940][T14893] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 202.099107][T14893] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4451: bg 0: block 112: padding at end of block bitmap is not set [ 202.114341][T14893] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 117 [ 202.129567][T14893] EXT4-fs (loop5): This should not happen!! Data will be lost [ 202.129567][T14893] [ 202.153043][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 202.387998][T14930] io-wq is not configured for unbound workers [ 202.478805][T14937] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4463'. [ 202.497995][T14937] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4463'. [ 202.520450][T14937] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4463'. [ 202.531870][T14937] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4463'. [ 202.598673][T14952] loop5: detected capacity change from 0 to 256 [ 202.825411][T14971] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4477'. [ 202.857261][T14971] vlan2: entered allmulticast mode [ 202.862402][T14971] bridge_slave_0: entered allmulticast mode [ 202.883588][T14971] bridge0: port 1(vlan2) entered blocking state [ 202.903852][ T28] kauditd_printk_skb: 10 callbacks suppressed [ 202.903870][ T28] audit: type=1400 audit(1773693776.513:1907): avc: denied { create } for pid=14973 comm="syz.7.4479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 202.916312][T14971] bridge0: port 1(vlan2) entered disabled state [ 202.956536][ T28] audit: type=1400 audit(1773693776.553:1908): avc: denied { connect } for pid=14973 comm="syz.7.4479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 202.959283][T14971] vlan2: entered promiscuous mode [ 203.012379][T14971] bridge_slave_0: entered promiscuous mode [ 203.198478][ T28] audit: type=1326 audit(1773693776.813:1909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14992 comm="syz.5.4486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2eaed6c799 code=0x7ffc0000 [ 203.228339][ T28] audit: type=1326 audit(1773693776.843:1910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14992 comm="syz.5.4486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f2eaed6c799 code=0x7ffc0000 [ 203.253115][ T28] audit: type=1326 audit(1773693776.843:1911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14992 comm="syz.5.4486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2eaed6c799 code=0x7ffc0000 [ 203.279360][ T28] audit: type=1326 audit(1773693776.843:1912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14992 comm="syz.5.4486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2eaed6c799 code=0x7ffc0000 [ 203.363932][ T28] audit: type=1400 audit(1773693776.903:1913): avc: denied { create } for pid=14996 comm="syz.6.4488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 203.490788][T15017] loop5: detected capacity change from 0 to 512 [ 203.522012][ T28] audit: type=1400 audit(1773693776.903:1914): avc: denied { sys_admin } for pid=14996 comm="syz.6.4488" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 203.557113][ T28] audit: type=1400 audit(1773693777.053:1915): avc: denied { shutdown } for pid=15010 comm="syz.5.4494" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 203.577874][T15017] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #3: comm syz.5.4497: corrupted inode contents [ 203.589910][T15017] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 203.589989][ T28] audit: type=1400 audit(1773693777.053:1916): avc: denied { read } for pid=15010 comm="syz.5.4494" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 203.590076][T15017] EXT4-fs error (device loop5): ext4_dirty_inode:6450: inode #3: comm syz.5.4497: mark_inode_dirty error [ 203.599159][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 203.599187][ C0] EXT4-fs (loop5): initial error at time 1773693777: ext4_do_update_inode:5569: inode 3 [ 203.599235][ C0] EXT4-fs (loop5): last error at time 1773693777: ext4_do_update_inode:5569: inode 3 [ 203.655746][T15017] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 203.657358][T15017] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #3: comm syz.5.4497: corrupted inode contents [ 203.687655][T15017] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 203.687896][T15017] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #3: comm syz.5.4497: mark_inode_dirty error [ 203.743871][T15017] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 203.744265][T15017] EXT4-fs error (device loop5): ext4_acquire_dquot:7001: comm syz.5.4497: Failed to acquire dquot type 0 [ 203.765945][T15017] loop5: lost filesystem error report for type 5 error -117 [ 203.766397][T15017] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.4497: corrupted inode contents [ 203.793189][T15017] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 203.793465][T15017] EXT4-fs error (device loop5): ext4_dirty_inode:6450: inode #16: comm syz.5.4497: mark_inode_dirty error [ 203.818815][T15017] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 203.819030][T15017] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.4497: corrupted inode contents [ 203.842929][T15017] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 203.843154][T15017] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #16: comm syz.5.4497: mark_inode_dirty error [ 203.864462][T15017] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 203.864653][T15017] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.4497: corrupted inode contents [ 203.907127][T15054] pim6reg1: entered promiscuous mode [ 203.912534][T15054] pim6reg1: entered allmulticast mode [ 203.934485][T15017] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 203.934624][T15017] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem [ 203.963952][T15062] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4506'. [ 203.973074][T15062] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4506'. [ 203.999682][T15017] loop5: lost filesystem error report for type 5 error -117 [ 203.999838][T15017] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.4497: corrupted inode contents [ 204.022843][T15062] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4506'. [ 204.022846][ T4521] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 204.063701][ T4521] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 204.080262][T15017] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 204.080559][T15017] EXT4-fs error (device loop5): ext4_truncate:4587: inode #16: comm syz.5.4497: mark_inode_dirty error [ 204.097940][T15068] loop9: detected capacity change from 0 to 8192 [ 204.102621][T15017] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem [ 204.116070][ T4521] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 204.124532][T15017] loop5: lost filesystem error report for type 5 error -117 [ 204.125957][T15017] EXT4-fs (loop5): 1 truncate cleaned up [ 204.144043][ T4521] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 204.147675][T15068] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 204.165247][T15017] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.196386][T15017] ext4 filesystem being mounted at /397/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 204.200368][T15068] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 204.231690][T15068] FAT-fs (loop9): Filesystem has been set read-only [ 204.238496][T15068] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 204.255189][T15068] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 204.265353][T15068] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 204.305109][T15068] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 204.324506][T15068] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 204.344059][T15068] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 204.365175][T15068] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 204.394433][T15068] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 204.403401][T15090] loop8: detected capacity change from 0 to 764 [ 204.410234][T15068] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 204.424732][T15090] iso9660: Unknown parameter 'cmdline' [ 204.442368][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.540258][T15094] loop5: detected capacity change from 0 to 2048 [ 204.566873][T15094] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.692223][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.019869][T15115] loop9: detected capacity change from 0 to 512 [ 205.068291][T15115] EXT4-fs (loop9): 1 truncate cleaned up [ 205.093957][T15115] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 205.284933][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.346020][ T3412] IPVS: starting estimator thread 0... [ 205.397033][T15139] loop9: detected capacity change from 0 to 128 [ 205.425069][T15139] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 205.444562][T15135] IPVS: using max 2544 ests per chain, 127200 per kthread [ 205.488407][T15139] FAT-fs (loop9): error, clusters badly computed (5 != 1) [ 205.510621][T15139] FAT-fs (loop9): Filesystem has been set read-only [ 205.578979][T15149] loop9: detected capacity change from 0 to 128 [ 205.650721][T15149] FAT-fs (loop9): error, fat_get_cluster: invalid cluster chain (i_pos 52) [ 205.683287][T15149] FAT-fs (loop9): Filesystem has been set read-only [ 205.788979][T15161] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 205.856734][T15161] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 205.877329][T15169] serio: Serial port ttyS3 [ 205.947795][T15161] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.4542: bg 0: block 112: padding at end of block bitmap is not set [ 205.996938][T15161] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 117 [ 206.029745][T15161] EXT4-fs (loop9): This should not happen!! Data will be lost [ 206.029745][T15161] [ 206.103295][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 206.151504][T15189] EXT4-fs (loop5): filesystem is read-only [ 206.176786][T15189] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors [ 206.208602][T15192] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 206.221356][T15189] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (11891!=20869) [ 206.241495][T15189] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 206.289873][T15189] EXT4-fs error (device loop5): ext4_get_journal_inode:5863: comm syz.5.4554: inode #1: comm syz.5.4554: iget: illegal inode # [ 206.307785][T15189] loop5: lost filesystem error report for type 5 error -117 [ 206.314476][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 206.324820][T15189] EXT4-fs (loop5): no journal found [ 206.328328][ C0] EXT4-fs (loop5): initial error at time 1773693779: ext4_get_journal_inode:5863 [ 206.333608][T15189] EXT4-fs (loop5): can't get journal size [ 206.342620][ C0] EXT4-fs (loop5): last error at time 1773693779: ext4_get_journal_inode:5863 [ 206.374235][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.394975][T15189] EXT4-fs error (device loop5): __ext4_fill_super:5563: inode #2: comm syz.5.4554: iget: special inode unallocated [ 206.424745][T15209] __nla_validate_parse: 2 callbacks suppressed [ 206.424760][T15209] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4561'. [ 206.440398][T15189] EXT4-fs (loop5): get root inode failed [ 206.459390][T15189] EXT4-fs (loop5): mount failed [ 206.557564][T15189] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 206.586116][T15189] ext4 filesystem being mounted at /410/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 206.614960][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 206.758210][T15228] netlink: 'syz.5.4569': attribute type 3 has an invalid length. [ 206.766213][T15228] netlink: 13435 bytes leftover after parsing attributes in process `syz.5.4569'. [ 207.008048][ T40] Bluetooth: hci0: Frame reassembly failed (-84) [ 207.041962][T15255] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4581'. [ 207.147596][T15262] set_capacity_and_notify: 5 callbacks suppressed [ 207.147613][T15262] loop8: detected capacity change from 0 to 512 [ 207.188967][T15262] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.201809][T15262] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 207.227224][T13051] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.276699][T15267] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4585'. [ 207.300275][T15267] loop8: detected capacity change from 0 to 512 [ 207.308245][T15267] EXT4-fs: Ignoring removed mblk_io_submit option [ 207.325498][T15267] EXT4-fs: inline encryption not supported [ 207.337261][T15267] EXT4-fs: test_dummy_encryption option not supported [ 207.345799][T15267] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4585'. [ 207.387531][T15269] loop8: detected capacity change from 0 to 2048 [ 207.408660][T15269] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.439450][T13051] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.697850][T15283] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 207.704308][T15292] netlink: 104 bytes leftover after parsing attributes in process `syz.6.4596'. [ 207.785747][T15299] loop6: detected capacity change from 0 to 1024 [ 207.796635][T15297] loop9: detected capacity change from 0 to 1764 [ 207.812979][T15297] iso9660: Unknown parameter 'ÿ' [ 207.827192][T15299] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.926795][T10709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 208.051391][T15311] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 208.328474][T15332] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4613'. [ 208.343815][T15332] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4613'. [ 208.453342][T15346] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4619'. [ 208.613379][T15354] program syz.7.4622 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 208.729068][T15364] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4627'. [ 208.756439][T15366] loop7: detected capacity change from 0 to 1024 [ 208.767027][T15366] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 208.813398][T12860] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.084491][ T43] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 209.090677][ T6608] Bluetooth: hci0: command 0x1003 tx timeout [ 209.228893][ T3412] IPVS: starting estimator thread 0... [ 209.237644][T15391] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 209.292556][T15403] loop6: detected capacity change from 0 to 512 [ 209.300318][T15403] EXT4-fs: Ignoring removed mblk_io_submit option [ 209.311153][T15403] EXT4-fs: inline encryption not supported [ 209.318246][T15403] EXT4-fs: test_dummy_encryption option not supported [ 209.344469][T15398] IPVS: using max 2400 ests per chain, 120000 per kthread [ 209.374195][T15411] sctp: [Deprecated]: syz.6.4646 (pid 15411) Use of struct sctp_assoc_value in delayed_ack socket option. [ 209.374195][T15411] Use struct sctp_sack_info instead [ 209.418634][T15413] loop8: detected capacity change from 0 to 8192 [ 209.441028][T15413] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 209.607801][ T23] kernel write not supported for file bpf-prog (pid: 23 comm: kworker/1:0) [ 209.754130][T15439] loop8: detected capacity change from 0 to 4096 [ 209.789882][T15439] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 209.812348][T15439] EXT4-fs (loop8): shut down requested (1) [ 209.819389][T15439] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop8 ino=15 [ 209.828517][T15439] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop8 ino=15 [ 209.860485][T13051] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.918717][T15450] loop9: detected capacity change from 0 to 2048 [ 209.975378][T15450] loop9: p2 < > p4 [ 209.979734][T15456] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.4665: invalid indirect mapped block 4294967295 (level 1) [ 209.983046][T15450] loop9: p4 size 262144 extends beyond EOD, [ 209.993930][T15456] fserror_report: 2 callbacks suppressed [ 209.993944][T15456] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 209.995522][T15450] truncated [ 210.004412][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 210.006329][T15456] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.4665: invalid indirect mapped block 4294967295 (level 1) [ 210.014941][ C0] EXT4-fs (loop6): initial error at time 1773693783: ext4_free_branches:1023 [ 210.034417][T15456] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 210.038299][ C0] : inode 11 [ 210.059502][ C0] EXT4-fs (loop6): last error at time 1773693783: ext4_free_branches:1023: inode 11 [ 210.065224][ T28] kauditd_printk_skb: 35 callbacks suppressed [ 210.065302][ T28] audit: type=1400 audit(1773693783.673:1950): avc: denied { write } for pid=15448 comm="syz.9.4662" name="loop9p2" dev="devtmpfs" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 210.099215][T15456] EXT4-fs (loop6): 2 truncates cleaned up [ 210.121916][ T28] audit: type=1400 audit(1773693783.673:1951): avc: denied { open } for pid=15448 comm="syz.9.4662" path="/dev/loop9p2" dev="devtmpfs" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 210.127379][T15456] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 210.169553][T12904] udevd[12904]: inotify_add_watch(7, /dev/loop9p4, 10) failed: No such file or directory [ 210.209188][T12904] udevd[12904]: inotify_add_watch(7, /dev/loop9p4, 10) failed: No such file or directory [ 210.220641][T12902] udevd[12902]: inotify_add_watch(7, /dev/loop9p2, 10) failed: No such file or directory [ 210.301146][ T28] audit: type=1400 audit(1773693783.913:1952): avc: denied { ioctl } for pid=15466 comm="syz.7.4669" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 210.397663][T15456] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 210.416264][ T28] audit: type=1400 audit(1773693784.033:1953): avc: denied { ioctl } for pid=15472 comm="syz.9.4672" path="socket:[42802]" dev="sockfs" ino=42802 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 210.482989][T10709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.629605][ T28] audit: type=1400 audit(1773693784.243:1954): avc: denied { write } for pid=15489 comm="syz.7.4679" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1 [ 210.789757][ T28] audit: type=1326 audit(1773693784.393:1955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15451 comm="syz.8.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0c219c799 code=0x7fc00000 [ 211.527497][T15532] EXT4-fs: inline encryption not supported [ 211.548362][T15524] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 211.564003][T15532] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 211.566335][T15524] EXT4-fs (loop6): shut down requested (1) [ 211.597417][T15524] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=15 [ 211.608349][T15532] EXT4-fs error (device loop9): ext4_free_blocks:6724: comm syz.9.4698: Freeing blocks not in datazone - block = 0, count = 4096 [ 211.609127][T15524] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=15 [ 211.631063][T15532] loop9: lost filesystem error report for type 5 error -117 [ 211.631172][T15532] EXT4-fs (loop9): Remounting filesystem read-only [ 211.638570][ C0] EXT4-fs (loop9): error count since last fsck: 1 [ 211.638593][ C0] EXT4-fs (loop9): initial error at time 1773693785: ext4_free_blocks:6724 [ 211.638618][ C0] EXT4-fs (loop9): last error at time 1773693785: ext4_free_blocks:6724 [ 211.670740][T15532] EXT4-fs (loop9): 1 orphan inode deleted [ 211.677871][T15532] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 211.690875][T10709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.700001][ T1726] EXT4-fs (loop9): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 211.711052][ T1726] Quota error (device loop9): write_blk: dquota write failed [ 211.718938][ T1726] Quota error (device loop9): remove_free_dqentry: Can't write block (2) with free entries [ 211.723270][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.729256][ T1726] EXT4-fs (loop9): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 211.748510][ T1726] Quota error (device loop9): write_blk: dquota write failed [ 211.756208][ T1726] Quota error (device loop9): free_dqentry: Can't move quota data block (2) to free list [ 211.766382][ T1726] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started [ 211.850490][T15546] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 211.877318][T15550] EXT4-fs: Ignoring removed oldalloc option [ 211.902703][T15546] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 211.914059][T15550] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.4706: invalid indirect mapped block 4294967295 (level 1) [ 211.926994][T15554] syz.8.4707: attempt to access beyond end of device [ 211.926994][T15554] loop8: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 211.951764][T15554] Buffer I/O error on dev loop8, logical block 57847, async page read [ 211.964499][T15550] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 211.973644][T15550] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.4706: invalid indirect mapped block 4294967295 (level 1) [ 211.974443][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 211.991745][T15550] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 211.996904][ C0] EXT4-fs (loop6): initial error at time 1773693785: ext4_free_branches:1023: inode 11 [ 212.004506][T15554] syz.8.4707: attempt to access beyond end of device [ 212.004506][T15554] loop8: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 212.012474][ C0] [ 212.012484][ C0] EXT4-fs (loop6): last error at time 1773693785: ext4_free_branches:1023 [ 212.026714][T15550] EXT4-fs (loop6): 2 truncates cleaned up [ 212.036025][ C0] : inode 11 [ 212.059152][T15554] Buffer I/O error on dev loop8, logical block 57847, async page read [ 212.074819][T15554] FAT-fs (loop8): error, invalid access to FAT (entry 0x0000e1b1) [ 212.079772][T15550] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 212.082756][T15554] FAT-fs (loop8): Filesystem has been set read-only [ 212.102409][T15554] FAT-fs (loop8): error, invalid access to FAT (entry 0x0000e1b1) [ 212.126107][T10709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.224776][T15571] __nla_validate_parse: 6 callbacks suppressed [ 212.224791][T15571] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4715'. [ 212.348298][T15583] set_capacity_and_notify: 5 callbacks suppressed [ 212.348316][T15583] loop9: detected capacity change from 0 to 512 [ 212.413372][T15583] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #11: comm syz.9.4721: invalid indirect mapped block 4294967295 (level 1) [ 212.445045][T15595] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4725'. [ 212.464209][T15583] loop9: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 212.464357][T15583] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #11: comm syz.9.4721: invalid indirect mapped block 4294967295 (level 1) [ 212.464409][ C1] EXT4-fs (loop9): error count since last fsck: 1 [ 212.494013][ C1] EXT4-fs (loop9): initial error at time 1773693786: ext4_free_branches:1023: inode 11 [ 212.503685][ C1] EXT4-fs (loop9): last error at time 1773693786: ext4_free_branches:1023: inode 11 [ 212.541622][T15595] team0: Port device team_slave_0 removed [ 212.594816][T15583] loop9: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 212.595083][T15583] EXT4-fs (loop9): 2 truncates cleaned up [ 212.623510][T15583] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 212.653486][T15583] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 212.672864][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.737471][T15607] loop5: detected capacity change from 0 to 256 [ 212.881512][T15619] loop5: detected capacity change from 0 to 1024 [ 212.905800][T15619] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 212.946110][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.016574][T15634] loop7: detected capacity change from 0 to 1024 [ 213.025022][T15634] EXT4-fs: inline encryption not supported [ 213.040493][T15634] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 213.059596][T15634] EXT4-fs error (device loop7): ext4_free_blocks:6724: comm syz.7.4740: Freeing blocks not in datazone - block = 0, count = 4096 [ 213.073223][T15634] loop7: lost filesystem error report for type 5 error -117 [ 213.073322][T15634] EXT4-fs (loop7): Remounting filesystem read-only [ 213.080707][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 213.080724][ C0] EXT4-fs (loop7): initial error at time 1773693786: ext4_free_blocks:6724 [ 213.080746][ C0] EXT4-fs (loop7): last error at time 1773693786: ext4_free_blocks:6724 [ 213.112997][T15634] EXT4-fs (loop7): 1 orphan inode deleted [ 213.119332][T15634] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 213.144899][ T4524] EXT4-fs (loop7): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 213.156103][ T4524] EXT4-fs (loop7): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 213.156411][T12860] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.182140][ T4524] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started [ 213.855301][T15668] vlan2: entered allmulticast mode [ 213.888423][T15668] bridge0: entered allmulticast mode [ 213.901130][T15668] bridge0: port 3(vlan2) entered blocking state [ 213.917497][T15668] bridge0: port 3(vlan2) entered disabled state [ 214.107838][T15681] netlink: 792 bytes leftover after parsing attributes in process `syz.9.4759'. [ 214.140830][T15681] netlink: 792 bytes leftover after parsing attributes in process `syz.9.4759'. [ 214.150320][T15681] netlink: 20 bytes leftover after parsing attributes in process `syz.9.4759'. [ 214.496489][T15718] loop5: detected capacity change from 0 to 512 [ 214.508341][T15718] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 214.520248][T15718] EXT4-fs (loop5): 1 truncate cleaned up [ 214.527351][T15718] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.601726][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.741393][T15739] loop7: detected capacity change from 0 to 512 [ 215.138867][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 215.138884][ T28] audit: type=1400 audit(1773693788.753:1975): avc: denied { read } for pid=15780 comm="syz.8.4797" lport=53545 faddr=::ffff:10.1.1.0 fport=20002 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 215.237038][T15799] loop6: detected capacity change from 0 to 8192 [ 215.260240][T15799] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 215.273253][T15799] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 215.282637][T15799] FAT-fs (loop6): Filesystem has been set read-only [ 215.290408][T15799] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 215.301274][T15799] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 215.311359][T15799] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 215.320330][T15799] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 215.329619][T15799] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 215.338667][T15799] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 215.347999][T15799] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 215.367069][T15799] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 215.379490][T15799] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 215.590822][T15848] loop9: detected capacity change from 0 to 164 [ 215.611438][T15848] ISOFS: Bad logical zone size 2816 [ 215.848061][T15855] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4798'. [ 216.056005][T15875] loop5: detected capacity change from 0 to 1024 [ 216.086212][T15875] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 216.123439][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.822610][T15882] loop9: detected capacity change from 0 to 256 [ 216.851213][T15882] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 216.932803][T15893] FAT-fs (loop9): error, corrupted file size (i_pos 196, 16779008) [ 216.961004][T15893] FAT-fs (loop9): Filesystem has been set read-only [ 216.989351][T15893] FAT-fs (loop9): error, corrupted file size (i_pos 196, 16779008) [ 217.258337][ T28] audit: type=1326 audit(1773693790.873:1976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15906 comm="syz.9.4822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 217.328572][ T28] audit: type=1326 audit(1773693790.873:1977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15906 comm="syz.9.4822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 217.366499][ T28] audit: type=1326 audit(1773693790.893:1978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15906 comm="syz.9.4822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 217.391291][ T28] audit: type=1326 audit(1773693790.893:1979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15906 comm="syz.9.4822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 217.415515][ T28] audit: type=1326 audit(1773693790.903:1980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15906 comm="syz.9.4822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 217.449080][ T28] audit: type=1326 audit(1773693790.903:1981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15906 comm="syz.9.4822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 217.475343][ T28] audit: type=1326 audit(1773693790.903:1982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15906 comm="syz.9.4822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 217.500099][ T28] audit: type=1326 audit(1773693790.903:1983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15906 comm="syz.9.4822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 217.527129][ T28] audit: type=1326 audit(1773693790.903:1984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15906 comm="syz.9.4822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 217.842828][T15938] set_capacity_and_notify: 2 callbacks suppressed [ 217.842846][T15938] loop7: detected capacity change from 0 to 8192 [ 217.879314][T15938] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 217.902635][T15938] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 217.912185][T15938] FAT-fs (loop7): Filesystem has been set read-only [ 217.946080][T15944] loop5: detected capacity change from 0 to 512 [ 217.946888][T15938] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 217.962856][T15944] EXT4-fs: Ignoring removed oldalloc option [ 217.980630][T15944] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 217.984093][T15938] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 217.999950][T15938] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 218.016247][T15944] EXT4-fs (loop5): 1 truncate cleaned up [ 218.027796][T15944] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 218.034500][T15938] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 218.074691][T15938] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 218.094452][T15938] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 218.113674][T15938] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 218.127624][T15938] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 218.166882][T15938] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 218.193372][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.242458][T15955] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4841'. [ 218.269087][T15955] dummy0: entered promiscuous mode [ 218.288334][T15955] macsec1: entered promiscuous mode [ 218.314638][T15955] macsec1: entered allmulticast mode [ 218.330218][T15955] dummy0: entered allmulticast mode [ 218.347527][T15955] dummy0: left allmulticast mode [ 218.362736][T15955] dummy0: left promiscuous mode [ 218.411910][T15960] loop8: detected capacity change from 0 to 1024 [ 218.429627][T15960] EXT4-fs: Ignoring removed oldalloc option [ 218.460546][T15960] EXT4-fs: Ignoring removed bh option [ 218.478391][T15960] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 218.538560][T13051] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.615578][T15970] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 219.234011][T16006] loop9: detected capacity change from 0 to 128 [ 219.371621][T16023] loop9: detected capacity change from 0 to 128 [ 219.394861][ T3413] kernel read not supported for file /#>b@ (pid: 3413 comm: kworker/0:4) [ 219.404456][ T43] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 219.458304][T16032] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4875'. [ 219.470193][T16032] dummy0: entered promiscuous mode [ 219.475571][T16032] macsec2: entered promiscuous mode [ 219.485396][T16032] macsec2: entered allmulticast mode [ 219.490786][T16032] dummy0: entered allmulticast mode [ 219.497716][T16032] dummy0: left allmulticast mode [ 219.502786][T16032] dummy0: left promiscuous mode [ 219.801880][T16058] loop5: detected capacity change from 0 to 512 [ 219.836718][T16058] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.870060][T16058] ext4 filesystem being mounted at /468/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 219.915789][T16072] loop8: detected capacity change from 0 to 128 [ 219.927595][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.979767][T16078] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4903'. [ 220.001730][T16078] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4903'. [ 220.143703][T16091] netlink: 'syz.5.4895': attribute type 1 has an invalid length. [ 220.153399][T16091] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4895'. [ 220.180650][T16094] loop6: detected capacity change from 0 to 1764 [ 220.208221][T16094] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 220.233923][T16094] isofs_fill_super: get root inode failed [ 220.327340][T16112] loop5: detected capacity change from 0 to 512 [ 220.351485][T16114] hsr0: entered allmulticast mode [ 220.357539][T16112] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 220.376690][T16114] hsr_slave_0: entered allmulticast mode [ 220.382471][T16114] hsr_slave_1: entered allmulticast mode [ 220.388817][T16114] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4905'. [ 220.398271][T16112] ext4 filesystem being mounted at /473/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 220.414584][T16114] hsr_slave_0: left promiscuous mode [ 220.435581][T16114] hsr_slave_1: left promiscuous mode [ 220.465882][T16114] hsr0 (unregistering): left allmulticast mode [ 220.509540][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.747263][ T28] kauditd_printk_skb: 42 callbacks suppressed [ 220.747399][ T28] audit: type=1400 audit(1773693794.353:2027): avc: denied { setopt } for pid=16125 comm="syz.9.4920" laddr=::ffff:172.20.20.10 lport=55856 faddr=::ffff:172.30.0.10 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 220.786103][T16128] loop5: detected capacity change from 0 to 8192 [ 220.795088][T16128] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 220.811169][T16128] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 220.822202][T16128] FAT-fs (loop5): Filesystem has been set read-only [ 220.829108][T16128] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 220.838231][T16128] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 220.847706][T16128] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 220.879074][T16128] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 220.888269][T16128] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 220.897257][T16128] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 220.906457][T16128] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 220.944591][T16128] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 220.975562][T16128] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 221.634178][T16155] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4921'. [ 221.655331][T16155] netlink: 'syz.9.4921': attribute type 30 has an invalid length. [ 221.663873][T16155] netlink: 'syz.9.4921': attribute type 29 has an invalid length. [ 221.692087][T16155] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4921'. [ 221.765706][T16161] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 221.790264][T16161] EXT4-fs (loop9): 1 truncate cleaned up [ 221.798016][T16161] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 221.815630][ T28] audit: type=1400 audit(1773693795.433:2028): avc: denied { append } for pid=16160 comm="syz.9.4925" path="/128/file1/cgroup.controllers" dev="loop9" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 221.913732][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.943731][T16166] netlink: 60 bytes leftover after parsing attributes in process `syz.9.4926'. [ 221.962021][T16166] netlink: 60 bytes leftover after parsing attributes in process `syz.9.4926'. [ 222.011788][T16170] Invalid argument reading file caps for ./file0 [ 222.116681][T16174] IPVS: sed: UDP 224.0.0.2:0 - no destination available [ 222.123722][ T23] IPVS: starting estimator thread 0... [ 222.214451][T16178] IPVS: using max 2352 ests per chain, 117600 per kthread [ 222.486886][T16204] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 222.496502][T16204] isofs_fill_super: get root inode failed [ 222.634261][T16217] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 222.652902][ T28] audit: type=1326 audit(1773693796.263:2029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16216 comm="syz.6.4949" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff993e5c799 code=0x0 [ 222.964080][T16243] set_capacity_and_notify: 5 callbacks suppressed [ 222.964100][T16243] loop5: detected capacity change from 0 to 1764 [ 222.989279][T16243] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 223.006076][T16243] isofs_fill_super: get root inode failed [ 223.420827][ T28] audit: type=1326 audit(1773693797.033:2030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16257 comm="syz.5.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2eaed6c799 code=0x7ffc0000 [ 223.445657][ T28] audit: type=1326 audit(1773693797.033:2031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16257 comm="syz.5.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2eaed6c799 code=0x7ffc0000 [ 223.469667][ T28] audit: type=1326 audit(1773693797.063:2032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16257 comm="syz.5.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f2eaed6c799 code=0x7ffc0000 [ 223.494030][ T28] audit: type=1326 audit(1773693797.063:2033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16257 comm="syz.5.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2eaed6c799 code=0x7ffc0000 [ 223.524154][ T28] audit: type=1326 audit(1773693797.063:2034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16257 comm="syz.5.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2eaed6c799 code=0x7ffc0000 [ 223.548799][T16260] syzkaller1: entered promiscuous mode [ 223.554265][T16260] syzkaller1: entered allmulticast mode [ 223.564518][ T28] audit: type=1326 audit(1773693797.063:2035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16257 comm="syz.5.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f2eaed6c799 code=0x7ffc0000 [ 223.590360][ T28] audit: type=1326 audit(1773693797.063:2036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16257 comm="syz.5.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2eaed6c799 code=0x7ffc0000 [ 223.661400][T16264] __nla_validate_parse: 2 callbacks suppressed [ 223.661417][T16264] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4967'. [ 223.696130][T16264] netlink: 'syz.5.4967': attribute type 7 has an invalid length. [ 223.706307][T16264] netlink: 'syz.5.4967': attribute type 8 has an invalid length. [ 223.737689][T16268] netlink: 'syz.6.4970': attribute type 3 has an invalid length. [ 223.744377][T16264] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4967'. [ 223.757164][T16264] erspan0: entered promiscuous mode [ 223.775958][T16264] gretap0: entered promiscuous mode [ 223.784739][T16264] erspan0: left promiscuous mode [ 223.796094][T16264] gretap0: left promiscuous mode [ 223.924222][T16273] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 224.060055][ T4529] Bluetooth: hci0: Frame reassembly failed (-84) [ 224.885577][T16328] loop9: detected capacity change from 0 to 512 [ 224.910767][T16328] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 224.955008][T16328] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 225.034350][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.101433][T16339] loop6: detected capacity change from 0 to 128 [ 225.115409][T16339] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 225.133625][ T1726] netdevsim netdevsim8 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 225.164259][ T1726] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.240648][ T1726] netdevsim netdevsim8 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 225.256540][ T1726] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.311374][ T1726] netdevsim netdevsim8 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 225.334753][ T1726] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.393030][T16363] RDS: rds_bind could not find a transport for ::3:0:20:0, load rds_tcp or rds_rdma? [ 225.415686][ T1726] netdevsim netdevsim8 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 225.439577][ T1726] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.532593][T16371] vhci_hcd vhci_hcd.3: default hub control req: 800f v0000 i0000 l31125 [ 225.604824][ T1726] bridge_slave_1: left allmulticast mode [ 225.613001][T16375] loop9: detected capacity change from 0 to 512 [ 225.628738][ T1726] bridge_slave_1: left promiscuous mode [ 225.658192][T16375] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 225.671886][ T1726] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.699760][T16375] ext4 filesystem being mounted at /154/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 225.771252][ T1726] bridge_slave_0: left allmulticast mode [ 225.776996][ T1726] bridge_slave_0: left promiscuous mode [ 225.782635][ T1726] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.809273][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.926420][ T1726] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 225.937096][ T1726] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 225.947070][ T1726] bond0 (unregistering): Released all slaves [ 225.959538][T16349] chnl_net:caif_netlink_parms(): no params data found [ 225.994380][ T1726] hsr_slave_0: left promiscuous mode [ 226.001297][ T1726] hsr_slave_1: left promiscuous mode [ 226.007182][ T1726] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 226.014960][ T1726] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 226.022464][ T1726] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 226.030078][ T1726] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 226.043140][ T1726] veth1_vlan: left promiscuous mode [ 226.050230][ T1726] veth0_vlan: left promiscuous mode [ 226.065243][T16403] loop6: detected capacity change from 0 to 512 [ 226.086275][T16403] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 226.115881][T16403] EXT4-fs (loop6): 1 truncate cleaned up [ 226.124562][ T43] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 226.137915][T16403] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 226.206562][ T1726] team0 (unregistering): Port device team_slave_1 removed [ 226.226647][ T1726] team0 (unregistering): Port device team_slave_0 removed [ 226.254305][T16414] loop7: detected capacity change from 0 to 512 [ 226.270878][T16414] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 226.285603][T16414] EXT4-fs (loop7): 1 truncate cleaned up [ 226.294254][T16414] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 226.329368][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 226.329382][ T28] audit: type=1400 audit(1773693799.943:2042): avc: denied { create } for pid=16413 comm="syz.7.5028" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 226.344112][T16349] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.384858][T16349] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.392052][T16349] bridge_slave_0: entered allmulticast mode [ 226.398656][T16349] bridge_slave_0: entered promiscuous mode [ 226.405640][T16349] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.412833][T16349] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.420624][T16349] bridge_slave_1: entered allmulticast mode [ 226.428920][T10709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.434949][T16349] bridge_slave_1: entered promiscuous mode [ 226.438767][T12860] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.468178][T16349] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.494837][T16429] vhci_hcd vhci_hcd.3: default hub control req: 6016 v000e i0006 l0 [ 226.547832][T16349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 226.565070][T16440] netlink: 44 bytes leftover after parsing attributes in process `syz.5.5033'. [ 226.575095][T16349] team0: Port device team_slave_0 added [ 226.580852][T16440] netlink: 43 bytes leftover after parsing attributes in process `syz.5.5033'. [ 226.584222][T16349] team0: Port device team_slave_1 added [ 226.602035][T16440] netlink: 'syz.5.5033': attribute type 5 has an invalid length. [ 226.611402][T16349] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.619031][T16349] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 226.623062][T16440] netlink: 43 bytes leftover after parsing attributes in process `syz.5.5033'. [ 226.656263][T16349] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 226.685837][T16349] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.708387][T16349] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 226.743411][T16454] netlink: 236 bytes leftover after parsing attributes in process `syz.5.5038'. [ 226.755838][T16454] netlink: 236 bytes leftover after parsing attributes in process `syz.5.5038'. [ 226.757092][T16349] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 226.767721][T16458] loop6: detected capacity change from 0 to 128 [ 226.801417][ T1726] IPVS: stop unused estimator thread 0... [ 226.808826][T16458] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 226.834985][T16465] loop7: detected capacity change from 0 to 512 [ 226.857203][T16458] FAT-fs (loop6): error, parent dir link count too low (2) [ 226.858333][T16349] hsr_slave_0: entered promiscuous mode [ 226.864722][T16458] FAT-fs (loop6): Filesystem has been set read-only [ 226.889470][T16465] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.892931][T16349] hsr_slave_1: entered promiscuous mode [ 226.922464][ T28] audit: type=1400 audit(1773693800.523:2043): avc: denied { create } for pid=16470 comm="syz.5.5040" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 226.923511][T16465] ext4 filesystem being mounted at /253/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 226.987478][T10709] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 227.013599][ T28] audit: type=1400 audit(1773693800.533:2044): avc: denied { write } for pid=16470 comm="syz.5.5040" name="file0" dev="tmpfs" ino=2611 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 227.031706][T16465] EXT4-fs error (device loop7): ext4_do_update_inode:5569: inode #2: comm syz.7.5039: corrupted inode contents [ 227.045756][ T28] audit: type=1400 audit(1773693800.533:2045): avc: denied { open } for pid=16470 comm="syz.5.5040" path="/500/file0" dev="tmpfs" ino=2611 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 227.060385][T16465] EXT4-fs error (device loop7): ext4_dirty_inode:6450: inode #2: comm syz.7.5039: mark_inode_dirty error [ 227.093549][ T28] audit: type=1400 audit(1773693800.593:2046): avc: denied { unlink } for pid=9185 comm="syz-executor" name="file0" dev="tmpfs" ino=2611 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 227.118791][T16465] EXT4-fs error (device loop7): ext4_do_update_inode:5569: inode #2: comm syz.7.5039: corrupted inode contents [ 227.130894][T16489] loop6: detected capacity change from 0 to 512 [ 227.133192][T16465] EXT4-fs error (device loop7): __ext4_ext_dirty:207: inode #2: comm syz.7.5039: mark_inode_dirty error [ 227.150771][T16486] EXT4-fs warning (device loop7): ext4_es_cache_extent:1082: inode #2: comm syz.7.5039: ES cache extent failed: add [0,1,21,0x1] conflict with existing [0,8,576460752303423487,0x18] [ 227.150771][T16486] [ 227.182359][T16489] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.208715][ T28] audit: type=1400 audit(1773693800.813:2047): avc: denied { add_name } for pid=16464 comm="syz.7.5039" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 227.224565][T16489] ext4 filesystem being mounted at /459/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 227.269363][T12860] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.286025][ T28] audit: type=1400 audit(1773693800.863:2048): avc: denied { rename } for pid=16464 comm="syz.7.5039" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop7" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 227.369518][T10709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.592240][T16349] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 227.609299][T16349] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 227.617934][T16541] loop5: detected capacity change from 0 to 512 [ 227.618751][T16349] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 227.657980][T16541] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.674840][T16349] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 227.706071][T16541] ext4 filesystem being mounted at /508/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 227.776934][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.792064][T16349] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.819701][T16349] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.858448][ T1726] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.865643][ T1726] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.896387][ T1726] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.903474][ T1726] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.054231][T16349] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 228.196423][T16349] veth0_vlan: entered promiscuous mode [ 228.215109][T16349] veth1_vlan: entered promiscuous mode [ 228.239353][T16349] veth0_macvtap: entered promiscuous mode [ 228.253999][T16349] veth1_macvtap: entered promiscuous mode [ 228.288700][T16349] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.307858][ T28] audit: type=1400 audit(1773693801.923:2049): avc: denied { setopt } for pid=16606 comm="syz.7.5073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 228.313197][T16349] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.348390][ T4524] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.357362][ T4524] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.380443][ T4524] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.400252][ T4524] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.513716][T16626] loop6: detected capacity change from 0 to 256 [ 228.606414][T16638] loop3: detected capacity change from 0 to 256 [ 228.628151][T16641] loop7: detected capacity change from 0 to 512 [ 228.638497][T16638] syz.3.5071: attempt to access beyond end of device [ 228.638497][T16638] loop3: rw=2049, sector=256, nr_sectors = 8 limit=256 [ 228.683220][T16641] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 228.710596][T16638] loop2: detected capacity change from 0 to 7 [ 228.734732][T16641] EXT4-fs (loop7): 1 truncate cleaned up [ 228.746667][T16641] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.042646][T16682] netlink: 'syz.9.5082': attribute type 10 has an invalid length. [ 229.074438][T16682] netlink: 65015 bytes leftover after parsing attributes in process `syz.9.5082'. [ 229.198033][ T3370] IPVS: starting estimator thread 0... [ 229.220683][T12860] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.285959][T16699] IPVS: using max 2304 ests per chain, 115200 per kthread [ 229.303518][T16709] syzkaller1: entered promiscuous mode [ 229.323767][T16709] syzkaller1: entered allmulticast mode [ 229.402845][T16565] kexec: Could not allocate control_code_buffer [ 229.562694][T16745] loop7: detected capacity change from 0 to 164 [ 229.613846][ T28] audit: type=1326 audit(1773693803.223:2050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16748 comm="syz.9.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 229.714450][ T28] audit: type=1326 audit(1773693803.223:2051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16748 comm="syz.9.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 229.847453][T16778] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 230.202537][ T3370] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 230.224934][ T3370] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 230.239841][T16809] netlink: 'syz.5.5119': attribute type 4 has an invalid length. [ 230.396939][T16821] loop9: detected capacity change from 0 to 128 [ 230.406525][T16818] loop5: detected capacity change from 0 to 1024 [ 230.485348][T16818] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002] [ 230.535132][T16818] System zones: 0-1, 3-36 [ 230.591064][T16818] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.5120: bad orphan inode 134217728 [ 230.636817][T16818] loop5: lost filesystem error report for type 5 error -117 [ 230.637396][T16818] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.767284][T16852] batadv_slave_0: entered promiscuous mode [ 230.788624][T16850] batadv_slave_0: left promiscuous mode [ 230.984746][T16867] syzkaller1: entered promiscuous mode [ 230.990232][T16867] syzkaller1: entered allmulticast mode [ 231.153425][T16876] loop6: detected capacity change from 0 to 256 [ 231.193881][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.208382][T16876] syz.6.5133: attempt to access beyond end of device [ 231.208382][T16876] loop6: rw=2049, sector=256, nr_sectors = 8 limit=256 [ 231.222282][T16876] loop2: detected capacity change from 0 to 7 [ 231.226442][T16880] loop7: detected capacity change from 0 to 512 [ 231.249846][T16880] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 231.282924][T16885] EXT4-fs (loop5): 1 truncate cleaned up [ 231.292534][T16880] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 231.293521][T16885] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 231.335171][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 231.335188][ T28] audit: type=1400 audit(1773693804.943:2056): avc: denied { write } for pid=16884 comm="syz.5.5135" name="file3" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 231.344883][T16880] ext4 filesystem being mounted at /283/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 231.383453][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.424733][ T28] audit: type=1400 audit(1773693804.953:2057): avc: denied { reparent } for pid=16884 comm="syz.5.5135" name="file3" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 231.455729][T16880] EXT4-fs (loop7): shut down requested (1) [ 231.463527][T16880] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop7 ino=12 [ 231.504305][T16880] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop7 ino=12 [ 231.517284][ T28] audit: type=1400 audit(1773693805.133:2058): avc: denied { mounton } for pid=16879 comm="syz.7.5134" path="/283/file0/file0" dev="loop7" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 231.569052][ T28] audit: type=1400 audit(1773693805.183:2059): avc: denied { ioctl } for pid=16902 comm="syz.3.5140" path="socket:[47881]" dev="sockfs" ino=47881 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 231.643563][T12860] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.673206][T16912] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 231.694490][ T28] audit: type=1400 audit(1773693805.303:2060): avc: denied { read } for pid=16913 comm="syz.7.5143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 232.124002][T16941] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 232.173254][T16941] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 232.185901][T16941] ext4 filesystem being mounted at /182/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 232.198921][T16941] EXT4-fs (loop9): shut down requested (1) [ 232.247750][T16941] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop9 ino=12 [ 232.256671][T16941] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop9 ino=12 [ 232.292077][ T28] audit: type=1400 audit(1773693805.903:2061): avc: denied { write } for pid=16945 comm="syz.5.5155" path="socket:[48261]" dev="sockfs" ino=48261 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 232.505820][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.605374][ T3412] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 232.806467][T16971] EXT4-fs (loop9): revision level too high, forcing read-only mode [ 232.817064][T16971] EXT4-fs (loop9): orphan cleanup on readonly fs [ 232.843062][T16971] Quota error (device loop9): v2_read_file_info: Can't read info structure [ 232.854637][T16971] EXT4-fs warning (device loop9): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-5, ino=4). Please run e2fsck to fix. [ 232.878458][T16971] EXT4-fs (loop9): Cannot turn on quotas: error -5 [ 232.886442][T16971] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5167: bg 0: block 64: padding at end of block bitmap is not set [ 232.902478][T16971] loop9: lost filesystem error report for type 5 error -117 [ 232.905901][T16971] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 232.921900][ C1] EXT4-fs (loop9): error count since last fsck: 1 [ 232.921922][ C1] EXT4-fs (loop9): initial error at time 1773693806: ext4_validate_block_bitmap:441 [ 232.921950][ C1] EXT4-fs (loop9): last error at time 1773693806: ext4_validate_block_bitmap:441 [ 232.940946][ T28] audit: type=1400 audit(1773693806.553:2062): avc: denied { map } for pid=16980 comm="syz.6.5170" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 232.947319][T16971] loop9: lost filesystem error report for type 5 error -117 [ 232.972261][T16981] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 232.980062][T16971] EXT4-fs (loop9): 1 truncate cleaned up [ 232.995193][T16971] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 233.007753][T16981] vhci_hcd vhci_hcd.2: invalid port number 96 [ 233.014031][T16981] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0 [ 233.061176][ T28] audit: type=1326 audit(1773693806.673:2063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16983 comm="syz.6.5171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff993e5c799 code=0x7ffc0000 [ 233.090549][ T28] audit: type=1326 audit(1773693806.673:2064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16983 comm="syz.6.5171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff993e5c799 code=0x7ffc0000 [ 233.114771][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.168486][T16990] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 233.215343][T16990] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 233.233851][T16992] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5175'. [ 233.563107][T17005] set_capacity_and_notify: 4 callbacks suppressed [ 233.563131][T17005] loop6: detected capacity change from 0 to 8192 [ 233.612765][T17011] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 233.629908][T17005] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 233.646570][T17015] loop3: detected capacity change from 0 to 512 [ 233.684253][T17015] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 233.733182][T17015] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it [ 233.763456][T17021] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5187'. [ 233.792799][T17015] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.5186: Corrupt directory, running e2fsck is recommended [ 233.860643][T17015] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 233.911992][T17015] EXT4-fs error (device loop3): ext4_iget_extra_inode:5025: inode #15: comm syz.3.5186: corrupted in-inode xattr: invalid ea_ino [ 233.949963][T17033] loop7: detected capacity change from 0 to 128 [ 233.967812][T17035] openvswitch: netlink: Missing key (keys=40, expected=100) [ 233.968197][T17033] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 233.978256][T17015] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 233.999198][T17033] ext4 filesystem being mounted at /292/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 234.004439][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 234.013380][T17015] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5186: couldn't read orphan inode 15 (err -117) [ 234.018798][ C0] EXT4-fs (loop3): initial error at time 1773693807: ext4_iget_extra_inode:5025: inode 15 [ 234.046920][ C0] EXT4-fs (loop3): last error at time 1773693807: ext4_iget_extra_inode:5025: inode 15 [ 234.057693][T17015] loop3: lost filesystem error report for type 5 error -117 [ 234.058307][T17015] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 234.110687][T12860] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 234.139670][T17015] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 234.168585][T17041] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5196'. [ 234.179253][T17015] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it [ 234.211633][T17015] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.5186: Corrupt directory, running e2fsck is recommended [ 234.246896][T17044] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 234.274550][T17044] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it [ 234.294801][T17044] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.5186: Corrupt directory, running e2fsck is recommended [ 234.314702][T17015] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 234.334462][T17015] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it [ 234.357561][T17015] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.5186: Corrupt directory, running e2fsck is recommended [ 234.385220][T17050] loop9: detected capacity change from 0 to 8192 [ 234.400549][T17050] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 234.411125][T17051] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 234.503199][T16349] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.742957][T17076] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5210'. [ 234.787760][T17080] netlink: 'syz.9.5212': attribute type 3 has an invalid length. [ 234.926191][ T4531] Bluetooth: hci0: Frame reassembly failed (-84) [ 235.319096][T17106] loop5: detected capacity change from 0 to 512 [ 235.325969][T17106] EXT4-fs: Ignoring removed bh option [ 235.331438][T17106] EXT4-fs: inline encryption not supported [ 235.338597][T17106] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 235.357210][T17106] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 235.371969][T17106] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5224: bg 0: block 248: padding at end of block bitmap is not set [ 235.386508][T17106] loop5: lost filesystem error report for type 5 error -117 [ 235.386923][T17106] EXT4-fs error (device loop5): ext4_acquire_dquot:7001: comm syz.5.5224: Failed to acquire dquot type 1 [ 235.405478][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 235.405508][ C1] EXT4-fs (loop5): last error at time 1773693809: ext4_validate_block_bitmap:441 [ 235.421105][T17106] loop5: lost filesystem error report for type 5 error -117 [ 235.421635][T17106] EXT4-fs (loop5): 1 truncate cleaned up [ 235.435080][T17106] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 235.471196][ T9185] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 235.545181][T17117] loop9: detected capacity change from 0 to 2048 [ 235.580488][T17121] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 235.592447][T17121] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 235.594946][T17117] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 235.687822][T17117] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 235.704355][T17117] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 235.717269][T17117] EXT4-fs (loop9): This should not happen!! Data will be lost [ 235.717269][T17117] [ 235.727976][T17117] EXT4-fs (loop9): Total free blocks count 0 [ 235.733965][T17117] EXT4-fs (loop9): Free/Dirty block details [ 235.740609][T17117] EXT4-fs (loop9): free_blocks=2415919104 [ 235.746483][T17117] EXT4-fs (loop9): dirty_blocks=2160 [ 235.751897][T17117] EXT4-fs (loop9): Block reservation details [ 235.758114][T17117] EXT4-fs (loop9): i_reserved_data_blocks=135 [ 235.880186][ T1726] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 104 with error 28 [ 236.151687][T17142] loop9: detected capacity change from 0 to 512 [ 236.163242][ T23] kernel write not supported for file bpf-prog (pid: 23 comm: kworker/1:0) [ 236.168479][T17142] EXT4-fs: Ignoring removed bh option [ 236.177601][T17144] loop3: detected capacity change from 0 to 512 [ 236.189101][T17142] EXT4-fs: inline encryption not supported [ 236.195933][T17142] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended [ 236.201248][T17144] EXT4-fs: Ignoring removed oldalloc option [ 236.239933][T17142] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 236.254546][T17144] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 236.260866][T17146] xt_hashlimit: size too large, truncated to 1048576 [ 236.271413][T17142] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5237: bg 0: block 248: padding at end of block bitmap is not set [ 236.311791][T17144] EXT4-fs (loop3): 1 truncate cleaned up [ 236.320343][T17144] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.334460][T17142] loop9: lost filesystem error report for type 5 error -117 [ 236.336548][T17142] EXT4-fs error (device loop9): ext4_acquire_dquot:7001: comm syz.9.5237: Failed to acquire dquot type 1 [ 236.355077][ C1] EXT4-fs (loop9): error count since last fsck: 1 [ 236.355098][ C1] EXT4-fs (loop9): last error at time 1773693809: ext4_validate_block_bitmap:441 [ 236.400422][T17142] loop9: lost filesystem error report for type 5 error -117 [ 236.400835][T17142] EXT4-fs (loop9): 1 truncate cleaned up [ 236.415604][T16349] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.425475][T17142] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 236.545208][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 236.720902][T17170] Invalid argument reading file caps for ./file0 [ 237.004475][ T6608] Bluetooth: hci0: command 0x1003 tx timeout [ 237.004496][ T43] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 237.068996][T17191] SET target dimension over the limit! [ 237.191880][T17201] loop6: detected capacity change from 0 to 2048 [ 237.406903][T17223] loop6: detected capacity change from 0 to 2048 [ 237.468967][T12902] loop6: p2 < > p4 [ 237.477544][T12902] loop6: p4 size 262144 extends beyond EOD, truncated [ 237.494044][T17223] loop6: p2 < > p4 [ 237.499571][T17223] loop6: p4 size 262144 extends beyond EOD, truncated [ 237.536714][T17232] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 237.651775][T17242] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 237.665910][T12902] udevd[12902]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 237.666587][T12904] udevd[12904]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory [ 237.722464][T17242] ext4 filesystem being mounted at /301/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 237.733797][ T4524] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 237.761474][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.854521][T12860] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.066760][T17272] syz.7.5294: attempt to access beyond end of device [ 238.066760][T17272] loop7: rw=2049, sector=225, nr_sectors = 128 limit=128 [ 238.124352][ T4524] kworker/u8:11: attempt to access beyond end of device [ 238.124352][ T4524] loop7: rw=8388609, sector=171, nr_sectors = 1 limit=128 [ 238.138964][ T4524] Buffer I/O error on dev loop7, logical block 171, lost async page write [ 238.149500][T17258] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 238.265585][T17281] netlink: 65039 bytes leftover after parsing attributes in process `syz.7.5297'. [ 238.329560][ T28] kauditd_printk_skb: 14 callbacks suppressed [ 238.329577][ T28] audit: type=1400 audit(1773693811.952:2075): avc: denied { sqpoll } for pid=17282 comm="syz.7.5298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 238.357919][T10709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.510515][T17302] IPv6: NLM_F_REPLACE set, but no existing node found! [ 238.602029][T17309] set_capacity_and_notify: 4 callbacks suppressed [ 238.602047][T17309] loop6: detected capacity change from 0 to 512 [ 238.617908][T17309] EXT4-fs: Ignoring removed bh option [ 238.623595][T17309] EXT4-fs: inline encryption not supported [ 238.632184][T17309] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 238.658313][T17309] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 238.673863][T17309] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5306: bg 0: block 248: padding at end of block bitmap is not set [ 238.688279][T17309] loop6: lost filesystem error report for type 5 error -117 [ 238.689406][T17309] Quota error (device loop6): write_blk: dquota write failed [ 238.704413][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 238.710866][ C0] EXT4-fs (loop6): last error at time 1773693812: ext4_validate_block_bitmap:441 [ 238.720318][T17309] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 238.731817][T17309] EXT4-fs error (device loop6): ext4_acquire_dquot:7001: comm syz.6.5306: Failed to acquire dquot type 1 [ 238.743490][T17309] loop6: lost filesystem error report for type 5 error -117 [ 238.744016][T17309] EXT4-fs (loop6): 1 truncate cleaned up [ 238.757538][T17309] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 238.815960][T10709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 238.865126][T17327] SELinux: Context : is not valid (left unmapped). [ 238.872429][ T28] audit: type=1400 audit(1773693812.492:2076): avc: denied { relabelto } for pid=17325 comm="syz.6.5315" name="rdma.current" dev="tmpfs" ino=2661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=":" [ 238.898152][ T28] audit: type=1400 audit(1773693812.492:2077): avc: denied { associate } for pid=17325 comm="syz.6.5315" name="rdma.current" dev="tmpfs" ino=2661 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=":" [ 238.960991][ T28] audit: type=1400 audit(1773693812.552:2078): avc: denied { unlink } for pid=10709 comm="syz-executor" name="rdma.current" dev="tmpfs" ino=2661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=":" [ 238.988099][ T28] audit: type=1400 audit(1773693812.612:2079): avc: denied { watch_reads } for pid=17334 comm="syz.6.5320" path="/512/file1" dev="tmpfs" ino=2672 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 239.034494][T17338] loop6: detected capacity change from 0 to 512 [ 239.041138][T17338] EXT4-fs: Ignoring removed oldalloc option [ 239.067571][T17338] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 239.081302][T17338] EXT4-fs (loop6): 1 truncate cleaned up [ 239.088717][T17338] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 239.101777][T17340] loop5: detected capacity change from 0 to 2048 [ 239.148942][ T28] audit: type=1400 audit(1773693812.772:2080): avc: denied { read } for pid=17346 comm="syz.9.5325" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 239.176018][T10709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.176964][T12902] loop5: p2 < > p4 [ 239.190136][T12902] loop5: p4 size 262144 extends beyond EOD, truncated [ 239.205080][T17340] loop5: p2 < > p4 [ 239.209498][T17340] loop5: p4 size 262144 extends beyond EOD, truncated [ 239.261594][T12902] udevd[12902]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 239.263188][T12904] udevd[12904]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory [ 239.328525][T17355] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5327'. [ 239.397011][T17362] loop7: detected capacity change from 0 to 512 [ 239.403536][T17362] EXT4-fs: Ignoring removed bh option [ 239.418497][T17362] EXT4-fs: inline encryption not supported [ 239.433108][T17362] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended [ 239.473243][T17362] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 239.501483][T17362] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.5326: bg 0: block 248: padding at end of block bitmap is not set [ 239.529876][T17362] loop7: lost filesystem error report for type 5 error -117 [ 239.534409][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 239.548154][ C1] EXT4-fs (loop7): last error at time 1773693813: ext4_validate_block_bitmap:441 [ 239.557707][T17362] Quota error (device loop7): write_blk: dquota write failed [ 239.565527][T17362] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 239.575749][T17362] EXT4-fs error (device loop7): ext4_acquire_dquot:7001: comm syz.7.5326: Failed to acquire dquot type 1 [ 239.587112][T17362] loop7: lost filesystem error report for type 5 error -117 [ 239.594758][T17362] EXT4-fs (loop7): 1 truncate cleaned up [ 239.617505][T17362] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 239.722884][T17390] netlink: 67 bytes leftover after parsing attributes in process `syz.5.5332'. [ 239.768526][T12860] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 239.919958][T17397] loop7: detected capacity change from 0 to 8192 [ 240.835831][T17443] unsupported nla_type 210 [ 240.890634][T17445] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5351'. [ 240.911814][T17442] loop3: detected capacity change from 0 to 512 [ 240.917481][T17445] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5351'. [ 240.921534][T17442] EXT4-fs: Ignoring removed bh option [ 240.933491][T17442] EXT4-fs: inline encryption not supported [ 240.961215][T17442] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 240.993230][T17452] loop9: detected capacity change from 0 to 4096 [ 241.004377][T17442] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 241.020688][T17442] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5347: bg 0: block 248: padding at end of block bitmap is not set [ 241.035217][T17452] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 241.057883][T17442] loop3: lost filesystem error report for type 5 error -117 [ 241.058088][T17442] EXT4-fs error (device loop3): ext4_acquire_dquot:7001: comm syz.3.5347: Failed to acquire dquot type 1 [ 241.065463][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 241.065485][ C0] EXT4-fs (loop3): last error at time 1773693814: ext4_validate_block_bitmap:441 [ 241.099372][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 241.107996][T17457] loop6: detected capacity change from 0 to 2048 [ 241.114897][T17442] loop3: lost filesystem error report for type 5 error -117 [ 241.115411][T17442] EXT4-fs (loop3): 1 truncate cleaned up [ 241.164997][T17442] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 241.187852][T17457] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 241.264540][T17477] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5364'. [ 241.319549][T17477] bond1: option primary_reselect: invalid value (8) [ 241.331808][T17457] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 241.365762][T17477] bond1 (unregistering): Released all slaves [ 241.394272][T17457] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1314 with error 28 [ 241.435260][T17457] EXT4-fs (loop6): This should not happen!! Data will be lost [ 241.435260][T17457] [ 241.454604][T17457] EXT4-fs (loop6): Total free blocks count 0 [ 241.463000][T17457] EXT4-fs (loop6): Free/Dirty block details [ 241.478305][T17457] EXT4-fs (loop6): free_blocks=2415919104 [ 241.494827][T17457] EXT4-fs (loop6): dirty_blocks=1328 [ 241.500184][T17457] EXT4-fs (loop6): Block reservation details [ 241.515968][T17457] EXT4-fs (loop6): i_reserved_data_blocks=83 [ 242.128433][T17501] sg_write: data in/out 1701063932/2 bytes for SCSI command 0x6e-- guessing data in; [ 242.128433][T17501] program syz.7.5371 not setting count and/or reply_len properly [ 242.210707][T17537] loop5: detected capacity change from 0 to 512 [ 242.492895][T17558] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5392'. [ 242.570812][T17566] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17566 comm=syz.7.5396 [ 242.964948][T17599] loop3: detected capacity change from 0 to 512 [ 242.976460][T17599] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 243.321322][T17619] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 243.372381][T17619] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 546 with error 28 [ 243.404714][T17619] EXT4-fs (loop3): This should not happen!! Data will be lost [ 243.404714][T17619] [ 243.427101][T17619] EXT4-fs (loop3): Total free blocks count 0 [ 243.439814][T17619] EXT4-fs (loop3): Free/Dirty block details [ 243.451424][T17619] EXT4-fs (loop3): free_blocks=2415919104 [ 243.464164][ T28] kauditd_printk_skb: 35 callbacks suppressed [ 243.464178][ T28] audit: type=1326 audit(1773693817.082:2114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17575 comm="syz.7.5401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e7aa2c799 code=0x7fc00000 [ 243.468570][T17619] EXT4-fs (loop3): dirty_blocks=560 [ 243.497081][ T40] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 243.566877][T17619] EXT4-fs (loop3): Block reservation details [ 243.579669][T17619] EXT4-fs (loop3): i_reserved_data_blocks=35 [ 243.776111][T17656] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5427'. [ 244.276855][T17671] set_capacity_and_notify: 1 callbacks suppressed [ 244.276871][T17671] loop7: detected capacity change from 0 to 128 [ 244.294944][T17671] syz.7.5433: attempt to access beyond end of device [ 244.294944][T17671] loop7: rw=8388611, sector=138, nr_sectors = 6 limit=128 [ 244.309169][T17671] syz.7.5433: attempt to access beyond end of device [ 244.309169][T17671] loop7: rw=8390659, sector=144, nr_sectors = 106 limit=128 [ 244.395266][T17677] loop7: detected capacity change from 0 to 256 [ 244.750514][T17698] syzkaller1: entered promiscuous mode [ 244.764886][T17698] syzkaller1: entered allmulticast mode [ 244.782639][T17700] loop6: detected capacity change from 0 to 128 [ 244.783306][ T28] audit: type=1400 audit(1773693818.402:2115): avc: denied { append } for pid=17699 comm="syz.7.5446" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 244.833757][ T3385] kernel read not supported for file /input/event0 (pid: 3385 comm: kworker/0:3) [ 244.835366][T17704] loop9: detected capacity change from 0 to 512 [ 244.934537][ T28] audit: type=1400 audit(1773693818.552:2116): avc: denied { mount } for pid=17715 comm="syz.5.5451" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 244.957347][ T28] audit: type=1400 audit(1773693818.562:2117): avc: denied { ioctl } for pid=17702 comm="syz.9.5448" path="/265/file1/file1" dev="loop9" ino=18 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 245.002474][ T28] audit: type=1400 audit(1773693818.622:2118): avc: denied { shutdown } for pid=17713 comm="syz.3.5452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 245.347734][ T28] audit: type=1400 audit(1773693818.972:2119): avc: denied { accept } for pid=17742 comm="syz.5.5463" path="socket:[50146]" dev="sockfs" ino=50146 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 245.475221][T17727] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.482439][T17727] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.743332][T17727] bridge_slave_0: left allmulticast mode [ 245.749591][T17727] bridge_slave_0: left promiscuous mode [ 245.755388][T17727] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.776333][T17727] bridge_slave_1: left allmulticast mode [ 245.783020][T17727] bridge_slave_1: left promiscuous mode [ 245.789694][T17727] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.804291][T17727] bond0: (slave bond_slave_0): Releasing backup interface [ 245.823688][T17727] bond0: (slave bond_slave_1): Releasing backup interface [ 245.839404][T17727] team0: Port device team_slave_0 removed [ 245.856582][T17727] team0: Port device team_slave_1 removed [ 245.870071][T17727] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 245.883973][T17727] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 245.897267][T17727] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 245.911397][T17727] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 245.972899][T17734] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 245.987600][T17734] bond0: (slave lo): Enslaving as an active interface with an up link [ 246.047906][ T54] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.070083][ T54] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.083604][ T54] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.126036][ T54] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.218143][T17788] netlink: 'syz.6.5474': attribute type 13 has an invalid length. [ 246.226049][T17788] netlink: 24859 bytes leftover after parsing attributes in process `syz.6.5474'. [ 246.470252][T17814] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 246.477887][T17814] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 246.485502][T17814] vhci_hcd vhci_hcd.0: default hub control req: 9a08 v0009 i0007 l0 [ 246.929889][T17846] loop6: detected capacity change from 0 to 128 [ 246.949285][T17846] ext4 filesystem being mounted at /545/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 247.229851][T17868] loop7: detected capacity change from 0 to 128 [ 247.246400][T17868] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 247.261668][ T40] FAT-fs (loop7): error, invalid FAT chain (i_pos 548, last_block 8) [ 247.271187][ T40] FAT-fs (loop7): Filesystem has been set read-only [ 247.278292][ T40] FAT-fs (loop7): error, corrupted file size (i_pos 548, 522) [ 247.287373][ T28] audit: type=1400 audit(1773693820.912:2120): avc: denied { create } for pid=17867 comm="syz.7.5509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 247.308244][T17871] loop5: detected capacity change from 0 to 512 [ 247.327617][T17871] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 247.354124][T17871] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 247.369227][T17871] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5510: bg 0: block 248: padding at end of block bitmap is not set [ 247.385921][T17871] loop5: lost filesystem error report for type 5 error -117 [ 247.386155][T17871] Quota error (device loop5): write_blk: dquota write failed [ 247.400990][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 247.401022][ C1] EXT4-fs (loop5): last error at time 1773693821: ext4_validate_block_bitmap:441 [ 247.445466][ T4531] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.455796][T17871] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 247.474546][T17871] EXT4-fs error (device loop5): ext4_acquire_dquot:7001: comm syz.5.5510: Failed to acquire dquot type 1 [ 247.485939][T17871] loop5: lost filesystem error report for type 5 error -117 [ 247.497199][T17871] EXT4-fs (loop5): 1 truncate cleaned up [ 247.522238][ T4531] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.567006][T17888] loop9: detected capacity change from 0 to 512 [ 247.577698][ T4531] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.593756][T17888] EXT4-fs error (device loop9): ext4_orphan_get:1391: inode #15: comm syz.9.5518: inode has both inline data and extents flags [ 247.610684][T17888] loop9: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 247.610839][T17888] EXT4-fs error (device loop9): ext4_orphan_get:1396: comm syz.9.5518: couldn't read orphan inode 15 (err -117) [ 247.620009][ C1] EXT4-fs (loop9): error count since last fsck: 1 [ 247.620028][ C1] EXT4-fs (loop9): initial error at time 1773693821: ext4_orphan_get:1391: inode 15 [ 247.620073][ C1] EXT4-fs (loop9): last error at time 1773693821: ext4_orphan_get:1391: inode 15 [ 247.657228][T17888] loop9: lost filesystem error report for type 5 error -117 [ 247.681313][ T28] audit: type=1400 audit(1773693821.302:2121): avc: denied { getopt } for pid=17887 comm="syz.9.5518" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 247.739310][ T4531] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.917870][T17885] chnl_net:caif_netlink_parms(): no params data found [ 247.950939][ T4531] bridge_slave_1: left allmulticast mode [ 247.960620][ T4531] bridge_slave_1: left promiscuous mode [ 247.969326][ T4531] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.977408][ T4531] bridge_slave_0: left allmulticast mode [ 247.989687][ T4531] bridge_slave_0: left promiscuous mode [ 248.004224][ T4531] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.157033][ T4531] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 248.168058][ T4531] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 248.178971][ T4531] bond0 (unregistering): Released all slaves [ 248.242932][ T4531] hsr_slave_0: left promiscuous mode [ 248.248812][ T4531] hsr_slave_1: left promiscuous mode [ 248.254822][ T4531] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 248.262350][ T4531] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 248.270055][ T4531] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 248.295559][ T4531] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 248.314818][ T4531] veth1_macvtap: left promiscuous mode [ 248.320401][ T4531] veth0_macvtap: left promiscuous mode [ 248.326377][ T4531] veth1_vlan: left promiscuous mode [ 248.331697][ T4531] veth0_vlan: left promiscuous mode [ 248.383752][T17944] loop7: detected capacity change from 0 to 128 [ 248.508469][ T4531] team0 (unregistering): Port device team_slave_1 removed [ 248.519142][ T4531] team0 (unregistering): Port device team_slave_0 removed [ 248.562787][T17885] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.571044][T17885] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.578420][T17885] bridge_slave_0: entered allmulticast mode [ 248.585096][T17885] bridge_slave_0: entered promiscuous mode [ 248.658993][T17885] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.679905][T17885] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.689210][T17885] bridge_slave_1: entered allmulticast mode [ 248.696144][T17885] bridge_slave_1: entered promiscuous mode [ 248.761224][T17885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 248.805941][T17885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 248.865461][T17885] team0: Port device team_slave_0 added [ 248.898066][T17885] team0: Port device team_slave_1 added [ 248.975043][T17885] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 248.982340][T17885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 249.036407][T17885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 249.066990][T17885] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 249.081950][T17885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 249.132897][T17885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 249.199891][T17885] hsr_slave_0: entered promiscuous mode [ 249.209696][T17885] hsr_slave_1: entered promiscuous mode [ 249.299806][ T28] audit: type=1400 audit(1773693822.912:2122): avc: denied { getopt } for pid=17968 comm="syz.5.5535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 249.497460][ T28] audit: type=1326 audit(1773693823.122:2123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18010 comm="syz.9.5551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 249.570653][ T28] audit: type=1326 audit(1773693823.122:2124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18010 comm="syz.9.5551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 249.644736][ T28] audit: type=1326 audit(1773693823.122:2125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18010 comm="syz.9.5551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 249.685478][ T28] audit: type=1326 audit(1773693823.122:2126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18010 comm="syz.9.5551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 249.685509][ T28] audit: type=1326 audit(1773693823.122:2127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18010 comm="syz.9.5551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 249.870656][T17885] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 249.900213][T17885] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 249.952826][T17885] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 250.012617][T17885] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 250.199250][T17885] 8021q: adding VLAN 0 to HW filter on device bond0 [ 250.237307][T17885] 8021q: adding VLAN 0 to HW filter on device team0 [ 250.254019][T18087] netlink: 'syz.5.5559': attribute type 9 has an invalid length. [ 250.284078][ T1726] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.291194][ T1726] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.310636][T18093] loop7: detected capacity change from 0 to 256 [ 250.328522][T18093] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 250.341450][ T1726] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.348652][ T1726] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.394675][T17885] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 250.517216][T17885] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 250.527624][T18111] netlink: 'syz.9.5563': attribute type 6 has an invalid length. [ 250.643510][T17885] veth0_vlan: entered promiscuous mode [ 250.651892][T17885] veth1_vlan: entered promiscuous mode [ 250.669322][T17885] veth0_macvtap: entered promiscuous mode [ 250.683650][T17885] veth1_macvtap: entered promiscuous mode [ 250.696855][T17885] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 250.714713][T17885] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 250.730966][ T4531] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.739899][ T4531] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.749215][ T4531] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.758847][ T4531] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.791933][T18134] loop7: detected capacity change from 0 to 128 [ 250.803200][T18134] EXT4-fs mount: 12 callbacks suppressed [ 250.803285][T18134] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 250.823400][T18134] ext4 filesystem being mounted at /371/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 250.841980][T18139] loop3: detected capacity change from 0 to 2048 [ 250.850254][T12860] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 250.875233][T18139] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.887566][T18139] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 250.920826][T18142] 9pnet: p9_errstr2errno: server reported unknown error [ 251.609334][T17885] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.632621][ T28] audit: type=1326 audit(1773693825.252:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.9.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 251.666814][T18155] netlink: 1028 bytes leftover after parsing attributes in process `syz.6.5574'. [ 251.674579][ T28] audit: type=1326 audit(1773693825.252:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.9.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 251.706989][T18155] sch_tbf: peakrate 3 is lower than or equals to rate 183 ! [ 251.725060][ T28] audit: type=1326 audit(1773693825.262:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.9.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 251.762748][T18157] loop9: detected capacity change from 0 to 1024 [ 251.765567][ T28] audit: type=1326 audit(1773693825.262:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.9.5581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc4249c799 code=0x7ffc0000 [ 251.777662][T18157] EXT4-fs: Ignoring removed bh option [ 251.825650][T18157] EXT4-fs: Ignoring removed nomblk_io_submit option [ 251.855499][T18157] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e841c01c, mo2=0003] [ 251.887944][T18157] System zones: 0-1, 3-36 [ 251.910423][T18157] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 252.090092][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.147439][T18187] loop7: detected capacity change from 0 to 4096 [ 252.177855][T18187] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=e842c018, mo2=0002] [ 252.185959][T18199] loop3: detected capacity change from 0 to 512 [ 252.202930][T18187] System zones: 0-5 [ 252.214989][T18187] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 252.237637][T18199] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.5593: inode has both inline data and extents flags [ 252.254205][T18202] loop9: detected capacity change from 0 to 512 [ 252.260809][T12860] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.275268][T18199] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 252.277005][T18199] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5593: couldn't read orphan inode 15 (err -117) [ 252.286182][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 252.286205][ C1] EXT4-fs (loop3): initial error at time 1773693825: ext4_orphan_get:1391: inode 15 [ 252.286249][ C1] EXT4-fs (loop3): last error at time 1773693825: ext4_orphan_get:1391: inode 15 [ 252.309667][T18202] EXT4-fs warning (device loop9): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 252.316848][T18199] loop3: lost filesystem error report for type 5 error -117 [ 252.337953][T18199] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.346307][T18202] EXT4-fs warning (device loop9): dx_probe:849: Enable large directory feature to access it [ 252.372490][T18202] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.5594: Corrupt directory, running e2fsck is recommended [ 252.388502][T18202] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -117 [ 252.399720][T18202] EXT4-fs error (device loop9): ext4_iget_extra_inode:5025: inode #15: comm syz.9.5594: corrupted in-inode xattr: e_name out of bounds [ 252.415546][T18202] loop9: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 252.415791][T18202] EXT4-fs error (device loop9): ext4_orphan_get:1396: comm syz.9.5594: couldn't read orphan inode 15 (err -117) [ 252.425007][ C1] EXT4-fs (loop9): error count since last fsck: 1 [ 252.425026][ C1] EXT4-fs (loop9): initial error at time 1773693826: ext4_iget_extra_inode:5025: inode 15 [ 252.425074][ C1] EXT4-fs (loop9): last error at time 1773693826: ext4_iget_extra_inode:5025: inode 15 [ 252.465087][T17885] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.466939][T18202] loop9: lost filesystem error report for type 5 error -117 [ 252.475243][T18202] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 252.539167][T14067] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.604302][T18219] hub 1-0:1.0: USB hub found [ 252.625193][T18219] hub 1-0:1.0: 8 ports detected [ 252.751927][T18223] loop5: detected capacity change from 0 to 8192 [ 252.888783][T18242] loop9: detected capacity change from 0 to 128 [ 252.896025][T18242] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem [ 252.920215][T18242] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 252.938480][T18242] ext2 filesystem being mounted at /301/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 252.953408][T18242] EXT4-fs (loop9): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 252.972052][T14067] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 253.064942][T17775] ================================================================== [ 253.073035][T17775] BUG: KCSAN: data-race in kick_pool / wq_worker_running [ 253.080057][T17775] [ 253.082364][T17775] read-write to 0xffff888237c2a8a4 of 4 bytes by task 3474 on cpu 0: [ 253.090400][T17775] wq_worker_running+0x9b/0x120 [ 253.095238][T17775] schedule_timeout+0xca/0x180 [ 253.099980][T17775] msleep+0x4f/0x90 [ 253.103766][T17775] nsim_fib_event+0x491d/0x4d70 [ 253.108620][T17775] nsim_fib_event_work+0x13d/0x210 [ 253.113706][T17775] process_scheduled_works+0x513/0xa10 [ 253.119150][T17775] worker_thread+0x58a/0x780 [ 253.123720][T17775] kthread+0x22a/0x280 [ 253.127766][T17775] ret_from_fork+0x150/0x360 [ 253.132342][T17775] ret_from_fork_asm+0x1a/0x30 [ 253.137149][T17775] [ 253.139456][T17775] read to 0xffff888237c2a8a4 of 4 bytes by task 17775 on cpu 1: [ 253.147076][T17775] kick_pool+0x49/0x2d0 [ 253.151238][T17775] __queue_work+0x896/0xaf0 [ 253.155747][T17775] queue_work_on+0xa9/0x140 [ 253.160239][T17775] process_srcu+0xa56/0xdc0 [ 253.164719][T17775] process_scheduled_works+0x513/0xa10 [ 253.170220][T17775] worker_thread+0x58a/0x780 [ 253.174806][T17775] kthread+0x22a/0x280 [ 253.178857][T17775] ret_from_fork+0x150/0x360 [ 253.183429][T17775] ret_from_fork_asm+0x1a/0x30 [ 253.188171][T17775] [ 253.190560][T17775] value changed: 0x00000000 -> 0x00000001 [ 253.196249][T17775] [ 253.198544][T17775] Reported by Kernel Concurrency Sanitizer on: [ 253.204823][T17775] CPU: 1 UID: 0 PID: 17775 Comm: kworker/1:12 Tainted: G W syzkaller #0 PREEMPT(full) [ 253.215992][T17775] Tainted: [W]=WARN [ 253.219766][T17775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 253.229890][T17775] Workqueue: rcu_gp process_srcu [ 253.234832][T17775] ================================================================== [ 254.270757][ T4524] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.317482][ T4524] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.377736][ T4524] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.437464][ T4524] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.532340][ T4524] bridge_slave_1: left allmulticast mode [ 254.539815][ T4524] bridge_slave_1: left promiscuous mode [ 254.545778][ T4524] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.553706][ T4524] bridge_slave_0: left allmulticast mode [ 254.559690][ T4524] bridge_slave_0: left promiscuous mode [ 254.565432][ T4524] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.667251][ T4524] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 254.677307][ T4524] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 254.689773][ T4524] bond0 (unregistering): Released all slaves [ 254.748424][ T4524] hsr_slave_0: left promiscuous mode [ 254.765240][ T4524] hsr_slave_1: left promiscuous mode [ 254.771121][ T4524] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 254.788731][ T4524] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 254.805002][ T4524] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 254.812620][ T4524] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 254.823812][ T4524] veth1_macvtap: left promiscuous mode [ 254.829564][ T4524] veth0_macvtap: left promiscuous mode [ 254.835251][ T4524] veth1_vlan: left promiscuous mode [ 254.840513][ T4524] veth0_vlan: left promiscuous mode [ 254.920542][ T4524] team0 (unregistering): Port device team_slave_1 removed [ 254.932261][ T4524] team0 (unregistering): Port device team_slave_0 removed [ 255.014472][ T43] Bluetooth: hci0: Opcode 0x1003 failed: -110