last executing test programs: 1.425278695s ago: executing program 1 (id=872): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001440)={0x17, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) write$tun(r0, &(0x7f0000000380)={@val={0x2000}, @void, @eth={@broadcast, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x300, 0x0, 0x28, 0x0, @opaque="dafc3fec9b284c93cf0da2c96b67919fb5146b8da82ae0aeddf99df0c319ce53"}}}}}}, 0x4e) 1.345490181s ago: executing program 1 (id=874): bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372"], 0xfc}}, 0x0) 1.321318793s ago: executing program 1 (id=875): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000900)='kfree\x00', r0}, 0x18) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, 0x0, 0x0) close(r1) 1.300077775s ago: executing program 1 (id=876): socket$nl_route(0x10, 0x3, 0x0) syz_usb_connect$cdc_ecm(0x5, 0x1d3, &(0x7f00000011c0)=ANY=[@ANYBLOB], 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x45, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000011008188e6b62aa73f72cc9f0ba1f8483d0000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0) (fail_nth: 1) 1.295388535s ago: executing program 2 (id=877): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001440)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) write$tun(r0, &(0x7f0000000380)={@val={0x2000}, @void, @eth={@broadcast, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x300, 0x0, 0x28, 0x0, @opaque="dafc3fec9b284c93cf0da2c96b67919fb5146b8da82ae0aeddf99df0c319ce53"}}}}}}, 0x4e) 1.250097339s ago: executing program 4 (id=880): r0 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00'}) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r3, 0x0, r2, 0x0, 0x6, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000100)=0x3ff) readv(r1, &(0x7f0000000680)=[{&(0x7f0000000440)=""/196, 0xc4}], 0x1) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000080)={[{@nobh}, {@usrjquota}]}, 0x1, 0x77e, &(0x7f0000000a80)="$eJzs3d9rW1UcAPDvTX/tl7aCoPOpIGhhLLWzbgo+VHwQwcFAn91CmpXZtBlNOtZS0CGCL4KKb/qyZ3/MN1/98ar/hQ/imNoNJz5I5abJmq1Jl25pMs3nA7c9596bnPO9P849yT3cBNC3xtM/mYjDEfFhEjFam59ExFA1NRgxs7nezfW1fDolsbHx+u9JdZ0b62v5aHhN6mAt83hEfP9exJHM9nLLK6vzuWKxsFTLT1YWzk+WV1aPnlvIzRXmCovHp6anj5147sTxzsX650+rh65+9MrTX838/e5jVz74IYmZOFRb1hhHp4zHeG2bDKWb8DYvd7qwHkt6XQHuSXpqDmye5XE4RmOgmgIA/s/ejogNAKDPJK7/ANBn6t8D3Fhfy9en3n4j0V3XXoqIfZvx1+9vbi4ZrN2z21e9D3rgRnLbnZEkIsY6UP54RHz2zZtfpFPs0X1IgGbeuRQRZ8bGt7f/ybYxC7v1zA7Lhmv/x++Yr/2D7vk27f8836z/l7nV/4km/Z+RJufuvai+x/BWftv5v78Dhewg7f+92DC27WZD/DVjA7XcQ9U+31By9lyxkLZtD0fERAyNpPmpHcqYuP7P9VbLGvt/f3z81udp+en/rTUyvw6O3P6a2Vwldz8xN7p2KeKJwWbxJ7f2f9Ki/3uqzTJefeH9T1stS+NP461P2+OP2uikvbFxOeKppvt/a0RbsuP4xMnq4TBZPyia+Prn1vVv3P/plJZf/yzQDen+P7Bz/GNJ43jN8u7L+PHy6Hetlt09/ubH/3DyRjVdbzou5iqVpamI4eS17fOPbb22nq+vn8Y/8WTz83+n4z/9THimzfgHr/725b3Hv7fS+Gd3tf93n7hyc36gVfnt7f/pamqiNqed9q/dCt7PtgMAAAAAAAAAAAAAAAAAAAAAAACAdmUi4lAkmeytdCaTzW7+hvejcSBTLJUrR86Wlhdno/pb2WMxlKk/6nK04XmoU7Xn4dfzx+7IPxsRj0TEJyP7k/pzFGd7HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1B1s8fv/qV9Gel07AGDP7Ot1BQCArnP9B4D+4/oPAP3H9R8A+o/rPwD0H9d/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9tipkyfTaeOv9bV8mp+9sLI8X7pwdLZQns8uLOez+dLS+excqTRXLGTzpYW7vV+xVDo/HYvLFycrhXJlsryyenqhtLxYOX1uITdXOF0Y6kpUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA75ZXV+VyxWFiS2EqkG6atlTd6XtUOJGY68D4DtcPpAQin+4nkwahGhxPNWovhrrZNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8F/wYAAP//hNkgcA==") perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) fcntl$setstatus(r2, 0x4, 0x7c00) dup3(r3, r2, 0x0) sendmsg$IPSET_CMD_PROTOCOL(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c000000010605"], 0x2c}, 0x1, 0x0, 0x0, 0x40001d0}, 0x0) 1.043145765s ago: executing program 2 (id=882): socket$nl_route(0x10, 0x3, 0x0) syz_usb_connect$cdc_ecm(0x5, 0x1d3, &(0x7f00000011c0)=ANY=[@ANYBLOB], 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) r3 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000200)={r4, @in={{0x2, 0x4e23, @empty}}, 0x6, 0x1}, 0x90) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000080)={r4, 0x3}, 0x8) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x45, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000011008188e6b62aa73f72cc9f0ba1f8483d0000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0) 919.453466ms ago: executing program 0 (id=885): bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c757466383d302c636865636b3d7374726963742c646973636172642c757466383d312c757466383d312c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c757466383d312c00ef5c3556"], 0xfd, 0x2a8, &(0x7f0000000280)="$eJzs3E9rE08YwPGnaZOmKW1y+PEDBfFBL3pZ2vgKgrQgBpTaiHoQpnajIWtSsjESEdubV19H8ehNsL6BXrx5Fy9FELz0IF3pbrfZ1qW2te3W5vuBstOdeTKzfxKeXZhZu/fmab3qWlXTllRWJSXZJVkXKUhKQgNb25RfzkjUklwd/fH5wp37D26WyuWpGdXp0uy1oqqOX/zw/OXbSx/bo3ffjb8fltXCw7XvxS+r/6+eW9uYDT+92Vajc81m28w5ts7X3LqletuxjWtrreHarR31Vae5sNBV05gfyy20bNdV0+hq3e5qu6ntVlfNY1NrqGVZOpaTOJnYvWfD4IEjKsszM6Z0LINBEkbidrZaJTMYW1lZPolBAQCA0+X3/F9OJP9/UnO15mrjT/l/So42/0eUn/9vxCaNOBvSmw8AJZPb+v7uRP4PAAAAAAAAAAAAAAAAAAAAAMC/YN3z8p7n5cNt+DcsIlkRCf9Pepw4Hoe4/gMJDhdHLDJxLyvivO5UOpVgG9SXqlITR2yZSPtzibxtQXn6RnlqQn0FWXEWt+L9SYLDYXyoEB8/GcRrJH6xU0lLLtp/UfLyX3x8cVd8WkQ6lYxcuRyJtyQvnx5JUxyZ9+/rXvyrSdXrt8q7+h/x2wEAAAAAcBZYuq2w8/k3WE3SsjRcNmRXfbCz935A8vJzz/cDKisZ6cUPyfmh5I4bAAAAAIB+4nZf1I3j2K1+LozIwaP68dRZ2eCm2bOx53mLm43+vtOUiCR0pN9E5BSc8KMufH0WXMD9NE7yVwkAAADAcegl/UmPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/rXfxcPC9odZeyzS3WAyRwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcDr8CAAD//4DOGY4=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) 783.463687ms ago: executing program 0 (id=887): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000900)='kfree\x00', r0}, 0x18) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, 0x0, 0x0) close(r1) 762.509429ms ago: executing program 0 (id=889): r0 = socket$kcm(0x10, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffff"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b9040200000000806c01000015000a001800feffffff09000d2000000401a80018000a000e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee062e1c547cbc7225e6756cfb39b0590b4800089e408e8d8ef52b49816277cf4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d939acd92637429397f632838", 0xd8}], 0x1}, 0x0) 709.776503ms ago: executing program 0 (id=890): bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73f72cc9f0ba1f848350000005e120602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x4000850) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0xa2f03, 0x0) write$tun(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="5bf372e090b96060ef39d45444763516d195a4417c7f69"], 0x4b) 676.180805ms ago: executing program 4 (id=891): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500"], 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) r1 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x20, &(0x7f0000000540)=[{&(0x7f0000000280)="08001efbb07d5a6e", 0x8}], 0x1, &(0x7f00000002c0)=[@ip_retopts={{0x10}}], 0x10}, 0x4840) 628.200679ms ago: executing program 3 (id=892): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000002c0)={0x54, r2, 0x1, 0x70bd2b, 0xfffffffe, {0x1e}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3e}, {0xc}, {0xc, 0x90, 0x3}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000081}, 0x20044010) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000140)={0x6}, 0x10) write(r3, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40101}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001000000"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) r7 = timerfd_create(0x5, 0x0) timerfd_gettime(r7, &(0x7f0000000080)) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48) syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) unshare(0x2c060000) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000040000000400000008"], 0x50) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000ac0)={{r8}, &(0x7f0000000300), &(0x7f0000000380)}, 0x20) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) 627.89972ms ago: executing program 4 (id=893): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001440)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) write$tun(r0, &(0x7f0000000380)={@val={0x2000}, @void, @eth={@broadcast, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x300, 0x0, 0x28, 0x0, @opaque="dafc3fec9b284c93cf0da2c96b67919fb5146b8da82ae0aeddf99df0c319ce53"}}}}}}, 0x4e) 627.68825ms ago: executing program 1 (id=894): bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000100000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f40108807000008048000980282100f8060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000908000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080"], 0x21c}, 0x1, 0x0, 0x0, 0x20000800}, 0x40) 627.47147ms ago: executing program 0 (id=895): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000000080)={@mcast2}, &(0x7f0000000480)=0x14) pipe(&(0x7f00000004c0)) r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000001200), 0xa0000) read(r1, &(0x7f0000000200)=""/209, 0xd1) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x335, @time={0xa2eb, 0x8}, 0x0, {}, 0x20}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000940)) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x9e, 0x1, 'queue1\x00', 0x10000}) tkill(r0, 0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x4000, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYBLOB="da295ec9b1b015f739f590dc63cbbc2ae94f1770430f9fd8db05661e906c461da919bf09409f7bd4bbce8830a00fe928c9651ab119928c79e4672a1c5458e82c436c7e191f2ceafd819723b468e8ab96f342066d3e8d350b89b669356399a9a349ec471db0d500bd2420b1e4c76a87c056b075b7a1b70a2a6cff75fcf31f08", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007", @ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) socket$netlink(0x10, 0x3, 0x0) syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[], 0x1, 0x5b1, &(0x7f0000001000)="$eJzs3MFv29YZAPDHxK4NBwsGFGvSNEDZtIfsEFeSFwdGBywaTdtsJVEg5cI5DcXiZMHsblg2YMmly6VDgQ077bz1utOO+6d62T/ggRLlybIzuWkbZcDvB8TvUfzI9z2C4QcRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEKJks9FoRqGT9Xb34udLNou8e7y0EKbXj/f3rxPNCYsTf0MUQlT9C8vL4eroo6uv/zf2B9WfG+HKaOlKWK6a5fD00hvf/+D1hQvVhotRdCqLl+3xk6e//OTgYP83X2Obo6Ojz6rZfIdpvTTbaS8r86zb3k7jrMzjjfX1xvs7W2W8lXXS8l45SLtxUqTtQV7EN5O7IYSNtThdvZfv9rY32500vpn8MG5ubNy51Wo01uMPV/tpuyjz3vsfrpbJTtbpZL3tYUy1+lbr7XCnOhE/ygbxIG134/jBo4P9tVlJVkHN8wS1ZgW1Gq1Ws9lqNddvb9y+02gs12fr8QcLjSlhepOF+Z+0vHSv1SfKcGF8jXvtW7uIwws6Sv4y7xQAAACA71g0vMceDe/LXx32trJO2jgRcxTNLT0AAADgWzD8an+lvgEQwtUQnf7+DwAAAPx/+/u4c+YzdiGKQtlfisaPqvT33osO21WvfXhx9NHF6T0Otq5Fl+udDJv1hXopSa9Hb46C3hxHf1U3D57/rN8/Q5VHVBSL0bNvlkD4U7g2irl2f9TeH68ZzXZlK+ukq0ne+aAZ2u3LFwbp3uB3nz76fQhFcXTxi173chQePDrYX/35rw7uD3N5Vu3l2WH9C4lTP5Q4mctSmMjlt8fPPdYzvnvyyC8Ob8RUs/6i110ZjduYnP+F0eYXvsb8Pw9vjWLeWhm1Kyfnv1yN2Vw9Y/aTWTT7e+8t1YOdc+ZTWVwfxVy/OTyx3r1Zr1mcyKI1K4vW5PF/oWNxnMW7J7KYPBZrs7JY+4ZZAMzLg+kqdKr+n6q7L3CV+x/VvRqlKuEzq/svZo7yeXhnFPPOtYW6Il0MYeqK3ph1RW+cs66HcHYW/wg3/vbXEHbDjXHw82psNe6fT1TV6PDLaoMvT4/7h1FT/vvhzqWqs3T46/DG4ydPbz06/OTh/sP9T1uttfXGjxqN262wOJxG3ag9AJwhLb6KVgZ/jIoi6/+subHRbA920rjIk4/iItvcTuOsN0iLZKfd207jfpEP8iTvVJ2Ps820jMvdfj+vKklexP28zPaGb36J61e/lGm33RtkSdnvpO0yjZO8N2gng3gzK5O4v/vTTlbupEW8lRdx2U+TbCtL2oMs78Vlvlsk6Wocl2k6EZhtpkefhZBV3V7cL7Juu7gXf5x3drtpvJlW1bI/yKNQ7XA8VtbbyovucLer8z7YAPCKeBzqN9gdv8ru8U/Gq56cWnVmJyzPiJnzFAGAKdNVemneCQEAAAAAAAAAAAAAAKdMPq734/qVPud77O+V7dy9dNaqt+ef2GQnhLDwCqShc87O8quRxmL93/ZF9xOFEGYHf6+KmedVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADO9p8AAAD//0n5kWY=") socket$unix(0x1, 0x2, 0x0) getpgrp(r0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x5, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC") r2 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000c00)={0x4, 0x0, 0x10}) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$igmp(0x2, 0x3, 0x2) 526.916237ms ago: executing program 1 (id=896): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c) recvmsg$unix(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20) sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000) 520.037688ms ago: executing program 4 (id=897): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@user_xattr}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1e, 0x12, r1, 0x0) 470.329012ms ago: executing program 3 (id=898): bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c757466383d302c636865636b3d7374726963742c646973636172642c757466383d312c757466383d312c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c757466383d312c00ef5c3556"], 0xfd, 0x2a8, &(0x7f0000000280)="$eJzs3E9rE08YwPGnaZOmKW1y+PEDBfFBL3pZ2vgKgrQgBpTaiHoQpnajIWtSsjESEdubV19H8ehNsL6BXrx5Fy9FELz0IF3pbrfZ1qW2te3W5vuBstOdeTKzfxKeXZhZu/fmab3qWlXTllRWJSXZJVkXKUhKQgNb25RfzkjUklwd/fH5wp37D26WyuWpGdXp0uy1oqqOX/zw/OXbSx/bo3ffjb8fltXCw7XvxS+r/6+eW9uYDT+92Vajc81m28w5ts7X3LqletuxjWtrreHarR31Vae5sNBV05gfyy20bNdV0+hq3e5qu6ntVlfNY1NrqGVZOpaTOJnYvWfD4IEjKsszM6Z0LINBEkbidrZaJTMYW1lZPolBAQCA0+X3/F9OJP9/UnO15mrjT/l/So42/0eUn/9vxCaNOBvSmw8AJZPb+v7uRP4PAAAAAAAAAAAAAAAAAAAAAMC/YN3z8p7n5cNt+DcsIlkRCf9Pepw4Hoe4/gMJDhdHLDJxLyvivO5UOpVgG9SXqlITR2yZSPtzibxtQXn6RnlqQn0FWXEWt+L9SYLDYXyoEB8/GcRrJH6xU0lLLtp/UfLyX3x8cVd8WkQ6lYxcuRyJtyQvnx5JUxyZ9+/rXvyrSdXrt8q7+h/x2wEAAAAAcBZYuq2w8/k3WE3SsjRcNmRXfbCz935A8vJzz/cDKisZ6cUPyfmh5I4bAAAAAIB+4nZf1I3j2K1+LozIwaP68dRZ2eCm2bOx53mLm43+vtOUiCR0pN9E5BSc8KMufH0WXMD9NE7yVwkAAADAcegl/UmPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/rXfxcPC9odZeyzS3WAyRwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcDr8CAAD//4DOGY4=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) 444.287784ms ago: executing program 4 (id=899): syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000c40)='./file0\x00', 0x808080, &(0x7f0000000c80)={[{@discard}, {@bh}, {@noblock_validity}]}, 0x2c, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x6) r1 = socket(0x10, 0x3, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r2}, 0x10) r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0) writev(r3, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2) r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="d800000026000186"], 0xd8}, 0x1, 0x0, 0x0, 0x4004041}, 0x20004440) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r1) ioctl$FS_IOC_RESVSP(r0, 0x40305839, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r6}, 0x18) socket(0xa, 0x3, 0x3a) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000002cc0)={{}, {0x1, 0x7}, [], {}, [], {0x10, 0x6}}, 0x24, 0x3) 426.416726ms ago: executing program 2 (id=900): r0 = socket$kcm(0x10, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffff"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b9040200000000806c01000015000a001800feffffff09000d2000000401a80018000a000e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee062e1c547cbc7225e6756cfb39b0590b4800089e408e8d8ef52b49816277cf4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d939acd92637429397f632838", 0xd8}], 0x1}, 0x0) 291.043657ms ago: executing program 4 (id=901): r0 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00'}) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r3, 0x0, r2, 0x0, 0x6, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000100)=0x3ff) readv(r1, &(0x7f0000000680)=[{&(0x7f0000000440)=""/196, 0xc4}], 0x1) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000080)={[{@nobh}, {@usrjquota}]}, 0x1, 0x77e, &(0x7f0000000a80)="$eJzs3d9rW1UcAPDvTX/tl7aCoPOpIGhhLLWzbgo+VHwQwcFAn91CmpXZtBlNOtZS0CGCL4KKb/qyZ3/MN1/98ar/hQ/imNoNJz5I5abJmq1Jl25pMs3nA7c9596bnPO9P849yT3cBNC3xtM/mYjDEfFhEjFam59ExFA1NRgxs7nezfW1fDolsbHx+u9JdZ0b62v5aHhN6mAt83hEfP9exJHM9nLLK6vzuWKxsFTLT1YWzk+WV1aPnlvIzRXmCovHp6anj5147sTxzsX650+rh65+9MrTX838/e5jVz74IYmZOFRb1hhHp4zHeG2bDKWb8DYvd7qwHkt6XQHuSXpqDmye5XE4RmOgmgIA/s/ejogNAKDPJK7/ANBn6t8D3Fhfy9en3n4j0V3XXoqIfZvx1+9vbi4ZrN2z21e9D3rgRnLbnZEkIsY6UP54RHz2zZtfpFPs0X1IgGbeuRQRZ8bGt7f/ybYxC7v1zA7Lhmv/x++Yr/2D7vk27f8836z/l7nV/4km/Z+RJufuvai+x/BWftv5v78Dhewg7f+92DC27WZD/DVjA7XcQ9U+31By9lyxkLZtD0fERAyNpPmpHcqYuP7P9VbLGvt/f3z81udp+en/rTUyvw6O3P6a2Vwldz8xN7p2KeKJwWbxJ7f2f9Ki/3uqzTJefeH9T1stS+NP461P2+OP2uikvbFxOeKppvt/a0RbsuP4xMnq4TBZPyia+Prn1vVv3P/plJZf/yzQDen+P7Bz/GNJ43jN8u7L+PHy6Hetlt09/ubH/3DyRjVdbzou5iqVpamI4eS17fOPbb22nq+vn8Y/8WTz83+n4z/9THimzfgHr/725b3Hv7fS+Gd3tf93n7hyc36gVfnt7f/pamqiNqed9q/dCt7PtgMAAAAAAAAAAAAAAAAAAAAAAACAdmUi4lAkmeytdCaTzW7+hvejcSBTLJUrR86Wlhdno/pb2WMxlKk/6nK04XmoU7Xn4dfzx+7IPxsRj0TEJyP7k/pzFGd7HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1B1s8fv/qV9Gel07AGDP7Ot1BQCArnP9B4D+4/oPAP3H9R8A+o/rPwD0H9d/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9tipkyfTaeOv9bV8mp+9sLI8X7pwdLZQns8uLOez+dLS+excqTRXLGTzpYW7vV+xVDo/HYvLFycrhXJlsryyenqhtLxYOX1uITdXOF0Y6kpUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA75ZXV+VyxWFiS2EqkG6atlTd6XtUOJGY68D4DtcPpAQin+4nkwahGhxPNWovhrrZNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8F/wYAAP//hNkgcA==") fcntl$setstatus(r2, 0x4, 0x7c00) dup3(r3, r2, 0x0) sendmsg$IPSET_CMD_PROTOCOL(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c000000010605"], 0x2c}, 0x1, 0x0, 0x0, 0x40001d0}, 0x0) 244.22097ms ago: executing program 2 (id=902): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x14, r2, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x818}, 0x4024) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00') getdents(r3, 0x0, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000800)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$ETHTOOL_MSG_WOL_SET(r6, &(0x7f0000002440)={0x0, 0x0, &(0x7f0000002400)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010025bd7000ffdbe8251c00000018000180140002006c6f"], 0x2c}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000000) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000040)={0xffbfff}, 0x10) write(r8, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000002000000000800040001000000", 0x24) 215.174873ms ago: executing program 2 (id=903): syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000c40)='./file0\x00', 0x808080, &(0x7f0000000c80)={[{@discard}, {@bh}, {@noblock_validity}]}, 0x2c, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x6) r1 = socket(0x10, 0x3, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r2}, 0x10) r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0) writev(r3, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2) r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="d800000026000186"], 0xd8}, 0x1, 0x0, 0x0, 0x4004041}, 0x20004440) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r1) ioctl$FS_IOC_RESVSP(r0, 0x40305839, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r6}, 0x18) socket(0xa, 0x3, 0x3a) setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000002cc0)={{}, {0x1, 0x7}, [], {}, [], {0x10, 0x6}}, 0x24, 0x3) 189.403545ms ago: executing program 3 (id=904): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mknodat(0xffffffffffffff9c, 0x0, 0x2000, 0x103) 127.68169ms ago: executing program 3 (id=905): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_UNIMAP(r2, 0x4b66, &(0x7f0000000040)={0x12f, 0x0}) 57.472565ms ago: executing program 3 (id=906): bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000100000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f40108807000008048000980282100f8060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000908000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080"], 0x21c}, 0x1, 0x0, 0x0, 0x20000800}, 0x40) 38.741797ms ago: executing program 3 (id=907): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001440)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10) write$tun(r0, &(0x7f0000000380)={@val={0x2000}, @void, @eth={@broadcast, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x300, 0x0, 0x28, 0x0, @opaque="dafc3fec9b284c93cf0da2c96b67919fb5146b8da82ae0aeddf99df0c319ce53"}}}}}}, 0x4e) 14.852679ms ago: executing program 2 (id=908): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x9) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmmsg(r1, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = io_uring_setup(0x25c7, &(0x7f0000000740)={0x0, 0xffffffeb, 0x400, 0x103fc, 0x207}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r4, &(0x7f0000000200)={0xa, 0x20, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f0000000140)=@gcm_128={{0x303}, "342a4f49e872f79d", "4b8b4e0802ff03fbe3c7a6f875981e00", "85372e3c", "090000e6ff00"}, 0x28) readv(r4, &(0x7f0000000700)=[{&(0x7f0000000300)=""/203, 0xcb}], 0x1) close_range(r3, 0xffffffffffffffff, 0x0) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="01002cbd7000ffdbdf25040000"], 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001500)={0xffffffffffffffff, 0xe0, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000012c0)=[0x0], 0x0, 0x74, &(0x7f0000001300)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001340), &(0x7f0000001380), 0x8, 0x51, 0x8, 0x8, &(0x7f00000013c0)}}, 0x10) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$security_selinux(r7, &(0x7f00000000c0), &(0x7f00000002c0)='system_u:object_r:ssh_keygen_exec_t:s0\x00', 0x27, 0x0) sendmsg$NFT_MSG_GETGEN(r7, &(0x7f0000001780)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001740)={&(0x7f0000001700)={0x14, 0x10, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x7}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x20040811) r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001680)={&(0x7f0000001540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x64, 0x64, 0x9, [@float={0xc, 0x0, 0x0, 0x10, 0x18}, @int={0x5, 0x0, 0x0, 0x1, 0x0, 0x1d, 0x0, 0x32, 0x4}, @union={0x2, 0x2, 0x0, 0x5, 0x0, 0x0, [{0x6, 0x5, 0x7a}, {0x4, 0x1, 0x10000}]}, @enum64={0x5, 0x1, 0x0, 0x13, 0x1, 0x0, [{0xe, 0x3, 0x6}]}, @volatile={0x5, 0x0, 0x0, 0x9, 0x3}]}, {0x0, [0x61, 0x0, 0x5f, 0x0, 0x5f, 0x5f, 0x2e]}}, &(0x7f0000001600)=""/87, 0x85, 0x57, 0x1, 0x4, 0x10000}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x5, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000400000bbca30000000000002403000040feffff720af0ff0600000071a4f4ff000000001f030000000000002e0a0200000000002600000000ff000e61143400000000001d430000000000007a0a00fe00581c1f6114140000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae543d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80aba439772bf60a1db18c472dafc5569adc2c406f39f82928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08a1a4b94cb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f1d2156befec432e8e993c79027b7ef285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdc0500000000000000b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb87d9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e28488b0522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b669615f2710eb8df39fc8c04d2c9c196fa6facfea613569a35cde6451f2edf55ce25c7d72ec7ea85a92458c0559ca3a94727d495bd4671a55a70bc544d71d8e0257707a31936f1adf224077310a86bf447ec92c650acca8c6b0721020894b06178c32f4472d17174d6eb2b067030c5d2c12583f46d2da7fba42d4083259c7cdc8bf1f4299c248865d3c809356c3ed"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback, r8, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10, r6}, 0x94) 0s ago: executing program 0 (id=909): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@user_xattr}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1e, 0x12, r1, 0x0) kernel console output (not intermixed with test programs): xe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f349011ec77 code=0x7ffc0000 [ 76.745731][ T4969] RDX: ffffc90002573000 RSI: 000000000004882a RDI: 000000000004882b [ 76.745751][ T4969] RBP: 0000000000010000 R08: 0001c9000326b78f R09: 0000000000000000 [ 76.745763][ T4969] R10: 00000000ffffffff R11: 0000000000000002 R12: 0000000000040000 [ 76.745802][ T4969] R13: ffff88811a579aec R14: ffffffff86d1f538 R15: 0000000000000000 [ 76.810850][ T4969] FS: 00007fbbb729f6c0(0000) GS:ffff8882aef43000(0000) knlGS:0000000000000000 [ 76.820821][ T4969] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.827555][ T4969] CR2: 000020000003f000 CR3: 0000000125116000 CR4: 00000000003506f0 [ 76.836356][ T4969] Call Trace: [ 76.839636][ T29] audit: type=1326 audit(1398165589.816:2910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f349011d550 code=0x7ffc0000 [ 76.839826][ T4969] [ 76.839839][ T4969] virtio_transport_seqpacket_enqueue+0xb4/0xe0 [ 76.868470][ T4953] loop4: detected capacity change from 0 to 736 [ 76.873866][ T4969] vsock_connectible_sendmsg+0x752/0x980 [ 76.873903][ T4969] ? __pfx_woken_wake_function+0x10/0x10 [ 76.873931][ T4969] ? __pfx_vsock_connectible_sendmsg+0x10/0x10 [ 76.874032][ T4969] __sock_sendmsg+0x145/0x180 [ 76.874061][ T4969] ____sys_sendmsg+0x345/0x4e0 [ 76.874087][ T4969] ___sys_sendmsg+0x17b/0x1d0 [ 76.899368][ T4974] loop0: detected capacity change from 0 to 128 [ 76.904006][ T4969] __sys_sendmmsg+0x178/0x300 [ 76.919941][ T4978] loop3: detected capacity change from 0 to 128 [ 76.920152][ T4969] __x64_sys_sendmmsg+0x57/0x70 [ 76.936552][ T4969] x64_sys_call+0x1c4a/0x2ff0 [ 76.941355][ T4969] do_syscall_64+0xd2/0x200 [ 76.946071][ T4969] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 76.952230][ T4969] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 76.958087][ T4969] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.964129][ T4969] RIP: 0033:0x7fbbb883ebe9 [ 76.967484][ T4978] FAT-fs (loop3): Directory bread(block 32) failed [ 76.968590][ T4969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.977074][ T4961] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 76.995100][ T4969] RSP: 002b:00007fbbb729f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 76.995127][ T4969] RAX: ffffffffffffffda RBX: 00007fbbb8a65fa0 RCX: 00007fbbb883ebe9 [ 76.995138][ T4969] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000006 [ 76.995150][ T4969] RBP: 00007fbbb88c1e19 R08: 0000000000000000 R09: 0000000000000000 [ 77.003945][ T4961] FAT-fs (loop2): Filesystem has been set read-only [ 77.012529][ T4969] R10: 0000000024008094 R11: 0000000000000246 R12: 0000000000000000 [ 77.012543][ T4969] R13: 00007fbbb8a66038 R14: 00007fbbb8a65fa0 R15: 00007ffc0c928a58 [ 77.012564][ T4969] [ 77.030753][ T29] audit: type=1326 audit(1398165589.846:2911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.4.467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f349011e7eb code=0x7ffc0000 [ 77.036578][ T4969] ---[ end trace 0000000000000000 ]--- [ 77.044895][ T4978] FAT-fs (loop3): Directory bread(block 33) failed [ 77.051503][ T29] audit: type=1326 audit(1398165589.866:2912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.2.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 77.121562][ T29] audit: type=1326 audit(1398165589.866:2913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.2.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 77.146193][ T29] audit: type=1326 audit(1398165589.866:2914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.2.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 77.170045][ T29] audit: type=1326 audit(1398165589.866:2915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.2.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 77.193471][ T29] audit: type=1326 audit(1398165589.866:2916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.2.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 77.196648][ T4953] rock: directory entry would overflow storage [ 77.216966][ T29] audit: type=1326 audit(1398165589.866:2917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.2.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 77.217004][ T29] audit: type=1326 audit(1398165589.866:2918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4960 comm="syz.2.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 77.220107][ T4978] FAT-fs (loop3): Directory bread(block 34) failed [ 77.223529][ T4953] rock: sig=0x3b10, size=4, remaining=3 [ 77.278366][ T4978] FAT-fs (loop3): Directory bread(block 35) failed [ 77.289945][ T4978] FAT-fs (loop3): Directory bread(block 36) failed [ 77.296601][ T4978] FAT-fs (loop3): Directory bread(block 37) failed [ 77.304757][ T4978] FAT-fs (loop3): Directory bread(block 38) failed [ 77.311441][ T4978] FAT-fs (loop3): Directory bread(block 39) failed [ 77.326025][ T4978] FAT-fs (loop3): Directory bread(block 40) failed [ 77.333506][ T4978] FAT-fs (loop3): Directory bread(block 41) failed [ 77.379847][ T4982] netlink: 'syz.2.475': attribute type 4 has an invalid length. [ 77.397147][ T4980] syzkaller0: entered promiscuous mode [ 77.402994][ T4980] syzkaller0: entered allmulticast mode [ 77.438258][ T4982] : renamed from bond0 (while UP) [ 77.480715][ T4985] loop1: detected capacity change from 0 to 128 [ 77.513492][ T4989] loop0: detected capacity change from 0 to 512 [ 77.522699][ T4985] FAT-fs (loop1): Directory bread(block 32) failed [ 77.541677][ T4985] FAT-fs (loop1): Directory bread(block 33) failed [ 77.562241][ T4985] FAT-fs (loop1): Directory bread(block 34) failed [ 77.569300][ T4985] FAT-fs (loop1): Directory bread(block 35) failed [ 77.580032][ T4989] loop0: detected capacity change from 0 to 512 [ 77.580746][ T4985] FAT-fs (loop1): Directory bread(block 36) failed [ 77.624852][ T4985] FAT-fs (loop1): Directory bread(block 37) failed [ 77.655322][ T4985] FAT-fs (loop1): Directory bread(block 38) failed [ 77.662052][ T4985] FAT-fs (loop1): Directory bread(block 39) failed [ 77.691933][ T4985] FAT-fs (loop1): Directory bread(block 40) failed [ 77.714697][ T4985] FAT-fs (loop1): Directory bread(block 41) failed [ 77.726979][ T5006] loop0: detected capacity change from 0 to 128 [ 77.782259][ T5006] FAT-fs (loop0): Directory bread(block 32) failed [ 77.794487][ T5006] FAT-fs (loop0): Directory bread(block 33) failed [ 77.801325][ T5006] FAT-fs (loop0): Directory bread(block 34) failed [ 77.809420][ T5006] FAT-fs (loop0): Directory bread(block 35) failed [ 77.816496][ T5006] FAT-fs (loop0): Directory bread(block 36) failed [ 77.823316][ T5006] FAT-fs (loop0): Directory bread(block 37) failed [ 77.847930][ T5006] FAT-fs (loop0): Directory bread(block 38) failed [ 77.856277][ T5006] FAT-fs (loop0): Directory bread(block 39) failed [ 77.863109][ T5013] __nla_validate_parse: 11 callbacks suppressed [ 77.863124][ T5013] netlink: 24 bytes leftover after parsing attributes in process `syz.2.483'. [ 77.879813][ T5006] FAT-fs (loop0): Directory bread(block 40) failed [ 77.888627][ T5006] FAT-fs (loop0): Directory bread(block 41) failed [ 77.891944][ T4978] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 77.905735][ T4978] FAT-fs (loop3): Filesystem has been set read-only [ 77.991813][ T5012] netlink: 16 bytes leftover after parsing attributes in process `syz.4.488'. [ 78.002723][ T5012] loop4: detected capacity change from 0 to 128 [ 78.075368][ T4985] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 78.084248][ T4985] FAT-fs (loop1): Filesystem has been set read-only [ 78.157576][ T5034] tipc: Trying to set illegal importance in message [ 78.207636][ T5041] loop3: detected capacity change from 0 to 128 [ 78.222233][ T5043] loop4: detected capacity change from 0 to 512 [ 78.245293][ T5043] netlink: 180 bytes leftover after parsing attributes in process `syz.4.501'. [ 78.255688][ T5043] netlink: 180 bytes leftover after parsing attributes in process `syz.4.501'. [ 78.258625][ T5047] loop2: detected capacity change from 0 to 512 [ 78.276215][ T5043] loop4: detected capacity change from 0 to 512 [ 78.290364][ T5041] FAT-fs (loop3): Directory bread(block 32) failed [ 78.306028][ T5047] netlink: 180 bytes leftover after parsing attributes in process `syz.2.502'. [ 78.307135][ T5041] FAT-fs (loop3): Directory bread(block 33) failed [ 78.329204][ T5049] loop1: detected capacity change from 0 to 1024 [ 78.336919][ T5047] netlink: 180 bytes leftover after parsing attributes in process `syz.2.502'. [ 78.344558][ T5041] FAT-fs (loop3): Directory bread(block 34) failed [ 78.366463][ T5049] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 78.380493][ T5041] FAT-fs (loop3): Directory bread(block 35) failed [ 78.393104][ T5047] loop2: detected capacity change from 0 to 512 [ 78.400770][ T5041] FAT-fs (loop3): Directory bread(block 36) failed [ 78.409946][ T5041] FAT-fs (loop3): Directory bread(block 37) failed [ 78.426839][ T5041] FAT-fs (loop3): Directory bread(block 38) failed [ 78.434115][ T5041] FAT-fs (loop3): Directory bread(block 39) failed [ 78.442216][ T5049] EXT4-fs mount: 16 callbacks suppressed [ 78.442230][ T5049] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.451760][ T5041] FAT-fs (loop3): Directory bread(block 40) failed [ 78.468611][ T5041] FAT-fs (loop3): Directory bread(block 41) failed [ 78.498229][ T5049] ref_ctr increment failed for inode: 0x12 offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff88811a711140 [ 78.510532][ T5049] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5049 comm=syz.1.503 [ 78.540972][ T5060] netlink: 8 bytes leftover after parsing attributes in process `syz.4.507'. [ 78.572195][ T5048] uprobe: syz.1.503:5048 failed to unregister, leaking uprobe [ 78.620911][ T5006] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 78.629969][ T5006] FAT-fs (loop0): Filesystem has been set read-only [ 78.631932][ T5068] netlink: 'syz.4.509': attribute type 4 has an invalid length. [ 78.644689][ T5068] netlink: 152 bytes leftover after parsing attributes in process `syz.4.509'. [ 78.663086][ T5068] : renamed from bond0 (while UP) [ 78.665569][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.822082][ T5077] syzkaller0: entered promiscuous mode [ 78.827802][ T5077] syzkaller0: entered allmulticast mode [ 78.834246][ T5058] loop2: detected capacity change from 0 to 736 [ 78.866410][ T5079] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.904160][ T5058] rock: directory entry would overflow storage [ 78.912510][ T5058] rock: sig=0x3b10, size=4, remaining=3 [ 78.923549][ T5082] SELinux: ebitmap: truncated map [ 78.931478][ T5041] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 78.941038][ T5041] FAT-fs (loop3): Filesystem has been set read-only [ 78.949781][ T5082] SELinux: failed to load policy [ 78.962988][ T5079] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.028642][ T5086] netlink: 176 bytes leftover after parsing attributes in process `syz.1.515'. [ 79.059555][ T5079] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.085086][ T5090] netlink: 4 bytes leftover after parsing attributes in process `syz.1.517'. [ 79.117458][ T5079] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.178241][ T5098] FAULT_INJECTION: forcing a failure. [ 79.178241][ T5098] name failslab, interval 1, probability 0, space 0, times 0 [ 79.191292][ T5098] CPU: 1 UID: 0 PID: 5098 Comm: syz.1.521 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 79.191325][ T5098] Tainted: [W]=WARN [ 79.191331][ T5098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 79.191357][ T5098] Call Trace: [ 79.191363][ T5098] [ 79.191370][ T5098] __dump_stack+0x1d/0x30 [ 79.191391][ T5098] dump_stack_lvl+0xe8/0x140 [ 79.191411][ T5098] dump_stack+0x15/0x1b [ 79.191429][ T5098] should_fail_ex+0x265/0x280 [ 79.191499][ T5098] should_failslab+0x8c/0xb0 [ 79.191522][ T5098] kmem_cache_alloc_node_noprof+0x57/0x320 [ 79.191552][ T5098] ? __alloc_skb+0x101/0x320 [ 79.191606][ T5098] __alloc_skb+0x101/0x320 [ 79.191689][ T5098] netlink_alloc_large_skb+0xba/0xf0 [ 79.191742][ T5098] netlink_sendmsg+0x3cf/0x6b0 [ 79.191770][ T5098] ? __pfx_netlink_sendmsg+0x10/0x10 [ 79.191799][ T5098] __sock_sendmsg+0x145/0x180 [ 79.191843][ T5098] ____sys_sendmsg+0x31e/0x4e0 [ 79.191867][ T5098] ___sys_sendmsg+0x17b/0x1d0 [ 79.191901][ T5098] __x64_sys_sendmsg+0xd4/0x160 [ 79.191961][ T5098] x64_sys_call+0x191e/0x2ff0 [ 79.192015][ T5098] do_syscall_64+0xd2/0x200 [ 79.192069][ T5098] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 79.192092][ T5098] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 79.192118][ T5098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.192136][ T5098] RIP: 0033:0x7f57e5c6ebe9 [ 79.192165][ T5098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.192180][ T5098] RSP: 002b:00007f57e46cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 79.192197][ T5098] RAX: ffffffffffffffda RBX: 00007f57e5e95fa0 RCX: 00007f57e5c6ebe9 [ 79.192209][ T5098] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006 [ 79.192220][ T5098] RBP: 00007f57e46cf090 R08: 0000000000000000 R09: 0000000000000000 [ 79.192231][ T5098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 79.192241][ T5098] R13: 00007f57e5e96038 R14: 00007f57e5e95fa0 R15: 00007ffe42f11da8 [ 79.192298][ T5098] [ 79.434223][ T1346] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.454939][ T5104] loop1: detected capacity change from 0 to 2048 [ 79.482879][ T1346] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.494318][ T1346] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.507498][ T5104] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.525817][ T1346] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.647115][ T5119] FAULT_INJECTION: forcing a failure. [ 79.647115][ T5119] name failslab, interval 1, probability 0, space 0, times 0 [ 79.660860][ T5119] CPU: 1 UID: 0 PID: 5119 Comm: syz.0.530 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 79.660893][ T5119] Tainted: [W]=WARN [ 79.660898][ T5119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 79.660909][ T5119] Call Trace: [ 79.660918][ T5119] [ 79.660928][ T5119] __dump_stack+0x1d/0x30 [ 79.660974][ T5119] dump_stack_lvl+0xe8/0x140 [ 79.661000][ T5119] dump_stack+0x15/0x1b [ 79.661015][ T5119] should_fail_ex+0x265/0x280 [ 79.661038][ T5119] should_failslab+0x8c/0xb0 [ 79.661067][ T5119] kmem_cache_alloc_noprof+0x50/0x310 [ 79.661126][ T5119] ? sctp_get_port_local+0x438/0xae0 [ 79.661287][ T5119] sctp_get_port_local+0x438/0xae0 [ 79.661322][ T5119] sctp_do_bind+0x398/0x4b0 [ 79.661633][ T5119] sctp_connect_new_asoc+0x153/0x3a0 [ 79.661666][ T5119] sctp_sendmsg+0xf10/0x18d0 [ 79.661694][ T5119] ? selinux_socket_sendmsg+0x171/0x1b0 [ 79.661720][ T5119] ? __pfx_sctp_sendmsg+0x10/0x10 [ 79.661844][ T5119] inet_sendmsg+0xc5/0xd0 [ 79.661862][ T5119] __sock_sendmsg+0x102/0x180 [ 79.661934][ T5119] __sys_sendto+0x268/0x330 [ 79.662002][ T5119] __x64_sys_sendto+0x76/0x90 [ 79.662018][ T5119] x64_sys_call+0x2d05/0x2ff0 [ 79.662065][ T5119] do_syscall_64+0xd2/0x200 [ 79.662093][ T5119] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 79.662118][ T5119] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 79.662164][ T5119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.662184][ T5119] RIP: 0033:0x7fbbb883ebe9 [ 79.662198][ T5119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.662214][ T5119] RSP: 002b:00007fbbb729f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 79.662231][ T5119] RAX: ffffffffffffffda RBX: 00007fbbb8a65fa0 RCX: 00007fbbb883ebe9 [ 79.662296][ T5119] RDX: 0000000000034000 RSI: 0000200000000500 RDI: 0000000000000006 [ 79.662306][ T5119] RBP: 00007fbbb729f090 R08: 0000200000000140 R09: 000000000000001c [ 79.662356][ T5119] R10: 000000002000c851 R11: 0000000000000246 R12: 0000000000000001 [ 79.662417][ T5119] R13: 00007fbbb8a66038 R14: 00007fbbb8a65fa0 R15: 00007ffc0c928a58 [ 79.662467][ T5119] [ 80.001745][ T5131] loop0: detected capacity change from 0 to 512 [ 80.005015][ T5132] netlink: 'syz.2.534': attribute type 4 has an invalid length. [ 80.017578][ T5131] EXT4-fs: Ignoring removed bh option [ 80.034891][ T5131] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 80.048048][ T5131] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 80.057152][ T5131] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 80.072868][ T5131] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 80.085771][ T5131] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 80.088508][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.094161][ T5114] loop3: detected capacity change from 0 to 736 [ 80.103312][ T5131] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.150485][ T5141] FAULT_INJECTION: forcing a failure. [ 80.150485][ T5141] name failslab, interval 1, probability 0, space 0, times 0 [ 80.163369][ T5141] CPU: 0 UID: 0 PID: 5141 Comm: syz.2.540 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 80.163403][ T5141] Tainted: [W]=WARN [ 80.163409][ T5141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 80.163421][ T5141] Call Trace: [ 80.163427][ T5141] [ 80.163435][ T5141] __dump_stack+0x1d/0x30 [ 80.163457][ T5141] dump_stack_lvl+0xe8/0x140 [ 80.163521][ T5141] dump_stack+0x15/0x1b [ 80.163537][ T5141] should_fail_ex+0x265/0x280 [ 80.163556][ T5141] should_failslab+0x8c/0xb0 [ 80.163577][ T5141] kmem_cache_alloc_noprof+0x50/0x310 [ 80.163606][ T5141] ? audit_log_start+0x365/0x6c0 [ 80.163662][ T5141] audit_log_start+0x365/0x6c0 [ 80.163688][ T5141] audit_seccomp+0x48/0x100 [ 80.163761][ T5141] ? __seccomp_filter+0x68c/0x10d0 [ 80.163781][ T5141] __seccomp_filter+0x69d/0x10d0 [ 80.163872][ T5141] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 80.163897][ T5141] ? vfs_write+0x7e8/0x960 [ 80.163936][ T5141] __secure_computing+0x82/0x150 [ 80.163954][ T5141] syscall_trace_enter+0xcf/0x1e0 [ 80.163979][ T5141] do_syscall_64+0xac/0x200 [ 80.164056][ T5141] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 80.164118][ T5141] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 80.164139][ T5141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.164181][ T5141] RIP: 0033:0x7f4611e2ebe9 [ 80.164198][ T5141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.164213][ T5141] RSP: 002b:00007f461088f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000044 [ 80.164230][ T5141] RAX: ffffffffffffffda RBX: 00007f4612055fa0 RCX: 00007f4611e2ebe9 [ 80.164241][ T5141] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 80.164295][ T5141] RBP: 00007f461088f090 R08: 0000000000000000 R09: 0000000000000000 [ 80.164311][ T5141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.164322][ T5141] R13: 00007f4612056038 R14: 00007f4612055fa0 R15: 00007ffdf4072398 [ 80.164338][ T5141] [ 80.371466][ T5114] rock: directory entry would overflow storage [ 80.377996][ T5114] rock: sig=0x3b10, size=4, remaining=3 [ 80.425068][ T5145] loop1: detected capacity change from 0 to 512 [ 80.435598][ T5131] FAULT_INJECTION: forcing a failure. [ 80.435598][ T5131] name failslab, interval 1, probability 0, space 0, times 0 [ 80.448581][ T5131] CPU: 1 UID: 0 PID: 5131 Comm: syz.0.535 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 80.448623][ T5131] Tainted: [W]=WARN [ 80.448630][ T5131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 80.448642][ T5131] Call Trace: [ 80.448649][ T5131] [ 80.448657][ T5131] __dump_stack+0x1d/0x30 [ 80.448679][ T5131] dump_stack_lvl+0xe8/0x140 [ 80.448697][ T5131] dump_stack+0x15/0x1b [ 80.448753][ T5131] should_fail_ex+0x265/0x280 [ 80.448796][ T5131] should_failslab+0x8c/0xb0 [ 80.448821][ T5131] kmem_cache_alloc_noprof+0x50/0x310 [ 80.448851][ T5131] ? mb_cache_entry_create+0xf0/0x540 [ 80.448882][ T5131] ? check_xattrs+0x27d/0x7d0 [ 80.448941][ T5131] mb_cache_entry_create+0xf0/0x540 [ 80.448970][ T5131] ext4_xattr_get+0x298/0x470 [ 80.448996][ T5131] ext4_xattr_security_get+0x32/0x40 [ 80.449035][ T5131] ? __pfx_ext4_xattr_security_get+0x10/0x10 [ 80.449057][ T5131] __vfs_getxattr+0x2ad/0x2c0 [ 80.449080][ T5131] cap_inode_need_killpriv+0x2e/0x50 [ 80.449128][ T5131] security_inode_need_killpriv+0x36/0x70 [ 80.449186][ T5131] file_remove_privs_flags+0x123/0x320 [ 80.449216][ T5131] ? path_openat+0x1bf8/0x2170 [ 80.449245][ T5131] ? __rcu_read_unlock+0x4f/0x70 [ 80.449269][ T5131] file_modified_flags+0x32/0x350 [ 80.449299][ T5131] file_modified+0x17/0x20 [ 80.449325][ T5131] ext4_fallocate+0x18c/0x2f0 [ 80.449406][ T5131] vfs_fallocate+0x3b6/0x400 [ 80.449438][ T5131] file_ioctl+0x453/0x530 [ 80.449459][ T5131] do_vfs_ioctl+0x7ca/0xe10 [ 80.449478][ T5131] ? selinux_file_ioctl+0x308/0x3a0 [ 80.449499][ T5131] ? __fget_files+0x184/0x1c0 [ 80.449579][ T5131] __se_sys_ioctl+0x82/0x140 [ 80.449612][ T5131] __x64_sys_ioctl+0x43/0x50 [ 80.449642][ T5131] x64_sys_call+0x1816/0x2ff0 [ 80.449664][ T5131] do_syscall_64+0xd2/0x200 [ 80.449695][ T5131] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 80.449719][ T5131] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 80.449810][ T5131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.449832][ T5131] RIP: 0033:0x7fbbb883ebe9 [ 80.449846][ T5131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.449861][ T5131] RSP: 002b:00007fbbb729f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 80.449928][ T5131] RAX: ffffffffffffffda RBX: 00007fbbb8a65fa0 RCX: 00007fbbb883ebe9 [ 80.449941][ T5131] RDX: 0000200000000040 RSI: 0000000040305839 RDI: 0000000000000004 [ 80.449954][ T5131] RBP: 00007fbbb729f090 R08: 0000000000000000 R09: 0000000000000000 [ 80.449966][ T5131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.449979][ T5131] R13: 00007fbbb8a66038 R14: 00007fbbb8a65fa0 R15: 00007ffc0c928a58 [ 80.449994][ T5131] [ 80.515268][ T5131] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.535: bg 0: block 353: padding at end of block bitmap is not set [ 80.656819][ T5145] EXT4-fs: Ignoring removed bh option [ 80.762763][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.775462][ T5145] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 80.776551][ T5141] serio: Serial port ptm0 [ 80.784722][ T5145] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 80.824744][ T5145] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 80.834696][ T5145] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 80.846736][ T5155] loop3: detected capacity change from 0 to 512 [ 80.855312][ T5155] EXT4-fs: Ignoring removed bh option [ 80.857961][ T5143] serio: Serial port ptm1 [ 80.861983][ T5145] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.885922][ T5155] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 80.895205][ T5155] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 80.904410][ T5155] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 80.914052][ T5145] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.537: bg 0: block 353: padding at end of block bitmap is not set [ 80.914119][ T5155] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 80.937539][ T5155] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.972857][ T5155] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.544: bg 0: block 353: padding at end of block bitmap is not set [ 80.994341][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.019738][ T5162] SELinux: failed to load policy [ 81.066426][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.076784][ T5167] loop0: detected capacity change from 0 to 2048 [ 81.096719][ T5167] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.168481][ T5175] netlink: 'syz.3.551': attribute type 2 has an invalid length. [ 81.226800][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.263901][ T5184] loop0: detected capacity change from 0 to 512 [ 81.288342][ T5184] loop0: detected capacity change from 0 to 512 [ 81.345996][ T5188] loop2: detected capacity change from 0 to 128 [ 81.353393][ T5190] FAULT_INJECTION: forcing a failure. [ 81.353393][ T5190] name failslab, interval 1, probability 0, space 0, times 0 [ 81.366156][ T5190] CPU: 1 UID: 0 PID: 5190 Comm: syz.3.558 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 81.366190][ T5190] Tainted: [W]=WARN [ 81.366196][ T5190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 81.366271][ T5190] Call Trace: [ 81.366277][ T5190] [ 81.366285][ T5190] __dump_stack+0x1d/0x30 [ 81.366303][ T5190] dump_stack_lvl+0xe8/0x140 [ 81.366322][ T5190] dump_stack+0x15/0x1b [ 81.366339][ T5190] should_fail_ex+0x265/0x280 [ 81.366431][ T5190] should_failslab+0x8c/0xb0 [ 81.366478][ T5190] __kmalloc_noprof+0xa5/0x3e0 [ 81.366543][ T5190] ? bpf_test_init+0xa9/0x160 [ 81.366570][ T5190] bpf_test_init+0xa9/0x160 [ 81.366590][ T5190] bpf_prog_test_run_xdp+0x274/0x910 [ 81.366610][ T5190] ? kstrtouint+0x76/0xc0 [ 81.366630][ T5190] ? __rcu_read_unlock+0x4f/0x70 [ 81.366723][ T5190] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 81.366741][ T5190] bpf_prog_test_run+0x227/0x390 [ 81.366770][ T5190] __sys_bpf+0x4b9/0x7b0 [ 81.366803][ T5190] __x64_sys_bpf+0x41/0x50 [ 81.366826][ T5190] x64_sys_call+0x2aea/0x2ff0 [ 81.366913][ T5190] do_syscall_64+0xd2/0x200 [ 81.366939][ T5190] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 81.366963][ T5190] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 81.367032][ T5190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.367051][ T5190] RIP: 0033:0x7f7d19fbebe9 [ 81.367065][ T5190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.367080][ T5190] RSP: 002b:00007f7d18a27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 81.367128][ T5190] RAX: ffffffffffffffda RBX: 00007f7d1a1e5fa0 RCX: 00007f7d19fbebe9 [ 81.367140][ T5190] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 81.367151][ T5190] RBP: 00007f7d18a27090 R08: 0000000000000000 R09: 0000000000000000 [ 81.367162][ T5190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.367173][ T5190] R13: 00007f7d1a1e6038 R14: 00007f7d1a1e5fa0 R15: 00007fffcde9eb58 [ 81.367189][ T5190] [ 81.373050][ T5188] vfat: Unknown parameter '0000000000000000000000318446744073709551615' [ 81.662950][ T5207] FAULT_INJECTION: forcing a failure. [ 81.662950][ T5207] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.677040][ T5207] CPU: 0 UID: 0 PID: 5207 Comm: syz.2.565 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 81.677140][ T5207] Tainted: [W]=WARN [ 81.677146][ T5207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 81.677156][ T5207] Call Trace: [ 81.677164][ T5207] [ 81.677174][ T5207] __dump_stack+0x1d/0x30 [ 81.677216][ T5207] dump_stack_lvl+0xe8/0x140 [ 81.677234][ T5207] dump_stack+0x15/0x1b [ 81.677248][ T5207] should_fail_ex+0x265/0x280 [ 81.677267][ T5207] should_fail+0xb/0x20 [ 81.677317][ T5207] should_fail_usercopy+0x1a/0x20 [ 81.677367][ T5207] _copy_from_user+0x1c/0xb0 [ 81.677397][ T5207] wants_mount_setattr+0x128/0x640 [ 81.677422][ T5207] ? kmem_cache_free+0xdf/0x300 [ 81.677548][ T5207] __se_sys_mount_setattr+0x10f/0x240 [ 81.677572][ T5207] __x64_sys_mount_setattr+0x67/0x80 [ 81.677592][ T5207] x64_sys_call+0x19ab/0x2ff0 [ 81.677632][ T5207] do_syscall_64+0xd2/0x200 [ 81.677661][ T5207] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 81.677761][ T5207] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 81.677789][ T5207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.677810][ T5207] RIP: 0033:0x7f4611e2ebe9 [ 81.677826][ T5207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.677843][ T5207] RSP: 002b:00007f461088f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ba [ 81.677935][ T5207] RAX: ffffffffffffffda RBX: 00007f4612055fa0 RCX: 00007f4611e2ebe9 [ 81.677945][ T5207] RDX: 0000000000008000 RSI: 00002000000016c0 RDI: ffffffffffffffff [ 81.677957][ T5207] RBP: 00007f461088f090 R08: 0000000000000020 R09: 0000000000000000 [ 81.677966][ T5207] R10: 0000200000001700 R11: 0000000000000246 R12: 0000000000000001 [ 81.677976][ T5207] R13: 00007f4612056038 R14: 00007f4612055fa0 R15: 00007ffdf4072398 [ 81.677991][ T5207] [ 81.680111][ T5211] loop0: detected capacity change from 0 to 128 [ 81.883513][ T5211] FAT-fs (loop0): Directory bread(block 162) failed [ 81.883529][ T5211] FAT-fs (loop0): Directory bread(block 163) failed [ 81.883560][ T5211] FAT-fs (loop0): Directory bread(block 164) failed [ 81.883570][ T5211] FAT-fs (loop0): Directory bread(block 165) failed [ 81.883580][ T5211] FAT-fs (loop0): Directory bread(block 166) failed [ 81.883638][ T5211] FAT-fs (loop0): Directory bread(block 167) failed [ 81.883649][ T5211] FAT-fs (loop0): Directory bread(block 168) failed [ 81.883660][ T5211] FAT-fs (loop0): Directory bread(block 169) failed [ 81.884242][ T29] kauditd_printk_skb: 787 callbacks suppressed [ 81.884252][ T29] audit: type=1400 audit(1398165594.856:3704): avc: denied { mount } for pid=5209 comm="syz.0.567" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 81.885431][ T5211] FAT-fs (loop0): Directory bread(block 162) failed [ 81.885450][ T5211] FAT-fs (loop0): Directory bread(block 163) failed [ 81.885847][ T5211] syz.0.567: attempt to access beyond end of device [ 81.885847][ T5211] loop0: rw=3, sector=226, nr_sectors = 6 limit=128 [ 81.885872][ T5211] syz.0.567: attempt to access beyond end of device [ 81.885872][ T5211] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 81.912293][ T29] audit: type=1400 audit(1398165594.886:3705): avc: denied { unmount } for pid=3327 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 81.933962][ T29] audit: type=1326 audit(1398165594.906:3706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5213 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e5c6ebe9 code=0x7ffc0000 [ 81.937695][ T29] audit: type=1326 audit(1398165594.916:3707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5213 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f57e5c6ebe9 code=0x7ffc0000 [ 82.020479][ T5214] netlink: 'syz.1.569': attribute type 4 has an invalid length. [ 82.028486][ T29] audit: type=1326 audit(1398165594.926:3708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5213 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e5c6ebe9 code=0x7ffc0000 [ 82.047312][ T5214] : renamed from bond0 (while UP) [ 82.055480][ T29] audit: type=1326 audit(1398165594.926:3709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5213 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e5c6ebe9 code=0x7ffc0000 [ 82.189098][ T29] audit: type=1326 audit(1398165594.946:3710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5213 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f57e5c6ebe9 code=0x7ffc0000 [ 82.189197][ T29] audit: type=1326 audit(1398165594.946:3711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5213 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e5c6ebe9 code=0x7ffc0000 [ 82.189278][ T29] audit: type=1326 audit(1398165594.946:3712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5213 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f57e5c6ebe9 code=0x7ffc0000 [ 82.213257][ T5221] loop0: detected capacity change from 0 to 2048 [ 82.236592][ T29] audit: type=1326 audit(1398165594.946:3713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5213 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e5c6ebe9 code=0x7ffc0000 [ 82.310732][ T5221] EXT4-fs: Ignoring removed nobh option [ 82.366674][ T5221] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.455059][ T5216] bond_slave_0: entered promiscuous mode [ 82.461245][ T5216] bond_slave_1: entered promiscuous mode [ 82.462076][ T5248] loop1: detected capacity change from 0 to 2048 [ 82.468743][ T5216] macvlan2: entered allmulticast mode [ 82.479531][ T5216] bond0: entered allmulticast mode [ 82.484921][ T5216] bond_slave_0: entered allmulticast mode [ 82.490939][ T5216] bond_slave_1: entered allmulticast mode [ 82.499154][ T5216] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 82.509404][ T5248] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.516165][ T5216] bridge0: port 3(macvlan2) entered blocking state [ 82.529917][ T5216] bridge0: port 3(macvlan2) entered disabled state [ 82.539133][ T5216] macvlan2: entered promiscuous mode [ 82.545848][ T5216] bond0: entered promiscuous mode [ 82.551913][ T5216] bridge0: port 3(macvlan2) entered blocking state [ 82.558585][ T5216] bridge0: port 3(macvlan2) entered forwarding state [ 82.638520][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.660040][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.664112][ T5257] loop2: detected capacity change from 0 to 512 [ 82.715001][ T5260] syzkaller0: entered promiscuous mode [ 82.720708][ T5260] syzkaller0: entered allmulticast mode [ 82.932505][ T5283] loop0: detected capacity change from 0 to 512 [ 82.960651][ T5283] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 82.976231][ T5288] loop1: detected capacity change from 0 to 2048 [ 82.976928][ T5283] EXT4-fs (loop0): mount failed [ 82.998083][ T5283] loop0: detected capacity change from 0 to 1024 [ 83.006977][ T5283] EXT4-fs: Ignoring removed nobh option [ 83.012653][ T5283] EXT4-fs: Ignoring removed bh option [ 83.021230][ T5283] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 83.036705][ T5283] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.053073][ T5283] lo: entered promiscuous mode [ 83.065914][ T5283] tunl0: entered promiscuous mode [ 83.073499][ T5283] gre0: entered promiscuous mode [ 83.074704][ T5295] loop2: detected capacity change from 0 to 2048 [ 83.086899][ T5294] loop1: detected capacity change from 0 to 2048 [ 83.088018][ T5295] EXT4-fs: Ignoring removed nobh option [ 83.097476][ T5283] gretap0: entered promiscuous mode [ 83.111579][ T5283] erspan0: entered promiscuous mode [ 83.120575][ T5283] ip_vti0: entered promiscuous mode [ 83.127362][ T5283] ip6_vti0: entered promiscuous mode [ 83.134381][ T5294] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.134958][ T5283] sit0: entered promiscuous mode [ 83.154059][ T5283] ip6tnl0: entered promiscuous mode [ 83.161809][ T5295] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.162094][ T5283] ip6gre0: entered promiscuous mode [ 83.177055][ T9] kernel write not supported for file /329/attr/exec (pid: 9 comm: kworker/0:0) [ 83.192290][ T5283] syz_tun: entered promiscuous mode [ 83.200815][ T5283] ip6gretap0: entered promiscuous mode [ 83.208819][ T5283] bridge0: port 3(macvlan2) entered disabled state [ 83.215883][ T5283] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.223508][ T5283] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.231762][ T5283] bridge0: entered promiscuous mode [ 83.239496][ T5283] vcan0: entered promiscuous mode [ 83.251143][ T5283] team0: entered promiscuous mode [ 83.251650][ T5302] __nla_validate_parse: 30 callbacks suppressed [ 83.251665][ T5302] netlink: 24 bytes leftover after parsing attributes in process `syz.2.594'. [ 83.256783][ T5283] team_slave_0: entered promiscuous mode [ 83.256995][ T5283] team_slave_1: entered promiscuous mode [ 83.293900][ T5283] dummy0: entered promiscuous mode [ 83.302269][ T5283] nlmon0: entered promiscuous mode [ 83.309276][ T5283] caif0: entered promiscuous mode [ 83.314722][ T5283] batadv0: entered promiscuous mode [ 83.355831][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.367709][ T5283] vxcan0: entered promiscuous mode [ 83.376583][ T5310] loop4: detected capacity change from 0 to 128 [ 83.385008][ T5283] vxcan1: entered promiscuous mode [ 83.394414][ T5310] FAT-fs (loop4): Directory bread(block 32) failed [ 83.409325][ T5283] veth0: entered promiscuous mode [ 83.423323][ T5310] FAT-fs (loop4): Directory bread(block 33) failed [ 83.430366][ T5314] loop3: detected capacity change from 0 to 128 [ 83.439573][ T5283] veth1: entered promiscuous mode [ 83.440532][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.446358][ T5310] FAT-fs (loop4): Directory bread(block 34) failed [ 83.471389][ T5283] wg0: entered promiscuous mode [ 83.478535][ T5283] wg1: entered promiscuous mode [ 83.485354][ T5283] wg2: entered promiscuous mode [ 83.491786][ T5283] veth0_to_bridge: entered promiscuous mode [ 83.497446][ T5314] FAT-fs (loop3): Directory bread(block 32) failed [ 83.500794][ T5283] veth1_to_bridge: entered promiscuous mode [ 83.508950][ T5314] FAT-fs (loop3): Directory bread(block 33) failed [ 83.513460][ T5283] veth0_to_bond: entered promiscuous mode [ 83.517924][ T5314] FAT-fs (loop3): Directory bread(block 34) failed [ 83.524922][ T5283] veth1_to_bond: entered promiscuous mode [ 83.529287][ T5314] FAT-fs (loop3): Directory bread(block 35) failed [ 83.536822][ T5283] veth0_to_team: entered promiscuous mode [ 83.542668][ T5314] FAT-fs (loop3): Directory bread(block 36) failed [ 83.559923][ T5314] FAT-fs (loop3): Directory bread(block 37) failed [ 83.560324][ T5318] netlink: 4 bytes leftover after parsing attributes in process `syz.2.605'. [ 83.568492][ T5314] FAT-fs (loop3): Directory bread(block 38) failed [ 83.575798][ T5283] veth1_to_team: entered promiscuous mode [ 83.582502][ T5314] FAT-fs (loop3): Directory bread(block 39) failed [ 83.588018][ T5310] FAT-fs (loop4): Directory bread(block 35) failed [ 83.595527][ T5314] FAT-fs (loop3): Directory bread(block 40) failed [ 83.601083][ T5310] FAT-fs (loop4): Directory bread(block 36) failed [ 83.608429][ T5314] FAT-fs (loop3): Directory bread(block 41) failed [ 83.617245][ T5283] veth0_to_batadv: entered promiscuous mode [ 83.627261][ T5310] FAT-fs (loop4): Directory bread(block 37) failed [ 83.633790][ T5310] FAT-fs (loop4): Directory bread(block 38) failed [ 83.636053][ T5283] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 83.651099][ T5283] batadv_slave_0: entered promiscuous mode [ 83.657639][ T5320] netlink: 12 bytes leftover after parsing attributes in process `syz.2.605'. [ 83.664231][ T5310] FAT-fs (loop4): Directory bread(block 39) failed [ 83.669234][ T5283] veth1_to_batadv: entered promiscuous mode [ 83.673566][ T5310] FAT-fs (loop4): Directory bread(block 40) failed [ 83.681033][ T5283] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 83.687115][ T5310] FAT-fs (loop4): Directory bread(block 41) failed [ 83.702317][ T5283] batadv_slave_1: entered promiscuous mode [ 83.710689][ T5283] xfrm0: entered promiscuous mode [ 83.717377][ T5283] veth0_to_hsr: entered promiscuous mode [ 83.726705][ T5283] veth1_to_hsr: entered promiscuous mode [ 83.734201][ T5283] hsr0: entered promiscuous mode [ 83.740856][ T5283] veth1_virt_wifi: entered promiscuous mode [ 83.748070][ T5283] veth0_virt_wifi: entered promiscuous mode [ 83.758448][ T5283] ªªªªªª: entered promiscuous mode [ 83.763790][ T5283] vlan1: entered promiscuous mode [ 83.770307][ T5283] macvlan0: entered promiscuous mode [ 83.776599][ T5283] macvlan1: entered promiscuous mode [ 83.783303][ T5283] ipvlan0: entered promiscuous mode [ 83.788780][ T5283] ipvlan1: entered promiscuous mode [ 83.798435][ T5283] macvtap0: entered promiscuous mode [ 83.805382][ T5283] macsec0: entered promiscuous mode [ 83.812010][ T5283] geneve0: entered promiscuous mode [ 83.819733][ T5283] geneve1: entered promiscuous mode [ 83.826526][ T5283] wireguard0: left allmulticast mode [ 83.832505][ T5283] netdevsim netdevsim0 eth0: entered promiscuous mode [ 83.840152][ T5283] netdevsim netdevsim0 eth1: entered promiscuous mode [ 83.847293][ T5283] netdevsim netdevsim0 eth2: entered promiscuous mode [ 83.854664][ T5283] netdevsim netdevsim0 eth3: entered promiscuous mode [ 83.862059][ T5283] bridge1: entered promiscuous mode [ 83.874486][ T5283] bond0: left allmulticast mode [ 83.879380][ T5283] bond_slave_0: left allmulticast mode [ 83.884918][ T5283] bond_slave_1: left allmulticast mode [ 83.898363][ T5283] bridge2: entered promiscuous mode [ 83.905227][ T5314] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 83.913782][ T5314] FAT-fs (loop3): Filesystem has been set read-only [ 83.930342][ T5321] syzkaller0: entered promiscuous mode [ 83.935979][ T5321] syzkaller0: entered allmulticast mode [ 83.942170][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.974757][ T37] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.983197][ T37] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.008902][ T5334] loop0: detected capacity change from 0 to 128 [ 84.040639][ T5334] FAT-fs (loop0): Directory bread(block 32) failed [ 84.051446][ T5310] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 84.060817][ T5310] FAT-fs (loop4): Filesystem has been set read-only [ 84.070151][ T5334] FAT-fs (loop0): Directory bread(block 33) failed [ 84.077741][ T37] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.079786][ T5334] FAT-fs (loop0): Directory bread(block 34) failed [ 84.093570][ T5334] FAT-fs (loop0): Directory bread(block 35) failed [ 84.095574][ T37] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.100473][ T5334] FAT-fs (loop0): Directory bread(block 36) failed [ 84.115843][ T5334] FAT-fs (loop0): Directory bread(block 37) failed [ 84.135601][ T5334] FAT-fs (loop0): Directory bread(block 38) failed [ 84.171752][ T5334] FAT-fs (loop0): Directory bread(block 39) failed [ 84.180444][ T5334] FAT-fs (loop0): Directory bread(block 40) failed [ 84.211117][ T5334] FAT-fs (loop0): Directory bread(block 41) failed [ 84.299267][ T5354] netlink: 'syz.1.614': attribute type 4 has an invalid length. [ 84.307128][ T5354] netlink: 152 bytes leftover after parsing attributes in process `syz.1.614'. [ 84.344853][ T5358] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.370428][ T5361] 9pnet_fd: Insufficient options for proto=fd [ 84.408867][ T5358] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.414416][ T5365] SELinux: policydb magic number 0x4c5047 does not match expected magic number 0xf97cff8c [ 84.449190][ T5365] SELinux: failed to load policy [ 84.459209][ T5370] loop1: detected capacity change from 0 to 128 [ 84.461147][ T5369] loop3: detected capacity change from 0 to 512 [ 84.485698][ T5358] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.516880][ T5370] FAT-fs (loop1): Directory bread(block 32) failed [ 84.523781][ T5370] FAT-fs (loop1): Directory bread(block 33) failed [ 84.532538][ T5369] netlink: 180 bytes leftover after parsing attributes in process `syz.3.621'. [ 84.540830][ T5370] FAT-fs (loop1): Directory bread(block 34) failed [ 84.543367][ T5369] netlink: 180 bytes leftover after parsing attributes in process `syz.3.621'. [ 84.567339][ T5370] FAT-fs (loop1): Directory bread(block 35) failed [ 84.574042][ T5370] FAT-fs (loop1): Directory bread(block 36) failed [ 84.581674][ T5358] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.593636][ T5370] FAT-fs (loop1): Directory bread(block 37) failed [ 84.600350][ T5369] loop3: detected capacity change from 0 to 512 [ 84.604531][ T5370] FAT-fs (loop1): Directory bread(block 38) failed [ 84.637283][ T5370] FAT-fs (loop1): Directory bread(block 39) failed [ 84.653358][ T309] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.674935][ T5370] FAT-fs (loop1): Directory bread(block 40) failed [ 84.683876][ T51] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.690832][ T5370] FAT-fs (loop1): Directory bread(block 41) failed [ 84.705647][ T51] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.774750][ T51] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.804864][ T5381] loop2: detected capacity change from 0 to 128 [ 84.830472][ T5381] FAT-fs (loop2): Directory bread(block 32) failed [ 84.837250][ T5381] FAT-fs (loop2): Directory bread(block 33) failed [ 84.843794][ T5381] FAT-fs (loop2): Directory bread(block 34) failed [ 84.857990][ T5381] FAT-fs (loop2): Directory bread(block 35) failed [ 84.865621][ T5334] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 84.869987][ T5381] FAT-fs (loop2): Directory bread(block 36) failed [ 84.874348][ T5334] FAT-fs (loop0): Filesystem has been set read-only [ 84.881469][ T5381] FAT-fs (loop2): Directory bread(block 37) failed [ 84.881504][ T5381] FAT-fs (loop2): Directory bread(block 38) failed [ 84.881623][ T5381] FAT-fs (loop2): Directory bread(block 39) failed [ 84.881647][ T5381] FAT-fs (loop2): Directory bread(block 40) failed [ 84.881664][ T5381] FAT-fs (loop2): Directory bread(block 41) failed [ 84.905245][ T5384] loop4: detected capacity change from 0 to 2048 [ 84.958216][ T5384] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.090698][ T5400] loop3: detected capacity change from 0 to 1024 [ 85.109171][ T5400] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 85.176231][ T5400] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.291459][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.310038][ T5381] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 85.312356][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.319446][ T5381] FAT-fs (loop2): Filesystem has been set read-only [ 85.393454][ T5410] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.420174][ T5414] loop0: detected capacity change from 0 to 512 [ 85.460322][ T5370] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 85.469979][ T5370] FAT-fs (loop1): Filesystem has been set read-only [ 85.495152][ T5419] SELinux: policydb magic number 0x4c5047 does not match expected magic number 0xf97cff8c [ 85.511261][ T5410] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.514939][ T5419] SELinux: failed to load policy [ 85.576216][ T5423] netlink: 'syz.4.639': attribute type 4 has an invalid length. [ 85.584100][ T5423] netlink: 152 bytes leftover after parsing attributes in process `syz.4.639'. [ 85.610646][ T5414] netlink: 180 bytes leftover after parsing attributes in process `syz.0.637'. [ 85.629104][ T5425] netlink: 180 bytes leftover after parsing attributes in process `syz.0.637'. [ 85.650152][ T5414] loop0: detected capacity change from 0 to 512 [ 85.662662][ T5410] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.681494][ T5432] netlink: 176 bytes leftover after parsing attributes in process `syz.3.641'. [ 85.738618][ T5410] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.817728][ T37] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.864970][ T37] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.883588][ T37] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.914533][ T37] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.013876][ T5460] loop3: detected capacity change from 0 to 2048 [ 86.047711][ T5460] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.160654][ T5473] loop2: detected capacity change from 0 to 2048 [ 86.178099][ T5475] loop0: detected capacity change from 0 to 1024 [ 86.185239][ T5473] EXT4-fs: Ignoring removed nobh option [ 86.193293][ T5475] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 86.204290][ T5475] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 86.260005][ T5475] JBD2: no valid journal superblock found [ 86.265859][ T5475] EXT4-fs (loop0): Could not load journal inode [ 86.272493][ T5473] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.333719][ T5482] loop1: detected capacity change from 0 to 1024 [ 86.368891][ T5482] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 86.382349][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.470182][ T5489] wireguard1: entered promiscuous mode [ 86.476376][ T5489] wireguard1: entered allmulticast mode [ 86.487340][ T5482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.501027][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.618487][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.630086][ T5492] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.667712][ T5496] SELinux: policydb magic number 0x4c5047 does not match expected magic number 0xf97cff8c [ 86.682554][ T5496] SELinux: failed to load policy [ 86.719003][ T5492] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.867952][ T5492] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.957630][ T5492] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.979248][ T29] kauditd_printk_skb: 555 callbacks suppressed [ 86.979260][ T29] audit: type=1326 audit(1398165599.956:4268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 87.010915][ T5500] syz.0.667 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 87.054313][ T5500] loop0: detected capacity change from 0 to 764 [ 87.060945][ T29] audit: type=1326 audit(1398165599.986:4269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 87.085135][ T29] audit: type=1326 audit(1398165599.986:4270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 87.108908][ T29] audit: type=1326 audit(1398165600.006:4271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 87.132321][ T29] audit: type=1326 audit(1398165600.006:4272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 87.155979][ T29] audit: type=1326 audit(1398165600.006:4273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 87.179524][ T29] audit: type=1326 audit(1398165600.006:4274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 87.203519][ T29] audit: type=1326 audit(1398165600.006:4275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 87.227353][ T29] audit: type=1326 audit(1398165600.006:4276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 87.251138][ T29] audit: type=1326 audit(1398165600.006:4277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 87.258165][ T5500] iso9660: Unknown parameter '' [ 87.400424][ T37] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.403690][ T5508] netlink: 'syz.0.669': attribute type 4 has an invalid length. [ 87.414548][ T5509] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 87.452218][ T5508] : renamed from bond0 [ 87.485525][ T5515] loop4: detected capacity change from 0 to 512 [ 87.502336][ T37] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.519062][ T37] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.526445][ T5515] EXT4-fs: Ignoring removed bh option [ 87.535914][ T5515] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 87.545068][ T5515] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 87.548651][ T37] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.585242][ T5515] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 87.599121][ T5515] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 87.608423][ T5520] loop3: detected capacity change from 0 to 128 [ 87.619200][ T5515] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.667518][ T5525] loop0: detected capacity change from 0 to 128 [ 87.679216][ T5520] FAT-fs (loop3): Directory bread(block 32) failed [ 87.688626][ T5525] FAT-fs (loop0): Directory bread(block 162) failed [ 87.689277][ T5515] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.672: bg 0: block 353: padding at end of block bitmap is not set [ 87.701094][ T5525] FAT-fs (loop0): Directory bread(block 163) failed [ 87.714330][ T5520] FAT-fs (loop3): Directory bread(block 33) failed [ 87.727849][ T5525] FAT-fs (loop0): Directory bread(block 164) failed [ 87.729952][ T5520] FAT-fs (loop3): Directory bread(block 34) failed [ 87.740104][ T5525] FAT-fs (loop0): Directory bread(block 165) failed [ 87.748257][ T5525] FAT-fs (loop0): Directory bread(block 166) failed [ 87.756754][ T5520] FAT-fs (loop3): Directory bread(block 35) failed [ 87.770591][ T5520] FAT-fs (loop3): Directory bread(block 36) failed [ 87.777105][ T5525] FAT-fs (loop0): Directory bread(block 167) failed [ 87.785130][ T5520] FAT-fs (loop3): Directory bread(block 37) failed [ 87.790044][ T5525] FAT-fs (loop0): Directory bread(block 168) failed [ 87.791745][ T5520] FAT-fs (loop3): Directory bread(block 38) failed [ 87.814832][ T5525] FAT-fs (loop0): Directory bread(block 169) failed [ 87.841359][ T5525] FAT-fs (loop0): Directory bread(block 162) failed [ 87.851467][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.860780][ T5520] FAT-fs (loop3): Directory bread(block 39) failed [ 87.870789][ T5525] FAT-fs (loop0): Directory bread(block 163) failed [ 87.884977][ T5525] syz.0.676: attempt to access beyond end of device [ 87.884977][ T5525] loop0: rw=3, sector=226, nr_sectors = 6 limit=128 [ 87.890762][ T5520] FAT-fs (loop3): Directory bread(block 40) failed [ 87.913277][ T5520] FAT-fs (loop3): Directory bread(block 41) failed [ 87.913874][ T5530] SELinux: Context Ü is not valid (left unmapped). [ 87.960872][ T5525] syz.0.676: attempt to access beyond end of device [ 87.960872][ T5525] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 88.028187][ T5545] loop2: detected capacity change from 0 to 512 [ 88.036058][ T5545] EXT4-fs: Ignoring removed bh option [ 88.042076][ T5545] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 88.051251][ T5545] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 88.064689][ T5545] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 88.076136][ T5545] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 88.085701][ T5545] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.109296][ T5551] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.121818][ T5550] loop0: detected capacity change from 0 to 1024 [ 88.130390][ T5550] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 88.135884][ T5545] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.684: bg 0: block 353: padding at end of block bitmap is not set [ 88.146893][ T5550] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.174947][ T5551] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.201784][ T5557] SELinux: policydb magic number 0x4c5047 does not match expected magic number 0xf97cff8c [ 88.205711][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.211883][ T5557] SELinux: failed to load policy [ 88.226761][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.248181][ T5551] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.298778][ T5551] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.372809][ T5566] FAULT_INJECTION: forcing a failure. [ 88.372809][ T5566] name failslab, interval 1, probability 0, space 0, times 0 [ 88.385634][ T5566] CPU: 1 UID: 0 PID: 5566 Comm: syz.1.690 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 88.385692][ T5566] Tainted: [W]=WARN [ 88.385699][ T5566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 88.385711][ T5566] Call Trace: [ 88.385718][ T5566] [ 88.385726][ T5566] __dump_stack+0x1d/0x30 [ 88.385751][ T5566] dump_stack_lvl+0xe8/0x140 [ 88.385772][ T5566] dump_stack+0x15/0x1b [ 88.385804][ T5566] should_fail_ex+0x265/0x280 [ 88.385850][ T5566] should_failslab+0x8c/0xb0 [ 88.385874][ T5566] __kmalloc_node_track_caller_noprof+0xa4/0x410 [ 88.385948][ T5566] ? sidtab_sid2str_get+0xa0/0x130 [ 88.385972][ T5566] kmemdup_noprof+0x2b/0x70 [ 88.386000][ T5566] sidtab_sid2str_get+0xa0/0x130 [ 88.386022][ T5566] security_sid_to_context_core+0x1eb/0x2e0 [ 88.386125][ T5566] security_sid_to_context+0x27/0x40 [ 88.386149][ T5566] selinux_lsmprop_to_secctx+0x67/0xf0 [ 88.386172][ T5566] security_lsmprop_to_secctx+0x43/0x80 [ 88.386242][ T5566] audit_log_task_context+0x77/0x190 [ 88.386277][ T5566] audit_log_task+0xf4/0x250 [ 88.386318][ T5566] audit_seccomp+0x61/0x100 [ 88.386345][ T5566] ? __seccomp_filter+0x68c/0x10d0 [ 88.386369][ T5566] __seccomp_filter+0x69d/0x10d0 [ 88.386392][ T5566] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 88.386420][ T5566] ? vfs_write+0x7e8/0x960 [ 88.386443][ T5566] ? __rcu_read_unlock+0x4f/0x70 [ 88.386491][ T5566] ? __fget_files+0x184/0x1c0 [ 88.386520][ T5566] __secure_computing+0x82/0x150 [ 88.386542][ T5566] syscall_trace_enter+0xcf/0x1e0 [ 88.386567][ T5566] do_syscall_64+0xac/0x200 [ 88.386595][ T5566] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 88.386754][ T5566] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 88.386781][ T5566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.386801][ T5566] RIP: 0033:0x7f57e5c6ebe9 [ 88.386830][ T5566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.386847][ T5566] RSP: 002b:00007f57e46cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c [ 88.386868][ T5566] RAX: ffffffffffffffda RBX: 00007f57e5e95fa0 RCX: 00007f57e5c6ebe9 [ 88.386880][ T5566] RDX: 0000000000006000 RSI: 0000000000000000 RDI: ffffffffffffffff [ 88.386894][ T5566] RBP: 00007f57e46cf090 R08: 0000000000000000 R09: 0000000000000000 [ 88.386906][ T5566] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001 [ 88.386984][ T5566] R13: 00007f57e5e96038 R14: 00007f57e5e95fa0 R15: 00007ffe42f11da8 [ 88.387004][ T5566] [ 88.439523][ T5571] loop2: detected capacity change from 0 to 512 [ 88.559247][ T5520] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 88.570938][ T5576] loop1: detected capacity change from 0 to 128 [ 88.575677][ T5520] FAT-fs (loop3): Filesystem has been set read-only [ 88.600730][ T5571] EXT4-fs: Ignoring removed nobh option [ 88.615416][ T5576] FAT-fs (loop1): Directory bread(block 162) failed [ 88.635495][ T5571] EXT4-fs: dax option not supported [ 88.639644][ T5576] FAT-fs (loop1): Directory bread(block 163) failed [ 88.709557][ T5576] FAT-fs (loop1): Directory bread(block 164) failed [ 88.721182][ T5581] bond0: entered promiscuous mode [ 88.723956][ T5576] FAT-fs (loop1): Directory bread(block 165) failed [ 88.726368][ T5581] bond0: entered allmulticast mode [ 88.729993][ T5581] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.778142][ T5581] bond0 (unregistering): Released all slaves [ 88.789898][ T5576] FAT-fs (loop1): Directory bread(block 166) failed [ 88.797740][ T5576] FAT-fs (loop1): Directory bread(block 167) failed [ 88.821283][ T5576] FAT-fs (loop1): Directory bread(block 168) failed [ 88.832213][ T5589] loop3: detected capacity change from 0 to 512 [ 88.841552][ T5589] __nla_validate_parse: 12 callbacks suppressed [ 88.841565][ T5589] netlink: 180 bytes leftover after parsing attributes in process `syz.3.698'. [ 88.859598][ T5589] netlink: 180 bytes leftover after parsing attributes in process `syz.3.698'. [ 88.863502][ T5576] FAT-fs (loop1): Directory bread(block 169) failed [ 88.881923][ T5589] loop3: detected capacity change from 0 to 512 [ 88.904349][ T2913] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.924811][ T5576] FAT-fs (loop1): Directory bread(block 162) failed [ 88.931512][ T5576] FAT-fs (loop1): Directory bread(block 163) failed [ 88.942260][ T2913] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.956127][ T2913] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.964972][ T2913] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.980951][ T5591] netlink: 'syz.0.700': attribute type 4 has an invalid length. [ 88.988720][ T5591] netlink: 152 bytes leftover after parsing attributes in process `syz.0.700'. [ 89.002607][ T5576] syz.1.694: attempt to access beyond end of device [ 89.002607][ T5576] loop1: rw=3, sector=226, nr_sectors = 6 limit=128 [ 89.016045][ T5576] syz.1.694: attempt to access beyond end of device [ 89.016045][ T5576] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 89.035109][ T5595] loop2: detected capacity change from 0 to 1024 [ 89.046220][ T5593] syzkaller0: entered promiscuous mode [ 89.051740][ T5593] syzkaller0: entered allmulticast mode [ 89.058249][ T5595] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 89.106438][ T5595] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.136587][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.169843][ T5609] netlink: 76 bytes leftover after parsing attributes in process `syz.2.706'. [ 89.233983][ T5613] loop1: detected capacity change from 0 to 128 [ 89.243959][ T5613] FAT-fs (loop1): Directory bread(block 32) failed [ 89.250979][ T5613] FAT-fs (loop1): Directory bread(block 33) failed [ 89.257897][ T5613] FAT-fs (loop1): Directory bread(block 34) failed [ 89.264497][ T5613] FAT-fs (loop1): Directory bread(block 35) failed [ 89.272599][ T5613] FAT-fs (loop1): Directory bread(block 36) failed [ 89.279698][ T5613] FAT-fs (loop1): Directory bread(block 37) failed [ 89.286621][ T5613] FAT-fs (loop1): Directory bread(block 38) failed [ 89.293366][ T5613] FAT-fs (loop1): Directory bread(block 39) failed [ 89.300135][ T5613] FAT-fs (loop1): Directory bread(block 40) failed [ 89.307289][ T5613] FAT-fs (loop1): Directory bread(block 41) failed [ 89.366797][ T5599] loop0: detected capacity change from 0 to 1024 [ 89.373898][ T5618] loop4: detected capacity change from 0 to 2048 [ 89.389055][ T5618] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.406019][ T5628] loop2: detected capacity change from 0 to 512 [ 89.415276][ T5628] netlink: 180 bytes leftover after parsing attributes in process `syz.2.712'. [ 89.420048][ T5599] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.445670][ T5628] netlink: 180 bytes leftover after parsing attributes in process `syz.2.712'. [ 89.459428][ T5628] loop2: detected capacity change from 0 to 512 [ 89.512487][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.523629][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.602585][ T5647] loop0: detected capacity change from 0 to 512 [ 89.627079][ T5647] EXT4-fs: Ignoring removed bh option [ 89.634491][ T5647] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 89.643566][ T5647] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 89.655276][ T5647] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 89.675795][ T5647] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 89.684401][ T5647] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.728686][ T5647] netlink: 180 bytes leftover after parsing attributes in process `syz.0.719'. [ 89.740031][ T5647] netlink: 180 bytes leftover after parsing attributes in process `syz.0.719'. [ 89.749460][ T5613] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 89.750337][ T5647] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.719: bg 0: block 353: padding at end of block bitmap is not set [ 89.758230][ T5613] FAT-fs (loop1): Filesystem has been set read-only [ 89.807873][ T5652] loop1: detected capacity change from 0 to 512 [ 89.815561][ T5652] EXT4-fs: Ignoring removed bh option [ 89.817691][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.831215][ T5652] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 89.840316][ T5652] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 89.843445][ T5655] netlink: 176 bytes leftover after parsing attributes in process `syz.0.722'. [ 89.850812][ T5652] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 89.867068][ T5652] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 89.875957][ T5652] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.877401][ T5658] netlink: 176 bytes leftover after parsing attributes in process `syz.0.723'. [ 89.923697][ T5652] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.721: bg 0: block 353: padding at end of block bitmap is not set [ 89.944716][ T5661] loop0: detected capacity change from 0 to 512 [ 89.960487][ T5661] loop0: detected capacity change from 0 to 512 [ 89.977253][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.068486][ T5677] loop0: detected capacity change from 0 to 128 [ 90.098631][ T5677] FAT-fs (loop0): Directory bread(block 32) failed [ 90.109543][ T5677] FAT-fs (loop0): Directory bread(block 33) failed [ 90.122238][ T5650] loop4: detected capacity change from 0 to 1024 [ 90.129158][ T5677] FAT-fs (loop0): Directory bread(block 34) failed [ 90.138143][ T5677] FAT-fs (loop0): Directory bread(block 35) failed [ 90.146443][ T5677] FAT-fs (loop0): Directory bread(block 36) failed [ 90.154200][ T5677] FAT-fs (loop0): Directory bread(block 37) failed [ 90.166157][ T5650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.181997][ T5677] FAT-fs (loop0): Directory bread(block 38) failed [ 90.189090][ T5677] FAT-fs (loop0): Directory bread(block 39) failed [ 90.205555][ T5677] FAT-fs (loop0): Directory bread(block 40) failed [ 90.214577][ T5677] FAT-fs (loop0): Directory bread(block 41) failed [ 90.235825][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.273399][ T5692] loop1: detected capacity change from 0 to 512 [ 90.286000][ T5692] loop1: detected capacity change from 0 to 512 [ 90.311510][ T5695] loop1: detected capacity change from 0 to 164 [ 90.357585][ T5701] loop2: detected capacity change from 0 to 128 [ 90.368777][ T5701] FAT-fs (loop2): Directory bread(block 162) failed [ 90.376005][ T5706] loop1: detected capacity change from 0 to 128 [ 90.377038][ T5701] FAT-fs (loop2): Directory bread(block 163) failed [ 90.389099][ T5701] FAT-fs (loop2): Directory bread(block 164) failed [ 90.392794][ T5706] FAT-fs (loop1): Directory bread(block 162) failed [ 90.396764][ T5701] FAT-fs (loop2): Directory bread(block 165) failed [ 90.402750][ T5706] FAT-fs (loop1): Directory bread(block 163) failed [ 90.409032][ T5701] FAT-fs (loop2): Directory bread(block 166) failed [ 90.409054][ T5701] FAT-fs (loop2): Directory bread(block 167) failed [ 90.409070][ T5701] FAT-fs (loop2): Directory bread(block 168) failed [ 90.409086][ T5701] FAT-fs (loop2): Directory bread(block 169) failed [ 90.418020][ T5706] FAT-fs (loop1): Directory bread(block 164) failed [ 90.435880][ T5707] loop4: detected capacity change from 0 to 128 [ 90.443290][ T5706] FAT-fs (loop1): Directory bread(block 165) failed [ 90.467320][ T5706] FAT-fs (loop1): Directory bread(block 166) failed [ 90.467365][ T5701] FAT-fs (loop2): Directory bread(block 162) failed [ 90.480890][ T5701] FAT-fs (loop2): Directory bread(block 163) failed [ 90.487915][ T5701] syz.2.740: attempt to access beyond end of device [ 90.487915][ T5701] loop2: rw=3, sector=226, nr_sectors = 6 limit=128 [ 90.501177][ T5701] syz.2.740: attempt to access beyond end of device [ 90.501177][ T5701] loop2: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 90.533875][ T5706] FAT-fs (loop1): Directory bread(block 167) failed [ 90.561594][ T5706] FAT-fs (loop1): Directory bread(block 168) failed [ 90.568317][ T5706] FAT-fs (loop1): Directory bread(block 169) failed [ 90.598698][ T5677] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 90.607355][ T5677] FAT-fs (loop0): Filesystem has been set read-only [ 90.637401][ T5706] FAT-fs (loop1): Directory bread(block 162) failed [ 90.644350][ T5706] FAT-fs (loop1): Directory bread(block 163) failed [ 90.651487][ T5706] syz.1.742: attempt to access beyond end of device [ 90.651487][ T5706] loop1: rw=3, sector=226, nr_sectors = 6 limit=128 [ 90.665111][ T5706] syz.1.742: attempt to access beyond end of device [ 90.665111][ T5706] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 90.786131][ T5724] loop1: detected capacity change from 0 to 1024 [ 90.795516][ T5726] loop0: detected capacity change from 0 to 512 [ 90.803602][ T5724] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 90.819863][ T5726] loop0: detected capacity change from 0 to 512 [ 90.828183][ T5724] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.887211][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.937294][ T5715] loop2: detected capacity change from 0 to 736 [ 91.001186][ T5736] FAULT_INJECTION: forcing a failure. [ 91.001186][ T5736] name failslab, interval 1, probability 0, space 0, times 0 [ 91.014149][ T5736] CPU: 1 UID: 0 PID: 5736 Comm: syz.3.752 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 91.014216][ T5736] Tainted: [W]=WARN [ 91.014223][ T5736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 91.014235][ T5736] Call Trace: [ 91.014282][ T5736] [ 91.014352][ T5736] __dump_stack+0x1d/0x30 [ 91.014373][ T5736] dump_stack_lvl+0xe8/0x140 [ 91.014392][ T5736] dump_stack+0x15/0x1b [ 91.014409][ T5736] should_fail_ex+0x265/0x280 [ 91.014432][ T5736] should_failslab+0x8c/0xb0 [ 91.014475][ T5736] kmem_cache_alloc_noprof+0x50/0x310 [ 91.014502][ T5736] ? audit_log_start+0x365/0x6c0 [ 91.014531][ T5736] audit_log_start+0x365/0x6c0 [ 91.014577][ T5736] audit_seccomp+0x48/0x100 [ 91.014601][ T5736] ? __seccomp_filter+0x68c/0x10d0 [ 91.014622][ T5736] __seccomp_filter+0x69d/0x10d0 [ 91.014724][ T5736] ? __list_add_valid_or_report+0x38/0xe0 [ 91.014753][ T5736] ? _raw_spin_unlock+0x26/0x50 [ 91.014852][ T5736] __secure_computing+0x82/0x150 [ 91.014938][ T5736] syscall_trace_enter+0xcf/0x1e0 [ 91.014961][ T5736] do_syscall_64+0xac/0x200 [ 91.014987][ T5736] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 91.015065][ T5736] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 91.015089][ T5736] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.015110][ T5736] RIP: 0033:0x7f7d19fbd5fc [ 91.015125][ T5736] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 91.015219][ T5736] RSP: 002b:00007f7d18a27030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 91.015275][ T5736] RAX: ffffffffffffffda RBX: 00007f7d1a1e5fa0 RCX: 00007f7d19fbd5fc [ 91.015314][ T5736] RDX: 000000000000000f RSI: 00007f7d18a270a0 RDI: 0000000000000006 [ 91.015325][ T5736] RBP: 00007f7d18a27090 R08: 0000000000000000 R09: 0000000000000000 [ 91.015338][ T5736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.015349][ T5736] R13: 00007f7d1a1e6038 R14: 00007f7d1a1e5fa0 R15: 00007fffcde9eb58 [ 91.015384][ T5736] [ 91.229828][ T5715] rock: directory entry would overflow storage [ 91.236489][ T5715] rock: sig=0x3b10, size=4, remaining=3 [ 91.261185][ T5738] loop3: detected capacity change from 0 to 128 [ 91.288624][ T5738] FAT-fs (loop3): Directory bread(block 162) failed [ 91.295401][ T5738] FAT-fs (loop3): Directory bread(block 163) failed [ 91.310937][ T5738] FAT-fs (loop3): Directory bread(block 164) failed [ 91.323167][ T5738] FAT-fs (loop3): Directory bread(block 165) failed [ 91.336500][ T5738] FAT-fs (loop3): Directory bread(block 166) failed [ 91.347494][ T5738] FAT-fs (loop3): Directory bread(block 167) failed [ 91.354188][ T5738] FAT-fs (loop3): Directory bread(block 168) failed [ 91.361045][ T5738] FAT-fs (loop3): Directory bread(block 169) failed [ 91.369447][ T5738] FAT-fs (loop3): Directory bread(block 162) failed [ 91.376290][ T5738] FAT-fs (loop3): Directory bread(block 163) failed [ 91.383528][ T5738] syz.3.753: attempt to access beyond end of device [ 91.383528][ T5738] loop3: rw=3, sector=226, nr_sectors = 6 limit=128 [ 91.415456][ T5744] loop0: detected capacity change from 0 to 128 [ 91.423121][ T5738] syz.3.753: attempt to access beyond end of device [ 91.423121][ T5738] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 91.448056][ T5746] loop4: detected capacity change from 0 to 2048 [ 91.456873][ T5744] FAT-fs (loop0): Directory bread(block 32) failed [ 91.463828][ T5744] FAT-fs (loop0): Directory bread(block 33) failed [ 91.471054][ T5744] FAT-fs (loop0): Directory bread(block 34) failed [ 91.479466][ T5749] : entered promiscuous mode [ 91.479776][ T5746] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 91.484257][ T5749] bond_slave_0: entered promiscuous mode [ 91.484316][ T5749] bond_slave_1: entered promiscuous mode [ 91.501648][ T5744] FAT-fs (loop0): Directory bread(block 35) failed [ 91.537570][ T5752] FAULT_INJECTION: forcing a failure. [ 91.537570][ T5752] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 91.538874][ T5744] FAT-fs (loop0): Directory bread(block 36) failed [ 91.550774][ T5752] CPU: 0 UID: 0 PID: 5752 Comm: syz.3.759 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 91.550826][ T5752] Tainted: [W]=WARN [ 91.550848][ T5752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 91.550860][ T5752] Call Trace: [ 91.550868][ T5752] [ 91.550876][ T5752] __dump_stack+0x1d/0x30 [ 91.550898][ T5752] dump_stack_lvl+0xe8/0x140 [ 91.550917][ T5752] dump_stack+0x15/0x1b [ 91.550981][ T5752] should_fail_ex+0x265/0x280 [ 91.551100][ T5752] should_fail+0xb/0x20 [ 91.551117][ T5752] should_fail_usercopy+0x1a/0x20 [ 91.551139][ T5752] _copy_from_user+0x1c/0xb0 [ 91.551168][ T5752] mon_bin_ioctl+0x99/0x930 [ 91.551193][ T5752] ? __fget_files+0x184/0x1c0 [ 91.551218][ T5752] ? __pfx_mon_bin_ioctl+0x10/0x10 [ 91.551242][ T5752] __se_sys_ioctl+0xce/0x140 [ 91.551273][ T5752] __x64_sys_ioctl+0x43/0x50 [ 91.551309][ T5752] x64_sys_call+0x1816/0x2ff0 [ 91.551330][ T5752] do_syscall_64+0xd2/0x200 [ 91.551417][ T5752] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 91.551441][ T5752] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 91.551532][ T5752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.551594][ T5752] RIP: 0033:0x7f7d19fbebe9 [ 91.551609][ T5752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.551626][ T5752] RSP: 002b:00007f7d18a27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 91.551646][ T5752] RAX: ffffffffffffffda RBX: 00007f7d1a1e5fa0 RCX: 00007f7d19fbebe9 [ 91.551658][ T5752] RDX: 00002000000000c0 RSI: 00000000c0109207 RDI: 0000000000000003 [ 91.551670][ T5752] RBP: 00007f7d18a27090 R08: 0000000000000000 R09: 0000000000000000 [ 91.551680][ T5752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.551691][ T5752] R13: 00007f7d1a1e6038 R14: 00007f7d1a1e5fa0 R15: 00007fffcde9eb58 [ 91.551787][ T5752] [ 91.606292][ T5756] loop2: detected capacity change from 0 to 512 [ 91.607061][ T5744] FAT-fs (loop0): Directory bread(block 37) failed [ 91.656367][ T5758] loop3: detected capacity change from 0 to 128 [ 91.659707][ T5744] FAT-fs (loop0): Directory bread(block 38) failed [ 91.719456][ T5759] loop2: detected capacity change from 0 to 512 [ 91.721029][ T5744] FAT-fs (loop0): Directory bread(block 39) failed [ 91.786879][ T5744] FAT-fs (loop0): Directory bread(block 40) failed [ 91.791329][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.793520][ T5744] FAT-fs (loop0): Directory bread(block 41) failed [ 91.811671][ T5765] FAULT_INJECTION: forcing a failure. [ 91.811671][ T5765] name failslab, interval 1, probability 0, space 0, times 0 [ 91.824459][ T5765] CPU: 1 UID: 0 PID: 5765 Comm: syz.3.765 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 91.824509][ T5765] Tainted: [W]=WARN [ 91.824515][ T5765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 91.824525][ T5765] Call Trace: [ 91.824532][ T5765] [ 91.824539][ T5765] __dump_stack+0x1d/0x30 [ 91.824558][ T5765] dump_stack_lvl+0xe8/0x140 [ 91.824650][ T5765] dump_stack+0x15/0x1b [ 91.824667][ T5765] should_fail_ex+0x265/0x280 [ 91.824685][ T5765] should_failslab+0x8c/0xb0 [ 91.824706][ T5765] kmem_cache_alloc_node_noprof+0x57/0x320 [ 91.824730][ T5765] ? __alloc_skb+0x101/0x320 [ 91.824874][ T5765] __alloc_skb+0x101/0x320 [ 91.824957][ T5765] ip6_frag_next+0xaf/0x500 [ 91.825010][ T5765] ? skb_checksum_help+0x59/0x4a0 [ 91.825029][ T5765] ip6_fragment+0xf66/0x1250 [ 91.825052][ T5765] ? __pfx_ip6_finish_output2+0x10/0x10 [ 91.825081][ T5765] ? __pfx_ip6_mtu+0x10/0x10 [ 91.825159][ T5765] ip6_finish_output+0x339/0x540 [ 91.825177][ T5765] ip6_output+0xfd/0x240 [ 91.825232][ T5765] ? __pfx_ip6_finish_output+0x10/0x10 [ 91.825250][ T5765] ip6_xmit+0x894/0xc00 [ 91.825277][ T5765] ? __pfx_dst_output+0x10/0x10 [ 91.825346][ T5765] inet6_csk_xmit+0x1d1/0x210 [ 91.825379][ T5765] l2tp_xmit_skb+0xa7d/0xcd0 [ 91.825495][ T5765] ? pppol2tp_sendmsg+0x31b/0x440 [ 91.825531][ T5765] pppol2tp_sendmsg+0x331/0x440 [ 91.825550][ T5765] ? __pfx_pppol2tp_sendmsg+0x10/0x10 [ 91.825571][ T5765] __sock_sendmsg+0x145/0x180 [ 91.825594][ T5765] sock_write_iter+0x165/0x1b0 [ 91.825618][ T5765] do_iter_readv_writev+0x499/0x540 [ 91.825667][ T5765] vfs_writev+0x2df/0x8b0 [ 91.825699][ T5765] do_writev+0xe7/0x210 [ 91.825722][ T5765] __x64_sys_writev+0x45/0x50 [ 91.825805][ T5765] x64_sys_call+0x1e9a/0x2ff0 [ 91.825825][ T5765] do_syscall_64+0xd2/0x200 [ 91.825851][ T5765] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 91.825872][ T5765] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 91.825917][ T5765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.825937][ T5765] RIP: 0033:0x7f7d19fbebe9 [ 91.825953][ T5765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.825970][ T5765] RSP: 002b:00007f7d18a27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 91.826064][ T5765] RAX: ffffffffffffffda RBX: 00007f7d1a1e5fa0 RCX: 00007f7d19fbebe9 [ 91.826078][ T5765] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000003 [ 91.826092][ T5765] RBP: 00007f7d18a27090 R08: 0000000000000000 R09: 0000000000000000 [ 91.826105][ T5765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.826118][ T5765] R13: 00007f7d1a1e6038 R14: 00007f7d1a1e5fa0 R15: 00007fffcde9eb58 [ 91.826133][ T5765] [ 92.114609][ T29] kauditd_printk_skb: 995 callbacks suppressed [ 92.114625][ T29] audit: type=1326 audit(1398165605.086:5270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5766 comm="syz.2.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 92.144304][ T29] audit: type=1326 audit(1398165605.086:5271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5766 comm="syz.2.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 92.167612][ T29] audit: type=1326 audit(1398165605.086:5272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5766 comm="syz.2.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 92.191245][ T29] audit: type=1326 audit(1398165605.086:5273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5766 comm="syz.2.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 92.214593][ T29] audit: type=1326 audit(1398165605.086:5274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5766 comm="syz.2.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 92.240936][ T5775] netlink: 'syz.2.769': attribute type 178 has an invalid length. [ 92.272689][ T29] audit: type=1326 audit(1398165605.246:5275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 92.296107][ T29] audit: type=1326 audit(1398165605.246:5276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 92.319448][ T29] audit: type=1326 audit(1398165605.246:5277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 92.342847][ T29] audit: type=1326 audit(1398165605.246:5278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 92.366329][ T29] audit: type=1326 audit(1398165605.246:5279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f4611e2ebe9 code=0x7ffc0000 [ 92.435869][ T5785] loop3: detected capacity change from 0 to 8192 [ 92.445028][ T5788] netlink: 'syz.2.773': attribute type 21 has an invalid length. [ 92.476924][ T5788] tipc: Started in network mode [ 92.481953][ T5788] tipc: Node identity fc000000000000000000000000000001, cluster identity 4711 [ 92.490955][ T5788] tipc: Enabling of bearer rejected, failed to enable media [ 92.544549][ T5797] netlink: 'syz.2.773': attribute type 178 has an invalid length. [ 92.563448][ T5771] loop1: detected capacity change from 0 to 736 [ 92.580803][ T5798] FAULT_INJECTION: forcing a failure. [ 92.580803][ T5798] name failslab, interval 1, probability 0, space 0, times 0 [ 92.593736][ T5798] CPU: 0 UID: 0 PID: 5798 Comm: syz.3.775 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 92.593770][ T5798] Tainted: [W]=WARN [ 92.593777][ T5798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 92.593789][ T5798] Call Trace: [ 92.593794][ T5798] [ 92.593800][ T5798] __dump_stack+0x1d/0x30 [ 92.593854][ T5798] dump_stack_lvl+0xe8/0x140 [ 92.593873][ T5798] dump_stack+0x15/0x1b [ 92.593890][ T5798] should_fail_ex+0x265/0x280 [ 92.593912][ T5798] ? tcf_action_init_1+0x11e/0x4a0 [ 92.593940][ T5798] should_failslab+0x8c/0xb0 [ 92.594003][ T5798] __kmalloc_cache_noprof+0x4c/0x320 [ 92.594031][ T5798] tcf_action_init_1+0x11e/0x4a0 [ 92.594080][ T5798] tcf_action_init+0x267/0x6d0 [ 92.594106][ T5798] ? mark_reg_read+0x1d3/0x340 [ 92.594198][ T5798] tc_ctl_action+0x291/0x830 [ 92.594243][ T5798] ? __pfx_tc_ctl_action+0x10/0x10 [ 92.594270][ T5798] rtnetlink_rcv_msg+0x65a/0x6d0 [ 92.594351][ T5798] netlink_rcv_skb+0x123/0x220 [ 92.594372][ T5798] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 92.594405][ T5798] rtnetlink_rcv+0x1c/0x30 [ 92.594430][ T5798] netlink_unicast+0x5bd/0x690 [ 92.594534][ T5798] netlink_sendmsg+0x58b/0x6b0 [ 92.594570][ T5798] ? __pfx_netlink_sendmsg+0x10/0x10 [ 92.594660][ T5798] __sock_sendmsg+0x145/0x180 [ 92.594687][ T5798] ____sys_sendmsg+0x31e/0x4e0 [ 92.594708][ T5798] ___sys_sendmsg+0x17b/0x1d0 [ 92.594738][ T5798] __x64_sys_sendmsg+0xd4/0x160 [ 92.594837][ T5798] x64_sys_call+0x191e/0x2ff0 [ 92.594906][ T5798] do_syscall_64+0xd2/0x200 [ 92.594933][ T5798] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 92.594995][ T5798] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 92.595018][ T5798] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.595036][ T5798] RIP: 0033:0x7f7d19fbebe9 [ 92.595049][ T5798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.595092][ T5798] RSP: 002b:00007f7d18a27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 92.595114][ T5798] RAX: ffffffffffffffda RBX: 00007f7d1a1e5fa0 RCX: 00007f7d19fbebe9 [ 92.595127][ T5798] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003 [ 92.595139][ T5798] RBP: 00007f7d18a27090 R08: 0000000000000000 R09: 0000000000000000 [ 92.595150][ T5798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.595161][ T5798] R13: 00007f7d1a1e6038 R14: 00007f7d1a1e5fa0 R15: 00007fffcde9eb58 [ 92.595180][ T5798] [ 92.864563][ T5771] rock: directory entry would overflow storage [ 92.871547][ T5771] rock: sig=0x3b10, size=4, remaining=3 [ 92.881725][ T5744] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 92.890843][ T5744] FAT-fs (loop0): Filesystem has been set read-only [ 93.009156][ T5810] syzkaller0: entered promiscuous mode [ 93.014842][ T5810] syzkaller0: entered allmulticast mode [ 93.052255][ T5818] loop2: detected capacity change from 0 to 2048 [ 93.085352][ T5818] EXT4-fs (loop2): failed to initialize system zone (-117) [ 93.092734][ T5818] EXT4-fs (loop2): mount failed [ 93.700609][ T5837] loop4: detected capacity change from 0 to 2048 [ 93.712738][ T5837] EXT4-fs: Ignoring removed nobh option [ 93.726711][ T5837] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.886703][ T5846] loop0: detected capacity change from 0 to 512 [ 93.893310][ T5846] EXT4-fs: Ignoring removed bh option [ 93.900070][ T5846] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 93.909246][ T5846] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 93.918223][ T5846] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 93.928381][ T5846] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 93.961616][ T5846] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.996293][ T5851] loop1: detected capacity change from 0 to 1024 [ 94.022727][ T5846] __nla_validate_parse: 16 callbacks suppressed [ 94.022743][ T5846] netlink: 180 bytes leftover after parsing attributes in process `syz.0.791'. [ 94.040450][ T5846] netlink: 180 bytes leftover after parsing attributes in process `syz.0.791'. [ 94.054356][ T5851] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 94.066761][ T5846] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.791: bg 0: block 353: padding at end of block bitmap is not set [ 94.106489][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.117471][ T5851] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.150595][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.237561][ T5856] loop3: detected capacity change from 0 to 128 [ 94.253793][ T5856] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 94.275302][ T5869] loop0: detected capacity change from 0 to 2048 [ 94.283039][ T5856] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.296571][ T5869] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.361403][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.372677][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.395376][ T5855] loop2: detected capacity change from 0 to 736 [ 94.397186][ T5849] FAULT_INJECTION: forcing a failure. [ 94.397186][ T5849] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.415615][ T5849] CPU: 1 UID: 0 PID: 5849 Comm: syz.3.792 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 94.415687][ T5849] Tainted: [W]=WARN [ 94.415694][ T5849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 94.415706][ T5849] Call Trace: [ 94.415713][ T5849] [ 94.415757][ T5849] __dump_stack+0x1d/0x30 [ 94.415779][ T5849] dump_stack_lvl+0xe8/0x140 [ 94.415798][ T5849] dump_stack+0x15/0x1b [ 94.415866][ T5849] should_fail_ex+0x265/0x280 [ 94.415888][ T5849] should_fail+0xb/0x20 [ 94.415906][ T5849] should_fail_usercopy+0x1a/0x20 [ 94.415929][ T5849] _copy_from_user+0x1c/0xb0 [ 94.416023][ T5849] __sys_bpf+0x178/0x7b0 [ 94.416056][ T5849] __x64_sys_bpf+0x41/0x50 [ 94.416081][ T5849] x64_sys_call+0x2aea/0x2ff0 [ 94.416150][ T5849] do_syscall_64+0xd2/0x200 [ 94.416177][ T5849] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 94.416202][ T5849] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 94.416304][ T5849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.416324][ T5849] RIP: 0033:0x7f7d19fbebe9 [ 94.416337][ T5849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.416351][ T5849] RSP: 002b:00007f7d18a27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 94.416369][ T5849] RAX: ffffffffffffffda RBX: 00007f7d1a1e5fa0 RCX: 00007f7d19fbebe9 [ 94.416442][ T5849] RDX: 0000000000000004 RSI: 0000200000000140 RDI: 0000000000000022 [ 94.416456][ T5849] RBP: 00007f7d18a27090 R08: 0000000000000000 R09: 0000000000000000 [ 94.416469][ T5849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.416481][ T5849] R13: 00007f7d1a1e6038 R14: 00007f7d1a1e5fa0 R15: 00007fffcde9eb58 [ 94.416500][ T5849] [ 94.637109][ T3311] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 94.662638][ T5855] rock: directory entry would overflow storage [ 94.669296][ T5855] rock: sig=0x3b10, size=4, remaining=3 [ 94.698574][ T5881] loop3: detected capacity change from 0 to 128 [ 94.738785][ T5881] FAT-fs (loop3): Directory bread(block 32) failed [ 94.756999][ T5881] FAT-fs (loop3): Directory bread(block 33) failed [ 94.817691][ T5886] loop2: detected capacity change from 0 to 512 [ 94.824706][ T5881] FAT-fs (loop3): Directory bread(block 34) failed [ 94.831568][ T5881] FAT-fs (loop3): Directory bread(block 35) failed [ 94.841566][ T5886] netlink: 180 bytes leftover after parsing attributes in process `syz.2.802'. [ 94.854556][ T5881] FAT-fs (loop3): Directory bread(block 36) failed [ 94.859290][ T5875] loop0: detected capacity change from 0 to 736 [ 94.864824][ T5881] FAT-fs (loop3): Directory bread(block 37) failed [ 94.874734][ T5886] netlink: 180 bytes leftover after parsing attributes in process `syz.2.802'. [ 94.890236][ T5881] FAT-fs (loop3): Directory bread(block 38) failed [ 94.900563][ T5875] rock: directory entry would overflow storage [ 94.900683][ T5881] FAT-fs (loop3): Directory bread(block 39) failed [ 94.900718][ T5881] FAT-fs (loop3): Directory bread(block 40) failed [ 94.900736][ T5881] FAT-fs (loop3): Directory bread(block 41) failed [ 94.907504][ T5875] rock: sig=0x3b10, size=4, remaining=3 [ 94.936834][ T5886] loop2: detected capacity change from 0 to 512 [ 95.021208][ T5890] loop2: detected capacity change from 0 to 512 [ 95.038038][ T5890] EXT4-fs: dax option not supported [ 95.058640][ T5890] netlink: 4 bytes leftover after parsing attributes in process `syz.2.804'. [ 95.085366][ T5890] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 95.117005][ T5890] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 95.161851][ T5899] loop4: detected capacity change from 0 to 512 [ 95.221102][ T5905] FAULT_INJECTION: forcing a failure. [ 95.221102][ T5905] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 95.235293][ T5905] CPU: 1 UID: 0 PID: 5905 Comm: syz.1.805 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 95.235340][ T5905] Tainted: [W]=WARN [ 95.235348][ T5905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 95.235360][ T5905] Call Trace: [ 95.235368][ T5905] [ 95.235376][ T5905] __dump_stack+0x1d/0x30 [ 95.235436][ T5905] dump_stack_lvl+0xe8/0x140 [ 95.235528][ T5905] dump_stack+0x15/0x1b [ 95.235546][ T5905] should_fail_ex+0x265/0x280 [ 95.235566][ T5905] should_fail+0xb/0x20 [ 95.235581][ T5905] should_fail_usercopy+0x1a/0x20 [ 95.235603][ T5905] _copy_to_user+0x20/0xa0 [ 95.235665][ T5905] simple_read_from_buffer+0xb5/0x130 [ 95.235689][ T5905] proc_fail_nth_read+0x10e/0x150 [ 95.235769][ T5905] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 95.235789][ T5905] vfs_read+0x1a5/0x770 [ 95.235808][ T5905] ? __rcu_read_unlock+0x4f/0x70 [ 95.235831][ T5905] ? __fget_files+0x184/0x1c0 [ 95.235954][ T5905] ksys_read+0xda/0x1a0 [ 95.235976][ T5905] __x64_sys_read+0x40/0x50 [ 95.235994][ T5905] x64_sys_call+0x27bc/0x2ff0 [ 95.236021][ T5905] do_syscall_64+0xd2/0x200 [ 95.236113][ T5905] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 95.236134][ T5905] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 95.236161][ T5905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.236194][ T5905] RIP: 0033:0x7f57e5c6d5fc [ 95.236210][ T5905] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 95.236227][ T5905] RSP: 002b:00007f57e468d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 95.236244][ T5905] RAX: ffffffffffffffda RBX: 00007f57e5e96180 RCX: 00007f57e5c6d5fc [ 95.236255][ T5905] RDX: 000000000000000f RSI: 00007f57e468d0a0 RDI: 000000000000000a [ 95.236266][ T5905] RBP: 00007f57e468d090 R08: 0000000000000000 R09: 0000000000000000 [ 95.236277][ T5905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.236288][ T5905] R13: 00007f57e5e96218 R14: 00007f57e5e96180 R15: 00007ffe42f11da8 [ 95.236307][ T5905] [ 95.452880][ T5899] netlink: 180 bytes leftover after parsing attributes in process `syz.4.806'. [ 95.468818][ T5899] netlink: 180 bytes leftover after parsing attributes in process `syz.4.806'. [ 95.494834][ T5899] loop4: detected capacity change from 0 to 512 [ 95.549723][ T5915] loop0: detected capacity change from 0 to 128 [ 95.586909][ T5915] FAT-fs (loop0): Directory bread(block 32) failed [ 95.594728][ T5915] FAT-fs (loop0): Directory bread(block 33) failed [ 95.605679][ T5915] FAT-fs (loop0): Directory bread(block 34) failed [ 95.612517][ T5915] FAT-fs (loop0): Directory bread(block 35) failed [ 95.630908][ T5915] FAT-fs (loop0): Directory bread(block 36) failed [ 95.640768][ T5915] FAT-fs (loop0): Directory bread(block 37) failed [ 95.648951][ T5915] FAT-fs (loop0): Directory bread(block 38) failed [ 95.655766][ T5915] FAT-fs (loop0): Directory bread(block 39) failed [ 95.662483][ T5915] FAT-fs (loop0): Directory bread(block 40) failed [ 95.677799][ T5915] FAT-fs (loop0): Directory bread(block 41) failed [ 95.679703][ T5929] mmap: syz.2.818 (5929) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 95.721141][ T5933] FAULT_INJECTION: forcing a failure. [ 95.721141][ T5933] name failslab, interval 1, probability 0, space 0, times 0 [ 95.734521][ T5933] CPU: 0 UID: 0 PID: 5933 Comm: syz.4.819 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 95.734551][ T5933] Tainted: [W]=WARN [ 95.734557][ T5933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 95.734567][ T5933] Call Trace: [ 95.734574][ T5933] [ 95.734582][ T5933] __dump_stack+0x1d/0x30 [ 95.734667][ T5934] loop1: detected capacity change from 0 to 2048 [ 95.734671][ T5933] dump_stack_lvl+0xe8/0x140 [ 95.734724][ T5933] dump_stack+0x15/0x1b [ 95.734741][ T5933] should_fail_ex+0x265/0x280 [ 95.734793][ T5933] should_failslab+0x8c/0xb0 [ 95.734816][ T5933] kmem_cache_alloc_noprof+0x50/0x310 [ 95.734843][ T5933] ? skb_clone+0x151/0x1f0 [ 95.734865][ T5933] skb_clone+0x151/0x1f0 [ 95.734886][ T5933] __netlink_deliver_tap+0x2c9/0x500 [ 95.734992][ T5933] netlink_unicast+0x66b/0x690 [ 95.735082][ T5933] netlink_sendmsg+0x58b/0x6b0 [ 95.735144][ T5933] ? __pfx_netlink_sendmsg+0x10/0x10 [ 95.735165][ T5933] __sock_sendmsg+0x145/0x180 [ 95.735191][ T5933] ____sys_sendmsg+0x31e/0x4e0 [ 95.735215][ T5933] ___sys_sendmsg+0x17b/0x1d0 [ 95.735316][ T5933] __x64_sys_sendmsg+0xd4/0x160 [ 95.735393][ T5933] x64_sys_call+0x191e/0x2ff0 [ 95.735414][ T5933] do_syscall_64+0xd2/0x200 [ 95.735440][ T5933] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 95.735463][ T5933] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 95.735486][ T5933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.735528][ T5933] RIP: 0033:0x7f349011ebe9 [ 95.735543][ T5933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.735560][ T5933] RSP: 002b:00007f348eb87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 95.735644][ T5933] RAX: ffffffffffffffda RBX: 00007f3490345fa0 RCX: 00007f349011ebe9 [ 95.735656][ T5933] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 95.735747][ T5933] RBP: 00007f348eb87090 R08: 0000000000000000 R09: 0000000000000000 [ 95.735758][ T5933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.735771][ T5933] R13: 00007f3490346038 R14: 00007f3490345fa0 R15: 00007ffdd81444a8 [ 95.735789][ T5933] [ 95.867461][ T5881] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 95.872985][ T5934] EXT4-fs: Ignoring removed nobh option [ 95.875942][ T5881] FAT-fs (loop3): Filesystem has been set read-only [ 96.047128][ T5956] loop4: detected capacity change from 0 to 128 [ 96.053687][ T5954] loop2: detected capacity change from 0 to 512 [ 96.073031][ T5956] FAT-fs (loop4): Directory bread(block 162) failed [ 96.080018][ T5956] FAT-fs (loop4): Directory bread(block 163) failed [ 96.088218][ T5956] FAT-fs (loop4): Directory bread(block 164) failed [ 96.095179][ T5956] FAT-fs (loop4): Directory bread(block 165) failed [ 96.102028][ T5956] FAT-fs (loop4): Directory bread(block 166) failed [ 96.109800][ T5956] FAT-fs (loop4): Directory bread(block 167) failed [ 96.116677][ T5954] netlink: 180 bytes leftover after parsing attributes in process `syz.2.822'. [ 96.127475][ T5954] netlink: 180 bytes leftover after parsing attributes in process `syz.2.822'. [ 96.134700][ T5956] FAT-fs (loop4): Directory bread(block 168) failed [ 96.143442][ T5956] FAT-fs (loop4): Directory bread(block 169) failed [ 96.153083][ T5954] loop2: detected capacity change from 0 to 512 [ 96.165422][ T5956] FAT-fs (loop4): Directory bread(block 162) failed [ 96.178427][ T5956] FAT-fs (loop4): Directory bread(block 163) failed [ 96.200326][ T5956] syz.4.823: attempt to access beyond end of device [ 96.200326][ T5956] loop4: rw=3, sector=226, nr_sectors = 6 limit=128 [ 96.216829][ T5956] syz.4.823: attempt to access beyond end of device [ 96.216829][ T5956] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 96.234641][ T5915] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 96.243689][ T5915] FAT-fs (loop0): Filesystem has been set read-only [ 96.277964][ T5967] loop4: detected capacity change from 0 to 1024 [ 96.285141][ T5967] EXT4-fs: inline encryption not supported [ 96.291049][ T5967] EXT4-fs: Ignoring removed i_version option [ 96.297410][ T5967] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 96.308278][ T5965] lo speed is unknown, defaulting to 1000 [ 96.309980][ T5967] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.828: lblock 2 mapped to illegal pblock 2 (length 1) [ 96.320150][ T5965] lo speed is unknown, defaulting to 1000 [ 96.335043][ T5965] lo speed is unknown, defaulting to 1000 [ 96.335330][ T5965] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 96.336024][ T5965] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 96.339639][ T5965] lo speed is unknown, defaulting to 1000 [ 96.340488][ T5965] lo speed is unknown, defaulting to 1000 [ 96.341108][ T5965] lo speed is unknown, defaulting to 1000 [ 96.341866][ T5965] lo speed is unknown, defaulting to 1000 [ 96.342389][ T5965] lo speed is unknown, defaulting to 1000 [ 96.415833][ T5967] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.828: lblock 0 mapped to illegal pblock 48 (length 1) [ 96.416603][ T5967] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.828: Failed to acquire dquot type 0 [ 96.416876][ T5967] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 96.417148][ T5967] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.828: mark_inode_dirty error [ 96.417370][ T5967] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 96.417476][ T5967] EXT4-fs (loop4): 1 orphan inode deleted [ 96.607011][ T5979] syzkaller0: entered promiscuous mode [ 96.607031][ T5979] syzkaller0: entered allmulticast mode [ 96.863580][ T1346] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1) [ 96.878143][ T1346] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 0 [ 96.891152][ T5967] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz.4.828: Invalid inode table block 1 in block_group 0 [ 96.904147][ T5967] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 96.913822][ T5967] EXT4-fs error (device loop4): ext4_quota_off:7221: inode #3: comm syz.4.828: mark_inode_dirty error [ 96.928572][ T5986] hub 9-0:1.0: USB hub found [ 96.933397][ T5986] hub 9-0:1.0: 8 ports detected [ 97.041642][ T6001] loop3: detected capacity change from 0 to 512 [ 97.050669][ T6001] netlink: 180 bytes leftover after parsing attributes in process `syz.3.836'. [ 97.068043][ T6001] loop3: detected capacity change from 0 to 512 [ 97.085581][ T6003] netlink: 'syz.1.837': attribute type 21 has an invalid length. [ 97.096487][ T6003] tipc: Started in network mode [ 97.101630][ T6003] tipc: Node identity fc000000000000000000000000000001, cluster identity 4711 [ 97.111209][ T6003] tipc: Enabling of bearer rejected, failed to enable media [ 97.124129][ T6005] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.173477][ T29] kauditd_printk_skb: 394 callbacks suppressed [ 97.173492][ T29] audit: type=1400 audit(1398165610.146:5671): avc: denied { ioctl } for pid=6004 comm="syz.3.838" path="socket:[14853]" dev="sockfs" ino=14853 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 97.230383][ T6005] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.316555][ T6005] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.347913][ T6017] loop1: detected capacity change from 0 to 2048 [ 97.355064][ T6017] EXT4-fs: Ignoring removed nobh option [ 97.377747][ T6005] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.398802][ T6023] loop2: detected capacity change from 0 to 2048 [ 97.484001][ T37] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.496748][ T6036] loop0: detected capacity change from 0 to 512 [ 97.510470][ T37] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.524111][ T37] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.540515][ T37] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.576025][ T6036] loop0: detected capacity change from 0 to 512 [ 97.588359][ T29] audit: type=1326 audit(1398165610.566:5672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6035 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 97.616137][ T6041] loop3: detected capacity change from 0 to 128 [ 97.620075][ T6040] netlink: 'syz.2.850': attribute type 21 has an invalid length. [ 97.631769][ T29] audit: type=1326 audit(1398165610.596:5673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6035 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 97.655926][ T29] audit: type=1326 audit(1398165610.596:5674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6035 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 97.679345][ T29] audit: type=1326 audit(1398165610.596:5675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6035 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 97.703255][ T29] audit: type=1326 audit(1398165610.596:5676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6035 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 97.734158][ T6040] tipc: Enabling of bearer rejected, failed to enable media [ 97.735771][ T6041] FAT-fs (loop3): Directory bread(block 32) failed [ 97.750237][ T6041] FAT-fs (loop3): Directory bread(block 33) failed [ 97.757242][ T29] audit: type=1326 audit(1398165610.606:5677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6035 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 97.761002][ T6041] FAT-fs (loop3): Directory bread(block 34) failed [ 97.789094][ T6041] FAT-fs (loop3): Directory bread(block 35) failed [ 97.797439][ T6041] FAT-fs (loop3): Directory bread(block 36) failed [ 97.804203][ T6041] FAT-fs (loop3): Directory bread(block 37) failed [ 97.812778][ T29] audit: type=1326 audit(1398165610.786:5678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.0.852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 97.836394][ T29] audit: type=1326 audit(1398165610.786:5679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.0.852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 97.859816][ T29] audit: type=1326 audit(1398165610.786:5680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.0.852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7fbbb883ebe9 code=0x7ffc0000 [ 97.883988][ T6041] FAT-fs (loop3): Directory bread(block 38) failed [ 97.896384][ T6041] FAT-fs (loop3): Directory bread(block 39) failed [ 97.926191][ T6052] loop4: detected capacity change from 0 to 2048 [ 97.933562][ T6041] FAT-fs (loop3): Directory bread(block 40) failed [ 97.940428][ T6041] FAT-fs (loop3): Directory bread(block 41) failed [ 97.948268][ T6054] syzkaller0: entered promiscuous mode [ 97.953767][ T6054] syzkaller0: entered allmulticast mode [ 98.039864][ T6064] loop2: detected capacity change from 0 to 512 [ 98.047087][ T6064] EXT4-fs: Ignoring removed bh option [ 98.053136][ T6064] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 98.062212][ T6064] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 98.071337][ T6064] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 98.081025][ T6064] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 98.102892][ T6064] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.858: bg 0: block 353: padding at end of block bitmap is not set [ 98.186498][ T6075] loop4: detected capacity change from 0 to 2048 [ 98.193938][ T6075] EXT4-fs: Ignoring removed nobh option [ 98.198543][ T6041] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 98.208539][ T6041] FAT-fs (loop3): Filesystem has been set read-only [ 98.342314][ T6094] loop2: detected capacity change from 0 to 128 [ 98.350208][ T6094] FAT-fs (loop2): Directory bread(block 162) failed [ 98.359128][ T6094] FAT-fs (loop2): Directory bread(block 163) failed [ 98.366323][ T6094] FAT-fs (loop2): Directory bread(block 164) failed [ 98.376525][ T6094] FAT-fs (loop2): Directory bread(block 165) failed [ 98.383913][ T6094] FAT-fs (loop2): Directory bread(block 166) failed [ 98.391327][ T6094] FAT-fs (loop2): Directory bread(block 167) failed [ 98.399037][ T6094] FAT-fs (loop2): Directory bread(block 168) failed [ 98.406141][ T6094] FAT-fs (loop2): Directory bread(block 169) failed [ 98.417020][ T6094] FAT-fs (loop2): Directory bread(block 162) failed [ 98.433065][ T6094] FAT-fs (loop2): Directory bread(block 163) failed [ 98.443623][ T6099] loop4: detected capacity change from 0 to 512 [ 98.450835][ T6094] syz.2.868: attempt to access beyond end of device [ 98.450835][ T6094] loop2: rw=3, sector=226, nr_sectors = 6 limit=128 [ 98.464588][ T6099] EXT4-fs: Ignoring removed bh option [ 98.470102][ T6094] syz.2.868: attempt to access beyond end of device [ 98.470102][ T6094] loop2: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 98.484796][ T6099] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 98.494005][ T6099] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 98.521144][ T6099] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 98.533213][ T6099] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 98.559909][ T6099] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.870: bg 0: block 353: padding at end of block bitmap is not set [ 98.601310][ T6107] loop4: detected capacity change from 0 to 512 [ 98.618555][ T6107] loop4: detected capacity change from 0 to 512 [ 98.650299][ T6113] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 98.661246][ T6113] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 98.671674][ T6113] FAULT_INJECTION: forcing a failure. [ 98.671674][ T6113] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 98.685199][ T6113] CPU: 0 UID: 0 PID: 6113 Comm: syz.1.876 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 98.685231][ T6113] Tainted: [W]=WARN [ 98.685237][ T6113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 98.685247][ T6113] Call Trace: [ 98.685251][ T6113] [ 98.685256][ T6113] __dump_stack+0x1d/0x30 [ 98.685270][ T6113] dump_stack_lvl+0xe8/0x140 [ 98.685298][ T6113] dump_stack+0x15/0x1b [ 98.685308][ T6113] should_fail_ex+0x265/0x280 [ 98.685323][ T6113] should_fail+0xb/0x20 [ 98.685333][ T6113] should_fail_usercopy+0x1a/0x20 [ 98.685376][ T6113] _copy_from_user+0x1c/0xb0 [ 98.685392][ T6113] ___sys_sendmsg+0xc1/0x1d0 [ 98.685414][ T6113] __x64_sys_sendmsg+0xd4/0x160 [ 98.685441][ T6113] x64_sys_call+0x191e/0x2ff0 [ 98.685453][ T6113] do_syscall_64+0xd2/0x200 [ 98.685468][ T6113] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 98.685511][ T6113] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 98.685525][ T6113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.685537][ T6113] RIP: 0033:0x7f57e5c6ebe9 [ 98.685546][ T6113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 98.685556][ T6113] RSP: 002b:00007f57e46cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 98.685641][ T6113] RAX: ffffffffffffffda RBX: 00007f57e5e95fa0 RCX: 00007f57e5c6ebe9 [ 98.685648][ T6113] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005 [ 98.685655][ T6113] RBP: 00007f57e46cf090 R08: 0000000000000000 R09: 0000000000000000 [ 98.685662][ T6113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 98.685669][ T6113] R13: 00007f57e5e96038 R14: 00007f57e5e95fa0 R15: 00007ffe42f11da8 [ 98.685680][ T6113] [ 98.905507][ T6127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 98.913984][ T6127] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 98.929469][ T6127] netlink: 'syz.2.882': attribute type 10 has an invalid length. [ 99.029286][ T6135] loop0: detected capacity change from 0 to 128 [ 99.036389][ T6135] FAT-fs (loop0): Directory bread(block 162) failed [ 99.043132][ T6135] FAT-fs (loop0): Directory bread(block 163) failed [ 99.049837][ T6135] FAT-fs (loop0): Directory bread(block 164) failed [ 99.056762][ T6135] FAT-fs (loop0): Directory bread(block 165) failed [ 99.063369][ T6135] FAT-fs (loop0): Directory bread(block 166) failed [ 99.063610][ T6136] loop4: detected capacity change from 0 to 2048 [ 99.070061][ T6135] FAT-fs (loop0): Directory bread(block 167) failed [ 99.077730][ T6136] EXT4-fs: Ignoring removed nobh option [ 99.083084][ T6135] FAT-fs (loop0): Directory bread(block 168) failed [ 99.095791][ T6135] FAT-fs (loop0): Directory bread(block 169) failed [ 99.107625][ T6135] FAT-fs (loop0): Directory bread(block 162) failed [ 99.114957][ T6135] FAT-fs (loop0): Directory bread(block 163) failed [ 99.122052][ T6135] syz.0.885: attempt to access beyond end of device [ 99.122052][ T6135] loop0: rw=3, sector=226, nr_sectors = 6 limit=128 [ 99.136072][ T6135] syz.0.885: attempt to access beyond end of device [ 99.136072][ T6135] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 99.169867][ T6144] __nla_validate_parse: 18 callbacks suppressed [ 99.169883][ T6144] netlink: 24 bytes leftover after parsing attributes in process `syz.4.880'. [ 99.185744][ T6146] netlink: 'syz.3.888': attribute type 21 has an invalid length. [ 99.193743][ T6146] netlink: 132 bytes leftover after parsing attributes in process `syz.3.888'. [ 99.195488][ T6148] netlink: 176 bytes leftover after parsing attributes in process `syz.0.889'. [ 99.204236][ T6146] tipc: Started in network mode [ 99.216741][ T6146] tipc: Node identity fc000000000000000000000000000001, cluster identity 4711 [ 99.225805][ T6146] tipc: Enabling of bearer rejected, failed to enable media [ 99.238226][ T6150] netlink: 'syz.0.890': attribute type 10 has an invalid length. [ 99.246225][ T6150] veth0_vlan: entered allmulticast mode [ 99.253250][ T6150] team0: Device veth0_vlan failed to register rx_handler [ 99.317516][ T6154] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.325042][ T6154] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.354777][ T6154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 99.364166][ T6154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 99.387144][ T52] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.396882][ T52] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.426531][ T52] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.435301][ T52] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.441886][ T6169] loop3: detected capacity change from 0 to 128 [ 99.449997][ T6167] loop4: detected capacity change from 0 to 1024 [ 99.450883][ T6169] FAT-fs (loop3): Directory bread(block 162) failed [ 99.457495][ T6167] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 99.465280][ T6169] FAT-fs (loop3): Directory bread(block 163) failed [ 99.480023][ T6169] FAT-fs (loop3): Directory bread(block 164) failed [ 99.486728][ T6169] FAT-fs (loop3): Directory bread(block 165) failed [ 99.493878][ T6169] FAT-fs (loop3): Directory bread(block 166) failed [ 99.501824][ T6169] FAT-fs (loop3): Directory bread(block 167) failed [ 99.510205][ T6169] FAT-fs (loop3): Directory bread(block 168) failed [ 99.523270][ T6176] loop4: detected capacity change from 0 to 512 [ 99.530767][ T6176] EXT4-fs: Ignoring removed bh option [ 99.536926][ T6176] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 99.546078][ T6176] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 99.555800][ T6176] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 99.556821][ T6169] FAT-fs (loop3): Directory bread(block 169) failed [ 99.565398][ T6176] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 99.572954][ T6178] netlink: 176 bytes leftover after parsing attributes in process `syz.2.900'. [ 99.600662][ T6176] netlink: 180 bytes leftover after parsing attributes in process `syz.4.899'. [ 99.611408][ T6176] netlink: 180 bytes leftover after parsing attributes in process `syz.4.899'. [ 99.616293][ T6160] loop0: detected capacity change from 0 to 736 [ 99.622340][ T6176] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.899: bg 0: block 353: padding at end of block bitmap is not set [ 99.665299][ T6169] FAT-fs (loop3): Directory bread(block 162) failed [ 99.672290][ T6169] FAT-fs (loop3): Directory bread(block 163) failed [ 99.686035][ T6169] syz.3.898: attempt to access beyond end of device [ 99.686035][ T6169] loop3: rw=3, sector=226, nr_sectors = 6 limit=128 [ 99.712201][ T6160] rock: directory entry would overflow storage [ 99.719198][ T6160] rock: sig=0x3b10, size=4, remaining=3 [ 99.720300][ T6169] syz.3.898: attempt to access beyond end of device [ 99.720300][ T6169] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 99.758165][ T6188] loop2: detected capacity change from 0 to 512 [ 99.767215][ T6188] EXT4-fs: Ignoring removed bh option [ 99.775641][ T6188] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 99.784820][ T6188] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 99.803423][ T6188] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 99.813418][ T6188] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 99.843481][ T6188] netlink: 180 bytes leftover after parsing attributes in process `syz.2.903'. [ 99.854500][ T6188] netlink: 180 bytes leftover after parsing attributes in process `syz.2.903'. [ 99.864946][ T6197] loop4: detected capacity change from 0 to 2048 [ 99.871621][ T6188] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.903: bg 0: block 353: padding at end of block bitmap is not set [ 99.872892][ T6197] EXT4-fs: Ignoring removed nobh option [ 99.951498][ T6205] loop0: detected capacity change from 0 to 1024 [ 99.958718][ T6205] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 99.971292][ T6206] netlink: 24 bytes leftover after parsing attributes in process `syz.4.901'. [ 99.980904][ T6192] ================================================================== [ 99.989012][ T6192] BUG: KCSAN: data-race in fasync_remove_entry / kill_fasync [ 99.996414][ T6192] [ 99.998724][ T6192] write to 0xffff888104a1fbd8 of 8 bytes by task 6197 on cpu 0: [ 100.006335][ T6192] fasync_remove_entry+0xcc/0x120 [ 100.011364][ T6192] fasync_helper+0x97/0xc0 [ 100.015785][ T6192] pipe_fasync+0xce/0x150 [ 100.020104][ T6192] __fput+0x5e3/0x650 [ 100.024087][ T6192] ____fput+0x1c/0x30 [ 100.028073][ T6192] task_work_run+0x131/0x1a0 [ 100.032663][ T6192] exit_to_user_mode_loop+0xe4/0x100 [ 100.037952][ T6192] do_syscall_64+0x1d6/0x200 [ 100.042574][ T6192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.048498][ T6192] [ 100.050813][ T6192] read to 0xffff888104a1fbd8 of 8 bytes by task 6192 on cpu 1: [ 100.058425][ T6192] kill_fasync+0x22/0x170 [ 100.062838][ T6192] anon_pipe_read+0x6a2/0x750 [ 100.067505][ T6192] do_iter_readv_writev+0x499/0x540 [ 100.072780][ T6192] vfs_readv+0x1ea/0x690 [ 100.077013][ T6192] do_readv+0xe7/0x210 [ 100.081160][ T6192] __x64_sys_readv+0x45/0x50 [ 100.085749][ T6192] x64_sys_call+0x29f8/0x2ff0 [ 100.090420][ T6192] do_syscall_64+0xd2/0x200 [ 100.094917][ T6192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.100797][ T6192] [ 100.103277][ T6192] value changed: 0xffff88811a325270 -> 0x0000000000000000 [ 100.110371][ T6192] [ 100.112682][ T6192] Reported by Kernel Concurrency Sanitizer on: [ 100.118869][ T6192] CPU: 1 UID: 0 PID: 6192 Comm: syz.4.901 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 100.130151][ T6192] Tainted: [W]=WARN [ 100.134285][ T6192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 100.144541][ T6192] ================================================================== [ 100.154034][ T6209] netlink: 36 bytes leftover after parsing attributes in process `syz.2.908'. [ 100.167283][ T6209] SELinux: Context system_u:object_r:ssh_keygen_exec_t:s0 is not valid (left unmapped).