last executing test programs: 1.654171736s ago: executing program 1 (id=782): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000080), 0x80, 0x557, &(0x7f0000001cc0)="$eJzs3d1rXGkZAPDnTGay/Ug3WfVCC66ru9Iu2kmzcXeDF2sF0asFcb2vMZmG2EmmZCa7TSiY/gWCiIpe6YXeCF6LIAVv9E6Egt4JCiuKaKoXgtoj58yZJE1nJml3OpM0vx+cnvd8Ps97mnPmfLycE8CJ9UJEXImI+2mavhwRk8X4UtHFVrvL5ru3fWsh65JI07f+nkRSjOusKyn6Z4vFTkXEl74Q8dXk4bjNjc3r8/V6ba0Ynm6t3JhubmxeWl6ZX6ot1VZnZ2dem3t97tW5ywOp57mIeONzf/72N378+Td+8cl3/nT1rxezasdEMX1vPR5BtonK/WZoV72Sb4uObIG1xwh2VJXzGhZOd5sjTdP0fjq5Z8ztoWQGAMB+2Qns+yLiYxHxckzGWP/TWQAAAOAYSj8zEf9N2k9ouhjvMR4AAAA4Rkp5G9ikVC3aAkxEqVStttvwfiDOlOqNZusT1xrrq4t3vzcREVNRKV1brtcuF22Fp6KSZMMzeXl3+JV9w7MR8VxEfGvydD5cXWjUF0d98wMAAABOiLP7rv//Ndm+/gcAAACeMlOdwu5bqkqjygUAAAB4MqZGnQAAAADwxLn+BwAAgKfaF998M+vSzvevF9/eWL/eePvSYq15vbqyvlBdaKzdqC41Gkv5O/tWDlpfvdG48alYXb853ao1W9PNjc2rK4311dbV5Qc+gQ0AAAAM0XMfufP7JCK2Pn067zLjo04KGIryTikp+l32/j8+2+6/O6SkgKEYO8Q87z4zhESAoSuPOgFgZCqjTgAYueSA6T0b7/ym6H90sPkAAACDd+FDvZ//9/8GwJZPBMAxZyeGk2vf8/90clSJAEOXP/8/bINfJwvwVKkcqgUg8DR7z8//D5Smj5QQAAAwcBN5l5Sqxe29iSiVqtWIc/lnASrJteV67XJEPBsRv5usPJMNz+RLJgdeMwAAAAAAAAAAAAAAAAAAAAAAAAAAbWmaRNrPlb5TAQAAgGMgovSX5Jftd/lfmHxpYv/9gfHk3/kngccj4p3vv/Wdm/Ot1tpMNv4fO+Nb3y3GvzKKOxgAAADAfp3r9M51PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM0r3tWwv3tm+l/9m+tTDMuH/7bERM7cTPu/aUcpzK+6eiEhFn/plEec9ySUSMDSD+1u2I+GC3+EmW1k7ILP6v0wfjn37y8WOq2Ard6n92APHhJLuTHX+udNv/SvFC3u++/5UjHhh+XL2Pf7Fz/Bvrsf+fO2SM83d/Ot0z/u2I8+Xux59O/KRH/BejdKj4X/ny5mavaekPIi5E9/h7Y023Vm5MNzc2Ly2vzC/Vlmqrs7Mzr829Pvfq3OXpa8v1WvFv1xjf/PDP7/er/5ke8acOqP9L/au98/Pwv7s3t9/fLla6xb/44sPx//CrHxZzPBy/VPz2fbwoZ9MvdMpb7fJez//kt8/3q//ibv0rD///j/Ws/8X+9d81iB0FABiY5sbm9fl6vbZ2HAqVx1kqOw07CsnvKXztR+2Nf1TyOU6Fcv5He/5nA1nh1weaYZqm+R2iLpPuRMRh1pPEUdnO9REfmAAAgIHbPekfdSYAAAAAAAAAAAAAAAAAAABwcg3wnWHjvV6ztz/m1k4p8WZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODI+H8AAAD//9DN3XM=") 1.441485403s ago: executing program 1 (id=789): syz_usb_connect$cdc_ecm(0x1, 0x4d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}}}]}}]}}, 0x0) (fail_nth: 3) 1.314025573s ago: executing program 4 (id=794): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x10) write(r1, &(0x7f0000000000)="fc0000001d000724ab09254ec100070007ab08001b000000f0ffff002100057e0000000000000e000039000000039815fad151ba0101099cecb94b46fe0000000a00020025", 0xffffff0c) r3 = socket$inet_udp(0x2, 0x2, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff}) splice(r4, 0x0, r1, 0x0, 0xffffffffffff8000, 0x0) close(0xffffffffffffffff) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) read(r5, &(0x7f0000000180)=""/68, 0x44) splice(r0, 0x0, r3, 0x0, 0x1100000000f336, 0x0) 701.787423ms ago: executing program 0 (id=802): r0 = socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r0, &(0x7f0000000900)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x8, r3}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000500)="06c3a7666a1ecfde72e3c886cfc4", 0xe}], 0x1}}], 0x1, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$packet(r4, &(0x7f0000000040)={0x10, 0xf5, 0x0, 0x1, 0x0, 0x6, @random="b6c1c02b5fbb"}, 0x14) r5 = socket$nl_audit(0x10, 0x3, 0x9) sendto(r1, &(0x7f0000000080)="eb9f471a45d0c4d30ef51cd7e32405b1038c418c9e2fc95cb2ad68078692ba08cd0262", 0x23, 0x1, 0x0, 0x0) r6 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000500)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty}, 0x8, @in6=@private2, 0x0, 0x4}}, 0xe8) sendmsg$AUDIT_LIST_RULES(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x10, 0x3f5, 0x10, 0x70bd27, 0x0, "", ["", "", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) clock_gettime(0x1, &(0x7f0000000280)={0x0, 0x0}) r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRES16=r9, @ANYBLOB="01d91d1efb0000000000010000000200000001"], 0x30}}, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r2, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f0000000780)=ANY=[@ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x4904}, 0x40) futex(&(0x7f0000000240)=0x2, 0x10b, 0x2, &(0x7f0000000300)={r7, r8+10000000}, &(0x7f0000000380), 0x0) r11 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) futex(0x0, 0x0, 0x0, &(0x7f0000000340)={0x0, 0x989680}, &(0x7f00000003c0), 0x2) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r11, 0x0, 0x0) futex(0x0, 0x0, 0x1, &(0x7f00000000c0), &(0x7f0000000100)=0x1, 0x2) clock_gettime(0x2, &(0x7f0000000400)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0xe, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000711043000000000095000000000000003e8b0a3d0abf3ef1fea2d81225b3b7336f83742d2af26acf0d22a0049a6d"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80) mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0) mremap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000ffd000/0x2000)=nil) semget(0x3, 0x2, 0x10) clock_gettime(0x0, &(0x7f0000000480)) socket$inet6(0xa, 0x2, 0x3a) 620.75871ms ago: executing program 1 (id=805): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) 620.22611ms ago: executing program 0 (id=806): ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000a40)={0xffffffffffffffff, 0x5, 0x0, 0x81}) r1 = syz_io_uring_setup(0x5bbb, &(0x7f0000000100)={0x0, 0xcf84, 0x200, 0x0, 0x14b, 0x0, r0}, &(0x7f0000000380), &(0x7f00000001c0)) r2 = socket(0x1d, 0x2, 0x6) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r2, 0x6a, 0x3, 0x0, 0x0) syz_io_uring_setup(0x6307, &(0x7f0000000080)={0x0, 0x5, 0x80, 0x4, 0x8003, 0x0, r1}, &(0x7f00000003c0), &(0x7f00000002c0)) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000040)={0x3, [0x0, 0x0, 0x0]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x24, &(0x7f00000000c0)={r5, 0x0, 0x0}, &(0x7f0000000100)=0x4f) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) memfd_create(0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x10, 0x1a1381) ioctl$USBDEVFS_FREE_STREAMS(r8, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"]) ioctl$USBDEVFS_GET_CAPABILITIES(r8, 0x80045519, &(0x7f00000000c0)) ioctl$USBDEVFS_FREE_STREAMS(r8, 0x8008551d, 0x0) io_uring_enter(0xffffffffffffffff, 0x1c0a, 0x0, 0x4, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f00000001c0)={r6, 0x0, 0x20}, 0xc) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0) 558.066365ms ago: executing program 2 (id=807): ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000040)) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x119, 0x1, &(0x7f0000000000)=0x10, 0x4) syncfs(0xffffffffffffffff) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x0, 0x1}, 0x20) setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r1, &(0x7f0000000000)={&(0x7f0000000100)={0xa, 0x0, 0x80000, @dev}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="18008f5161545de73bb4ce6d864100"/36], 0x18}, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@private2, @rand_addr=' \x01\x00', @private0, 0x0, 0x241, 0x7}) r2 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r6, 0x0, 0x8ec0, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000ac0)={'#! ', './file0'}, 0xb) dup3(r4, r5, 0x0) dup2(r5, r6) getsockopt$PNPIPE_IFINDEX(r2, 0x113, 0x2, &(0x7f00000001c0)=0x0, &(0x7f0000000200)=0x4) sendmsg$nl_route_sched(r6, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000b00)=@gettclass={0x24, 0x2a, 0x0, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x3, 0x10}, {0x9, 0xa}, {0xb, 0xfff3}}, ["", "", "", "", ""]}, 0x24}}, 0x4) fsopen(0x0, 0x0) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r8, 0x0, 0x2e, &(0x7f0000000440)={0x0, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @remote}}}, 0x108) 557.568735ms ago: executing program 1 (id=808): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x8031, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000006940)="45d8dbb09bcdf7e85e4aba0445f4c017", 0x10) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0) pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000200)='y', 0x1}], 0x1, 0xa00, 0x0, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8982, &(0x7f0000000080)={0x6, 'veth1_macvtap\x00', {0x4d2c}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x4}, 0xe) shutdown(r1, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=@raw=[@call={0x85, 0x0, 0x0, 0x7b}, @exit], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, 0x48) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r4) sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0xc8, r5, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MLSLVLLST={0x8c, 0x8, 0x0, 0x1, [{0x64, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x578fee19}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5106bc2b}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x78}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1ea90fc}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa4}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x597fdd0b}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7192f6de}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x33d1ebe}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x20}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x49352fd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3d1e6f24}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x16}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x25}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x39}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe6}]}]}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x18, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb657}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xc}]}]}]}, 0xc8}}, 0x0) setsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x71, &(0x7f0000000500)={r3}, 0x8) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r6, @ANYBLOB='M~\x00\x00\x00\x00\x00\x00\x00\x00*'], 0x50}, 0x4, 0x700000000000000}, 0x0) 479.302501ms ago: executing program 3 (id=810): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x0, &(0x7f00000000c0)=0x3, 0x4) 424.221496ms ago: executing program 2 (id=811): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) (async) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c) (async, rerun: 64) syz_emit_ethernet(0xc2, &(0x7f0000000140)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "02000b", 0x8c, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[@routing={0x0, 0x8, 0x0, 0x0, 0x0, [@dev, @empty, @private0, @ipv4={'\x00', '\xff\xff', @broadcast}]}], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x6558}}}}}}}, 0x0) (rerun: 64) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240), 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x10, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000060000047b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007000000f0ffffffb70200000800000018230000", @ANYBLOB="7718b3d7a18fd2f5c921f367322fc743ba4e30cbe53a2e77907d54ac", @ANYRES8=r0], &(0x7f0000000640)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x19}, 0x90) (async) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x1008a, &(0x7f0000000600)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@data_err_ignore}, {@grpjquota, 0x22}, {@errors_continue}, {@stripe={'stripe', 0x3d, 0x507bb808}}, {@noblock_validity}]}, 0xfe, 0x44a, &(0x7f0000000900)="$eJzs3MtvG0UYAPBv7SR9k1CeDS0ECiLikTTpgx6QoAgkDiAhwaGIU0jSKtRtUBMkWkUQOIQjqsQdcUTiL+BCuSDghMQV7ggpQrlQOBmtvZu6iZ04iROX+veTNpnxjDXz7e7Y41mvA+hYA+mfJGJ/RPwWEb3V7K0VBqr/bizNjf+zNDeeRLn85l9Jpd7fS3PjedX8eS9UM+XyGu0uvBMxVipNXs7yw7MX3x+euXL12amLY+cnz09eGj19+sTxIz2nRk+2JM4DaV/7P5o+fOjVt6+9Pn722rs/fZP2d39WXhtHqwxU925dT7S6sTY7kCdejEi62tsXmleMiPRwdVfGf28UY89yWW+88mlbOwdsq3K5UN7VuHi+DADccfI3+vTzb77t0NTjtrB4JpbXMW5kW7WkKwpZne7sM9J2GIiIs/P/fplusU3rEAAAta6fiYhn6s3/CnF/Tb27smtDfRFxd0QcjIh7IuLeiLgvolL3gYh4cIPtr7xCsnr+U+7dVGBNSud/z2fXtm6d/+Wzv+grZrkDlfi7k3NTpclj2T4ZjO5daX5kjTa+f/nXzxuV1c7/0i1tP58LZv34s2vFAt3E2OzYVmKutfhJRH9XvfiT5TlvOj8+FBH9m2xj6qmvDzcqWz/+NbRgUl7+KuLJ6vGfjxXx55KG1ydHnjs1enJ4d5Qmjw3nZ8VqP/+y8Eaj9rcUfwssXi/H3rrn/3L8fcnuiJkrVy9UrtfObLyNhd8/a/iZZrPnf0/yViXdkz324djs7OWRiJ7ktdWPj958bp7P66fn/+DR+uP/YNzcEw9FRHoSH4mIhyPikazvj0bEYxFxdI34f3zp8fc2Hv8aq/ItlMY/sd7xj9rjv/FE8cIP3248/lx6/E9UUoPZI828/jXbwa3sOwAAAPi/KFS+A58UhpbThcLQUMS+ytru3qQ0PTP79LnpDy5NVL8r3xfdhXylq7dmPXQkWxvO86Mr8sezdeMvinsq+aHx6dJEu4OHDrevwfhP/VFsd++Abed+Lehcxj90LuMfOpfxD53L+IfOVW/8f9yGfgA7b533/z071Q9g55n/Q+cy/qFzGf/QkRreG1/Y0i3/Em1KfNeztd9qaD4Rhdsk5DsmkY7HOkVdTf+YxSYTu+oWtfuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDX+CwAA//8ngeSM") (async) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x0, 0x3}, 0x10) (async) keyctl$describe(0x6, 0x0, &(0x7f0000000000)=""/173, 0xad) (async, rerun: 32) r2 = add_key$fscrypt_provisioning(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, &(0x7f00000001c0)={0x1, 0x0, @a}, 0x48, 0x0) (rerun: 32) keyctl$get_security(0x11, r2, &(0x7f0000000180)=""/37, 0x25) (async) r3 = socket$l2tp(0x2, 0x2, 0x73) (async) r4 = socket$inet6_dccp(0xa, 0x6, 0x0) r5 = dup2(r4, r3) fremovexattr(r5, &(0x7f0000000380)=@known='system.sockprotoname\x00') (async) keyctl$reject(0x13, r2, 0x0, 0x6, 0x0) (async) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7300006963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d696f7765722cf26f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174883d312c6572726f72733d636f6e74696e75650000000000000000000065743d30121df4dc303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e002e542e426bceaab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d63fc2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a4cad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374cdbbd29aae47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20a7582cf4b816323b8abb307381d32da887dcc71e35f364baa1b080000006c02aa4628511442992c03e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4825a83c284dfe9ae1c6e0100293c970f2dae776decf07b085e16511b00d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb130b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000048a85f5cc1755879aa4467b8fe213e6af70d17242f0c257551f9d578745b28cf6c6ef0000000000000000000000000000023399647", @ANYRES32, @ANYRESHEX=r5], 0x0, 0x2bd, &(0x7f00000007c0)="$eJzs3U1rY1UYAOD3Jml6VTBF3CiCF3Thqsy4dTNRRhC7UiKoG4vTAUnKQAcCfmCnq/4Cl+LfcOnStf9AcCu4axeVK/crH21SQ21asM8DpYdzznvOe89pUyjkzRev7Q8fPUni6OT3SNMkWg/iQZwmsRWtaDyLTgAA/x+neR5/5VU7qb/mtJdFdlrrzQwAWJfq73/ltnMBAG7Gx59+9mF/Z+fhR1mWxiu94/EgiYj94/GgGu8/jq9iFHtxL3pxFpFPVO33P9h5GJ2ssBVv7h+OB+O59ft/RpTx8azqWBB/P6vU8YOI4vtGPB9Z9B9vNEv14uXF+7+9ID4G3XjrjZn8t6MXv30ZT2IUj8o0pvHf38+y9/IfTr79vNimiE9aMdgs503l5X9Cuuu/EgAAAAAAAAAAAAAAAAAAAAAA7oDtLEuq8j1l/Z6iq66/0z4rx7ezxtZ8fZ4qflIvuKoPlDcVfg7z+LGpr3Mvy7K8njiN78SrHR8sAAAAAAAAAAAAAAAAAAAAAIU0vhnujkZ7B0+//o+N9nB31FQDaN7Wf4V1unXopOf1IsP28gU3V99rttpAkeulk6PTiWs4llUazxX5LJnzU53vKut89+Jsz+b0DD+pw5uLudaneOndSYZZPdQc8nA3+be90ubifp4d6sZV8ynvdrR3kJc/Emf5/J2mSw6ze02n0X1h4dDfeZ6vts47f1R3VPckZYmN1XbfqBvnH3Dyu5NevItfly+49CWjfdXXGgAAAAAAAAAAAAAAAAAA4HLzb5w+5+jS0NbakgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAGzb9/P+mkUbEfM+FxmEdXPb8smRyUk86eHqLjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAd8U8AAAD//50APhE=") (async) chdir(&(0x7f0000000240)='./file0\x00') sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="fb6bba8839c405", 0x7}], 0x1, 0x0, 0xfffffffffffffe7c, 0x10}, 0x0) (async) socket$can_bcm(0x1d, 0x2, 0x2) (async) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000000), 0x10) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', 0x0}) recvmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000600)=""/144, 0x90}, {&(0x7f0000000a00)=""/230, 0xe6}], 0x2}, 0x0) (async) ioctl$SIOCGSTAMPNS(0xffffffffffffffff, 0x8907, 0x0) (async) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r6}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x1, 0x7ab0715dca68fed7, 0x0, {}, {}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x20000600}}, 0x0) (async) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='blkio.bfq.io_service_bytes_recursive\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r7, 0xc0185879, &(0x7f0000000040)) keyctl$clear(0x7, 0x0) (async) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) 423.956136ms ago: executing program 3 (id=812): syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001fc0)=ANY=[@ANYBLOB="70010000", @ANYRES16, @ANYBLOB="010000000000000000001e0000001c002f800c00020000000000000000000c000380080001000100000008000300", @ANYRES32=r2, @ANYBLOB="38012f8008000100000100000c0002"], 0x170}}, 0x0) 340.474912ms ago: executing program 3 (id=813): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r1) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@var={0x2, 0x0, 0x0, 0x11, 0x3, 0xffffffff}, @const={0x0, 0x0, 0x0, 0x2}, @func_proto={0x2, 0x0, 0x0, 0x8, 0x2}]}}, 0x0, 0x42}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x9, 0x400, 0x483c, 0xf2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2, 0x1, 0x5}, 0x48) r3 = syz_open_dev$vcsu(&(0x7f00000006c0), 0x0, 0x20040) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100001c00100000000000120000d1850000000500000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) ioctl$SIOCGETSGCNT(r3, 0x89e1, &(0x7f0000000380)={@multicast2, @empty}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10) r5 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) bind$can_raw(r5, &(0x7f0000000180)={0x1d, r6}, 0x10) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x0, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r9, 0x0, 0x11203}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x7}, @IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x10) bind$can_raw(r5, &(0x7f00000003c0)={0x1d, r6}, 0x10) ioctl$FS_IOC_GETFLAGS(r3, 0x80086601, &(0x7f0000002780)) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0}, 0x90) r11 = socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r11, 0x8933, &(0x7f00000005c0)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)={0x24, r12, 0x1, 0x0, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r13}, @BATADV_ATTR_GW_SEL_CLASS={0x8}]}, 0x24}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r10}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r14 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r14, 0x29, 0x4b, &(0x7f0000000100)=0x4, 0x4) bind$inet6(r14, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @local, 0x2}, 0x1c) socket$nl_route(0x10, 0x3, 0x0) 326.428494ms ago: executing program 2 (id=814): r0 = open_tree(0xffffffffffffff9c, &(0x7f00000006c0)='.\x00', 0x0) symlinkat(0x0, r0, &(0x7f00000000c0)='./file1\x00') r1 = open_tree(0xffffffffffffff9c, &(0x7f00000006c0)='.\x00', 0x0) symlinkat(&(0x7f0000000140)='./file1\x00', r1, &(0x7f0000000340)='./file0\x00') r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) fchdir(r2) close(r2) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000280), 0x1, 0x76a, &(0x7f0000001b00)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=") 326.148164ms ago: executing program 4 (id=815): openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) flock(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) flock(0xffffffffffffffff, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000740)={0x0, 0xffffffffffffffff}) 308.569065ms ago: executing program 0 (id=816): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = gettid() prctl$PR_SET_MM_EXE_FILE(0x4, 0xd, 0xffffffffffffffff) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) clock_gettime(0x0, 0x0) clock_gettime(0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x5, 0x1, 0x200, 0x2, r0, 0x150, '\x00', 0x0, r0, 0x0, 0x3, 0x4, 0x40000000000000f}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0xc0241, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) setsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000), 0x4) 240.03884ms ago: executing program 4 (id=817): r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f00000000c0)) connect$inet(r0, &(0x7f0000001fc0)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_int(r0, 0x0, 0x3, 0x0, 0x0) 239.401481ms ago: executing program 2 (id=818): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) writev(r0, 0x0, 0x0) 223.379912ms ago: executing program 3 (id=819): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000fc0)={'gre0\x00', &(0x7f0000001140)={'gre0\x00', 0x0, 0x0, 0x0, 0x4, 0x0, {{0x51, 0x4, 0x0, 0x0, 0x144, 0x0, 0x0, 0x0, 0x2f, 0x0, @private=0xa010106, @local, {[@ssrr={0x89, 0x27, 0x32, [@private=0xa010100, @remote, @empty, @private=0xa010101, @rand_addr=0x64010102, @local, @loopback, @rand_addr=0x64010101, @multicast1]}, @timestamp={0x44, 0x14, 0x8a, 0x0, 0x4, [0x2, 0x0, 0x792, 0x404]}, @ssrr={0x89, 0xb, 0xc0, [@multicast2, @private=0xa010102]}, @cipso={0x86, 0x0, 0x1, [{0x2, 0x0, "28c08ddd1fa404b124e49b70baed596f"}, {0x5, 0x0, 'R'}, {0x1, 0x0, "fb714b0b"}, {0x7, 0x0, "e7285a4b4dc2027c4e"}, {0x2, 0x0, "bbe9dfbdbd8b41c2662ef6b44d4c2cd5"}, {0x1, 0x0, "9a901ac12a312a27d1ef"}, {0x1, 0x0, "dd45fb60"}, {0x1, 0x0, "33aa46e5155b75"}, {0x6, 0x0, "534a728b4fca"}]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x54, 0xe1, 0x1, 0x7, [{@multicast1, 0x8}, {@loopback, 0x3}, {@dev={0xac, 0x14, 0x14, 0x17}, 0x3}, {@empty, 0x400}, {@broadcast, 0x2}, {@empty, 0x1}, {@broadcast, 0x1}, {@dev={0xac, 0x14, 0x14, 0x23}, 0xe}, {@rand_addr=0x65010102, 0xa}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x10001}]}, @rr={0x7, 0x7, 0xdc, [@broadcast]}, @noop, @cipso={0x86, 0x7a, 0x3, [{0x7, 0x6, "63050004"}, {0x1, 0xf, "4fb3bab1b10caed7711c6b5be0"}, {0x2, 0xe, "0a91f1eda3ccbb85f81f5e8e"}, {0x7, 0x4, 'WQ'}, {0x7, 0x5, "76bf2e"}, {0x6, 0x10, "56f10be91b20916b0aba642ba7c7"}, {0x4, 0x11, "7dc7d7d3f32a4e0e0e6a5c9bc5e3fc"}, {0x0, 0xa, "351249b28d7f1b1f"}, {0x5, 0xe, "b6518807fb06f00c8964d53a"}, {0x6, 0x22, "cc78cdf7f9f871cdf7742ee054"}]}, @timestamp_addr={0x44, 0xc, 0xc, 0x1, 0xc, [{@empty, 0x7}]}]}}}}}) 207.289874ms ago: executing program 0 (id=820): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, 0x0) 194.654265ms ago: executing program 2 (id=821): ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000040)) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x119, 0x1, &(0x7f0000000000)=0x10, 0x4) syncfs(0xffffffffffffffff) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x0, 0x1}, 0x20) setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r1, &(0x7f0000000000)={&(0x7f0000000100)={0xa, 0x0, 0x80000, @dev}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="18008f5161545de73bb4ce6d864100"/36], 0x18}, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@private2, @rand_addr=' \x01\x00', @private0, 0x0, 0x241, 0x7}) r2 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r6, 0x0, 0x8ec0, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000ac0)={'#! ', './file0'}, 0xb) dup3(r4, r5, 0x0) dup2(r5, r6) getsockopt$PNPIPE_IFINDEX(r2, 0x113, 0x2, &(0x7f00000001c0)=0x0, &(0x7f0000000200)=0x4) sendmsg$nl_route_sched(r6, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000b00)=@gettclass={0x24, 0x2a, 0x0, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x3, 0x10}, {0x9, 0xa}, {0xb, 0xfff3}}, ["", "", "", "", ""]}, 0x24}}, 0x4) fsopen(0x0, 0x0) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r8, 0x0, 0x2e, &(0x7f0000000440)={0x0, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @remote}}}, 0x108) 167.155677ms ago: executing program 4 (id=822): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r1) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@var={0x2, 0x0, 0x0, 0x11, 0x3, 0xffffffff}, @const={0x0, 0x0, 0x0, 0x2}, @func_proto={0x2, 0x0, 0x0, 0x8, 0x2}]}}, 0x0, 0x42}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x9, 0x400, 0x483c, 0xf2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2, 0x1, 0x5}, 0x48) r3 = syz_open_dev$vcsu(&(0x7f00000006c0), 0x0, 0x20040) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100001c00100000000000120000d1850000000500000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) ioctl$SIOCGETSGCNT(r3, 0x89e1, &(0x7f0000000380)={@multicast2, @empty}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10) r5 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) bind$can_raw(r5, &(0x7f0000000180), 0x10) socket$nl_route(0x10, 0x3, 0x0) socket(0x200000000000011, 0x2, 0x0) bind$can_raw(r5, &(0x7f00000003c0)={0x1d, r6}, 0x10) 166.649987ms ago: executing program 3 (id=823): r0 = socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r0, &(0x7f0000000900)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x8, r3}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000500)="06c3a7666a1ecfde72e3c886cfc4", 0xe}], 0x1}}], 0x1, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$packet(r4, &(0x7f0000000040)={0x10, 0xf5, 0x0, 0x1, 0x0, 0x6, @random="b6c1c02b5fbb"}, 0x14) r5 = socket$nl_audit(0x10, 0x3, 0x9) sendto(r1, &(0x7f0000000080)="eb9f471a45d0c4d30ef51cd7e32405b1038c418c9e2fc95cb2ad68078692ba08cd0262", 0x23, 0x1, 0x0, 0x0) r6 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000500)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty}, 0x8, @in6=@private2, 0x0, 0x4}}, 0xe8) sendmsg$AUDIT_LIST_RULES(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x10, 0x3f5, 0x10, 0x70bd27, 0x0, "", ["", "", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) clock_gettime(0x1, &(0x7f0000000280)={0x0, 0x0}) r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRES16=r9, @ANYBLOB="01d91d1efb0000000000010000000200000001"], 0x30}}, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r2, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f0000000780)=ANY=[@ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x4904}, 0x40) futex(&(0x7f0000000240)=0x2, 0x10b, 0x2, &(0x7f0000000300)={r7, r8+10000000}, &(0x7f0000000380), 0x0) r11 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) futex(0x0, 0x0, 0x0, &(0x7f0000000340)={0x0, 0x989680}, &(0x7f00000003c0), 0x2) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r11, 0x0, 0x0) futex(0x0, 0x0, 0x1, &(0x7f00000000c0), &(0x7f0000000100)=0x1, 0x2) clock_gettime(0x2, &(0x7f0000000400)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0xe, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000711043000000000095000000000000003e8b0a3d0abf3ef1fea2d81225b3b7336f83742d2af26acf0d22a0049a6d"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80) mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0) mremap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000ffd000/0x2000)=nil) semget(0x3, 0x2, 0x10) clock_gettime(0x0, &(0x7f0000000480)) socket$inet6(0xa, 0x2, 0x3a) 164.652347ms ago: executing program 0 (id=824): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000140)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001fc0)=ANY=[@ANYRES16=r0, @ANYBLOB="010000000000000000001e0000001c002f800c00020000000000000000000c000380080001000100000008000300", @ANYRES32=r3, @ANYBLOB="38012f8008000100000100000c0002"], 0x170}}, 0x0) 140.896999ms ago: executing program 0 (id=825): socket$inet_udplite(0x2, 0x2, 0x88) r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x3, 0x300) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) setsockopt$inet6_tcp_int(r1, 0x6, 0x19, &(0x7f0000000040)=0x100000001, 0x4) r2 = fcntl$dupfd(r1, 0x0, r1) connect$unix(r2, &(0x7f00000000c0)=@abs, 0x6e) creat(&(0x7f0000000000)='./file0\x00', 0x0) recvfrom$x25(r2, &(0x7f0000000340)=""/46, 0x2e, 0x2, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r2}}) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000580)='./file0\x00', 0x80, &(0x7f0000000000)=ANY=[], 0xfd, 0x22e, &(0x7f0000000c00)="$eJzs2k+LW1UYwOH3dkZap0wT8R8tiAfd6ObSZOXCRQdpQQwo2ggqSG+dGw3JJENuGIhIOzu3fgTX4tKdIP0Cs/ETdOFuNrPsQrzSptiZEsFabNQ8zyYvnPzgXE4IZ3EP3/xmZ9Cr8l4xjVNZFuuXYj/uZNGMU7EWc/vx+o03br/0wUcfv7PV6Vx+P6UrW1db7ZTSuZd/+uSr71+5NT374Q/nfjwdB81PD4/avxy8cHD+8LerX/Sr1K/SaDxNRbo+Hk+L68MybferQZ7Se8OyqMrUH1Xl5MR6bzje3Z2lYrS9ubE7KasqFaNZGpSzNB2n6WSWis+L/ijleZ42N4LH0f3uTl3HUf3Utajr+ulv4+yt2LwdjcieSdmzl7Lnr2Uv7mfnj+q6seyt8o9w/qvN+a8257/ajl3qzkTsfL3X3evOP+frW73oxzDKuBiN+DXu/kzum89X3u5cvpjuaUbauXm/v7nXXTvZt6IRzcV9a96nk/3p2Djet6MRzy3u2wv7M/Haq8f6PBrx82cxjmFsx932QX+jldJb73Ye6i/c+x4AwP9Nnv6w8P6W53+2Pu8f4X740P1qPS6sL/fZiahmXw6K4bCcGP7qkP2Nai3+JZs3rM5QZ4+TL/ufiSfhwaEveycAAAAAAAAAAAA8iifxNuKynxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+G/4PQAA//9R0vDu") r3 = openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0) openat$cgroup_devices(r3, &(0x7f0000000200)='devices.allow\x00', 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) unshare(0x28000400) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r4, &(0x7f0000000100), 0x0}, 0x20) creat(&(0x7f0000000080)='./file0/file1\x00', 0x0) unlink(&(0x7f0000000100)='./file0/file1\x00') ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x5e3b1f2842aea36c}}, './file0/file1\x00'}) getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000e40)={{{@in6=@private0, @in=@local}}, {{@in6=@remote}, 0x0, @in=@initdev}}, &(0x7f0000000500)=0xd6) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f00000000c0)='./file0\x00', 0x19f, &(0x7f0000000440)={[{@nobarrier}], [{@hash}, {@smackfsfloor={'smackfsfloor', 0x3d, 'nobarrier'}}, {@dont_hash}, {@flag='async'}, {@permit_directio}]}, 0x1, 0x561, &(0x7f00000005c0)="$eJzs3c9rJFkdAPBvdbqz8yOznVUPOuC6uiszi05nsnF3g4d1BNHTgrjex5j0hJhOekg6u5MwYOYvEERU9KQHvQieRZABL3oTYUBvgsKKIprRg6BOSVVXJ5lMd09mtqc7mXw+UFOv3quq73uVqer68agK4MR6ISKuRMS9NE1fjohqkV8qhthuD9l8d3duzmdDEmn61t+TSIq8zrqSYny2WOxURHzpCxFfTR6Mu765tTzXaNTXiump1sr1qfXNrUtLK3OL9cX66szM9Guzr8++Ont5IO08FxFvfO7P3/7Gjz//xi8++c6frv71YtbsmCjK97fjEWSbqNxvhnbTK/m26MgWWHuMYEdVOW9h4XS3OdI0Te+l1X05t4ZSMwAADspOYN8XER+LiJejGmP9T2cBAACAYyj9zET8N2k/oelivEc+AAAAcIyU8j6wSalW9AWYiFKpVmv34f1AnCk1muutT1xrbqwu3PneRERMRqV0balRv1z0FZ6MSpJNT+fpvelXDkzPRMRzEfGt6ul8ujbfbCyM+uYHAAAAnBBnD1z//6vavv4HAAAAnjKTncTeW6pKo6oLAAAA8GRMjroCAAAAwBPn+h8AAACeal98881sSDvfv154e3Njufn2pYX6+nJtZWO+Nt9cu15bbDYX83f2rTxsfY1m8/qnYnXjxlSrvt6aWt/currS3FhtXV267xPYAAAAwBA995Hbv08iYvvTp/MhMz7qSgFDUd5NJcW4y97/x2fb43eHVClgKMYOMc+7zwyhIsDQlZ/YzMBRVxl1BYCRSx5S3rPzzm+K8UcHWx8AAGDwLnyo9/P//t8A2PaJADjm7MRwch14/p9WR1URYOjyR/qH7fDrZAGeKpVD9QAEnmbv+fn/Q6XpI1UIAAAYuIl8SEq14vbeRJRKtVrEufyzAJXk2lKjfjkino2I31Urz2TT0/mSyUOvGQAAAAAAAAAAAAAAAAAAAAAAAACAtjRNIu3nSt9SAAAA4BiIKP0l+WX7Xf4Xqi9NHLw/MJ78O/8k8HhEvPP9t75zY67VWpvO8v+xm9/6bpH/yijuYAAAAAAHda7TO9fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBId3duzt/duZn+Z+fm/DDj/u2zETG5Gz8f2iXlOJWPT0UlIs78M4nyvuWSiBgbQPztWxHxwW7xk6xauyGz+L9O749/+snHj8liK3Rr/9kBxIeT7HZ2/LnSbf8rxQv5uPv+V464b/px9T7+xe7xb6zH/n/ukDHO3/npVM/4tyLOl7sffzrxkx7xX4zSoeJ/5ctbW73K0h9EXIju8ffHmmqtXJ9a39y6tLQyt1hfrK/OzEy/Nvv67Kuzl6euLTXqxb9dY3zzwz+/16/9Z3rEnyzaP17Me7D9L/Vv9u7Pw//u3Nh5fztZ6Rb/4osPxv/Dr35YzPHg9i8Vv30fL9JZ+YVOerud3u/5n/z2+X7tX9hrf+XBv/9Yz7//xf7t3zOIHQUAGJj1za3luUajvnYcEpXHWSo7DevkVI9CK7aWv/aj9sY/Glv1eCXK+X/a8z8byAq/PtAapmma3yHqUnQ7Ig6zniSOynZujPjABAAADNzeSf+oawIAAAAAAAAAAAAAAAAAAAAn1wDfGTYePYoOxtzeTSXeDAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBn/DwAA//8AeNws") setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="7379737465302e76666174007a8bd87bdd1e24c751780543f7d03e0985ac9c98ce3909022625b6f69558c3c7df5f38cb38efae583cb3f65b4197"], &(0x7f0000000180)='permit_directio', 0xf, 0x2) 125.62379ms ago: executing program 3 (id=826): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x10) write(r1, &(0x7f0000000000)="fc0000001d000724ab09254ec100070007ab08001b000000f0ffff002100057e0000000000000e000039000000039815fad151ba0101099cecb94b46fe0000000a00020025", 0xffffff0c) r3 = socket$inet_udp(0x2, 0x2, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff}) splice(r4, 0x0, r1, 0x0, 0xffffffffffff8000, 0x0) close(0xffffffffffffffff) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) read(r5, &(0x7f0000000180)=""/68, 0x44) splice(r0, 0x0, r3, 0x0, 0x1100000000f336, 0x0) 111.180991ms ago: executing program 4 (id=827): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000005640)=0x2, 0x4) getsockopt$packet_buf(r0, 0x107, 0x6, 0x0, &(0x7f0000000100)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f0000e1ab14140000000000000000000084300400000000000000000000000041554449540000bcb92dfff07fca000000466ef58f5dc8438b000000000000000800"/376]}, 0x1f0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940001000000fcffc50000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r2}, 0x10) sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="500000000101010300000000000000000a0000000c001980"], 0x50}}, 0x0) 29.776868ms ago: executing program 1 (id=828): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000005640)=0x2, 0x4) getsockopt$packet_buf(r0, 0x107, 0x6, 0x0, &(0x7f0000000100)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet_tcp(0x2, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f0000e1ab14140000000000000000000084300400000000000000000000000041554449540000bcb92dfff07fca000000466ef58f5dc8438b000000000000000800"/376]}, 0x1f0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940001000000fcffc50000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r2}, 0x10) sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="500000000101010300000000000000000a0000000c001980"], 0x50}}, 0x0) 7.570949ms ago: executing program 2 (id=829): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) 4.28633ms ago: executing program 4 (id=830): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x10) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r1, 0x0, 0xffffffffffff8000, 0x0) close(r4) 0s ago: executing program 1 (id=831): socket$nl_netfilter(0x10, 0x3, 0xc) syz_open_dev$vcsa(&(0x7f0000000040), 0x0, 0x0) getresgid(&(0x7f0000000000), &(0x7f0000000180)=0x0, &(0x7f0000000140)=0x0) syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000200)='./file0\x00', 0x10814, &(0x7f0000000cc0)=ANY=[@ANYBLOB='umask=00000000000000000000000,flush,nodots,dots,gid=', @ANYRESHEX=r1, @ANYBLOB="00006b746769643d0092", @ANYRESOCT, @ANYBLOB="1500bba7d41fabba4332de3ca642acf6f8de847e3f21783608008708a887d30aaf0a14b0691d48445fe3b4d1ddde1b81337b2c3b5f88535d7f6fa931b84783704494cebe49ca9f6269b05edde0246c360d0566b4056f0f02ccab035d3d0a5cde0b31bd424949fe23c0a0a25691738006c5c6acdf101fecdb4f79abdfb95c6afaea03dd5903b5240565f31504c207a9a2aa6c8108fb973081e90412a3c6cfa3b2513693727fad9acd8108acb8b90fab033c9dac0dc3e5a61c513e7b5edc5d76320f0e54045ea2b7b8fb1f78d3d346e26ee5ed6926cea1ffe0a1", @ANYRESOCT=r0], 0x1, 0x1fa, &(0x7f0000000500)="$eJzs2zFrE2EYB/Dn2rRe7GAHJ1E4cHEK6icwSAUxIEQy6GSgurQipEsUxH4eZz+EX8alg2SLXO5om2sLjWdyEn8/ON6H/O/guSF53uHN27sfDvY/Hr3f+nISaZLFRsSTmETs5lUpKdd0Vm/HnCTq+FXraQDgj/T7w27TPbBco1F3eDsidi4kg2+NNAQAAAAAAAAAAEBti5z/34j4Wj3/f7zifgGA+pz/X1/tch2NusN7xf6twvl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDmT6fTWNL/Sci2vGxGRRkQ7Im5GRCsi8s+b7hcAqG8ynZ/7V83/iEgiwvwHgDXw6vWbF91eb6+fZWnEz+PxYDwo1iJ/9ry39zCb2T176mQ8Hmye5o+KPJvPt2b7hjx/fGm+HQ/uF3mePX3Zq+Q7sb/81weA/1InO3Vuvm+WV0Snc1mez+eiOrc/qMzvVtxprew1AIAFHH36fDA8PHw3+utFsthT7bKhq+/53lpWq4prFT+Sf6INRd0ivc7NDf8wAUt39qWvJmkzDQEAAAAAAAAAAAAAABes4i9HTb8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADr53cAAAD//8h6UUs=") open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x143ffd, 0x7fe2, 0x1}, 0x48) socket$packet(0x11, 0x3, 0x300) socket$nl_route(0x10, 0x3, 0x0) socket(0x1, 0x803, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195}, 0x90) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) pipe(&(0x7f0000000100)) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_MASTER={0x8, 0xa, r4}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x34}}, 0x0) kernel console output (not intermixed with test programs): o itself [ 50.251542][ T4383] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 50.254184][ T4389] loop3: detected capacity change from 0 to 128 [ 50.328565][ T4401] loop3: detected capacity change from 0 to 512 [ 50.343380][ T4401] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.355985][ T4401] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.406704][ T3260] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.455583][ T4417] loop1: detected capacity change from 0 to 512 [ 50.467606][ T4417] EXT4-fs (loop1): orphan cleanup on readonly fs [ 50.470005][ T4422] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 50.483675][ T4417] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 50.484139][ T4422] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 50.517211][ T4417] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 50.538139][ T4422] loop0: detected capacity change from 0 to 2048 [ 50.550006][ T4417] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz.1.352: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 50.570210][ T4417] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.352: couldn't read orphan inode 13 (err -117) [ 50.583951][ T4417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 50.612632][ T3262] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.630959][ T4427] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 50.639621][ T4427] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 50.657245][ T4427] loop1: detected capacity change from 0 to 2048 [ 51.098904][ T4430] dccp_invalid_packet: P.Data Offset(0) too small [ 51.180557][ T4443] FAULT_INJECTION: forcing a failure. [ 51.180557][ T4443] name failslab, interval 1, probability 0, space 0, times 0 [ 51.193257][ T4443] CPU: 0 UID: 0 PID: 4443 Comm: syz.0.361 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 51.203517][ T4443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 51.213695][ T4443] Call Trace: [ 51.216968][ T4443] [ 51.219989][ T4443] dump_stack_lvl+0xf2/0x150 [ 51.224583][ T4443] dump_stack+0x15/0x20 [ 51.228769][ T4443] should_fail_ex+0x229/0x230 [ 51.233462][ T4443] ? io_alloc_page_table+0x3b/0x100 [ 51.238679][ T4443] should_failslab+0x8f/0xb0 [ 51.243280][ T4443] __kmalloc_noprof+0xa5/0x370 [ 51.248224][ T4443] io_alloc_page_table+0x3b/0x100 [ 51.253322][ T4443] io_rsrc_data_alloc+0x7c/0x1a0 [ 51.258282][ T4443] io_sqe_buffers_register+0xdf/0x420 [ 51.263759][ T4443] ? __fget_files+0x1da/0x210 [ 51.268444][ T4443] __se_sys_io_uring_register+0x96a/0x1070 [ 51.274347][ T4443] __x64_sys_io_uring_register+0x55/0x70 [ 51.279986][ T4443] x64_sys_call+0xb9d/0x2e00 [ 51.284590][ T4443] do_syscall_64+0xc9/0x1c0 [ 51.289166][ T4443] ? clear_bhb_loop+0x55/0xb0 [ 51.293904][ T4443] ? clear_bhb_loop+0x55/0xb0 [ 51.298590][ T4443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.304504][ T4443] RIP: 0033:0x7f110b147299 [ 51.308907][ T4443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.328506][ T4443] RSP: 002b:00007f1109dc7048 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 51.337005][ T4443] RAX: ffffffffffffffda RBX: 00007f110b2d5f80 RCX: 00007f110b147299 [ 51.345063][ T4443] RDX: 0000000020001680 RSI: 0000000000000000 RDI: 0000000000000006 [ 51.353028][ T4443] RBP: 00007f1109dc70a0 R08: 0000000000000000 R09: 0000000000000000 [ 51.361054][ T4443] R10: 00000000000020a3 R11: 0000000000000246 R12: 0000000000000001 [ 51.369109][ T4443] R13: 000000000000000b R14: 00007f110b2d5f80 R15: 00007ffcdd7a5678 [ 51.377106][ T4443] [ 51.458874][ T4459] loop3: detected capacity change from 0 to 512 [ 51.465439][ T4459] EXT4-fs: Ignoring removed bh option [ 51.480075][ T4464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 51.488690][ T4459] EXT4-fs error (device loop3): __ext4_iget:4985: inode #15: block 1803188595: comm syz.3.366: invalid block [ 51.491119][ T4466] loop0: detected capacity change from 0 to 512 [ 51.511108][ T4464] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 51.525386][ T4459] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.366: couldn't read orphan inode 15 (err -117) [ 51.545307][ T4464] loop4: detected capacity change from 0 to 2048 [ 51.546607][ T4466] EXT4-fs: Ignoring removed bh option [ 51.565960][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 51.565978][ T29] audit: type=1400 audit(1721956334.705:315): avc: denied { write } for pid=4468 comm="syz.2.370" laddr=172.20.20.10 lport=250 faddr=172.20.20.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 51.567133][ T4459] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.612037][ T4466] EXT4-fs error (device loop0): __ext4_iget:4985: inode #15: block 1803188595: comm syz.0.369: invalid block [ 51.626529][ T4466] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.369: couldn't read orphan inode 15 (err -117) [ 51.639323][ T4466] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.671426][ T3260] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.690696][ T3257] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.771286][ T4480] FAULT_INJECTION: forcing a failure. [ 51.771286][ T4480] name failslab, interval 1, probability 0, space 0, times 0 [ 51.784130][ T4480] CPU: 1 UID: 0 PID: 4480 Comm: syz.0.372 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 51.794434][ T4480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 51.804510][ T4480] Call Trace: [ 51.807802][ T4480] [ 51.810777][ T4480] dump_stack_lvl+0xf2/0x150 [ 51.815402][ T4480] dump_stack+0x15/0x20 [ 51.819598][ T4480] should_fail_ex+0x229/0x230 [ 51.824300][ T4480] ? __alloc_skb+0x10b/0x310 [ 51.828914][ T4480] should_failslab+0x8f/0xb0 [ 51.833595][ T4480] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 51.839427][ T4480] __alloc_skb+0x10b/0x310 [ 51.843897][ T4480] netlink_alloc_large_skb+0xad/0xe0 [ 51.849218][ T4480] netlink_sendmsg+0x3b4/0x6e0 [ 51.854043][ T4480] ? __pfx_netlink_sendmsg+0x10/0x10 [ 51.859383][ T4480] __sock_sendmsg+0x140/0x180 [ 51.864199][ T4480] ____sys_sendmsg+0x312/0x410 [ 51.869111][ T4480] __sys_sendmsg+0x1e9/0x280 [ 51.873820][ T4480] __x64_sys_sendmsg+0x46/0x50 [ 51.878622][ T4480] x64_sys_call+0x26f8/0x2e00 [ 51.883455][ T4480] do_syscall_64+0xc9/0x1c0 [ 51.887994][ T4480] ? clear_bhb_loop+0x55/0xb0 [ 51.892886][ T4480] ? clear_bhb_loop+0x55/0xb0 [ 51.897644][ T4480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.903575][ T4480] RIP: 0033:0x7f110b147299 [ 51.908009][ T4480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.927671][ T4480] RSP: 002b:00007f1109dc7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 51.936166][ T4480] RAX: ffffffffffffffda RBX: 00007f110b2d5f80 RCX: 00007f110b147299 [ 51.944157][ T4480] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 51.952139][ T4480] RBP: 00007f1109dc70a0 R08: 0000000000000000 R09: 0000000000000000 [ 51.960111][ T4480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.968099][ T4480] R13: 000000000000000b R14: 00007f110b2d5f80 R15: 00007ffcdd7a5678 [ 51.976149][ T4480] [ 51.980004][ T4481] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 52.024197][ T4494] FAULT_INJECTION: forcing a failure. [ 52.024197][ T4494] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 52.039277][ T29] audit: type=1400 audit(1721956335.185:316): avc: denied { create } for pid=4496 comm="syz.1.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 52.046348][ T4494] CPU: 1 UID: 0 PID: 4494 Comm: syz.0.378 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 52.076856][ T4494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 52.076870][ T4494] Call Trace: [ 52.076878][ T4494] [ 52.076905][ T4494] dump_stack_lvl+0xf2/0x150 [ 52.076948][ T4494] dump_stack+0x15/0x20 [ 52.077008][ T4494] should_fail_ex+0x229/0x230 [ 52.077045][ T4494] should_fail+0xb/0x10 [ 52.077080][ T4494] should_fail_usercopy+0x1a/0x20 [ 52.077197][ T4494] _copy_from_user+0x1e/0xd0 [ 52.077232][ T4494] move_addr_to_kernel+0x82/0x120 [ 52.077272][ T4494] copy_msghdr_from_user+0x271/0x2a0 [ 52.077378][ T4494] __sys_sendmmsg+0x22a/0x500 [ 52.077502][ T4494] __x64_sys_sendmmsg+0x57/0x70 [ 52.077534][ T4494] x64_sys_call+0x2b4e/0x2e00 [ 52.077569][ T4494] do_syscall_64+0xc9/0x1c0 [ 52.077607][ T4494] ? clear_bhb_loop+0x55/0xb0 [ 52.077696][ T4494] ? clear_bhb_loop+0x55/0xb0 [ 52.077729][ T4494] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 52.077827][ T4494] RIP: 0033:0x7f110b147299 [ 52.077849][ T4494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 52.077939][ T4494] RSP: 002b:00007f1109dc7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 52.077961][ T4494] RAX: ffffffffffffffda RBX: 00007f110b2d5f80 RCX: 00007f110b147299 [ 52.077980][ T4494] RDX: 0000000000000001 RSI: 0000000020002ac0 RDI: 0000000000000003 [ 52.078026][ T4494] RBP: 00007f1109dc70a0 R08: 0000000000000000 R09: 0000000000000000 [ 52.078041][ T4494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.078071][ T4494] R13: 000000000000000b R14: 00007f110b2d5f80 R15: 00007ffcdd7a5678 [ 52.078092][ T4494] [ 52.097121][ T4497] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 52.097920][ T29] audit: type=1400 audit(1721956335.195:317): avc: denied { write } for pid=4496 comm="syz.1.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 52.097950][ T29] audit: type=1400 audit(1721956335.195:318): avc: denied { nlmsg_read } for pid=4496 comm="syz.1.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 52.098022][ T29] audit: type=1400 audit(1721956335.195:319): avc: denied { ioctl } for pid=4496 comm="syz.1.377" path="socket:[6958]" dev="sockfs" ino=6958 ioctlcmd=0x4590 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 52.183465][ T29] audit: type=1400 audit(1721956335.325:320): avc: denied { unlink } for pid=2941 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 52.340788][ T4510] netlink: 48 bytes leftover after parsing attributes in process `syz.0.380'. [ 52.408162][ T4512] loop3: detected capacity change from 0 to 512 [ 52.410402][ T4512] EXT4-fs: Ignoring removed bh option [ 52.410769][ T4514] loop1: detected capacity change from 0 to 512 [ 52.413427][ T4514] EXT4-fs: Ignoring removed bh option [ 52.422578][ T4514] EXT4-fs error (device loop1): __ext4_iget:4985: inode #15: block 1803188595: comm syz.1.382: invalid block [ 52.432095][ T4512] EXT4-fs error (device loop3): __ext4_iget:4985: inode #15: block 1803188595: comm syz.3.383: invalid block [ 52.432267][ T4512] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.383: couldn't read orphan inode 15 (err -117) [ 52.432391][ T4514] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.382: couldn't read orphan inode 15 (err -117) [ 52.433021][ T4514] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.436510][ T4512] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.446817][ T4518] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 52.446924][ T4518] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 52.461407][ T3260] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.461946][ T3262] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.469554][ T4518] loop4: detected capacity change from 0 to 2048 [ 52.499577][ T4524] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 52.501243][ T4524] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 52.507240][ T4518] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.534426][ T4524] loop1: detected capacity change from 0 to 2048 [ 52.547568][ T4526] loop3: detected capacity change from 0 to 256 [ 52.565106][ T4518] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.593882][ T4526] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 52.902836][ T4526] team0: Cannot enslave team device to itself [ 52.909100][ T4526] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 53.021646][ T29] audit: type=1400 audit(1721956336.165:321): avc: denied { read } for pid=4530 comm="syz.2.389" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 53.050827][ T29] audit: type=1400 audit(1721956336.165:322): avc: denied { open } for pid=4530 comm="syz.2.389" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 53.065061][ T4533] FAULT_INJECTION: forcing a failure. [ 53.065061][ T4533] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 53.080388][ T4534] loop2: detected capacity change from 0 to 512 [ 53.087467][ T4533] CPU: 0 UID: 0 PID: 4533 Comm: syz.0.390 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 53.103967][ T4533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 53.114020][ T4533] Call Trace: [ 53.117347][ T4533] [ 53.120275][ T4533] dump_stack_lvl+0xf2/0x150 [ 53.124896][ T4533] dump_stack+0x15/0x20 [ 53.129054][ T4533] should_fail_ex+0x229/0x230 [ 53.133735][ T4533] should_fail+0xb/0x10 [ 53.137940][ T4533] should_fail_usercopy+0x1a/0x20 [ 53.142992][ T4533] _copy_to_user+0x1e/0xa0 [ 53.147419][ T4533] simple_read_from_buffer+0xa0/0x110 [ 53.152803][ T4533] proc_fail_nth_read+0xfc/0x140 [ 53.157751][ T4533] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 53.163353][ T4533] vfs_read+0x1a2/0x6e0 [ 53.167627][ T4533] ? __rcu_read_unlock+0x4e/0x70 [ 53.172626][ T4533] ? __fget_files+0x1da/0x210 [ 53.177325][ T4533] ksys_read+0xeb/0x1b0 [ 53.181607][ T4533] __x64_sys_read+0x42/0x50 [ 53.186141][ T4533] x64_sys_call+0x2a36/0x2e00 [ 53.190830][ T4533] do_syscall_64+0xc9/0x1c0 [ 53.195347][ T4533] ? clear_bhb_loop+0x55/0xb0 [ 53.200033][ T4533] ? clear_bhb_loop+0x55/0xb0 [ 53.204777][ T4533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.210743][ T4533] RIP: 0033:0x7f110b145d7c [ 53.215161][ T4533] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 53.234773][ T4533] RSP: 002b:00007f1109dc7040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 53.243202][ T4533] RAX: ffffffffffffffda RBX: 00007f110b2d5f80 RCX: 00007f110b145d7c [ 53.251172][ T4533] RDX: 000000000000000f RSI: 00007f1109dc70b0 RDI: 0000000000000004 [ 53.259135][ T4533] RBP: 00007f1109dc70a0 R08: 0000000000000000 R09: 0000000000000000 [ 53.267279][ T4533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.275256][ T4533] R13: 000000000000000b R14: 00007f110b2d5f80 R15: 00007ffcdd7a5678 [ 53.283391][ T4533] [ 53.295563][ T4536] FAULT_INJECTION: forcing a failure. [ 53.295563][ T4536] name failslab, interval 1, probability 0, space 0, times 0 [ 53.307353][ T4534] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 53.308271][ T4536] CPU: 1 UID: 0 PID: 4536 Comm: syz.3.391 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 53.328174][ T4536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 53.338232][ T4536] Call Trace: [ 53.341586][ T4536] [ 53.344519][ T4536] dump_stack_lvl+0xf2/0x150 [ 53.349176][ T4536] dump_stack+0x15/0x20 [ 53.353388][ T4536] should_fail_ex+0x229/0x230 [ 53.358084][ T4536] ? __alloc_skb+0x10b/0x310 [ 53.362759][ T4536] should_failslab+0x8f/0xb0 [ 53.367559][ T4536] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 53.373387][ T4536] __alloc_skb+0x10b/0x310 [ 53.377831][ T4536] netlink_alloc_large_skb+0xad/0xe0 [ 53.383243][ T4536] netlink_sendmsg+0x3b4/0x6e0 [ 53.388039][ T4536] ? __pfx_netlink_sendmsg+0x10/0x10 [ 53.393341][ T4536] __sock_sendmsg+0x140/0x180 [ 53.398091][ T4536] ____sys_sendmsg+0x312/0x410 [ 53.402865][ T4536] __sys_sendmsg+0x1e9/0x280 [ 53.407524][ T4536] __x64_sys_sendmsg+0x46/0x50 [ 53.412313][ T4536] x64_sys_call+0x26f8/0x2e00 [ 53.417060][ T4536] do_syscall_64+0xc9/0x1c0 [ 53.421589][ T4536] ? clear_bhb_loop+0x55/0xb0 [ 53.426269][ T4536] ? clear_bhb_loop+0x55/0xb0 [ 53.431029][ T4536] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.437051][ T4536] RIP: 0033:0x7f363c447299 [ 53.441459][ T4536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 53.461592][ T4536] RSP: 002b:00007f363b0c7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 53.470255][ T4536] RAX: ffffffffffffffda RBX: 00007f363c5d5f80 RCX: 00007f363c447299 [ 53.478288][ T4536] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000003 [ 53.486425][ T4536] RBP: 00007f363b0c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 53.494396][ T4536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.502358][ T4536] R13: 000000000000000b R14: 00007f363c5d5f80 R15: 00007ffd2c715798 [ 53.510402][ T4536] [ 53.515137][ T4534] EXT4-fs (loop2): 1 truncate cleaned up [ 53.546337][ T4534] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.582593][ T4551] loop1: detected capacity change from 0 to 512 [ 53.609276][ T4551] EXT4-fs: Ignoring removed bh option [ 53.633169][ T4551] EXT4-fs error (device loop1): __ext4_iget:4985: inode #15: block 1803188595: comm syz.1.396: invalid block [ 53.645170][ T4551] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.396: couldn't read orphan inode 15 (err -117) [ 53.674694][ T4551] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.697873][ T4558] loop0: detected capacity change from 0 to 512 [ 53.800106][ T3262] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.812183][ T4558] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.824722][ T4558] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 53.841621][ T4558] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.397: Directory hole found for htree leaf block 0 [ 53.903155][ T4572] netlink: 4 bytes leftover after parsing attributes in process `syz.4.400'. [ 53.916462][ T4572] netlink: 32 bytes leftover after parsing attributes in process `syz.4.400'. [ 53.935956][ T4576] netlink: 4 bytes leftover after parsing attributes in process `syz.4.400'. [ 53.972217][ T4582] loop4: detected capacity change from 0 to 512 [ 53.988998][ T4558] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.397: Directory hole found for htree leaf block 0 [ 54.031060][ T4584] netlink: 48 bytes leftover after parsing attributes in process `syz.1.401'. [ 54.043416][ T4582] EXT4-fs (loop4): orphan cleanup on readonly fs [ 54.059061][ T3257] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.070001][ T4582] EXT4-fs warning (device loop4): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 54.086506][ T4582] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 54.094733][ T4582] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.402: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 54.114335][ T4582] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.402: couldn't read orphan inode 13 (err -117) [ 54.126663][ T4582] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 54.191033][ T4587] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 54.195926][ T4589] netlink: 140 bytes leftover after parsing attributes in process `syz.4.404'. [ 54.203166][ T4587] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 54.208476][ T4589] netlink: 144 bytes leftover after parsing attributes in process `syz.4.404'. [ 54.267094][ T4587] loop0: detected capacity change from 0 to 2048 [ 54.280220][ T4594] 9pnet_fd: Insufficient options for proto=fd [ 54.280298][ T4595] FAULT_INJECTION: forcing a failure. [ 54.280298][ T4595] name failslab, interval 1, probability 0, space 0, times 0 [ 54.289468][ T4594] loop4: detected capacity change from 0 to 512 [ 54.299045][ T4595] CPU: 0 UID: 0 PID: 4595 Comm: syz.3.406 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 54.315429][ T4595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 54.325497][ T4595] Call Trace: [ 54.328771][ T4595] [ 54.331781][ T4595] dump_stack_lvl+0xf2/0x150 [ 54.336389][ T4595] dump_stack+0x15/0x20 [ 54.340618][ T4595] should_fail_ex+0x229/0x230 [ 54.345310][ T4595] ? __alloc_skb+0x10b/0x310 [ 54.349978][ T4595] should_failslab+0x8f/0xb0 [ 54.354583][ T4595] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 54.360449][ T4595] __alloc_skb+0x10b/0x310 [ 54.365030][ T4595] netlink_alloc_large_skb+0xad/0xe0 [ 54.370396][ T4595] netlink_sendmsg+0x3b4/0x6e0 [ 54.375210][ T4595] ? __pfx_netlink_sendmsg+0x10/0x10 [ 54.380505][ T4595] __sock_sendmsg+0x140/0x180 [ 54.385229][ T4595] ____sys_sendmsg+0x312/0x410 [ 54.390099][ T4595] __sys_sendmsg+0x1e9/0x280 [ 54.394703][ T4595] __x64_sys_sendmsg+0x46/0x50 [ 54.399464][ T4595] x64_sys_call+0x26f8/0x2e00 [ 54.404243][ T4595] do_syscall_64+0xc9/0x1c0 [ 54.408861][ T4595] ? clear_bhb_loop+0x55/0xb0 [ 54.413552][ T4595] ? clear_bhb_loop+0x55/0xb0 [ 54.418252][ T4595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.424207][ T4595] RIP: 0033:0x7f363c447299 [ 54.428612][ T4595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.448239][ T4595] RSP: 002b:00007f363b0c7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 54.456658][ T4595] RAX: ffffffffffffffda RBX: 00007f363c5d5f80 RCX: 00007f363c447299 [ 54.464800][ T4595] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000004 [ 54.472866][ T4595] RBP: 00007f363b0c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 54.480984][ T4595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.488959][ T4595] R13: 000000000000000b R14: 00007f363c5d5f80 R15: 00007ffd2c715798 [ 54.497106][ T4595] [ 54.505831][ T4594] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.407: corrupted in-inode xattr: bad e_name length [ 54.524379][ T4594] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.407: couldn't read orphan inode 15 (err -117) [ 54.551393][ T4598] loop3: detected capacity change from 0 to 2048 [ 54.595347][ T4598] Alternate GPT is invalid, using primary GPT. [ 54.601954][ T4598] loop3: p2 p3 p7 [ 54.682410][ T29] audit: type=1400 audit(1721956337.825:323): avc: denied { write } for pid=4601 comm="syz.3.409" path="socket:[8197]" dev="sockfs" ino=8197 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 54.800369][ T4609] FAULT_INJECTION: forcing a failure. [ 54.800369][ T4609] name failslab, interval 1, probability 0, space 0, times 0 [ 54.813029][ T4609] CPU: 0 UID: 0 PID: 4609 Comm: syz.3.413 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 54.823292][ T4609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 54.833364][ T4609] Call Trace: [ 54.836651][ T4609] [ 54.839574][ T4609] dump_stack_lvl+0xf2/0x150 [ 54.844250][ T4609] dump_stack+0x15/0x20 [ 54.848483][ T4609] should_fail_ex+0x229/0x230 [ 54.853166][ T4609] ? io_alloc_async_data+0x4a/0xb0 [ 54.858338][ T4609] should_failslab+0x8f/0xb0 [ 54.863207][ T4609] __kmalloc_noprof+0xa5/0x370 [ 54.868032][ T4609] io_alloc_async_data+0x4a/0xb0 [ 54.872996][ T4609] io_prep_rw+0x2ec/0x440 [ 54.877422][ T4609] io_prep_writev+0x5a/0x1d0 [ 54.882338][ T4609] io_submit_sqes+0x64c/0x1080 [ 54.887176][ T4609] ? __rcu_read_unlock+0x4e/0x70 [ 54.892129][ T4609] ? xa_load+0xb9/0xe0 [ 54.896265][ T4609] __se_sys_io_uring_enter+0x1c6/0x15a0 [ 54.902220][ T4609] ? __fget_files+0x1da/0x210 [ 54.906905][ T4609] ? fput+0x13b/0x180 [ 54.910897][ T4609] ? ksys_write+0x178/0x1b0 [ 54.915405][ T4609] __x64_sys_io_uring_enter+0x78/0x90 [ 54.920826][ T4609] x64_sys_call+0x26d0/0x2e00 [ 54.925582][ T4609] do_syscall_64+0xc9/0x1c0 [ 54.930101][ T4609] ? clear_bhb_loop+0x55/0xb0 [ 54.934783][ T4609] ? clear_bhb_loop+0x55/0xb0 [ 54.939463][ T4609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.945384][ T4609] RIP: 0033:0x7f363c447299 [ 54.949936][ T4609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.969647][ T4609] RSP: 002b:00007f363b0c7048 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 54.978224][ T4609] RAX: ffffffffffffffda RBX: 00007f363c5d5f80 RCX: 00007f363c447299 [ 54.986283][ T4609] RDX: 0000000000000000 RSI: 00000000000047ba RDI: 0000000000000005 [ 54.994254][ T4609] RBP: 00007f363b0c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 55.002217][ T4609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.010230][ T4609] R13: 000000000000000b R14: 00007f363c5d5f80 R15: 00007ffd2c715798 [ 55.018199][ T4609] [ 55.113488][ T4619] sctp: [Deprecated]: syz.3.415 (pid 4619) Use of int in max_burst socket option deprecated. [ 55.113488][ T4619] Use struct sctp_assoc_value instead [ 55.153970][ T4624] FAULT_INJECTION: forcing a failure. [ 55.153970][ T4624] name failslab, interval 1, probability 0, space 0, times 0 [ 55.166934][ T4624] CPU: 1 UID: 0 PID: 4624 Comm: syz.2.418 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 55.171535][ T4626] loop1: detected capacity change from 0 to 128 [ 55.177355][ T4624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 55.177372][ T4624] Call Trace: [ 55.177380][ T4624] [ 55.177388][ T4624] dump_stack_lvl+0xf2/0x150 [ 55.194716][ T4626] ext4 filesystem being mounted at /92/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 55.197041][ T4624] dump_stack+0x15/0x20 [ 55.201183][ T29] audit: type=1400 audit(1721956338.315:324): avc: denied { create } for pid=4625 comm="syz.1.419" name="memory.events.local" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 55.204524][ T4624] should_fail_ex+0x229/0x230 [ 55.204562][ T4624] ? bpf_test_init+0xc7/0x170 [ 55.271253][ T4624] should_failslab+0x8f/0xb0 [ 55.275945][ T4624] __kmalloc_noprof+0xa5/0x370 [ 55.280782][ T4624] ? _parse_integer+0x27/0x30 [ 55.285615][ T4624] bpf_test_init+0xc7/0x170 [ 55.290161][ T4624] bpf_prog_test_run_skb+0x151/0xba0 [ 55.295476][ T4624] ? __rcu_read_unlock+0x4e/0x70 [ 55.300416][ T4624] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 55.306223][ T4624] bpf_prog_test_run+0x26d/0x3e0 [ 55.311199][ T4624] __sys_bpf+0x400/0x7a0 [ 55.315474][ T4624] __x64_sys_bpf+0x43/0x50 [ 55.319893][ T4624] x64_sys_call+0x23d5/0x2e00 [ 55.324688][ T4624] do_syscall_64+0xc9/0x1c0 [ 55.329220][ T4624] ? clear_bhb_loop+0x55/0xb0 [ 55.333970][ T4624] ? clear_bhb_loop+0x55/0xb0 [ 55.338659][ T4624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.344581][ T4624] RIP: 0033:0x7faa1ae47299 [ 55.348993][ T4624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.369142][ T4624] RSP: 002b:00007faa19ac7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 55.378011][ T4624] RAX: ffffffffffffffda RBX: 00007faa1afd5f80 RCX: 00007faa1ae47299 [ 55.386152][ T4624] RDX: 0000000000000050 RSI: 0000000020000340 RDI: 000000000000000a [ 55.394270][ T4624] RBP: 00007faa19ac70a0 R08: 0000000000000000 R09: 0000000000000000 [ 55.402252][ T4624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.410221][ T4624] R13: 000000000000000b R14: 00007faa1afd5f80 R15: 00007fffd42642e8 [ 55.418221][ T4624] [ 55.426269][ T4630] loop0: detected capacity change from 0 to 256 [ 55.436402][ T4630] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 55.457820][ T4634] FAULT_INJECTION: forcing a failure. [ 55.457820][ T4634] name failslab, interval 1, probability 0, space 0, times 0 [ 55.458692][ T4632] loop2: detected capacity change from 0 to 256 [ 55.470939][ T4634] CPU: 1 UID: 0 PID: 4634 Comm: syz.1.422 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 55.487426][ T4634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 55.497502][ T4634] Call Trace: [ 55.500790][ T4634] [ 55.503715][ T4634] dump_stack_lvl+0xf2/0x150 [ 55.508393][ T4634] dump_stack+0x15/0x20 [ 55.512564][ T4634] should_fail_ex+0x229/0x230 [ 55.517253][ T4634] ? __alloc_skb+0x10b/0x310 [ 55.521872][ T4634] should_failslab+0x8f/0xb0 [ 55.526480][ T4634] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 55.532406][ T4634] __alloc_skb+0x10b/0x310 [ 55.536869][ T4634] netlink_alloc_large_skb+0xad/0xe0 [ 55.542228][ T4634] netlink_sendmsg+0x3b4/0x6e0 [ 55.547031][ T4634] ? __pfx_netlink_sendmsg+0x10/0x10 [ 55.552314][ T4634] __sock_sendmsg+0x140/0x180 [ 55.557122][ T4634] ____sys_sendmsg+0x312/0x410 [ 55.561948][ T4634] __sys_sendmsg+0x1e9/0x280 [ 55.566561][ T4634] __x64_sys_sendmsg+0x46/0x50 [ 55.571338][ T4634] x64_sys_call+0x26f8/0x2e00 [ 55.576054][ T4634] do_syscall_64+0xc9/0x1c0 [ 55.580573][ T4634] ? clear_bhb_loop+0x55/0xb0 [ 55.585337][ T4634] ? clear_bhb_loop+0x55/0xb0 [ 55.590083][ T4634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.595980][ T4634] RIP: 0033:0x7f9e5be87299 [ 55.600390][ T4634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.620192][ T4634] RSP: 002b:00007f9e5ab07048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 55.628650][ T4634] RAX: ffffffffffffffda RBX: 00007f9e5c015f80 RCX: 00007f9e5be87299 [ 55.636632][ T4634] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 55.644593][ T4634] RBP: 00007f9e5ab070a0 R08: 0000000000000000 R09: 0000000000000000 [ 55.652557][ T4634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.660522][ T4634] R13: 000000000000000b R14: 00007f9e5c015f80 R15: 00007ffc0db5af58 [ 55.668565][ T4634] [ 55.681863][ T4632] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 55.708189][ T4632] team0: Cannot enslave team device to itself [ 55.714413][ T4632] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 55.780844][ T4638] loop1: detected capacity change from 0 to 512 [ 55.794297][ T4638] EXT4-fs (loop1): orphan cleanup on readonly fs [ 55.802808][ T4638] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 55.821979][ T4638] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 55.829072][ T4638] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz.1.424: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 55.863379][ T4638] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.424: couldn't read orphan inode 13 (err -117) [ 55.911031][ T4650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 55.920055][ T4650] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 55.929830][ T4653] FAULT_INJECTION: forcing a failure. [ 55.929830][ T4653] name failslab, interval 1, probability 0, space 0, times 0 [ 55.942575][ T4653] CPU: 1 UID: 0 PID: 4653 Comm: syz.3.432 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 55.953285][ T4653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 55.963450][ T4653] Call Trace: [ 55.966801][ T4653] [ 55.969788][ T4653] dump_stack_lvl+0xf2/0x150 [ 55.974416][ T4653] dump_stack+0x15/0x20 [ 55.978672][ T4653] should_fail_ex+0x229/0x230 [ 55.983471][ T4653] ? __alloc_skb+0x10b/0x310 [ 55.988098][ T4653] should_failslab+0x8f/0xb0 [ 55.992740][ T4653] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 55.998618][ T4653] __alloc_skb+0x10b/0x310 [ 56.003061][ T4653] netlink_alloc_large_skb+0xad/0xe0 [ 56.008434][ T4653] netlink_sendmsg+0x3b4/0x6e0 [ 56.013210][ T4653] ? __pfx_netlink_sendmsg+0x10/0x10 [ 56.018551][ T4653] __sock_sendmsg+0x140/0x180 [ 56.023278][ T4653] ____sys_sendmsg+0x312/0x410 [ 56.028104][ T4653] __sys_sendmsg+0x1e9/0x280 [ 56.032732][ T4653] __x64_sys_sendmsg+0x46/0x50 [ 56.037595][ T4653] x64_sys_call+0x26f8/0x2e00 [ 56.042274][ T4653] do_syscall_64+0xc9/0x1c0 [ 56.046794][ T4653] ? clear_bhb_loop+0x55/0xb0 [ 56.051470][ T4653] ? clear_bhb_loop+0x55/0xb0 [ 56.056307][ T4653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.062671][ T4653] RIP: 0033:0x7f363c447299 [ 56.067302][ T4653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.087026][ T4653] RSP: 002b:00007f363b0c7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 56.095454][ T4653] RAX: ffffffffffffffda RBX: 00007f363c5d5f80 RCX: 00007f363c447299 [ 56.103422][ T4653] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 56.111388][ T4653] RBP: 00007f363b0c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 56.119426][ T4653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.127390][ T4653] R13: 000000000000000b R14: 00007f363c5d5f80 R15: 00007ffd2c715798 [ 56.135459][ T4653] [ 56.158618][ T4650] loop2: detected capacity change from 0 to 2048 [ 56.218844][ T4666] sg_write: data in/out 64688/14 bytes for SCSI command 0x0-- guessing data in; [ 56.218844][ T4666] program syz.3.434 not setting count and/or reply_len properly [ 56.235880][ T4666] netlink: 4 bytes leftover after parsing attributes in process `syz.3.434'. [ 56.246627][ T4668] loop1: detected capacity change from 0 to 256 [ 56.258839][ T4668] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 56.309740][ T4675] FAULT_INJECTION: forcing a failure. [ 56.309740][ T4675] name failslab, interval 1, probability 0, space 0, times 0 [ 56.317061][ T4677] loop0: detected capacity change from 0 to 256 [ 56.322413][ T4675] CPU: 1 UID: 0 PID: 4675 Comm: syz.3.438 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 56.338878][ T4675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 56.349341][ T4675] Call Trace: [ 56.352617][ T4675] [ 56.355566][ T4675] dump_stack_lvl+0xf2/0x150 [ 56.360228][ T4675] dump_stack+0x15/0x20 [ 56.364556][ T4675] should_fail_ex+0x229/0x230 [ 56.369404][ T4675] ? __alloc_skb+0x10b/0x310 [ 56.374022][ T4675] should_failslab+0x8f/0xb0 [ 56.378827][ T4675] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 56.384673][ T4675] __alloc_skb+0x10b/0x310 [ 56.389177][ T4675] netlink_alloc_large_skb+0xad/0xe0 [ 56.394568][ T4675] netlink_sendmsg+0x3b4/0x6e0 [ 56.399346][ T4675] ? __pfx_netlink_sendmsg+0x10/0x10 [ 56.404676][ T4675] __sock_sendmsg+0x140/0x180 [ 56.409444][ T4675] ____sys_sendmsg+0x312/0x410 [ 56.414239][ T4675] __sys_sendmsg+0x1e9/0x280 [ 56.418910][ T4675] __x64_sys_sendmsg+0x46/0x50 [ 56.423722][ T4675] x64_sys_call+0x26f8/0x2e00 [ 56.428396][ T4675] do_syscall_64+0xc9/0x1c0 [ 56.432974][ T4675] ? clear_bhb_loop+0x55/0xb0 [ 56.437663][ T4675] ? clear_bhb_loop+0x55/0xb0 [ 56.442476][ T4675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.448377][ T4675] RIP: 0033:0x7f363c447299 [ 56.452788][ T4675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.472410][ T4675] RSP: 002b:00007f363b0c7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 56.480938][ T4675] RAX: ffffffffffffffda RBX: 00007f363c5d5f80 RCX: 00007f363c447299 [ 56.488929][ T4675] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005 [ 56.496912][ T4675] RBP: 00007f363b0c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 56.504876][ T4675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.512914][ T4675] R13: 000000000000000b R14: 00007f363c5d5f80 R15: 00007ffd2c715798 [ 56.520953][ T4675] [ 56.528882][ T4677] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 56.545155][ T4677] team0: Cannot enslave team device to itself [ 56.551288][ T4677] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 56.585002][ T4681] loop1: detected capacity change from 0 to 512 [ 56.592929][ T4681] EXT4-fs (loop1): orphan cleanup on readonly fs [ 56.598068][ T4539] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 312: padding at end of block bitmap is not set [ 56.601671][ T4681] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 56.629554][ T4681] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 56.636307][ T4681] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz.1.441: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 56.654718][ T4681] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.441: couldn't read orphan inode 13 (err -117) [ 56.717676][ T4689] loop1: detected capacity change from 0 to 256 [ 56.726892][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 56.726904][ T29] audit: type=1400 audit(1721956339.865:333): avc: denied { remount } for pid=4688 comm="syz.1.444" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 56.768908][ T4693] dccp_invalid_packet: P.type (RESET) not Data || [Data]Ack, while P.X == 0 [ 56.896715][ T4704] FAULT_INJECTION: forcing a failure. [ 56.896715][ T4704] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 56.909821][ T4704] CPU: 1 UID: 0 PID: 4704 Comm: syz.2.449 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 56.920115][ T4704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 56.930418][ T4704] Call Trace: [ 56.933695][ T4704] [ 56.936686][ T4704] dump_stack_lvl+0xf2/0x150 [ 56.941271][ T4704] dump_stack+0x15/0x20 [ 56.945435][ T4704] should_fail_ex+0x229/0x230 [ 56.950118][ T4704] should_fail+0xb/0x10 [ 56.954333][ T4704] should_fail_usercopy+0x1a/0x20 [ 56.959353][ T4704] _copy_from_iter+0xd3/0xb00 [ 56.964452][ T4704] ? alloc_pages_mpol_noprof+0xd5/0x1e0 [ 56.970049][ T4704] copy_page_from_iter+0x14f/0x280 [ 56.975210][ T4704] tun_get_user+0x689/0x24b0 [ 56.979878][ T4704] ? kstrtoull+0x110/0x140 [ 56.984296][ T4704] ? ref_tracker_alloc+0x1f5/0x2f0 [ 56.989494][ T4704] tun_chr_write_iter+0x18e/0x240 [ 56.994516][ T4704] vfs_write+0x78f/0x900 [ 56.998814][ T4704] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 57.004357][ T4704] ksys_write+0xeb/0x1b0 [ 57.008636][ T4704] __x64_sys_write+0x42/0x50 [ 57.013366][ T4704] x64_sys_call+0x2a40/0x2e00 [ 57.018050][ T4704] do_syscall_64+0xc9/0x1c0 [ 57.022612][ T4704] ? clear_bhb_loop+0x55/0xb0 [ 57.027295][ T4704] ? clear_bhb_loop+0x55/0xb0 [ 57.032051][ T4704] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.037942][ T4704] RIP: 0033:0x7faa1ae45e1f [ 57.042368][ T4704] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 57.062003][ T4704] RSP: 002b:00007faa19ac7010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 57.070580][ T4704] RAX: ffffffffffffffda RBX: 00007faa1afd5f80 RCX: 00007faa1ae45e1f [ 57.078642][ T4704] RDX: 00000000000000a2 RSI: 0000000020000940 RDI: 00000000000000c8 [ 57.086617][ T4704] RBP: 00007faa19ac70a0 R08: 0000000000000000 R09: 0000000000000000 [ 57.094611][ T4704] R10: 00000000000000a2 R11: 0000000000000293 R12: 0000000000000001 [ 57.102673][ T4704] R13: 000000000000000b R14: 00007faa1afd5f80 R15: 00007fffd42642e8 [ 57.110649][ T4704] [ 57.129149][ T4709] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 57.157467][ C0] eth0: bad gso: type: 1, size: 1408 [ 57.165953][ C0] eth0: bad gso: type: 1, size: 1408 [ 57.177906][ T4713] loop2: detected capacity change from 0 to 512 [ 57.185748][ T4713] EXT4-fs (loop2): orphan cleanup on readonly fs [ 57.192661][ T4713] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 57.207765][ T4713] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 57.214520][ T4713] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.453: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 57.232664][ T4713] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.453: couldn't read orphan inode 13 (err -117) [ 57.233365][ T4715] netlink: 48 bytes leftover after parsing attributes in process `syz.1.452'. [ 57.404634][ T4719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 57.414230][ T4719] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 57.416402][ T4721] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 57.432011][ T4721] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 57.453574][ T4719] loop2: detected capacity change from 0 to 2048 [ 57.762889][ T4736] loop0: detected capacity change from 0 to 2048 [ 57.778841][ T4736] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.790368][ T29] audit: type=1400 audit(1721956340.945:334): avc: denied { mounton } for pid=4735 comm="syz.0.462" path="/101/file1/file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 57.813574][ T29] audit: type=1400 audit(1721956340.945:335): avc: denied { mount } for pid=4735 comm="syz.0.462" name="/" dev="configfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 57.838070][ T29] audit: type=1400 audit(1721956340.945:336): avc: denied { setattr } for pid=4735 comm="syz.0.462" name="/" dev="configfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 57.860081][ T29] audit: type=1400 audit(1721956340.945:337): avc: denied { read } for pid=4735 comm="syz.0.462" name="/" dev="configfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 57.882666][ T29] audit: type=1400 audit(1721956340.945:338): avc: denied { open } for pid=4735 comm="syz.0.462" path="/101/file1/file0" dev="configfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 57.905982][ T29] audit: type=1400 audit(1721956340.945:339): avc: denied { ioctl } for pid=4735 comm="syz.0.462" path="/101/file1/file0" dev="configfs" ino=91 ioctlcmd=0x6687 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 57.937352][ T3257] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /101/file1: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0 [ 57.959206][ T29] audit: type=1400 audit(1721956341.105:340): avc: denied { remove_name } for pid=3257 comm="syz-executor" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 57.983704][ T29] audit: type=1400 audit(1721956341.105:341): avc: denied { rmdir } for pid=3257 comm="syz-executor" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 58.006418][ T29] audit: type=1400 audit(1721956341.105:342): avc: denied { unmount } for pid=3257 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 58.061910][ T4743] loop1: detected capacity change from 0 to 512 [ 58.069601][ T4743] EXT4-fs: Ignoring removed bh option [ 58.076713][ T4743] EXT4-fs error (device loop1): __ext4_iget:4985: inode #15: block 1803188595: comm syz.1.464: invalid block [ 58.090658][ T4743] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.464: couldn't read orphan inode 15 (err -117) [ 58.161786][ T4752] loop1: detected capacity change from 0 to 512 [ 58.176869][ T4752] EXT4-fs (loop1): orphan cleanup on readonly fs [ 58.184236][ T4752] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 58.199240][ T4752] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 58.221776][ T4752] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz.1.466: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 58.240450][ T4752] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.466: couldn't read orphan inode 13 (err -117) [ 58.263562][ T4750] netlink: 5 bytes leftover after parsing attributes in process `syz.0.467'. [ 58.273867][ T4750] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 58.296471][ T4761] netlink: 20 bytes leftover after parsing attributes in process `syz.1.469'. [ 58.318864][ T4761] loop1: detected capacity change from 0 to 1024 [ 58.333912][ T4761] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 58.343715][ T4761] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 58.353631][ T4761] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 58.365592][ T4761] EXT4-fs error (device loop1): ext4_get_journal_inode:5740: inode #5: comm syz.1.469: unexpected bad inode w/o EXT4_IGET_BAD [ 58.379099][ T4761] EXT4-fs (loop1): no journal found [ 58.384389][ T4761] EXT4-fs (loop1): can't get journal size [ 58.597643][ T4775] IPVS: set_ctl: invalid protocol: 59 224.0.0.1:20001 [ 58.772557][ T4781] netlink: 48 bytes leftover after parsing attributes in process `syz.0.475'. [ 58.884850][ T4783] FAULT_INJECTION: forcing a failure. [ 58.884850][ T4783] name failslab, interval 1, probability 0, space 0, times 0 [ 58.897587][ T4783] CPU: 0 UID: 0 PID: 4783 Comm: syz.1.473 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 58.907879][ T4783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 58.918016][ T4783] Call Trace: [ 58.921333][ T4783] [ 58.924259][ T4783] dump_stack_lvl+0xf2/0x150 [ 58.928923][ T4783] dump_stack+0x15/0x20 [ 58.933098][ T4783] should_fail_ex+0x229/0x230 [ 58.937832][ T4783] ? __alloc_skb+0x10b/0x310 [ 58.942486][ T4783] should_failslab+0x8f/0xb0 [ 58.947145][ T4783] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 58.952953][ T4783] __alloc_skb+0x10b/0x310 [ 58.957375][ T4783] netlink_alloc_large_skb+0xad/0xe0 [ 58.962799][ T4783] netlink_sendmsg+0x3b4/0x6e0 [ 58.967632][ T4783] ? __pfx_netlink_sendmsg+0x10/0x10 [ 58.972927][ T4783] __sock_sendmsg+0x140/0x180 [ 58.977891][ T4783] ____sys_sendmsg+0x312/0x410 [ 58.982673][ T4783] __sys_sendmsg+0x1e9/0x280 [ 58.987281][ T4783] __x64_sys_sendmsg+0x46/0x50 [ 58.992086][ T4783] x64_sys_call+0x26f8/0x2e00 [ 58.996883][ T4783] do_syscall_64+0xc9/0x1c0 [ 59.001411][ T4783] ? clear_bhb_loop+0x55/0xb0 [ 59.006121][ T4783] ? clear_bhb_loop+0x55/0xb0 [ 59.010922][ T4783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 59.016838][ T4783] RIP: 0033:0x7f9e5be87299 [ 59.021310][ T4783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 59.041009][ T4783] RSP: 002b:00007f9e5ab07048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 59.049437][ T4783] RAX: ffffffffffffffda RBX: 00007f9e5c015f80 RCX: 00007f9e5be87299 [ 59.057651][ T4783] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000004 [ 59.065716][ T4783] RBP: 00007f9e5ab070a0 R08: 0000000000000000 R09: 0000000000000000 [ 59.073700][ T4783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 59.081738][ T4783] R13: 000000000000000b R14: 00007f9e5c015f80 R15: 00007ffc0db5af58 [ 59.089837][ T4783] [ 59.165462][ T4791] loop2: detected capacity change from 0 to 512 [ 59.175358][ T4791] EXT4-fs (loop2): orphan cleanup on readonly fs [ 59.184295][ T4791] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 59.191914][ T4795] loop1: detected capacity change from 0 to 512 [ 59.200958][ T4791] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 59.210133][ T4795] EXT4-fs: Ignoring removed bh option [ 59.222274][ T4791] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.479: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 59.242021][ T4791] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.479: couldn't read orphan inode 13 (err -117) [ 59.274604][ T4795] EXT4-fs error (device loop1): __ext4_iget:4985: inode #15: block 1803188595: comm syz.1.480: invalid block [ 59.286871][ T4795] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.480: couldn't read orphan inode 15 (err -117) [ 59.369595][ T4799] netlink: 5 bytes leftover after parsing attributes in process `syz.3.481'. [ 59.386534][ T4812] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.389513][ T4799] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 59.396133][ T4812] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.433903][ T4814] loop2: detected capacity change from 0 to 256 [ 59.448640][ T4814] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 59.453235][ T4812] loop1: detected capacity change from 0 to 2048 [ 59.468670][ T4814] team0: Cannot enslave team device to itself [ 59.474988][ T4814] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 59.634915][ T4833] loop3: detected capacity change from 0 to 512 [ 59.652622][ T4833] EXT4-fs (loop3): orphan cleanup on readonly fs [ 59.669094][ T4833] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 59.698721][ T4833] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 59.780897][ T4833] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz.3.492: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 59.800532][ T4833] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.492: couldn't read orphan inode 13 (err -117) [ 59.823931][ T4840] loop0: detected capacity change from 0 to 512 [ 59.831043][ T4840] EXT4-fs: Ignoring removed bh option [ 59.840390][ T4840] EXT4-fs error (device loop0): __ext4_iget:4985: inode #15: block 1803188595: comm syz.0.494: invalid block [ 59.852761][ T4840] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.494: couldn't read orphan inode 15 (err -117) [ 59.885084][ T4843] loop3: detected capacity change from 0 to 512 [ 59.893080][ T4843] EXT4-fs: Ignoring removed bh option [ 59.953262][ T4843] EXT4-fs error (device loop3): __ext4_iget:4985: inode #15: block 1803188595: comm syz.3.495: invalid block [ 60.004102][ T4843] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.495: couldn't read orphan inode 15 (err -117) [ 60.187025][ T4853] FAULT_INJECTION: forcing a failure. [ 60.187025][ T4853] name failslab, interval 1, probability 0, space 0, times 0 [ 60.199809][ T4853] CPU: 1 UID: 0 PID: 4853 Comm: syz.3.498 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 60.210052][ T4853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 60.220106][ T4853] Call Trace: [ 60.223425][ T4853] [ 60.226360][ T4853] dump_stack_lvl+0xf2/0x150 [ 60.231049][ T4853] dump_stack+0x15/0x20 [ 60.235219][ T4853] should_fail_ex+0x229/0x230 [ 60.239938][ T4853] ? tty_open+0x80/0xb00 [ 60.244223][ T4853] should_failslab+0x8f/0xb0 [ 60.248864][ T4853] __kmalloc_cache_noprof+0x4b/0x2a0 [ 60.254161][ T4853] tty_open+0x80/0xb00 [ 60.258270][ T4853] ? __pfx_exact_match+0x10/0x10 [ 60.263308][ T4853] chrdev_open+0x323/0x3a0 [ 60.267808][ T4853] ? __pfx_chrdev_open+0x10/0x10 [ 60.272906][ T4853] do_dentry_open+0x647/0xa50 [ 60.277614][ T4853] ? kmem_cache_alloc_noprof+0x10c/0x290 [ 60.283296][ T4853] vfs_open+0x3b/0x1f0 [ 60.287393][ T4853] dentry_open+0x4a/0x90 [ 60.291706][ T4853] ptm_open_peer+0x117/0x180 [ 60.296349][ T4853] tty_ioctl+0x62c/0xbe0 [ 60.300611][ T4853] ? __pfx_tty_ioctl+0x10/0x10 [ 60.305392][ T4853] __se_sys_ioctl+0xd3/0x150 [ 60.310130][ T4853] __x64_sys_ioctl+0x43/0x50 [ 60.314737][ T4853] x64_sys_call+0x1688/0x2e00 [ 60.319445][ T4853] do_syscall_64+0xc9/0x1c0 [ 60.323967][ T4853] ? clear_bhb_loop+0x55/0xb0 [ 60.328655][ T4853] ? clear_bhb_loop+0x55/0xb0 [ 60.333354][ T4853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.339282][ T4853] RIP: 0033:0x7f363c447299 [ 60.343688][ T4853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.363373][ T4853] RSP: 002b:00007f363b0c7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 60.371897][ T4853] RAX: ffffffffffffffda RBX: 00007f363c5d5f80 RCX: 00007f363c447299 [ 60.379969][ T4853] RDX: 0000000000000000 RSI: 0000000000005441 RDI: 0000000000000003 [ 60.388024][ T4853] RBP: 00007f363b0c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 60.396023][ T4853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 60.404156][ T4853] R13: 000000000000000b R14: 00007f363c5d5f80 R15: 00007ffd2c715798 [ 60.412278][ T4853] [ 60.446425][ T4863] netlink: 'syz.0.501': attribute type 1 has an invalid length. [ 60.455130][ T4856] netlink: 5 bytes leftover after parsing attributes in process `syz.1.499'. [ 60.466940][ T4856] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 60.488502][ T4867] netlink: 48 bytes leftover after parsing attributes in process `syz.3.500'. [ 60.488695][ T4863] netlink: 'syz.0.501': attribute type 10 has an invalid length. [ 60.514190][ T4869] loop1: detected capacity change from 0 to 256 [ 60.537221][ T4863] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.545140][ T4863] team0: Port device batadv0 added [ 60.553702][ T4869] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 60.571739][ T4871] FAULT_INJECTION: forcing a failure. [ 60.571739][ T4871] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 60.585063][ T4871] CPU: 0 UID: 0 PID: 4871 Comm: syz.2.503 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 60.595450][ T4871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 60.605499][ T4871] Call Trace: [ 60.608766][ T4871] [ 60.611688][ T4871] dump_stack_lvl+0xf2/0x150 [ 60.616277][ T4871] dump_stack+0x15/0x20 [ 60.620428][ T4871] should_fail_ex+0x229/0x230 [ 60.625157][ T4871] should_fail_alloc_page+0xfd/0x110 [ 60.630460][ T4871] __alloc_pages_noprof+0x109/0x360 [ 60.635673][ T4871] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 60.641099][ T4871] alloc_pages_noprof+0xe1/0x100 [ 60.646030][ T4871] __pmd_alloc+0x4b/0x3c0 [ 60.650433][ T4871] handle_mm_fault+0x1915/0x2940 [ 60.655405][ T4871] exc_page_fault+0x296/0x650 [ 60.660078][ T4871] asm_exc_page_fault+0x26/0x30 [ 60.664946][ T4871] RIP: 0010:rep_movs_alternative+0x33/0x70 [ 60.670776][ T4871] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb [ 60.690516][ T4871] RSP: 0018:ffffc9000137fe60 EFLAGS: 00050212 [ 60.696582][ T4871] RAX: 0000000000000000 RBX: 0000000020000400 RCX: 0000000000000010 [ 60.704555][ T4871] RDX: 0000000000000000 RSI: ffffc9000137fe90 RDI: 0000000020000400 [ 60.712528][ T4871] RBP: ffffc9000137ff48 R08: 0000000080000000 R09: 0000000000000000 [ 60.720568][ T4871] R10: 0001c9000137fe90 R11: 0001c9000137fe9f R12: 0000000020000410 [ 60.728537][ T4871] R13: 0000000000000000 R14: 0000000000000010 R15: ffffc9000137fe90 [ 60.736559][ T4871] _copy_to_user+0x77/0xa0 [ 60.741060][ T4871] put_timespec64+0x64/0xb0 [ 60.745615][ T4871] __x64_sys_clock_gettime+0x138/0x180 [ 60.751078][ T4871] x64_sys_call+0x676/0x2e00 [ 60.755715][ T4871] do_syscall_64+0xc9/0x1c0 [ 60.760264][ T4871] ? clear_bhb_loop+0x55/0xb0 [ 60.765052][ T4871] ? clear_bhb_loop+0x55/0xb0 [ 60.769743][ T4871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.775652][ T4871] RIP: 0033:0x7faa1ae47299 [ 60.780073][ T4871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.799686][ T4871] RSP: 002b:00007faa19ac7048 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4 [ 60.808118][ T4871] RAX: ffffffffffffffda RBX: 00007faa1afd5f80 RCX: 00007faa1ae47299 [ 60.816130][ T4871] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000002 [ 60.824097][ T4871] RBP: 00007faa19ac70a0 R08: 0000000000000000 R09: 0000000000000000 [ 60.832121][ T4871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 60.840175][ T4871] R13: 000000000000000b R14: 00007faa1afd5f80 R15: 00007fffd42642e8 [ 60.848222][ T4871] [ 60.876201][ T4869] team0: Cannot enslave team device to itself [ 60.882403][ T4869] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 60.942316][ T4880] loop2: detected capacity change from 0 to 512 [ 60.948961][ T4880] EXT4-fs: Ignoring removed bh option [ 60.955621][ T4880] EXT4-fs error (device loop2): __ext4_iget:4985: inode #15: block 1803188595: comm syz.2.507: invalid block [ 60.968507][ T4880] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.507: couldn't read orphan inode 15 (err -117) [ 61.110312][ T4900] loop2: detected capacity change from 0 to 1024 [ 61.131679][ T4902] SELinux: Context : is not valid (left unmapped). [ 61.251516][ T4914] loop2: detected capacity change from 0 to 512 [ 61.258500][ T4914] EXT4-fs: Ignoring removed bh option [ 61.277923][ T4916] loop0: detected capacity change from 0 to 256 [ 61.307119][ T4916] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 61.328474][ T4916] team0: Cannot enslave team device to itself [ 61.334661][ T4916] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 61.389883][ T4914] EXT4-fs error (device loop2): __ext4_iget:4985: inode #15: block 1803188595: comm syz.2.519: invalid block [ 61.405442][ T4914] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.519: couldn't read orphan inode 15 (err -117) [ 61.608719][ T4930] loop0: detected capacity change from 0 to 512 [ 61.615232][ T4930] EXT4-fs: Ignoring removed orlov option [ 61.628897][ T4930] ext4 filesystem being mounted at /119/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 61.642266][ T4930] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 61.680698][ T4936] syzkaller1: entered promiscuous mode [ 61.686226][ T4936] syzkaller1: entered allmulticast mode [ 61.695537][ T3257] EXT4-fs error (device loop0): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /119/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 61.699828][ T4938] loop3: detected capacity change from 0 to 2048 [ 61.732989][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 61.733003][ T29] audit: type=1400 audit(1721956344.875:351): avc: denied { connect } for pid=4937 comm="syz.3.526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 61.758839][ T29] audit: type=1400 audit(1721956344.875:352): avc: denied { read } for pid=4937 comm="syz.3.526" path="socket:[9811]" dev="sockfs" ino=9811 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 61.837620][ T4943] EXT4-fs error (device loop3): ext4_read_inline_dir:1564: inode #12: block 9: comm syz.3.526: path /117/file0/file0: bad entry in directory: rec_len % 4 != 0 - offset=24, inode=13, rec_len=21, size=80 fake=0 [ 61.860431][ T4943] EXT4-fs (loop3): Remounting filesystem read-only [ 62.040596][ T29] audit: type=1400 audit(1721956345.175:353): avc: denied { view } for pid=4955 comm="syz.1.534" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 62.048917][ T4959] netlink: 48 bytes leftover after parsing attributes in process `syz.2.532'. [ 62.166521][ T4962] sctp: [Deprecated]: syz.1.535 (pid 4962) Use of int in max_burst socket option deprecated. [ 62.166521][ T4962] Use struct sctp_assoc_value instead [ 62.551037][ T4964] loop3: detected capacity change from 0 to 512 [ 62.559719][ T4964] EXT4-fs (loop3): orphan cleanup on readonly fs [ 62.566833][ T4964] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 62.583639][ T4964] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 62.590647][ T4964] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz.3.536: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 62.609853][ T4964] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.536: couldn't read orphan inode 13 (err -117) [ 62.721183][ T29] audit: type=1400 audit(1721956345.865:354): avc: denied { write } for pid=4971 comm="syz.3.539" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 63.788270][ T4993] loop2: detected capacity change from 0 to 256 [ 63.817185][ T4995] loop3: detected capacity change from 0 to 512 [ 63.854801][ T4995] EXT4-fs (loop3): orphan cleanup on readonly fs [ 63.871122][ T4995] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 63.888765][ T4995] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 63.912412][ T4995] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz.3.548: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 63.963420][ T4995] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.548: couldn't read orphan inode 13 (err -117) [ 64.029577][ T5010] FAULT_INJECTION: forcing a failure. [ 64.029577][ T5010] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 64.042765][ T5010] CPU: 0 UID: 0 PID: 5010 Comm: syz.1.552 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 64.053081][ T5010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 64.063154][ T5010] Call Trace: [ 64.066557][ T5010] [ 64.069504][ T5010] dump_stack_lvl+0xf2/0x150 [ 64.074189][ T5010] dump_stack+0x15/0x20 [ 64.078375][ T5010] should_fail_ex+0x229/0x230 [ 64.083175][ T5010] should_fail+0xb/0x10 [ 64.087366][ T5010] should_fail_usercopy+0x1a/0x20 [ 64.092453][ T5010] _copy_to_user+0x1e/0xa0 [ 64.096895][ T5010] simple_read_from_buffer+0xa0/0x110 [ 64.102293][ T5010] proc_fail_nth_read+0xfc/0x140 [ 64.107325][ T5010] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 64.112962][ T5010] vfs_read+0x1a2/0x6e0 [ 64.117145][ T5010] ? __rcu_read_unlock+0x4e/0x70 [ 64.122089][ T5010] ? __fget_files+0x1da/0x210 [ 64.126771][ T5010] ksys_read+0xeb/0x1b0 [ 64.130943][ T5010] __x64_sys_read+0x42/0x50 [ 64.135479][ T5010] x64_sys_call+0x2a36/0x2e00 [ 64.140181][ T5010] do_syscall_64+0xc9/0x1c0 [ 64.144726][ T5010] ? clear_bhb_loop+0x55/0xb0 [ 64.149424][ T5010] ? clear_bhb_loop+0x55/0xb0 [ 64.154117][ T5010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.160025][ T5010] RIP: 0033:0x7f9e5be85d7c [ 64.164543][ T5010] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 64.184379][ T5010] RSP: 002b:00007f9e5ab07040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 64.192918][ T5010] RAX: ffffffffffffffda RBX: 00007f9e5c015f80 RCX: 00007f9e5be85d7c [ 64.200958][ T5010] RDX: 000000000000000f RSI: 00007f9e5ab070b0 RDI: 0000000000000004 [ 64.208937][ T5010] RBP: 00007f9e5ab070a0 R08: 0000000000000000 R09: 0000000000000000 [ 64.216906][ T5010] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 64.224915][ T5010] R13: 000000000000000b R14: 00007f9e5c015f80 R15: 00007ffc0db5af58 [ 64.232919][ T5010] [ 64.370832][ T5018] loop1: detected capacity change from 0 to 256 [ 64.401496][ T5018] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 64.432290][ T5023] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 64.443470][ T29] audit: type=1400 audit(1721956347.575:355): avc: denied { mounton } for pid=5022 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 64.467897][ T5018] team0: Cannot enslave team device to itself [ 64.473987][ T5018] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 64.490318][ T5023] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 64.511051][ T5023] loop2: detected capacity change from 0 to 2048 [ 64.590950][ T29] audit: type=1400 audit(1721956347.735:356): avc: denied { read } for pid=5032 comm="iou-wrk-5036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 64.639341][ T50] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.727933][ T5045] loop1: detected capacity change from 0 to 512 [ 64.735587][ T50] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.757711][ T5045] EXT4-fs: Ignoring removed orlov option [ 64.770058][ T5045] EXT4-fs: Ignoring removed nomblk_io_submit option [ 64.785566][ T29] audit: type=1400 audit(1721956347.925:357): avc: denied { write } for pid=3337 comm="kworker/0:4" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=9157 scontext=system_u:system_r:kernel_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 64.830167][ T50] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.844250][ T5045] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 64.860276][ T5022] chnl_net:caif_netlink_parms(): no params data found [ 64.872271][ T5045] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 64.880549][ T5045] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e118, mo2=0102] [ 64.916431][ T5045] EXT4-fs (loop1): orphan cleanup on readonly fs [ 64.929612][ T50] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.943426][ T5045] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0 [ 64.954002][ T5059] netlink: 348 bytes leftover after parsing attributes in process `syz.3.566'. [ 64.965611][ T5045] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 64.980448][ T5045] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 65.010225][ T5045] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.563: bg 0: block 40: padding at end of block bitmap is not set [ 65.024480][ T5022] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.029930][ T29] audit: type=1400 audit(1721956348.175:358): avc: denied { search } for pid=2997 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 65.031564][ T5022] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.052667][ T29] audit: type=1400 audit(1721956348.175:359): avc: denied { read } for pid=2997 comm="dhcpcd" name="n25" dev="tmpfs" ino=3873 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 65.097463][ T5045] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 65.118977][ T5045] EXT4-fs (loop1): 1 truncate cleaned up [ 65.167360][ T5022] bridge_slave_0: entered allmulticast mode [ 65.184126][ T5022] bridge_slave_0: entered promiscuous mode [ 65.208471][ T50] bridge_slave_1: left allmulticast mode [ 65.214179][ T50] bridge_slave_1: left promiscuous mode [ 65.219961][ T50] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.249382][ T50] bridge_slave_0: left allmulticast mode [ 65.255084][ T50] bridge_slave_0: left promiscuous mode [ 65.260875][ T50] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.381743][ T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 65.401129][ T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 65.411250][ T50] bond0 (unregistering): Released all slaves [ 65.421153][ T5022] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.428250][ T5022] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.435569][ T5022] bridge_slave_1: entered allmulticast mode [ 65.443142][ T5022] bridge_slave_1: entered promiscuous mode [ 65.477076][ T5022] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.491774][ T50] hsr_slave_0: left promiscuous mode [ 65.497735][ T50] hsr_slave_1: left promiscuous mode [ 65.503610][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 65.511116][ T50] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 65.518815][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 65.526278][ T50] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 65.536996][ T50] veth1_macvtap: left promiscuous mode [ 65.542543][ T50] veth0_macvtap: left promiscuous mode [ 65.548062][ T50] veth1_vlan: left promiscuous mode [ 65.553303][ T50] veth0_vlan: left promiscuous mode [ 65.718910][ T50] team0 (unregistering): Port device team_slave_1 removed [ 65.729037][ T50] team0 (unregistering): Port device team_slave_0 removed [ 65.770981][ T5098] loop1: detected capacity change from 0 to 512 [ 65.785433][ T5022] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.797844][ T5098] EXT4-fs: Ignoring removed bh option [ 65.830289][ T5098] EXT4-fs error (device loop1): __ext4_iget:4985: inode #15: block 1803188595: comm syz.1.574: invalid block [ 65.850418][ T5022] team0: Port device team_slave_0 added [ 65.867483][ T5022] team0: Port device team_slave_1 added [ 65.877633][ T5112] loop2: detected capacity change from 0 to 256 [ 65.884527][ T5098] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.574: couldn't read orphan inode 15 (err -117) [ 65.933598][ T5022] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.940639][ T5022] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.967045][ T5022] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.982451][ T5022] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.989452][ T5022] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.015385][ T5022] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.069014][ T5022] hsr_slave_0: entered promiscuous mode [ 66.092634][ T5121] netlink: 348 bytes leftover after parsing attributes in process `syz.1.576'. [ 66.113667][ T5022] hsr_slave_1: entered promiscuous mode [ 66.116034][ T5125] loop2: detected capacity change from 0 to 764 [ 66.138811][ T5022] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.150300][ T5022] Cannot create hsr debugfs directory [ 66.223656][ T5137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 66.287502][ T5137] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 66.359025][ T5150] loop2: detected capacity change from 0 to 512 [ 66.364648][ T5151] loop3: detected capacity change from 0 to 256 [ 66.374679][ T5150] EXT4-fs (loop2): orphan cleanup on readonly fs [ 66.382469][ T5150] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 66.398552][ T5150] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 66.399218][ T5151] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 66.425058][ T5150] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.583: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 66.470231][ T5150] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.583: couldn't read orphan inode 13 (err -117) [ 66.484611][ T5151] team0: Cannot enslave team device to itself [ 66.490769][ T5151] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 66.622925][ T5022] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 66.640900][ T5022] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 66.649095][ T5162] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 66.668859][ T5022] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 66.687737][ T5022] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 66.709254][ T5169] loop3: detected capacity change from 0 to 256 [ 66.753964][ T5022] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.782183][ T5022] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.795769][ T980] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.802962][ T980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.826418][ T5022] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 66.836905][ T5022] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.854492][ T980] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.861686][ T980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.908999][ T5185] netlink: 348 bytes leftover after parsing attributes in process `syz.2.590'. [ 66.989665][ T5194] netlink: 8 bytes leftover after parsing attributes in process `syz.1.591'. [ 67.014639][ T5022] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.062791][ T5211] netlink: 48 bytes leftover after parsing attributes in process `syz.2.592'. [ 67.073074][ T5213] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 67.102859][ T5213] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 67.263337][ T5022] veth0_vlan: entered promiscuous mode [ 67.284653][ T5022] veth1_vlan: entered promiscuous mode [ 67.318718][ T5022] veth0_macvtap: entered promiscuous mode [ 67.337120][ T5022] veth1_macvtap: entered promiscuous mode [ 67.362327][ T5022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.372895][ T5022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.410048][ T5022] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.432265][ T5022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.442775][ T5022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.452738][ T5022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.463216][ T5022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.473220][ T5022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.483718][ T5022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.496514][ T5022] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.506676][ T5022] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.515474][ T5022] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.524235][ T5022] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.532969][ T5022] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.556904][ T29] kauditd_printk_skb: 17 callbacks suppressed [ 67.556919][ T29] audit: type=1400 audit(1721956350.695:377): avc: denied { mount } for pid=5022 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 67.872759][ T5279] loop2: detected capacity change from 0 to 256 [ 67.916478][ T5285] loop4: detected capacity change from 0 to 2048 [ 67.928800][ T5285] EXT4-fs mount: 53 callbacks suppressed [ 67.928816][ T5285] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.958101][ T5282] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 67.965803][ T29] audit: type=1400 audit(1721956351.105:378): avc: denied { execute } for pid=5287 comm="syz.1.602" dev="tmpfs" ino=1116 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 68.006639][ T5288] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.013892][ T5288] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.024503][ T5022] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.277136][ T5311] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 68.334335][ T5308] loop1: detected capacity change from 0 to 512 [ 68.342407][ T29] audit: type=1400 audit(1721956351.495:379): avc: denied { mounton } for pid=5306 comm="syz.1.608" path="/145/bus" dev="tmpfs" ino=810 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 68.381086][ T5308] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.395649][ T5322] netlink: 48 bytes leftover after parsing attributes in process `syz.4.610'. [ 68.397965][ T5308] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 68.416398][ T5308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.442120][ T5308] capability: warning: `syz.1.608' uses deprecated v2 capabilities in a way that may be insecure [ 68.545325][ T5329] sctp: [Deprecated]: syz.3.612 (pid 5329) Use of int in max_burst socket option deprecated. [ 68.545325][ T5329] Use struct sctp_assoc_value instead [ 68.865455][ T5331] loop2: detected capacity change from 0 to 256 [ 68.876258][ T5331] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 68.913712][ T5331] team0: Cannot enslave team device to itself [ 68.919857][ T5331] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 69.114917][ T5336] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.122113][ T5336] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.241329][ T5348] 9pnet_fd: Insufficient options for proto=fd [ 69.272535][ T29] audit: type=1400 audit(1721956352.415:380): avc: denied { create } for pid=5343 comm="syz.3.619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 69.292083][ T29] audit: type=1400 audit(1721956352.415:381): avc: denied { getopt } for pid=5343 comm="syz.3.619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 69.330340][ T5353] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 69.350844][ T5353] loop2: detected capacity change from 0 to 512 [ 69.388247][ T5359] netlink: 320 bytes leftover after parsing attributes in process `syz.4.624'. [ 69.411359][ T5353] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.450812][ T5353] ext4 filesystem being mounted at /132/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 69.466252][ T5353] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.539409][ T5373] sctp: [Deprecated]: syz.4.627 (pid 5373) Use of int in max_burst socket option deprecated. [ 69.539409][ T5373] Use struct sctp_assoc_value instead [ 69.577562][ T5375] netlink: 48 bytes leftover after parsing attributes in process `syz.2.628'. [ 69.659104][ T5379] sctp: [Deprecated]: syz.4.630 (pid 5379) Use of int in max_burst socket option deprecated. [ 69.659104][ T5379] Use struct sctp_assoc_value instead [ 69.687757][ T5383] 9pnet_fd: Insufficient options for proto=fd [ 69.741033][ T5385] loop4: detected capacity change from 0 to 1024 [ 69.768176][ T5385] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.810345][ T5385] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.633: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 69.832102][ T5396] loop3: detected capacity change from 0 to 512 [ 69.841831][ T5396] EXT4-fs (loop3): orphan cleanup on readonly fs [ 69.851342][ T5393] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.633: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 69.871737][ T5396] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 69.892086][ T5396] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 69.900495][ T5396] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz.3.637: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 69.920247][ T5396] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.637: couldn't read orphan inode 13 (err -117) [ 69.932904][ T5396] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 69.958888][ T5022] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.997181][ T3260] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.134390][ T5405] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 70.148494][ T5405] loop4: detected capacity change from 0 to 512 [ 70.161424][ T5405] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.174469][ T5405] ext4 filesystem being mounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 70.211082][ T5405] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.254057][ T5416] loop1: detected capacity change from 0 to 256 [ 70.278591][ T5414] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 70.293068][ T5416] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 70.324389][ T5416] team0: Cannot enslave team device to itself [ 70.330578][ T5416] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 70.345716][ T5423] 9pnet_fd: Insufficient options for proto=fd [ 70.418243][ T5424] sctp: [Deprecated]: syz.3.644 (pid 5424) Use of int in max_burst socket option deprecated. [ 70.418243][ T5424] Use struct sctp_assoc_value instead [ 70.530942][ T5441] netlink: 320 bytes leftover after parsing attributes in process `syz.1.652'. [ 70.601582][ T5446] FAULT_INJECTION: forcing a failure. [ 70.601582][ T5446] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 70.614766][ T5446] CPU: 1 UID: 0 PID: 5446 Comm: syz.4.655 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 70.625019][ T5446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 70.635121][ T5446] Call Trace: [ 70.638465][ T5446] [ 70.641388][ T5446] dump_stack_lvl+0xf2/0x150 [ 70.645991][ T5446] dump_stack+0x15/0x20 [ 70.650187][ T5446] should_fail_ex+0x229/0x230 [ 70.654944][ T5446] should_fail+0xb/0x10 [ 70.659117][ T5446] should_fail_usercopy+0x1a/0x20 [ 70.664269][ T5446] _copy_to_user+0x1e/0xa0 [ 70.668968][ T5446] simple_read_from_buffer+0xa0/0x110 [ 70.674513][ T5446] proc_fail_nth_read+0xfc/0x140 [ 70.679552][ T5446] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 70.685139][ T5446] vfs_read+0x1a2/0x6e0 [ 70.689403][ T5446] ? __rcu_read_unlock+0x4e/0x70 [ 70.694414][ T5446] ? __fget_files+0x1da/0x210 [ 70.699203][ T5446] ksys_read+0xeb/0x1b0 [ 70.703382][ T5446] __x64_sys_read+0x42/0x50 [ 70.707935][ T5446] x64_sys_call+0x2a36/0x2e00 [ 70.712628][ T5446] do_syscall_64+0xc9/0x1c0 [ 70.717144][ T5446] ? clear_bhb_loop+0x55/0xb0 [ 70.721830][ T5446] ? clear_bhb_loop+0x55/0xb0 [ 70.726572][ T5446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.732482][ T5446] RIP: 0033:0x7f1070745d7c [ 70.736897][ T5446] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 70.756524][ T5446] RSP: 002b:00007f106f3c7040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 70.765035][ T5446] RAX: ffffffffffffffda RBX: 00007f10708d5f80 RCX: 00007f1070745d7c [ 70.773014][ T5446] RDX: 000000000000000f RSI: 00007f106f3c70b0 RDI: 0000000000000004 [ 70.781142][ T5446] RBP: 00007f106f3c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 70.789228][ T5446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.797310][ T5446] R13: 000000000000000b R14: 00007f10708d5f80 R15: 00007ffcead1dc08 [ 70.805298][ T5446] [ 70.853341][ T5447] sctp: [Deprecated]: syz.1.654 (pid 5447) Use of int in max_burst socket option deprecated. [ 70.853341][ T5447] Use struct sctp_assoc_value instead [ 70.943345][ T5452] netlink: 48 bytes leftover after parsing attributes in process `syz.4.657'. [ 71.204267][ T5454] 9pnet_fd: Insufficient options for proto=fd [ 71.306420][ T5462] netlink: 12 bytes leftover after parsing attributes in process `syz.3.662'. [ 71.315324][ T5462] tipc: Started in network mode [ 71.320354][ T5462] tipc: Node identity 40170020000000006e, cluster identity 8 [ 71.360470][ T5464] loop3: detected capacity change from 0 to 256 [ 71.376097][ T5464] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 71.403963][ T5464] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 71.532345][ T5473] loop2: detected capacity change from 0 to 512 [ 71.538986][ T5473] EXT4-fs: Ignoring removed bh option [ 71.546722][ T5473] EXT4-fs error (device loop2): __ext4_iget:4985: inode #15: block 1803188595: comm syz.2.667: invalid block [ 71.566170][ T5473] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.667: couldn't read orphan inode 15 (err -117) [ 71.586913][ T5473] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.615009][ T3256] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.641504][ T5478] loop1: detected capacity change from 0 to 512 [ 71.648589][ T5476] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 71.660634][ T5478] EXT4-fs (loop1): orphan cleanup on readonly fs [ 71.668859][ T5478] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 71.685940][ T5478] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 71.706489][ T5478] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz.1.670: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 71.742812][ T5482] sctp: [Deprecated]: syz.2.669 (pid 5482) Use of int in max_burst socket option deprecated. [ 71.742812][ T5482] Use struct sctp_assoc_value instead [ 71.765767][ T5478] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.670: couldn't read orphan inode 13 (err -117) [ 71.786701][ T5478] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 71.858697][ T3262] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.909746][ T5501] netlink: 320 bytes leftover after parsing attributes in process `syz.3.677'. [ 71.964265][ T5512] loop1: detected capacity change from 0 to 512 [ 71.978141][ T5512] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #12: comm syz.1.678: corrupted in-inode xattr: invalid ea_ino [ 71.991763][ T5512] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.678: couldn't read orphan inode 12 (err -117) [ 71.992696][ T5506] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.010703][ T5506] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.019347][ T5512] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.060454][ T3257] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.074968][ T5519] sctp: [Deprecated]: syz.3.681 (pid 5519) Use of int in max_burst socket option deprecated. [ 72.074968][ T5519] Use struct sctp_assoc_value instead [ 72.096193][ T3262] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 72.146785][ T5526] loop2: detected capacity change from 0 to 512 [ 72.166419][ T5526] EXT4-fs (loop2): orphan cleanup on readonly fs [ 72.179057][ T5526] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 72.203524][ T5526] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 72.210583][ T5526] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.685: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 72.229170][ T5533] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 72.243765][ T5526] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.685: couldn't read orphan inode 13 (err -117) [ 72.246786][ T5490] chnl_net:caif_netlink_parms(): no params data found [ 72.256301][ T5526] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 72.284947][ T29] audit: type=1400 audit(1721956355.425:382): avc: denied { getopt } for pid=5527 comm="syz.1.684" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 72.305068][ T3256] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.351852][ T5490] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.359122][ T5490] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.366596][ T5490] bridge_slave_0: entered allmulticast mode [ 72.373527][ T5490] bridge_slave_0: entered promiscuous mode [ 72.380819][ T5490] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.387957][ T5490] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.395111][ T5490] bridge_slave_1: entered allmulticast mode [ 72.403140][ T5490] bridge_slave_1: entered promiscuous mode [ 72.412292][ T5555] netlink: 320 bytes leftover after parsing attributes in process `syz.2.693'. [ 72.443274][ T5557] loop3: detected capacity change from 0 to 512 [ 72.450389][ T5490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.467704][ T5490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.479582][ T5557] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #12: comm syz.3.694: corrupted in-inode xattr: invalid ea_ino [ 72.497039][ T5562] loop2: detected capacity change from 0 to 256 [ 72.509512][ T5490] team0: Port device team_slave_0 added [ 72.514316][ T5557] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.694: couldn't read orphan inode 12 (err -117) [ 72.529662][ T5490] team0: Port device team_slave_1 added [ 72.530229][ T5562] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 72.546328][ T5557] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.565265][ T5559] sctp: [Deprecated]: syz.4.695 (pid 5559) Use of int in max_burst socket option deprecated. [ 72.565265][ T5559] Use struct sctp_assoc_value instead [ 72.584259][ T5490] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.591315][ T5490] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.617689][ T5490] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.632082][ T5562] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 72.648574][ T5490] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.655533][ T5490] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.682070][ T5490] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.694545][ T3260] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 72.733225][ T5573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 72.739620][ T5574] netlink: 320 bytes leftover after parsing attributes in process `syz.1.700'. [ 72.743736][ T5573] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 72.773235][ T5573] loop3: detected capacity change from 0 to 2048 [ 72.790569][ T5490] hsr_slave_0: entered promiscuous mode [ 72.804723][ T5490] hsr_slave_1: entered promiscuous mode [ 72.814958][ T5490] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.822753][ T5490] Cannot create hsr debugfs directory [ 72.887843][ T5581] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 72.916508][ T29] audit: type=1400 audit(1721956356.055:383): avc: denied { connect } for pid=5587 comm="syz.1.707" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 72.936100][ T29] audit: type=1400 audit(1721956356.055:384): avc: denied { name_connect } for pid=5587 comm="syz.1.707" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 72.958256][ T5490] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.014868][ T5594] loop1: detected capacity change from 0 to 2048 [ 73.022607][ T5490] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.047628][ T5594] loop1: p1 p2 < > p3 p4 < p5 > [ 73.052584][ T5594] loop1: partition table partially beyond EOD, truncated [ 73.059759][ T5594] loop1: p1 start 2305 is beyond EOD, truncated [ 73.066060][ T5594] loop1: p2 start 4294902784 is beyond EOD, truncated [ 73.072966][ T5594] loop1: p3 start 4278191616 is beyond EOD, truncated [ 73.081027][ T5594] loop1: p5 start 2305 is beyond EOD, truncated [ 73.090794][ T5490] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.093538][ T2959] loop1: p1 p2 < > p3 p4 < p5 > [ 73.106145][ T2959] loop1: partition table partially beyond EOD, truncated [ 73.113428][ T2959] loop1: p1 start 2305 is beyond EOD, truncated [ 73.119701][ T2959] loop1: p2 start 4294902784 is beyond EOD, truncated [ 73.126466][ T2959] loop1: p3 start 4278191616 is beyond EOD, truncated [ 73.133742][ T2959] loop1: p5 start 2305 is beyond EOD, truncated [ 73.165429][ T5490] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.175648][ T5598] loop2: detected capacity change from 0 to 256 [ 73.182481][ T3249] udevd[3249]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 73.187653][ T5598] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 73.221677][ T29] audit: type=1400 audit(1721956356.365:385): avc: denied { mounton } for pid=5597 comm="syz.2.710" path="/151/file0/bus" dev="loop2" ino=30 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1 [ 73.252660][ T5602] netlink: 48 bytes leftover after parsing attributes in process `syz.1.712'. [ 73.261707][ T5602] netlink: 8 bytes leftover after parsing attributes in process `syz.1.712'. [ 73.263141][ T5490] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.281875][ T5490] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.293905][ T5490] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.300273][ T5604] loop1: detected capacity change from 0 to 512 [ 73.314324][ T5604] EXT4-fs (loop1): orphan cleanup on readonly fs [ 73.321887][ T5490] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.329744][ T5607] netlink: 320 bytes leftover after parsing attributes in process `syz.3.714'. [ 73.337311][ T5604] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 73.353593][ T5604] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 73.389450][ T5604] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz.1.713: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 73.400100][ T5490] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.415750][ T5604] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.713: couldn't read orphan inode 13 (err -117) [ 73.430296][ T5604] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 73.431078][ T5611] loop3: detected capacity change from 0 to 256 [ 73.452179][ T5490] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.463986][ T3338] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.471183][ T3338] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.480057][ T5611] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 73.488707][ T3337] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.497646][ T3337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.505490][ T5611] FAULT_INJECTION: forcing a failure. [ 73.505490][ T5611] name failslab, interval 1, probability 0, space 0, times 0 [ 73.515274][ T5490] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 73.518125][ T5611] CPU: 1 UID: 0 PID: 5611 Comm: syz.3.716 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 73.528433][ T5490] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 73.549022][ T5611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 73.559084][ T5611] Call Trace: [ 73.562381][ T5611] [ 73.565323][ T5611] dump_stack_lvl+0xf2/0x150 [ 73.570121][ T5611] dump_stack+0x15/0x20 [ 73.574306][ T5611] should_fail_ex+0x229/0x230 [ 73.579147][ T5611] ? __alloc_skb+0x10b/0x310 [ 73.583798][ T5611] should_failslab+0x8f/0xb0 [ 73.588453][ T5611] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 73.594349][ T5611] __alloc_skb+0x10b/0x310 [ 73.594938][ T5490] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.598820][ T5611] netlink_alloc_large_skb+0xad/0xe0 [ 73.610899][ T5611] netlink_sendmsg+0x3b4/0x6e0 [ 73.615705][ T5611] ? __pfx_netlink_sendmsg+0x10/0x10 [ 73.620999][ T5611] __sock_sendmsg+0x140/0x180 [ 73.625754][ T5611] ____sys_sendmsg+0x312/0x410 [ 73.630613][ T5611] __sys_sendmsg+0x1e9/0x280 [ 73.635220][ T5611] __x64_sys_sendmsg+0x46/0x50 [ 73.640063][ T5611] x64_sys_call+0x26f8/0x2e00 [ 73.644871][ T5611] do_syscall_64+0xc9/0x1c0 [ 73.649400][ T5611] ? clear_bhb_loop+0x55/0xb0 [ 73.654108][ T5611] ? clear_bhb_loop+0x55/0xb0 [ 73.658838][ T5611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.665136][ T5611] RIP: 0033:0x7f363c447299 [ 73.669590][ T5611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.682984][ T5490] veth0_vlan: entered promiscuous mode [ 73.689286][ T5611] RSP: 002b:00007f363b0c7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 73.698122][ T5490] veth1_vlan: entered promiscuous mode [ 73.703227][ T5611] RAX: ffffffffffffffda RBX: 00007f363c5d5f80 RCX: 00007f363c447299 [ 73.716694][ T5611] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000015 [ 73.724709][ T5611] RBP: 00007f363b0c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 73.732699][ T5611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 73.734865][ T5490] veth0_macvtap: entered promiscuous mode [ 73.740738][ T5611] R13: 000000000000000b R14: 00007f363c5d5f80 R15: 00007ffd2c715798 [ 73.740759][ T5611] [ 73.748144][ T5490] veth1_macvtap: entered promiscuous mode [ 73.788465][ T3262] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.816731][ T5490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.827394][ T5490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.837249][ T5490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.847693][ T5490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.863451][ T5635] netlink: 48 bytes leftover after parsing attributes in process `syz.2.722'. [ 73.865168][ T5490] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.873116][ T5633] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 73.882937][ T5490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.897886][ T5490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.907837][ T5490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.918346][ T5490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.928218][ T5490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.938840][ T5490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.948824][ T5490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.959289][ T5490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.970718][ T5490] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.989740][ T5490] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.998523][ T5490] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.007287][ T5490] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.009418][ T5640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 74.016019][ T5490] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.043981][ T5640] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 74.099388][ T5640] loop3: detected capacity change from 0 to 2048 [ 74.136530][ T5650] sctp: [Deprecated]: syz.2.724 (pid 5650) Use of int in max_burst socket option deprecated. [ 74.136530][ T5650] Use struct sctp_assoc_value instead [ 74.196322][ T5655] netlink: 'syz.0.728': attribute type 9 has an invalid length. [ 74.252565][ T5667] FAULT_INJECTION: forcing a failure. [ 74.252565][ T5667] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 74.265708][ T5667] CPU: 1 UID: 0 PID: 5667 Comm: syz.1.733 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 74.275996][ T5667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 74.286157][ T5667] Call Trace: [ 74.288497][ T5665] openvswitch: netlink: ct_state flags 00001eac unsupported [ 74.289453][ T5667] [ 74.289462][ T5667] dump_stack_lvl+0xf2/0x150 [ 74.304338][ T5667] dump_stack+0x15/0x20 [ 74.308532][ T5667] should_fail_ex+0x229/0x230 [ 74.313324][ T5667] should_fail+0xb/0x10 [ 74.317492][ T5667] should_fail_usercopy+0x1a/0x20 [ 74.322583][ T5667] _copy_from_user+0x1e/0xd0 [ 74.327251][ T5667] ucma_resolve_route+0x48/0x1c0 [ 74.332224][ T5667] ucma_write+0x1aa/0x240 [ 74.336593][ T5667] vfs_writev+0x402/0x880 [ 74.340932][ T5667] ? __pfx_ucma_write+0x10/0x10 [ 74.345778][ T5667] do_writev+0xf8/0x220 [ 74.349935][ T5667] __x64_sys_writev+0x45/0x50 [ 74.354605][ T5667] x64_sys_call+0x1d63/0x2e00 [ 74.359282][ T5667] do_syscall_64+0xc9/0x1c0 [ 74.364137][ T5667] ? clear_bhb_loop+0x55/0xb0 [ 74.368828][ T5667] ? clear_bhb_loop+0x55/0xb0 [ 74.373548][ T5667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.379706][ T5667] RIP: 0033:0x7f9e5be87299 [ 74.384213][ T5667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.403825][ T5667] RSP: 002b:00007f9e5ab07048 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 74.412239][ T5667] RAX: ffffffffffffffda RBX: 00007f9e5c015f80 RCX: 00007f9e5be87299 [ 74.420202][ T5667] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000004 [ 74.428186][ T5667] RBP: 00007f9e5ab070a0 R08: 0000000000000000 R09: 0000000000000000 [ 74.436157][ T5667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 74.444117][ T5667] R13: 000000000000000b R14: 00007f9e5c015f80 R15: 00007ffc0db5af58 [ 74.452084][ T5667] [ 74.515792][ T5680] FAULT_INJECTION: forcing a failure. [ 74.515792][ T5680] name failslab, interval 1, probability 0, space 0, times 0 [ 74.528491][ T5680] CPU: 1 UID: 0 PID: 5680 Comm: syz.4.740 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 74.538742][ T5680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 74.548795][ T5680] Call Trace: [ 74.552080][ T5680] [ 74.555008][ T5680] dump_stack_lvl+0xf2/0x150 [ 74.559631][ T5680] dump_stack+0x15/0x20 [ 74.564069][ T5680] should_fail_ex+0x229/0x230 [ 74.569034][ T5680] ? getname_flags+0x81/0x3b0 [ 74.573728][ T5680] should_failslab+0x8f/0xb0 [ 74.578439][ T5680] kmem_cache_alloc_noprof+0x4c/0x290 [ 74.583833][ T5680] getname_flags+0x81/0x3b0 [ 74.588512][ T5680] getname+0x17/0x20 [ 74.592426][ T5680] do_sys_openat2+0x67/0x120 [ 74.597025][ T5680] __x64_sys_openat+0xf3/0x120 [ 74.601795][ T5680] x64_sys_call+0x1ac/0x2e00 [ 74.606390][ T5680] do_syscall_64+0xc9/0x1c0 [ 74.611000][ T5680] ? clear_bhb_loop+0x55/0xb0 [ 74.615716][ T5680] ? clear_bhb_loop+0x55/0xb0 [ 74.620400][ T5680] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.626302][ T5680] RIP: 0033:0x7f1070745cd0 [ 74.630709][ T5680] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 79 8d 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 cc 8d 02 00 8b 44 [ 74.650422][ T5680] RSP: 002b:00007f106f3c4f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 74.658830][ T5680] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f1070745cd0 [ 74.666803][ T5680] RDX: 0000000000000002 RSI: 00007f10707b467c RDI: 00000000ffffff9c [ 74.674781][ T5680] RBP: 00007f10707b467c R08: 0000000000000000 R09: 0000000000000000 [ 74.683075][ T5680] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 74.691056][ T5680] R13: 0000000000000024 R14: 0000000020000000 R15: 00007ffcead1dc08 [ 74.699033][ T5680] [ 74.756877][ T5684] sctp: [Deprecated]: syz.0.741 (pid 5684) Use of int in max_burst socket option deprecated. [ 74.756877][ T5684] Use struct sctp_assoc_value instead [ 74.833094][ T5696] loop0: detected capacity change from 0 to 512 [ 74.851695][ T5696] EXT4-fs: Ignoring removed bh option [ 74.877616][ T5696] EXT4-fs error (device loop0): __ext4_iget:4985: inode #15: block 1803188595: comm syz.0.747: invalid block [ 74.891312][ T5696] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.747: couldn't read orphan inode 15 (err -117) [ 74.904167][ T5696] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.926844][ T5490] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.941281][ T5701] loop1: detected capacity change from 0 to 512 [ 74.949697][ T5701] EXT4-fs: Ignoring removed bh option [ 74.958861][ T5701] EXT4-fs error (device loop1): __ext4_iget:4985: inode #15: block 1803188595: comm syz.1.748: invalid block [ 74.965908][ T5703] SELinux: security_context_str_to_sid () failed with errno=-22 [ 74.971771][ T5701] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.748: couldn't read orphan inode 15 (err -117) [ 74.991738][ T5701] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.023761][ T3262] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.158460][ T5722] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.166096][ T5722] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.167660][ T5718] sctp: [Deprecated]: syz.1.755 (pid 5718) Use of int in max_burst socket option deprecated. [ 75.167660][ T5718] Use struct sctp_assoc_value instead [ 75.240918][ T5731] loop4: detected capacity change from 0 to 1024 [ 75.259863][ T5731] ext4: Unknown parameter 'subj_role' [ 75.282694][ T5729] loop1: detected capacity change from 0 to 2048 [ 75.298995][ T5736] loop0: detected capacity change from 0 to 512 [ 75.326821][ T5739] FAULT_INJECTION: forcing a failure. [ 75.326821][ T5739] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 75.340000][ T5739] CPU: 0 UID: 0 PID: 5739 Comm: syz.3.764 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 75.350247][ T5739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 75.360405][ T5739] Call Trace: [ 75.363716][ T5739] [ 75.366668][ T5739] dump_stack_lvl+0xf2/0x150 [ 75.371305][ T5739] dump_stack+0x15/0x20 [ 75.375525][ T5739] should_fail_ex+0x229/0x230 [ 75.380238][ T5739] should_fail+0xb/0x10 [ 75.384446][ T5739] should_fail_usercopy+0x1a/0x20 [ 75.389573][ T5739] _copy_to_user+0x1e/0xa0 [ 75.394078][ T5739] simple_read_from_buffer+0xa0/0x110 [ 75.399579][ T5739] proc_fail_nth_read+0xfc/0x140 [ 75.404600][ T5739] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 75.410226][ T5739] vfs_read+0x1a2/0x6e0 [ 75.414521][ T5739] ? __rcu_read_unlock+0x4e/0x70 [ 75.419456][ T5739] ? __fget_files+0x1da/0x210 [ 75.424162][ T5739] ksys_read+0xeb/0x1b0 [ 75.428374][ T5739] __x64_sys_read+0x42/0x50 [ 75.432947][ T5739] x64_sys_call+0x2a36/0x2e00 [ 75.437706][ T5739] do_syscall_64+0xc9/0x1c0 [ 75.442293][ T5739] ? clear_bhb_loop+0x55/0xb0 [ 75.447012][ T5739] ? clear_bhb_loop+0x55/0xb0 [ 75.451688][ T5739] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.457614][ T5739] RIP: 0033:0x7f363c445d7c [ 75.462303][ T5739] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 75.482124][ T5739] RSP: 002b:00007f363b0c7040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 75.490542][ T5739] RAX: ffffffffffffffda RBX: 00007f363c5d5f80 RCX: 00007f363c445d7c [ 75.498607][ T5739] RDX: 000000000000000f RSI: 00007f363b0c70b0 RDI: 0000000000000009 [ 75.506585][ T5739] RBP: 00007f363b0c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 75.514557][ T5739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 75.522521][ T5739] R13: 000000000000000b R14: 00007f363c5d5f80 R15: 00007ffd2c715798 [ 75.530563][ T5739] [ 75.562642][ T5736] EXT4-fs (loop0): orphan cleanup on readonly fs [ 75.580448][ T5736] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 75.602403][ T5736] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 75.617717][ T5736] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz.0.762: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 75.636744][ T5736] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.762: couldn't read orphan inode 13 (err -117) [ 75.649529][ T5736] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 75.720401][ C0] eth0: bad gso: type: 1, size: 1408 [ 75.730462][ T5490] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.783058][ T5762] sctp: [Deprecated]: syz.3.770 (pid 5762) Use of int in max_burst socket option deprecated. [ 75.783058][ T5762] Use struct sctp_assoc_value instead [ 75.879771][ T5774] FAULT_INJECTION: forcing a failure. [ 75.879771][ T5774] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 75.892996][ T5774] CPU: 0 UID: 0 PID: 5774 Comm: syz.1.776 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 75.903256][ T5774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 75.913320][ T5774] Call Trace: [ 75.916602][ T5774] [ 75.919531][ T5774] dump_stack_lvl+0xf2/0x150 [ 75.924151][ T5774] dump_stack+0x15/0x20 [ 75.928322][ T5774] should_fail_ex+0x229/0x230 [ 75.933106][ T5774] should_fail+0xb/0x10 [ 75.937290][ T5774] should_fail_usercopy+0x1a/0x20 [ 75.942353][ T5774] _copy_from_user+0x1e/0xd0 [ 75.946982][ T5774] __se_sys_memfd_create+0x26b/0x600 [ 75.952283][ T5774] __x64_sys_memfd_create+0x31/0x40 [ 75.957585][ T5774] x64_sys_call+0x1163/0x2e00 [ 75.962334][ T5774] do_syscall_64+0xc9/0x1c0 [ 75.966938][ T5774] ? clear_bhb_loop+0x55/0xb0 [ 75.971735][ T5774] ? clear_bhb_loop+0x55/0xb0 [ 75.976533][ T5774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.982558][ T5774] RIP: 0033:0x7f9e5be87299 [ 75.986978][ T5774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.006650][ T5774] RSP: 002b:00007f9e5ab06e28 EFLAGS: 00000206 ORIG_RAX: 000000000000013f [ 76.015088][ T5774] RAX: ffffffffffffffda RBX: 0000000000000557 RCX: 00007f9e5be87299 [ 76.023098][ T5774] RDX: 00007f9e5ab06f00 RSI: 0000000000000000 RDI: 00007f9e5bef5094 [ 76.031140][ T5774] RBP: 0000000020001cc0 R08: 00007f9e5ab06bc7 R09: 00007f9e5ab06e50 [ 76.039107][ T5774] R10: 000000000000000a R11: 0000000000000206 R12: 0000000020000000 [ 76.047134][ T5774] R13: 00007f9e5ab06f00 R14: 00007f9e5ab06ec0 R15: 0000000020000080 [ 76.055103][ T5774] [ 76.078150][ T5776] __nla_validate_parse: 7 callbacks suppressed [ 76.078167][ T5776] netlink: 48 bytes leftover after parsing attributes in process `syz.2.777'. [ 76.094005][ T5778] program syz.0.775 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 76.230968][ T5787] loop1: detected capacity change from 0 to 512 [ 76.258545][ T5787] EXT4-fs (loop1): orphan cleanup on readonly fs [ 76.270391][ T5793] loop0: detected capacity change from 0 to 2048 [ 76.280831][ T29] audit: type=1400 audit(1721956359.425:386): avc: denied { mount } for pid=5788 comm="syz.2.781" name="/" dev="hugetlbfs" ino=13201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 76.303540][ T5787] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 76.343950][ T5787] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 76.364915][ T29] audit: type=1400 audit(1721956359.505:387): avc: denied { execmem } for pid=5802 comm="syz.4.786" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 76.386136][ T5787] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz.1.782: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 76.413684][ T5799] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 76.432391][ T5787] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.782: couldn't read orphan inode 13 (err -117) [ 76.444763][ T5787] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 76.488586][ T3262] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.513316][ T29] audit: type=1400 audit(1721956359.655:388): avc: denied { create } for pid=5814 comm="syz.2.792" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 76.540693][ T5820] FAULT_INJECTION: forcing a failure. [ 76.540693][ T5820] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 76.553806][ T5820] CPU: 1 UID: 0 PID: 5820 Comm: syz.1.789 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 76.564270][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 76.574412][ T5820] Call Trace: [ 76.577750][ T5820] [ 76.580687][ T5820] dump_stack_lvl+0xf2/0x150 [ 76.585379][ T5820] dump_stack+0x15/0x20 [ 76.589554][ T5820] should_fail_ex+0x229/0x230 [ 76.594351][ T5820] should_fail+0xb/0x10 [ 76.598525][ T5820] should_fail_usercopy+0x1a/0x20 [ 76.603564][ T5820] strncpy_from_user+0x25/0x270 [ 76.608425][ T5820] ? kmem_cache_alloc_noprof+0x10c/0x290 [ 76.614272][ T5820] getname_flags+0xb0/0x3b0 [ 76.618844][ T5820] getname+0x17/0x20 [ 76.622813][ T5820] do_sys_openat2+0x67/0x120 [ 76.627416][ T5820] __x64_sys_openat+0xf3/0x120 [ 76.632248][ T5820] x64_sys_call+0x1ac/0x2e00 [ 76.636857][ T5820] do_syscall_64+0xc9/0x1c0 [ 76.641372][ T5820] ? clear_bhb_loop+0x55/0xb0 [ 76.646076][ T5820] ? clear_bhb_loop+0x55/0xb0 [ 76.650752][ T5820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.656677][ T5820] RIP: 0033:0x7f9e5be85cd0 [ 76.661170][ T5820] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 79 8d 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 cc 8d 02 00 8b 44 [ 76.680796][ T5820] RSP: 002b:00007f9e5ab04f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 76.689217][ T5820] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f9e5be85cd0 [ 76.697281][ T5820] RDX: 0000000000000002 RSI: 00007f9e5bef467c RDI: 00000000ffffff9c [ 76.705261][ T5820] RBP: 00007f9e5bef467c R08: 0000000000000000 R09: 0000000000000000 [ 76.713312][ T5820] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 76.721299][ T5820] R13: 000000000000004d R14: 0000000020000040 R15: 00007ffc0db5af58 [ 76.729289][ T5820] [ 76.831086][ T5829] loop3: detected capacity change from 0 to 2048 [ 76.837675][ T5831] loop0: detected capacity change from 0 to 512 [ 76.868242][ T5831] EXT4-fs (loop0): orphan cleanup on readonly fs [ 76.878615][ T5831] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 76.914157][ T5831] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 76.925927][ T5837] netlink: 48 bytes leftover after parsing attributes in process `syz.3.798'. [ 76.947692][ T5831] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz.0.796: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 76.997034][ T5831] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.796: couldn't read orphan inode 13 (err -117) [ 77.021801][ T5840] loop2: detected capacity change from 0 to 256 [ 77.039588][ T5840] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 77.057753][ T5831] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 77.080164][ T5840] team0: Cannot enslave team device to itself [ 77.086308][ T5840] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 77.146389][ T5490] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.149891][ T5842] sctp: [Deprecated]: syz.3.800 (pid 5842) Use of int in max_burst socket option deprecated. [ 77.149891][ T5842] Use struct sctp_assoc_value instead [ 77.367785][ T5855] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 77.634644][ T5878] loop2: detected capacity change from 0 to 2048 [ 77.653676][ T5882] sctp: [Deprecated]: syz.0.816 (pid 5882) Use of int in max_burst socket option deprecated. [ 77.653676][ T5882] Use struct sctp_assoc_value instead [ 77.842952][ T5907] netlink: 48 bytes leftover after parsing attributes in process `syz.4.827'. [ 77.850771][ T5908] loop0: detected capacity change from 0 to 128 [ 77.869073][ T5910] netlink: 48 bytes leftover after parsing attributes in process `syz.1.828'. [ 77.875841][ T5908] vfat: Unknown parameter './file0' [ 77.921439][ T5908] loop0: detected capacity change from 0 to 512 [ 77.921537][ T2959] ================================================================== [ 77.935750][ T2959] BUG: KCSAN: data-race in block_uevent / inc_diskseq [ 77.942526][ T2959] [ 77.944846][ T2959] write to 0xffff88810123ea20 of 8 bytes by task 5908 on cpu 0: [ 77.952493][ T2959] inc_diskseq+0x2c/0x40 [ 77.956739][ T2959] disk_force_media_change+0x9f/0xf0 [ 77.962034][ T2959] loop_configure+0x638/0xa40 [ 77.966793][ T2959] lo_ioctl+0x5fc/0x11d0 [ 77.971057][ T2959] blkdev_ioctl+0x35f/0x450 [ 77.975588][ T2959] __se_sys_ioctl+0xd3/0x150 [ 77.980226][ T2959] __x64_sys_ioctl+0x43/0x50 [ 77.984830][ T2959] x64_sys_call+0x1688/0x2e00 [ 77.989520][ T2959] do_syscall_64+0xc9/0x1c0 [ 77.994035][ T2959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.999928][ T2959] [ 78.002264][ T2959] read to 0xffff88810123ea20 of 8 bytes by task 2959 on cpu 1: [ 78.009802][ T2959] block_uevent+0x31/0x50 [ 78.014130][ T2959] dev_uevent+0x2f3/0x380 [ 78.018456][ T2959] uevent_show+0x11e/0x210 [ 78.022868][ T2959] dev_attr_show+0x3a/0xa0 [ 78.027300][ T2959] sysfs_kf_seq_show+0x17c/0x250 [ 78.032239][ T2959] kernfs_seq_show+0x7c/0x90 [ 78.036839][ T2959] seq_read_iter+0x2d7/0x940 [ 78.041435][ T2959] kernfs_fop_read_iter+0xc6/0x310 [ 78.046559][ T2959] vfs_read+0x5e9/0x6e0 [ 78.050726][ T2959] ksys_read+0xeb/0x1b0 [ 78.054893][ T2959] __x64_sys_read+0x42/0x50 [ 78.059423][ T2959] x64_sys_call+0x2a36/0x2e00 [ 78.064203][ T2959] do_syscall_64+0xc9/0x1c0 [ 78.068767][ T2959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.075139][ T2959] [ 78.077502][ T2959] value changed: 0x0000000000000157 -> 0x0000000000000158 [ 78.084610][ T2959] [ 78.086930][ T2959] Reported by Kernel Concurrency Sanitizer on: [ 78.093078][ T2959] CPU: 1 UID: 0 PID: 2959 Comm: udevd Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 [ 78.102974][ T2959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 78.113035][ T2959] ================================================================== [ 78.128057][ T5908] ext3: Unknown parameter 'hash' [ 78.192930][ T5920] loop1: detected capacity change from 0 to 256 [ 78.277515][ T5920] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 78.323320][ T5920] team0: Cannot enslave team device to itself [ 78.329483][ T5920] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.