last executing test programs: 2.938646024s ago: executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) rt_sigaction(0x1a, &(0x7f00000003c0)={&(0x7f0000000280)="f32ec0b80e00000000c4e339405795f0440f6fcb42d8f166410f5ed3420ffc98dc000000c4e371780d7c0000000ac4a1301455dfc46171633ec48305389021e2000001", 0xd0000006, &(0x7f0000000300)="c40171de01c4e3b56aee0041d9fc3645d822660fefb50c00000065dee7460f8e13cf0000c4627d783b263e65363e440f4e8500000000dec9"}, &(0x7f0000000480)={&(0x7f0000000400)="c403f95ecdf3410f491c4f8410c44280f34b00f046834afe0a412232640f1855f5c4230d5e170dc4229d3891b736fc438f0978d7590d", 0x0, &(0x7f0000000440)="c4214211efc4e29af5a4cf070000000f008e000800008f6a18120800000000f30faec5650f1b47f6c4c1fddec5c4e16155cd64260f1b1b36420ffb3cd2"}, 0x8, &(0x7f00000004c0)) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="9feb01001800000000000000640000006400000002000000010000000000420800000000070000000000001105400000010000000500000006000006040000000e000000000000000e0000000900000000000000030000000d000000ffffffff08000000ff0f00000a00000002000000060000000000f9070000000000003e4c9f33d438aa7d86b2b377ea"], 0x0, 0x7e}, 0x20) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) socket$caif_stream(0x25, 0x1, 0x1) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r6 = creat(&(0x7f0000000240)='./bus\x00', 0x0) pwritev2(r6, 0x0, 0x0, 0x0, 0x0, 0x9) socket$igmp(0x2, 0x3, 0x2) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000500)='./file0/file0\x00', 0x1009002, &(0x7f0000000100), 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)={0x1c, r3, 0x48212b8952c3affd, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'syztnl1\x00', &(0x7f0000000340)={'syztnl0\x00', r5, 0x10, 0x8777, 0x200, 0xfffffffa, {{0xf, 0x4, 0x2, 0x2, 0x3c, 0x65, 0x0, 0x80, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0xa}, @multicast2, {[@lsrr={0x83, 0x23, 0x0, [@multicast2, @multicast2, @broadcast, @loopback, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102, @multicast2]}, @ra={0x94, 0x4}]}}}}}) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x8f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r7, 0xe}, 0x90) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd020000000000000000006000000001002100fe880001000000000000060000007d01ff0200000000000000000000000000010000eca140"], 0xfdef) 2.633875241s ago: executing program 3: fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3) setgroups(0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r1 = socket$rds(0x15, 0x5, 0x0) bind(r1, &(0x7f0000000000)=@generic={0xa, "f7c39f5ee85fae0c91e3ccfb11d200005efe967df06c2913060a14051e3867cc75f0da4c1c0f660ee7cda99d667b56cba361b21d917f1d08beb895ab85c460adc58eea9034c4dda505f16b07d7ab538e5d435d5626c30d8a0ffd818eb88942ddb0320500000000000000fbac6e4b483814e486948fb090684a73b87fe590"}, 0x80) 2.514549819s ago: executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)) pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000180)="80", 0x1}], 0x1, 0x0, 0x0) 2.392980247s ago: executing program 3: r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = timerfd_create(0x0, 0x0) timerfd_settime(r1, 0x1, &(0x7f0000000080)={{}, {0x0, 0x3938700}}, 0x0) timerfd_gettime(r1, &(0x7f0000000040)) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x2f, 0x8, 0x1, 0xff, 0xae33e9f0403e93d0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x7, 0x20, 0x3, 0x3}}) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r4}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYRES32=r5, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r2, @ANYRES16=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r6) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./bus\x00', 0x1200840, &(0x7f0000000880)=ANY=[@ANYBLOB="757466383d312c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c696f636861727365743d73703836322c696f636861727365743d63703433372c73686f72746e616d653d77696e39352c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c756e695f786c6174653d302c003c24d06816418f4be78ed4fbfe47efc82f966a602a8db43ad053c978bbd3501706515140ef63c2a58653ced497550b22917b09702604bc162c57e05beec5bb0c11fc2f9238b25e4527e24bab534e9ba458d92a597c3fee89f57053a4a1535771c9877b3ab101fb26937779cff75a95a296fafddf11280fafeb9bd5f2da4a88b43f3e4d5b1a9aed1f659d88f914548fba990603b0d4f14adda86d459c62701d3d6f007c7e50da9608a03eff58"], 0x3, 0x377, &(0x7f00000002c0)="$eJzs3UFom+UbAPAn/dKm/bP924MgCsKnN0HLNgXRix2jg2EuU8LUgxjcptLUwYrB7tCsXsSj4FFP3jzowcNuXgRFdvPg1QkyFQ+628CxT77kS/KlSWqZdLP4+x3Cs/d9nvd9v+Rl+ZqSt6+uxNrZ2Th/48b1mJ+vRHXlxErcrMRSJNF3OcbNTWgDAA6Gm1kWf2Q9EV/upaSy/6sCAPZT9/3/9cOllne/3i0/8+4PAAde8fP/Qrkt2ZEzP634wr4tCwDYR6Of/0fEI2MppV/1V8fuDQCAg+eFl15+7ng94vk0nY9Yf6/daDfimWH/8fPxZrTiXByJxbgV0btRyB8q3ceTp+qrR9I07cTPS9HIK9qNiPVOu9G7UziedOtrcTQWY6moL+42sixLTn5RXz2adkXE5U53/livtBuzsVDM/8P/4lwcizTuG6uPOFVfPZYWAzTW+/WzEdvDzy3y9S/HYnz3WlyIVpyNvLZ/W1Nf3Tqapiey+qHKsL7TbtS6eT1TPwEBAAAAAAAAAAAAAAAAAAAAAIA7spwOLA3Oz8mG5/csL0/o756P06svzgfa7p0PlNWyyLLf33m88X4SI+cD7Tifp9NuVGPm3l46AAAAAAAAAAAAAAAAAAAA/GtsbM5Fs9U6d3Fj89JaOehc3NiciYi85a1vP/tqIUZzFooBRqtGgmqRUupKh1VZ0k/OkpGcIkjyySvVXsunVwYrLufUBlcxcRm16V2t1uGHf/po2PJQ0h/59jAniYnXdSnZsYxysP7/3pKmPy27BMf+JudalmXTyrdeGa+KSkR16lLvMMjy4JvrbzzwxEZ/E2Q9jz62eObah5/8utZs5TPnWq25ixu3srVm8e/Jm216kJT2T6XYbJXyTqg2n7x9+tCUkbdHW5rJ97+9+OAHV4uWmd1fpuzM1WHL2xNykt6kn+/smusF+TIHXc/mQf4cjY8zO2HzTwqein/0wt3/8UrzytaPv+y1qvSfhIM6AAAAAAAAAAAAAAAAAADgrih9V7xQfNl3dreqp0/v/8oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4O4Z/v3/QRAz2zta9hb82Yl+y5nod9XyAWOuNOPSPbxaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+q/4KAAD//1UBZGs=") 2.189133328s ago: executing program 3: r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2) add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r3, &(0x7f00000002c0)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r3, 0x0) add_key$keyring(&(0x7f0000000000), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, 0x0) 2.057024448s ago: executing program 3: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00'}) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=@raw={'raw\x00', 0x8, 0x3, 0x1c0, 0x128, 0xa, 0xd0e0000, 0x0, 0x100, 0x1c0, 0x1d8, 0x1d8, 0x1c0, 0x1d8, 0x3, 0x0, {[{{@ip={@loopback, @multicast1, 0x0, 0x0, 'ip6tnl0\x00', 'rose0\x00'}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x220) ptrace(0x10, 0x1) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$getenv(0x6, r2, 0x0, 0x0) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) memfd_create(0x0, 0x0) bpf$MAP_DELETE_ELEM(0x4, 0x0, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="021380ee02"], 0x10}}, 0x0) r4 = socket$key(0xf, 0x3, 0x2) sendmmsg(r4, &(0x7f0000000180), 0x32bc45944b084a6, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0xffffffb5, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x86856, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x103}, 0x0, 0x10000400, 0xffffffffffffffff, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0xfe00, @any, 0x7}, 0xe) syz_emit_ethernet(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) r5 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setsig(r6, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r7}], 0x2c, 0xffffffffffbffff8) dup2(r6, r7) fcntl$setown(r6, 0x8, r5) tkill(r5, 0x16) 1.984350379s ago: executing program 1: sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) (async) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0) (async) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0) pwritev2(r1, &(0x7f00000004c0)=[{&(0x7f0000000140)="e7", 0xfffffddb}], 0x1, 0xa00, 0x0, 0x0) (async) pwritev2(r0, &(0x7f00000002c0)=[{&(0x7f0000000000)="95ea14045fdb9296efcd09409899cae1836e0a664bf7de9f44d3033753e95cdd17470f50c9aa99fbeb9d89195cbf99006e4325158e", 0x35}, {&(0x7f0000000180)="3fe913a5d3a7dd8746526b2cc5f16449921c8afcd8582f8d2ecd53250cf37df2107359504ce8b2efd04ebf4495ac61d9fa987973bb2e08ea2abbabfb80a2da0daf7bac7b918b4574edb32de74adad6d58987843b9869f8bb1a3604d58569a35375458efcfcb68316495e82a444bd46426af2d969abf74803c099eefc15190ce39bfaa8cf8e9b29f43a55147afe24926ccc3e2f1d56dfb8d02ddc1cf2e3db3f122684eeb67d9829dc84bd8cba52870e7df69fcc81b1e45834df274c03bd3693445104f298e12e3f81d965d54e93", 0xcd}, {&(0x7f0000000040)="bdc6324fcfb09519a1e6915521cdd422addf2428d5d2c6434c4820778d8f4ecf39e276d2cbc1a279eec57f633a4e99e40164bfe6870b4f249038c8b8d610ef9451eb97b049d7c5825a882edebe4e89cb49c33a75e9ed80e61122b500"/102, 0x66}], 0x3, 0x10001, 0x2, 0x0) 1.464565508s ago: executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) socket$kcm(0x2, 0xa, 0x2) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="9feb01001800000000000000640000006400000002000000010000000000420800000000070000000000001105400000010000000500000006000006040000000e000000000000000e0000000900000000000000030000000d000000ffffffff08000000ff0f00000a00000002000000060000000000f9070000000000003e4c9f33d438aa7d86b2b377ea"], 0x0, 0x7e}, 0x20) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) socket$caif_stream(0x25, 0x1, 0x1) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r6 = creat(&(0x7f0000000240)='./bus\x00', 0x0) pwritev2(r6, 0x0, 0x0, 0x0, 0x0, 0x9) socket$igmp(0x2, 0x3, 0x2) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000500)='./file0/file0\x00', 0x1009002, &(0x7f0000000100), 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)={0x1c, r3, 0x48212b8952c3affd, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'syztnl1\x00', &(0x7f0000000340)={'syztnl0\x00', r5, 0x10, 0x8777, 0x200, 0xfffffffa, {{0xf, 0x4, 0x2, 0x2, 0x3c, 0x65, 0x0, 0x80, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0xa}, @multicast2, {[@lsrr={0x83, 0x23, 0x0, [@multicast2, @multicast2, @broadcast, @loopback, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102, @multicast2]}, @ra={0x94, 0x4}]}}}}}) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x8f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r7, 0xe}, 0x90) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd020000000000000000006000000001002100fe880001000000000000060000007d01ff0200000000000000000000000000010000eca140"], 0xfdef) 1.354374834s ago: executing program 2: r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000140)={0x0, 0x1c00, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000050000000900010073797a300000000054000000030a01030000000100010000050000000900010073797a30000000002800048008000140000000011400040076657468315f766972745f77696669000800024000000000090003"], 0x9c}}, 0x0) 1.32155378s ago: executing program 2: setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4) socket$xdp(0x2c, 0x3, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) io_setup(0x6, &(0x7f0000000680)) r0 = socket$inet6(0x10, 0x4, 0x10004) sendto$inet6(r0, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0) 1.231763494s ago: executing program 2: syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./bus\x00', 0x1200840, &(0x7f0000000880)=ANY=[@ANYBLOB="757466383d312c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c696f636861727365743d73703836322c696f636861727365743d63703433372c73686f72746e616d653d77696e39352c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c756e695f786c6174653d302c003c24d06816418f4be78ed4fbfe47efc82f966a602a8db43ad053c978bbd3501706515140ef63c2a58653ced497550b22917b09702604bc162c57e05beec5bb0c11fc2f9238b25e4527e24bab534e9ba458d92a597c3fee89f57053a4a1535771c9877b3ab101fb26937779cff75a95a296fafddf11280fafeb9bd5f2da4a88b43f3e4d5b1a9aed1f659d88f914548fba990603b0d4f14adda86d459c62701d3d6f007c7e50da9608a03eff58"], 0x3, 0x377, &(0x7f00000002c0)="$eJzs3UFom+UbAPAn/dKm/bP924MgCsKnN0HLNgXRix2jg2EuU8LUgxjcptLUwYrB7tCsXsSj4FFP3jzowcNuXgRFdvPg1QkyFQ+628CxT77kS/KlSWqZdLP4+x3Cs/d9nvd9v+Rl+ZqSt6+uxNrZ2Th/48b1mJ+vRHXlxErcrMRSJNF3OcbNTWgDAA6Gm1kWf2Q9EV/upaSy/6sCAPZT9/3/9cOllne/3i0/8+4PAAde8fP/Qrkt2ZEzP634wr4tCwDYR6Of/0fEI2MppV/1V8fuDQCAg+eFl15+7ng94vk0nY9Yf6/daDfimWH/8fPxZrTiXByJxbgV0btRyB8q3ceTp+qrR9I07cTPS9HIK9qNiPVOu9G7UziedOtrcTQWY6moL+42sixLTn5RXz2adkXE5U53/livtBuzsVDM/8P/4lwcizTuG6uPOFVfPZYWAzTW+/WzEdvDzy3y9S/HYnz3WlyIVpyNvLZ/W1Nf3Tqapiey+qHKsL7TbtS6eT1TPwEBAAAAAAAAAAAAAAAAAAAAAIA7spwOLA3Oz8mG5/csL0/o756P06svzgfa7p0PlNWyyLLf33m88X4SI+cD7Tifp9NuVGPm3l46AAAAAAAAAAAAAAAAAAAA/GtsbM5Fs9U6d3Fj89JaOehc3NiciYi85a1vP/tqIUZzFooBRqtGgmqRUupKh1VZ0k/OkpGcIkjyySvVXsunVwYrLufUBlcxcRm16V2t1uGHf/po2PJQ0h/59jAniYnXdSnZsYxysP7/3pKmPy27BMf+JudalmXTyrdeGa+KSkR16lLvMMjy4JvrbzzwxEZ/E2Q9jz62eObah5/8utZs5TPnWq25ixu3srVm8e/Jm216kJT2T6XYbJXyTqg2n7x9+tCUkbdHW5rJ97+9+OAHV4uWmd1fpuzM1WHL2xNykt6kn+/smusF+TIHXc/mQf4cjY8zO2HzTwqein/0wt3/8UrzytaPv+y1qvSfhIM6AAAAAAAAAAAAAAAAAADgrih9V7xQfNl3dreqp0/v/8oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4O4Z/v3/QRAz2zta9hb82Yl+y5nod9XyAWOuNOPSPbxaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+q/4KAAD//1UBZGs=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000280), 0x16d) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$netlink(r1, 0x10e, 0x0, 0x0, 0x0) 1.05962896s ago: executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13) poll(&(0x7f0000000100)=[{r0, 0xcf9aa395655278ef}], 0x1, 0xe7f1) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x4b47, &(0x7f00000006c0)=0xa) 1.037253273s ago: executing program 1: r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2) add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r3, &(0x7f00000002c0)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r3, 0x0) add_key$keyring(&(0x7f0000000000), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, 0x0) 1.034077874s ago: executing program 4: fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3) setgroups(0x0, 0x0) r0 = socket$rds(0x15, 0x5, 0x0) bind(r0, &(0x7f0000000000)=@generic={0xa, "f7c39f5ee85fae0c91e3ccfb11d200005efe967df06c2913060a14051e3867cc75f0da4c1c0f660ee7cda99d667b56cba361b21d917f1d08beb895ab85c460adc58eea9034c4dda505f16b07d7ab538e5d435d5626c30d8a0ffd818eb88942ddb0320500000000000000fbac6e4b483814e486948fb090684a73b87fe590"}, 0x80) 996.332339ms ago: executing program 1: socket$can_bcm(0x1d, 0x2, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0) ftruncate(r0, 0x20cf01) open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4) setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x1, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 991.50057ms ago: executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socket$kcm(0x10, 0x2, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x4, &(0x7f0000000100)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1007}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x7, &(0x7f0000000140)=ANY=[@ANYBLOB], &(0x7f00000000c0)='GPL\x00', 0x4, 0x9b, &(0x7f0000000300)=""/155}, 0x90) syz_io_uring_setup(0x24fa, 0x0, 0x0, &(0x7f0000000040)) socket$inet_dccp(0x2, 0x6, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$inet_int(r0, 0x0, 0x17, 0x0, &(0x7f00000001c0)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0406619, &(0x7f00000005c0)=0x1) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x18000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 926.1482ms ago: executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{}, {0x44}, {0x6}]}, 0x10) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0xb, &(0x7f0000000400)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @loopback}]}, &(0x7f0000000180)=0x10) 914.766841ms ago: executing program 4: epoll_create(0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_UPDATE_CONST_STR(0x4, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) (async) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4) (async) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={r1, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000000c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x5, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xc3, &(0x7f0000000300)=[{}], 0x8, 0x10, &(0x7f0000000340), &(0x7f00000003c0), 0x8, 0x35, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) (async) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x3654}]}, 0x10) (async) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) (async) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) (async) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='lp\x00', 0x3) (async) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, 0x0, 0x0) (async) r3 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) (async) listen(r3, 0x80080400) (async) r4 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r4, &(0x7f0000e5c000)={0x2, 0x4e20, @empty}, 0x10) r5 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1}) (async) creat(0x0, 0x0) io_uring_enter(r5, 0x567, 0x0, 0x0, 0x0, 0x0) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) (async) recvmsg(r0, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700) socket$nl_generic(0x10, 0x3, 0x10) 902.178934ms ago: executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x20, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmmsg$inet(r1, &(0x7f0000005240)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0}}, {{&(0x7f0000000800)={0x2, 0x0, @remote}, 0x10, 0x0}}], 0x2, 0x0) 896.909024ms ago: executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}, 0x90) r1 = socket(0xa, 0x2, 0x0) getsockopt$nfc_llcp(r1, 0x88, 0x64, 0x0, 0x20000000) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440), 0x38}}, 0x0) r3 = socket(0x2, 0xa, 0x0) getpeername$llc(r3, 0x0, 0x0) syz_io_uring_setup(0x1f85, &(0x7f0000000080)={0x0, 0x0, 0x13580, 0x3, 0x2c7}, &(0x7f0000000000), &(0x7f0000000280)) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000040)=@security={'security\x00', 0xe, 0x4, 0x340, 0xffffffff, 0xf8, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x420, 0x420, 0x420, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @local, [], [], 'macvlan1\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28}}, {{@ipv6={@mcast2, @local, [], [], 'veth1_vlan\x00', 'wlan0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@AUDIT={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3a0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c02000019000100000000e0000002000000000000000000000000000000f8ffffff000000ffff0000000100000000225c00", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000084010500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000e0000002000000000000000000000000000000006c000000000000007f00000100000000000000000000000000000000000000000000000000000000000000007f000001000000000000000000000000000000006c00000000000000fc0000000000000000000000000000000000000000010000000000000000000000000000ff010000000000000000000000000001000000003300000000000000fc0100000000000000000000000000000000000000000000000000000000000000000000fe880000000000000000000000000001000000003200000000000000e00000010000000000000000000000000000000000000000000000000000000000000000ff020000000000000000000000000001000000003300000000000000fc0100"/500], 0x23c}}, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000007c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x378, 0x1d8, 0x12, 0x60d, 0x1d8, 0x202, 0x2a8, 0x2e8, 0x2e8, 0x2a8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@local, @mcast1, [], [], 'veth0_to_team\x00', 'macsec0\x00'}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x2, 0x2}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d8) arch_prctl$ARCH_MAP_VDSO_X32(0x2001, 0x2) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xa1, 0x24}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) r6 = socket(0x10, 0x2, 0x0) r7 = open(&(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x3, &(0x7f0000000100)=[{0xfffa, 0xcb, 0xd, 0xb5ff}, {0x7f, 0x1, 0x3f, 0xca}, {0x0, 0xfb, 0x5, 0xfffffffc}]}) mkdirat(r7, &(0x7f0000000340)='./file0\x00', 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)={0x14, r9, 0x1, 0x0, 0x0, {0x54}}, 0x14}}, 0x0) sendmsg$DEVLINK_CMD_TRAP_GET(r3, &(0x7f0000000740)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000700)={&(0x7f0000000bc0)={0x138, r9, 0x200, 0x70bd28, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}]}, 0x138}, 0x1, 0x0, 0x0, 0x800}, 0x1) write(r6, &(0x7f0000000140)="2c0000001d005f80004e0000000220b200000000b7856733a5e335f0f285ee390000b1000008020100ff5b1844ad30c8ac46c16fa9e711f35076e042c5c70101000036cb19f69b000800002b457612cc00000000d3c860c455c91a8dbf28314b29fc05fa4fa3e3ba720e4fda82ba96efe604c36a1d248f30adb8f8a087794d4cce056815df00b5573eec80e378e17c8949e4b9000000821e3656bce6347aecf4fd68403ae1dfff50751f1b59fa254a75bdf3056c997e15bd4075b82d5634127a140ae0621899783c233541d9898c00fda2df80a51ad69f3117e10648d2fc4f61e1b39cb6e949a5c9d9bf6f4e0986557163252f0e35f54a4fc610bed988abbf43ef5a8e5a86f2db78339666bc91357ace4f83901080e3b62b1fe8c3845ea3", 0xd) 851.061791ms ago: executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) creat(&(0x7f0000000000)='./file0\x00', 0x0) (async) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0) dup3(r0, r2, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) shutdown(r0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10) setrlimit(0x64, &(0x7f0000000100)) (async) setrlimit(0x64, &(0x7f0000000100)) 437.801654ms ago: executing program 0: socket$kcm(0x2, 0xa, 0x2) r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="9feb01001800000000000000640000006400000002000000010000000000420800000000070000000000001105400000010000000500000006000006040000000e000000000000000e0000000900000000000000030000000d000000ffffffff08000000ff0f00000a00000002000000060000000000f9070000000000003e4c9f33d438aa7d86b2b377ea"], 0x0, 0x7e}, 0x20) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) socket$caif_stream(0x25, 0x1, 0x1) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r5 = creat(&(0x7f0000000240)='./bus\x00', 0x0) pwritev2(r5, 0x0, 0x0, 0x0, 0x0, 0x9) socket$igmp(0x2, 0x3, 0x2) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000500)='./file0/file0\x00', 0x1009002, &(0x7f0000000100), 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)={0x1c, r2, 0x48212b8952c3affd, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'syztnl1\x00', &(0x7f0000000340)={'syztnl0\x00', r4, 0x10, 0x8777, 0x200, 0xfffffffa, {{0xf, 0x4, 0x2, 0x2, 0x3c, 0x65, 0x0, 0x80, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0xa}, @multicast2, {[@lsrr={0x83, 0x23, 0x0, [@multicast2, @multicast2, @broadcast, @loopback, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102, @multicast2]}, @ra={0x94, 0x4}]}}}}}) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x8f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, 0xe}, 0x90) write$tun(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd020000000000000000006000000001002100fe880001000000000000060000007d01ff0200000000000000000000000000010000eca140"], 0xfdef) 290.607886ms ago: executing program 0: r0 = io_uring_setup(0xa4f, &(0x7f0000000580)) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0x11, &(0x7f0000005500)={0x1, 0x0, 0x0, &(0x7f0000000140)=[{0x0}], &(0x7f0000000580)}, 0x20) 266.45781ms ago: executing program 0: r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2) add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r3, &(0x7f00000002c0)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r3, 0x0) add_key$keyring(&(0x7f0000000000), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, 0x0) 236.331434ms ago: executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmsg$IEEE802154_LIST_IFACE(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f0000000040), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4040) connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) getsockopt$inet_mptcp_buf(r2, 0x11c, 0x3, &(0x7f00000000c0)=""/193, &(0x7f0000001140)=0xc1) quotactl_fd$Q_SETQUOTA(r1, 0xffffffff80000800, 0x0, &(0x7f0000000240)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94}) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000000)={{0x8, 0x401}, 0x20}, 0x10) sendmmsg$inet(r0, &(0x7f0000001c00)=[{{&(0x7f0000001080)={0x2, 0x4e23, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000800)=[@ip_ttl={{0x14, 0x0, 0x2, 0x6}}], 0x18}}], 0x1, 0x0) 189.759671ms ago: executing program 0: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000200), 0x3, 0x55b, &(0x7f0000000b00)="$eJzs3c9vHFcdAPDvjH+sk6Z1Aj1AVUiAQkBR1vGmjapemlxAqKqEqDggDqmxN5bJbjZk16U2kXD/BpBAcII/gQMSB6SeOHDjiMQBIZUDUoAIlCCBtGhmx87G3lU33V/E+/lIk5k3b95834sz+96+dfYFMLPORcReRCxGxNsRsVycT4otrna27LoH9++uP7x/dz2Jdvutvyd5fnYuuspkninuuRQRX/9KxLeTo3GbO7s312q16p0ivdKq315p7uxe3KqvbVY3q7cqlSurVy69evmVysjaerb+y3tf3nrjG7/59ac++P3el76fVetUkdfdjlHqNH3hIE5mPiLeGEewKZgr9otHcl7sXeDqeOvDk0kj4mMR8dn8+V+OufxfJwBwnLXbP432cncaADju0nwOLEnLEZGmxSCg3JnDez5OprVGs3XhRmP71kZnrux0LKQ3tmrVS2dKf/xufvFCkqVX87w8P09XDqUvR8SZiPhR6USeLq83ahvTGfIAwMx7prv/j4h/ldK0XB6oaI9P9QCAp8bStCsAAEyc/h8AZo/+HwBmzwD9f/Fh/97Y6wIATIb3/wAwe/T/ADB7nrT/L42pHgDARHztzTezrf2w+P7rjXd2tm823rm4UW3eLNe318vrjTu3y5uNxmb+nT31xwqf6DouxgS1RuP26sux/e5Kq9psrTR3dq/XG9u3Wtfz7/W+Xl2YaOsAgF7OnH3/D0lE7L12It+iay0HfTUcb+m0KwBMzdwwhQ0Q4KlmtS+YXQN14fkg4XdjrwswHT2/zHup5+HjfvIEQfyeMfxfOf/Jwef/j67xDDzNzP/D7Ppo8/+vj7wewOSZ/4fZ1W4nh9f8XzzIAgCOpSF+ha/9g1ENQoCp+rDFvEfy+T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcM6ci4juRpOV8LfA0+zMtlyOejYjTsZDc2KpVL0XEc3E2IhZKWXp12pUGAIaU/jUp1v86v/zSqcO5i8m/S/k+Ir73s7d+/O5aq3VnNTv/j4Pzpf3lwyqPyg2xriAAMJh2acAL8/67Uuy73sg/uH93fX8bVyV7uXct/lssRbz+8P7dfOvkzEd2MmIpH0uc/GcS80WZpYh4ISLmRhB/772I+ESv9if53MjpYuXT7vhRxH52ovHTx+KneV5nnw2+Pj6CusCsef9aRFzt9fylcS7f937+l/JXqOHdu9a52f5r38Ou+PNFpLke8bNn/tygMV7+7VePnGwvd/Lei3hhvlf85CB+0if+SwPG/9OLn/7h633y2j+POB+943fHWmnVb680d3YvbtXXNqubS1GpXFm9cunVy69UVvI56pX9meqj/vbahef61S1r/8k+8Zd6tn/xoOznB2z/L/7z9rc+8yhZOhz/i5/r/fN/vmf8jqxP/MLjYdr94q+d/FXf5buz+Bt92v9hP/8LgzQ+Ij74y+7GgJcCABPQ3Nm9uVarVe8MdZC9Cx3FfY4cZFUc7OL94eJwQf8c42jFRzxYGNff6tgP5g/GiqO98zezO064OenIWzHUwYNJxZreaxIwGY8e+mnXBAAAAAAAAAAAAAAA6GcS/3Vp2m0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+PpfAAAA///hvs8g") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x3) 56.297062ms ago: executing program 2: fcntl$getown(0xffffffffffffffff, 0x9) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) socket$inet_udp(0x2, 0x2, 0x0) (async) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @multicast1}}}}) (async) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @multicast1}}}}) 25.361816ms ago: executing program 4: socket$can_bcm(0x1d, 0x2, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0) ftruncate(r0, 0x20cf01) open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4) setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x1, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 19.204657ms ago: executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x20, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmmsg$inet(r1, &(0x7f0000005240)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0}}, {{&(0x7f0000000800)={0x2, 0x0, @remote}, 0x10, 0x0}}], 0x2, 0x0) 0s ago: executing program 0: r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'ip6gretap0\x00', 0x0}) r2 = socket$packet(0x11, 0x2, 0x300) bind$packet(r2, &(0x7f0000000140)={0x11, 0x4, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) bind$packet(r0, &(0x7f0000000080)={0x11, 0xa, r1, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x27}}, 0xffffff90) r3 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'syz_tun\x00', 0x0}) bind$packet(r3, &(0x7f0000000080)={0x11, 0x800, r4, 0x1, 0x0, 0x6, @multicast}, 0x14) syz_emit_ethernet(0x32, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000240000000000119078000000000000000000000000001090780200000000000000d71f4f84745a5ad5d8ab226b480be1bec439cc49d4c469f4fe1562fc0915a519680437ad72468cefcfc0d0d519288bf5e3f6392e61a5539e481f1a55cc9ad54c884e98282a776b7941f3cdd775f85d6dee65a495feb0df393572"], 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000cc0)='./file0\x00', 0x800714, &(0x7f0000000c40)={[{@quota}]}, 0x1, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") r6 = open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0) write$selinux_attr(r6, &(0x7f00000001c0)='system_u:object_r:lost_found_t:s0\x00', 0x404043000) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r7, 0xc0c0583b, &(0x7f0000000200)=ANY=[@ANYBLOB="000000004c90020052feffff0300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"]) r8 = socket$kcm(0x2, 0x5, 0x0) pselect6(0x40, &(0x7f00000000c0)={0x4, 0x2, 0x1ff, 0x9, 0x0, 0x3, 0x7, 0x9}, &(0x7f0000000380)={0x9, 0xfff, 0x7, 0x3ff, 0x8000000000000000, 0x80000000, 0x41a, 0x3}, &(0x7f00000003c0)={0xa73a, 0xffffffffffffffc0, 0x0, 0xffff, 0x0, 0xffffffffffffffc1, 0x50000000, 0x7}, &(0x7f0000000440), &(0x7f00000004c0)={&(0x7f0000000480)={[0x81]}, 0x8}) r9 = socket$inet_mptcp(0x2, 0x1, 0x106) socket$nl_netfilter(0x10, 0x3, 0xc) connect$inet(r9, &(0x7f0000003580)={0x2, 0x0, @dev}, 0x10) bind$inet(r9, &(0x7f0000000040)={0x2, 0x4e21, @remote}, 0x10) setsockopt$sock_int(r9, 0x1, 0x8, &(0x7f0000000100), 0x4) connect$inet(r9, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10) sendmmsg$inet(r9, &(0x7f000000ca40)=[{{0x0, 0x0, &(0x7f0000002600)=[{&(0x7f00000010c0)="aea2307749b9c3088890ff04686a90e4560970fac3a818fab4f49398f7f4968ccd8b6e82d3a888225b6e617b462e9fff120d1e943af7188f4ad8f668a34994ef225a2994d291adb5545ab18e67c82364f884ef4043b2ddd32ff43100e8d3e083fa045d9423630420967d222042e237546ae751e1dc69e5b3d4f8a1d74823880e9774cf1ce708a9b3ba5e5a1dac6c4841cd73176875bc7670b598a264f3b362c7327733032b7845e0c4b871680241cb78d73ddde812ffc94abfa67c234b9afc84528d00ad0eadbd246e023802fe83d99310464319c2ecabb49889b5da34db00533d36e51a53c28042e5de17a14afcf6cc04fcceca1b", 0xf5}, {&(0x7f00000011c0)="052dae3ff99f197a7c2d574775f85ae65e7c110eeb9a37a7a9f25db108af9d11a2dcd644ac922cf366534f78cde6dd1b1fd0733bcf3ac63ae2ae937e32523a46fef506d6060de65f4ecc821ee22e8b501cded970c787369e9ee0c341d500ac1e07708288752e1cb226e27284", 0x6c}, {&(0x7f0000001240)="80f042ec65697e2177e614f3f105d6b2d17a75dd6327b674b2756556ff62ac5fbc0be0ca0242f935f9b373bff3b9e2e1b8b328f1146306246cde318e25b9e8bff59ffe5bc0b6613ca043aabf300ce22f0f57cb91d9e79cf61f384abd2c2612050ce7818851a6211e268d14205fcd47012646ad7c7136722dd629841dcf1478a46e9c9ba28cf7562a3bcd6eb4ddf8f3fa894d6f9c1be0e36098199fb56d96438484e580ca673ce0acab7799e2d47c", 0xae}, {&(0x7f0000001300)="40f4024dcf359934a79a3b5bf68cd1e6578d137d56fc35b642010141752942d9793c2e48", 0x24}, {&(0x7f0000001340)="505a6eba135f6d6c0aab00d210f55468ebfa638f7de440ce570dfa980834ae0675ebf2061272bc", 0x27}, {&(0x7f0000001380)="2d30ff637483dae459ff0aee025497c69a8ef80e40dbf02491c6b686bf94f990f77a3caa9402486e4bd6e95853dc0892846698361364b759dd866b1cf1ce71d1d796bceeead1fe449396e436a5a13ee2941003c58c79ecd4bc1ff160068a2b9a950bc5d9048959d1752e2fb59b5c31086777fabb85a0cb28de7eb4fa4940ec928b8be959063fff963f591d5db20172df563dd3bf42bfd79f5cab5c37d5f687c76c5f8e432b61a415013865ff397747f1813a31873279f601d0a9c8a97aeab3fe47a24169700d674858574f73ec281b5403f66c27b791dd7944c9ff9864bac474c4241415855c6749f98834908cc4b47fa35bb86f716676d7949b3726d79d805fbc98aaab11854b227e1ffa78c50c0faa1c0a4b1f33e7beaa1f203aed9c96d3ca18d5d4f60447b2f7327726055242b3dcbf82ca59886e7210f582748838171edd9230859fa795ed2c87f93991ff635388d78616ac30d63668c2b40eca4b989244b847e27e3a6add148b31d167c55d8a8d47f5c7d1b9cf8b9bcbab28e3285a4feaeb4930ade476b52e2f02eb922cd765a67b4a81895862ffb6f77bfa610772317ec2854c2b8bd399bf3c52ca94819322add9716b76c5b4b34a37205ff21459d7153883617735afea2d73fd7ff12e97b9c877ec10de0413995e9e83921de1a1051348fe7fb99754acbd5ca46118381a275bb848a9f9964fc4a32aa533ab2a6f99318cbc8af96474b3460c2dcfdec012f977ec8e7f02382502a11eb3d63c7ac74d85d35ee3c55b612f92dcb38826e7f58b6272282d821e54a120b145d794725dedb3aecf781ec17468d69f7267b5568f2419759b6534a51c80e0329a6bf528dd9980b8d6e98b300bbb9067cda3111ee35e2cd2b155225a2a8f6fda41b791fcbfee8107839f5cd3023dd772b4037cc030edd451838043129bd093b49b1fdc609da93c3d37396b5a57a6924ddbb29f024654c68fc64ad9a577a856de2eb3d11fad2db8b99f4b6fff1e85297966d6fa4e45613f8c323ee61800d8c8ab27f8c8311b2945546045171d04a9d9b7bce1451e53815b511cbdc1796ff30969b9dc370ec0e294ba468cd45b3a65c5dc8fa46c2371601b6cbd44bd735b7584f0d5d749", 0x31c}], 0x6}}, {{0x0, 0x0, &(0x7f0000002ac0)=[{&(0x7f0000002780)='g', 0x1}], 0x1}}], 0x2, 0x0) ioctl$sock_TIOCINQ(r9, 0x541b, &(0x7f0000000180)) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000004000001d8500000007000000440000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r10}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) setsockopt$sock_attach_bpf(r8, 0x1, 0x3e, &(0x7f00000002c0)=r5, 0x4) sendmsg$inet(r8, &(0x7f0000000c00)={&(0x7f0000000940)={0x2, 0x0, @rand_addr=0x64010102}, 0x10, &(0x7f00000015c0)=[{&(0x7f0000000980)='s', 0x1}], 0x1}, 0x40044) kernel console output (not intermixed with test programs): irectory bread(block 64) failed [ 265.406683][T15730] FAT-fs (loop0): Directory bread(block 65) failed [ 265.413462][T15730] FAT-fs (loop0): Directory bread(block 66) failed [ 265.421848][T15730] FAT-fs (loop0): Directory bread(block 67) failed [ 265.431775][T15730] FAT-fs (loop0): Directory bread(block 68) failed [ 265.446758][T15730] FAT-fs (loop0): Directory bread(block 69) failed [ 265.468130][T15739] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 265.477471][T15739] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 265.479196][T15730] FAT-fs (loop0): Directory bread(block 70) failed [ 265.508807][T15730] FAT-fs (loop0): Directory bread(block 71) failed [ 265.517311][T15739] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 265.523956][T15730] FAT-fs (loop0): Directory bread(block 72) failed [ 265.538198][T15730] FAT-fs (loop0): Directory bread(block 73) failed [ 265.546266][T15739] bond0: entered allmulticast mode [ 265.559032][T15739] 8021q: adding VLAN 0 to HW filter on device bond0 [ 265.588635][T15743] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 265.615746][T15751] loop3: detected capacity change from 0 to 512 [ 265.645805][T15751] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002] [ 265.658570][ T50] kworker/u8:3: attempt to access beyond end of device [ 265.658570][ T50] loop0: rw=1, sector=1288, nr_sectors = 4 limit=256 [ 265.673379][T15751] System zones: 1-12 [ 265.679242][T15751] EXT4-fs (loop3): orphan cleanup on readonly fs [ 265.693519][T15751] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor.3: bg 0: block 328: padding at end of block bitmap is not set [ 265.708418][T15751] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 265.717535][T15751] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor.3: invalid indirect mapped block 65280 (level 0) [ 265.739256][T15751] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz-executor.3: attempt to clear invalid blocks 33619980 len 1 [ 265.754089][T15759] loop2: detected capacity change from 0 to 512 [ 265.755202][T15763] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 265.777586][T15751] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor.3: invalid indirect mapped block 1819239214 (level 0) [ 265.795308][T15763] loop0: detected capacity change from 0 to 1024 [ 265.809265][T15763] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 265.821311][T15759] loop2: detected capacity change from 0 to 512 [ 265.827654][T15751] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor.3: invalid indirect mapped block 1819239214 (level 1) [ 265.846657][T15763] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 265.854629][T15763] EXT4-fs (loop0): orphan cleanup on readonly fs [ 265.854976][T15759] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 265.864815][T15763] EXT4-fs error (device loop0): ext4_free_blocks:6590: comm syz-executor.0: Freeing blocks not in datazone - block = 0, count = 4096 [ 265.877110][T15751] EXT4-fs (loop3): 1 orphan inode deleted [ 265.895861][T15751] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 265.910013][T15763] EXT4-fs (loop0): 1 orphan inode deleted [ 265.919806][T15763] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 265.937035][T15759] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor.2: bg 0: block 248: padding at end of block bitmap is not set [ 265.959886][T12271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.966024][T15759] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz-executor.2: Failed to acquire dquot type 1 [ 265.982888][T15759] EXT4-fs (loop2): 1 truncate cleaned up [ 265.989309][T15759] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 266.003341][T15759] ext4 filesystem being mounted at /root/syzkaller-testdir2374205931/syzkaller.mmjjn3/14/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 266.027858][T15751] EXT4-fs error (device loop3): ext4_map_blocks:580: inode #2: block 2: comm syz-executor.3: lblock 0 mapped to illegal pblock 2 (length 1) [ 266.050563][T15751] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 266.064084][T15751] EXT4-fs error (device loop3): ext4_map_blocks:580: inode #2: block 2: comm syz-executor.3: lblock 0 mapped to illegal pblock 2 (length 1) [ 266.080629][T15751] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 266.368113][ T29] kauditd_printk_skb: 99 callbacks suppressed [ 266.368129][ T29] audit: type=1400 audit(1717826725.197:11904): avc: denied { read write } for pid=15758 comm="syz-executor.2" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 266.397424][ T29] audit: type=1400 audit(1717826725.197:11905): avc: denied { open } for pid=15758 comm="syz-executor.2" path="/root/syzkaller-testdir2374205931/syzkaller.mmjjn3/14/bus/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 266.540276][T15796] loop1: detected capacity change from 0 to 512 [ 266.672763][T15796] EXT4-fs: Ignoring removed nobh option [ 266.686193][T15796] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 266.699488][T15796] EXT4-fs (loop1): 1 truncate cleaned up [ 266.705605][T15796] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.751139][T14802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.755417][T15315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.769307][ T50] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5 [ 266.778347][ T50] EXT4-fs error (device loop2): ext4_release_dquot:6883: comm kworker/u8:3: Failed to release dquot type 1 [ 266.798004][T13070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.829582][ T29] audit: type=1400 audit(1717826725.767:11906): avc: denied { listen } for pid=15805 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 266.850026][T15807] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 266.858208][T15807] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.3'. [ 266.876722][T15820] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2048 sclass=netlink_route_socket pid=15820 comm=syz-executor.1 [ 266.891136][ T29] audit: type=1400 audit(1717826725.807:11907): avc: denied { accept } for pid=15806 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 266.962644][T15825] loop0: detected capacity change from 0 to 1024 [ 266.969457][T15826] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 266.978848][T15826] netlink: 'syz-executor.1': attribute type 6 has an invalid length. [ 266.990966][T15826] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 266.999790][T15826] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 267.008540][T15826] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 267.017538][T15826] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 267.033795][T15825] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.050932][T15826] vxlan0: entered promiscuous mode [ 267.056557][ T29] audit: type=1326 audit(1717826725.987:11908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15830 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f72fff39f69 code=0x0 [ 267.092188][ T29] audit: type=1400 audit(1717826726.017:11909): avc: denied { setattr } for pid=15823 comm="syz-executor.0" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 267.172794][T12271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.209687][T15846] loop4: detected capacity change from 0 to 512 [ 267.224755][T15848] loop0: detected capacity change from 0 to 512 [ 267.232280][T15848] ext2: Unknown parameter 'subj_type' [ 267.260498][T15846] loop4: detected capacity change from 0 to 512 [ 267.268450][T15846] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 267.291675][T15846] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor.4: bg 0: block 248: padding at end of block bitmap is not set [ 267.309778][T15846] Quota error (device loop4): write_blk: dquota write failed [ 267.317226][T15846] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 267.327266][T15846] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz-executor.4: Failed to acquire dquot type 1 [ 267.339274][T15846] EXT4-fs (loop4): 1 truncate cleaned up [ 267.342558][T15857] tun0: tun_chr_ioctl cmd 1074025676 [ 267.345400][T15846] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.351226][T15857] tun0: owner set to 536871360 [ 267.371622][T15846] ext4 filesystem being mounted at /root/syzkaller-testdir3291483556/syzkaller.3i4VyQ/110/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 267.451207][T15862] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.0'. [ 267.524810][T15871] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 267.955174][ T29] audit: type=1326 audit(1717826726.887:11910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15883 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f73e7f1ff69 code=0x0 [ 268.094073][T15894] tun0: tun_chr_ioctl cmd 1074025676 [ 268.094498][T13928] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.099447][T15894] tun0: owner set to 536871360 [ 268.116516][ T63] EXT4-fs error (device loop4): ext4_release_dquot:6883: comm kworker/u8:4: Failed to release dquot type 1 [ 268.339571][T15916] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 268.566734][T15925] loop0: detected capacity change from 0 to 1024 [ 268.618499][T15925] syzkaller1: entered promiscuous mode [ 268.623980][T15925] syzkaller1: entered allmulticast mode [ 268.632939][T15925] dccp_invalid_packet: P.type (CLOSEREQ) not Data || [Data]Ack, while P.X == 0 [ 268.734007][T15934] tun0: tun_chr_ioctl cmd 1074025676 [ 268.739373][T15934] tun0: owner set to 536871360 [ 268.781207][T15938] 9pnet_fd: Insufficient options for proto=fd [ 268.843643][T15950] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 268.868995][T15952] loop0: detected capacity change from 0 to 164 [ 269.160848][T15977] tun0: tun_chr_ioctl cmd 1074025676 [ 269.166167][T15977] tun0: owner set to 536871360 [ 269.258404][T15983] loop2: detected capacity change from 0 to 512 [ 269.272525][T15983] ext4: Unknown parameter 'noblock_validity [ 269.272525][T15983] resuid' [ 269.310253][T15994] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 269.353786][T15996] loop2: detected capacity change from 0 to 256 [ 269.361354][T15996] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 269.373545][T15996] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 269.571784][T16003] sctp: [Deprecated]: syz-executor.2 (pid 16003) Use of int in max_burst socket option deprecated. [ 269.571784][T16003] Use struct sctp_assoc_value instead [ 269.599101][T16003] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 269.616593][T16003] 8021q: adding VLAN 0 to HW filter on device team0 [ 269.624883][T16003] bond0: (slave team0): Enslaving as an active interface with an up link [ 269.672287][T16015] loop1: detected capacity change from 0 to 736 [ 269.678681][T16015] iso9660: Bad value for 'session' [ 269.733200][T16018] loop2: detected capacity change from 0 to 512 [ 269.740867][T16018] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 270.013395][T16037] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 270.364521][T16043] sctp: [Deprecated]: syz-executor.3 (pid 16043) Use of int in max_burst socket option deprecated. [ 270.364521][T16043] Use struct sctp_assoc_value instead [ 270.395377][T16043] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 270.409162][T16043] 8021q: adding VLAN 0 to HW filter on device team0 [ 270.420852][T16043] bond0: (slave team0): Enslaving as an active interface with an up link [ 270.472845][T16046] loop3: detected capacity change from 0 to 1024 [ 270.509640][T16046] syzkaller1: entered promiscuous mode [ 270.515203][T16046] syzkaller1: entered allmulticast mode [ 270.621032][T16033] syz-executor.4 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 270.632454][T16033] CPU: 1 PID: 16033 Comm: syz-executor.4 Not tainted 6.10.0-rc2-syzkaller-00269-g96e09b8f8166 #0 [ 270.642978][T16033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 270.653030][T16033] Call Trace: [ 270.656293][T16033] [ 270.659258][T16033] dump_stack_lvl+0xf2/0x150 [ 270.663845][T16033] dump_stack+0x15/0x20 [ 270.667993][T16033] dump_header+0x83/0x2d0 [ 270.672308][T16033] oom_kill_process+0x33e/0x4c0 [ 270.677244][T16033] out_of_memory+0x9af/0xbe0 [ 270.681873][T16033] mem_cgroup_out_of_memory+0x13e/0x190 [ 270.687409][T16033] try_charge_memcg+0x745/0xcd0 [ 270.692302][T16033] ? _raw_spin_unlock+0x26/0x50 [ 270.697224][T16033] ? radix_tree_lookup+0xf9/0x150 [ 270.702276][T16033] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 270.708329][T16033] __read_swap_cache_async+0x2b9/0x520 [ 270.713849][T16033] swap_cluster_readahead+0x276/0x3f0 [ 270.719214][T16033] swapin_readahead+0xe2/0x7a0 [ 270.724041][T16033] ? __filemap_get_folio+0x420/0x5b0 [ 270.729344][T16033] ? swap_cache_get_folio+0x6e/0x210 [ 270.734619][T16033] do_swap_page+0x3bc/0x1840 [ 270.739276][T16033] ? cgroup_rstat_updated+0x99/0x550 [ 270.744556][T16033] ? __rcu_read_lock+0x36/0x50 [ 270.749324][T16033] handle_mm_fault+0x809/0x2a80 [ 270.754187][T16033] ? mas_walk+0x204/0x320 [ 270.758504][T16033] exc_page_fault+0x3b9/0x650 [ 270.763183][T16033] asm_exc_page_fault+0x26/0x30 [ 270.768026][T16033] RIP: 0033:0x7f78cf288fb4 [ 270.772522][T16033] Code: 69 3d 04 e7 ca 00 e8 03 00 00 48 8d 1d e5 cf 17 00 e8 50 5f 04 00 eb 12 66 0f 1f 44 00 00 48 81 c3 d0 00 00 00 48 39 eb 74 bb <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df e8 87 f0 ff ff eb [ 270.792113][T16033] RSP: 002b:00007fffbff1dc30 EFLAGS: 00010206 [ 270.798245][T16033] RAX: 0000000000000000 RBX: 00007f78cf405f80 RCX: 0000000000000000 [ 270.806203][T16033] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555557195788 [ 270.814160][T16033] RBP: 00007f78cf407980 R08: 0000000000000000 R09: 7fffffffffffffff [ 270.822116][T16033] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000042397 [ 270.830070][T16033] R13: 00007f78cf40605c R14: 0000000000000032 R15: 00007f78cf407980 [ 270.838085][T16033] [ 270.841116][T16033] memory: usage 307200kB, limit 307200kB, failcnt 2313 [ 270.848123][T16033] memory+swap: usage 307616kB, limit 9007199254740988kB, failcnt 0 [ 270.856085][T16033] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0 [ 270.863401][T16033] Memory cgroup stats for /syz4: [ 270.863654][T16033] cache 4096 [ 270.871865][T16033] rss 8192 [ 270.875028][T16033] shmem 0 [ 270.877979][T16033] mapped_file 0 [ 270.881425][T16033] dirty 4096 [ 270.884612][T16033] writeback 0 [ 270.888009][T16033] workingset_refault_anon 989 [ 270.892672][T16033] workingset_refault_file 1578 [ 270.897441][T16033] swap 417792 [ 270.900852][T16033] swapcached 16384 [ 270.904555][T16033] pgpgin 330788 [ 270.908008][T16033] pgpgout 330783 [ 270.911574][T16033] pgfault 390524 [ 270.915089][T16033] pgmajfault 1870 [ 270.918791][T16033] inactive_anon 8192 [ 270.922664][T16033] active_anon 0 [ 270.926243][T16033] inactive_file 4096 [ 270.930155][T16033] active_file 0 [ 270.933591][T16033] unevictable 0 [ 270.937096][T16033] hierarchical_memory_limit 314572800 [ 270.942463][T16033] hierarchical_memsw_limit 9223372036854771712 [ 270.948643][T16033] total_cache 4096 [ 270.952351][T16033] total_rss 8192 [ 270.955897][T16033] total_shmem 0 [ 270.959337][T16033] total_mapped_file 0 [ 270.963296][T16033] total_dirty 4096 [ 270.966995][T16033] total_writeback 0 [ 270.970778][T16033] total_workingset_refault_anon 989 [ 270.975943][T16033] total_workingset_refault_file 1578 [ 270.981307][T16033] total_swap 417792 [ 270.985103][T16033] total_swapcached 16384 [ 270.989423][T16033] total_pgpgin 330791 [ 270.993432][T16033] total_pgpgout 330786 [ 270.997500][T16033] total_pgfault 390535 [ 271.001552][T16033] total_pgmajfault 1870 [ 271.005705][T16033] total_inactive_anon 8192 [ 271.010104][T16033] total_active_anon 0 [ 271.014072][T16033] total_inactive_file 4096 [ 271.018520][T16033] total_active_file 0 [ 271.022504][T16033] total_unevictable 0 [ 271.026511][T16033] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=16033,uid=0 [ 271.041869][T16033] Memory cgroup out of memory: Killed process 16033 (syz-executor.4) total-vm:46572kB, anon-rss:548kB, file-rss:9004kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 271.131876][T16067] loop1: detected capacity change from 0 to 512 [ 271.140181][T16067] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 271.158724][T16067] EXT4-fs (loop1): 1 truncate cleaned up [ 271.164761][T16067] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 271.250378][T13070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.400568][T16079] loop0: detected capacity change from 0 to 1024 [ 271.437314][T16081] loop4: detected capacity change from 0 to 1024 [ 271.459166][T16079] syzkaller1: entered promiscuous mode [ 271.464648][T16079] syzkaller1: entered allmulticast mode [ 271.479839][T16081] syzkaller1: entered promiscuous mode [ 271.485411][T16081] syzkaller1: entered allmulticast mode [ 271.492093][T16079] dccp_invalid_packet: P.type (CLOSEREQ) not Data || [Data]Ack, while P.X == 0 [ 271.493318][T16084] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 271.617709][ T29] kauditd_printk_skb: 683 callbacks suppressed [ 271.617722][ T29] audit: type=1326 audit(1717826730.557:12593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16101 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 271.619786][T16102] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 271.623966][ T29] audit: type=1326 audit(1717826730.557:12594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16101 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 271.681758][ T29] audit: type=1326 audit(1717826730.557:12595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16101 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 271.706348][ T29] audit: type=1326 audit(1717826730.557:12596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16101 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 271.713967][T16110] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 271.730438][ T29] audit: type=1326 audit(1717826730.557:12597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16101 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 271.763796][ T29] audit: type=1326 audit(1717826730.557:12598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16101 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 271.788047][ T29] audit: type=1326 audit(1717826730.557:12599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16101 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 271.812259][ T29] audit: type=1326 audit(1717826730.557:12600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16101 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 271.836793][ T29] audit: type=1326 audit(1717826730.557:12601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16101 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 271.861208][ T29] audit: type=1326 audit(1717826730.557:12602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16101 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 271.943277][T16118] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2048 sclass=netlink_route_socket pid=16118 comm=syz-executor.3 [ 272.008706][T16120] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 272.018121][T16120] netlink: 'syz-executor.3': attribute type 6 has an invalid length. [ 272.029370][T16120] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 272.038278][T16120] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 272.046998][T16120] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 272.055695][T16120] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 272.064485][T16120] vxlan0: entered promiscuous mode [ 272.172096][T16126] hsr0: entered promiscuous mode [ 272.513119][T16113] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 272.524429][T16113] CPU: 1 PID: 16113 Comm: syz-executor.0 Not tainted 6.10.0-rc2-syzkaller-00269-g96e09b8f8166 #0 [ 272.534936][T16113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 272.545000][T16113] Call Trace: [ 272.548283][T16113] [ 272.551225][T16113] dump_stack_lvl+0xf2/0x150 [ 272.555872][T16113] dump_stack+0x15/0x20 [ 272.560083][T16113] dump_header+0x83/0x2d0 [ 272.564392][T16113] oom_kill_process+0x33e/0x4c0 [ 272.569277][T16113] out_of_memory+0x9af/0xbe0 [ 272.573901][T16113] mem_cgroup_out_of_memory+0x13e/0x190 [ 272.579552][T16113] try_charge_memcg+0x745/0xcd0 [ 272.584425][T16113] ? _raw_spin_unlock+0x26/0x50 [ 272.589291][T16113] ? radix_tree_lookup+0xf9/0x150 [ 272.594381][T16113] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 272.600448][T16113] __read_swap_cache_async+0x2b9/0x520 [ 272.605903][T16113] swap_cluster_readahead+0x276/0x3f0 [ 272.611413][T16113] swapin_readahead+0xe2/0x7a0 [ 272.616217][T16113] ? __filemap_get_folio+0x420/0x5b0 [ 272.621519][T16113] ? swap_cache_get_folio+0x6e/0x210 [ 272.626794][T16113] do_swap_page+0x3bc/0x1840 [ 272.631464][T16113] ? exc_page_fault+0x32e/0x650 [ 272.636317][T16113] ? __rcu_read_lock+0x36/0x50 [ 272.641184][T16113] handle_mm_fault+0x809/0x2a80 [ 272.646117][T16113] ? mas_walk+0x204/0x320 [ 272.650465][T16113] exc_page_fault+0x3b9/0x650 [ 272.655144][T16113] asm_exc_page_fault+0x26/0x30 [ 272.659992][T16113] RIP: 0033:0x7fde342faf8a [ 272.664466][T16113] Code: 31 d2 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d 12 ea 17 00 00 0f 8e 0c ff ff ff e8 9f 04 ff ff 49 39 c4 0f 82 6a 01 00 00 <69> 3d 04 e7 ca 00 e8 03 00 00 48 8d 1d e5 cf 17 00 e8 50 5f 04 00 [ 272.684141][T16113] RSP: 002b:00007ffcf46795a0 EFLAGS: 00010202 [ 272.690188][T16113] RAX: 0000000000042a42 RBX: 00007fde34479980 RCX: 0000000000042680 [ 272.698310][T16113] RDX: 00000000000003c2 RSI: 00007ffcf4679580 RDI: 0000000000000001 [ 272.706258][T16113] RBP: 00007fde34479980 R08: 000000003960f6e0 R09: 7fffffffffffffff [ 272.714218][T16113] R10: 00007fde3444e0b8 R11: 00007fde3444e080 R12: 0000000000042b27 [ 272.722199][T16113] R13: 00007fde3447805c R14: 0000000000000032 R15: 00007fde34479980 [ 272.730159][T16113] [ 272.733366][T16113] memory: usage 307200kB, limit 307200kB, failcnt 1018 [ 272.740238][T16113] memory+swap: usage 307572kB, limit 9007199254740988kB, failcnt 0 [ 272.748155][T16113] kmem: usage 307160kB, limit 9007199254740988kB, failcnt 0 [ 272.755418][T16113] Memory cgroup stats for /syz0: [ 272.755702][T16113] cache 24576 [ 272.763884][T16113] rss 8192 [ 272.766891][T16113] shmem 0 [ 272.769804][T16113] mapped_file 0 [ 272.773290][T16113] dirty 20480 [ 272.776568][T16113] writeback 8192 [ 272.780186][T16113] workingset_refault_anon 488 [ 272.784849][T16113] workingset_refault_file 30 [ 272.789461][T16113] swap 380928 [ 272.792736][T16113] swapcached 16384 [ 272.796578][T16113] pgpgin 243039 [ 272.800073][T16113] pgpgout 243029 [ 272.803666][T16113] pgfault 299310 [ 272.807211][T16113] pgmajfault 135 [ 272.810894][T16113] inactive_anon 0 [ 272.814516][T16113] active_anon 0 [ 272.817980][T16113] inactive_file 12288 [ 272.821975][T16113] active_file 12288 [ 272.825753][T16113] unevictable 0 [ 272.829207][T16113] hierarchical_memory_limit 314572800 [ 272.834553][T16113] hierarchical_memsw_limit 9223372036854771712 [ 272.840719][T16113] total_cache 24576 [ 272.844565][T16113] total_rss 8192 [ 272.848102][T16113] total_shmem 0 [ 272.851590][T16113] total_mapped_file 0 [ 272.855547][T16113] total_dirty 20480 [ 272.859346][T16113] total_writeback 8192 [ 272.863420][T16113] total_workingset_refault_anon 488 [ 272.868610][T16113] total_workingset_refault_file 30 [ 272.873700][T16113] total_swap 380928 [ 272.877502][T16113] total_swapcached 16384 [ 272.881721][T16113] total_pgpgin 243039 [ 272.885680][T16113] total_pgpgout 243029 [ 272.889761][T16113] total_pgfault 299310 [ 272.893813][T16113] total_pgmajfault 135 [ 272.897881][T16113] total_inactive_anon 0 [ 272.902012][T16113] total_active_anon 0 [ 272.905961][T16113] total_inactive_file 12288 [ 272.910455][T16113] total_active_file 12288 [ 272.914800][T16113] total_unevictable 0 [ 272.918801][T16113] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16113,uid=0 [ 272.934035][T16113] Memory cgroup out of memory: Killed process 16113 (syz-executor.0) total-vm:46572kB, anon-rss:420kB, file-rss:8864kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 272.995144][T16138] loop3: detected capacity change from 0 to 256 [ 273.014311][T16138] FAT-fs (loop3): Directory bread(block 64) failed [ 273.020910][T16138] FAT-fs (loop3): Directory bread(block 65) failed [ 273.028186][T16138] FAT-fs (loop3): Directory bread(block 66) failed [ 273.034691][T16138] FAT-fs (loop3): Directory bread(block 67) failed [ 273.052002][T16138] FAT-fs (loop3): Directory bread(block 68) failed [ 273.061178][T16138] FAT-fs (loop3): Directory bread(block 69) failed [ 273.070051][T16138] FAT-fs (loop3): Directory bread(block 70) failed [ 273.076823][T16138] FAT-fs (loop3): Directory bread(block 71) failed [ 273.083386][T16138] FAT-fs (loop3): Directory bread(block 72) failed [ 273.089980][T16138] FAT-fs (loop3): Directory bread(block 73) failed [ 273.302484][T16152] sctp: [Deprecated]: syz-executor.4 (pid 16152) Use of int in max_burst socket option deprecated. [ 273.302484][T16152] Use struct sctp_assoc_value instead [ 273.361255][T16159] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 273.382292][T16161] loop1: detected capacity change from 0 to 256 [ 273.397542][T16161] FAT-fs (loop1): Directory bread(block 64) failed [ 273.404086][T16161] FAT-fs (loop1): Directory bread(block 65) failed [ 273.412187][T16161] FAT-fs (loop1): Directory bread(block 66) failed [ 273.418930][T16161] FAT-fs (loop1): Directory bread(block 67) failed [ 273.425491][T16161] FAT-fs (loop1): Directory bread(block 68) failed [ 273.432952][T16161] FAT-fs (loop1): Directory bread(block 69) failed [ 273.440070][T16161] FAT-fs (loop1): Directory bread(block 70) failed [ 273.448178][T16161] FAT-fs (loop1): Directory bread(block 71) failed [ 273.454802][T16161] FAT-fs (loop1): Directory bread(block 72) failed [ 273.461355][T16161] FAT-fs (loop1): Directory bread(block 73) failed [ 273.508148][ T5530] kworker/u8:13: attempt to access beyond end of device [ 273.508148][ T5530] loop1: rw=1, sector=1288, nr_sectors = 4 limit=256 [ 273.606601][ T8749] unregister_netdevice: waiting for vcan0 to become free. Usage count = 2 [ 273.642555][T16183] loop1: detected capacity change from 0 to 256 [ 273.649757][T16183] FAT-fs (loop1): Unrecognized mount option "erroTs=remount-ro" or missing value [ 273.915063][T16196] sctp: [Deprecated]: syz-executor.1 (pid 16196) Use of int in max_burst socket option deprecated. [ 273.915063][T16196] Use struct sctp_assoc_value instead [ 274.460902][T16184] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 274.472309][T16184] CPU: 1 PID: 16184 Comm: syz-executor.0 Not tainted 6.10.0-rc2-syzkaller-00269-g96e09b8f8166 #0 [ 274.482827][T16184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 274.492869][T16184] Call Trace: [ 274.496128][T16184] [ 274.499045][T16184] dump_stack_lvl+0xf2/0x150 [ 274.503674][T16184] dump_stack+0x15/0x20 [ 274.507878][T16184] dump_header+0x83/0x2d0 [ 274.512195][T16184] oom_kill_process+0x33e/0x4c0 [ 274.517139][T16184] out_of_memory+0x9af/0xbe0 [ 274.521764][T16184] mem_cgroup_out_of_memory+0x13e/0x190 [ 274.527300][T16184] try_charge_memcg+0x745/0xcd0 [ 274.532143][T16184] ? _raw_spin_unlock+0x26/0x50 [ 274.537057][T16184] ? radix_tree_lookup+0xf9/0x150 [ 274.542120][T16184] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 274.548203][T16184] __read_swap_cache_async+0x2b9/0x520 [ 274.553699][T16184] swap_cluster_readahead+0x276/0x3f0 [ 274.559075][T16184] swapin_readahead+0xe2/0x7a0 [ 274.563830][T16184] ? __filemap_get_folio+0x420/0x5b0 [ 274.569105][T16184] ? swap_cache_get_folio+0x6e/0x210 [ 274.574428][T16184] do_swap_page+0x3bc/0x1840 [ 274.579009][T16184] ? cgroup_rstat_updated+0x99/0x550 [ 274.584291][T16184] ? __rcu_read_lock+0x36/0x50 [ 274.589064][T16184] handle_mm_fault+0x809/0x2a80 [ 274.593906][T16184] ? mas_walk+0x204/0x320 [ 274.598223][T16184] exc_page_fault+0x3b9/0x650 [ 274.602967][T16184] asm_exc_page_fault+0x26/0x30 [ 274.607810][T16184] RIP: 0033:0x7fde342fafb4 [ 274.612279][T16184] Code: 69 3d 04 e7 ca 00 e8 03 00 00 48 8d 1d e5 cf 17 00 e8 50 5f 04 00 eb 12 66 0f 1f 44 00 00 48 81 c3 d0 00 00 00 48 39 eb 74 bb <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df e8 87 f0 ff ff eb [ 274.631938][T16184] RSP: 002b:00007ffcf46795a0 EFLAGS: 00010202 [ 274.637989][T16184] RAX: 0000000000000000 RBX: 00007fde34477f80 RCX: 0000000000000000 [ 274.645991][T16184] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555938cf788 [ 274.653984][T16184] RBP: 00007fde34479980 R08: 0000000000000000 R09: 7fffffffffffffff [ 274.661942][T16184] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000004325a [ 274.670082][T16184] R13: 00007fde3447805c R14: 0000000000000032 R15: 00007fde34479980 [ 274.678068][T16184] [ 274.681135][T16184] memory: usage 307200kB, limit 307200kB, failcnt 1418 [ 274.688160][T16184] memory+swap: usage 307616kB, limit 9007199254740988kB, failcnt 0 [ 274.696043][T16184] kmem: usage 307172kB, limit 9007199254740988kB, failcnt 0 [ 274.703368][T16184] Memory cgroup stats for /syz0: [ 274.703524][T16184] cache 12288 [ 274.711719][T16184] rss 8192 [ 274.714715][T16184] shmem 0 [ 274.717656][T16184] mapped_file 0 [ 274.721112][T16184] dirty 0 [ 274.724023][T16184] writeback 4096 [ 274.727609][T16184] workingset_refault_anon 553 [ 274.732277][T16184] workingset_refault_file 30 [ 274.736850][T16184] swap 425984 [ 274.740106][T16184] swapcached 16384 [ 274.743797][T16184] pgpgin 243259 [ 274.747324][T16184] pgpgout 243252 [ 274.750880][T16184] pgfault 299788 [ 274.754404][T16184] pgmajfault 162 [ 274.757944][T16184] inactive_anon 0 [ 274.761549][T16184] active_anon 0 [ 274.765054][T16184] inactive_file 0 [ 274.768680][T16184] active_file 12288 [ 274.772459][T16184] unevictable 0 [ 274.775890][T16184] hierarchical_memory_limit 314572800 [ 274.781242][T16184] hierarchical_memsw_limit 9223372036854771712 [ 274.787441][T16184] total_cache 12288 [ 274.791247][T16184] total_rss 8192 [ 274.794780][T16184] total_shmem 0 [ 274.798231][T16184] total_mapped_file 0 [ 274.802194][T16184] total_dirty 0 [ 274.805634][T16184] total_writeback 4096 [ 274.809702][T16184] total_workingset_refault_anon 553 [ 274.814889][T16184] total_workingset_refault_file 30 [ 274.819984][T16184] total_swap 425984 [ 274.823770][T16184] total_swapcached 16384 [ 274.828012][T16184] total_pgpgin 243259 [ 274.831976][T16184] total_pgpgout 243252 [ 274.836018][T16184] total_pgfault 299788 [ 274.840116][T16184] total_pgmajfault 162 [ 274.844162][T16184] total_inactive_anon 0 [ 274.848327][T16184] total_active_anon 0 [ 274.852281][T16184] total_inactive_file 0 [ 274.856425][T16184] total_active_file 12288 [ 274.860752][T16184] total_unevictable 0 [ 274.864710][T16184] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16184,uid=0 [ 274.880058][T16184] Memory cgroup out of memory: Killed process 16184 (syz-executor.0) total-vm:46572kB, anon-rss:544kB, file-rss:8864kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 275.240614][T16266] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 275.344842][T16278] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 275.563797][T16289] loop3: detected capacity change from 0 to 256 [ 275.571357][T16289] FAT-fs (loop3): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 275.908798][T16301] syzkaller1: left promiscuous mode [ 275.914098][T16301] syzkaller1: left allmulticast mode [ 275.921050][T16301] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 276.025125][T16306] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=45 sclass=netlink_xfrm_socket pid=16306 comm=syz-executor.4 [ 276.041124][T16306] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=263 sclass=netlink_audit_socket pid=16306 comm=syz-executor.4 [ 276.082640][T16315] loop4: detected capacity change from 0 to 512 [ 276.090790][T16315] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 276.098957][T16315] EXT4-fs (loop4): orphan cleanup on readonly fs [ 276.105480][T16315] EXT4-fs warning (device loop4): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 276.121923][T16315] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 276.135138][T16315] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor.4: bg 0: block 40: padding at end of block bitmap is not set [ 276.161585][T16319] loop0: detected capacity change from 0 to 256 [ 276.170827][T16319] FAT-fs (loop0): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 276.179540][T16315] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 276.190512][T16315] EXT4-fs (loop4): 1 truncate cleaned up [ 276.196634][T16315] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 276.212187][T16315] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #16: comm syz-executor.4: corrupted xattr block 31: invalid header [ 276.226177][T16315] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=16 [ 276.244444][T16315] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #16: comm syz-executor.4: corrupted xattr block 31: invalid header [ 276.262623][T16320] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #16: comm syz-executor.4: corrupted xattr block 31: invalid header [ 276.279522][T16315] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=16 [ 276.291653][T16315] EXT4-fs error (device loop4): ext4_get_link:106: inode #16: comm syz-executor.4: bad symlink. [ 276.302458][T16320] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=16 [ 276.314183][T16320] EXT4-fs error (device loop4): ext4_get_link:106: inode #16: comm syz-executor.4: bad symlink. [ 276.333118][T13928] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.465281][T16328] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 276.478221][T16334] netlink: 'syz-executor.4': attribute type 6 has an invalid length. [ 276.486400][T16334] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.4'. [ 276.593931][T16293] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 276.605304][T16293] CPU: 1 PID: 16293 Comm: syz-executor.3 Not tainted 6.10.0-rc2-syzkaller-00269-g96e09b8f8166 #0 [ 276.615791][T16293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 276.625859][T16293] Call Trace: [ 276.629125][T16293] [ 276.632041][T16293] dump_stack_lvl+0xf2/0x150 [ 276.636667][T16293] dump_stack+0x15/0x20 [ 276.640902][T16293] dump_header+0x83/0x2d0 [ 276.645261][T16293] oom_kill_process+0x33e/0x4c0 [ 276.650101][T16293] out_of_memory+0x9af/0xbe0 [ 276.654787][T16293] mem_cgroup_out_of_memory+0x13e/0x190 [ 276.660325][T16293] try_charge_memcg+0x745/0xcd0 [ 276.665168][T16293] ? _raw_spin_unlock+0x26/0x50 [ 276.670097][T16293] ? radix_tree_lookup+0xf9/0x150 [ 276.675148][T16293] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 276.681276][T16293] __read_swap_cache_async+0x2b9/0x520 [ 276.686730][T16293] swap_cluster_readahead+0x276/0x3f0 [ 276.692268][T16293] swapin_readahead+0xe2/0x7a0 [ 276.697088][T16293] ? __filemap_get_folio+0x420/0x5b0 [ 276.702372][T16293] ? swap_cache_get_folio+0x6e/0x210 [ 276.707660][T16293] do_swap_page+0x3bc/0x1840 [ 276.712381][T16293] ? exc_page_fault+0x32e/0x650 [ 276.717227][T16293] ? __rcu_read_lock+0x36/0x50 [ 276.722054][T16293] handle_mm_fault+0x809/0x2a80 [ 276.726942][T16293] ? mas_walk+0x204/0x320 [ 276.731299][T16293] exc_page_fault+0x3b9/0x650 [ 276.736027][T16293] asm_exc_page_fault+0x26/0x30 [ 276.740881][T16293] RIP: 0033:0x7f73e7edbbdc [ 276.745284][T16293] Code: ca 00 00 74 4d 4c 89 f7 e8 91 09 ff ff 41 08 c7 0f 85 c8 01 00 00 83 c5 01 41 3b 6c 24 04 0f 83 8a 00 00 00 48 8b 34 24 89 e9 <49> 8b 54 24 28 4c 89 f0 48 03 14 ce 80 3d b1 74 17 00 00 49 89 d6 [ 276.764882][T16293] RSP: 002b:00007ffccb172680 EFLAGS: 00010297 [ 276.771016][T16293] RAX: 0000001b306213c8 RBX: ffffffff83e14455 RCX: 0000000000000008 [ 276.778975][T16293] RDX: 0000001b306213cc RSI: 00007f73e78a2008 RDI: ffffffff83e14455 [ 276.786941][T16293] RBP: 0000000000000008 R08: 0000001b30a20000 R09: 7fffffffffffffff [ 276.794898][T16293] R10: 0000000083e14459 R11: 0000000083e14455 R12: 00007f73e8057018 [ 276.802956][T16293] R13: 00007f73e8043000 R14: ffffffff83e14f8d R15: 0000000000000001 [ 276.810968][T16293] ? copy_msghdr_from_user+0x2d/0x2a0 [ 276.816367][T16293] ? sock_close+0xb5/0x150 [ 276.820774][T16293] ? sock_close+0xb5/0x150 [ 276.825220][T16293] [ 276.828346][T16293] memory: usage 307200kB, limit 307200kB, failcnt 522 [ 276.835159][T16293] memory+swap: usage 307812kB, limit 9007199254740988kB, failcnt 0 [ 276.843070][ T29] kauditd_printk_skb: 1338 callbacks suppressed [ 276.843081][ T29] audit: type=1326 audit(1717826735.767:13940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16340 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 276.843072][T16293] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0 [ 276.843124][ T29] audit: type=1326 audit(1717826735.767:13941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16340 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 276.849336][T16293] Memory cgroup stats for /syz3: [ 276.849519][T16293] cache 4096 [ 276.878672][ T29] audit: type=1326 audit(1717826735.817:13942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16340 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 276.880743][T16293] rss 0 [ 276.918065][ T29] audit: type=1326 audit(1717826735.847:13943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16340 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 276.936987][T16293] shmem 0 [ 276.936996][T16293] mapped_file 0 [ 276.939757][ T29] audit: type=1326 audit(1717826735.847:13944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16340 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 276.963954][T16293] dirty 0 [ 276.966880][ T29] audit: type=1326 audit(1717826735.847:13945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16340 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 276.970305][T16293] writeback 8192 [ 276.970313][T16293] workingset_refault_anon 275 [ 276.994329][ T29] audit: type=1326 audit(1717826735.847:13946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16340 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 276.997248][T16293] workingset_refault_file 34 [ 277.021274][ T29] audit: type=1326 audit(1717826735.847:13947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16340 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 277.021298][ T29] audit: type=1326 audit(1717826735.847:13948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16340 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 277.024804][T16293] swap 626688 [ 277.029501][ T29] audit: type=1326 audit(1717826735.847:13949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16340 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 277.053519][T16293] swapcached 8192 [ 277.137616][T16293] pgpgin 263233 [ 277.141193][T16293] pgpgout 263230 [ 277.144731][T16293] pgfault 337645 [ 277.148373][T16293] pgmajfault 116 [ 277.151961][T16293] inactive_anon 8192 [ 277.155850][T16293] active_anon 0 [ 277.159390][T16293] inactive_file 0 [ 277.163008][T16293] active_file 4096 [ 277.166800][T16293] unevictable 0 [ 277.170262][T16293] hierarchical_memory_limit 314572800 [ 277.175632][T16293] hierarchical_memsw_limit 9223372036854771712 [ 277.181845][T16293] total_cache 4096 [ 277.185552][T16293] total_rss 0 [ 277.188914][T16293] total_shmem 0 [ 277.192442][T16293] total_mapped_file 0 [ 277.196217][T16349] loop4: detected capacity change from 0 to 8192 [ 277.196416][T16293] total_dirty 0 [ 277.196424][T16293] total_writeback 8192 [ 277.196432][T16293] total_workingset_refault_anon 275 [ 277.205548][T16349] FAT-fs (loop4): Unrecognized mount option "0x00000000000000040x0000000000000004" or missing value [ 277.206169][T16293] total_workingset_refault_file 34 [ 277.231352][T16293] total_swap 626688 [ 277.235207][T16293] total_swapcached 8192 [ 277.239345][T16293] total_pgpgin 263236 [ 277.243297][T16293] total_pgpgout 263233 [ 277.247463][T16293] total_pgfault 337655 [ 277.251503][T16293] total_pgmajfault 116 [ 277.255581][T16293] total_inactive_anon 8192 [ 277.260012][T16293] total_active_anon 0 [ 277.264007][T16293] total_inactive_file 0 [ 277.268295][T16293] total_active_file 4096 [ 277.272514][T16293] total_unevictable 0 [ 277.276549][T16293] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=16293,uid=0 [ 277.291821][T16293] Memory cgroup out of memory: Killed process 16293 (syz-executor.3) total-vm:46572kB, anon-rss:548kB, file-rss:9000kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000 [ 277.564137][T16360] tun0: tun_chr_ioctl cmd 1074025676 [ 277.569494][T16360] tun0: owner set to 536871360 [ 277.663432][T16368] loop4: detected capacity change from 0 to 512 [ 277.671295][T16368] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 277.681665][T16368] EXT4-fs (loop4): orphan cleanup on readonly fs [ 277.689462][T16368] EXT4-fs error (device loop4): __ext4_iget:4906: inode #15: block 1627517706: comm syz-executor.4: invalid block [ 277.703130][T16368] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 277.715934][T16368] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 277.769563][T16379] loop3: detected capacity change from 0 to 256 [ 277.783625][T16379] FAT-fs (loop3): Directory bread(block 64) failed [ 277.791942][T16379] FAT-fs (loop3): Directory bread(block 65) failed [ 277.792951][T16380] caif0: Master is either lo or non-ether device [ 277.798643][T16379] FAT-fs (loop3): Directory bread(block 66) failed [ 277.812340][T16379] FAT-fs (loop3): Directory bread(block 67) failed [ 277.819005][T16379] FAT-fs (loop3): Directory bread(block 68) failed [ 277.825528][T16379] FAT-fs (loop3): Directory bread(block 69) failed [ 277.832109][T16379] FAT-fs (loop3): Directory bread(block 70) failed [ 277.840816][T16379] FAT-fs (loop3): Directory bread(block 71) failed [ 277.847785][T16379] FAT-fs (loop3): Directory bread(block 72) failed [ 277.854388][T16379] FAT-fs (loop3): Directory bread(block 73) failed [ 277.888373][ T5530] kworker/u8:13: attempt to access beyond end of device [ 277.888373][ T5530] loop3: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 278.069781][T16404] loop3: detected capacity change from 0 to 164 [ 278.079454][T16404] isofs_fill_super: get root inode failed [ 278.099101][T16405] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.1'. [ 278.109601][T16405] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.1'. [ 278.120646][T16405] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.1'. [ 278.120991][T16407] loop0: detected capacity change from 0 to 512 [ 278.131624][T16405] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.1'. [ 278.138693][T16407] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 278.153610][T16407] EXT4-fs (loop0): orphan cleanup on readonly fs [ 278.161402][T16407] EXT4-fs warning (device loop0): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 278.176819][T16407] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 278.183889][T16407] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor.0: bg 0: block 40: padding at end of block bitmap is not set [ 278.199202][T16407] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 278.209639][T16412] loop3: detected capacity change from 0 to 256 [ 278.209822][T16407] EXT4-fs (loop0): 1 truncate cleaned up [ 278.222026][T16407] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 278.227538][T16412] FAT-fs (loop3): Directory bread(block 64) failed [ 278.241049][T16412] FAT-fs (loop3): Directory bread(block 65) failed [ 278.246718][T16407] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz-executor.0: corrupted xattr block 31: invalid header [ 278.247908][T16412] FAT-fs (loop3): Directory bread(block 66) failed [ 278.262745][T16407] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=16 [ 278.267782][T16412] FAT-fs (loop3): Directory bread(block 67) failed [ 278.278467][T16407] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz-executor.0: corrupted xattr block 31: invalid header [ 278.283402][T16412] FAT-fs (loop3): Directory bread(block 68) failed [ 278.298354][T16407] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=16 [ 278.303256][T16412] FAT-fs (loop3): Directory bread(block 69) failed [ 278.313110][T16407] EXT4-fs error (device loop0): ext4_get_link:106: inode #16: comm syz-executor.0: bad symlink. [ 278.320943][T16412] FAT-fs (loop3): Directory bread(block 70) failed [ 278.333018][T16413] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz-executor.0: corrupted xattr block 31: invalid header [ 278.335598][T16412] FAT-fs (loop3): Directory bread(block 71) failed [ 278.335632][T16412] FAT-fs (loop3): Directory bread(block 72) failed [ 278.350782][T16413] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=16 [ 278.355546][T16412] FAT-fs (loop3): Directory bread(block 73) failed [ 278.377819][T16413] EXT4-fs error (device loop0): ext4_get_link:106: inode #16: comm syz-executor.0: bad symlink. [ 278.378043][ T5530] kworker/u8:13: attempt to access beyond end of device [ 278.378043][ T5530] loop3: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 278.416931][T12271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.469439][T16417] loop0: detected capacity change from 0 to 256 [ 278.477010][T16417] FAT-fs (loop0): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 278.505123][T13928] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.570031][T16421] loop4: detected capacity change from 0 to 512 [ 278.579944][T16421] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 278.590264][T16421] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 278.600878][T16421] EXT4-fs (loop4): 1 truncate cleaned up [ 278.607133][T16421] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.621150][T16421] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 278.653622][T13928] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.682946][T16436] loop0: detected capacity change from 0 to 256 [ 278.696139][T16436] FAT-fs (loop0): Directory bread(block 64) failed [ 278.707868][T16436] FAT-fs (loop0): Directory bread(block 65) failed [ 278.715493][T16436] FAT-fs (loop0): Directory bread(block 66) failed [ 278.722152][T16436] FAT-fs (loop0): Directory bread(block 67) failed [ 278.728831][T16436] FAT-fs (loop0): Directory bread(block 68) failed [ 278.735482][T16436] FAT-fs (loop0): Directory bread(block 69) failed [ 278.742269][T16436] FAT-fs (loop0): Directory bread(block 70) failed [ 278.748929][T16436] FAT-fs (loop0): Directory bread(block 71) failed [ 278.755667][T16436] FAT-fs (loop0): Directory bread(block 72) failed [ 278.762539][T16436] FAT-fs (loop0): Directory bread(block 73) failed [ 278.769687][T16441] sctp: [Deprecated]: syz-executor.4 (pid 16441) Use of int in max_burst socket option deprecated. [ 278.769687][T16441] Use struct sctp_assoc_value instead [ 278.791781][ T5533] kworker/u8:16: attempt to access beyond end of device [ 278.791781][ T5533] loop0: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 278.799814][T16441] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 278.822232][T16441] 8021q: adding VLAN 0 to HW filter on device team0 [ 278.832436][T16441] bond0: (slave team0): Enslaving as an active interface with an up link [ 278.957855][T16459] loop0: detected capacity change from 0 to 1024 [ 278.965062][T16459] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 278.976273][T16459] EXT4-fs (loop0): group descriptors corrupted! [ 279.022677][T16463] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 279.060468][T16465] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 279.062608][T16468] loop0: detected capacity change from 0 to 256 [ 279.077200][T16469] netlink: 'syz-executor.1': attribute type 27 has an invalid length. [ 279.090478][T16468] FAT-fs (loop0): Directory bread(block 64) failed [ 279.097350][T16468] FAT-fs (loop0): Directory bread(block 65) failed [ 279.103918][T16468] FAT-fs (loop0): Directory bread(block 66) failed [ 279.110691][T16468] FAT-fs (loop0): Directory bread(block 67) failed [ 279.136397][T16468] FAT-fs (loop0): Directory bread(block 68) failed [ 279.148930][T16468] FAT-fs (loop0): Directory bread(block 69) failed [ 279.161199][T16468] FAT-fs (loop0): Directory bread(block 70) failed [ 279.172188][T16468] FAT-fs (loop0): Directory bread(block 71) failed [ 279.188793][T16468] FAT-fs (loop0): Directory bread(block 72) failed [ 279.198605][T16469] bridge0: port 2(bridge_slave_1) entered disabled state [ 279.201398][T16468] FAT-fs (loop0): Directory bread(block 73) failed [ 279.206150][T16469] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.266768][ T5534] kworker/u8:17: attempt to access beyond end of device [ 279.266768][ T5534] loop0: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 279.391436][T16469] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 279.403899][T16469] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 279.453840][T16469] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.462867][T16469] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.471804][T16469] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.480757][T16469] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.502989][T16469] bond0: left allmulticast mode [ 279.518902][T16469] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 279.527999][T16469] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 279.536925][T16469] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 279.545882][T16469] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 279.560103][T16469] vxlan0: left promiscuous mode [ 279.590459][T16486] sctp: [Deprecated]: syz-executor.4 (pid 16486) Use of int in max_burst socket option deprecated. [ 279.590459][T16486] Use struct sctp_assoc_value instead [ 279.619887][T16474] 8021q: adding VLAN 0 to HW filter on device team0 [ 279.632106][T16474] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 279.655145][T16486] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 279.690531][T16494] loop1: detected capacity change from 0 to 256 [ 279.715761][T16494] FAT-fs (loop1): Directory bread(block 64) failed [ 279.728837][T16494] FAT-fs (loop1): Directory bread(block 65) failed [ 279.735489][T16494] FAT-fs (loop1): Directory bread(block 66) failed [ 279.742224][T16494] FAT-fs (loop1): Directory bread(block 67) failed [ 279.749146][T16494] FAT-fs (loop1): Directory bread(block 68) failed [ 279.755925][T16494] FAT-fs (loop1): Directory bread(block 69) failed [ 279.762803][T16494] FAT-fs (loop1): Directory bread(block 70) failed [ 279.769447][T16494] FAT-fs (loop1): Directory bread(block 71) failed [ 279.776500][T16494] FAT-fs (loop1): Directory bread(block 72) failed [ 279.783089][T16494] FAT-fs (loop1): Directory bread(block 73) failed [ 279.816904][T16504] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.3'. [ 279.826937][ T5530] kworker/u8:13: attempt to access beyond end of device [ 279.826937][ T5530] loop1: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 279.963017][T16526] sctp: [Deprecated]: syz-executor.1 (pid 16526) Use of int in max_burst socket option deprecated. [ 279.963017][T16526] Use struct sctp_assoc_value instead [ 279.994577][T16526] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 280.039970][T16533] loop3: detected capacity change from 0 to 256 [ 280.044964][T16536] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 280.049894][T16533] FAT-fs (loop3): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 280.107245][T16539] loop3: detected capacity change from 0 to 256 [ 280.115015][T16539] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 280.218535][T16551] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 280.228900][T16551] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.288051][T16551] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 280.296961][T16570] sctp: [Deprecated]: syz-executor.0 (pid 16570) Use of int in max_burst socket option deprecated. [ 280.296961][T16570] Use struct sctp_assoc_value instead [ 280.298350][T16551] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.332577][T16570] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 280.347015][T16570] 8021q: adding VLAN 0 to HW filter on device team0 [ 280.356130][T16570] bond0: (slave team0): Enslaving as an active interface with an up link [ 280.358662][ T5530] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:a8aa:aaff:feaa:aa17 error=-28 [ 280.393063][T16551] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 280.397147][T16575] sctp: [Deprecated]: syz-executor.1 (pid 16575) Use of int in maxseg socket option. [ 280.397147][T16575] Use struct sctp_assoc_value instead [ 280.403405][T16551] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.440894][T16578] loop0: detected capacity change from 0 to 256 [ 280.446144][T16580] loop1: detected capacity change from 0 to 256 [ 280.450463][T16578] FAT-fs (loop0): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 280.483846][T16551] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 280.494172][T16551] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.508244][T16585] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 280.562045][T16551] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 280.570362][T16551] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.581931][T16551] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 280.590217][T16551] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.601231][T16551] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 280.609469][T16551] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.620316][T16551] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 280.628575][T16551] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.638610][T16553] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 280.648445][T16553] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.653753][T16604] loop1: detected capacity change from 0 to 256 [ 280.673188][T16604] FAT-fs (loop1): Directory bread(block 64) failed [ 280.679863][T16604] FAT-fs (loop1): Directory bread(block 65) failed [ 280.686474][T16604] FAT-fs (loop1): Directory bread(block 66) failed [ 280.693014][T16604] FAT-fs (loop1): Directory bread(block 67) failed [ 280.699561][T16604] FAT-fs (loop1): Directory bread(block 68) failed [ 280.706131][T16604] FAT-fs (loop1): Directory bread(block 69) failed [ 280.712998][T16604] FAT-fs (loop1): Directory bread(block 70) failed [ 280.720980][T16553] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 280.721705][T16604] FAT-fs (loop1): Directory bread(block 71) failed [ 280.730828][T16553] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.739036][T16604] FAT-fs (loop1): Directory bread(block 72) failed [ 280.753566][T16604] FAT-fs (loop1): Directory bread(block 73) failed [ 280.808058][T16553] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 280.817961][T16553] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.834862][T16608] loop1: detected capacity change from 0 to 1024 [ 280.879604][T16553] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 280.889492][T16553] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.945982][T16612] loop1: detected capacity change from 0 to 256 [ 280.953959][T16612] FAT-fs (loop1): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 281.047904][T16628] loop4: detected capacity change from 0 to 256 [ 281.055175][T16628] FAT-fs (loop4): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 281.120873][T16635] sctp: [Deprecated]: syz-executor.0 (pid 16635) Use of int in max_burst socket option deprecated. [ 281.120873][T16635] Use struct sctp_assoc_value instead [ 281.148615][T16635] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 281.240250][T16643] tun0: tun_chr_ioctl cmd 1074025676 [ 281.245667][T16643] tun0: owner set to 536871360 [ 281.266038][T16645] loop1: detected capacity change from 0 to 256 [ 281.273937][T16645] FAT-fs (loop1): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 281.275867][T16647] tun0: tun_chr_ioctl cmd 1074025676 [ 281.287635][T16647] tun0: owner set to 536871360 [ 281.358342][T16653] autofs4:pid:16653:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.1280), cmd(0xc0189374) [ 281.371842][T16653] autofs4:pid:16653:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189374) [ 281.399382][T16655] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 281.493839][T16660] loop4: detected capacity change from 0 to 256 [ 281.882972][T16646] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 281.894300][T16646] CPU: 0 PID: 16646 Comm: syz-executor.0 Not tainted 6.10.0-rc2-syzkaller-00269-g96e09b8f8166 #0 [ 281.904919][T16646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 281.914969][T16646] Call Trace: [ 281.918241][T16646] [ 281.921164][T16646] dump_stack_lvl+0xf2/0x150 [ 281.925763][T16646] dump_stack+0x15/0x20 [ 281.930025][T16646] dump_header+0x83/0x2d0 [ 281.934344][T16646] oom_kill_process+0x33e/0x4c0 [ 281.939184][T16646] out_of_memory+0x9af/0xbe0 [ 281.943762][T16646] mem_cgroup_out_of_memory+0x13e/0x190 [ 281.949302][T16646] try_charge_memcg+0x745/0xcd0 [ 281.954242][T16646] ? _raw_spin_unlock+0x26/0x50 [ 281.959090][T16646] ? radix_tree_lookup+0xf9/0x150 [ 281.964192][T16646] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 281.970253][T16646] __read_swap_cache_async+0x2b9/0x520 [ 281.975712][T16646] swap_cluster_readahead+0x276/0x3f0 [ 281.981143][T16646] swapin_readahead+0xe2/0x7a0 [ 281.985900][T16646] ? __filemap_get_folio+0x420/0x5b0 [ 281.991262][T16646] ? swap_cache_get_folio+0x6e/0x210 [ 281.996598][T16646] do_swap_page+0x3bc/0x1840 [ 282.001222][T16646] ? cgroup_rstat_updated+0x99/0x550 [ 282.006572][T16646] ? __rcu_read_lock+0x36/0x50 [ 282.011385][T16646] handle_mm_fault+0x809/0x2a80 [ 282.016283][T16646] ? mas_walk+0x204/0x320 [ 282.020647][T16646] exc_page_fault+0x3b9/0x650 [ 282.025343][T16646] asm_exc_page_fault+0x26/0x30 [ 282.030234][T16646] RIP: 0033:0x7fde342fafb4 [ 282.034683][T16646] Code: 69 3d 04 e7 ca 00 e8 03 00 00 48 8d 1d e5 cf 17 00 e8 50 5f 04 00 eb 12 66 0f 1f 44 00 00 48 81 c3 d0 00 00 00 48 39 eb 74 bb <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df e8 87 f0 ff ff eb [ 282.054279][T16646] RSP: 002b:00007ffcf46795a0 EFLAGS: 00010202 [ 282.060377][T16646] RAX: 0000000000000000 RBX: 00007fde34477f80 RCX: 0000000000000000 [ 282.068348][T16646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555938cf788 [ 282.076422][T16646] RBP: 00007fde34479980 R08: 0000000000000000 R09: 7fffffffffffffff [ 282.084380][T16646] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000044fbe [ 282.092346][T16646] R13: 00007fde34477f8c R14: 0000000000000032 R15: 00007fde34479980 [ 282.100381][T16646] [ 282.103861][T16646] memory: usage 307200kB, limit 307200kB, failcnt 1759 [ 282.111161][T16646] memory+swap: usage 307568kB, limit 9007199254740988kB, failcnt 0 [ 282.111398][ T29] kauditd_printk_skb: 1666 callbacks suppressed [ 282.111409][ T29] audit: type=1326 audit(1717826741.047:15615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16667 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78cf2cef69 code=0x7ffc0000 [ 282.119087][T16646] kmem: usage 307160kB, limit 9007199254740988kB, failcnt 0 [ 282.119100][T16646] Memory cgroup stats for /syz0: [ 282.119257][T16646] cache 24576 [ 282.165011][T16646] rss 8192 [ 282.168053][T16646] shmem 0 [ 282.170981][T16646] mapped_file 0 [ 282.174513][T16646] dirty 20480 [ 282.177802][T16646] writeback 8192 [ 282.181341][T16646] workingset_refault_anon 630 [ 282.186054][T16646] workingset_refault_file 41 [ 282.190754][T16646] swap 376832 [ 282.194031][T16646] swapcached 12288 [ 282.197821][T16646] pgpgin 245449 [ 282.198940][ T29] audit: type=1326 audit(1717826741.087:15616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16667 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f78cf2cef69 code=0x7ffc0000 [ 282.201260][T16646] pgpgout 245439 [ 282.201267][T16646] pgfault 304034 [ 282.201274][T16646] pgmajfault 182 [ 282.201280][T16646] inactive_anon 0 [ 282.201286][T16646] active_anon 0 [ 282.201293][T16646] inactive_file 4096 [ 282.225353][ T29] audit: type=1326 audit(1717826741.097:15617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16667 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78cf2cef69 code=0x7ffc0000 [ 282.228914][T16646] active_file 24576 [ 282.232433][ T29] audit: type=1326 audit(1717826741.097:15618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16667 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f78cf2cef69 code=0x7ffc0000 [ 282.235942][T16646] unevictable 0 [ 282.239564][ T29] audit: type=1326 audit(1717826741.097:15619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16667 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78cf2cef69 code=0x7ffc0000 [ 282.243003][T16646] hierarchical_memory_limit 314572800 [ 282.246887][ T29] audit: type=1326 audit(1717826741.097:15620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16667 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f78cf2cef69 code=0x7ffc0000 [ 282.246910][ T29] audit: type=1326 audit(1717826741.097:15621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16667 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78cf2cef69 code=0x7ffc0000 [ 282.246932][ T29] audit: type=1326 audit(1717826741.097:15622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16667 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f78cf2cef69 code=0x7ffc0000 [ 282.271397][T16646] hierarchical_memsw_limit 9223372036854771712 [ 282.275181][ T29] audit: type=1326 audit(1717826741.117:15623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16667 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78cf2cef69 code=0x7ffc0000 [ 282.299206][T16646] total_cache 24576 [ 282.299214][T16646] total_rss 8192 [ 282.299221][T16646] total_shmem 0 [ 282.302653][ T29] audit: type=1326 audit(1717826741.117:15624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16667 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f78cf2cef69 code=0x7ffc0000 [ 282.326692][T16646] total_mapped_file 0 [ 282.326700][T16646] total_dirty 20480 [ 282.326706][T16646] total_writeback 8192 [ 282.326714][T16646] total_workingset_refault_anon 630 [ 282.486821][T16646] total_workingset_refault_file 41 [ 282.492013][T16646] total_swap 376832 [ 282.495811][T16646] total_swapcached 12288 [ 282.500068][T16646] total_pgpgin 245449 [ 282.504061][T16646] total_pgpgout 245439 [ 282.508139][T16646] total_pgfault 304034 [ 282.512278][T16646] total_pgmajfault 182 [ 282.516392][T16646] total_inactive_anon 0 [ 282.520848][T16646] total_active_anon 0 [ 282.524842][T16646] total_inactive_file 4096 [ 282.529265][T16646] total_active_file 24576 [ 282.533594][T16646] total_unevictable 0 [ 282.537572][T16646] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16646,uid=0 [ 282.553002][T16646] Memory cgroup out of memory: Killed process 16646 (syz-executor.0) total-vm:46440kB, anon-rss:548kB, file-rss:8996kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 282.729435][T16676] loop4: detected capacity change from 0 to 256 [ 282.736845][T16676] FAT-fs (loop4): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 282.777206][T16681] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 282.873727][T16688] loop1: detected capacity change from 0 to 256 [ 282.898495][T16696] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 282.930029][T16688] loop1: detected capacity change from 0 to 256 [ 282.948983][T16688] FAT-fs (loop1): Directory bread(block 64) failed [ 282.955566][T16688] FAT-fs (loop1): Directory bread(block 65) failed [ 282.963662][T16688] FAT-fs (loop1): Directory bread(block 66) failed [ 282.970220][T16688] FAT-fs (loop1): Directory bread(block 67) failed [ 282.976895][T16688] FAT-fs (loop1): Directory bread(block 68) failed [ 282.983471][T16688] FAT-fs (loop1): Directory bread(block 69) failed [ 282.990302][T16688] FAT-fs (loop1): Directory bread(block 70) failed [ 282.997640][T16688] FAT-fs (loop1): Directory bread(block 71) failed [ 283.004147][T16688] FAT-fs (loop1): Directory bread(block 72) failed [ 283.010866][T16688] FAT-fs (loop1): Directory bread(block 73) failed [ 283.027484][T16688] syz-executor.1: attempt to access beyond end of device [ 283.027484][T16688] loop1: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 283.065893][T16704] loop0: detected capacity change from 0 to 1024 [ 283.108700][T16704] syzkaller1: entered promiscuous mode [ 283.114367][T16704] syzkaller1: entered allmulticast mode [ 283.123917][T16704] dccp_invalid_packet: P.type (CLOSEREQ) not Data || [Data]Ack, while P.X == 0 [ 283.309189][T16724] netlink: 932 bytes leftover after parsing attributes in process `syz-executor.4'. [ 283.425311][T16726] loop4: detected capacity change from 0 to 1024 [ 283.432625][T16726] EXT4-fs: Ignoring removed oldalloc option [ 283.438663][T16726] EXT4-fs: Ignoring removed i_version option [ 283.444681][T16726] ext4: Unknown parameter 'user_x' [ 284.106606][T16748] loop1: detected capacity change from 0 to 1024 [ 284.151315][T16748] syzkaller1: entered promiscuous mode [ 284.156840][T16748] syzkaller1: entered allmulticast mode [ 284.218795][T16758] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'. [ 284.250095][T16762] loop1: detected capacity change from 0 to 1024 [ 284.409489][T16783] loop4: detected capacity change from 0 to 1024 [ 284.428701][T16783] syzkaller1: entered promiscuous mode [ 284.434189][T16783] syzkaller1: entered allmulticast mode [ 284.571217][T16800] tun0: tun_chr_ioctl cmd 1074025676 [ 284.576716][T16800] tun0: owner set to 536871360 [ 284.777667][T16817] loop1: detected capacity change from 0 to 1024 [ 285.070381][T16832] loop1: detected capacity change from 0 to 256 [ 285.078416][T16832] FAT-fs (loop1): Unrecognized mount option "dots"nodots" or missing value [ 285.143089][T16840] tipc: Started in network mode [ 285.148006][T16840] tipc: Node identity 02b53a02c3b8, cluster identity 4711 [ 285.155154][T16840] tipc: Enabled bearer , priority 0 [ 285.171595][T16845] loop1: detected capacity change from 0 to 1024 [ 285.195717][T16840] loop0: detected capacity change from 0 to 8192 [ 285.236610][T16840] loop0: p1 < > p2 p3 < p5 p6 > p4 [ 285.241826][T16840] loop0: partition table partially beyond EOD, truncated [ 285.249831][T16840] loop0: p1 start 277760 is beyond EOD, truncated [ 285.256273][T16840] loop0: p2 start 6684676 is beyond EOD, truncated [ 285.263568][T16840] loop0: p5 start 6684676 is beyond EOD, truncated [ 285.282446][T16840] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 285.325068][T16849] sctp: [Deprecated]: syz-executor.1 (pid 16849) Use of int in max_burst socket option deprecated. [ 285.325068][T16849] Use struct sctp_assoc_value instead [ 285.351285][T16849] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 285.369695][T16852] loop0: detected capacity change from 0 to 256 [ 285.377027][T16852] FAT-fs (loop0): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 285.384706][T16854] loop1: detected capacity change from 0 to 256 [ 285.392865][T16854] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 285.431953][T16854] loop1: detected capacity change from 0 to 512 [ 285.436407][T16856] loop0: detected capacity change from 0 to 1024 [ 285.444811][T16854] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 285.453886][T16854] EXT4-fs (loop1): Couldn't mount because of unsupported optional features (800) [ 285.488129][T16861] cannot load conntrack support for proto=3 [ 285.511120][T16854] 9pnet_fd: Insufficient options for proto=fd [ 285.678223][T16873] 9pnet_fd: Insufficient options for proto=fd [ 285.684918][T16871] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 285.693114][T16871] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.0'. [ 286.146436][ T4813] tipc: Node number set to 3238869506 [ 286.443278][T16885] loop0: detected capacity change from 0 to 256 [ 286.446718][T16883] loop1: detected capacity change from 0 to 512 [ 286.458733][T16883] EXT4-fs (loop1): bad s_min_extra_isize: 65535 [ 286.470725][T16885] FAT-fs (loop0): Directory bread(block 64) failed [ 286.477592][T16885] FAT-fs (loop0): Directory bread(block 65) failed [ 286.484189][T16885] FAT-fs (loop0): Directory bread(block 66) failed [ 286.492298][T16885] FAT-fs (loop0): Directory bread(block 67) failed [ 286.501424][T16885] FAT-fs (loop0): Directory bread(block 68) failed [ 286.516399][T16885] FAT-fs (loop0): Directory bread(block 69) failed [ 286.532815][T16885] FAT-fs (loop0): Directory bread(block 70) failed [ 286.550291][T16885] FAT-fs (loop0): Directory bread(block 71) failed [ 286.551586][T16888] loop1: detected capacity change from 0 to 512 [ 286.567985][T16885] FAT-fs (loop0): Directory bread(block 72) failed [ 286.574689][T16888] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 286.586357][T16885] FAT-fs (loop0): Directory bread(block 73) failed [ 286.614323][T16888] EXT4-fs (loop1): 1 truncate cleaned up [ 286.629334][T16888] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 286.803830][T13070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.853301][T16897] tipc: Started in network mode [ 286.858213][T16897] tipc: Node identity fe8000000000000000000000000000aa, cluster identity 4711 [ 286.867136][T16897] tipc: Enabling of bearer rejected, failed to enable media [ 286.900473][T16899] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 286.991831][T16553] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 287.000196][T16553] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.012803][T16553] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 287.021157][T16553] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.032523][T16553] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 287.040820][T16553] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.051993][T16553] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 287.060349][T16553] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.143629][T16904] loop3: detected capacity change from 0 to 1024 [ 287.227557][ T29] kauditd_printk_skb: 1795 callbacks suppressed [ 287.227645][ T29] audit: type=1326 audit(1717826746.167:17420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16905 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73e7f1ff69 code=0x7ffc0000 [ 287.268682][ T29] audit: type=1326 audit(1717826746.197:17421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16905 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f73e7f1ff69 code=0x7ffc0000 [ 287.292798][ T29] audit: type=1326 audit(1717826746.197:17422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16905 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73e7f1ff69 code=0x7ffc0000 [ 287.317004][ T29] audit: type=1326 audit(1717826746.197:17423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16905 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f73e7f1ff69 code=0x7ffc0000 [ 287.341380][ T29] audit: type=1326 audit(1717826746.197:17424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16905 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73e7f1ff69 code=0x7ffc0000 [ 287.365561][ T29] audit: type=1326 audit(1717826746.197:17425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16905 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f73e7f1ff69 code=0x7ffc0000 [ 287.389699][ T29] audit: type=1326 audit(1717826746.197:17426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16905 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73e7f1ff69 code=0x7ffc0000 [ 287.413777][ T29] audit: type=1326 audit(1717826746.197:17427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16905 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f73e7f1ff69 code=0x7ffc0000 [ 287.437994][ T29] audit: type=1326 audit(1717826746.197:17428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16905 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73e7f1ff69 code=0x7ffc0000 [ 287.462059][ T29] audit: type=1326 audit(1717826746.197:17429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16905 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f73e7f1ff69 code=0x7ffc0000 [ 287.508920][T16916] loop4: detected capacity change from 0 to 256 [ 287.542841][T16921] loop4: detected capacity change from 0 to 256 [ 287.557972][T16921] FAT-fs (loop4): Directory bread(block 64) failed [ 287.564701][T16921] FAT-fs (loop4): Directory bread(block 65) failed [ 287.571407][T16921] FAT-fs (loop4): Directory bread(block 66) failed [ 287.578084][T16921] FAT-fs (loop4): Directory bread(block 67) failed [ 287.584805][T16921] FAT-fs (loop4): Directory bread(block 68) failed [ 287.591435][T16921] FAT-fs (loop4): Directory bread(block 69) failed [ 287.598043][T16921] FAT-fs (loop4): Directory bread(block 70) failed [ 287.604590][T16921] FAT-fs (loop4): Directory bread(block 71) failed [ 287.611178][T16921] FAT-fs (loop4): Directory bread(block 72) failed [ 287.617743][T16921] FAT-fs (loop4): Directory bread(block 73) failed [ 287.700539][T16933] loop0: detected capacity change from 0 to 7 [ 287.927064][T16941] loop1: detected capacity change from 0 to 8192 [ 288.049162][T16950] loop1: detected capacity change from 0 to 256 [ 288.055634][T16950] FAT-fs (loop1): Unrecognized mount option "˙˙0xffffffffffffffff˙˙˙˙˙" or missing value [ 288.224184][T16953] bond0: option fail_over_mac: unable to set because the bond device has slaves [ 288.309507][T16961] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8) [ 288.316110][T16961] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 288.323814][T16961] vhci_hcd vhci_hcd.0: Device attached [ 288.333323][T16962] vhci_hcd: connection closed [ 288.333520][ T5530] vhci_hcd: stop threads [ 288.342469][ T5530] vhci_hcd: release socket [ 288.346911][ T5530] vhci_hcd: disconnect device [ 288.429732][T16971] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 288.454947][T16977] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 288.522273][T16981] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 288.600481][T16987] loop0: detected capacity change from 0 to 512 [ 288.621058][T16987] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.634554][T16987] ext4 filesystem being mounted at /root/syzkaller-testdir1495107334/syzkaller.F40Roi/397/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 288.710132][T12271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.764781][T17005] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 288.785780][T17013] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 288.898570][T17031] loop0: detected capacity change from 0 to 1024 [ 288.929079][T17031] syzkaller1: entered promiscuous mode [ 288.934627][T17031] syzkaller1: entered allmulticast mode [ 288.943096][T17031] dccp_invalid_packet: P.type (CLOSEREQ) not Data || [Data]Ack, while P.X == 0 [ 289.028536][T17046] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 289.080479][T17048] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 289.449017][T17075] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 289.487278][T17080] loop0: detected capacity change from 0 to 256 [ 289.501175][T17080] FAT-fs (loop0): Directory bread(block 64) failed [ 289.507852][T17080] FAT-fs (loop0): Directory bread(block 65) failed [ 289.514397][T17080] FAT-fs (loop0): Directory bread(block 66) failed [ 289.521028][T17080] FAT-fs (loop0): Directory bread(block 67) failed [ 289.527603][T17080] FAT-fs (loop0): Directory bread(block 68) failed [ 289.534113][T17080] FAT-fs (loop0): Directory bread(block 69) failed [ 289.541508][T17080] FAT-fs (loop0): Directory bread(block 70) failed [ 289.548104][T17080] FAT-fs (loop0): Directory bread(block 71) failed [ 289.548134][T17080] FAT-fs (loop0): Directory bread(block 72) failed [ 289.561124][T17080] FAT-fs (loop0): Directory bread(block 73) failed [ 289.588631][ T5530] kworker/u8:13: attempt to access beyond end of device [ 289.588631][ T5530] loop0: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 289.638431][T17092] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 289.650929][T17092] loop1: detected capacity change from 0 to 512 [ 289.668408][T17092] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.681595][T17092] ext4 filesystem being mounted at /root/syzkaller-testdir2926208911/syzkaller.neRnkV/374/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.698848][T17092] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #2: comm syz-executor.1: corrupted inode contents [ 289.711537][T17092] EXT4-fs error (device loop1): ext4_dirty_inode:5935: inode #2: comm syz-executor.1: mark_inode_dirty error [ 289.725110][T17092] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #2: comm syz-executor.1: corrupted inode contents [ 289.737437][T17092] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz-executor.1: mark_inode_dirty error [ 289.790558][T17092] sch_tbf: burst 0 is lower than device veth0_to_team mtu (1514) ! [ 289.804795][T13070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.024067][T17119] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 290.061809][T17126] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 290.063491][T17129] loop0: detected capacity change from 0 to 256 [ 290.068437][T17126] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 290.068590][T17126] vhci_hcd vhci_hcd.0: Device attached [ 290.087547][T17129] FAT-fs (loop0): Directory bread(block 64) failed [ 290.094714][T17129] FAT-fs (loop0): Directory bread(block 65) failed [ 290.099304][T17127] vhci_hcd: connection closed [ 290.101460][ T5534] vhci_hcd: stop threads [ 290.102914][T17129] FAT-fs (loop0): Directory bread(block 66) failed [ 290.106130][ T5534] vhci_hcd: release socket [ 290.106139][ T5534] vhci_hcd: disconnect device [ 290.126053][T17129] FAT-fs (loop0): Directory bread(block 67) failed [ 290.132687][T17129] FAT-fs (loop0): Directory bread(block 68) failed [ 290.139326][T17129] FAT-fs (loop0): Directory bread(block 69) failed [ 290.145935][T17129] FAT-fs (loop0): Directory bread(block 70) failed [ 290.152540][T17129] FAT-fs (loop0): Directory bread(block 71) failed [ 290.159174][T17129] FAT-fs (loop0): Directory bread(block 72) failed [ 290.165729][T17129] FAT-fs (loop0): Directory bread(block 73) failed [ 290.187461][ T5534] kworker/u8:17: attempt to access beyond end of device [ 290.187461][ T5534] loop0: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 290.562040][T17137] loop4: detected capacity change from 0 to 164 [ 290.571116][T17137] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 290.787371][T17157] loop1: detected capacity change from 0 to 512 [ 290.794747][T17157] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 290.805744][T17157] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor.1: bg 0: block 264: padding at end of block bitmap is not set [ 290.820544][T17157] EXT4-fs (loop1): Remounting filesystem read-only [ 290.827385][T17157] EXT4-fs (loop1): 1 truncate cleaned up [ 290.833834][T17157] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 290.846082][T17157] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 290.854904][T17157] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.869469][T17164] loop4: detected capacity change from 0 to 256 [ 290.885024][T17164] FAT-fs (loop4): Directory bread(block 64) failed [ 290.891653][T17164] FAT-fs (loop4): Directory bread(block 65) failed [ 290.898446][T17164] FAT-fs (loop4): Directory bread(block 66) failed [ 290.904969][T17164] FAT-fs (loop4): Directory bread(block 67) failed [ 290.913387][T17164] FAT-fs (loop4): Directory bread(block 68) failed [ 290.920034][T17164] FAT-fs (loop4): Directory bread(block 69) failed [ 290.926647][T17164] FAT-fs (loop4): Directory bread(block 70) failed [ 290.933358][T17164] FAT-fs (loop4): Directory bread(block 71) failed [ 290.940024][T17164] FAT-fs (loop4): Directory bread(block 72) failed [ 290.947139][T17164] FAT-fs (loop4): Directory bread(block 73) failed [ 290.950366][T17169] loop1: detected capacity change from 0 to 128 [ 290.973775][ T5534] kworker/u8:17: attempt to access beyond end of device [ 290.973775][ T5534] loop4: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 291.033530][T17175] loop4: detected capacity change from 0 to 2048 [ 291.066905][T17175] loop4: p1 < > p4 [ 291.071315][T17175] loop4: p4 size 8388608 extends beyond EOD, truncated [ 291.443549][T17201] loop1: detected capacity change from 0 to 256 [ 291.459852][T17201] FAT-fs (loop1): Directory bread(block 64) failed [ 291.469467][T17201] FAT-fs (loop1): Directory bread(block 65) failed [ 291.479137][T17201] FAT-fs (loop1): Directory bread(block 66) failed [ 291.485785][T17201] FAT-fs (loop1): Directory bread(block 67) failed [ 291.492483][T17201] FAT-fs (loop1): Directory bread(block 68) failed [ 291.500554][T17201] FAT-fs (loop1): Directory bread(block 69) failed [ 291.507797][T17201] FAT-fs (loop1): Directory bread(block 70) failed [ 291.514381][T17201] FAT-fs (loop1): Directory bread(block 71) failed [ 291.522330][T17201] FAT-fs (loop1): Directory bread(block 72) failed [ 291.528939][T17201] FAT-fs (loop1): Directory bread(block 73) failed [ 291.559808][ T5533] kworker/u8:16: attempt to access beyond end of device [ 291.559808][ T5533] loop1: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 291.700675][T17212] loop4: detected capacity change from 0 to 256 [ 291.708244][T17212] FAT-fs (loop4): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 291.765766][T17180] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 291.777104][T17180] CPU: 0 PID: 17180 Comm: syz-executor.0 Not tainted 6.10.0-rc2-syzkaller-00269-g96e09b8f8166 #0 [ 291.787604][T17180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 291.797782][T17180] Call Trace: [ 291.801049][T17180] [ 291.803968][T17180] dump_stack_lvl+0xf2/0x150 [ 291.808734][T17180] dump_stack+0x15/0x20 [ 291.812883][T17180] dump_header+0x83/0x2d0 [ 291.817199][T17180] oom_kill_process+0x33e/0x4c0 [ 291.822044][T17180] out_of_memory+0x9af/0xbe0 [ 291.826636][T17180] mem_cgroup_out_of_memory+0x13e/0x190 [ 291.832249][T17180] try_charge_memcg+0x745/0xcd0 [ 291.837177][T17180] ? _raw_spin_unlock+0x26/0x50 [ 291.842091][T17180] ? radix_tree_lookup+0xf9/0x150 [ 291.847134][T17180] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 291.853256][T17180] __read_swap_cache_async+0x2b9/0x520 [ 291.858720][T17180] swap_cluster_readahead+0x276/0x3f0 [ 291.864157][T17180] swapin_readahead+0xe2/0x7a0 [ 291.868928][T17180] ? __filemap_get_folio+0x420/0x5b0 [ 291.874262][T17180] ? swap_cache_get_folio+0x6e/0x210 [ 291.879543][T17180] do_swap_page+0x3bc/0x1840 [ 291.884204][T17180] ? cgroup_rstat_updated+0x99/0x550 [ 291.889558][T17180] ? __rcu_read_lock+0x36/0x50 [ 291.894354][T17180] handle_mm_fault+0x809/0x2a80 [ 291.899295][T17180] ? mas_walk+0x204/0x320 [ 291.903664][T17180] exc_page_fault+0x3b9/0x650 [ 291.908358][T17180] asm_exc_page_fault+0x26/0x30 [ 291.913211][T17180] RIP: 0033:0x7fde342faf8a [ 291.917638][T17180] Code: 31 d2 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d 12 ea 17 00 00 0f 8e 0c ff ff ff e8 9f 04 ff ff 49 39 c4 0f 82 6a 01 00 00 <69> 3d 04 e7 ca 00 e8 03 00 00 48 8d 1d e5 cf 17 00 e8 50 5f 04 00 [ 291.937298][T17180] RSP: 002b:00007ffcf46795a0 EFLAGS: 00010206 [ 291.943416][T17180] RAX: 0000000000047576 RBX: 00007fde34479980 RCX: 00000000000474a0 [ 291.951508][T17180] RDX: 00000000000000d6 RSI: 00007ffcf4679580 RDI: 0000000000000001 [ 291.959465][T17180] RBP: 00007fde34479980 R08: 000000000cca111a R09: 7fffffffffffffff [ 291.967422][T17180] R10: 00007fde3444e0b8 R11: 00007fde3444e080 R12: 000000000004764a [ 291.975413][T17180] R13: 00007fde34477f8c R14: 0000000000000032 R15: 00007fde34479980 [ 291.983380][T17180] [ 291.986505][T17180] memory: usage 307200kB, limit 307200kB, failcnt 2145 [ 291.993639][T17180] memory+swap: usage 307612kB, limit 9007199254740988kB, failcnt 0 [ 292.001558][T17180] kmem: usage 307164kB, limit 9007199254740988kB, failcnt 0 [ 292.008888][T17180] Memory cgroup stats for /syz0: [ 292.009273][T17180] cache 16384 [ 292.017466][T17180] rss 8192 [ 292.020537][T17180] shmem 0 [ 292.023473][T17180] mapped_file 0 [ 292.027021][T17180] dirty 0 [ 292.029933][T17180] writeback 16384 [ 292.033592][T17180] workingset_refault_anon 736 [ 292.038268][T17180] workingset_refault_file 46 [ 292.042829][T17180] swap 421888 [ 292.046085][T17180] swapcached 16384 [ 292.049858][T17180] pgpgin 249357 [ 292.053360][T17180] pgpgout 249348 [ 292.056908][T17180] pgfault 310154 [ 292.060441][T17180] pgmajfault 216 [ 292.063966][T17180] inactive_anon 0 [ 292.067596][T17180] active_anon 0 [ 292.071029][T17180] inactive_file 12288 [ 292.075036][T17180] active_file 8192 [ 292.078759][T17180] unevictable 0 [ 292.082211][T17180] hierarchical_memory_limit 314572800 [ 292.087573][T17180] hierarchical_memsw_limit 9223372036854771712 [ 292.093835][T17180] total_cache 16384 [ 292.097648][T17180] total_rss 8192 [ 292.101299][T17180] total_shmem 0 [ 292.104731][T17180] total_mapped_file 0 [ 292.108766][T17180] total_dirty 0 [ 292.112196][T17180] total_writeback 16384 [ 292.116399][T17180] total_workingset_refault_anon 736 [ 292.121607][T17180] total_workingset_refault_file 46 [ 292.126800][T17180] total_swap 421888 [ 292.130607][T17180] total_swapcached 16384 [ 292.134826][T17180] total_pgpgin 249357 [ 292.138845][T17180] total_pgpgout 249348 [ 292.142883][T17180] total_pgfault 310154 [ 292.147117][T17180] total_pgmajfault 216 [ 292.151166][T17180] total_inactive_anon 0 [ 292.155299][T17180] total_active_anon 0 [ 292.159405][T17180] total_inactive_file 12288 [ 292.163916][T17180] total_active_file 8192 [ 292.168263][T17180] total_unevictable 0 [ 292.172232][T17180] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17180,uid=0 [ 292.187575][T17180] Memory cgroup out of memory: Killed process 17180 (syz-executor.0) total-vm:46440kB, anon-rss:420kB, file-rss:8996kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 292.439885][T17225] loop0: detected capacity change from 0 to 512 [ 292.447476][T17225] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 292.467933][T17225] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor.0: bg 0: block 264: padding at end of block bitmap is not set [ 292.485968][T17225] EXT4-fs (loop0): Remounting filesystem read-only [ 292.494140][T17237] loop4: detected capacity change from 0 to 256 [ 292.500611][T17225] EXT4-fs (loop0): 1 truncate cleaned up [ 292.506911][T17225] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 292.519111][T17225] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 292.525353][T17237] FAT-fs (loop4): Directory bread(block 64) failed [ 292.533254][T17225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.543927][T17237] FAT-fs (loop4): Directory bread(block 65) failed [ 292.551003][T17237] FAT-fs (loop4): Directory bread(block 66) failed [ 292.558663][T17237] FAT-fs (loop4): Directory bread(block 67) failed [ 292.565486][T17237] FAT-fs (loop4): Directory bread(block 68) failed [ 292.572049][T17237] FAT-fs (loop4): Directory bread(block 69) failed [ 292.580362][T17237] FAT-fs (loop4): Directory bread(block 70) failed [ 292.588096][T17237] FAT-fs (loop4): Directory bread(block 71) failed [ 292.594867][T17237] FAT-fs (loop4): Directory bread(block 72) failed [ 292.603024][T17237] FAT-fs (loop4): Directory bread(block 73) failed [ 292.640906][ T5533] kworker/u8:16: attempt to access beyond end of device [ 292.640906][ T5533] loop4: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 292.711485][T17254] loop1: detected capacity change from 0 to 1024 [ 292.719296][T17254] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors [ 292.730152][T17254] EXT4-fs (loop1): group descriptors corrupted! [ 292.891368][T17275] loop0: detected capacity change from 0 to 512 [ 292.898014][T17275] ext4: Unknown parameter 'func' [ 293.064212][T17288] loop4: detected capacity change from 0 to 212 [ 293.179195][ T29] kauditd_printk_skb: 807 callbacks suppressed [ 293.179208][ T29] audit: type=1326 audit(1717826752.117:18237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17301 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 293.194560][T17307] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 293.212897][ T29] audit: type=1326 audit(1717826752.117:18238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17301 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 293.246040][ T29] audit: type=1326 audit(1717826752.117:18239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17301 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 293.270514][ T29] audit: type=1326 audit(1717826752.117:18240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17301 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 293.294808][ T29] audit: type=1326 audit(1717826752.117:18241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17301 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 293.318881][ T29] audit: type=1326 audit(1717826752.117:18242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17301 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 293.342992][ T29] audit: type=1326 audit(1717826752.117:18243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17301 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 293.345076][T17311] loop0: detected capacity change from 0 to 256 [ 293.367043][ T29] audit: type=1326 audit(1717826752.117:18244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17301 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 293.367071][ T29] audit: type=1326 audit(1717826752.117:18245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17301 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 293.367092][ T29] audit: type=1326 audit(1717826752.117:18246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17301 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde34340f69 code=0x7ffc0000 [ 293.377392][T17311] FAT-fs (loop0): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 293.594978][T17320] loop3: detected capacity change from 0 to 1764 [ 293.603486][T17320] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 293.612691][T17320] ISOFS: unable to read i-node block [ 293.618031][T17320] isofs_fill_super: get root inode failed [ 293.657565][T17329] loop4: detected capacity change from 0 to 256 [ 293.668923][T17329] FAT-fs (loop4): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 293.711894][T17331] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 293.750639][T17342] loop0: detected capacity change from 0 to 256 [ 293.762454][T17342] FAT-fs (loop0): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 293.922604][T17369] loop4: detected capacity change from 0 to 2048 [ 293.946310][T17376] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 293.954624][T17376] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.3'. [ 293.964169][T17376] bond0: entered promiscuous mode [ 293.969228][T17376] bond_slave_0: entered promiscuous mode [ 293.975063][T17376] bond_slave_1: entered promiscuous mode [ 293.980887][T17376] team0: entered promiscuous mode [ 293.985909][T17376] team_slave_0: entered promiscuous mode [ 293.991685][T17376] team_slave_1: entered promiscuous mode [ 293.998129][T17376] bridge0: port 3(bond0) entered blocking state [ 294.004461][T17376] bridge0: port 3(bond0) entered disabled state [ 294.011794][T17376] bond0: entered allmulticast mode [ 294.016999][T17376] bond_slave_0: entered allmulticast mode [ 294.022718][T17376] bond_slave_1: entered allmulticast mode [ 294.028528][T17376] team0: entered allmulticast mode [ 294.033636][T17376] team_slave_0: entered allmulticast mode [ 294.039376][T17376] team_slave_1: entered allmulticast mode [ 294.047709][T17376] bridge0: port 3(bond0) entered blocking state [ 294.054133][T17376] bridge0: port 3(bond0) entered forwarding state [ 294.064381][T17369] loop4: p1 < > p3 [ 294.071928][T17369] loop4: p3 size 134217728 extends beyond EOD, truncated [ 294.076483][T17380] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 294.101383][T17376] loop3: detected capacity change from 0 to 512 [ 294.109017][T17376] EXT4-fs: Ignoring removed oldalloc option [ 294.111722][T17380] syz_tun: entered promiscuous mode [ 294.114929][T17376] EXT4-fs: Ignoring removed i_version option [ 294.120208][T17380] syz_tun: entered allmulticast mode [ 294.131466][T17376] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 294.141394][T17380] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 294.160805][T17376] EXT4-fs (loop3): too many log groups per flexible block group [ 294.168712][T17376] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 294.188183][T17376] EXT4-fs (loop3): mount failed [ 294.317787][T17394] tmpfs: Unknown parameter 'hugeem_u:object_r:bsdpty_device_t:s0' [ 294.368212][T17398] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 294.377665][T17398] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. [ 294.461302][T17402] loop4: detected capacity change from 0 to 2048 [ 294.506968][T17402] loop4: p1 < > p3 [ 294.512150][T17402] loop4: p3 size 134217728 extends beyond EOD, truncated [ 294.612121][T17414] loop4: detected capacity change from 0 to 1024 [ 294.700217][T17420] loop1: detected capacity change from 0 to 1024 [ 294.736639][T17420] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 294.788856][T17418] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=17418 comm=syz-executor.3 [ 294.840438][T17425] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 294.850030][T17425] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. [ 294.932864][T17440] loop3: detected capacity change from 0 to 512 [ 295.032034][ T5530] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.117745][ T5530] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.157575][T17463] loop0: detected capacity change from 0 to 256 [ 295.184166][ T5530] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.212489][T17470] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 295.265242][ T5530] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.279879][T17479] loop0: detected capacity change from 0 to 256 [ 295.287259][T17479] FAT-fs (loop0): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 295.326193][T17456] chnl_net:caif_netlink_parms(): no params data found [ 295.335711][ T5530] bridge_slave_1: left allmulticast mode [ 295.341496][ T5530] bridge_slave_1: left promiscuous mode [ 295.347120][ T5530] bridge0: port 2(bridge_slave_1) entered disabled state [ 295.355860][ T5530] bridge_slave_0: left allmulticast mode [ 295.361541][ T5530] bridge_slave_0: left promiscuous mode [ 295.367172][ T5530] bridge0: port 1(bridge_slave_0) entered disabled state [ 295.534274][T13070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.559138][ T5530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 295.569860][ T5530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 295.581188][ T5530] bond0 (unregistering): (slave team0): Releasing backup interface [ 295.591047][ T5530] bond0 (unregistering): Released all slaves [ 295.611159][T17494] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 295.619889][T17494] bond0: (slave team0): Releasing backup interface [ 295.627494][T17494] batman_adv: batadv0: Adding interface: team0 [ 295.633689][T17494] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 295.643802][T17493] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 295.669019][T17456] bridge0: port 1(bridge_slave_0) entered blocking state [ 295.676056][T17456] bridge0: port 1(bridge_slave_0) entered disabled state [ 295.683315][T17456] bridge_slave_0: entered allmulticast mode [ 295.689844][T17456] bridge_slave_0: entered promiscuous mode [ 295.701069][T17456] bridge0: port 2(bridge_slave_1) entered blocking state [ 295.708275][T17456] bridge0: port 2(bridge_slave_1) entered disabled state [ 295.715496][T17456] bridge_slave_1: entered allmulticast mode [ 295.723286][T17456] bridge_slave_1: entered promiscuous mode [ 295.739879][T17456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 295.751628][ T5530] hsr_slave_0: left promiscuous mode [ 295.758703][ T5530] hsr_slave_1: left promiscuous mode [ 295.764597][ T5530] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 295.772141][ T5530] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 295.779905][ T5530] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 295.787446][ T5530] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 295.798223][T17506] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 295.809107][ T5530] veth1_macvtap: left promiscuous mode [ 295.814587][ T5530] veth0_macvtap: left promiscuous mode [ 295.820211][ T5530] veth1_vlan: left promiscuous mode [ 295.825468][ T5530] veth0_vlan: left promiscuous mode [ 295.921493][ T5530] team0 (unregistering): Port device team_slave_1 removed [ 295.932261][ T5530] team0 (unregistering): Port device team_slave_0 removed [ 295.938231][T17520] loop4: detected capacity change from 0 to 1024 [ 295.980327][T17456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 296.002088][T17456] team0: Port device team_slave_0 added [ 296.009904][T17456] team0: Port device team_slave_1 added [ 296.032320][T17456] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 296.039380][T17456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 296.065314][T17456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 296.136292][T17456] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 296.143364][T17456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 296.169618][T17456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 296.212537][T17456] hsr_slave_0: entered promiscuous mode [ 296.219065][T17456] hsr_slave_1: entered promiscuous mode [ 296.224944][T17456] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 296.232759][T17456] Cannot create hsr debugfs directory [ 296.302582][T17543] tipc: Failed to obtain node identity [ 296.308117][T17543] tipc: Enabling of bearer rejected, failed to enable media [ 296.406294][T17555] loop3: detected capacity change from 0 to 1024 [ 296.600074][T17562] netlink: 'syz-executor.1': attribute type 21 has an invalid length. [ 296.611845][T17562] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.1'. [ 296.621341][T17562] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 296.654809][T17456] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 296.665891][T17456] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 296.681223][T17456] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 296.699490][T17456] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 296.763489][T17456] 8021q: adding VLAN 0 to HW filter on device bond0 [ 296.778961][T17456] 8021q: adding VLAN 0 to HW filter on device team0 [ 296.791288][T10774] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.798392][T10774] bridge0: port 1(bridge_slave_0) entered forwarding state [ 296.818299][ T4813] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.825383][ T4813] bridge0: port 2(bridge_slave_1) entered forwarding state [ 296.845435][T17456] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 296.934244][T17456] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 296.953094][T17593] hsr_slave_0: left promiscuous mode [ 296.963801][T17530] syz-executor.4 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 296.975253][T17530] CPU: 1 PID: 17530 Comm: syz-executor.4 Not tainted 6.10.0-rc2-syzkaller-00269-g96e09b8f8166 #0 [ 296.985757][T17530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 296.995866][T17530] Call Trace: [ 296.999185][T17530] [ 297.002108][T17530] dump_stack_lvl+0xf2/0x150 [ 297.006705][T17530] dump_stack+0x15/0x20 [ 297.010896][T17530] dump_header+0x83/0x2d0 [ 297.015280][T17530] oom_kill_process+0x33e/0x4c0 [ 297.020137][T17530] out_of_memory+0x9af/0xbe0 [ 297.024733][T17530] mem_cgroup_out_of_memory+0x13e/0x190 [ 297.030393][T17530] try_charge_memcg+0x745/0xcd0 [ 297.035331][T17530] ? _raw_spin_unlock+0x26/0x50 [ 297.040164][T17530] ? radix_tree_lookup+0xf9/0x150 [ 297.045361][T17530] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 297.051448][T17530] __read_swap_cache_async+0x2b9/0x520 [ 297.056898][T17530] swap_cluster_readahead+0x276/0x3f0 [ 297.062373][T17530] swapin_readahead+0xe2/0x7a0 [ 297.067120][T17530] ? __filemap_get_folio+0x420/0x5b0 [ 297.072410][T17530] ? swap_cache_get_folio+0x6e/0x210 [ 297.077777][T17530] do_swap_page+0x3bc/0x1840 [ 297.082420][T17530] ? cgroup_rstat_updated+0x99/0x550 [ 297.087827][T17530] ? __rcu_read_lock+0x36/0x50 [ 297.092588][T17530] handle_mm_fault+0x809/0x2a80 [ 297.097429][T17530] ? mas_walk+0x204/0x320 [ 297.101761][T17530] exc_page_fault+0x3b9/0x650 [ 297.106438][T17530] asm_exc_page_fault+0x26/0x30 [ 297.111458][T17530] RIP: 0033:0x7f78cf28ac1e [ 297.115866][T17530] Code: 78 ff ff ff 80 3d b2 ca ca 00 00 48 89 d3 75 b3 44 0f b6 7c 24 0f 41 89 db 41 89 d8 44 8d 53 04 89 d8 89 c7 81 e7 ff 1f 00 00 <49> 8b 54 fd 00 4c 39 c2 74 a0 48 85 d2 0f 84 6f 01 00 00 83 c0 01 [ 297.135491][T17530] RSP: 002b:00007fffbff1db90 EFLAGS: 00010202 [ 297.141659][T17530] RAX: 000000008166da43 RBX: ffffffff8166da43 RCX: 000000000166d74a [ 297.149610][T17530] RDX: ffffffff8166d74a RSI: 0000000080000000 RDI: 0000000000001a43 [ 297.157569][T17530] RBP: 0000000000000005 R08: 000000008166da43 R09: 7fffffffffffffff [ 297.165582][T17530] R10: 000000008166da47 R11: 000000008166da43 R12: 00007f78cf406018 [ 297.173529][T17530] R13: 00007f78cf3f2000 R14: ffffffff8166d74a R15: 0000000000000001 [ 297.181483][T17530] ? __fdget+0xfa/0x110 [ 297.185700][T17530] ? __pfx_set_close_on_exec+0x3/0x10 [ 297.191148][T17530] ? __fdget+0xfa/0x110 [ 297.195300][T17530] [ 297.198576][T17530] memory: usage 307200kB, limit 307200kB, failcnt 3486 [ 297.205522][T17530] memory+swap: usage 307612kB, limit 9007199254740988kB, failcnt 0 [ 297.213439][T17530] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0 [ 297.220803][T17530] Memory cgroup stats for /syz4: [ 297.220985][T17530] cache 8192 [ 297.229120][T17530] rss 0 [ 297.231862][T17530] shmem 0 [ 297.234798][T17530] mapped_file 0 [ 297.238241][T17530] dirty 4096 [ 297.241476][T17530] writeback 0 [ 297.244796][T17530] workingset_refault_anon 1083 [ 297.249569][T17530] workingset_refault_file 1590 [ 297.254354][T17530] swap 434176 [ 297.257627][T17530] swapcached 0 [ 297.260991][T17530] pgpgin 346463 [ 297.264420][T17530] pgpgout 346460 [ 297.268007][T17530] pgfault 416030 [ 297.271588][T17530] pgmajfault 1907 [ 297.275196][T17530] inactive_anon 0 [ 297.278832][T17530] active_anon 0 [ 297.282340][T17530] inactive_file 0 [ 297.285962][T17530] active_file 12288 [ 297.289805][T17530] unevictable 0 [ 297.292541][T17602] loop3: detected capacity change from 0 to 1024 [ 297.293241][T17530] hierarchical_memory_limit 314572800 [ 297.304978][T17530] hierarchical_memsw_limit 9223372036854771712 [ 297.311224][T17530] total_cache 8192 [ 297.314935][T17530] total_rss 0 [ 297.318295][T17530] total_shmem 0 [ 297.321724][T17530] total_mapped_file 0 [ 297.325673][T17530] total_dirty 4096 [ 297.329391][T17530] total_writeback 0 [ 297.333207][T17530] total_workingset_refault_anon 1083 [ 297.338548][T17530] total_workingset_refault_file 1590 [ 297.343820][T17530] total_swap 434176 [ 297.347702][T17530] total_swapcached 0 [ 297.351591][T17530] total_pgpgin 346466 [ 297.355545][T17530] total_pgpgout 346463 [ 297.359595][T17530] total_pgfault 416041 [ 297.363633][T17530] total_pgmajfault 1907 [ 297.367852][T17530] total_inactive_anon 0 [ 297.371981][T17530] total_active_anon 0 [ 297.375942][T17530] total_inactive_file 0 [ 297.380097][T17530] total_active_file 12288 [ 297.384517][T17530] total_unevictable 0 [ 297.388596][T17530] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=17530,uid=0 [ 297.403844][T17530] Memory cgroup out of memory: Killed process 17530 (syz-executor.4) total-vm:46572kB, anon-rss:548kB, file-rss:9004kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 297.454887][T17593] hsr_slave_1: left promiscuous mode [ 297.542905][T17609] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 297.697522][T17456] veth0_vlan: entered promiscuous mode [ 297.705848][T17456] veth1_vlan: entered promiscuous mode [ 297.731843][T17456] veth0_macvtap: entered promiscuous mode [ 297.741690][T17456] veth1_macvtap: entered promiscuous mode [ 297.758433][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.769023][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.778893][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.789383][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.799335][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.809857][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.819688][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.830182][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.840041][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.850489][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.860324][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.870763][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.886478][T17456] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 297.906445][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.917013][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.926891][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.937328][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.947218][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.957642][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.967477][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.977952][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.987838][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.998258][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.008068][T17456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 298.018477][T17456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 298.021885][T17644] loop1: detected capacity change from 0 to 1024 [ 298.029948][T17456] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 298.052933][T17456] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.061692][T17456] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.070569][T17456] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.079382][T17456] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.200666][T17665] loop1: detected capacity change from 0 to 2048 [ 298.229664][T17672] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 298.239747][T17673] tipc: Can't bind to reserved service type 0 [ 298.248169][T17665] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 298.270464][T17681] IPVS: set_ctl: invalid protocol: 0 172.20.20.170:0 [ 298.299190][T17681] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 298.308734][T17681] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 298.343123][ T29] kauditd_printk_skb: 631 callbacks suppressed [ 298.343167][ T29] audit: type=1400 audit(1717826757.277:18878): avc: denied { listen } for pid=17683 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 298.398364][T17686] loop2: detected capacity change from 0 to 512 [ 298.402210][ T29] audit: type=1400 audit(1717826757.277:18879): avc: denied { read } for pid=17683 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 298.429080][T17686] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806c018, mo2=0103] [ 298.440677][T17686] System zones: 1-12 [ 298.444788][T17686] EXT4-fs error (device loop2): ext4_init_orphan_info:586: comm syz-executor.2: inode #0: comm syz-executor.2: iget: illegal inode # [ 298.469734][T17686] EXT4-fs (loop2): get orphan inode failed [ 298.475676][T17686] EXT4-fs (loop2): mount failed [ 298.530704][T17665] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 298.563052][T17665] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 28 [ 298.575674][T17665] EXT4-fs (loop1): This should not happen!! Data will be lost [ 298.575674][T17665] [ 298.585416][T17665] EXT4-fs (loop1): Total free blocks count 0 [ 298.591495][T17665] EXT4-fs (loop1): Free/Dirty block details [ 298.597406][T17665] EXT4-fs (loop1): free_blocks=2415919104 [ 298.603124][T17665] EXT4-fs (loop1): dirty_blocks=8208 [ 298.608497][T17665] EXT4-fs (loop1): Block reservation details [ 298.614503][T17665] EXT4-fs (loop1): i_reserved_data_blocks=513 [ 298.674390][T17697] loop4: detected capacity change from 0 to 1024 [ 298.684987][T17697] ext4: Unknown parameter '' [ 298.749866][ T63] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28 [ 298.782203][T17701] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.2'. [ 298.933497][T17714] loop2: detected capacity change from 0 to 256 [ 298.947095][T17711] loop1: detected capacity change from 0 to 1024 [ 298.951893][T17714] FAT-fs (loop2): Directory bread(block 64) failed [ 298.961551][T17714] FAT-fs (loop2): Directory bread(block 65) failed [ 298.968342][T17714] FAT-fs (loop2): Directory bread(block 66) failed [ 298.974956][T17714] FAT-fs (loop2): Directory bread(block 67) failed [ 298.983065][T17714] FAT-fs (loop2): Directory bread(block 68) failed [ 298.989782][T17714] FAT-fs (loop2): Directory bread(block 69) failed [ 298.998135][T17714] FAT-fs (loop2): Directory bread(block 70) failed [ 299.011383][T17714] FAT-fs (loop2): Directory bread(block 71) failed [ 299.019685][T17714] FAT-fs (loop2): Directory bread(block 72) failed [ 299.026792][T17714] FAT-fs (loop2): Directory bread(block 73) failed [ 299.035007][T17717] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 299.044395][T17717] netlink: 47 bytes leftover after parsing attributes in process `syz-executor.4'. [ 299.053705][T17717] netlink: 'syz-executor.4': attribute type 5 has an invalid length. [ 299.075351][T17717] 9pnet_fd: Insufficient options for proto=fd [ 299.095113][ T63] kworker/u8:4: attempt to access beyond end of device [ 299.095113][ T63] loop2: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 299.135161][T17721] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 299.270742][T17739] netlink: 388 bytes leftover after parsing attributes in process `syz-executor.4'. [ 299.325010][T17739] Cannot find add_set index 0 as target [ 299.336555][ T29] audit: type=1326 audit(1717826758.277:18880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17738 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f78cf2cef69 code=0x0 [ 299.364485][ T29] audit: type=1326 audit(1717826758.297:18881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17740 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce2b6f69 code=0x7ffc0000 [ 299.389507][ T29] audit: type=1326 audit(1717826758.297:18882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17740 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce2b6f69 code=0x7ffc0000 [ 299.413779][ T29] audit: type=1326 audit(1717826758.297:18883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17740 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12ce2b6f69 code=0x7ffc0000 [ 299.438530][ T29] audit: type=1326 audit(1717826758.377:18884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17740 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce2b6f69 code=0x7ffc0000 [ 299.462654][ T29] audit: type=1326 audit(1717826758.377:18885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17740 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce2b6f69 code=0x7ffc0000 [ 299.498747][ T29] audit: type=1326 audit(1717826758.427:18886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17740 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12ce2b6f69 code=0x7ffc0000 [ 299.522934][ T29] audit: type=1326 audit(1717826758.427:18887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17740 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce2b6f69 code=0x7ffc0000 [ 299.759124][T17751] loop0: detected capacity change from 0 to 1024 [ 300.000176][T17759] loop0: detected capacity change from 0 to 512 [ 300.022881][T17759] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 300.045966][T17759] ext4 filesystem being mounted at /root/syzkaller-testdir1495107334/syzkaller.F40Roi/469/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 300.093523][T17759] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4117: comm syz-executor.0: Allocating blocks 18-19 which overlap fs metadata [ 300.155979][ T4823] ================================================================== [ 300.164069][ T4823] BUG: KCSAN: data-race in p9_conn_cancel / p9_read_work [ 300.171089][ T4823] [ 300.173395][ T4823] write to 0xffff888148981428 of 4 bytes by task 4813 on cpu 1: [ 300.181006][ T4823] p9_conn_cancel+0x89/0x400 [ 300.185586][ T4823] p9_write_work+0x3ac/0x750 [ 300.190163][ T4823] process_scheduled_works+0x483/0x9a0 [ 300.195606][ T4823] worker_thread+0x526/0x730 [ 300.200183][ T4823] kthread+0x1d1/0x210 [ 300.204239][ T4823] ret_from_fork+0x4b/0x60 [ 300.208639][ T4823] ret_from_fork_asm+0x1a/0x30 [ 300.213392][ T4823] [ 300.215697][ T4823] read to 0xffff888148981428 of 4 bytes by task 4823 on cpu 0: [ 300.223219][ T4823] p9_read_work+0x34/0x8d0 [ 300.227627][ T4823] process_scheduled_works+0x483/0x9a0 [ 300.233071][ T4823] worker_thread+0x526/0x730 [ 300.237646][ T4823] kthread+0x1d1/0x210 [ 300.241704][ T4823] ret_from_fork+0x4b/0x60 [ 300.246101][ T4823] ret_from_fork_asm+0x1a/0x30 [ 300.250853][ T4823] [ 300.253174][ T4823] value changed: 0x00000000 -> 0xffffffe0 [ 300.258870][ T4823] [ 300.261172][ T4823] Reported by Kernel Concurrency Sanitizer on: [ 300.267299][ T4823] CPU: 0 PID: 4823 Comm: kworker/0:8 Not tainted 6.10.0-rc2-syzkaller-00269-g96e09b8f8166 #0 [ 300.277429][ T4823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 300.287467][ T4823] Workqueue: events p9_read_work [ 300.292395][ T4823] ================================================================== 2024/06/08 06:05:59 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 300.307101][T12271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.