last executing test programs: 2.676573856s ago: executing program 0 (id=9630): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) open_tree(0xffffffffffffff9c, 0x0, 0x80000) 2.560562677s ago: executing program 0 (id=9632): stat(&(0x7f0000000340)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) prlimit64(0x0, 0xd, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0) fcntl$lock(r4, 0x25, &(0x7f0000002380)) preadv(r4, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4081, 0xff1}], 0x1, 0x2, 0x3) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000010c0)='ext4_sync_file_enter\x00', r0}, 0x18) pipe2$9p(0x0, 0x4880) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000001540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32, @ANYBLOB="0300001601000000"], 0x38}}, 0x0) r6 = syz_open_procfs$namespace(r1, &(0x7f00000006c0)='ns/pid\x00') ioctl$BTRFS_IOC_SCRUB_CANCEL(r6, 0x941c, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000c80)=ANY=[@ANYBLOB="480000001000390427bd7000e9ffffff000003e4", @ANYRES32=r5, @ANYBLOB="00000000000000002800128008000100736974001c00028008000200ac14141005000900290000f70700140005"], 0x48}, 0x1, 0x0, 0x0, 0x80e1}, 0x4008040) 1.89812132s ago: executing program 2 (id=9643): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xf, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18) mkdir(0x0, 0x0) 1.770295621s ago: executing program 2 (id=9645): seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, &(0x7f0000000040)) setresuid(0xee00, 0x0, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ipvlan0\x00'}) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES32=r0], 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000001b80)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00", @ANYBLOB="1800000000008000000000000000000018", @ANYRESDEC=r1, @ANYBLOB="fd9ac1ab76642d02d44772d58315e8e4729c087657b54cf8062f7be0c65119d7a2679e9b247b8209a2adb42c389626da823210a5f0aabc3efdc5c106315c8703d1d683509a0463df80dd9ae1354cc48665753847126c8cda89ab90ed0986cbfe7265cbdcf2ef003a977822cd389bb5ab2c0664d3efa8dea7a6d8fd8a9ef58b412bf9e3ae378c30024303a2ded70296129078de8792bb125883f5e2925ddb64300ae0e54c4e4a327e8fff32fc682a518c92438d6f0f1dbac7dfcc3a6606c989baad65da7b92a8f64489b98e661f6a69ab606c43f02f03c04d280bd5c3ee2dab2744a5d03f879c90902a19eff63287ef79a41888dd6f179a1e9477838b7361c1b3db48abb9118d02d7367d13b8f79b11282a82e6538ee781922b78a249476b5f935be61346c58c5485cb005eb77dd4b46a00ee50fe81bdeb15c99b4e647f318fa9ba8cabb72e1e5ad1ff964d03276099cc4a6973bf26a263fbb124bf47dc49a52e257d8256f210329d6778fdf682098c7b36e46fa940cc493ff7f1b993796fc7b615f27d51762b05fe0bef7bf1c41c00a80c98f7c00d7c21bfb82bcf4562a9255699a50a9c8c1b4afe9b11a9341555578bf376a086a185f9fd7daade6562557b7a2964a0c474281c1088ecaec24b6a69a153b12d2941f60808b497a430673b39bf4d00408910a5e5be740d9ca13496613d1173ed27ffe1cf75cd8a96daa5aa244655e466cb6d0368442f4804f4180474bf44a86c7cc17ddf9bac1244332167950882f6b133f654e9cfe0cd2c3d1f3d8a0eb71dd3b6552bb928634291c8cbd8f5f000e72d8d95fb579556b2b83c7a0536110457a43f3b413404f06571a88399b696670c15ea2354a4374323f9435cc52e17ca2df3da0b3f0839cde259c4479ce02ee2d4809324c2d5ececac1df22a9f4949e926986efb336903c3cdf6ac4d4b20d27e8fe992c5715ca29d520d049227308bcbd1ec1c0818f5d4aa2cfeb2bae153caf0be529275a1bf9176a07816011800a7808d388f6c52d0c3e986774cb7d6ac959a375f65b671f84c0b56767c33fd4dca372b87d24423fe69b456a0f97d98c76b1df6c03c7132605f74ff87ff04f736b78ae35475e827ca48106aae0bbea2be21241e23fe24b7c169543a79649e8b12f575c5e7e037b7a211dab6901b6acb64cfb4885c5a52e6bbe3425338c350bb529a0989c59ca52f19ec0cd93e2b9e3bb9125ab011b5cc3d196a81031e684495c1e0194e5fa3d1a5e7d0afe66d41aebc598afedd74b96660c4d33a2c99d799fb06e11d33d2015010d89e873b119d23ba4903d695ddc68d5504689910d01d0ce6186a3cf24e0f35286d0ec65c9aea4e375556084e28de2c3bb65d4da82281bb475c8aaf5f67935fbfe1b7822f34f285c8ce169afedfaeba7250dbb264773b69b87fb82e92f86de2d831b177db9bd8265854e76f42c814ed8f229a7a5d8bb54fd524bae2be7d61c16b2fde095265ea5480715f1c2aa8c89e05385335be2cfa76274312d3524865f52dbf7501f96be19fd84a60f5b54ef8861c75171f7758c5b2cb087542a1af5c3c215c886ed92dde6d7501a87f705432a00d73493411cd573012fbfdbac62cd332acd8c57cc6373fd0d99d43d7ca8256f8ba74c89ddc238d7e39cb10a7d193cae41f892816ccf465b08fec07c84ac067fda7a52e513f788ba25acc4e5b7ad41808c15af5ce0bb953b6c37d807651dc7264da60b032c0a0f6b07c4e1f83fb28331e3575833fa66c691d9c753f5f2ff38c5534acce649f215f92ce12b83c326cdae2247514a9a811c587898afd471725bddf3e7ace0485df2dff57e31fb85c5ed12de363ccc7780f4696a3a015783551f30381fca57e826966025528f1ed54ba141b6ec822daac0be4d022bddd4932b7fed7ed79cbcb77759fdfeda2828c7d88931b84852a6ec071d55e7937266c02de218e9c80d088f6d832d5a42c8c8bd3e53c5a6b5584b3e21d8bf9ef34201bdec5518af3162c00f62ad6cbe2cf1209beabb90d9bcc4f7e2ef78d58e3087f98032ce6b19f03cb7b4e8f44200229f6908de766971694b2088f6b17c75b6d26fe6d30a156212bdbf9ec74fde978a397ced6f5ae174caa0f969f014fb309064dfdf8b58e94e308b0afd87d0665247d92723130439d2ed3330a753c4519dcd2e84d19f9f930e68c0f2579c61daca0f4c6ef96275ae64c4d412b9e702d6455adec6de03b8b0de340b175e9f9cb8df32d4f75e0c8b0b3e4397ed5b374ef2fd16bc2efcc0374876c4a7a8652e7749c50daeb6f41a099d6089ff1a767509cf833d412c4549276233e1fff87f976c0ab823319e4e9649f8cbe7a8a23ede02db2470349b6339c844193be8a42e0dd93b33c0107726344ba7f4a6918266cd7caae1543c4c858b631d683b3ecc6d7f3a95861594b21485f68080d2872a4a82dfdba22aaa966e4c087730a60c8c4d6e79b29c25928ec2b40634e2fe7a8a2302c44d787bc7b62502dee698c1447ebb92c80887e1aad1e91c299ae1d0b1e7ca43e2e95522b46dd33992eeb435d25738200dfa0e52a2e63223201bb8adb5b1bdecd7ce029206b18cc098c3446fc7f01cb9520aab37531e8961459c082677f57e253176802328c7e686d1ee45fb39d1df71206be4289a8f55ca7e598fd80f32398176ffe274d220394ff7fd850d6a376879550f3dc538c6e2226bf59870be678973f0d634b97ac4e35dd67218963f90c8d54e382da39f19d7048b8f209b599364ec5aeb5701a4a3929621ba7f816358f9b0bb6b75197cf4251ebd2b65cad21ac37ac52229087c5"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x800) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) write$P9_RGETLOCK(r4, &(0x7f0000000040)=ANY=[], 0xffffff6a) r6 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IMADDTIMER(r6, 0x80044940, &(0x7f0000000000)) pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10) tee(r3, r7, 0xfffffffffffffc01, 0x0) tee(r3, r7, 0x60000000000, 0x0) 1.644683962s ago: executing program 3 (id=9646): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000280), 0x1, 0x76a, &(0x7f0000001b00)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000700850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file3\x00', 0x147142, 0x0) sendfile(r2, r2, 0x0, 0x7a680000) 1.563009102s ago: executing program 4 (id=9648): write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="8fcacb7907051175f37538e486dd6300800701082c00db5b686158bbcfe8875a060300000023000000000000000000000000ac1414aa"], 0xfdef) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100001f00702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r2}, 0x18) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486dd6372ce22fdb932"], 0xfdef) 1.540546482s ago: executing program 3 (id=9649): socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000002000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x0, 0x0}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x2c62d072e92708f0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r1, r0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r3}, 0x10) cachestat(r2, &(0x7f0000000040), 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setsig(r4, 0xa, 0x13) fcntl$setlease(r4, 0x400, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f00000002c0)={'hsr0\x00', @broadcast}) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=0x0) timer_settime(r5, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) finit_module(r4, &(0x7f0000000080)='\x00', 0x1) r6 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syncfs(r6) setsockopt$inet_udp_encap(r6, 0x11, 0x64, &(0x7f0000000000)=0x3, 0x4) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0xfc, 0x11, 0x0, @private=0xa010101, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000200000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18) r8 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020301033500000027bd7000fedbdf2513"], 0x1a8}}, 0x50) timer_settime(r5, 0x0, &(0x7f0000000180)={{0x77359400}}, 0x0) 1.496083822s ago: executing program 3 (id=9650): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000280), 0x1, 0x76a, &(0x7f0000001b00)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000700850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file3\x00', 0x147142, 0x0) sendfile(r2, r2, 0x0, 0x7a680000) 1.357220633s ago: executing program 3 (id=9651): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r2, &(0x7f0000000000)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x4, 0x1, 0x3, 0x3e, 0x0, 0x3, 0x40, 0x198, 0x0, 0x0, 0x38, 0x1, 0x0, 0x2}, [{0x3, 0x2, 0x2, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffffe}]}, 0x78) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) 1.296492793s ago: executing program 3 (id=9652): socket$inet_sctp(0x2, 0x400000000001, 0x84) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8982, &(0x7f0000000000)={0x3, 'pim6reg\x00', {0x141f}, 0x9342}) r3 = syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x12b}, &(0x7f0000000240), &(0x7f0000000300)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000580)={0x0, 0x25b0}, &(0x7f0000000040)=0x0, &(0x7f0000000180)) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r6}, 0x10) r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_NEXT_CMD_LEN(r7, 0x2283, &(0x7f0000000380)=0x3) r8 = fcntl$dupfd(r7, 0x0, r7) write$sndseq(r8, &(0x7f0000000100)=[{0x0, 0x0, 0x0, 0x0, @time, {0x3}}], 0x1c) syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount$9p_virtio(&(0x7f00000001c0), 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) r9 = open(&(0x7f0000000080)='./bus\x00', 0x107842, 0x0) r10 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r10, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=@getae={0x40, 0x1f, 0x1, 0x70bd29, 0x25dfdbfe, {{@in=@multicast2, 0x4d6, 0xa, 0x32}, @in=@private=0xa010102, 0x91b}}, 0x40}, 0x1, 0x0, 0x0, 0x8800}, 0xc8) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r10, 0x8982, &(0x7f0000000200)={0x3, 'pim6reg\x00', {0x5}, 0xfff8}) io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r9, 0x84, 0x1c, &(0x7f0000000280), &(0x7f00000002c0)=0x4) syncfs(r2) r11 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) readv(r11, &(0x7f0000000440)=[{&(0x7f00000000c0)=""/162, 0xa2}], 0x1) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xaa2c5000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 1.280392803s ago: executing program 4 (id=9653): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00') r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r2}, 0x10) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file1\x00', 0x10, &(0x7f0000000680), 0x1, 0x254, &(0x7f00000006c0)="$eJzs3T1oJGUcBvBnZnc9c7fIqY0gfoCIaCCcnWBzNgoHchwiggonojbKRYgJdomVjYXWKqlsgtgZLSVNsFEEq6gpYiNosDBYaLGyOxvJx+qqm+zIze8HszPvzsd/Zneed7bY2Q3QWOeTXEzSSjKbpJOkOLjA3dVwfthcndm8mvR6T/xcDJar2pX99c4lWUnyUJKNssjL7WRp/ZmdX7ceu++txc69H6w/PTPVgxza3dl+fO/9y29+fOnBpS+//vFykYvpHjquk1eMeK5dJLecRrH/iaJd9x7wT1x5/aNv+rm/Nck9g/x3UqZ6895euGGjkwfe+6t13/npq9unua/Ayev1Ov1r4EoPaJwySTdFOZekmi7LubnqM/y3rbPlK/MLr82+NL947YW6eyrgpHST7Uc/PfPJuSP5/6FV5X+oVetOAqein/8nr6x915/ek3JohjuqUT//s88t3x/5h8aRf2iQFw+1SvmH5hqf/1q+ogNMges/NJf8Q3PJP1zHOn8/W/6hueQfmkv+obkO5h8AaJbembrvQAbqUnf/AwAAAAAAAAAAAAAAAAAAHLc6s3l1f5hWzc/fTXYfSdIeVb81+D/i5MbB49lfiv5ifyqq1Sby7F0TbmBCH9Z89/VN30/8Ek7kizvrrJ4sX0tW3khyod0+fv4Vw/Pvv7t5zPzO8xMW+JeKI+2Hn5pu/aN+X6u3/qWt5LN+/3NhVP9T5rbBeHT/0x3/E8tjvfrbhBsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgav4IAAD//7ANbcM=") r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r3, &(0x7f0000000000)=[{&(0x7f0000000080)='7', 0x1}], 0x1, 0x6e45, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a) fallocate(r4, 0x20, 0x0, 0x8000) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xf, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x18) mkdir(0x0, 0x0) 1.048452255s ago: executing program 0 (id=9656): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1") 1.048164394s ago: executing program 4 (id=9657): perf_event_open(0x0, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x803}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000100)) close(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f00000001c0)=0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8906, &(0x7f0000002280)={'syzkaller0\x00', @random='\x00\a\x00\x00\v\x00'}) 966.152255ms ago: executing program 0 (id=9659): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000280), 0x1, 0x76a, &(0x7f0000001b00)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000700850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file3\x00', 0x147142, 0x0) sendfile(r2, r2, 0x0, 0x7a680000) 821.117665ms ago: executing program 2 (id=9661): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000980)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000300000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x210) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7f, 0x7f, 0x5, [@typedef={0x3, 0x0, 0x0, 0x8, 0x5}, @datasec={0x9, 0x2, 0x0, 0xf, 0x3, [{0x5, 0x5, 0x5e}, {0x5, 0x6, 0x9}], "bdf790"}, @enum={0xa, 0x8, 0x0, 0x6, 0x4, [{0x6}, {0xc, 0x1}, {0x4, 0xd}, {0xf, 0x1}, {0x4, 0xe}, {0x8, 0x2}, {0x1, 0x1}, {0xe, 0x2}]}]}, {0x0, [0x2e, 0x30, 0x5f]}}, &(0x7f00000005c0)=""/226, 0x9d, 0xe2, 0x1, 0x401, 0x0, @void, @value}, 0x28) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) 761.616706ms ago: executing program 0 (id=9662): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000001880)={'wg1\x00', 0x0}) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r3}, 0x10) r4 = socket$rds(0x15, 0x5, 0x0) bind$rds(r4, &(0x7f00000021c0)={0x2, 0x0, @local}, 0x10) sendmsg$rds(r4, &(0x7f0000002180)={&(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000001fc0)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/48, 0x30}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000001ec0)=[{&(0x7f0000001a00)=""/161, 0xa1}], 0x1}}], 0x90}, 0x0) r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000280)={0x40, r5, 0xa29, 0x0, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r2}, @WGDEVICE_A_PRIVATE_KEY={0x24}]}, 0x40}}, 0x0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x40, r5, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r2}]}, 0x40}}, 0x0) 761.218726ms ago: executing program 4 (id=9663): write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="8fcacb7907051175f37538e486dd6300800701082c00db5b686158bbcfe8875a060300000023000000000000000000000000ac1414aa"], 0xfdef) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100001f00702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) close(r1) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486dd6372ce22fdb932"], 0xfdef) 752.732486ms ago: executing program 1 (id=9664): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x800}, 0x18) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000) 718.752596ms ago: executing program 2 (id=9665): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x800}, 0x18) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0) 673.698346ms ago: executing program 0 (id=9666): stat(&(0x7f0000000340)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) prlimit64(0x0, 0xd, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0) fcntl$lock(r4, 0x25, &(0x7f0000002380)) preadv(r4, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4081, 0xff1}], 0x1, 0x2, 0x3) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000010c0)='ext4_sync_file_enter\x00', r0}, 0x18) pipe2$9p(0x0, 0x4880) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000001540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32, @ANYBLOB="0300001601000000"], 0x38}}, 0x0) r6 = syz_open_procfs$namespace(r1, &(0x7f00000006c0)='ns/pid\x00') ioctl$BTRFS_IOC_SCRUB_CANCEL(r6, 0x941c, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000c80)=ANY=[@ANYBLOB="480000001000390427bd7000e9ffffff000003e4", @ANYRES32=r5, @ANYBLOB="00000000000000002800128008000100736974001c00028008000200ac14141005000900290000f70700140005"], 0x48}, 0x1, 0x0, 0x0, 0x80e1}, 0x4008040) 637.523566ms ago: executing program 1 (id=9667): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000800) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a30000000001400000002"], 0x68}}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0) 632.191726ms ago: executing program 2 (id=9668): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000060000000800000005"], 0x48) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x550, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x298, 0x2c0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x1c8, 0x4, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5b0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={@private1={0xfc, 0x1, '\x00', 0x1}, 0x6, r2}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x400, 0x0, 0x0, 0x0, 0x8, '\x00', r2, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$sock_inet6_SIOCSIFDSTADDR(r1, 0x8918, &(0x7f0000000640)={@remote, 0x15, r2}) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) r3 = creat(&(0x7f0000000740)='./bus\x00', 0x3a) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r3, 0x89f9, &(0x7f0000000900)={'sit0\x00', &(0x7f0000000840)={@mcast1, @multicast2, 0x1, 0x15}}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10) r6 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8) sendto$inet6(r6, &(0x7f0000000040)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) close_range(r6, r6, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd8d000000000000000002000000000000060000000006001500010000001800168014000100"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000a0) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x2000019c, &(0x7f0000000580)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r9}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 630.286226ms ago: executing program 4 (id=9669): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r2, &(0x7f0000000000)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x4, 0x1, 0x3, 0x3e, 0x0, 0x3, 0x40, 0x198, 0x0, 0x0, 0x38, 0x1, 0x0, 0x2}, [{0x3, 0x2, 0x2, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffffe}]}, 0x78) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) 573.186517ms ago: executing program 1 (id=9670): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000280000000000069078ac1414bbac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='\x00\x00\x00\x00\x00\x00\n*'], 0x0) 559.453977ms ago: executing program 4 (id=9671): seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, &(0x7f0000000040)) setresuid(0xee00, 0x0, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ipvlan0\x00'}) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES32=r0], 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000001b80)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00", @ANYBLOB="1800000000008000000000000000000018", @ANYRESDEC=r1, @ANYBLOB="fd9ac1ab76642d02d44772d58315e8e4729c087657b54cf8062f7be0c65119d7a2679e9b247b8209a2adb42c389626da823210a5f0aabc3efdc5c106315c8703d1d683509a0463df80dd9ae1354cc48665753847126c8cda89ab90ed0986cbfe7265cbdcf2ef003a977822cd389bb5ab2c0664d3efa8dea7a6d8fd8a9ef58b412bf9e3ae378c30024303a2ded70296129078de8792bb125883f5e2925ddb64300ae0e54c4e4a327e8fff32fc682a518c92438d6f0f1dbac7dfcc3a6606c989baad65da7b92a8f64489b98e661f6a69ab606c43f02f03c04d280bd5c3ee2dab2744a5d03f879c90902a19eff63287ef79a41888dd6f179a1e9477838b7361c1b3db48abb9118d02d7367d13b8f79b11282a82e6538ee781922b78a249476b5f935be61346c58c5485cb005eb77dd4b46a00ee50fe81bdeb15c99b4e647f318fa9ba8cabb72e1e5ad1ff964d03276099cc4a6973bf26a263fbb124bf47dc49a52e257d8256f210329d6778fdf682098c7b36e46fa940cc493ff7f1b993796fc7b615f27d51762b05fe0bef7bf1c41c00a80c98f7c00d7c21bfb82bcf4562a9255699a50a9c8c1b4afe9b11a9341555578bf376a086a185f9fd7daade6562557b7a2964a0c474281c1088ecaec24b6a69a153b12d2941f60808b497a430673b39bf4d00408910a5e5be740d9ca13496613d1173ed27ffe1cf75cd8a96daa5aa244655e466cb6d0368442f4804f4180474bf44a86c7cc17ddf9bac1244332167950882f6b133f654e9cfe0cd2c3d1f3d8a0eb71dd3b6552bb928634291c8cbd8f5f000e72d8d95fb579556b2b83c7a0536110457a43f3b413404f06571a88399b696670c15ea2354a4374323f9435cc52e17ca2df3da0b3f0839cde259c4479ce02ee2d4809324c2d5ececac1df22a9f4949e926986efb336903c3cdf6ac4d4b20d27e8fe992c5715ca29d520d049227308bcbd1ec1c0818f5d4aa2cfeb2bae153caf0be529275a1bf9176a07816011800a7808d388f6c52d0c3e986774cb7d6ac959a375f65b671f84c0b56767c33fd4dca372b87d24423fe69b456a0f97d98c76b1df6c03c7132605f74ff87ff04f736b78ae35475e827ca48106aae0bbea2be21241e23fe24b7c169543a79649e8b12f575c5e7e037b7a211dab6901b6acb64cfb4885c5a52e6bbe3425338c350bb529a0989c59ca52f19ec0cd93e2b9e3bb9125ab011b5cc3d196a81031e684495c1e0194e5fa3d1a5e7d0afe66d41aebc598afedd74b96660c4d33a2c99d799fb06e11d33d2015010d89e873b119d23ba4903d695ddc68d5504689910d01d0ce6186a3cf24e0f35286d0ec65c9aea4e375556084e28de2c3bb65d4da82281bb475c8aaf5f67935fbfe1b7822f34f285c8ce169afedfaeba7250dbb264773b69b87fb82e92f86de2d831b177db9bd8265854e76f42c814ed8f229a7a5d8bb54fd524bae2be7d61c16b2fde095265ea5480715f1c2aa8c89e05385335be2cfa76274312d3524865f52dbf7501f96be19fd84a60f5b54ef8861c75171f7758c5b2cb087542a1af5c3c215c886ed92dde6d7501a87f705432a00d73493411cd573012fbfdbac62cd332acd8c57cc6373fd0d99d43d7ca8256f8ba74c89ddc238d7e39cb10a7d193cae41f892816ccf465b08fec07c84ac067fda7a52e513f788ba25acc4e5b7ad41808c15af5ce0bb953b6c37d807651dc7264da60b032c0a0f6b07c4e1f83fb28331e3575833fa66c691d9c753f5f2ff38c5534acce649f215f92ce12b83c326cdae2247514a9a811c587898afd471725bddf3e7ace0485df2dff57e31fb85c5ed12de363ccc7780f4696a3a015783551f30381fca57e826966025528f1ed54ba141b6ec822daac0be4d022bddd4932b7fed7ed79cbcb77759fdfeda2828c7d88931b84852a6ec071d55e7937266c02de218e9c80d088f6d832d5a42c8c8bd3e53c5a6b5584b3e21d8bf9ef34201bdec5518af3162c00f62ad6cbe2cf1209beabb90d9bcc4f7e2ef78d58e3087f98032ce6b19f03cb7b4e8f44200229f6908de766971694b2088f6b17c75b6d26fe6d30a156212bdbf9ec74fde978a397ced6f5ae174caa0f969f014fb309064dfdf8b58e94e308b0afd87d0665247d92723130439d2ed3330a753c4519dcd2e84d19f9f930e68c0f2579c61daca0f4c6ef96275ae64c4d412b9e702d6455adec6de03b8b0de340b175e9f9cb8df32d4f75e0c8b0b3e4397ed5b374ef2fd16bc2efcc0374876c4a7a8652e7749c50daeb6f41a099d6089ff1a767509cf833d412c4549276233e1fff87f976c0ab823319e4e9649f8cbe7a8a23ede02db2470349b6339c844193be8a42e0dd93b33c0107726344ba7f4a6918266cd7caae1543c4c858b631d683b3ecc6d7f3a95861594b21485f68080d2872a4a82dfdba22aaa966e4c087730a60c8c4d6e79b29c25928ec2b40634e2fe7a8a2302c44d787bc7b62502dee698c1447ebb92c80887e1aad1e91c299ae1d0b1e7ca43e2e95522b46dd33992eeb435d25738200dfa0e52a2e63223201bb8adb5b1bdecd7ce029206b18cc098c3446fc7f01cb9520aab37531e8961459c082677f57e253176802328c7e686d1ee45fb39d1df71206be4289a8f55ca7e598fd80f32398176ffe274d220394ff7fd850d6a376879550f3dc538c6e2226bf59870be678973f0d634b97ac4e35dd67218963f90c8d54e382da39f19d7048b8f209b599364ec5aeb5701a4a3929621ba7f816358f9b0bb6b75197cf4251ebd2b65cad21ac37ac52229087c5"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x800) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) write$P9_RGETLOCK(r4, &(0x7f0000000040)=ANY=[], 0xffffff6a) r6 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IMADDTIMER(r6, 0x80044940, &(0x7f0000000000)) pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10) tee(r3, r7, 0xfffffffffffffc01, 0x0) tee(r3, r7, 0x60000000000, 0x0) 490.260357ms ago: executing program 1 (id=9672): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname$unix(r1, &(0x7f0000000680), &(0x7f0000000580)=0x6e) 404.588368ms ago: executing program 3 (id=9673): socket$inet_sctp(0x2, 0x400000000001, 0x84) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8982, &(0x7f0000000000)={0x3, 'pim6reg\x00', {0x141f}, 0x9342}) r3 = syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x12b}, &(0x7f0000000240), &(0x7f0000000300)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000580)={0x0, 0x25b0}, &(0x7f0000000040)=0x0, &(0x7f0000000180)) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800"/13], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r6}, 0x10) r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_NEXT_CMD_LEN(r7, 0x2283, &(0x7f0000000380)=0x3) write$sndseq(0xffffffffffffffff, &(0x7f0000000100)=[{0x0, 0x0, 0x0, 0x0, @time, {0x3}}, {0x0, 0x0, 0x0, 0x0, @time}], 0x38) syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x107842, 0x0) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=@getae={0x40, 0x1f, 0x1, 0x70bd29, 0x25dfdbfe, {{@in=@multicast2, 0x4d6, 0xa, 0x32}, @in=@private=0xa010102, 0x91b}}, 0x40}, 0x1, 0x0, 0x0, 0x8800}, 0xc8) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r9, 0x8982, &(0x7f0000000200)={0x3, 'pim6reg\x00', {0x5}, 0xfff8}) io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r8, 0x84, 0x1c, &(0x7f0000000280), &(0x7f00000002c0)=0x4) syncfs(r2) r10 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) readv(r10, &(0x7f0000000440)=[{&(0x7f00000000c0)=""/162, 0xa2}], 0x1) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xaa2c5000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 381.895878ms ago: executing program 1 (id=9674): timer_getoverrun(0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000100000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x0, &(0x7f00000003c0)}) bpf$PROG_LOAD(0x5, 0x0, 0x0) getresgid(&(0x7f0000000400), &(0x7f0000000640), &(0x7f0000000680)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB="000000000000009e1300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="d4010000400000001800000000000000000000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0xc1}, 0x4000054) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="7800000010000305000000000000000000cf0100", @ANYRES32=0x0, @ANYBLOB="83000000000000002000128008000100677265001400028008000700e0"], 0x78}, 0x1, 0x0, 0x0, 0x4000015}, 0x0) 58.991449ms ago: executing program 1 (id=9675): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x8, 0x0, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000280)={0x200, 0x25, 0x5, 0x6, 0x3, 0x0, [{0x40, 0x8, 0x2, '\x00', 0x1082}, {0x8000000000000000, 0x7, 0x480000000, '\x00', 0x2000}, {0x43, 0x76, 0x7, '\x00', 0x6}]}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000072556e893000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) setitimer(0x1, &(0x7f0000000000)={{0x77359400}, {0x20000000000000}}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) syz_io_uring_setup(0x7a8e, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000100)) r4 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) close(r4) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c000000100039042cbd7000eaffffff000003e4", @ANYRES32=0x0, @ANYBLOB="03000000d21507002c00128008000100736974002000028008000100", @ANYRES32, @ANYBLOB="14000b"], 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x4000040) 0s ago: executing program 2 (id=9676): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, r1, 0x1, 0x70bd2c, 0x0, {}, [@SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7ffffffd}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40801}, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x30, r3, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}]}]}, 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10) r4 = socket$l2tp6(0xa, 0x2, 0x73) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f00000000c0)=@ethtool_flash={0x33, 0x4, './file0\x00'}}) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r5, 0x0, 0x0) listen(r5, 0x40000049) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)) shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000680)=""/129) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r7}, 0x18) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newlink={0x44, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x3}, @IFLA_BR_AGEING_TIME={0x8}]}}}]}, 0x44}}, 0x0) r9 = accept4$inet6(r5, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000380)=0x1c, 0x0) sendmmsg$inet6(r9, 0x0, 0x0, 0x20000000) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r10, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r11, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000) kernel console output (not intermixed with test programs): vsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 784.615879][ T8717] netlink: 36 bytes leftover after parsing attributes in process `syz.1.9034'. [ 784.624917][ T8717] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9034'. [ 784.657642][T31495] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 784.923570][ T4552] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 784.979664][ T4552] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 785.026005][ T8728] lo speed is unknown, defaulting to 1000 [ 785.039816][ T4552] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 785.061132][ T8728] lo speed is unknown, defaulting to 1000 [ 785.104492][ T4552] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 785.290546][ T4552] bridge_slave_1: left allmulticast mode [ 785.296290][ T4552] bridge_slave_1: left promiscuous mode [ 785.302170][ T4552] bridge0: port 2(bridge_slave_1) entered disabled state [ 785.353265][ T4552] bridge_slave_0: left allmulticast mode [ 785.359058][ T4552] bridge_slave_0: left promiscuous mode [ 785.364840][ T4552] bridge0: port 1(bridge_slave_0) entered disabled state [ 785.544817][ T29] kauditd_printk_skb: 450 callbacks suppressed [ 785.544835][ T29] audit: type=1326 audit(1733101620.229:47460): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8733 comm="syz.0.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe5bd2077e7 code=0x7ffc0000 [ 785.576155][ T4552] bond0 (unregistering): (slave geneve1): Releasing backup interface [ 785.601868][ T29] audit: type=1326 audit(1733101620.259:47461): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8733 comm="syz.0.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe5bd1ac189 code=0x7ffc0000 [ 785.625877][ T29] audit: type=1326 audit(1733101620.259:47462): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8733 comm="syz.0.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe5bd2077e7 code=0x7ffc0000 [ 785.649798][ T29] audit: type=1326 audit(1733101620.259:47463): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8733 comm="syz.0.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe5bd1ac189 code=0x7ffc0000 [ 785.673631][ T29] audit: type=1326 audit(1733101620.259:47464): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8733 comm="syz.0.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 785.697989][ T29] audit: type=1326 audit(1733101620.279:47465): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8733 comm="syz.0.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe5bd2077e7 code=0x7ffc0000 [ 785.721905][ T29] audit: type=1326 audit(1733101620.279:47466): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8733 comm="syz.0.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe5bd1ac189 code=0x7ffc0000 [ 785.745883][ T29] audit: type=1326 audit(1733101620.279:47467): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8733 comm="syz.0.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 785.769881][ T29] audit: type=1326 audit(1733101620.279:47468): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8733 comm="syz.0.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe5bd2077e7 code=0x7ffc0000 [ 785.793679][ T29] audit: type=1326 audit(1733101620.279:47469): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8733 comm="syz.0.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe5bd1ac189 code=0x7ffc0000 [ 785.851759][ T4552] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 785.911697][ T4552] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 785.965875][ T8770] syz.0.9044[8770] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 785.965960][ T8770] syz.0.9044[8770] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 785.975612][ T4552] bond0 (unregistering): Released all slaves [ 785.984276][ T8770] syz.0.9044[8770] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 786.003559][ T8769] loop3: detected capacity change from 0 to 1024 [ 786.038244][ T8728] chnl_net:caif_netlink_parms(): no params data found [ 786.096648][ T8769] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 786.169149][ T8769] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 786.215051][ T4552] hsr_slave_0: left promiscuous mode [ 786.254697][ T8769] EXT4-fs (loop3): mount failed [ 786.264270][ T4552] hsr_slave_1: left promiscuous mode [ 786.290479][ T4552] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 786.298043][ T4552] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 786.333695][ T4552] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 786.341314][ T4552] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 786.411141][ T4552] veth1_macvtap: left promiscuous mode [ 786.416803][ T4552] veth0_macvtap: left promiscuous mode [ 786.422348][ T4552] veth1_vlan: left promiscuous mode [ 786.427709][ T4552] veth0_vlan: left promiscuous mode [ 786.829707][ T8807] program syz.1.9049 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 786.958133][ T8728] bridge0: port 1(bridge_slave_0) entered blocking state [ 786.965394][ T8728] bridge0: port 1(bridge_slave_0) entered disabled state [ 787.009071][ T8728] bridge_slave_0: entered allmulticast mode [ 787.015745][ T8728] bridge_slave_0: entered promiscuous mode [ 787.031357][ T8728] bridge0: port 2(bridge_slave_1) entered blocking state [ 787.038581][ T8728] bridge0: port 2(bridge_slave_1) entered disabled state [ 787.061779][ T8728] bridge_slave_1: entered allmulticast mode [ 787.080913][ T8728] bridge_slave_1: entered promiscuous mode [ 787.146434][ T8728] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 787.181817][ T8728] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 787.250583][ T8728] team0: Port device team_slave_0 added [ 787.280584][ T8728] team0: Port device team_slave_1 added [ 787.373628][ T8821] __nla_validate_parse: 5 callbacks suppressed [ 787.373647][ T8821] netlink: 64 bytes leftover after parsing attributes in process `syz.0.9052'. [ 787.449665][ T8728] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 787.456787][ T8728] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 787.482748][ T8728] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 787.584514][ T8728] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 787.591647][ T8728] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 787.617798][ T8728] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 787.678753][ T8728] hsr_slave_0: entered promiscuous mode [ 787.691047][ T8728] hsr_slave_1: entered promiscuous mode [ 787.706596][ T8728] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 787.714528][ T8728] Cannot create hsr debugfs directory [ 787.738173][ T8836] program syz.0.9052 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 787.823117][ T8843] syz.1.9059[8843] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 787.823261][ T8843] syz.1.9059[8843] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 787.860040][ T8845] loop4: detected capacity change from 0 to 512 [ 787.883236][ T8843] syz.1.9059[8843] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 787.906928][ T8847] SELinux: policydb version 0 does not match my version range 15-33 [ 787.935632][ T8847] SELinux: failed to load policy [ 787.943127][ T8845] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 788.031080][ T8845] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.9058: invalid indirect mapped block 4294967295 (level 0) [ 788.104553][ T8845] EXT4-fs (loop4): Remounting filesystem read-only [ 788.116207][ T8860] loop1: detected capacity change from 0 to 512 [ 788.133174][ T8845] EXT4-fs (loop4): 1 orphan inode deleted [ 788.139044][ T8845] EXT4-fs (loop4): 1 truncate cleaned up [ 788.170270][ T8860] EXT4-fs: Ignoring removed orlov option [ 788.195423][ T8860] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 788.210952][ T8865] SELinux: policydb version 0 does not match my version range 15-33 [ 788.217256][ T8845] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 788.227013][ T8865] SELinux: failed to load policy [ 788.271356][ T8860] EXT4-fs (loop1): 1 orphan inode deleted [ 788.277282][ T8860] EXT4-fs (loop1): 1 truncate cleaned up [ 788.289526][ T8860] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 788.317766][ T8845] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 788.362160][ T8845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 788.411738][ T8873] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9065'. [ 788.421591][ T8728] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 788.487137][ T8728] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 788.541861][ T8728] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 788.578418][ T8728] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 788.696820][ T8888] loop3: detected capacity change from 0 to 2048 [ 788.755506][ T8888] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 788.823435][ T8358] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 788.863196][ T8899] netlink: 64 bytes leftover after parsing attributes in process `syz.4.9073'. [ 788.875781][ T8728] 8021q: adding VLAN 0 to HW filter on device bond0 [ 788.941754][ T8728] 8021q: adding VLAN 0 to HW filter on device team0 [ 788.987767][ T4552] bridge0: port 1(bridge_slave_0) entered blocking state [ 788.994898][ T4552] bridge0: port 1(bridge_slave_0) entered forwarding state [ 789.043739][ T5904] bridge0: port 2(bridge_slave_1) entered blocking state [ 789.050844][ T5904] bridge0: port 2(bridge_slave_1) entered forwarding state [ 789.082255][ T8914] program syz.4.9073 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 789.150573][ T8728] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 789.161002][ T8728] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 789.176099][ T8917] netlink: 64 bytes leftover after parsing attributes in process `syz.3.9077'. [ 789.340180][ T8728] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 789.438262][ T8936] program syz.3.9077 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 789.538102][ T8944] syz.0.9080[8944] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 789.538293][ T8944] syz.0.9080[8944] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 789.573870][ T8948] loop3: detected capacity change from 0 to 128 [ 789.616892][T31256] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 789.622363][ T8948] FAT-fs (loop3): bogus number of reserved sectors [ 789.625920][ T8944] syz.0.9080[8944] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 789.632405][ T8948] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 789.653157][ T8948] FAT-fs (loop3): Can't find a valid FAT filesystem [ 789.720720][ T8728] veth0_vlan: entered promiscuous mode [ 789.749281][ T8728] veth1_vlan: entered promiscuous mode [ 789.770273][ T8960] loop3: detected capacity change from 0 to 512 [ 789.770746][ T8961] loop1: detected capacity change from 0 to 2048 [ 789.788757][ T8728] veth0_macvtap: entered promiscuous mode [ 789.807345][ T8728] veth1_macvtap: entered promiscuous mode [ 789.827873][ T8948] loop3: detected capacity change from 0 to 512 [ 789.852000][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 789.862634][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 789.872574][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 789.883125][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 789.886757][ T8948] EXT4-fs: Ignoring removed nobh option [ 789.893022][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 789.893039][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 789.893058][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 789.929506][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 789.939362][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 789.949901][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 789.959754][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 789.970211][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 789.980117][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 789.990573][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 790.018497][ T8961] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 790.019163][ T8728] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 790.043461][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 790.053977][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 790.063962][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 790.074437][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 790.080250][ T8948] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 790.084686][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 790.107572][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 790.117476][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 790.127934][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 790.137843][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 790.148317][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 790.158264][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 790.168834][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 790.178740][ T8728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 790.189202][ T8728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 790.199747][ T8948] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 790.215215][ T8728] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 790.225520][ T8728] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 790.234314][ T8728] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 790.243161][ T8728] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 790.251968][ T8728] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 790.390235][ T8358] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 790.417956][ T8995] loop2: detected capacity change from 0 to 1024 [ 790.442883][ T8995] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 790.451334][ T8995] EXT4-fs (loop2): Number of reserved GDT blocks insanely large: 8192 [ 790.534293][ T9006] netlink: 64 bytes leftover after parsing attributes in process `syz.3.9090'. [ 790.548009][ T29] kauditd_printk_skb: 274 callbacks suppressed [ 790.548026][ T29] audit: type=1326 audit(1733101625.239:47744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.2.9036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 790.599928][ T9009] SELinux: policydb version 0 does not match my version range 15-33 [ 790.615004][ T9009] SELinux: failed to load policy [ 790.630296][ T29] audit: type=1326 audit(1733101625.269:47745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.2.9036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 790.653961][ T29] audit: type=1326 audit(1733101625.269:47746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.2.9036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 790.677574][ T29] audit: type=1326 audit(1733101625.269:47747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.2.9036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 790.701102][ T29] audit: type=1326 audit(1733101625.269:47748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.2.9036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 790.725068][ T29] audit: type=1326 audit(1733101625.269:47749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.2.9036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 790.748855][ T29] audit: type=1326 audit(1733101625.269:47750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.2.9036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 790.749329][ T9013] loop4: detected capacity change from 0 to 2048 [ 790.772501][ T29] audit: type=1326 audit(1733101625.279:47751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.2.9036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 790.795902][ T9006] program syz.3.9090 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 790.802392][ T29] audit: type=1326 audit(1733101625.279:47752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.2.9036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 790.835315][ T29] audit: type=1326 audit(1733101625.279:47753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.2.9036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 790.913844][T31256] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 790.990435][ T9013] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 791.019085][ T9024] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2 [ 791.078803][T32170] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 791.132795][ T9030] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9097'. [ 791.141842][ T9030] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9097'. [ 791.150875][ T9030] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9097'. [ 791.209318][ T9030] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9097'. [ 791.240063][ T5904] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 791.291464][ T9025] lo speed is unknown, defaulting to 1000 [ 791.307278][ T9025] lo speed is unknown, defaulting to 1000 [ 791.315713][ T5904] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 791.392692][ T5904] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 791.428904][ T9046] loop4: detected capacity change from 0 to 128 [ 791.431703][ T9042] loop3: detected capacity change from 0 to 1024 [ 791.457204][ T9046] FAT-fs (loop4): bogus number of reserved sectors [ 791.463807][ T9046] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 791.473249][ T9046] FAT-fs (loop4): Can't find a valid FAT filesystem [ 791.487176][ T5904] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 791.500156][ T9042] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 791.520391][ T9042] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 791.543844][ T9042] EXT4-fs (loop3): mount failed [ 791.638617][ T9046] loop4: detected capacity change from 0 to 512 [ 791.700027][ T5904] bridge_slave_1: left allmulticast mode [ 791.705796][ T5904] bridge_slave_1: left promiscuous mode [ 791.709441][ T9046] loop4: detected capacity change from 0 to 512 [ 791.711620][ T5904] bridge0: port 2(bridge_slave_1) entered disabled state [ 791.765139][ T9046] EXT4-fs: Ignoring removed nobh option [ 791.780792][ T9062] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9105'. [ 791.795734][ T5904] bridge_slave_0: left allmulticast mode [ 791.801465][ T5904] bridge_slave_0: left promiscuous mode [ 791.807181][ T5904] bridge0: port 1(bridge_slave_0) entered disabled state [ 791.840086][ T9046] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 791.864489][ T9067] loop3: detected capacity change from 0 to 1024 [ 791.881482][ T9046] ext4 filesystem being mounted at /545/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 791.897060][ T9067] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 791.905279][ T9067] EXT4-fs (loop3): Number of reserved GDT blocks insanely large: 8192 [ 791.973345][ T5904] bond0 (unregistering): (slave geneve1): Releasing backup interface [ 791.981711][ T9081] syz.2.9109[9081] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 791.981818][ T9081] syz.2.9109[9081] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 791.994567][ T9081] syz.2.9109[9081] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 792.079638][ T5904] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 792.105075][ T5904] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 792.124020][ T5904] bond0 (unregistering): Released all slaves [ 792.147558][ T9025] chnl_net:caif_netlink_parms(): no params data found [ 792.171578][ T9092] loop3: detected capacity change from 0 to 512 [ 792.231954][ T5904] hsr_slave_0: left promiscuous mode [ 792.245480][ T5904] hsr_slave_1: left promiscuous mode [ 792.245997][T32170] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 792.262945][ T5904] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 792.263489][ T9092] EXT4-fs (loop3): too many log groups per flexible block group [ 792.270422][ T5904] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 792.278164][ T9092] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 792.322509][ T5904] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 792.330048][ T5904] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 792.333395][ T9092] EXT4-fs (loop3): mount failed [ 792.393797][ T5904] veth1_macvtap: left promiscuous mode [ 792.399417][ T5904] veth0_macvtap: left promiscuous mode [ 792.405134][ T5904] veth1_vlan: left promiscuous mode [ 792.410535][ T5904] veth0_vlan: left promiscuous mode [ 792.528987][ T9118] SELinux: policydb version 0 does not match my version range 15-33 [ 792.557289][ T9118] SELinux: failed to load policy [ 792.776664][ T9025] bridge0: port 1(bridge_slave_0) entered blocking state [ 792.783762][ T9025] bridge0: port 1(bridge_slave_0) entered disabled state [ 792.806893][ T9025] bridge_slave_0: entered allmulticast mode [ 792.807811][ T9143] loop4: detected capacity change from 0 to 128 [ 792.826517][ T9025] bridge_slave_0: entered promiscuous mode [ 792.848320][ T9025] bridge0: port 2(bridge_slave_1) entered blocking state [ 792.855435][ T9025] bridge0: port 2(bridge_slave_1) entered disabled state [ 792.864812][ T9025] bridge_slave_1: entered allmulticast mode [ 792.871879][ T9025] bridge_slave_1: entered promiscuous mode [ 792.907141][ T9143] FAT-fs (loop4): bogus number of reserved sectors [ 792.913709][ T9143] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 792.923156][ T9143] FAT-fs (loop4): Can't find a valid FAT filesystem [ 792.931952][ T9025] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 792.943370][ T9025] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 792.981558][ T9158] loop2: detected capacity change from 0 to 1024 [ 793.001468][ T9158] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 793.009823][ T9158] EXT4-fs (loop2): Number of reserved GDT blocks insanely large: 8192 [ 793.032650][ T9160] loop3: detected capacity change from 0 to 1024 [ 793.051347][ T9025] team0: Port device team_slave_0 added [ 793.061067][ T9160] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 793.069419][ T9160] EXT4-fs (loop3): Number of reserved GDT blocks insanely large: 8192 [ 793.076640][ T9025] team0: Port device team_slave_1 added [ 793.109596][ T9143] loop4: detected capacity change from 0 to 512 [ 793.185540][ T9165] netlink: 'syz.0.9134': attribute type 11 has an invalid length. [ 793.193789][ T9025] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 793.200872][ T9025] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 793.209959][ T9143] loop4: detected capacity change from 0 to 512 [ 793.226903][ T9025] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 793.306941][ T9143] EXT4-fs: Ignoring removed nobh option [ 793.315724][ T9025] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 793.323183][ T9025] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 793.349229][ T9025] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 793.377974][ T9181] loop3: detected capacity change from 0 to 1024 [ 793.385797][ T9143] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 793.418871][ T9181] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 793.460941][ T9191] syz.0.9138[9191] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 793.461136][ T9191] syz.0.9138[9191] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 793.476299][ T9181] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 793.508801][ T9143] ext4 filesystem being mounted at /549/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 793.524174][ T9191] syz.0.9138[9191] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 793.581946][ T9025] hsr_slave_0: entered promiscuous mode [ 793.606510][ T9181] EXT4-fs (loop3): mount failed [ 793.626488][ T9025] hsr_slave_1: entered promiscuous mode [ 793.649070][ T9025] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 793.666133][ T9198] loop2: detected capacity change from 0 to 256 [ 793.670441][ T9025] Cannot create hsr debugfs directory [ 793.733424][ T9202] loop3: detected capacity change from 0 to 512 [ 793.819595][T32170] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 793.828877][ T9202] EXT4-fs (loop3): too many log groups per flexible block group [ 793.836849][ T9202] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 793.843761][ T9202] EXT4-fs (loop3): mount failed [ 793.942748][ T9218] loop3: detected capacity change from 0 to 2048 [ 793.962713][ T9218] EXT4-fs: Invalid want_extra_isize 0 [ 794.014428][ T9223] loop3: detected capacity change from 0 to 2048 [ 794.041472][ T9223] EXT4-fs: Invalid want_extra_isize 0 [ 794.093842][ T9025] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 794.187264][ T9025] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 794.347843][ T9025] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 794.367193][ T9025] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 794.639376][ T9250] loop3: detected capacity change from 0 to 1024 [ 794.678283][ T9250] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 794.686490][ T9250] EXT4-fs (loop3): Number of reserved GDT blocks insanely large: 8192 [ 794.721482][ T9025] 8021q: adding VLAN 0 to HW filter on device bond0 [ 794.738969][ T9259] loop4: detected capacity change from 0 to 1024 [ 794.773540][ T9259] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 794.800987][ T9025] 8021q: adding VLAN 0 to HW filter on device team0 [ 794.832205][ T1022] bridge0: port 1(bridge_slave_0) entered blocking state [ 794.839353][ T1022] bridge0: port 1(bridge_slave_0) entered forwarding state [ 794.875071][ T9259] EXT4-fs warning (device loop4): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 794.906304][ T1022] bridge0: port 2(bridge_slave_1) entered blocking state [ 794.913498][ T1022] bridge0: port 2(bridge_slave_1) entered forwarding state [ 794.933583][ T9275] FAULT_INJECTION: forcing a failure. [ 794.933583][ T9275] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 794.946808][ T9275] CPU: 1 UID: 0 PID: 9275 Comm: syz.3.9154 Tainted: G W 6.12.0-syzkaller-12128-gf788b5ef1ca9 #0 [ 794.958649][ T9275] Tainted: [W]=WARN [ 794.962475][ T9275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 794.972595][ T9275] Call Trace: [ 794.975888][ T9275] [ 794.978839][ T9275] dump_stack_lvl+0xf2/0x150 [ 794.983499][ T9275] dump_stack+0x15/0x1a [ 794.985405][ T9025] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 794.987681][ T9275] should_fail_ex+0x223/0x230 [ 794.987716][ T9275] should_fail+0xb/0x10 [ 794.998043][ T9025] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 795.002683][ T9275] should_fail_usercopy+0x1a/0x20 [ 795.022274][ T9275] _copy_from_user+0x1e/0xb0 [ 795.026910][ T9275] __sys_bpf+0x14e/0x7a0 [ 795.031189][ T9275] __x64_sys_bpf+0x43/0x50 [ 795.035662][ T9275] x64_sys_call+0x2914/0x2dc0 [ 795.040377][ T9275] do_syscall_64+0xc9/0x1c0 [ 795.044913][ T9275] ? clear_bhb_loop+0x55/0xb0 [ 795.049675][ T9275] ? clear_bhb_loop+0x55/0xb0 [ 795.054442][ T9275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 795.060364][ T9275] RIP: 0033:0x7f982a8f0849 [ 795.064815][ T9275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 795.084539][ T9275] RSP: 002b:00007f9828f67058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 795.092985][ T9275] RAX: ffffffffffffffda RBX: 00007f982aab5fa0 RCX: 00007f982a8f0849 [ 795.100985][ T9275] RDX: 0000000000000050 RSI: 0000000020000180 RDI: 000000000000000a [ 795.108977][ T9275] RBP: 00007f9828f670a0 R08: 0000000000000000 R09: 0000000000000000 [ 795.116973][ T9275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 795.124651][ T9259] EXT4-fs (loop4): mount failed [ 795.124949][ T9275] R13: 0000000000000000 R14: 00007f982aab5fa0 R15: 00007ffc2e117938 [ 795.137885][ T9275] [ 795.332976][ T9025] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 795.452178][ T9303] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 795.497591][ T9303] netlink: 56 bytes leftover after parsing attributes in process `syz.4.9160'. [ 795.506619][ T9303] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9160'. [ 795.556960][ T29] kauditd_printk_skb: 551 callbacks suppressed [ 795.557048][ T29] audit: type=1326 audit(1733101630.239:48305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9313 comm="syz.3.9162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7f982a8f0849 code=0x7ffc0000 [ 795.667273][ T9025] veth0_vlan: entered promiscuous mode [ 795.681147][ T29] audit: type=1326 audit(1733101630.289:48306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9313 comm="syz.3.9162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982a8f0849 code=0x7ffc0000 [ 795.705957][ T9025] veth1_vlan: entered promiscuous mode [ 795.785801][ T9025] veth0_macvtap: entered promiscuous mode [ 795.795009][ T29] audit: type=1326 audit(1733101630.469:48307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9330 comm="syz.3.9165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982a8f0849 code=0x7ffc0000 [ 795.834369][ T9025] veth1_macvtap: entered promiscuous mode [ 795.858440][ T9336] loop4: detected capacity change from 0 to 128 [ 795.885824][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.896450][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.906315][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.906919][ T9336] FAT-fs (loop4): bogus number of reserved sectors [ 795.917102][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.923429][ T9336] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 795.933343][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.942555][ T9336] FAT-fs (loop4): Can't find a valid FAT filesystem [ 795.952987][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.963947][ T9331] loop3: detected capacity change from 0 to 1024 [ 795.969495][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.969515][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.969533][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.986698][ T29] audit: type=1326 audit(1733101630.489:48308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9330 comm="syz.3.9165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f982a8f0849 code=0x7ffc0000 [ 795.996154][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.006674][ T29] audit: type=1326 audit(1733101630.489:48309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9330 comm="syz.3.9165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982a8f0849 code=0x7ffc0000 [ 796.006708][ T29] audit: type=1326 audit(1733101630.489:48310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9330 comm="syz.3.9165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f982a8f0849 code=0x7ffc0000 [ 796.006820][ T29] audit: type=1326 audit(1733101630.539:48311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9330 comm="syz.3.9165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982a8f0849 code=0x7ffc0000 [ 796.006905][ T29] audit: type=1326 audit(1733101630.539:48312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9330 comm="syz.3.9165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982a8f0849 code=0x7ffc0000 [ 796.006934][ T29] audit: type=1326 audit(1733101630.539:48313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9330 comm="syz.3.9165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f982a8f0849 code=0x7ffc0000 [ 796.007031][ T29] audit: type=1326 audit(1733101630.539:48314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9330 comm="syz.3.9165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f982a8f0883 code=0x7ffc0000 [ 796.030494][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 796.081986][ T9331] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 796.087353][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.087371][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 796.087392][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.089086][ T9025] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 796.230630][ T9331] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 796.305910][ T9331] EXT4-fs (loop3): mount failed [ 796.332535][ T9336] loop4: detected capacity change from 0 to 512 [ 796.342455][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.352988][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.362827][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.373352][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.383318][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.393810][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.403806][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.414313][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.424180][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.434640][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.444507][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.455038][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.464895][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.475352][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.487337][ T9025] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 796.495751][ T9025] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.504582][ T9025] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.513368][ T9025] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.522148][ T9025] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.600793][ T9356] loop1: detected capacity change from 0 to 512 [ 796.618276][ T9356] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 796.651121][ T9356] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.9096: invalid indirect mapped block 4294967295 (level 0) [ 796.675397][ T9356] EXT4-fs (loop1): Remounting filesystem read-only [ 796.692780][ T9356] EXT4-fs (loop1): 1 orphan inode deleted [ 796.698668][ T9356] EXT4-fs (loop1): 1 truncate cleaned up [ 796.704762][ T9356] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 796.713047][ T9363] 9pnet_virtio: no channels available for device syz [ 796.717268][ T9356] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 796.733272][ T9356] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 796.825957][ T9379] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9174'. [ 796.980022][ T9390] loop3: detected capacity change from 0 to 2048 [ 797.010787][ T9390] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 797.588554][ T9397] loop4: detected capacity change from 0 to 128 [ 797.623810][ T9397] FAT-fs (loop4): bogus number of reserved sectors [ 797.630456][ T9397] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 797.639925][ T9397] FAT-fs (loop4): Can't find a valid FAT filesystem [ 797.670460][ T9397] loop4: detected capacity change from 0 to 512 [ 797.715064][ T9397] loop4: detected capacity change from 0 to 512 [ 797.740421][ T8358] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 797.767406][ T9397] EXT4-fs: Ignoring removed nobh option [ 797.791645][ T9401] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 797.834701][ T9397] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 797.837998][ T9401] netlink: 56 bytes leftover after parsing attributes in process `syz.0.9183'. [ 797.856219][ T9401] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9183'. [ 797.889723][ T9407] Cannot find del_set index 0 as target [ 797.934073][ T9397] ext4 filesystem being mounted at /559/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 798.012857][ T9407] loop2: detected capacity change from 0 to 512 [ 798.044020][ T9407] EXT4-fs (loop2): orphan cleanup on readonly fs [ 798.056331][ T9407] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.9185: bg 0: block 248: padding at end of block bitmap is not set [ 798.074839][ T9407] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.9185: Failed to acquire dquot type 1 [ 798.105298][ T9407] EXT4-fs (loop2): 1 truncate cleaned up [ 798.125725][ T9420] loop1: detected capacity change from 0 to 1024 [ 798.135130][ T9407] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 798.148324][ T9407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 798.164855][ T9420] EXT4-fs: Ignoring removed nomblk_io_submit option [ 798.168901][ T9423] netlink: 64 bytes leftover after parsing attributes in process `syz.3.9192'. [ 798.184776][ T9420] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 798.196028][T32170] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 798.207304][ T9424] SELinux: policydb version 0 does not match my version range 15-33 [ 798.241129][ T9424] SELinux: failed to load policy [ 798.269518][ T9420] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 798.363447][ T9428] lo speed is unknown, defaulting to 1000 [ 798.377678][ T9434] program syz.3.9192 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 798.388487][ T9420] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿ18446744073709551615' [ 798.422148][ T9428] lo speed is unknown, defaulting to 1000 [ 798.485406][ T9436] loop2: detected capacity change from 0 to 512 [ 798.494513][ T9436] EXT4-fs: Ignoring removed orlov option [ 798.501385][ T9436] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 798.536998][ T9436] EXT4-fs (loop2): 1 orphan inode deleted [ 798.542951][ T9436] EXT4-fs (loop2): 1 truncate cleaned up [ 798.549142][ T9436] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 798.741140][ T9448] loop4: detected capacity change from 0 to 512 [ 798.750245][ T9448] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 798.765841][ T9448] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.9200: invalid indirect mapped block 4294967295 (level 0) [ 798.821281][ T9025] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 798.893376][ T9448] EXT4-fs (loop4): Remounting filesystem read-only [ 798.966700][ T9448] EXT4-fs (loop4): 1 orphan inode deleted [ 798.972507][ T9448] EXT4-fs (loop4): 1 truncate cleaned up [ 799.012988][ T9448] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 799.064898][ T9448] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 799.313992][ T9457] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 799.451273][ T9472] SELinux: policydb version 0 does not match my version range 15-33 [ 799.494380][ T9472] SELinux: failed to load policy [ 799.531908][ T9474] loop4: detected capacity change from 0 to 1024 [ 799.562022][ T9474] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 799.595214][ T9474] EXT4-fs warning (device loop4): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 799.681157][ T9474] EXT4-fs (loop4): mount failed [ 799.829986][ T9483] loop2: detected capacity change from 0 to 1024 [ 799.857790][ T9483] EXT4-fs: Ignoring removed nomblk_io_submit option [ 799.869306][ T9489] loop3: detected capacity change from 0 to 512 [ 799.888866][ T9483] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 799.930226][ T9489] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 799.971586][ T9483] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿ18446744073709551615' [ 800.142706][ T9504] loop4: detected capacity change from 0 to 2048 [ 800.226677][ T9506] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 800.439936][ T9544] loop4: detected capacity change from 0 to 512 [ 800.476767][ T9544] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 800.551182][ T9544] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.9230: invalid indirect mapped block 4294967295 (level 0) [ 800.562532][ T9550] netlink: 56 bytes leftover after parsing attributes in process `syz.3.9228'. [ 800.574135][ T9550] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9228'. [ 800.583189][ T29] kauditd_printk_skb: 632 callbacks suppressed [ 800.583204][ T29] audit: type=1326 audit(1733101635.269:48945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9559 comm="syz.1.9236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 800.613647][ T29] audit: type=1326 audit(1733101635.289:48946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9559 comm="syz.1.9236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 800.637324][ T29] audit: type=1326 audit(1733101635.289:48947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9559 comm="syz.1.9236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 800.655104][ T9544] EXT4-fs (loop4): Remounting filesystem read-only [ 800.661027][ T29] audit: type=1326 audit(1733101635.289:48948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9559 comm="syz.1.9236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 800.691185][ T29] audit: type=1326 audit(1733101635.289:48949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9559 comm="syz.1.9236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 800.709290][ T9544] EXT4-fs (loop4): 1 orphan inode deleted [ 800.714980][ T29] audit: type=1326 audit(1733101635.289:48950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9559 comm="syz.1.9236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 800.720808][ T9544] EXT4-fs (loop4): 1 truncate cleaned up [ 800.826899][ T9561] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 800.841492][ T9544] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 800.878087][ T9544] EXT4-fs unmount: 9 callbacks suppressed [ 800.878109][ T9544] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 800.893247][ T29] audit: type=1326 audit(1733101635.439:48951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9559 comm="syz.1.9236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 800.917112][ T29] audit: type=1326 audit(1733101635.439:48952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9559 comm="syz.1.9236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 800.940722][ T29] audit: type=1326 audit(1733101635.439:48953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9559 comm="syz.1.9236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8802e5f2ff code=0x7ffc0000 [ 800.964327][ T29] audit: type=1326 audit(1733101635.439:48954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9559 comm="syz.1.9236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 801.057672][ T9582] loop4: detected capacity change from 0 to 128 [ 801.082331][ T9582] FAT-fs (loop4): bogus number of reserved sectors [ 801.088965][ T9582] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 801.098435][ T9582] FAT-fs (loop4): Can't find a valid FAT filesystem [ 801.150398][ T9582] loop4: detected capacity change from 0 to 512 [ 801.181908][ T9582] loop4: detected capacity change from 0 to 512 [ 801.201755][ T9582] EXT4-fs: Ignoring removed nobh option [ 801.219816][ T9582] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 801.283253][ T9582] ext4 filesystem being mounted at /571/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 801.344036][ T9595] 9pnet_virtio: no channels available for device syz [ 801.419142][T32170] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 801.469422][ T9602] loop3: detected capacity change from 0 to 512 [ 801.510078][ T9602] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 801.567019][ T9602] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 801.623206][ T9602] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 802.003584][ T9623] loop3: detected capacity change from 0 to 512 [ 802.030137][ T9623] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 802.031182][ T9621] loop4: detected capacity change from 0 to 1024 [ 802.066375][ T9623] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.9256: invalid indirect mapped block 4294967295 (level 0) [ 802.104879][ T9621] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 802.140807][ T9621] EXT4-fs warning (device loop4): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 802.183209][ T9623] EXT4-fs (loop3): Remounting filesystem read-only [ 802.221602][ T9623] EXT4-fs (loop3): 1 orphan inode deleted [ 802.227507][ T9623] EXT4-fs (loop3): 1 truncate cleaned up [ 802.239198][ T9621] EXT4-fs (loop4): mount failed [ 802.271336][ T9623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 802.304440][ T9623] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 802.324813][ T9623] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 802.409591][ T9635] loop1: detected capacity change from 0 to 512 [ 802.450998][ T9635] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 802.492990][ T9638] loop4: detected capacity change from 0 to 1024 [ 802.523142][ T9638] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 802.531412][ T9638] EXT4-fs (loop4): Number of reserved GDT blocks insanely large: 8192 [ 802.546878][ T9635] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 802.613402][ T9635] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 802.664885][ T9643] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 802.716150][ T9643] netlink: 56 bytes leftover after parsing attributes in process `syz.3.9263'. [ 802.725296][ T9643] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9263'. [ 802.761855][ T9648] 9pnet_virtio: no channels available for device syz [ 803.096607][ T9661] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9271'. [ 803.189438][ T9663] loop3: detected capacity change from 0 to 128 [ 803.246616][ T9663] FAT-fs (loop3): bogus number of reserved sectors [ 803.253333][ T9663] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 803.262696][ T9663] FAT-fs (loop3): Can't find a valid FAT filesystem [ 803.309493][ T9667] loop2: detected capacity change from 0 to 512 [ 803.351532][ T9663] loop3: detected capacity change from 0 to 512 [ 803.360712][ T9667] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 803.381275][ T9667] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 803.404478][ T9663] loop3: detected capacity change from 0 to 512 [ 803.425755][ T9663] EXT4-fs: Ignoring removed nobh option [ 803.463925][ T9667] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 803.502313][ T9663] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 803.526819][ T9663] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 803.620476][ T8358] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 803.736442][ T9679] loop3: detected capacity change from 0 to 1024 [ 803.744632][ T9681] loop1: detected capacity change from 0 to 512 [ 803.775193][ T9679] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 803.783489][ T9679] EXT4-fs (loop3): Number of reserved GDT blocks insanely large: 8192 [ 803.792284][ T9681] EXT4-fs: Ignoring removed orlov option [ 803.840880][ T9681] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 803.894705][ T9681] EXT4-fs (loop1): 1 orphan inode deleted [ 803.900590][ T9681] EXT4-fs (loop1): 1 truncate cleaned up [ 803.964011][ T9681] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 804.072221][ T9025] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 804.145098][ T9693] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 804.170819][ T9698] loop3: detected capacity change from 0 to 512 [ 804.220208][ T9700] 9pnet_virtio: no channels available for device syz [ 804.241215][ T9698] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 804.309875][ T9698] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 804.328271][ T9705] loop4: detected capacity change from 0 to 512 [ 804.367630][ T9705] EXT4-fs (loop4): too many log groups per flexible block group [ 804.375430][ T9705] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 804.394740][ T9698] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 804.418926][ T9705] EXT4-fs (loop4): mount failed [ 804.510640][ T9712] loop3: detected capacity change from 0 to 128 [ 804.552402][ T9712] FAT-fs (loop3): bogus number of reserved sectors [ 804.559013][ T9712] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 804.568349][ T9712] FAT-fs (loop3): Can't find a valid FAT filesystem [ 804.641904][ T9712] loop3: detected capacity change from 0 to 512 [ 804.675455][ T9712] loop3: detected capacity change from 0 to 512 [ 804.700789][ T9712] EXT4-fs: Ignoring removed nobh option [ 804.745101][ T9712] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 804.800966][ T9712] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 804.944904][ T8358] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 805.159457][ T9731] SELinux: policydb version 0 does not match my version range 15-33 [ 805.167713][ T9731] SELinux: failed to load policy [ 805.203585][ T9735] loop4: detected capacity change from 0 to 512 [ 805.251799][ T9735] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 805.268284][ T9735] ext4 filesystem being mounted at /590/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 805.281292][ T9735] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 805.338030][ T9733] loop3: detected capacity change from 0 to 128 [ 805.350361][ T9746] Cannot find del_set index 0 as target [ 805.376824][ T9746] loop2: detected capacity change from 0 to 512 [ 805.402634][ T9733] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 805.405239][ T9747] loop4: detected capacity change from 0 to 128 [ 805.430761][ T9747] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 805.454690][ T9746] EXT4-fs (loop2): orphan cleanup on readonly fs [ 805.463631][ T9733] ext4 filesystem being mounted at /70/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 805.499223][ T9747] ext4 filesystem being mounted at /591/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 805.501828][ T9746] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.9301: bg 0: block 248: padding at end of block bitmap is not set [ 805.545950][ T9746] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.9301: Failed to acquire dquot type 1 [ 805.568222][ T9746] EXT4-fs (loop2): 1 truncate cleaned up [ 805.579667][ T9746] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 805.594598][ T9746] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 805.658503][ T8358] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 805.668161][T32170] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 805.728631][ T29] kauditd_printk_skb: 282 callbacks suppressed [ 805.728650][ T29] audit: type=1326 audit(1733101640.419:49235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9757 comm="syz.4.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475e930849 code=0x7ffc0000 [ 805.761255][ T9759] loop3: detected capacity change from 0 to 512 [ 805.798233][ T9759] EXT4-fs (loop3): too many log groups per flexible block group [ 805.806010][ T9759] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 805.809950][ T29] audit: type=1326 audit(1733101640.419:49236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9757 comm="syz.4.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475e930849 code=0x7ffc0000 [ 805.836406][ T29] audit: type=1326 audit(1733101640.419:49237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9757 comm="syz.4.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f475e930849 code=0x7ffc0000 [ 805.860066][ T29] audit: type=1326 audit(1733101640.419:49238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9757 comm="syz.4.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475e930849 code=0x7ffc0000 [ 805.860462][ T9759] EXT4-fs (loop3): mount failed [ 805.883625][ T29] audit: type=1326 audit(1733101640.419:49239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9757 comm="syz.4.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475e930849 code=0x7ffc0000 [ 805.909095][ T9760] loop4: detected capacity change from 0 to 1024 [ 805.911987][ T29] audit: type=1326 audit(1733101640.419:49240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9757 comm="syz.4.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f475e930849 code=0x7ffc0000 [ 805.941924][ T29] audit: type=1326 audit(1733101640.479:49241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9757 comm="syz.4.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475e930849 code=0x7ffc0000 [ 805.949016][ T9760] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 805.965496][ T29] audit: type=1326 audit(1733101640.479:49242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9757 comm="syz.4.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475e930849 code=0x7ffc0000 [ 805.982840][ T9760] EXT4-fs warning (device loop4): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 805.997797][ T29] audit: type=1326 audit(1733101640.489:49243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9757 comm="syz.4.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f475e930849 code=0x7ffc0000 [ 805.997915][ T29] audit: type=1326 audit(1733101640.489:49244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9757 comm="syz.4.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f475e930883 code=0x7ffc0000 [ 806.024711][ T9760] EXT4-fs (loop4): mount failed [ 806.162435][ T9776] loop2: detected capacity change from 0 to 512 [ 806.216200][ T9778] netlink: 64 bytes leftover after parsing attributes in process `syz.3.9314'. [ 806.220916][ T9780] loop1: detected capacity change from 0 to 512 [ 806.256696][ T9780] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 806.287154][ T9780] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.9315: invalid indirect mapped block 4294967295 (level 0) [ 806.287438][ T9776] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 806.313782][ T9776] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 806.334386][ T9776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 806.362862][ T9780] EXT4-fs (loop1): Remounting filesystem read-only [ 806.374084][ T9788] program syz.3.9314 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 806.393632][ T9780] EXT4-fs (loop1): 1 orphan inode deleted [ 806.399548][ T9780] EXT4-fs (loop1): 1 truncate cleaned up [ 806.439386][ T9780] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 806.492936][ T9794] loop4: detected capacity change from 0 to 128 [ 806.499418][ T9780] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 806.516941][ T9780] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 806.530267][ T9794] FAT-fs (loop4): bogus number of reserved sectors [ 806.536861][ T9794] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 806.546179][ T9794] FAT-fs (loop4): Can't find a valid FAT filesystem [ 806.613946][ T9794] loop4: detected capacity change from 0 to 512 [ 806.664784][ T9794] loop4: detected capacity change from 0 to 512 [ 806.709416][ T9794] EXT4-fs: Ignoring removed nobh option [ 806.750058][ T9794] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 806.846088][ T9794] ext4 filesystem being mounted at /595/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 806.870005][ T9802] loop1: detected capacity change from 0 to 1024 [ 806.908199][ T9802] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 806.951967][ T9802] EXT4-fs warning (device loop1): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 806.981480][T32170] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 807.019279][ T9802] EXT4-fs (loop1): mount failed [ 807.100612][ T9814] loop4: detected capacity change from 0 to 512 [ 807.159758][ T9814] EXT4-fs (loop4): too many log groups per flexible block group [ 807.167635][ T9814] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 807.198969][ T9814] EXT4-fs (loop4): mount failed [ 807.217349][ T9818] loop3: detected capacity change from 0 to 1024 [ 807.248990][ T9818] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 807.257401][ T9818] EXT4-fs (loop3): Number of reserved GDT blocks insanely large: 8192 [ 807.443083][ T9835] netlink: 64 bytes leftover after parsing attributes in process `syz.0.9334'. [ 807.501283][ T9831] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9330'. [ 807.510350][ T9831] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9330'. [ 807.519364][ T9831] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9330'. [ 807.552156][ T9831] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9330'. [ 807.602628][ T9842] program syz.0.9334 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 807.980498][ T9862] loop2: detected capacity change from 0 to 512 [ 808.004473][ T9862] EXT4-fs: Ignoring removed orlov option [ 808.029634][ T9862] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 808.059097][ T9862] EXT4-fs (loop2): 1 orphan inode deleted [ 808.064877][ T9862] EXT4-fs (loop2): 1 truncate cleaned up [ 808.082663][ T9862] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 808.129361][ T9871] loop3: detected capacity change from 0 to 2048 [ 808.216032][ T9871] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 808.689846][ T9896] netlink: 64 bytes leftover after parsing attributes in process `syz.0.9360'. [ 808.850148][ T9900] program syz.0.9360 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 808.925045][ T4554] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 808.940287][ T8358] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 809.021366][ T4554] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 809.082984][ T9907] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 809.120555][ T4554] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 809.132641][ T9907] netlink: 56 bytes leftover after parsing attributes in process `syz.3.9361'. [ 809.141768][ T9907] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9361'. [ 809.201117][ T4554] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 809.231462][ T9897] lo speed is unknown, defaulting to 1000 [ 809.256484][ T9897] lo speed is unknown, defaulting to 1000 [ 809.380125][ T9913] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2 [ 809.386837][ T4554] bridge_slave_1: left allmulticast mode [ 809.394815][ T4554] bridge_slave_1: left promiscuous mode [ 809.400546][ T4554] bridge0: port 2(bridge_slave_1) entered disabled state [ 809.406915][ T8728] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 809.458146][ T4554] bridge_slave_0: left allmulticast mode [ 809.463873][ T4554] bridge_slave_0: left promiscuous mode [ 809.469710][ T4554] bridge0: port 1(bridge_slave_0) entered disabled state [ 809.577489][ T9921] netlink: 36 bytes leftover after parsing attributes in process `syz.3.9363'. [ 809.691763][ T4554] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 809.714542][ T4554] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 809.742536][ T4554] bond0 (unregistering): Released all slaves [ 809.762083][ T9929] loop2: detected capacity change from 0 to 512 [ 809.785604][ T9927] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 809.797075][ T9929] EXT4-fs: Ignoring removed orlov option [ 809.815441][ T4554] tipc: Disabling bearer [ 809.820550][ T4554] tipc: Left network mode [ 809.844394][ T9929] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 809.881583][ T9937] SELinux: policydb table sizes (0,0) do not match mine (6,6) [ 809.891358][ T4554] hsr_slave_0: left promiscuous mode [ 809.903844][ T9929] EXT4-fs (loop2): 1 orphan inode deleted [ 809.909719][ T9929] EXT4-fs (loop2): 1 truncate cleaned up [ 809.925620][ T4554] hsr_slave_1: left promiscuous mode [ 809.931783][ T9937] SELinux: failed to load policy [ 809.941578][ T9943] Cannot find del_set index 0 as target [ 809.957268][ T4554] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 809.964767][ T4554] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 809.993969][ T9929] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 810.008311][ T4554] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 810.015909][ T4554] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 810.064888][ T4554] veth1_macvtap: left promiscuous mode [ 810.070518][ T4554] veth0_macvtap: left promiscuous mode [ 810.076172][ T4554] veth1_vlan: left promiscuous mode [ 810.081539][ T4554] veth0_vlan: left promiscuous mode [ 810.153977][ T9959] loop1: detected capacity change from 0 to 512 [ 810.185893][ T9959] EXT4-fs (loop1): orphan cleanup on readonly fs [ 810.218165][ T9959] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.9373: bg 0: block 248: padding at end of block bitmap is not set [ 810.236952][ T9959] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.9373: Failed to acquire dquot type 1 [ 810.249197][ T9959] EXT4-fs (loop1): 1 truncate cleaned up [ 810.275482][ T4554] pimreg (unregistering): left allmulticast mode [ 810.306755][ T9959] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 810.335500][ T9959] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 810.427937][ T9974] loop3: detected capacity change from 0 to 512 [ 810.441191][ T9974] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 810.468473][ T9974] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.9381: invalid indirect mapped block 4294967295 (level 0) [ 810.490720][ T9974] EXT4-fs (loop3): Remounting filesystem read-only [ 810.566299][ T9897] chnl_net:caif_netlink_parms(): no params data found [ 810.578984][ T9981] program syz.0.9380 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 810.585232][ T9974] EXT4-fs (loop3): 1 orphan inode deleted [ 810.594038][ T9974] EXT4-fs (loop3): 1 truncate cleaned up [ 810.640716][ T9974] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 810.686358][ T9974] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 810.704986][ T9974] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 810.724141][ T9897] bridge0: port 1(bridge_slave_0) entered blocking state [ 810.731414][ T9897] bridge0: port 1(bridge_slave_0) entered disabled state [ 810.808293][ T9897] bridge_slave_0: entered allmulticast mode [ 810.857083][ T9897] bridge_slave_0: entered promiscuous mode [ 810.863887][ T9897] bridge0: port 2(bridge_slave_1) entered blocking state [ 810.871099][ T9897] bridge0: port 2(bridge_slave_1) entered disabled state [ 810.887353][ T9897] bridge_slave_1: entered allmulticast mode [ 810.893925][ T9897] bridge_slave_1: entered promiscuous mode [ 810.906603][ T9940] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 810.942410][ T9997] 9pnet_virtio: no channels available for device syz [ 811.068378][ T9897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 811.079254][ T9897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 811.115489][ T8728] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 811.140745][ T9897] team0: Port device team_slave_0 added [ 811.148132][T10008] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2 [ 811.165159][ T9897] team0: Port device team_slave_1 added [ 811.303007][ T9897] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 811.310072][ T9897] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 811.336073][ T9897] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 811.359340][T10008] __nla_validate_parse: 4 callbacks suppressed [ 811.359360][T10008] netlink: 36 bytes leftover after parsing attributes in process `syz.3.9387'. [ 811.374608][T10008] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9387'. [ 811.383606][T10008] netlink: 36 bytes leftover after parsing attributes in process `syz.3.9387'. [ 811.394998][T10027] loop2: detected capacity change from 0 to 512 [ 811.416221][T10008] netlink: 36 bytes leftover after parsing attributes in process `syz.3.9387'. [ 811.433410][T10027] EXT4-fs: Ignoring removed orlov option [ 811.444369][ T9897] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 811.451405][ T9897] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 811.477373][ T9897] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 811.509132][T10027] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 811.572454][T10027] EXT4-fs (loop2): 1 orphan inode deleted [ 811.578350][T10027] EXT4-fs (loop2): 1 truncate cleaned up [ 811.584580][T10027] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 811.604135][ T9897] hsr_slave_0: entered promiscuous mode [ 811.637419][ T9897] hsr_slave_1: entered promiscuous mode [ 811.646940][T10034] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 811.664232][ T9897] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 811.689733][ T9897] Cannot create hsr debugfs directory [ 811.732473][ T29] kauditd_printk_skb: 280 callbacks suppressed [ 811.732492][ T29] audit: type=1326 audit(1733101646.419:49523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10041 comm="syz.1.9393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 811.809046][ T29] audit: type=1326 audit(1733101646.459:49524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10041 comm="syz.1.9393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 811.832793][ T29] audit: type=1326 audit(1733101646.459:49525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10041 comm="syz.1.9393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 811.857303][ T29] audit: type=1326 audit(1733101646.459:49526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10041 comm="syz.1.9393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 811.881057][ T29] audit: type=1326 audit(1733101646.459:49527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10041 comm="syz.1.9393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 812.131865][T10064] loop1: detected capacity change from 0 to 512 [ 812.177572][T10064] EXT4-fs (loop1): orphan cleanup on readonly fs [ 812.201008][T10068] netlink: 64 bytes leftover after parsing attributes in process `syz.3.9399'. [ 812.219740][T10064] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.9397: bg 0: block 248: padding at end of block bitmap is not set [ 812.249100][ T29] audit: type=1326 audit(1733101646.939:49528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.0.9401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 812.288617][T10064] Quota error (device loop1): write_blk: dquota write failed [ 812.296105][T10064] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 812.306244][T10064] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.9397: Failed to acquire dquot type 1 [ 812.356563][ T29] audit: type=1326 audit(1733101646.969:49529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.0.9401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 812.380301][ T29] audit: type=1326 audit(1733101646.969:49530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.0.9401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 812.384930][T10064] EXT4-fs (loop1): 1 truncate cleaned up [ 812.479139][ T9897] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 812.490709][T10064] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 812.497068][T10084] program syz.3.9399 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 812.518939][ T9897] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 812.529882][ T9897] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 812.537233][T10064] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 812.599928][T10088] SELinux: policydb version 0 does not match my version range 15-33 [ 812.610087][ T9897] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 812.617269][T10088] SELinux: failed to load policy [ 812.617381][ T8728] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 812.666437][T10058] Cannot find del_set index 0 as target [ 812.714485][T10097] SELinux: policydb version 0 does not match my version range 15-33 [ 812.722731][T10097] SELinux: failed to load policy [ 812.790479][T10099] netlink: 64 bytes leftover after parsing attributes in process `syz.0.9406'. [ 812.982438][T10116] program syz.0.9406 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 813.001952][T10115] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2 [ 813.035048][ T9897] 8021q: adding VLAN 0 to HW filter on device bond0 [ 813.122666][ T9897] 8021q: adding VLAN 0 to HW filter on device team0 [ 813.150685][T10128] netlink: 36 bytes leftover after parsing attributes in process `syz.1.9410'. [ 813.155900][T10127] netlink: 56 bytes leftover after parsing attributes in process `syz.2.9411'. [ 813.159684][T10128] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9410'. [ 813.159706][T10128] netlink: 36 bytes leftover after parsing attributes in process `syz.1.9410'. [ 813.192879][ T4515] bridge0: port 1(bridge_slave_0) entered blocking state [ 813.199996][ T4515] bridge0: port 1(bridge_slave_0) entered forwarding state [ 813.248874][ T4515] bridge0: port 2(bridge_slave_1) entered blocking state [ 813.256019][ T4515] bridge0: port 2(bridge_slave_1) entered forwarding state [ 813.292756][T10136] loop3: detected capacity change from 0 to 512 [ 813.304703][ T9897] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 813.321173][T10136] EXT4-fs: Ignoring removed orlov option [ 813.354233][T10136] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 813.388530][T10136] EXT4-fs (loop3): 1 orphan inode deleted [ 813.394367][T10136] EXT4-fs (loop3): 1 truncate cleaned up [ 813.416302][T10136] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 813.488009][ T9897] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 813.499924][ T8358] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 813.830550][T10183] SELinux: policydb version 0 does not match my version range 15-33 [ 813.852237][T10183] SELinux: failed to load policy [ 813.881678][ T9897] veth0_vlan: entered promiscuous mode [ 813.929368][ T9897] veth1_vlan: entered promiscuous mode [ 813.995808][ T9897] veth0_macvtap: entered promiscuous mode [ 814.172010][T10216] program syz.1.9421 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 814.205162][ T9897] veth1_macvtap: entered promiscuous mode [ 814.250477][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 814.261036][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.270938][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 814.281536][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.291429][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 814.301988][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.311846][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 814.322310][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.332218][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 814.342717][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.352569][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 814.363020][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.372957][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 814.383418][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.450596][ T9897] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 814.477586][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 814.488073][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.497994][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 814.508439][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.518348][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 814.528857][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.538722][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 814.549218][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.559191][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 814.569664][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.579521][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 814.590026][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.599879][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 814.610437][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 814.679184][ T9897] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 814.713250][ T9897] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.722111][ T9897] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.730870][ T9897] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.739609][ T9897] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.770183][T10240] loop2: detected capacity change from 0 to 512 [ 814.808033][T10240] EXT4-fs (loop2): too many log groups per flexible block group [ 814.815867][T10240] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 814.843470][T10240] EXT4-fs (loop2): mount failed [ 815.245187][T10267] Cannot find del_set index 0 as target [ 815.340980][T10267] loop3: detected capacity change from 0 to 512 [ 815.354059][T10273] Cannot find del_set index 0 as target [ 815.369283][T10267] EXT4-fs (loop3): orphan cleanup on readonly fs [ 815.390219][T10276] Cannot find del_set index 0 as target [ 815.396273][T10273] loop4: detected capacity change from 0 to 512 [ 815.398076][T10267] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.9438: bg 0: block 248: padding at end of block bitmap is not set [ 815.426168][T10273] EXT4-fs (loop4): orphan cleanup on readonly fs [ 815.433819][T10267] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.9438: Failed to acquire dquot type 1 [ 815.461380][T10273] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.9441: bg 0: block 248: padding at end of block bitmap is not set [ 815.482691][T10267] EXT4-fs (loop3): 1 truncate cleaned up [ 815.488565][T10273] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.9441: Failed to acquire dquot type 1 [ 815.505896][T10267] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 815.528626][T10273] EXT4-fs (loop4): 1 truncate cleaned up [ 815.532889][T10267] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 815.546690][T10273] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 815.572873][T10273] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 815.616012][T10283] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 815.739668][T10294] netlink: 'syz.4.9452': attribute type 4 has an invalid length. [ 815.766275][T10296] loop1: detected capacity change from 0 to 2048 [ 815.840866][T10296] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 815.939446][T10309] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10309 comm=syz.3.9456 [ 815.958428][ T9025] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 815.984554][T10313] loop2: detected capacity change from 0 to 2048 [ 816.033603][T10313] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 816.048231][T10315] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 816.121879][T10322] Cannot find del_set index 0 as target [ 816.123773][ T8728] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 816.149193][T10323] loop4: detected capacity change from 0 to 512 [ 816.171613][T10327] SELinux: policydb table sizes (0,0) do not match mine (6,6) [ 816.183356][T10323] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 816.206651][T10327] SELinux: failed to load policy [ 816.213110][T10322] loop1: detected capacity change from 0 to 512 [ 816.222892][T10323] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.9462: invalid indirect mapped block 4294967295 (level 0) [ 816.242719][T10332] SELinux: policydb version 0 does not match my version range 15-33 [ 816.260261][T10332] SELinux: failed to load policy [ 816.292623][T10322] EXT4-fs (loop1): orphan cleanup on readonly fs [ 816.324447][T10323] EXT4-fs (loop4): Remounting filesystem read-only [ 816.340388][T10323] EXT4-fs (loop4): 1 orphan inode deleted [ 816.342131][T10334] loop3: detected capacity change from 0 to 512 [ 816.346156][T10323] EXT4-fs (loop4): 1 truncate cleaned up [ 816.352829][T10334] EXT4-fs: Ignoring removed orlov option [ 816.368401][T10334] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 816.378335][T10322] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.9459: bg 0: block 248: padding at end of block bitmap is not set [ 816.404552][T10322] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.9459: Failed to acquire dquot type 1 [ 816.420330][T10323] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 816.433336][T10339] program syz.2.9463 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 816.453502][T10322] EXT4-fs (loop1): 1 truncate cleaned up [ 816.461226][T10334] EXT4-fs (loop3): 1 orphan inode deleted [ 816.467069][T10334] EXT4-fs (loop3): 1 truncate cleaned up [ 816.474348][T10323] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 816.482429][T10322] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 816.507680][T10334] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 816.521917][T10323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 816.550584][T10322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 816.670996][ T8358] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 816.740668][T10345] loop1: detected capacity change from 0 to 512 [ 816.753359][T10347] __nla_validate_parse: 10 callbacks suppressed [ 816.753378][T10347] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9472'. [ 816.773655][T10350] FAULT_INJECTION: forcing a failure. [ 816.773655][T10350] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 816.786783][T10350] CPU: 1 UID: 0 PID: 10350 Comm: syz.3.9470 Tainted: G W 6.12.0-syzkaller-12128-gf788b5ef1ca9 #0 [ 816.799123][T10350] Tainted: [W]=WARN [ 816.801461][T10347] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9472'. [ 816.802933][T10350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 816.802950][T10350] Call Trace: [ 816.802959][T10350] [ 816.828247][T10350] dump_stack_lvl+0xf2/0x150 [ 816.832924][T10350] dump_stack+0x15/0x1a [ 816.837102][T10350] should_fail_ex+0x223/0x230 [ 816.841877][T10350] should_fail+0xb/0x10 [ 816.846108][T10350] should_fail_usercopy+0x1a/0x20 [ 816.851163][T10350] _copy_from_user+0x1e/0xb0 [ 816.855809][T10350] move_addr_to_kernel+0x82/0x120 [ 816.860845][T10350] copy_msghdr_from_user+0x271/0x2a0 [ 816.866146][T10350] __sys_sendmmsg+0x1e8/0x4b0 [ 816.870983][T10350] __x64_sys_sendmmsg+0x57/0x70 [ 816.875858][T10350] x64_sys_call+0x29aa/0x2dc0 [ 816.880621][T10350] do_syscall_64+0xc9/0x1c0 [ 816.885204][T10350] ? clear_bhb_loop+0x55/0xb0 [ 816.889949][T10350] ? clear_bhb_loop+0x55/0xb0 [ 816.894690][T10350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 816.900613][T10350] RIP: 0033:0x7f982a8f0849 [ 816.905034][T10350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 816.924733][T10350] RSP: 002b:00007f9828f67058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 816.933173][T10350] RAX: ffffffffffffffda RBX: 00007f982aab5fa0 RCX: 00007f982a8f0849 [ 816.941238][T10350] RDX: 0000000000000002 RSI: 0000000020000080 RDI: 0000000000000003 [ 816.949233][T10350] RBP: 00007f9828f670a0 R08: 0000000000000000 R09: 0000000000000000 [ 816.957213][T10350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 816.965193][T10350] R13: 0000000000000000 R14: 00007f982aab5fa0 R15: 00007ffc2e117938 [ 816.973179][T10350] [ 817.113128][T10358] SELinux: policydb table sizes (0,0) do not match mine (6,6) [ 817.122819][T10358] SELinux: failed to load policy [ 817.147016][T10345] EXT4-fs (loop1): too many log groups per flexible block group [ 817.154750][T10345] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 817.161628][T10345] EXT4-fs (loop1): mount failed [ 817.186732][ T29] kauditd_printk_skb: 62 callbacks suppressed [ 817.186746][ T29] audit: type=1326 audit(1733101651.879:49587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10354 comm="syz.0.9475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 817.249777][T10368] Cannot find del_set index 0 as target [ 817.291759][T10371] loop2: detected capacity change from 0 to 512 [ 817.293106][ T29] audit: type=1326 audit(1733101651.909:49588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10354 comm="syz.0.9475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 817.315195][T10377] loop1: detected capacity change from 0 to 256 [ 817.321720][ T29] audit: type=1326 audit(1733101651.909:49589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10354 comm="syz.0.9475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 817.336908][T10371] EXT4-fs: Ignoring removed orlov option [ 817.351935][ T29] audit: type=1326 audit(1733101651.909:49590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10354 comm="syz.0.9475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 817.381258][ T29] audit: type=1326 audit(1733101651.909:49591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10354 comm="syz.0.9475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 817.404884][ T29] audit: type=1326 audit(1733101651.909:49592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10354 comm="syz.0.9475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 817.426923][T10371] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 817.428455][ T29] audit: type=1326 audit(1733101651.909:49593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10354 comm="syz.0.9475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5bd210849 code=0x7ffc0000 [ 817.462026][ T29] audit: type=1326 audit(1733101651.949:49594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10372 comm="syz.4.9483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787c5d0849 code=0x7ffc0000 [ 817.485844][ T29] audit: type=1326 audit(1733101651.949:49595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10372 comm="syz.4.9483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787c5d0849 code=0x7ffc0000 [ 817.509611][ T29] audit: type=1326 audit(1733101651.949:49596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10372 comm="syz.4.9483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787c5d0849 code=0x7ffc0000 [ 817.548005][T10382] loop3: detected capacity change from 0 to 512 [ 817.564359][T10382] EXT4-fs (loop3): orphan cleanup on readonly fs [ 817.572227][T10371] EXT4-fs (loop2): 1 orphan inode deleted [ 817.578121][T10371] EXT4-fs (loop2): 1 truncate cleaned up [ 817.589651][T10371] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 817.613778][T10382] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.9481: bg 0: block 248: padding at end of block bitmap is not set [ 817.633714][T10387] netlink: 64 bytes leftover after parsing attributes in process `syz.0.9487'. [ 817.656680][T10382] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.9481: Failed to acquire dquot type 1 [ 817.702480][T10382] EXT4-fs (loop3): 1 truncate cleaned up [ 817.722922][T10395] SELinux: policydb table sizes (0,0) do not match mine (6,6) [ 817.772329][T10395] SELinux: failed to load policy [ 817.811680][T10399] program syz.0.9487 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 817.954496][T10402] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 818.188009][T10413] loop3: detected capacity change from 0 to 2048 [ 818.383390][T10421] loop2: detected capacity change from 0 to 512 [ 818.397226][T10425] SELinux: policydb version 0 does not match my version range 15-33 [ 818.413347][T10425] SELinux: failed to load policy [ 818.419168][T10431] Cannot find del_set index 0 as target [ 818.425629][T10421] EXT4-fs: Ignoring removed orlov option [ 818.464334][T10433] SELinux: policydb table sizes (0,0) do not match mine (6,6) [ 818.477526][T10433] SELinux: failed to load policy [ 818.482678][T10421] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 818.498459][T10431] loop1: detected capacity change from 0 to 512 [ 818.505524][T10435] loop4: detected capacity change from 0 to 512 [ 818.512858][T10435] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 818.538165][T10435] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.9507: invalid indirect mapped block 4294967295 (level 0) [ 818.553830][T10439] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 818.554488][T10421] EXT4-fs (loop2): 1 orphan inode deleted [ 818.568779][T10421] EXT4-fs (loop2): 1 truncate cleaned up [ 818.573642][T10431] EXT4-fs (loop1): orphan cleanup on readonly fs [ 818.574076][T10431] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.9504: bg 0: block 248: padding at end of block bitmap is not set [ 818.574269][T10431] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.9504: Failed to acquire dquot type 1 [ 818.574675][T10431] EXT4-fs (loop1): 1 truncate cleaned up [ 818.590312][T10435] EXT4-fs (loop4): Remounting filesystem read-only [ 818.590418][T10435] EXT4-fs (loop4): 1 orphan inode deleted [ 818.590439][T10435] EXT4-fs (loop4): 1 truncate cleaned up [ 818.601094][T10435] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 818.811793][T10453] loop1: detected capacity change from 0 to 2048 [ 818.837316][T10459] loop2: detected capacity change from 0 to 2048 [ 818.850560][T10460] netlink: 64 bytes leftover after parsing attributes in process `syz.3.9515'. [ 819.035702][T10467] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 819.055145][T10460] program syz.3.9515 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 819.078542][T10467] netlink: 56 bytes leftover after parsing attributes in process `syz.4.9516'. [ 819.087626][T10467] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9516'. [ 819.162171][T10471] SELinux: policydb table sizes (0,0) do not match mine (6,6) [ 819.170464][T10471] SELinux: failed to load policy [ 819.312402][T10475] SELinux: policydb version 0 does not match my version range 15-33 [ 819.329079][T10475] SELinux: failed to load policy [ 819.333878][T10474] Cannot find del_set index 0 as target [ 819.396252][T10474] loop4: detected capacity change from 0 to 512 [ 819.410556][T10483] FAULT_INJECTION: forcing a failure. [ 819.410556][T10483] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 819.423774][T10483] CPU: 1 UID: 0 PID: 10483 Comm: syz.1.9522 Tainted: G W 6.12.0-syzkaller-12128-gf788b5ef1ca9 #0 [ 819.436054][T10483] Tainted: [W]=WARN [ 819.439874][T10483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 819.449967][T10483] Call Trace: [ 819.453269][T10483] [ 819.456216][T10483] dump_stack_lvl+0xf2/0x150 [ 819.460878][T10483] dump_stack+0x15/0x1a [ 819.465106][T10483] should_fail_ex+0x223/0x230 [ 819.469871][T10483] should_fail+0xb/0x10 [ 819.474048][T10483] should_fail_usercopy+0x1a/0x20 [ 819.479136][T10483] _copy_from_user+0x1e/0xb0 [ 819.483764][T10483] move_addr_to_kernel+0x82/0x120 [ 819.488873][T10483] __sys_connect+0x67/0x1b0 [ 819.493419][T10483] __x64_sys_connect+0x41/0x50 [ 819.498322][T10483] x64_sys_call+0x22a7/0x2dc0 [ 819.503026][T10483] do_syscall_64+0xc9/0x1c0 [ 819.507607][T10483] ? clear_bhb_loop+0x55/0xb0 [ 819.512470][T10483] ? clear_bhb_loop+0x55/0xb0 [ 819.517182][T10483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 819.523237][T10483] RIP: 0033:0x7f8802e60849 [ 819.527676][T10483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 819.547406][T10483] RSP: 002b:00007f88014d7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 819.555856][T10483] RAX: ffffffffffffffda RBX: 00007f8803025fa0 RCX: 00007f8802e60849 [ 819.563881][T10483] RDX: 000000000000001c RSI: 0000000020000000 RDI: 0000000000000004 [ 819.571873][T10483] RBP: 00007f88014d70a0 R08: 0000000000000000 R09: 0000000000000000 [ 819.579940][T10483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 819.587930][T10483] R13: 0000000000000000 R14: 00007f8803025fa0 R15: 00007fffc10bc288 [ 819.595929][T10483] [ 819.631608][T10474] EXT4-fs (loop4): orphan cleanup on readonly fs [ 819.645279][T10474] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.9520: bg 0: block 248: padding at end of block bitmap is not set [ 819.663130][T10474] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.9520: Failed to acquire dquot type 1 [ 819.676181][T10474] EXT4-fs (loop4): 1 truncate cleaned up [ 819.775905][T10491] lo speed is unknown, defaulting to 1000 [ 819.786617][T10491] lo speed is unknown, defaulting to 1000 [ 819.792720][T10491] lo speed is unknown, defaulting to 1000 [ 819.799283][T10491] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 819.809941][T10491] lo speed is unknown, defaulting to 1000 [ 819.816108][T10491] lo speed is unknown, defaulting to 1000 [ 819.822176][T10491] lo speed is unknown, defaulting to 1000 [ 819.828541][T10491] lo speed is unknown, defaulting to 1000 [ 819.834657][T10491] lo speed is unknown, defaulting to 1000 [ 819.840938][T10491] lo speed is unknown, defaulting to 1000 [ 819.848030][T10491] lo speed is unknown, defaulting to 1000 [ 819.850408][T10499] loop4: detected capacity change from 0 to 2048 [ 819.854146][T10491] lo speed is unknown, defaulting to 1000 [ 819.867252][T10491] lo speed is unknown, defaulting to 1000 [ 819.873341][T10491] lo speed is unknown, defaulting to 1000 [ 819.897142][T10491] lo speed is unknown, defaulting to 1000 [ 819.960011][T10504] loop1: detected capacity change from 0 to 2048 [ 819.972787][T10504] ext4: Unknown parameter './file0' [ 819.990558][T10508] loop3: detected capacity change from 0 to 2048 [ 820.071252][T10513] SELinux: policydb version 0 does not match my version range 15-33 [ 820.114164][T10513] SELinux: failed to load policy [ 820.243443][T10528] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9533'. [ 820.315129][T10532] loop2: detected capacity change from 0 to 512 [ 820.379469][T10532] EXT4-fs (loop2): too many log groups per flexible block group [ 820.387216][T10532] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 820.410293][T10532] EXT4-fs (loop2): mount failed [ 820.562579][T10548] loop4: detected capacity change from 0 to 2048 [ 820.623521][T10557] SELinux: policydb version 0 does not match my version range 15-33 [ 820.669548][T10557] SELinux: failed to load policy [ 820.685719][T10559] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2 [ 820.772834][T10564] FAULT_INJECTION: forcing a failure. [ 820.772834][T10564] name failslab, interval 1, probability 0, space 0, times 0 [ 820.785702][T10564] CPU: 1 UID: 0 PID: 10564 Comm: syz.0.9549 Tainted: G W 6.12.0-syzkaller-12128-gf788b5ef1ca9 #0 [ 820.794107][T10566] loop1: detected capacity change from 0 to 512 [ 820.797656][T10564] Tainted: [W]=WARN [ 820.797667][T10564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 820.817794][T10564] Call Trace: [ 820.821186][T10564] [ 820.824132][T10564] dump_stack_lvl+0xf2/0x150 [ 820.828758][T10564] dump_stack+0x15/0x1a [ 820.832982][T10564] should_fail_ex+0x223/0x230 [ 820.837762][T10564] should_failslab+0x8f/0xb0 [ 820.842460][T10564] __kmalloc_noprof+0xab/0x3f0 [ 820.847324][T10564] ? __se_sys_memfd_create+0x230/0x5c0 [ 820.852857][T10564] __se_sys_memfd_create+0x230/0x5c0 [ 820.858208][T10564] __x64_sys_memfd_create+0x31/0x40 [ 820.863488][T10564] x64_sys_call+0x2d4c/0x2dc0 [ 820.868194][T10564] do_syscall_64+0xc9/0x1c0 [ 820.872810][T10564] ? clear_bhb_loop+0x55/0xb0 [ 820.877544][T10564] ? clear_bhb_loop+0x55/0xb0 [ 820.882282][T10564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.888202][T10564] RIP: 0033:0x7fe5bd210849 [ 820.890081][T10566] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 820.892628][T10564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 820.922108][T10564] RSP: 002b:00007fe5bb886e38 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 820.930546][T10564] RAX: ffffffffffffffda RBX: 0000000000000586 RCX: 00007fe5bd210849 [ 820.938534][T10564] RDX: 00007fe5bb886f10 RSI: 0000000000000000 RDI: 00007fe5bd284209 [ 820.946518][T10564] RBP: 0000000020000f80 R08: 00007fe5bb886bd7 R09: 00007fe5bb886e60 [ 820.954520][T10564] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000380 [ 820.962534][T10564] R13: 00007fe5bb886f10 R14: 00007fe5bb886ed0 R15: 0000000020002080 [ 820.970532][T10564] [ 820.979559][T10568] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9547'. [ 820.988677][T10568] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9547'. [ 820.994696][T10566] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.9550: invalid indirect mapped block 4294967295 (level 0) [ 820.997754][T10568] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9547'. [ 821.030089][T10566] EXT4-fs (loop1): Remounting filesystem read-only [ 821.036939][T10566] EXT4-fs (loop1): 1 orphan inode deleted [ 821.042690][T10566] EXT4-fs (loop1): 1 truncate cleaned up [ 821.052684][T10566] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 821.060534][T10576] Cannot find del_set index 0 as target [ 821.139045][T10576] loop3: detected capacity change from 0 to 512 [ 821.139753][T10581] loop1: detected capacity change from 0 to 512 [ 821.153569][T10576] EXT4-fs (loop3): orphan cleanup on readonly fs [ 821.169233][T10581] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 821.182216][T10576] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.9552: bg 0: block 248: padding at end of block bitmap is not set [ 821.202371][T10581] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.9554: corrupted in-inode xattr: e_name out of bounds [ 821.220294][T10576] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.9552: Failed to acquire dquot type 1 [ 821.232120][T10581] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.9554: couldn't read orphan inode 15 (err -117) [ 821.264845][T10576] EXT4-fs (loop3): 1 truncate cleaned up [ 821.382873][T10592] loop3: detected capacity change from 0 to 2048 [ 821.635952][T10602] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 821.647393][T10608] loop1: detected capacity change from 0 to 512 [ 821.692110][T10608] EXT4-fs (loop1): too many log groups per flexible block group [ 821.700005][T10608] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 821.714577][T10608] EXT4-fs (loop1): mount failed [ 821.902391][T10624] loop2: detected capacity change from 0 to 2048 [ 821.999411][T10633] __nla_validate_parse: 3 callbacks suppressed [ 821.999429][T10633] netlink: 56 bytes leftover after parsing attributes in process `syz.4.9571'. [ 822.014802][T10633] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9571'. [ 822.043308][T10636] FAULT_INJECTION: forcing a failure. [ 822.043308][T10636] name failslab, interval 1, probability 0, space 0, times 0 [ 822.056021][T10636] CPU: 1 UID: 0 PID: 10636 Comm: syz.1.9574 Tainted: G W 6.12.0-syzkaller-12128-gf788b5ef1ca9 #0 [ 822.068146][T10636] Tainted: [W]=WARN [ 822.071969][T10636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 822.082118][T10636] Call Trace: [ 822.085427][T10636] [ 822.088366][T10636] dump_stack_lvl+0xf2/0x150 [ 822.093034][T10636] dump_stack+0x15/0x1a [ 822.097223][T10636] should_fail_ex+0x223/0x230 [ 822.101933][T10636] should_failslab+0x8f/0xb0 [ 822.106560][T10636] kmem_cache_alloc_noprof+0x52/0x320 [ 822.111977][T10636] ? audit_log_start+0x34c/0x6b0 [ 822.116945][T10636] audit_log_start+0x34c/0x6b0 [ 822.121757][T10636] audit_seccomp+0x4b/0x130 [ 822.126300][T10636] __seccomp_filter+0x6fa/0x1180 [ 822.131281][T10636] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 822.136975][T10636] ? vfs_write+0x596/0x920 [ 822.141577][T10636] ? __schedule+0x6fa/0x930 [ 822.146290][T10636] __secure_computing+0x9f/0x1c0 [ 822.151270][T10636] syscall_trace_enter+0xd1/0x1f0 [ 822.156464][T10636] do_syscall_64+0xaa/0x1c0 [ 822.161005][T10636] ? clear_bhb_loop+0x55/0xb0 [ 822.165805][T10636] ? clear_bhb_loop+0x55/0xb0 [ 822.170544][T10636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 822.176592][T10636] RIP: 0033:0x7f8802e60849 [ 822.181047][T10636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 822.200764][T10636] RSP: 002b:00007f88014d7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0 [ 822.209297][T10636] RAX: ffffffffffffffda RBX: 00007f8803025fa0 RCX: 00007f8802e60849 [ 822.217306][T10636] RDX: 0000000000000025 RSI: 6e93ebbbcc0884f2 RDI: 0000000000000000 [ 822.225352][T10636] RBP: 00007f88014d70a0 R08: 0000000000000000 R09: 0000000000000000 [ 822.233340][T10636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 822.241319][T10636] R13: 0000000000000000 R14: 00007f8803025fa0 R15: 00007fffc10bc288 [ 822.249355][T10636] [ 822.253034][T10636] audit_log_lost: 467 callbacks suppressed [ 822.253050][T10636] audit: audit_lost=7 audit_rate_limit=0 audit_backlog_limit=64 [ 822.266760][T10636] audit: out of memory in audit_log_start [ 822.283495][T10638] SELinux: policydb table sizes (0,0) do not match mine (6,6) [ 822.297464][T10638] SELinux: failed to load policy [ 822.319875][ T29] audit: type=1326 audit(1733101657.009:50054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10635 comm="syz.1.9574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f8802e5f25c code=0x7ffc0000 [ 822.343770][ T29] audit: type=1326 audit(1733101657.009:50055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10635 comm="syz.1.9574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8802e5f2ff code=0x7ffc0000 [ 822.367259][ T29] audit: type=1326 audit(1733101657.009:50056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10635 comm="syz.1.9574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f8802e5f4aa code=0x7ffc0000 [ 822.390799][ T29] audit: type=1326 audit(1733101657.009:50057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10635 comm="syz.1.9574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 822.414511][ T29] audit: type=1326 audit(1733101657.009:50058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10635 comm="syz.1.9574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8802e60849 code=0x7ffc0000 [ 822.498007][T10643] loop4: detected capacity change from 0 to 512 [ 822.551446][T10643] EXT4-fs (loop4): too many log groups per flexible block group [ 822.559419][T10643] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 822.578961][T10649] SELinux: policydb table sizes (0,0) do not match mine (6,6) [ 822.630557][T10649] SELinux: failed to load policy [ 822.649026][T10643] EXT4-fs (loop4): mount failed [ 822.749276][ T29] audit: type=1326 audit(1733101657.429:50059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10655 comm="syz.2.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 822.794417][T10660] loop1: detected capacity change from 0 to 2048 [ 822.840203][ T29] audit: type=1326 audit(1733101657.439:50060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10655 comm="syz.2.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 822.863881][ T29] audit: type=1326 audit(1733101657.439:50061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10655 comm="syz.2.9581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1da320849 code=0x7ffc0000 [ 822.936430][T10669] SELinux: policydb table sizes (0,0) do not match mine (6,6) [ 822.974042][T10659] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 822.992591][T10669] SELinux: failed to load policy [ 823.040954][T10673] Cannot find del_set index 0 as target [ 823.267485][T10689] netlink: 56 bytes leftover after parsing attributes in process `syz.4.9596'. [ 823.276721][T10689] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9596'. [ 823.344688][T10697] SELinux: policydb version 0 does not match my version range 15-33 [ 823.376911][T10697] SELinux: failed to load policy [ 823.393144][T10701] loop1: detected capacity change from 0 to 2048 [ 823.461535][T10706] SELinux: policydb version 0 does not match my version range 15-33 [ 823.496775][T10706] SELinux: failed to load policy [ 823.622198][T10710] batman_adv: batadv0: Adding interface: ip6gretap1 [ 823.628898][T10710] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500. [ 823.684152][T10710] batman_adv: batadv0: Interface activated: ip6gretap1 [ 823.947631][T10725] Cannot find del_set index 0 as target [ 823.974423][T10727] 9pnet_virtio: no channels available for device syz [ 824.079590][T10729] netlink: 'syz.0.9609': attribute type 15 has an invalid length. [ 824.220926][T10735] loop3: detected capacity change from 0 to 512 [ 824.253839][T10735] EXT4-fs: Ignoring removed orlov option [ 824.285518][T10735] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 824.324919][T10743] SELinux: policydb version 0 does not match my version range 15-33 [ 824.350340][T10735] EXT4-fs (loop3): 1 orphan inode deleted [ 824.356165][T10735] EXT4-fs (loop3): 1 truncate cleaned up [ 824.362673][T10743] SELinux: failed to load policy [ 824.430055][T10732] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9610'. [ 824.498611][T10746] netlink: 40 bytes leftover after parsing attributes in process `syz.0.9616'. [ 824.641397][T10755] SELinux: policydb version 0 does not match my version range 15-33 [ 824.649755][T10755] SELinux: failed to load policy [ 824.753968][T10766] loop1: detected capacity change from 0 to 512 [ 824.773431][T10770] Cannot find del_set index 0 as target [ 824.783479][T10768] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2 [ 824.819059][T10766] EXT4-fs (loop1): too many log groups per flexible block group [ 824.826864][T10766] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 824.835592][T10770] loop3: detected capacity change from 0 to 512 [ 824.846668][T10766] EXT4-fs (loop1): mount failed [ 824.862580][T10772] netlink: 40 bytes leftover after parsing attributes in process `syz.0.9628'. [ 824.876699][T10770] EXT4-fs (loop3): orphan cleanup on readonly fs [ 824.898976][T10770] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.9626: bg 0: block 248: padding at end of block bitmap is not set [ 824.914327][T10770] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.9626: Failed to acquire dquot type 1 [ 824.929762][T10768] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9627'. [ 824.931752][T10770] EXT4-fs (loop3): 1 truncate cleaned up [ 824.938820][T10768] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9627'. [ 824.953543][T10768] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9627'. [ 825.132645][T10790] loop2: detected capacity change from 0 to 2048 [ 825.405476][T10800] loop1: detected capacity change from 0 to 2048 [ 825.549565][T10805] batman_adv: batadv0: Adding interface: ip6gretap1 [ 825.556282][T10805] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500. [ 825.631012][T10805] batman_adv: batadv0: Interface activated: ip6gretap1 [ 825.648782][T10810] Cannot find del_set index 0 as target [ 825.716061][T10810] loop4: detected capacity change from 0 to 512 [ 825.747953][T10810] EXT4-fs (loop4): orphan cleanup on readonly fs [ 825.791474][T10810] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.9641: bg 0: block 248: padding at end of block bitmap is not set [ 825.858277][T10810] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.9641: Failed to acquire dquot type 1 [ 825.902759][T10810] EXT4-fs (loop4): 1 truncate cleaned up [ 825.983506][T10823] loop3: detected capacity change from 0 to 2048 [ 826.166423][T10833] loop3: detected capacity change from 0 to 2048 [ 826.393554][T10842] loop4: detected capacity change from 0 to 128 [ 826.440590][T10842] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 826.695360][T10855] syzkaller0: entered allmulticast mode [ 826.732001][T10858] SELinux: policydb version 0 does not match my version range 15-33 [ 826.772495][T10858] SELinux: failed to load policy [ 826.895721][T10866] SELinux: policydb version 0 does not match my version range 15-33 [ 826.919899][T10866] SELinux: failed to load policy [ 827.035733][T10876] Cannot find del_set index 0 as target [ 827.118107][T10876] loop2: detected capacity change from 0 to 512 [ 827.145229][T10876] EXT4-fs (loop2): orphan cleanup on readonly fs [ 827.194173][T10876] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.9668: bg 0: block 248: padding at end of block bitmap is not set [ 827.216063][T10885] 9pnet_virtio: no channels available for device syz [ 827.239259][T10888] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 827.250256][T10888] __nla_validate_parse: 2 callbacks suppressed [ 827.250293][T10888] netlink: 56 bytes leftover after parsing attributes in process `syz.1.9674'. [ 827.261456][T10876] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.9668: Failed to acquire dquot type 1 [ 827.265516][T10888] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9674'. [ 827.285571][ T29] kauditd_printk_skb: 778 callbacks suppressed [ 827.285589][ T29] audit: type=1326 audit(1733101661.939:50834): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.4.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f787c5c77e7 code=0x7ffc0000 [ 827.314000][T10876] EXT4-fs (loop2): 1 truncate cleaned up [ 827.315655][ T29] audit: type=1326 audit(1733101661.939:50835): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.4.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f787c56c189 code=0x7ffc0000 [ 827.345140][ T29] audit: type=1326 audit(1733101661.939:50836): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.4.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f787c5d0849 code=0x7ffc0000 [ 827.369206][ T29] audit: type=1326 audit(1733101661.969:50837): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.4.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f787c5c77e7 code=0x7ffc0000 [ 827.393150][ T29] audit: type=1326 audit(1733101661.969:50838): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.4.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f787c56c189 code=0x7ffc0000 [ 827.417179][ T29] audit: type=1326 audit(1733101661.969:50839): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.4.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f787c5d0849 code=0x7ffc0000 [ 827.441188][ T29] audit: type=1326 audit(1733101661.969:50840): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.4.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f787c5c77e7 code=0x7ffc0000 [ 827.465121][ T29] audit: type=1326 audit(1733101661.969:50841): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.4.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f787c56c189 code=0x7ffc0000 [ 827.488988][ T29] audit: type=1326 audit(1733101661.969:50842): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.4.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f787c5d0849 code=0x7ffc0000 [ 827.513177][ T29] audit: type=1326 audit(1733101661.969:50843): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.4.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f787c5c77e7 code=0x7ffc0000 [ 827.627784][ T3372] ================================================================== [ 827.635899][ T3372] BUG: KCSAN: data-race in kick_pool / wq_worker_running [ 827.642960][ T3372] [ 827.645278][ T3372] read-write to 0xffff888237c2e8a4 of 4 bytes by task 8 on cpu 0: [ 827.653086][ T3372] wq_worker_running+0x98/0x130 [ 827.657941][ T3372] schedule_timeout+0xb8/0x160 [ 827.662712][ T3372] wait_for_common+0xfb/0x1c0 [ 827.667381][ T3372] usb_start_wait_urb+0xdc/0x190 [ 827.672323][ T3372] usb_control_msg+0x182/0x240 [ 827.677087][ T3372] hub_ext_port_status+0xbf/0x480 [ 827.682128][ T3372] hub_event+0x538/0x2910 [ 827.686471][ T3372] process_scheduled_works+0x483/0x9a0 [ 827.691932][ T3372] worker_thread+0x51d/0x6f0 [ 827.696542][ T3372] kthread+0x1d1/0x210 [ 827.700604][ T3372] ret_from_fork+0x4b/0x60 [ 827.705017][ T3372] ret_from_fork_asm+0x1a/0x30 [ 827.709784][ T3372] [ 827.712097][ T3372] read to 0xffff888237c2e8a4 of 4 bytes by task 3372 on cpu 1: [ 827.719641][ T3372] kick_pool+0x4d/0x2c0 [ 827.723800][ T3372] __queue_work+0x8bb/0xb40 [ 827.728311][ T3372] queue_work_on+0xd3/0x180 [ 827.732821][ T3372] process_srcu+0x711/0xb00 [ 827.737318][ T3372] process_scheduled_works+0x483/0x9a0 [ 827.742792][ T3372] worker_thread+0x51d/0x6f0 [ 827.747394][ T3372] kthread+0x1d1/0x210 [ 827.751461][ T3372] ret_from_fork+0x4b/0x60 [ 827.755873][ T3372] ret_from_fork_asm+0x1a/0x30 [ 827.760633][ T3372] [ 827.762949][ T3372] value changed: 0x00000000 -> 0x00000001 [ 827.768655][ T3372] [ 827.770981][ T3372] Reported by Kernel Concurrency Sanitizer on: [ 827.777122][ T3372] CPU: 1 UID: 0 PID: 3372 Comm: kworker/1:3 Tainted: G W 6.12.0-syzkaller-12128-gf788b5ef1ca9 #0 [ 827.789024][ T3372] Tainted: [W]=WARN [ 827.792825][ T3372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 827.802875][ T3372] Workqueue: rcu_gp process_srcu [ 827.807812][ T3372] ================================================================== [ 827.894928][T10895] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2 [ 828.031088][T10895] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9676'. [ 828.040127][T10895] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9676'. [ 828.049165][T10895] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9676'. [ 828.072067][T10895] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9676'.