last executing test programs: 5.781276364s ago: executing program 0 (id=239): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000073000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 5.651801115s ago: executing program 0 (id=241): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r2, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10) 5.651199485s ago: executing program 0 (id=243): sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00', 0x3}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x30b, @tick=0x1000, 0x31, {0xfd}}) 5.559033386s ago: executing program 0 (id=247): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) r1 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=0x0, &(0x7f00000007c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd=r0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x1}], 0x1}) io_uring_enter(r1, 0x4d10, 0x2, 0x2, 0x0, 0x0) 5.343506147s ago: executing program 0 (id=262): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r2 = socket(0x40000000015, 0x5, 0x0) getsockopt(r2, 0x200000000114, 0x271c, 0x0, &(0x7f0000000040)) 5.091476289s ago: executing program 0 (id=278): unshare(0x24040000) r0 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0x3, 0x800, 0x0, 0xfffffffd}, &(0x7f0000000040)=0x0, &(0x7f0000001040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_UNLINKAT={0x24, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x200, 0x1}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) 5.084166669s ago: executing program 32 (id=278): unshare(0x24040000) r0 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0x3, 0x800, 0x0, 0xfffffffd}, &(0x7f0000000040)=0x0, &(0x7f0000001040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_UNLINKAT={0x24, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x200, 0x1}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) 1.447441471s ago: executing program 4 (id=410): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000440)=[@in6={0xa, 0x4e23, 0x1f5c0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x6}], 0x1c) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), 0x4) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8) recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) 926.053224ms ago: executing program 1 (id=436): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000580), 0xce, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 871.076135ms ago: executing program 1 (id=439): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) sched_setaffinity(0x0, 0x0, 0x0) mount_setattr(0xffffffffffffffff, &(0x7f0000000300)='./file1\x00', 0x900, &(0x7f0000000340)={0x80, 0x9, 0x40000}, 0x20) 859.789324ms ago: executing program 1 (id=440): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) time(0x0) 787.799035ms ago: executing program 1 (id=443): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0) close(r1) 787.201845ms ago: executing program 3 (id=445): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x4c, 0x2, 0x6, 0x5, 0x0, 0x0, {0x3}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x4c}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={0x1c, 0x4, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000080}, 0x80) 786.895575ms ago: executing program 1 (id=446): unshare(0x22020400) r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x4, 0x24, &(0x7f0000000400)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0xc0085504, &(0x7f0000000300)=0x8000007) 775.174845ms ago: executing program 3 (id=448): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0) r1 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000080)=@chain) 716.101936ms ago: executing program 3 (id=450): r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) ioctl$SG_IO(r0, 0x2285, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000340)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000780)="aa1d484e243103000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e44751170", 0x30}], 0x2) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/address_bits', 0x2080, 0x1cc) pselect6(0x40, &(0x7f0000000100), &(0x7f0000000000)={0x1f}, 0x0, 0x0, 0x0) 715.205325ms ago: executing program 3 (id=453): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) 567.759996ms ago: executing program 4 (id=460): r0 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) write$selinux_context(r0, &(0x7f0000000000)='system_u:object_r:systemd_unit_file_t:s0\x00', 0x29) 557.803537ms ago: executing program 4 (id=462): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x10000, {{@in=@multicast2, @in=@empty, 0x0, 0x10, 0x0, 0x0, 0xa, 0x20, 0x0, 0x62}, {0x8, 0x10, 0x100000002, 0x0, 0xfff, 0xffffffffffffb473, 0xffffffffffffffff}, {0x1000000000, 0x2000000000000003, 0x2, 0xffffffffffffffff}, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0xb8}}, 0x4004) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000}}}, 0xb8}}, 0x2c000010) sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x300, 0x0, 0x1000, 0x0, 0xa, 0x20}, {}, {0x1, 0x6, 0x0, 0xfffffffffffffffe}}}, 0xb8}, 0x1, 0x0, 0x0, 0x404c830}, 0x0) 475.670927ms ago: executing program 4 (id=465): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="2c0000003f00070dfeffffff00000000017c0000040077000c0003"], 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0x4044000) 379.131698ms ago: executing program 4 (id=471): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 378.453987ms ago: executing program 3 (id=473): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18) syz_mount_image$iso9660(&(0x7f0000000540), &(0x7f00000001c0)='./file1\x00', 0x14004, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0], 0x4, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=") mknod(&(0x7f0000000000)='./file1\x00', 0x80, 0x2) 342.871738ms ago: executing program 5 (id=476): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffe3a}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r2, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) 279.813408ms ago: executing program 5 (id=477): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r0}, 0x18) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) read(r1, &(0x7f0000032440)=""/102364, 0x18fdc) write$bt_hci(r2, &(0x7f0000000300)={0x1, @delete_stored_link_key={{0xc12, 0x7}, {@none, 0x2}}}, 0xb) 279.071618ms ago: executing program 3 (id=479): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0, 0x0, 0x1}, 0x18) r1 = epoll_create1(0x0) syz_usb_connect(0x0, 0x2a9, &(0x7f00000006c0)=ANY=[], 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 269.499428ms ago: executing program 2 (id=481): openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x91) newfstatat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x4000) setreuid(r0, r0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000400)={0x0, {0x2, 0x4e20, @private=0xa010102}, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e23, @multicast2}, 0x200, 0x0, 0x0, 0x0, 0x6, 0x0, 0xc5e, 0x2, 0x28dc}) 254.380278ms ago: executing program 2 (id=482): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kfree\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1) sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x1c, r2, 0xb29, 0x0, 0x0, {{}, {@val={0x5}, @void}}}, 0x1c}}, 0x2404c044) 211.693678ms ago: executing program 5 (id=483): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) unshare(0x20060400) flistxattr(r1, 0x0, 0x0) 211.345518ms ago: executing program 2 (id=484): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r0}, 0x18) io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x0, 0x0, 0x0, r0}) 211.064858ms ago: executing program 5 (id=485): r0 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x1) write$binfmt_elf32(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300b300000000002a002400b3d7c52ebf31a8d5c8c3c6cb00000009e500d5ffffff05ffffff03"], 0xd8) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 210.787618ms ago: executing program 2 (id=486): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0xfffffffffffffe86, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x31fe) 207.032568ms ago: executing program 5 (id=487): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) fadvise64(r1, 0x7f, 0x0, 0x4) 202.301518ms ago: executing program 4 (id=488): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080)={[{@quota}, {@delalloc}, {@data_err_ignore}, {@debug}, {@usrjquota}, {@bsdgroups}]}, 0x1, 0x4e8, &(0x7f00000016c0)="$eJzs3M9vFGUfAPDvbLu0wMtLRSQBUQtobExsoaBw8IKJiQdNjHiQY9MWUlnA0B6ENLIkBs8k3o1H400Tr3o0nvwD8ODBxJAQ5QJ4WjO7M9vt/uh2S2nT7ueTLDzP7PPM8zwz88w+M09nAuhbo+k/ScT/IuJuROytRZcnGK399+jB4vTjB4vTUa5Uzv2dVNM9TOOZPN/uLDJWiCh8kTStsGb++o1LU6XS7LUoV+MTC5c/nZi/fuP1uctTF2cvzl6ZPHPm1MkTp9+cfKM563DXRrUpL23Xw0OfXz188N3zd96fHmxeWWM7Ospz/VPumjTybdvBK43r2wb2NIST1nbd3NDKsGrD2WFYTPv/Yuno+c2uELBhKpVKZajz1+VKs1stS4AtK4nNrgGwOfIf+vT6N//UlhQ3Yvix6e6frV0APXywWLkZMf2o3v7BKGRpik3Xt6kVxkw9GY2Ij8v/fp1+YqX7EH+sU4EAQN/7+Ww2DEyiafxXiAMN6f6fzaGMRMQzEbEvIp6NiP0R8VzEsrTLJBGVFcrf37ygXv4P2SxC4d5a27Ya6fjvrWxuK/9k5eZJRgay2J6IfMA8ezzbJmNRHLowV5o90WH9O7qU3zj+Sz9p+flYMKvHvcGmwebM1MLU2lrb6v6tiEODze1PBtMdl0/jJBFxMCIO9bDekYbw3GvfHq5Hmi4rure/qtJmSm9d5s8q30S8Wtv/5Vi2/5dKTBrnJwst85MTw1GaPT6RHgXH25bx62+3P+hUftf2//hnc5Z3Tv907kmbXZfu/10Nx3/k87dL7R9JIpL6fO18RGWgtzJu//5ldb2jx1q/W+vxvyP5qBrO+9dnUwsL105E7Ejea10+uZQ3j+fp0/aPHWvf//dledIt8XxEpAfxCxHxYsRAXvcjEXE0Ito0re6Xt1/+pNN3qzz+n5q0/TNtz3/L9v/SfP0qA3nmdMnApSN3H3c4eWTt37vy/j9VDY1lS9qf/5Jlp4jV1vTJth4AAABsDYWo/u1/YbweLhTGx2v3gPbHrkLp6vzCSxFxZab2jMBIFAsX5kqz+Q25kSgm+f3PkYb4ZFP8ZHbf+KuBndX4+PTV0sxmNx763O5qn09a+n/qrx7v8wJb0DZ6Dg3oUbf+f+DOBlUE2HB+/6F/NfT/Tm+2KPtLGdie/P5D/2rX/2/Gdys+u+CcAVtfRV+GvrZy/+/+vk1g6xqMD+vh6mPPbZ+2BbYj43/oS70+199boDLU/qvhaPPGgOGnU42dbcralEA6slrHFRYjYnWJd66liHwI2PkND4XeVjgUrV8NxEq5kvbvcYiIcsdc6VbpWp+LB9b94M/fibLeh833S/20uMrd/aQB1/sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC28l8AAAD//w1dzgU=") syz_clone(0x4000000, &(0x7f0000000480), 0x0, &(0x7f0000000540), 0x0, 0x0) sync() r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) 138.470469ms ago: executing program 2 (id=489): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="07000000040000008000000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x71, 0x5, 0xc, 0x8, 0x0, 0x1f, 0x4204, 0x8, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x1}, 0xb06, 0x3, 0x8, 0x1, 0x7f, 0x8800, 0x5, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_clone(0xae12e400, 0x0, 0x0, 0x0, 0x0, 0x0) 138.058929ms ago: executing program 5 (id=490): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) write$UHID_INPUT(r0, &(0x7f00000005c0)={0x9, {"a2e3ad21ed0d52f91b5a090987f70e06d038e7ff7fc6e5539b5b43078b089b3b073130090890e0878f0e1ac6e7049b3371959b6e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07710936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6b922f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa0b9d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c71568f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897f3411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2de8a50ddefeb12c46342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f02f4cded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 36.092279ms ago: executing program 1 (id=491): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) request_key(&(0x7f0000000080)='user\x00', &(0x7f00000002c0)={'syz', 0x3}, &(0x7f0000000300)='\x00', 0xfffffffffffffffd) 0s ago: executing program 2 (id=492): bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x10, &(0x7f0000000ac0)=ANY=[@ANYBLOB="75746638006d61703d6f983c756661703d6e6f726d616c2c6909000000f2ff00003dda5de4d586f0df206d65656b416d6f64653d3078303030303010303071303030303030302c73657373696f6e3d307830faffffff30303030303030f4e4b4f82c6d61736b3d4d4159574b50be30c8486470722677b93165cfe6f62127553b2017754598752d977369672c7063723d303030303030303030303030303030303030332c64566e745f6d6561737572652c00000000000000006bbf4d6406b59dbc529c00000000000000fada265ab14119997600a2299d2c35a2efc1bf037787a0d801f26d335ef2ba9ac2423a358ccbb776b21e1d3b", @ANYRESDEC, @ANYRESHEX=0x0], 0xfe, 0x69a, &(0x7f0000000c80)="$eJzs3c9uG9cVx/HfUBQlq4BRtEVgGLZ1YzeAjLo0ScUKBG/KDofUpCSHmKEKaRW4sRQYppzWdotam0Sb/gHaF+gumyz6EAWyzrov0EUXBYJ2V6AowGL+kRTJEWlZstzk+xFsXs49w3uGM+LRSOQdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWXatVCpbarrt7R2Tza75XuuE/vjRFnU7btyeOa5khf+0vKwr8aIr3xt2vxX+d1PX4nvXtBzeLOvwW299+/5387l0/RMSOg297AM+e3H4+EGvt/f0dKP1rdOsdy4mMlFujrUaTtsNPLdVbTjGDTyzubFRurtVD0zdbTrBbtB1Wsb2nVzX882afduUNzfXjVPc9bbbjVq16aQL3/thpVTaMO8vJbv/7vvFwN5ym0233Yhiwu4wZmlwhDjVljH7j3p767OSDIPK8wRVZgVVSpVKuVyplDfubd57r1TKTywojdFExPCgfXN2Ps5BPjlQJzrO4FUbOBu5sP7/zZKaWlZb29qRmfplqyZfnloZ/Ym0/r9z1zlx3NH6n1b5K8Puq4rq/4343o2s+p+Ri5GJVpjWY2UsP93XM73QoR7rgXrqaU9P4+X5Vxxj9ewyPJevT9Pta0h5yVUgT65aqqohRyZZYrSpDW2opA+0pboCWarLVVOOAu0qUFeNv3/xq3Bf+XJUVVeefBmtydZtGZW1qU2ty8hRUbvytK22Gqqpqn/3+/19PYqe9/UTslUaVJ7S+d/+WFB+cAxOBmfV/599Eq/xcvUfXz+DY2eOGODC9ZPz/2wLY/ejyrp6vlkBAAAAAICzZEW/fQ/P/xcXr0vqq+42ndJFpwUAAAAAAM5Q9Jf/a+HNYti6Livj/L//+nMDAAAAAABnw4o+Y2dJWone1G8NPwk1z5sAxj8cAAAAAAAA3kDR3/9vFKR+NLXaqqyXOv8HAAAAAAD/B343Msd+Pp1jt5/+WT8nKegsWX/555L8Reuos/N966Aa9lQPkpiJdwB061etvOKJeqP5eguSonu2c+1SEpRMgmnFswlKX+3Pmuvf8scSKCykv76YksDlw5EENvLJPf1Bb8cxbyfjPjzMKeqJR1mpu02naHvN+2VVq5dzXWen+8snj34t+YPt3H/U2yt++HHvYZTLUbjo6CDM45Nj6eRm5fJc1+PI61O3+JLq6ZC/b7dWrGjcUrr9C6oe5EYHmm/7f6ObcczNlfh25TDdA7I+TRrlYrTLhlsfzQ5hDbMoj2/5tB2RkcVylMWtOObW2q34Js0v3gvLP1iQKsXJfeCPZlEZzWL2c2H9a+K5mJFFeCysh1l8ET5QRhbrL5fFxB4BgIuyP6xC0STmk3Psj9fdKa9yaVXPfJWbXd1/dHyU53/qxx84XJDy6i8l5aWfXVcUvqKvxWGFaBb3gq5OeUUvJXVlWRmv6KVXqG7hWH8eXgMpuVpN0pMfZPGffr9/vxyN+8exqvpZuMJnmeMGzcpC+BTefX7w82gC/NBHex/tPalU1jdK75ZK9ypajDYjuaH2AACmmH2NneMRy8N6Nqjd7w7Oqh/+4524dazufmfwloKiPtTH6umh7qSXEFidPu7KyNsQ7kyetYax0U8dx2PLupN5VhfV0pHYyiB2Uekqx39eGMaun/duAADgtbo5ow6P1/9p5+530vPutavRSWX+alYdDWv5+BWCs2LLr/mZAADgm8Pxv7JWur+1fN/tfFDe3CxXu1uO8T37J8Z3aw3HuO2u49tb1XbDMR3f63q21zQdX0tuzQlMsN3peH7X1D3fdLzA3Ymu/G6SS78HTqva7rp20Gk61cAxttfuVu2uqbmBbTrbP266wZbjRysHHcd2665d7bpe2wTeJdlO0ZjAcUYC3ZrT7rp1N2y2Tcd3W1V/1/zUa263HFNzAtt3O10vfsB0LLdd9/xW9LBF9U+60CEAAN8Yz14cPn7Q6+09PaFxpLiRvh8t6fpySnBh2gNe8CYCAIAxVGkAAAAAAAAAAAAAAAAAAAAAAN5883z+78RG+qHAdMmipgRLgyW/uDzXI1saLvn8r6+U4SkaufElyUy7/dmrf9nrKR9P/DsRcylsFMKe9OkfXf1oZmILU9bKaqzOtaWKG/mzfg7TyYVnBhfm3JwZjaXBAZ0ZE3ZO7VoaPKv5V/92mNZ48nlG1+wjaun4d1PhpA083gj3wNPCtG/GORuv5eUHwAX6XwAAAP//3P40lg==") kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.159' (ED25519) to the list of known hosts. [ 24.934089][ T29] audit: type=1400 audit(1762503527.019:62): avc: denied { mounton } for pid=3302 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 24.957136][ T29] audit: type=1400 audit(1762503527.039:63): avc: denied { mount } for pid=3302 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 24.957869][ T3302] cgroup: Unknown subsys name 'net' [ 24.984750][ T29] audit: type=1400 audit(1762503527.069:64): avc: denied { unmount } for pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 25.119562][ T3302] cgroup: Unknown subsys name 'cpuset' [ 25.125828][ T3302] cgroup: Unknown subsys name 'rlimit' [ 25.234724][ T29] audit: type=1400 audit(1762503527.319:65): avc: denied { setattr } for pid=3302 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 25.258084][ T29] audit: type=1400 audit(1762503527.319:66): avc: denied { create } for pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 25.278575][ T29] audit: type=1400 audit(1762503527.319:67): avc: denied { write } for pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 25.299016][ T29] audit: type=1400 audit(1762503527.319:68): avc: denied { read } for pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 25.305490][ T3305] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 25.319365][ T29] audit: type=1400 audit(1762503527.319:69): avc: denied { mounton } for pid=3302 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 25.352617][ T29] audit: type=1400 audit(1762503527.319:70): avc: denied { mount } for pid=3302 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 25.375918][ T29] audit: type=1400 audit(1762503527.409:71): avc: denied { relabelto } for pid=3305 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.412218][ T3302] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 27.273891][ T3319] chnl_net:caif_netlink_parms(): no params data found [ 27.294610][ T3321] chnl_net:caif_netlink_parms(): no params data found [ 27.330622][ T3317] chnl_net:caif_netlink_parms(): no params data found [ 27.339687][ T3313] chnl_net:caif_netlink_parms(): no params data found [ 27.380430][ T3312] chnl_net:caif_netlink_parms(): no params data found [ 27.432943][ T3321] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.440059][ T3321] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.447182][ T3321] bridge_slave_0: entered allmulticast mode [ 27.453665][ T3321] bridge_slave_0: entered promiscuous mode [ 27.470561][ T3319] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.477643][ T3319] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.484924][ T3319] bridge_slave_0: entered allmulticast mode [ 27.491174][ T3319] bridge_slave_0: entered promiscuous mode [ 27.501987][ T3321] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.509140][ T3321] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.516317][ T3321] bridge_slave_1: entered allmulticast mode [ 27.522725][ T3321] bridge_slave_1: entered promiscuous mode [ 27.534897][ T3319] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.542080][ T3319] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.549208][ T3319] bridge_slave_1: entered allmulticast mode [ 27.555570][ T3319] bridge_slave_1: entered promiscuous mode [ 27.566794][ T3313] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.574274][ T3313] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.581436][ T3313] bridge_slave_0: entered allmulticast mode [ 27.587742][ T3313] bridge_slave_0: entered promiscuous mode [ 27.601958][ T3317] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.609068][ T3317] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.616175][ T3317] bridge_slave_0: entered allmulticast mode [ 27.622536][ T3317] bridge_slave_0: entered promiscuous mode [ 27.633342][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.640430][ T3313] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.647589][ T3313] bridge_slave_1: entered allmulticast mode [ 27.654082][ T3313] bridge_slave_1: entered promiscuous mode [ 27.678049][ T3317] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.685156][ T3317] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.692317][ T3317] bridge_slave_1: entered allmulticast mode [ 27.698790][ T3317] bridge_slave_1: entered promiscuous mode [ 27.714621][ T3321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 27.723750][ T3312] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.730869][ T3312] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.738078][ T3312] bridge_slave_0: entered allmulticast mode [ 27.744540][ T3312] bridge_slave_0: entered promiscuous mode [ 27.756115][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 27.766230][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 27.776435][ T3321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 27.785595][ T3312] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.792773][ T3312] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.799921][ T3312] bridge_slave_1: entered allmulticast mode [ 27.806310][ T3312] bridge_slave_1: entered promiscuous mode [ 27.818249][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 27.828153][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 27.855639][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 27.870024][ T3319] team0: Port device team_slave_0 added [ 27.885627][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 27.895407][ T3319] team0: Port device team_slave_1 added [ 27.906610][ T3321] team0: Port device team_slave_0 added [ 27.913408][ T3312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 27.923124][ T3321] team0: Port device team_slave_1 added [ 27.938058][ T3313] team0: Port device team_slave_0 added [ 27.944539][ T3312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 27.954216][ T3313] team0: Port device team_slave_1 added [ 27.986848][ T3317] team0: Port device team_slave_0 added [ 27.992824][ T3319] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 27.999805][ T3319] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 28.025680][ T3319] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 28.045693][ T3321] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 28.052673][ T3321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 28.078834][ T3321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 28.090156][ T3317] team0: Port device team_slave_1 added [ 28.095987][ T3319] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 28.102942][ T3319] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 28.129006][ T3319] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 28.140317][ T3312] team0: Port device team_slave_0 added [ 28.146265][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 28.153276][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 28.179184][ T3313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 28.195279][ T3321] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 28.202264][ T3321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 28.228260][ T3321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 28.244962][ T3312] team0: Port device team_slave_1 added [ 28.250889][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 28.257816][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 28.283804][ T3313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 28.300350][ T3317] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 28.307302][ T3317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 28.333296][ T3317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 28.362932][ T3317] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 28.369960][ T3317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 28.395900][ T3317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 28.411577][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 28.418516][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 28.444465][ T3312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 28.456341][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 28.463364][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 28.489396][ T3312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 28.517004][ T3321] hsr_slave_0: entered promiscuous mode [ 28.523135][ T3321] hsr_slave_1: entered promiscuous mode [ 28.533254][ T3319] hsr_slave_0: entered promiscuous mode [ 28.539270][ T3319] hsr_slave_1: entered promiscuous mode [ 28.545026][ T3319] debugfs: 'hsr0' already exists in 'hsr' [ 28.550792][ T3319] Cannot create hsr debugfs directory [ 28.567874][ T3313] hsr_slave_0: entered promiscuous mode [ 28.573938][ T3313] hsr_slave_1: entered promiscuous mode [ 28.579808][ T3313] debugfs: 'hsr0' already exists in 'hsr' [ 28.585508][ T3313] Cannot create hsr debugfs directory [ 28.626633][ T3317] hsr_slave_0: entered promiscuous mode [ 28.632723][ T3317] hsr_slave_1: entered promiscuous mode [ 28.638545][ T3317] debugfs: 'hsr0' already exists in 'hsr' [ 28.644316][ T3317] Cannot create hsr debugfs directory [ 28.656622][ T3312] hsr_slave_0: entered promiscuous mode [ 28.662750][ T3312] hsr_slave_1: entered promiscuous mode [ 28.668721][ T3312] debugfs: 'hsr0' already exists in 'hsr' [ 28.674471][ T3312] Cannot create hsr debugfs directory [ 28.850592][ T3321] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 28.859289][ T3321] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 28.867753][ T3321] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 28.876196][ T3321] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 28.902568][ T3313] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 28.919093][ T3313] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 28.930989][ T3313] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 28.942132][ T3313] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 28.958548][ T3319] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 28.968353][ T3319] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 28.977705][ T3319] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 28.986433][ T3319] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 29.020074][ T3317] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 29.032292][ T3317] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 29.045721][ T3317] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 29.054903][ T3317] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 29.065304][ T3321] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.095904][ T3312] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 29.104840][ T3312] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 29.117287][ T3321] 8021q: adding VLAN 0 to HW filter on device team0 [ 29.127658][ T3312] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 29.136308][ T3312] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 29.149204][ T295] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.156266][ T295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.176094][ T3321] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 29.186562][ T3321] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 29.200458][ T362] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.207688][ T362] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.238225][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.264185][ T3313] 8021q: adding VLAN 0 to HW filter on device team0 [ 29.277417][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.297528][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.304703][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.313473][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.320547][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.330430][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.351629][ T3319] 8021q: adding VLAN 0 to HW filter on device team0 [ 29.367084][ T3321] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 29.384994][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.392131][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.402425][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.409496][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.420405][ T3317] 8021q: adding VLAN 0 to HW filter on device team0 [ 29.436420][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.443500][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.453637][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.460689][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.505666][ T3319] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 29.516107][ T3319] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 29.529668][ T3312] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.567542][ T3317] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 29.577979][ T3317] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 29.604794][ T3312] 8021q: adding VLAN 0 to HW filter on device team0 [ 29.616828][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.623996][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.632711][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.639846][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.663344][ T3321] veth0_vlan: entered promiscuous mode [ 29.672519][ T3313] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 29.691004][ T3321] veth1_vlan: entered promiscuous mode [ 29.699804][ T3312] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 29.710357][ T3312] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 29.730030][ T3319] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 29.772533][ T3321] veth0_macvtap: entered promiscuous mode [ 29.787987][ T3317] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 29.802119][ T3321] veth1_macvtap: entered promiscuous mode [ 29.824359][ T3312] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 29.844345][ T3321] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 29.862326][ T3319] veth0_vlan: entered promiscuous mode [ 29.882083][ T3321] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 29.900714][ T3319] veth1_vlan: entered promiscuous mode [ 29.908521][ T3313] veth0_vlan: entered promiscuous mode [ 29.925152][ T52] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 29.937361][ T3313] veth1_vlan: entered promiscuous mode [ 29.951394][ T52] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 29.960660][ T52] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 29.971945][ T3317] veth0_vlan: entered promiscuous mode [ 29.985905][ T52] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.001340][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 30.001352][ T29] audit: type=1400 audit(1762503532.079:81): avc: denied { mounton } for pid=3321 comm="syz-executor" path="/root/syzkaller.OKTn3k/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 30.020516][ T3317] veth1_vlan: entered promiscuous mode [ 30.031679][ T29] audit: type=1400 audit(1762503532.079:82): avc: denied { mount } for pid=3321 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 30.044823][ T3317] veth0_macvtap: entered promiscuous mode [ 30.059016][ T29] audit: type=1400 audit(1762503532.079:83): avc: denied { mounton } for pid=3321 comm="syz-executor" path="/root/syzkaller.OKTn3k/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 30.067452][ T3317] veth1_macvtap: entered promiscuous mode [ 30.089739][ T29] audit: type=1400 audit(1762503532.089:84): avc: denied { mount } for pid=3321 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 30.102739][ T3313] veth0_macvtap: entered promiscuous mode [ 30.117322][ T29] audit: type=1400 audit(1762503532.089:85): avc: denied { mounton } for pid=3321 comm="syz-executor" path="/root/syzkaller.OKTn3k/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 30.136243][ T3319] veth0_macvtap: entered promiscuous mode [ 30.149597][ T29] audit: type=1400 audit(1762503532.089:86): avc: denied { mounton } for pid=3321 comm="syz-executor" path="/root/syzkaller.OKTn3k/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3815 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 30.167180][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.191498][ T29] audit: type=1400 audit(1762503532.089:87): avc: denied { unmount } for pid=3321 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 30.195494][ T3313] veth1_macvtap: entered promiscuous mode [ 30.231826][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.241415][ T3319] veth1_macvtap: entered promiscuous mode [ 30.251980][ T29] audit: type=1400 audit(1762503532.299:88): avc: denied { mounton } for pid=3321 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 30.274798][ T29] audit: type=1400 audit(1762503532.309:89): avc: denied { mount } for pid=3321 comm="syz-executor" name="/" dev="gadgetfs" ino=3874 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 30.298385][ T3321] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 30.300207][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.326318][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.336431][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.345992][ T3312] veth0_vlan: entered promiscuous mode [ 30.347531][ T29] audit: type=1400 audit(1762503532.429:90): avc: denied { read write } for pid=3321 comm="syz-executor" name="loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 30.377251][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.385780][ T362] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.405137][ T3312] veth1_vlan: entered promiscuous mode [ 30.413523][ T362] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.432926][ T362] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.450351][ T362] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.494382][ T3312] veth0_macvtap: entered promiscuous mode [ 30.504724][ T3488] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 30.519908][ T3312] veth1_macvtap: entered promiscuous mode [ 30.539219][ T362] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.545316][ T3494] loop1: detected capacity change from 0 to 512 [ 30.563650][ T362] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.580912][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.598094][ T3494] EXT4-fs: Ignoring removed nobh option [ 30.600559][ T362] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.616885][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.635521][ T3494] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.2: iget: bad i_size value: 38620345925642 [ 30.649922][ T3494] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2: couldn't read orphan inode 15 (err -117) [ 30.650306][ T362] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.679742][ T31] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.692870][ T3502] mmap: syz.3.9 (3502) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 30.708838][ T3494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 30.739320][ T31] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.774532][ T3508] Illegal XDP return value 4294967262 on prog (id 6) dev syz_tun, expect packet loss! [ 30.779956][ T31] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.823263][ T31] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.854016][ T31] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.862434][ T3517] loop2: detected capacity change from 0 to 1024 [ 30.873748][ T3521] loop4: detected capacity change from 0 to 128 [ 30.881340][ T31] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.892417][ T3517] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 30.924907][ T31] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.928800][ T3517] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 30.943467][ T31] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.959334][ T3517] EXT4-fs (loop2): orphan cleanup on readonly fs [ 30.965770][ T3527] syz.4.17 uses obsolete (PF_INET,SOCK_PACKET) [ 30.979858][ T3517] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.13: Invalid inode table block 0 in block_group 0 [ 30.990384][ T3529] loop0: detected capacity change from 0 to 512 [ 31.001696][ T3517] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 31.011381][ T3517] EXT4-fs error (device loop2): ext4_quota_write:7334: inode #3: comm syz.2.13: mark_inode_dirty error [ 31.023052][ T3517] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.13: Failed to acquire dquot type 0 [ 31.028581][ T362] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm kworker/u8:6: bg 0: block 5: invalid block bitmap [ 31.046953][ T3517] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.13: Invalid inode table block 0 in block_group 0 [ 31.059541][ T3529] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 31.059627][ T362] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1480 with error 28 [ 31.072780][ T3529] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 31.086816][ T3529] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.18: bg 0: block 104: invalid block bitmap [ 31.093483][ T362] EXT4-fs (loop1): This should not happen!! Data will be lost [ 31.093483][ T362] [ 31.115411][ T362] EXT4-fs (loop1): Total free blocks count 0 [ 31.121534][ T362] EXT4-fs (loop1): Free/Dirty block details [ 31.127429][ T362] EXT4-fs (loop1): free_blocks=0 [ 31.127680][ T3517] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 31.132400][ T362] EXT4-fs (loop1): dirty_blocks=1484 [ 31.147062][ T362] EXT4-fs (loop1): Block reservation details [ 31.147807][ T3529] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 31.153175][ T362] EXT4-fs (loop1): i_reserved_data_blocks=1484 [ 31.173709][ T3517] EXT4-fs error (device loop2): ext4_ext_truncate:4475: inode #15: comm syz.2.13: mark_inode_dirty error [ 31.188558][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 31.198093][ T3517] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.13: Invalid inode table block 0 in block_group 0 [ 31.227989][ T3517] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 31.229427][ T3529] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.18: invalid indirect mapped block 1 (level 1) [ 31.283265][ T3517] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 31.298095][ T3529] EXT4-fs (loop0): 1 truncate cleaned up [ 31.311724][ T3529] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 31.328022][ T3517] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.13: Invalid inode table block 0 in block_group 0 [ 31.356494][ T3517] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 31.374120][ T3548] xt_CT: You must specify a L4 protocol and not use inversions on it [ 31.376700][ T3517] EXT4-fs error (device loop2): ext4_truncate:4637: inode #15: comm syz.2.13: mark_inode_dirty error [ 31.396188][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 31.412580][ T3517] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 31.433854][ T3517] EXT4-fs (loop2): 1 truncate cleaned up [ 31.452030][ T3517] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 31.501805][ T3517] SELinux: failed to load policy [ 31.507255][ T3559] netlink: 14 bytes leftover after parsing attributes in process `syz.1.31'. [ 31.517916][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 31.547894][ T3565] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 31.701083][ T3584] netlink: '+jõ@': attribute type 21 has an invalid length. [ 31.860619][ T3603] netlink: 8 bytes leftover after parsing attributes in process `syz.1.52'. [ 31.880434][ T3603] netlink: 24 bytes leftover after parsing attributes in process `syz.1.52'. [ 31.901243][ T3603] Zero length message leads to an empty skb [ 32.152110][ T3638] loop0: detected capacity change from 0 to 2048 [ 32.170395][ T3638] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 32.185075][ T3638] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 32.200306][ T3638] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 32.212540][ T3638] EXT4-fs (loop0): This should not happen!! Data will be lost [ 32.212540][ T3638] [ 32.222277][ T3638] EXT4-fs (loop0): Total free blocks count 0 [ 32.228262][ T3638] EXT4-fs (loop0): Free/Dirty block details [ 32.234183][ T3638] EXT4-fs (loop0): free_blocks=2415919104 [ 32.239949][ T3638] EXT4-fs (loop0): dirty_blocks=16 [ 32.245090][ T3638] EXT4-fs (loop0): Block reservation details [ 32.251122][ T3638] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 32.258655][ T3645] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 32.298700][ T3638] syz.0.70 (3638) used greatest stack depth: 10120 bytes left [ 32.341345][ T3655] netlink: 80 bytes leftover after parsing attributes in process `syz.3.78'. [ 32.375535][ T3658] loop1: detected capacity change from 0 to 512 [ 32.394025][ T3658] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 32.405625][ T3658] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 32.415735][ T3658] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.79: Corrupt directory, running e2fsck is recommended [ 32.428701][ T3658] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 32.444379][ T3658] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.79: corrupted in-inode xattr: invalid ea_ino [ 32.457788][ T3658] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.79: couldn't read orphan inode 15 (err -117) [ 32.473977][ T3658] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 32.496639][ T3658] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 32.508302][ T3658] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 32.518408][ T3658] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.79: Corrupt directory, running e2fsck is recommended [ 32.536178][ T3673] netlink: 16 bytes leftover after parsing attributes in process `syz.0.84'. [ 32.551864][ T3658] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 32.563457][ T3658] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 32.573563][ T3658] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.79: Corrupt directory, running e2fsck is recommended [ 32.590620][ T3658] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 32.602150][ T3658] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 32.612232][ T3658] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.79: Corrupt directory, running e2fsck is recommended [ 32.633764][ T3658] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 32.635594][ T3679] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 32.674423][ T3679] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 32.683066][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 32.802728][ T3697] loop4: detected capacity change from 0 to 512 [ 32.817231][ T3697] EXT4-fs (loop4): fragment/cluster size (8192) != block size (4096) [ 32.876561][ T3703] loop3: detected capacity change from 0 to 128 [ 32.905689][ T3703] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 32.927858][ T3703] ext4 filesystem being mounted at /32/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 33.008746][ T3319] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 33.381447][ T3762] process 'syz.3.123' launched './file0' with NULL argv: empty string added [ 33.860725][ T3810] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 34.101318][ T3842] netlink: 7 bytes leftover after parsing attributes in process `syz.0.146'. [ 34.139736][ T3846] loop1: detected capacity change from 0 to 512 [ 34.182732][ T3846] ------------[ cut here ]------------ [ 34.188367][ T3846] EA inode 11 i_nlink=2 [ 34.188802][ T3846] WARNING: CPU: 1 PID: 3846 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380 [ 34.203538][ T3846] Modules linked in: [ 34.207501][ T3846] CPU: 1 UID: 0 PID: 3846 Comm: syz.1.147 Not tainted syzkaller #0 PREEMPT(voluntary) [ 34.217358][ T3846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 34.227705][ T3846] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380 [ 34.234501][ T3846] Code: 90 49 8d 7e 40 e8 76 fd b8 ff 4d 8b 6e 40 4c 89 e7 e8 8a f8 b8 ff 41 8b 56 48 48 c7 c7 ae d1 55 86 4c 89 ee e8 07 fa 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 88 e7 b5 03 0f 1f 84 00 00 00 00 00 [ 34.254452][ T3846] RSP: 0018:ffffc9000ff575a0 EFLAGS: 00010246 [ 34.260587][ T3846] RAX: 293902c3cd27a500 RBX: ffff888100756d18 RCX: 0000000000080000 [ 34.268661][ T3846] RDX: ffffc900023de000 RSI: 0000000000004072 RDI: 0000000000004073 [ 34.276715][ T3846] RBP: 0000000000000002 R08: 0001c9000ff57427 R09: 0000000000000000 [ 34.284841][ T3846] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff888100756cc8 [ 34.293039][ T3846] R13: 000000000000000b R14: ffff888100756c80 R15: 0000000000000001 [ 34.301225][ T3846] FS: 00007f8bca6df6c0(0000) GS:ffff8882aef13000(0000) knlGS:0000000000000000 [ 34.302410][ T3854] vhci_hcd: invalid port number 96 [ 34.310234][ T3846] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.315313][ T3854] vhci_hcd: default hub control req: 2000 vfffc i0060 l7 [ 34.321971][ T3846] CR2: 00007f28ee747dac CR3: 000000011acd0000 CR4: 00000000003506f0 [ 34.336890][ T3846] DR0: 0000000000000002 DR1: 0000000000000000 DR2: 0000000000000000 [ 34.345004][ T3846] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 34.353238][ T3846] Call Trace: [ 34.356617][ T3846] [ 34.359584][ T3846] ext4_xattr_set_entry+0x77f/0x1020 [ 34.365001][ T3846] ext4_xattr_ibody_set+0x184/0x3c0 [ 34.370256][ T3846] ext4_expand_extra_isize_ea+0xcbb/0x11f0 [ 34.376108][ T3846] __ext4_expand_extra_isize+0x246/0x280 [ 34.381798][ T3846] __ext4_mark_inode_dirty+0x29d/0x3f0 [ 34.387313][ T3846] ext4_evict_inode+0x80e/0xd90 [ 34.392246][ T3846] ? __pfx_ext4_evict_inode+0x10/0x10 [ 34.397736][ T3846] evict+0x2e3/0x550 [ 34.401674][ T3846] ? __dquot_initialize+0x146/0x7c0 [ 34.406924][ T3846] iput+0x4ed/0x650 [ 34.410793][ T3846] ext4_process_orphan+0x1a9/0x1c0 [ 34.416152][ T3846] ext4_orphan_cleanup+0x6a8/0xa00 [ 34.421443][ T3846] ext4_fill_super+0x3483/0x3810 [ 34.426403][ T3846] ? snprintf+0x86/0xb0 [ 34.430912][ T3846] ? set_blocksize+0x1a8/0x310 [ 34.435860][ T3846] ? sb_set_blocksize+0xe3/0x100 [ 34.440932][ T3846] ? setup_bdev_super+0x30e/0x370 [ 34.446011][ T3846] ? __pfx_ext4_fill_super+0x10/0x10 [ 34.451487][ T3846] get_tree_bdev_flags+0x291/0x300 [ 34.456666][ T3846] ? __pfx_ext4_fill_super+0x10/0x10 [ 34.462078][ T3846] get_tree_bdev+0x1f/0x30 [ 34.466500][ T3846] ext4_get_tree+0x1c/0x30 [ 34.470943][ T3846] vfs_get_tree+0x57/0x1d0 [ 34.475413][ T3846] do_new_mount+0x24d/0x660 [ 34.480453][ T3846] path_mount+0x4a5/0xb70 [ 34.484795][ T3846] ? user_path_at+0x109/0x130 [ 34.489496][ T3846] __se_sys_mount+0x28c/0x2e0 [ 34.494203][ T3846] __x64_sys_mount+0x67/0x80 [ 34.498798][ T3846] x64_sys_call+0x2b51/0x3000 [ 34.503511][ T3846] do_syscall_64+0xd2/0x200 [ 34.508107][ T3846] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 34.514267][ T3846] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 34.520170][ T3846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 34.526131][ T3846] RIP: 0033:0x7f8bcbc80e6a [ 34.530585][ T3846] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 34.550288][ T3846] RSP: 002b:00007f8bca6dee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 34.558754][ T3846] RAX: ffffffffffffffda RBX: 00007f8bca6deef0 RCX: 00007f8bcbc80e6a [ 34.566898][ T3846] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f8bca6deeb0 [ 34.574944][ T3846] RBP: 0000200000000180 R08: 00007f8bca6deef0 R09: 0000000000800700 [ 34.583098][ T3846] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 34.591194][ T3846] R13: 00007f8bca6deeb0 R14: 000000000000046f R15: 0000200000000200 [ 34.599285][ T3846] [ 34.602306][ T3846] ---[ end trace 0000000000000000 ]--- [ 34.608678][ T3846] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #18: comm syz.1.147: iget: bad extra_isize 90 (inode size 256) [ 34.629395][ T3846] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.147: error while reading EA inode 18 err=-117 [ 34.641927][ T3846] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #18: comm syz.1.147: iget: bad extra_isize 90 (inode size 256) [ 34.689235][ T3846] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.147: error while reading EA inode 18 err=-117 [ 34.718560][ T3846] EXT4-fs (loop1): 1 orphan inode deleted [ 34.726041][ T3846] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 34.850549][ T3904] syz.3.166 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 34.861693][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 35.036189][ T29] kauditd_printk_skb: 329 callbacks suppressed [ 35.036202][ T29] audit: type=1400 audit(1762503537.119:418): avc: denied { shutdown } for pid=3924 comm="syz.4.176" laddr=fe80::40 lport=47347 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 35.054787][ T3925] syz.4.176 (3925) used greatest stack depth: 8824 bytes left [ 35.079806][ T29] audit: type=1400 audit(1762503537.119:419): avc: denied { getopt } for pid=3924 comm="syz.4.176" laddr=fe80::40 lport=47347 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 35.156593][ T3937] netlink: 28 bytes leftover after parsing attributes in process `syz.3.182'. [ 35.165490][ T3937] netlink: 348 bytes leftover after parsing attributes in process `syz.3.182'. [ 35.174522][ T3937] netlink: 28 bytes leftover after parsing attributes in process `syz.3.182'. [ 35.174590][ T29] audit: type=1400 audit(1762503537.239:420): avc: denied { open } for pid=3938 comm="syz.4.183" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 35.183415][ T3937] netlink: 348 bytes leftover after parsing attributes in process `syz.3.182'. [ 35.211667][ T29] audit: type=1400 audit(1762503537.239:421): avc: denied { kernel } for pid=3938 comm="syz.4.183" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 35.231493][ T3933] loop2: detected capacity change from 0 to 1024 [ 35.241452][ T29] audit: type=1400 audit(1762503537.329:422): avc: denied { read } for pid=3940 comm="syz.1.184" dev="nsfs" ino=4026532568 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 35.262474][ T3933] journal_path: Non-blockdev passed as './bus' [ 35.262492][ T3933] EXT4-fs: error: could not find journal device path [ 35.275431][ T29] audit: type=1400 audit(1762503537.329:423): avc: denied { open } for pid=3940 comm="syz.1.184" path="net:[4026532568]" dev="nsfs" ino=4026532568 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 35.298583][ T29] audit: type=1400 audit(1762503537.329:424): avc: denied { create } for pid=3940 comm="syz.1.184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 35.319966][ T29] audit: type=1400 audit(1762503537.329:425): avc: denied { write } for pid=3938 comm="syz.4.183" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 35.339145][ T29] audit: type=1400 audit(1762503537.329:426): avc: denied { write } for pid=3938 comm="syz.4.183" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 35.359484][ T29] audit: type=1400 audit(1762503537.359:427): avc: denied { read } for pid=3940 comm="syz.1.184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 35.482611][ T3968] 9p: Unknown access argument ý: -22 [ 35.583042][ T3979] unsupported nla_type 52263 [ 35.768928][ T4005] netlink: 'syz.4.211': attribute type 2 has an invalid length. [ 35.903598][ T4027] capability: warning: `syz.4.221' uses 32-bit capabilities (legacy support in use) [ 36.069283][ T4056] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 36.355769][ T4086] loop0: detected capacity change from 0 to 1024 [ 36.367785][ T4086] EXT4-fs: Ignoring removed orlov option [ 36.390326][ T4086] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.511417][ T4112] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 36.511510][ T3321] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 36.542723][ T3321] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 36.553608][ T4112] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 36.611892][ T4031] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.706402][ T4134] __nla_validate_parse: 3 callbacks suppressed [ 36.706416][ T4134] netlink: 12 bytes leftover after parsing attributes in process `syz.1.272'. [ 36.778126][ T4141] netlink: 44 bytes leftover after parsing attributes in process `syz.1.275'. [ 37.022654][ T4183] IPv6: Can't replace route, no match found [ 37.084503][ T4190] loop3: detected capacity change from 0 to 512 [ 37.104578][ T4190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 37.117415][ T4190] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 37.172083][ T4201] netlink: 48 bytes leftover after parsing attributes in process `syz.4.298'. [ 37.181947][ T4157] chnl_net:caif_netlink_parms(): no params data found [ 37.194661][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.225166][ T4205] loop1: detected capacity change from 0 to 256 [ 37.261550][ T4157] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.268642][ T4157] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.286650][ T4157] bridge_slave_0: entered allmulticast mode [ 37.293190][ T4157] bridge_slave_0: entered promiscuous mode [ 37.319429][ T4157] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.326491][ T4157] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.344121][ T4157] bridge_slave_1: entered allmulticast mode [ 37.350927][ T4157] bridge_slave_1: entered promiscuous mode [ 37.378131][ T4157] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.397281][ T4157] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.425015][ T4226] netlink: 'syz.2.308': attribute type 1 has an invalid length. [ 37.452623][ T4157] team0: Port device team_slave_0 added [ 37.467834][ T4157] team0: Port device team_slave_1 added [ 37.488384][ T4236] xt_policy: output policy not valid in PREROUTING and INPUT [ 37.525478][ T1036] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4 [ 37.533271][ T1036] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2 [ 37.542626][ T1036] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x3 [ 37.550846][ T1036] hid-generic 0000:3000000:0000.0001: hidraw0: HID v0.00 Device [sy] on syz0 [ 37.574819][ T4157] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 37.581800][ T4157] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 37.607901][ T4157] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 37.613890][ T4246] fido_id[4246]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 37.645753][ T4157] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 37.652766][ T4157] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 37.678701][ T4157] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 37.716244][ T4250] SELinux: failed to load policy [ 37.766134][ T4157] hsr_slave_0: entered promiscuous mode [ 37.769612][ T4260] loop4: detected capacity change from 0 to 512 [ 37.779405][ T4157] hsr_slave_1: entered promiscuous mode [ 37.795303][ T4157] debugfs: 'hsr0' already exists in 'hsr' [ 37.801108][ T4157] Cannot create hsr debugfs directory [ 37.824812][ T4260] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 37.888604][ T4260] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 37.939876][ T1036] kernel write not supported for file bpf-prog (pid: 1036 comm: kworker/1:2) [ 37.968035][ T4260] EXT4-fs (loop4): shut down requested (0) [ 37.992370][ T362] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.005664][ T4279] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 38.009527][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.037176][ T4279] netlink: 'syz.2.331': attribute type 1 has an invalid length. [ 38.053491][ T362] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.068724][ T4282] loop4: detected capacity change from 0 to 1024 [ 38.084651][ T4282] EXT4-fs: Ignoring removed nomblk_io_submit option [ 38.093272][ T4282] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 38.101541][ T4282] System zones: 0-1, 3-36 [ 38.107128][ T4282] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.130063][ T4282] capability: warning: `syz.4.333' uses deprecated v2 capabilities in a way that may be insecure [ 38.143464][ T362] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.157846][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.247651][ T362] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.300624][ T4157] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 38.310399][ T4157] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 38.319362][ T4157] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 38.330635][ T4157] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 38.354822][ T4303] netlink: 8 bytes leftover after parsing attributes in process `syz.1.342'. [ 38.368572][ T4309] loop2: detected capacity change from 0 to 512 [ 38.390048][ T4309] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.344: error while reading EA inode 32 err=-116 [ 38.403898][ T4309] EXT4-fs (loop2): Remounting filesystem read-only [ 38.416807][ T4309] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 38.429969][ T4309] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 38.440506][ T4309] EXT4-fs (loop2): 1 orphan inode deleted [ 38.446583][ T4309] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 38.452186][ T362] bridge_slave_1: left allmulticast mode [ 38.464247][ T362] bridge_slave_1: left promiscuous mode [ 38.469981][ T362] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.481485][ T4309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.495183][ T362] bridge_slave_0: left allmulticast mode [ 38.500950][ T362] bridge_slave_0: left promiscuous mode [ 38.506642][ T362] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.552936][ T4321] loop1: detected capacity change from 0 to 128 [ 38.570077][ T4321] EXT4-fs: Ignoring removed nobh option [ 38.593621][ T4324] netlink: 83992 bytes leftover after parsing attributes in process `syz.2.350'. [ 38.603894][ T4321] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 38.617595][ T4324] netlink: zone id is out of range [ 38.619413][ T4321] ext4 filesystem being mounted at /59/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 38.622767][ T4324] netlink: zone id is out of range [ 38.638301][ T4324] netlink: zone id is out of range [ 38.643570][ T4324] netlink: zone id is out of range [ 38.657622][ T4324] netlink: set zone limit has 8 unknown bytes [ 38.693722][ T362] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 38.723784][ T3313] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 38.737608][ T362] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 38.768147][ T362] bond0 (unregistering): Released all slaves [ 38.798157][ T4338] batadv_slave_1: entered promiscuous mode [ 38.841216][ T4337] batadv_slave_1: left promiscuous mode [ 38.869993][ T4157] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.912299][ T362] hsr_slave_0: left promiscuous mode [ 38.920981][ T362] hsr_slave_1: left promiscuous mode [ 38.943949][ T362] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 38.951396][ T362] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 38.968812][ T36] kernel read not supported for file /169/net/netstat (pid: 36 comm: kworker/1:1) [ 38.978689][ T362] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 38.986123][ T362] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 39.019442][ T362] veth1_macvtap: left promiscuous mode [ 39.029108][ T362] veth0_macvtap: left promiscuous mode [ 39.034738][ T362] veth1_vlan: left promiscuous mode [ 39.057899][ T362] veth0_vlan: left promiscuous mode [ 39.142610][ T4374] tmpfs: Bad value for 'mpol' [ 39.185764][ T362] team0 (unregistering): Port device team_slave_1 removed [ 39.196829][ T362] team0 (unregistering): Port device team_slave_0 removed [ 39.243400][ T4376] sctp: [Deprecated]: syz.1.367 (pid 4376) Use of struct sctp_assoc_value in delayed_ack socket option. [ 39.243400][ T4376] Use struct sctp_sack_info instead [ 39.251034][ T4157] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.291896][ T4382] netlink: 8 bytes leftover after parsing attributes in process `syz.2.369'. [ 39.301725][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.308856][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.335359][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.342552][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.363963][ T4157] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 39.374365][ T4157] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.419278][ T4392] xt_CT: No such helper "pptp" [ 39.464225][ T4157] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.605302][ T4430] loop3: detected capacity change from 0 to 512 [ 39.624751][ T4430] journal_path: Lookup failure for './file0/../file0' [ 39.631630][ T4430] EXT4-fs: error: could not find journal device path [ 39.801774][ T4157] veth0_vlan: entered promiscuous mode [ 39.817182][ T4157] veth1_vlan: entered promiscuous mode [ 39.868351][ T4157] veth0_macvtap: entered promiscuous mode [ 39.884632][ T4469] tipc: Enabling of bearer rejected, failed to enable media [ 39.913395][ T4157] veth1_macvtap: entered promiscuous mode [ 39.942279][ T4157] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.960124][ T4157] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.982780][ T52] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.024024][ T52] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.039060][ T29] kauditd_printk_skb: 286 callbacks suppressed [ 40.039073][ T29] audit: type=1400 audit(1762503542.129:714): avc: denied { mount } for pid=4157 comm="syz-executor" name="/" dev="gadgetfs" ino=3874 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 40.084672][ T52] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.119108][ T52] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.159833][ T29] audit: type=1400 audit(1762503542.159:715): avc: denied { connect } for pid=4485 comm="syz.1.397" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 40.197991][ T29] audit: type=1400 audit(1762503542.279:716): avc: denied { create } for pid=4496 comm="syz.1.399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 40.253848][ T29] audit: type=1400 audit(1762503542.339:717): avc: denied { name_bind } for pid=4509 comm="syz.2.403" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 40.323730][ T29] audit: type=1400 audit(1762503542.339:718): avc: denied { write } for pid=4496 comm="syz.1.399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 40.333650][ T4523] netlink: 'syz.1.408': attribute type 3 has an invalid length. [ 40.343868][ T29] audit: type=1400 audit(1762503542.369:719): avc: denied { write } for pid=4514 comm="syz.3.406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 40.351518][ T4523] netlink: 8 bytes leftover after parsing attributes in process `syz.1.408'. [ 40.371242][ T29] audit: type=1326 audit(1762503542.369:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.2.405" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f29cd4df6c9 code=0x0 [ 40.482819][ T29] audit: type=1400 audit(1762503542.569:721): avc: denied { read } for pid=4529 comm="syz.4.410" lport=45978 faddr=fe88::105 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 40.551682][ T29] audit: type=1326 audit(1762503542.629:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4545 comm="syz.5.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f7b8f6c9 code=0x7ffc0000 [ 40.575054][ T29] audit: type=1326 audit(1762503542.629:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4545 comm="syz.5.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f7b8f6c9 code=0x7ffc0000 [ 40.716503][ T4562] loop3: detected capacity change from 0 to 512 [ 40.751482][ T4562] EXT4-fs (loop3): too many log groups per flexible block group [ 40.763944][ T4562] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 40.773931][ T4562] EXT4-fs (loop3): mount failed [ 40.792226][ T4572] loop1: detected capacity change from 0 to 512 [ 40.819132][ T4572] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.428: Failed to acquire dquot type 1 [ 40.832084][ T4572] EXT4-fs (loop1): 1 truncate cleaned up [ 40.838117][ T4572] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.853895][ T4572] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 40.894747][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.917791][ T4585] loop3: detected capacity change from 0 to 2048 [ 40.953540][ T4585] EXT4-fs (loop3): failed to initialize system zone (-117) [ 40.962442][ T4585] EXT4-fs (loop3): mount failed [ 41.025700][ T4598] netlink: 12 bytes leftover after parsing attributes in process `syz.3.438'. [ 41.252444][ T4638] sctp: [Deprecated]: syz.5.458 (pid 4638) Use of int in max_burst socket option deprecated. [ 41.252444][ T4638] Use struct sctp_assoc_value instead [ 41.346427][ T4647] netlink: 104 bytes leftover after parsing attributes in process `syz.4.462'. [ 41.366652][ T4649] xt_TPROXY: Can be used only with -p tcp or -p udp [ 41.393525][ T4653] netlink: 8 bytes leftover after parsing attributes in process `syz.4.465'. [ 41.412494][ T4655] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 41.531833][ T4670] loop3: detected capacity change from 0 to 164 [ 41.540069][ T4670] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 41.552411][ T4670] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 41.561768][ T4670] Symlink component flag not implemented [ 41.567413][ T4670] Symlink component flag not implemented [ 41.601865][ T4682] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 41.610440][ T4682] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 41.646517][ T4689] netlink: 'syz.2.482': attribute type 3 has an invalid length. [ 41.710158][ T4701] loop4: detected capacity change from 0 to 512 [ 41.717232][ T4701] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 41.729938][ T4701] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ec01c, mo2=0003] [ 41.737863][ T4701] System zones: 1-2, 4-12, 8-8 [ 41.743370][ T4701] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.488: iget: bad i_size value: 38620345925642 [ 41.757492][ T4701] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.488: couldn't read orphan inode 15 (err -117) [ 41.770344][ T4701] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.787809][ T3439] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm kworker/u8:7: bg 0: block 5: invalid block bitmap [ 41.802790][ T3439] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 5 with error 28 [ 41.802858][ T3439] EXT4-fs (loop4): This should not happen!! Data will be lost [ 41.802858][ T3439] [ 41.802950][ T3439] EXT4-fs (loop4): Total free blocks count 0 [ 41.802962][ T3439] EXT4-fs (loop4): Free/Dirty block details [ 41.802972][ T3439] EXT4-fs (loop4): free_blocks=0 [ 41.802983][ T3439] EXT4-fs (loop4): dirty_blocks=73 [ 41.802995][ T3439] EXT4-fs (loop4): Block reservation details [ 41.803033][ T3439] EXT4-fs (loop4): i_reserved_data_blocks=73 [ 41.815659][ T3439] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 8 with max blocks 68 with error 28 [ 41.903275][ T4701] ================================================================== [ 41.903302][ T4701] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 41.903333][ T4701] [ 41.903340][ T4701] read-write to 0xffff888106e2a478 of 8 bytes by task 12 on cpu 1: [ 41.903358][ T4701] __xa_clear_mark+0xf5/0x1e0 [ 41.903378][ T4701] __folio_end_writeback+0xf7/0x3b0 [ 41.903406][ T4701] folio_end_writeback_no_dropbehind+0x6d/0x1b0 [ 41.903438][ T4701] folio_end_writeback+0x1c/0x70 [ 41.903468][ T4701] ext4_finish_bio+0x459/0x8c0 [ 41.903497][ T4701] ext4_release_io_end+0x9f/0x1f0 [ 41.903529][ T4701] ext4_end_io_end+0x18d/0x240 [ 41.903559][ T4701] ext4_end_io_rsv_work+0x151/0x1e0 [ 41.903587][ T4701] process_scheduled_works+0x4ce/0x9d0 [ 41.903617][ T4701] worker_thread+0x582/0x770 [ 41.903635][ T4701] kthread+0x489/0x510 [ 41.903666][ T4701] ret_from_fork+0x122/0x1b0 [ 41.903692][ T4701] ret_from_fork_asm+0x1a/0x30 [ 41.903717][ T4701] [ 41.903722][ T4701] read to 0xffff888106e2a478 of 8 bytes by task 4701 on cpu 0: [ 41.903737][ T4701] xas_find_marked+0x218/0x620 [ 41.903759][ T4701] find_get_entry+0x5d/0x380 [ 41.903791][ T4701] filemap_get_folios_tag+0x13b/0x210 [ 41.903823][ T4701] filemap_fdatawait_keep_errors+0x6c/0x180 [ 41.903851][ T4701] sync_inodes_sb+0x39c/0x440 [ 41.903878][ T4701] sync_inodes_one_sb+0x3d/0x50 [ 41.903904][ T4701] __iterate_supers+0x110/0x220 [ 41.903924][ T4701] iterate_supers+0x1f/0x30 [ 41.903942][ T4701] ksys_sync+0x5c/0xe0 [ 41.903963][ T4701] __ia32_sys_sync+0xe/0x20 [ 41.903989][ T4701] x64_sys_call+0x2d1f/0x3000 [ 41.904011][ T4701] do_syscall_64+0xd2/0x200 [ 41.904029][ T4701] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 41.904050][ T4701] [ 41.904054][ T4701] value changed: 0xffffffffffe00000 -> 0xfffffff800000000 [ 41.904065][ T4701] [ 41.904069][ T4701] Reported by Kernel Concurrency Sanitizer on: [ 41.904083][ T4701] CPU: 0 UID: 0 PID: 4701 Comm: syz.4.488 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 41.904112][ T4701] Tainted: [W]=WARN [ 41.904118][ T4701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 41.904129][ T4701] ================================================================== [ 41.926916][ T4714] loop2: detected capacity change from 0 to 164