last executing test programs: 17m24.216880614s ago: executing program 4 (id=1448): bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{}, &(0x7f0000000000), &(0x7f00000005c0)=r0}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0) 17m24.051619648s ago: executing program 4 (id=1451): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e21, @local}], 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) syz_io_uring_setup(0x70be, &(0x7f0000000140)={0x0, 0xae6c, 0x100, 0x2, 0x182}, &(0x7f0000000500), &(0x7f0000000580)) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r5}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) 17m23.984706143s ago: executing program 4 (id=1453): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) r3 = socket(0x10, 0x80002, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000040)={@broadcast, @dev={0xac, 0x14, 0x14, 0x25}, 0x0, 0x6, [@broadcast, @local, @dev={0xac, 0x14, 0x14, 0x3d}, @empty, @remote, @private=0xa010101]}, 0x28) socket$nl_xfrm(0x10, 0x3, 0x6) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18) r6 = socket$inet6(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2d0, 0x130, 0x12, 0x60a, 0x600, 0x202, 0x238, 0x2e8, 0x2e8, 0x238, 0x2c0, 0x4, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @dev}, @mcast2, [0x4000000], [0x4000000], 'veth1_to_bond\x00', 'xfrm0\x00'}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@inet=@socket2={{0x28}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}, {0xffffffffffffffff, 0xf9}}}}, {{@ipv6={@private2, @loopback, [], [], 'vxcan1\x00', 'geneve0\x00'}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@empty}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330) r7 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f0000000340)={0x0, 'veth0_virt_wifi\x00'}, 0x18) socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0xfff3, 0xffe0}, {}, {0x5, 0x8}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x3, 0xfff1}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004800) 17m22.498022554s ago: executing program 4 (id=1459): sched_setscheduler(0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), r2) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="e0100000", @ANYRES16=r3, @ANYBLOB="0500000000000000000001000000060006004e240000901008809005008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b24000100000000000000000000000000000000000000000000000000000000000000000024000200fcbefe9641719404cc5c9ab2766dd4793e367b0ea55e65e2e3416ac9d4e68841240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691cb40409807c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030000000000f4000080060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000a00000014000200fc0200000000000000000000000000010500030000000000060001000200000008000200e00000020500030003000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ac1414bb0500030000000000060001000a00000014000200000000000000000000000000000000010500030002000000060001000a00000014000200fc0200000000000000000000000000000500030003000000340000800600010002000000080002000a0101010500030004000000060001000200000008000200ac1414aa050003000300000064000080060001000a00000014000200200100000000000000000000000000000500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff010000000000000000000000000001050003000200000094000080060001000200000008000200ac1e00010500030002000000060001000200000008000200e00000010500030002000000060001000a00000014000200fc0000000000000000000000000000000500030002000000060001000200000008000200000000000500030003000000060001000a00000014000200fe80000000000000000000000000000e050003000000000040000080060001000a00000014000200fc0200000000000000000000000000000500030002000000060001000200000008000200ac1414aa050003000000000064000080060001000a00000014000200200100000000000000000000000000020500030001000000060001000a00000014000200fc02000000000000000000000000000105000300020000000600010002000000080002000a010100050003000200000070000080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200000000000000000000000000000000000500030002000000060001000a0000001400020000000000000000000000000000000001050003000000000000010080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000200000008000200000000000500030003000000060001000200000008000200640101000500030002000000060001000200000008000200640101010500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8000000000000000000000000000bb05000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000200000008000200640101010500030001000000240002005da952055e5857d673cddd36909746c80efa3ff95c317de1063db32bc80a0b3e1803008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39220600050005000000e802098058000080060001000200000008000200ac1e00010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200ffffffff05000300010000007c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414bb0500030002000000060001000a000000140002000000000000000000000000000000000105000300020000000600010002000000080002000a0101010500030003000000f4000080060001000a0000001400020000000000000000000000ffffac1414aa0500030003000000060001000200000008000200ac1414aa05000300000000000600010002000000080002000a01010205000300020000000600010002000000080002007f00000105000300000000000600010002000000080002000a0101010500030003000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc01000000000000000000000000000005000300010000000600010002000000080002000a0101000500030000000000060001000200000008000200ac1e0101050003000200000094000080060001000a00000014000200fc0200000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030002000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ffffffff050003000200000088000080060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8800000000000000000000000001010500030002000000060001000a00000014000200ff02000000000000000000000000000105000300020000007c000080200004000a004e2100000006fc0100000000000000000000000000010400000008000a000100000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000300000024000200379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549780000800800030001000000080003000400000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e22000000000000000000000000e4060080dc020980f4000080060001000a00000014000200000000000000000000000000000000000500030002000000060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000200000008000200ffffffff0500030001000000060001000200000008000200ac1e00010500030001000000060001000200000008000200e000000105000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200000000000000000000000000000000010500030001000000060001000a00000014000200fc010000000000000000000000000001050003000300000034000080060001000200000008000200640101000500030001000000060001000200000008000200ac1414bb050003000200000000010080060001000a00000014000200200100000000000000000000000000010500030000000000060001000200000008000200e000000205000300020000000600010002000000080002006401010005000300020000000600010002000000080002007f00000105000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ffffffff0500030000000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc0100000000000000000000000000010500030000000000940000800600010002000000080002006401010005000300010000000600010002000000080002006401010205000300000000000600010002000000080002007f0000010500030003000000060001000200000008000200e00000020500030003000000060001000200000008000200ac1414120500030002000000060001000200000008000200ac14142d05000300020000001c000080060001000200000008000200ffffffff05000300030000000800030002000000200004000a004e2000000005fc010000000000000000000000000001000000009403098094000080060001000a0000001400020000000000000000000000ffffac1414bb0500030003000000060001000a00000014000200fe8800000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030003000000060001000a00000014000200fe880000000000000000000000000101050003000100000064000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414bb0500030001000000060001000a0000001400020000000000000000000000ffffe00000020500030003000000f4000080060001000200000008000200000000000500030001000000060001000a00000014000200000000000000000000000000000000010500030003000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe80000000000000000000000000003e05000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200ff0200000000000000000000000000010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200e0000001050003000000000058000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414410500030010000000060001000200000008000200ac1e00010500030001000000f4000080060001000200000008000200640101000500030002000000060001000a00000014000200200100000000000000000000000000000500030000000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000a00000014000200fe8000000000000000000000000000aa0500030003000000060001000200000008000200ac1414aa0500030000000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414270500030000000000060001000a0000001400020020010000000000000000000000000002050003000100000058000080060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe8000000000000000000000000000140500030000000000060001000200000008000200e0000001050003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e0c0000800800030006000000060006004e24000008000100", @ANYRES32=r4, @ANYBLOB], 0x10e0}}, 0x0) 17m22.17847697s ago: executing program 4 (id=1468): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = signalfd(0xffffffffffffffff, &(0x7f00000003c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x5) close(r2) r3 = inotify_init1(0x800) fcntl$setstatus(r2, 0x4, 0x2c00) r4 = gettid() fcntl$setown(r2, 0x8, r4) fcntl$setsig(r3, 0xa, 0xe) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8) inotify_add_watch(r3, &(0x7f0000000180)='./control\x00', 0xa4000960) rmdir(&(0x7f0000000100)='./control\x00') 17m20.752013726s ago: executing program 4 (id=1472): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e21, @local}], 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 17m5.526304273s ago: executing program 32 (id=1472): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e21, @local}], 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 2.409188624s ago: executing program 1 (id=8619): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d00000085000000080000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0) ioctl$sock_inet_SIOCGIFADDR(r2, 0x8915, &(0x7f0000000040)={'netpci0\x00', {0x2, 0x0, @remote}}) write(r2, &(0x7f0000004200)='t', 0x1) sendfile(r2, r1, 0x0, 0x3ffff) sendfile(r2, r1, 0x0, 0x7ffff000) 2.057894923s ago: executing program 1 (id=8623): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) 2.031555655s ago: executing program 1 (id=8624): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) 1.978371159s ago: executing program 1 (id=8625): syz_genetlink_get_family_id$nfc(&(0x7f0000000000), 0xffffffffffffffff) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000800) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b5181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@journal_dev={'journal_dev', 0x3d, 0x2d353}}, {@nobh}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tcuTEXE1f9tURHztyxHfTA7Gbe7sri/WatWtvFxp1TcrzZ3d62v1xdXqanVjfn7ujYU3F15fmM1yT9TOUi/zky99/vanv/W7G3++9u12tT73kShEXztOUrfphc626Glvo63TCDYCE3l7CqOuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymsxKP7lU45f6myawfHTiLh6AvFhnN1p9z9vDfr+pfFS53Xw928yT09qeP+X5pGf7/Rzg/qfZw+srT4wxgv3flYZGv9WxAuTg/ufXv+bDIn/8oG1/SvLsoMxvvH13d1h8bMfR8wM/P1JHotVadU3K82d3etr9cXV6mp1Y35+7o2FNxdeX5itrKzVqvnfgTG+97GfPzys/VcGxP/tb7r972Htf2XYSvv8597N+x/qZguD4l97eeDv71QMiZ/mv32fzPPt+TO9/F43v9+LP7374mHtXx6y/Y/6/K8ds/2vfvW7vz/mogDAGWju7K4v1mrVrUMyU8dY5mnM/GLqXFTj/8xk3+l+cuelPu83095bfTSl16pzULF9mezMYk3EOWny/zIj7ZYAAIBT8Ginf9Q1AQAAAAAAAAAAAAAAAAAAgPF1FrcT64+5N5qmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAc6r8BAAD//0wa4Aw=") 1.695064982s ago: executing program 1 (id=8629): mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x10, &(0x7f0000000540)=ANY=[]) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000003, 0x810, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x20000000000002a5, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02020409100000000000004c9e00000002001300027f0000000000000000004105000600200000000a000000000000000005000201080f00e0001f080000000000092000000000000200010020e9ffeeffff0702000098a805000500ea0000000a"], 0x80}}, 0x0) sendmmsg(r2, &(0x7f0000000180), 0x393, 0x0) 1.646802266s ago: executing program 1 (id=8630): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d850000"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r0}, 0x18) syz_usb_disconnect(0xffffffffffffffff) ioprio_set$pid(0x2, 0x0, 0x4007) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301) 1.127254209s ago: executing program 5 (id=8640): mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x10, &(0x7f0000000540)=ANY=[]) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000003, 0x810, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x20000000000002a5, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='ext4_forget\x00', r0}, 0x18) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02020409100000000000004c9e00000002001300027f0000000000000000004105000600200000000a000000000000000005000201080f00e0001f080000000000092000000000000200010020e9ffeeffff0702000098a805000500ea0000000a"], 0x80}}, 0x0) sendmmsg(r2, &(0x7f0000000180), 0x393, 0x0) 1.048189905s ago: executing program 5 (id=8641): bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3000008, 0x6c033, 0xffffffffffffffff, 0x0) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$poke(0x2, r0, &(0x7f0000000000), 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) eventfd2(0xff, 0x80001) 937.827364ms ago: executing program 5 (id=8642): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/asound/seq/clients\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) preadv2(r0, 0x0, 0x0, 0x6, 0x7d, 0x0) 863.856589ms ago: executing program 5 (id=8644): bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3000008, 0x6c033, 0xffffffffffffffff, 0x0) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$poke(0x2, r0, &(0x7f0000000000), 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) eventfd2(0xff, 0x80001) 863.62788ms ago: executing program 5 (id=8645): bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="190000000400000008000000"], 0x48) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, 0x0, 0x8808) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000140), 0x14886, 0x0) fcntl$notify(r0, 0x402, 0x29) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) shutdown(0xffffffffffffffff, 0x1) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x734, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xf, &(0x7f0000000380)=ANY=[@ANYBLOB="1803000000000020000000000001000018110000", @ANYRES32], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x1003, &(0x7f0000001e40)=""/4099, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000001}, 0x94) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000000)=0x20000000) mlock2(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x1) mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0) 848.375531ms ago: executing program 3 (id=8646): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0xd, 0xfff3}}}, 0x24}}, 0x4008000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 800.097495ms ago: executing program 3 (id=8647): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) 761.789518ms ago: executing program 3 (id=8648): bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) socket$netlink(0x10, 0x3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10) r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 723.163541ms ago: executing program 3 (id=8649): socket$key(0xf, 0x3, 0x2) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x18) rt_tgsigqueueinfo(0x0, 0x0, 0x34, &(0x7f0000000640)={0x6, 0x0, 0x4}) 666.307286ms ago: executing program 3 (id=8650): mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x10, &(0x7f0000000540)=ANY=[]) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000003, 0x810, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x20000000000002a5, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='ext4_forget\x00', r0}, 0x18) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02020409100000000000004c9e00000002001300027f0000000000000000004105000600200000000a000000000000000005000201080f00e0001f080000000000092000000000000200010020e9ffeeffff0702000098a805000500ea0000000a"], 0x80}}, 0x0) sendmmsg(r3, &(0x7f0000000180), 0x393, 0x0) 665.388766ms ago: executing program 3 (id=8652): openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x2000, 0x120) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYRESHEX=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = gettid() timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) readv(r2, &(0x7f0000001140)=[{&(0x7f0000000700)=""/206, 0x18}], 0x1) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) 489.02307ms ago: executing program 2 (id=8656): bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3000008, 0x6c033, 0xffffffffffffffff, 0x0) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$poke(0x2, r0, &(0x7f0000000000), 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) eventfd2(0xff, 0x80001) 463.665982ms ago: executing program 2 (id=8657): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/asound/seq/clients\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) preadv2(r0, 0x0, 0x0, 0x6, 0x7d, 0x0) 252.621489ms ago: executing program 2 (id=8659): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="dfbf00000000000000006700000008000300", @ANYRES32=r2, @ANYBLOB="0800c3007413"], 0x30}, 0x1, 0x0, 0x0, 0x240408c3}, 0x0) 211.375473ms ago: executing program 2 (id=8660): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x14, 0x26, 0xa01, 0x0, 0x0, {0xa}}, 0x14}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r2 = socket$inet6_udp(0xa, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfe, 0x0, 0x7ffc0002}]}) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0) chown(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x2d, 0x0, 0x0, 0xcbf, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, 0x700, 0x8, 0x101, 0xd66}}) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_continue}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000f40)="$eJzs3EtvG0UcAPD/bpq+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRKqIpQuWI+gmAIxKfgBNcEHACcYU7QqpQLgQOaNHau6lx7GAncZ3g30/aeGZ31jt/7449O2MngJ41lP9JIvZGxM8RMRARffUFhqoPS4vzk38uzk8mkWWv/57ku8Ufi/OTZdGkeNxTZIbTiPTDJA43OO7slasXJqanpy4X+dG5i++Mzl65+sz5ixPnps5NXRo/efLE8bHnnxt/dkPi3JfX9dD7M0cOnnrz5quTp2++9d0XeX33Fttr46gaXPcxh2Jo+TWp9/i6n31z2VeTTrZ1sSK0JW/r+enqr7T/geiL2ydvIF75oKuVAzoqy7Jsx4q1yz2AhQz4H0ui2zUAuqP8oM/vf8vlDnY/uu7Wi9UboDzupWKpbtkWaVGmv+7+diMNRcTphb8+yZdoOA4BALCxvsr7P0836v+lcV9NubuKuaHBiLg7IvZHxD0RcSAi7o2olL0/Ih5o8/hDdfmV/Z8fd60psBbl/b8Xirmtf/f/yt5fDPYVuX2V+PuTs+enp44Vr8lw9O/I82OrHOPrl3/6uNm22v5fviz1x2TZFyzq8du2ugG6MxNzE+uJudat65UxwGsr40+WZwKSiDgYEYfW8Pw7I+L8k58fabZ9RfyL83Xxr2ID5pmyzyKeqJ7/haiLv5SsPj85ujOmp46NllfFSt//cOO1ZsdfV/wbID//uxte/8vxDya187Wz7R/jxi8fNb2n+e/4G1//25M3Kuntxbr3JubmLo9FbE8WVq4fv71vmS/L5/EPH23c/vdH/P1psd/hiMgv4gcj4qGIeLio+yMR8WhEHF0l/m9feuzttcffWXn8Z9o6/+0n+i5882Wz47d2/k9UUsPFmlbe/1qt4HpeOwAAANgq0sp34JN0ZDmdpiMj1e/wH4jd6fTM7NxTZ2fevXSm+l35wehPy5GugZrx0LFibLjMj9flj1fGjbMsy3ZV8iOTM9OdmlMHWrOnSfvP/drX7doBHdfWPFqzX7QBW5Lfa0Lv0v6hd2n/0Lu0f+hdjdr/tYilVXe63rHqAHeQz3/oXdo/9C7tH3qX9g89aT2/618tsf9Ua4XLf0DYoWpsgUTf5qhG24lIN0U11pZIN0c1qokdEdFq4Wt3rKV0+Y0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7YA6Ok=") setuid(0xee01) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff}) connect$l2tp(r3, &(0x7f00000001c0)={0x2, 0x0, @remote, 0x1}, 0x10) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x2, 0x4038a09, 0x4, @loopback={0xe0}, @mcast2={0xff, 0x5}, 0x0, 0x0, 0x0, 0x5}}) creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) r5 = dup(r4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18) write$P9_RLERRORu(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0xfffffe00) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x507, &(0x7f0000001500)="$eJzs3c9vG1kdAPCvnThx0nSTXfYACHbL7kJBVZ3E3Y1We4DlhBBaCbFHkLohcaModhzFztKEHtIzVyQqcYIjfwDnnrhzQfTGpRyQ+BGBGiQORjOepG5iN1GT2mn8+UijeW/e1N/3ms578TeNXwBD61pE7EbEWER8FhHT2fVcdsTH7SO578nevaX9vXtLuWi1Pv1nLm1PrkXHn0lcyV6zGBE/+l7ET3PH4za2d9YWq9XKZlafbdY2ZhvbOzdXa4srlZXKerm8ML8w9+GtD8rnNta3a2NZ6auP/7j7rZ8n3ZrKrnSO4zy1h144jJMYjYgfvIxgAzCSjWds0B3hheQj4o2IeCd9/qdjJP1qAgCXWas1Ha3pzvpxV3tcBwBeTfk0B5bLl7JcwFTk86VSO4f3Zkzmq/VG88ad+tb6cjtXNhOF/J3VamUuyxXORCGX1OfT8tN6+Uj9VkS8HhG/HJ9I66WlenV5kN/4AMAQu3Jk/f/PeHv9BwAuueKgOwAA9J31HwCGj/UfAIaP9R8Ahk97/Z8YdDcAgD7y/h8Aho/1HwCGyg8/+SQ5WvvZ518vf769tVb//OZypbFWqm0tlZbqmxullXp9Jf3MntpJr1et1zfm34+tuzPf3mg0ZxvbO7dr9a315u30c71vVwrpXbt9GBkA0Mvrbz98lEtW5I8m0iM69nIoDLRnwMuWH3QHgIEZGXQHgIGx2xcMrzO8x5cegEuiyxa9zyh2+wWhVqvVkkOAV9b1L8n/w7DqWLv9L2AYMvL/MLzk/2F4tVq50+7tH6e9EQC42OT4gR4//38jO/8u++HAT5aP3vHgZfYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALraD/X9L2V7gU5HPl0oRVyNiJgq5O6vVylxEvBYRfx4vjCf1+QH3GQA4q/zfctn+X9en35t6pumtK4fFsYj42a8//dXdxWZz808RY7l/jR9cbz7Irpf733sA4GQH63R67ngj/2Tv3tLB0c/+/P27EVFsx9/fG4v9w/ijMZqei1GIiMl/57J6W64jd3EWu/cj4ovdxp+LqTQH0t759Gj8JPbVvsbPPxM/n7a1z8nfxRfOoS8wbB4m88/H3Z6/fFxLz92f/2I6Q51dNv8lL7W0n86BT+MfzH8jPea/a6eN8f4fvt8uTRxvux/x5dGIg9j7HfPPQfxcj/jvnTL+X77y1ju92lq/ibge3eN3xppt1jZmG9s7N1driyuVlcp6ubwwvzD34a0PyrNpjnq292rwj49uvNarLRn/ZI/4xRPG//VTjv+3//vsx197Tvxvvtstfj7efE78ZE38xinjL07+vtirLYm/3GP8J339b5wy/uO/7hzbNhwAGJzG9s7aYrVa2XyFCo+S72kG3w2F/heSf7IXoBtdC9/pV6yx6N70i3fbz/SRplbrhWL1mjHOI+sGXASHD31E/HfQnQEAAAAAAAAAAAAAALrqx28sDXqMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXF7/DwAA//+J3Mo+") creat(&(0x7f0000000280)='./bus\x00', 0x1e8) r6 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) geteuid() ioctl$sock_inet6_SIOCSIFDSTADDR(r6, 0x8918, &(0x7f0000000700)={@private0={0xfc, 0x0, '\x00', 0x1}, 0x26, r7}) 207.415483ms ago: executing program 0 (id=8661): socket$key(0xf, 0x3, 0x2) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_enter\x00', r0}, 0x18) rt_tgsigqueueinfo(0x0, 0x0, 0x34, &(0x7f0000000640)={0x6, 0x0, 0x4}) 201.893193ms ago: executing program 5 (id=8662): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0) ioctl$sock_inet_SIOCGIFADDR(r2, 0x8915, &(0x7f0000000040)={'netpci0\x00', {0x2, 0x0, @remote}}) write(r2, &(0x7f0000004200)='t', 0x1) sendfile(r2, r1, 0x0, 0x3ffff) sendfile(r2, r1, 0x0, 0x7ffff000) 164.513527ms ago: executing program 2 (id=8663): prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='M\ap\x00') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000001340)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, 0x0) r1 = getpid() syz_pidfd_open(r1, 0x0) mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000300)) 141.581068ms ago: executing program 0 (id=8664): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0)) 141.202139ms ago: executing program 2 (id=8666): openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x2000, 0x120) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYRESHEX=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = gettid() timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) readv(r2, &(0x7f0000001140)=[{&(0x7f0000000700)=""/206, 0x18}], 0x1) 104.337832ms ago: executing program 0 (id=8667): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x0) 58.965035ms ago: executing program 0 (id=8668): bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3000008, 0x6c033, 0xffffffffffffffff, 0x0) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$poke(0x2, r0, &(0x7f0000000000), 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) eventfd2(0xff, 0x80001) 58.473085ms ago: executing program 0 (id=8669): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002e00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r3, 0x5}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20) sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x3) 0s ago: executing program 0 (id=8670): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0) ioctl$sock_inet_SIOCGIFADDR(r2, 0x8915, &(0x7f0000000040)={'netpci0\x00', {0x2, 0x0, @remote}}) write(r2, &(0x7f0000004200)='t', 0x1) sendfile(r2, r1, 0x0, 0x3ffff) sendfile(r2, r1, 0x0, 0x7ffff000) kernel console output (not intermixed with test programs): g attributes in process `syz.1.7989'. [ 1256.242119][T32673] loop3: detected capacity change from 0 to 512 [ 1256.252308][T32673] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1256.260972][T32673] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.7996: invalid indirect mapped block 2683928664 (level 1) [ 1256.275653][T32673] EXT4-fs (loop3): 1 truncate cleaned up [ 1257.102926][T32710] loop3: detected capacity change from 0 to 512 [ 1257.110140][T32710] EXT4-fs: Ignoring removed nobh option [ 1257.121035][T32710] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8009: corrupted inode contents [ 1257.126051][T32714] tipc: Enabling of bearer rejected, failed to enable media [ 1257.146947][T32710] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.8009: mark_inode_dirty error [ 1257.159127][T32710] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8009: corrupted inode contents [ 1257.173070][T32710] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.8009: mark_inode_dirty error [ 1257.184987][T32710] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.8009: Failed to acquire dquot type 0 [ 1257.197723][T32710] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8009: corrupted inode contents [ 1257.210412][T32710] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.8009: mark_inode_dirty error [ 1257.222276][T32710] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8009: corrupted inode contents [ 1257.235570][T32710] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8009: mark_inode_dirty error [ 1257.247165][T32710] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8009: corrupted inode contents [ 1257.260531][T32710] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 1257.269223][T32710] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8009: corrupted inode contents [ 1257.282822][T32710] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.8009: mark_inode_dirty error [ 1257.294671][T32710] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 1257.304673][T32710] EXT4-fs (loop3): 1 truncate cleaned up [ 1257.312110][T32710] ext4 filesystem being mounted at /396/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1257.378916][T32723] loop3: detected capacity change from 0 to 512 [ 1257.386858][T32723] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1257.395270][T32723] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.8015: invalid indirect mapped block 2683928664 (level 1) [ 1257.411390][T32723] EXT4-fs (loop3): 1 truncate cleaned up [ 1257.527497][T32739] loop3: detected capacity change from 0 to 512 [ 1257.536023][T32739] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1257.544558][T32739] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.8022: invalid indirect mapped block 2683928664 (level 1) [ 1257.561219][T32739] EXT4-fs (loop3): 1 truncate cleaned up [ 1257.588702][T32742] tipc: Enabled bearer , priority 0 [ 1257.597200][T32742] syzkaller0: entered promiscuous mode [ 1257.602721][T32742] syzkaller0: entered allmulticast mode [ 1257.610467][T32742] tipc: Resetting bearer [ 1257.616900][T32741] tipc: Resetting bearer [ 1257.624849][T32741] tipc: Disabling bearer [ 1257.713756][T32744] loop5: detected capacity change from 0 to 512 [ 1257.728639][T32744] EXT4-fs: Ignoring removed nobh option [ 1257.736287][T32746] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8025'. [ 1257.747045][T32744] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8024: corrupted inode contents [ 1257.759234][T32744] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.8024: mark_inode_dirty error [ 1257.771259][T32744] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8024: corrupted inode contents [ 1257.784762][T32744] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.8024: mark_inode_dirty error [ 1257.796465][T32744] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.8024: Failed to acquire dquot type 0 [ 1257.808193][T32744] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8024: corrupted inode contents [ 1257.820583][T32744] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.8024: mark_inode_dirty error [ 1257.833465][T32744] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8024: corrupted inode contents [ 1257.845620][T32744] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.8024: mark_inode_dirty error [ 1257.857256][T32744] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8024: corrupted inode contents [ 1257.871044][T32744] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 1257.879870][T32744] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8024: corrupted inode contents [ 1257.893425][T32744] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.8024: mark_inode_dirty error [ 1257.904797][T32744] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 1257.915344][T32744] EXT4-fs (loop5): 1 truncate cleaned up [ 1257.921469][T32744] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1258.057427][ T29] kauditd_printk_skb: 942 callbacks suppressed [ 1258.057443][ T29] audit: type=1326 audit(1754057349.911:31532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32765 comm="syz.5.8032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1258.098002][ T29] audit: type=1326 audit(1754057349.911:31533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32765 comm="syz.5.8032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1258.121689][ T29] audit: type=1326 audit(1754057349.921:31534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32765 comm="syz.5.8032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1258.145290][ T29] audit: type=1326 audit(1754057349.921:31535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32765 comm="syz.5.8032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1258.168901][ T29] audit: type=1326 audit(1754057349.921:31536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32765 comm="syz.5.8032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1258.192526][ T29] audit: type=1326 audit(1754057349.921:31537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32765 comm="syz.5.8032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1258.216272][ T29] audit: type=1326 audit(1754057349.921:31538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32765 comm="syz.5.8032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1258.239907][ T29] audit: type=1326 audit(1754057349.921:31539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32765 comm="syz.5.8032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1258.263573][ T29] audit: type=1326 audit(1754057349.921:31540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32765 comm="syz.5.8032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1258.276601][ T300] loop5: detected capacity change from 0 to 512 [ 1258.287166][ T29] audit: type=1326 audit(1754057349.921:31541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32765 comm="syz.5.8032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1258.300746][ T300] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 1258.341754][ T300] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.8033: invalid indirect mapped block 2683928664 (level 1) [ 1258.360421][ T300] EXT4-fs (loop5): 1 truncate cleaned up [ 1258.383835][ T304] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8035'. [ 1258.431501][ T309] tipc: Enabling of bearer rejected, failed to enable media [ 1258.441493][ T310] netlink: 464 bytes leftover after parsing attributes in process `syz.3.8037'. [ 1258.533982][ T319] loop3: detected capacity change from 0 to 512 [ 1258.585696][ T319] EXT4-fs: Ignoring removed nobh option [ 1258.614874][ T319] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8040: corrupted inode contents [ 1258.670401][ T319] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.8040: mark_inode_dirty error [ 1258.721234][ T319] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8040: corrupted inode contents [ 1258.831132][ T319] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.8040: mark_inode_dirty error [ 1258.842543][ T334] tipc: Started in network mode [ 1258.847435][ T334] tipc: Node identity 3693da05e874, cluster identity 4711 [ 1258.850051][ T319] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.8040: Failed to acquire dquot type 0 [ 1258.854603][ T334] tipc: Enabled bearer , priority 0 [ 1258.867482][ T319] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8040: corrupted inode contents [ 1258.884602][ T319] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.8040: mark_inode_dirty error [ 1258.899838][ T319] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8040: corrupted inode contents [ 1258.912555][ T319] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8040: mark_inode_dirty error [ 1258.924123][ T334] syzkaller0: entered promiscuous mode [ 1258.929672][ T334] syzkaller0: entered allmulticast mode [ 1258.937575][ T319] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8040: corrupted inode contents [ 1258.939590][ T334] tipc: Resetting bearer [ 1258.955588][ T319] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 1258.964384][ T319] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8040: corrupted inode contents [ 1258.976833][ T319] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.8040: mark_inode_dirty error [ 1258.976965][ T333] tipc: Resetting bearer [ 1258.995052][ T319] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 1259.004635][ T319] EXT4-fs (loop3): 1 truncate cleaned up [ 1259.010699][ T333] tipc: Disabling bearer [ 1259.010956][ T319] ext4 filesystem being mounted at /409/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1259.107298][ T345] loop0: detected capacity change from 0 to 512 [ 1259.117013][ T345] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 1259.125307][ T346] loop3: detected capacity change from 0 to 512 [ 1259.133044][ T345] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.8048: invalid indirect mapped block 2683928664 (level 1) [ 1259.147671][ T345] EXT4-fs (loop0): 1 truncate cleaned up [ 1259.155343][ T346] ext4 filesystem being mounted at /410/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1259.208339][ T356] loop0: detected capacity change from 0 to 1024 [ 1259.215551][ T356] EXT4-fs: Ignoring removed orlov option [ 1259.393882][ T373] __nla_validate_parse: 2 callbacks suppressed [ 1259.393898][ T373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8058'. [ 1259.503095][ T380] loop0: detected capacity change from 0 to 512 [ 1259.520306][ T380] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 1259.539822][ T380] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.8061: invalid indirect mapped block 2683928664 (level 1) [ 1259.560038][ T380] EXT4-fs (loop0): 1 truncate cleaned up [ 1259.596756][ T384] netlink: 464 bytes leftover after parsing attributes in process `syz.0.8062'. [ 1259.810886][ T400] syzkaller0: entered promiscuous mode [ 1259.816384][ T400] syzkaller0: entered allmulticast mode [ 1259.870706][ T404] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8070'. [ 1259.972293][ T408] loop0: detected capacity change from 0 to 512 [ 1259.986280][ T408] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 1259.994764][ T408] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.8072: invalid indirect mapped block 2683928664 (level 1) [ 1260.030560][ T408] EXT4-fs (loop0): 1 truncate cleaned up [ 1260.121465][ T420] loop0: detected capacity change from 0 to 512 [ 1260.191203][ T420] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 1260.199680][ T420] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.8076: invalid indirect mapped block 2683928664 (level 1) [ 1260.291420][ T420] EXT4-fs (loop0): 1 truncate cleaned up [ 1260.735535][ T433] ALSA: seq fatal error: cannot create timer (-22) [ 1260.858501][ T446] loop3: detected capacity change from 0 to 512 [ 1260.870036][ T447] loop0: detected capacity change from 0 to 512 [ 1260.892377][ T447] ext4 filesystem being mounted at /370/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1260.903689][ T446] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1260.943369][ T446] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.8086: invalid indirect mapped block 2683928664 (level 1) [ 1260.957732][ T446] EXT4-fs (loop3): 1 truncate cleaned up [ 1261.654538][ T477] loop0: detected capacity change from 0 to 512 [ 1261.661161][ T477] EXT4-fs: Ignoring removed nobh option [ 1261.672216][ T477] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8097: corrupted inode contents [ 1261.684479][ T477] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.8097: mark_inode_dirty error [ 1261.696268][ T477] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8097: corrupted inode contents [ 1261.708162][ T477] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.8097: mark_inode_dirty error [ 1261.720194][ T477] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8097: Failed to acquire dquot type 0 [ 1261.733373][ T477] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8097: corrupted inode contents [ 1261.745488][ T477] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.8097: mark_inode_dirty error [ 1261.758445][ T477] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8097: corrupted inode contents [ 1261.772238][ T477] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.8097: mark_inode_dirty error [ 1261.784199][ T477] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8097: corrupted inode contents [ 1261.797627][ T477] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 1261.806482][ T477] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8097: corrupted inode contents [ 1261.819989][ T477] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.8097: mark_inode_dirty error [ 1261.840015][ T477] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 1261.849445][ T477] EXT4-fs (loop0): 1 truncate cleaned up [ 1261.856351][ T477] EXT4-fs mount: 78 callbacks suppressed [ 1261.856364][ T477] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1261.876047][ T477] ext4 filesystem being mounted at /372/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1261.948811][ T486] loop3: detected capacity change from 0 to 512 [ 1261.959561][ T486] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1261.967963][ T486] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.8100: invalid indirect mapped block 2683928664 (level 1) [ 1262.024044][ T489] loop5: detected capacity change from 0 to 512 [ 1262.037277][ T489] EXT4-fs: Ignoring removed nobh option [ 1262.143896][ T486] EXT4-fs (loop3): 1 truncate cleaned up [ 1262.152710][ T486] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1262.166516][ T489] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8101: corrupted inode contents [ 1262.171018][ T492] ALSA: seq fatal error: cannot create timer (-22) [ 1262.237440][ T498] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8104'. [ 1262.265826][T26817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1262.329913][ T489] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.8101: mark_inode_dirty error [ 1262.357709][ T486] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1262.381317][ T489] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8101: corrupted inode contents [ 1262.402488][ T489] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.8101: mark_inode_dirty error [ 1262.441110][ T489] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.8101: Failed to acquire dquot type 0 [ 1262.465893][ T489] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8101: corrupted inode contents [ 1262.482714][ T489] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.8101: mark_inode_dirty error [ 1262.501561][ T489] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8101: corrupted inode contents [ 1262.520897][ T509] loop3: detected capacity change from 0 to 512 [ 1262.534349][ T509] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1262.547679][ T489] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.8101: mark_inode_dirty error [ 1262.561057][ T509] ext4 filesystem being mounted at /419/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1262.580676][ T489] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8101: corrupted inode contents [ 1262.593030][ T509] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1262.639288][ T489] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 1262.677888][ T489] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8101: corrupted inode contents [ 1262.700349][ T489] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.8101: mark_inode_dirty error [ 1262.730110][ T489] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 1262.753021][ T489] EXT4-fs (loop5): 1 truncate cleaned up [ 1262.761202][ T489] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1262.781920][ T489] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1262.807920][ T527] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8115'. [ 1262.830694][T31004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1262.942013][ T539] loop5: detected capacity change from 0 to 512 [ 1262.972334][ T539] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 1263.084523][ T555] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8127'. [ 1263.117289][ T29] kauditd_printk_skb: 822 callbacks suppressed [ 1263.117302][ T29] audit: type=1326 audit(1754057354.971:32358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=556 comm="syz.1.8128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1263.149886][ T29] audit: type=1326 audit(1754057355.001:32359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=556 comm="syz.1.8128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1263.173391][ T29] audit: type=1326 audit(1754057355.001:32360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=556 comm="syz.1.8128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1263.196874][ T29] audit: type=1326 audit(1754057355.001:32361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=556 comm="syz.1.8128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1263.220343][ T29] audit: type=1326 audit(1754057355.001:32362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=556 comm="syz.1.8128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1263.243714][ T29] audit: type=1326 audit(1754057355.011:32363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=556 comm="syz.1.8128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1263.267184][ T29] audit: type=1326 audit(1754057355.011:32364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=556 comm="syz.1.8128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1263.362044][ T561] ALSA: seq fatal error: cannot create timer (-22) [ 1263.389588][ T29] audit: type=1326 audit(1754057355.061:32365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=556 comm="syz.1.8128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1263.413228][ T29] audit: type=1326 audit(1754057355.061:32366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=556 comm="syz.1.8128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1263.436696][ T29] audit: type=1326 audit(1754057355.061:32367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=556 comm="syz.1.8128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1263.527961][ T573] loop0: detected capacity change from 0 to 512 [ 1263.534544][ T573] EXT4-fs: Ignoring removed nobh option [ 1263.578506][ T582] loop3: detected capacity change from 0 to 1024 [ 1263.589891][ T582] EXT4-fs: Ignoring removed orlov option [ 1263.600676][ T573] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8135: corrupted inode contents [ 1263.614413][ T573] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.8135: mark_inode_dirty error [ 1263.626936][ T582] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1263.650994][ T573] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8135: corrupted inode contents [ 1263.673423][ T588] ALSA: seq fatal error: cannot create timer (-22) [ 1263.687695][ T573] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.8135: mark_inode_dirty error [ 1263.810329][ T573] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8135: Failed to acquire dquot type 0 [ 1263.827560][ T573] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8135: corrupted inode contents [ 1263.852341][ T573] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.8135: mark_inode_dirty error [ 1263.865591][ T573] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8135: corrupted inode contents [ 1263.879798][ T573] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.8135: mark_inode_dirty error [ 1263.892875][ T573] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8135: corrupted inode contents [ 1263.905070][ T573] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 1263.916876][ T573] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8135: corrupted inode contents [ 1263.930243][ T573] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.8135: mark_inode_dirty error [ 1263.942330][ T596] netlink: 464 bytes leftover after parsing attributes in process `syz.5.8142'. [ 1263.942999][ T573] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 1263.962832][ T573] EXT4-fs (loop0): 1 truncate cleaned up [ 1263.969253][ T573] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1263.983499][ T573] ext4 filesystem being mounted at /376/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1264.032956][T26817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1264.050012][T26655] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1264.078255][ T608] loop0: detected capacity change from 0 to 512 [ 1264.086649][ T608] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 1264.095461][ T608] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.8145: invalid indirect mapped block 2683928664 (level 1) [ 1264.110733][ T608] EXT4-fs (loop0): 1 truncate cleaned up [ 1264.117051][ T608] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1264.131686][ T608] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1264.223735][ T625] tipc: Enabled bearer , priority 0 [ 1264.234736][ T625] syzkaller0: entered promiscuous mode [ 1264.240308][ T625] syzkaller0: entered allmulticast mode [ 1264.302736][ T625] tipc: Resetting bearer [ 1264.309034][ T624] tipc: Resetting bearer [ 1264.315462][ T624] tipc: Disabling bearer [ 1264.374376][ T630] loop0: detected capacity change from 0 to 512 [ 1264.380972][ T630] EXT4-fs: Ignoring removed nobh option [ 1264.411270][ T630] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8156: corrupted inode contents [ 1264.433711][ T630] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.8156: mark_inode_dirty error [ 1264.463349][ T630] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8156: corrupted inode contents [ 1264.475645][ T630] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.8156: mark_inode_dirty error [ 1264.495176][ T630] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8156: Failed to acquire dquot type 0 [ 1264.507261][ T630] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8156: corrupted inode contents [ 1264.535095][ T630] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.8156: mark_inode_dirty error [ 1264.553317][ T630] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8156: corrupted inode contents [ 1264.565800][ T630] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.8156: mark_inode_dirty error [ 1264.579828][ T654] FAULT_INJECTION: forcing a failure. [ 1264.579828][ T654] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1264.593074][ T654] CPU: 0 UID: 0 PID: 654 Comm: syz.2.8166 Tainted: G W 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) [ 1264.593110][ T654] Tainted: [W]=WARN [ 1264.593117][ T654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1264.593173][ T654] Call Trace: [ 1264.593184][ T654] [ 1264.593191][ T654] __dump_stack+0x1d/0x30 [ 1264.593210][ T654] dump_stack_lvl+0xe8/0x140 [ 1264.593229][ T654] dump_stack+0x15/0x1b [ 1264.593247][ T654] should_fail_ex+0x265/0x280 [ 1264.593317][ T654] should_fail+0xb/0x20 [ 1264.593343][ T654] should_fail_usercopy+0x1a/0x20 [ 1264.593363][ T654] _copy_from_user+0x1c/0xb0 [ 1264.593385][ T654] ___sys_sendmsg+0xc1/0x1d0 [ 1264.593572][ T654] __x64_sys_sendmsg+0xd4/0x160 [ 1264.593601][ T654] x64_sys_call+0x191e/0x2ff0 [ 1264.593622][ T654] do_syscall_64+0xd2/0x200 [ 1264.593642][ T654] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 1264.593712][ T654] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 1264.593730][ T654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1264.593750][ T654] RIP: 0033:0x7fbea658eb69 [ 1264.593768][ T654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1264.593865][ T654] RSP: 002b:00007fbea4bef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1264.593884][ T654] RAX: ffffffffffffffda RBX: 00007fbea67b5fa0 RCX: 00007fbea658eb69 [ 1264.593898][ T654] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 1264.593911][ T654] RBP: 00007fbea4bef090 R08: 0000000000000000 R09: 0000000000000000 [ 1264.593985][ T654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1264.594073][ T654] R13: 0000000000000000 R14: 00007fbea67b5fa0 R15: 00007ffeee682f58 [ 1264.594093][ T654] [ 1264.595626][ T630] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8156: corrupted inode contents [ 1264.706632][ T659] tipc: Enabled bearer , priority 0 [ 1264.723478][ T630] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 1264.744961][ T659] syzkaller0: entered promiscuous mode [ 1264.755629][ T630] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8156: corrupted inode contents [ 1264.762292][ T659] syzkaller0: entered allmulticast mode [ 1264.778479][ T659] tipc: Resetting bearer [ 1264.789272][ T630] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.8156: mark_inode_dirty error [ 1264.840837][ T658] tipc: Resetting bearer [ 1264.840852][ T630] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 1264.858970][ T658] tipc: Disabling bearer [ 1264.867101][ T630] EXT4-fs (loop0): 1 truncate cleaned up [ 1264.880082][ T630] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1264.912764][ T630] ext4 filesystem being mounted at /379/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1264.950371][ T675] loop3: detected capacity change from 0 to 1024 [ 1264.957013][ T675] EXT4-fs: Ignoring removed orlov option [ 1264.988522][ T675] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1265.004618][T26817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1265.015853][ T682] netlink: 464 bytes leftover after parsing attributes in process `syz.2.8179'. [ 1265.043704][ T685] geneve2: entered promiscuous mode [ 1265.048994][ T685] geneve2: entered allmulticast mode [ 1265.056359][ T687] FAULT_INJECTION: forcing a failure. [ 1265.056359][ T687] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1265.069509][ T687] CPU: 0 UID: 0 PID: 687 Comm: syz.2.8182 Tainted: G W 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) [ 1265.069619][ T687] Tainted: [W]=WARN [ 1265.069627][ T687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1265.069640][ T687] Call Trace: [ 1265.069646][ T687] [ 1265.069654][ T687] __dump_stack+0x1d/0x30 [ 1265.069673][ T687] dump_stack_lvl+0xe8/0x140 [ 1265.069693][ T687] dump_stack+0x15/0x1b [ 1265.069709][ T687] should_fail_ex+0x265/0x280 [ 1265.069797][ T687] should_fail+0xb/0x20 [ 1265.069912][ T687] should_fail_usercopy+0x1a/0x20 [ 1265.069931][ T687] _copy_from_user+0x1c/0xb0 [ 1265.069956][ T687] ___sys_sendmsg+0xc1/0x1d0 [ 1265.069999][ T687] __x64_sys_sendmsg+0xd4/0x160 [ 1265.070124][ T687] x64_sys_call+0x191e/0x2ff0 [ 1265.070143][ T687] do_syscall_64+0xd2/0x200 [ 1265.070164][ T687] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 1265.070268][ T687] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 1265.070289][ T687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1265.070312][ T687] RIP: 0033:0x7fbea658eb69 [ 1265.070330][ T687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1265.070347][ T687] RSP: 002b:00007fbea4bef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1265.070379][ T687] RAX: ffffffffffffffda RBX: 00007fbea67b5fa0 RCX: 00007fbea658eb69 [ 1265.070475][ T687] RDX: 0000000000000040 RSI: 0000200000000340 RDI: 0000000000000003 [ 1265.070486][ T687] RBP: 00007fbea4bef090 R08: 0000000000000000 R09: 0000000000000000 [ 1265.070497][ T687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1265.070507][ T687] R13: 0000000000000000 R14: 00007fbea67b5fa0 R15: 00007ffeee682f58 [ 1265.070597][ T687] [ 1265.414063][T26655] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1265.457716][ T710] tipc: Enabled bearer , priority 0 [ 1265.467731][ T710] syzkaller0: entered promiscuous mode [ 1265.473383][ T710] syzkaller0: entered allmulticast mode [ 1265.481126][ T714] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8192'. [ 1265.491483][ T710] tipc: Resetting bearer [ 1265.497884][ T709] tipc: Resetting bearer [ 1265.504418][ T709] tipc: Disabling bearer [ 1265.597669][ T726] loop3: detected capacity change from 0 to 512 [ 1265.606234][ T726] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1265.614789][ T726] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.8197: invalid indirect mapped block 2683928664 (level 1) [ 1265.629265][ T726] EXT4-fs (loop3): 1 truncate cleaned up [ 1265.635477][ T726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1265.649177][ T726] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1265.864431][ T737] loop3: detected capacity change from 0 to 512 [ 1265.952190][ T737] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1265.962870][ T737] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.8201: invalid indirect mapped block 2683928664 (level 1) [ 1265.979327][ T737] EXT4-fs (loop3): 1 truncate cleaned up [ 1265.988298][ T737] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1266.005981][ T737] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1266.157765][ T743] loop3: detected capacity change from 0 to 512 [ 1266.165808][ T743] EXT4-fs: Ignoring removed nobh option [ 1266.186851][ T743] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8203: corrupted inode contents [ 1266.198875][ T743] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.8203: mark_inode_dirty error [ 1266.211912][ T743] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8203: corrupted inode contents [ 1266.224479][ T743] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.8203: mark_inode_dirty error [ 1266.246308][ T743] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.8203: Failed to acquire dquot type 0 [ 1266.258613][ T743] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8203: corrupted inode contents [ 1266.272002][ T743] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.8203: mark_inode_dirty error [ 1266.287280][ T753] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8205'. [ 1266.305470][ T743] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8203: corrupted inode contents [ 1266.325430][ T743] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8203: mark_inode_dirty error [ 1266.336821][ T755] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8208'. [ 1266.341778][ T761] loop0: detected capacity change from 0 to 512 [ 1266.354179][ T743] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8203: corrupted inode contents [ 1266.368766][ T761] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 1266.377435][ T761] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.8209: invalid indirect mapped block 2683928664 (level 1) [ 1266.393139][ T743] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 1266.397866][ T765] loop5: detected capacity change from 0 to 512 [ 1266.402360][ T761] EXT4-fs (loop0): 1 truncate cleaned up [ 1266.409938][ T743] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8203: corrupted inode contents [ 1266.415479][ T761] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1266.440153][ T743] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.8203: mark_inode_dirty error [ 1266.442534][ T765] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 1266.461390][ T743] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 1266.461696][ T761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1266.482206][ T743] EXT4-fs (loop3): 1 truncate cleaned up [ 1266.488455][ T743] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1266.490443][ T768] geneve2: entered promiscuous mode [ 1266.506182][ T768] geneve2: entered allmulticast mode [ 1266.511818][ T765] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.8210: invalid indirect mapped block 2683928664 (level 1) [ 1266.513193][ T743] ext4 filesystem being mounted at /433/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1266.537797][ T765] EXT4-fs (loop5): 1 truncate cleaned up [ 1266.549186][ T765] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1266.563156][ T765] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1266.577767][T26655] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1266.615397][ T774] loop0: detected capacity change from 0 to 1024 [ 1266.625145][ T774] EXT4-fs: Ignoring removed orlov option [ 1266.647711][ T774] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1266.739499][ T788] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8219'. [ 1266.828083][ T796] syzkaller0: entered promiscuous mode [ 1266.833644][ T796] syzkaller0: entered allmulticast mode [ 1266.880433][ T796] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1266.903365][T26817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1266.925536][ T802] loop0: detected capacity change from 0 to 512 [ 1266.933158][ T802] EXT4-fs: Ignoring removed nobh option [ 1266.942199][ T802] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8224: corrupted inode contents [ 1266.955106][ T802] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.8224: mark_inode_dirty error [ 1266.967027][ T802] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8224: corrupted inode contents [ 1266.972293][ T806] loop5: detected capacity change from 0 to 512 [ 1266.987129][ T802] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.8224: mark_inode_dirty error [ 1266.993955][ T806] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 1266.998898][ T802] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8224: Failed to acquire dquot type 0 [ 1267.007837][ T806] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.8226: invalid indirect mapped block 2683928664 (level 1) [ 1267.018472][ T802] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8224: corrupted inode contents [ 1267.033773][ T806] EXT4-fs (loop5): 1 truncate cleaned up [ 1267.051517][ T806] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1267.059684][ T802] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.8224: mark_inode_dirty error [ 1267.076702][ T806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1267.079675][ T802] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8224: corrupted inode contents [ 1267.098585][ T802] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.8224: mark_inode_dirty error [ 1267.110918][ T802] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8224: corrupted inode contents [ 1267.123631][ T802] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 1267.134331][ T802] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8224: corrupted inode contents [ 1267.151182][ T802] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.8224: mark_inode_dirty error [ 1267.162959][ T802] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 1267.173658][ T802] EXT4-fs (loop0): 1 truncate cleaned up [ 1267.179993][ T802] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1267.206542][ T802] ext4 filesystem being mounted at /388/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1267.257477][T26817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1267.329622][ T818] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8230'. [ 1267.455793][ T832] loop5: detected capacity change from 0 to 1024 [ 1267.463648][ T836] loop3: detected capacity change from 0 to 512 [ 1267.470621][ T832] EXT4-fs: Ignoring removed orlov option [ 1267.478795][ T832] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1267.499989][ T836] EXT4-fs: Ignoring removed nobh option [ 1267.592274][ T836] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8239: corrupted inode contents [ 1267.623043][ T836] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.8239: mark_inode_dirty error [ 1267.678524][ T856] FAULT_INJECTION: forcing a failure. [ 1267.678524][ T856] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1267.691744][ T856] CPU: 0 UID: 0 PID: 856 Comm: syz.0.8246 Tainted: G W 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) [ 1267.691778][ T856] Tainted: [W]=WARN [ 1267.691784][ T856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1267.691794][ T856] Call Trace: [ 1267.691800][ T856] [ 1267.691807][ T856] __dump_stack+0x1d/0x30 [ 1267.691851][ T856] dump_stack_lvl+0xe8/0x140 [ 1267.691872][ T856] dump_stack+0x15/0x1b [ 1267.691917][ T856] should_fail_ex+0x265/0x280 [ 1267.691944][ T856] should_fail+0xb/0x20 [ 1267.692019][ T856] should_fail_usercopy+0x1a/0x20 [ 1267.692039][ T856] _copy_from_user+0x1c/0xb0 [ 1267.692099][ T856] ___sys_sendmsg+0xc1/0x1d0 [ 1267.692141][ T856] __x64_sys_sendmsg+0xd4/0x160 [ 1267.692256][ T856] x64_sys_call+0x191e/0x2ff0 [ 1267.692279][ T856] do_syscall_64+0xd2/0x200 [ 1267.692302][ T856] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 1267.692328][ T856] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 1267.692368][ T856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1267.692390][ T856] RIP: 0033:0x7f353f50eb69 [ 1267.692417][ T856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1267.692436][ T856] RSP: 002b:00007f353db77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1267.692456][ T856] RAX: ffffffffffffffda RBX: 00007f353f735fa0 RCX: 00007f353f50eb69 [ 1267.692468][ T856] RDX: 0000000000000000 RSI: 0000200000001540 RDI: 0000000000000003 [ 1267.692542][ T856] RBP: 00007f353db77090 R08: 0000000000000000 R09: 0000000000000000 [ 1267.692556][ T856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1267.692591][ T856] R13: 0000000000000000 R14: 00007f353f735fa0 R15: 00007ffe4ff1cdc8 [ 1267.692610][ T856] [ 1267.880744][ T836] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8239: corrupted inode contents [ 1267.923127][ T836] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.8239: mark_inode_dirty error [ 1267.950001][ T836] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.8239: Failed to acquire dquot type 0 [ 1267.961930][ T836] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8239: corrupted inode contents [ 1267.975992][ T836] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.8239: mark_inode_dirty error [ 1267.997399][ T836] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8239: corrupted inode contents [ 1268.010315][T31004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1268.010753][ T836] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8239: mark_inode_dirty error [ 1268.031354][ T836] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8239: corrupted inode contents [ 1268.043488][ T836] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 1268.052371][ T836] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8239: corrupted inode contents [ 1268.064514][ T836] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.8239: mark_inode_dirty error [ 1268.071114][ T873] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1268.076042][ T836] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 1268.092986][ T836] EXT4-fs (loop3): 1 truncate cleaned up [ 1268.099371][ T836] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1268.112046][ T836] ext4 filesystem being mounted at /435/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1268.123720][ T29] kauditd_printk_skb: 1082 callbacks suppressed [ 1268.123803][ T29] audit: type=1326 audit(1754057359.981:33440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=835 comm="syz.3.8239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f60fa15d4d0 code=0x7ffc0000 [ 1268.153620][ T29] audit: type=1326 audit(1754057359.981:33441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=835 comm="syz.3.8239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f60fa15d8b7 code=0x7ffc0000 [ 1268.177051][ T29] audit: type=1326 audit(1754057359.981:33442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=835 comm="syz.3.8239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f60fa15d4d0 code=0x7ffc0000 [ 1268.200437][ T29] audit: type=1326 audit(1754057359.981:33443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=835 comm="syz.3.8239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1268.223894][ T29] audit: type=1326 audit(1754057359.981:33444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=835 comm="syz.3.8239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1268.248673][T26655] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1268.276937][ T29] audit: type=1326 audit(1754057360.131:33445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=874 comm="syz.5.8254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1268.300602][ T29] audit: type=1326 audit(1754057360.131:33446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=874 comm="syz.5.8254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1268.324191][ T29] audit: type=1326 audit(1754057360.131:33447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=874 comm="syz.5.8254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1268.347610][ T29] audit: type=1326 audit(1754057360.131:33448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=874 comm="syz.5.8254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1268.371185][ T29] audit: type=1326 audit(1754057360.131:33449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=874 comm="syz.5.8254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b0815eb69 code=0x7ffc0000 [ 1268.454737][ T883] loop5: detected capacity change from 0 to 512 [ 1268.459358][ T885] ALSA: seq fatal error: cannot create timer (-22) [ 1268.468039][ T883] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 1268.478390][ T883] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.8256: invalid indirect mapped block 2683928664 (level 1) [ 1268.495956][ T883] EXT4-fs (loop5): 1 truncate cleaned up [ 1268.502142][ T883] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1268.519337][ T883] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1268.593615][ T902] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1268.595173][ T898] ALSA: seq fatal error: cannot create timer (-22) [ 1268.686695][ T918] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8272'. [ 1268.716343][ T925] netlink: 464 bytes leftover after parsing attributes in process `syz.2.8274'. [ 1268.827050][ T941] syzkaller0: entered promiscuous mode [ 1268.832725][ T941] syzkaller0: entered allmulticast mode [ 1268.842138][ T941] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1268.902652][ T953] netlink: 464 bytes leftover after parsing attributes in process `syz.2.8285'. [ 1269.022920][ T966] loop0: detected capacity change from 0 to 512 [ 1269.030057][ T966] EXT4-fs: Ignoring removed nobh option [ 1269.088943][ T966] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8292: corrupted inode contents [ 1269.102509][ T966] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.8292: mark_inode_dirty error [ 1269.114161][ T966] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8292: corrupted inode contents [ 1269.132941][ T966] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.8292: mark_inode_dirty error [ 1269.144752][ T966] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8292: Failed to acquire dquot type 0 [ 1269.157039][ T966] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8292: corrupted inode contents [ 1269.169348][ T966] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.8292: mark_inode_dirty error [ 1269.179708][ T972] ALSA: seq fatal error: cannot create timer (-22) [ 1269.181704][ T966] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8292: corrupted inode contents [ 1269.201350][ T966] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.8292: mark_inode_dirty error [ 1269.213422][ T966] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8292: corrupted inode contents [ 1269.227630][ T966] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 1269.236987][ T966] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8292: corrupted inode contents [ 1269.251682][ T966] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.8292: mark_inode_dirty error [ 1269.263666][ T966] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 1269.275568][ T966] EXT4-fs (loop0): 1 truncate cleaned up [ 1269.281968][ T966] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1269.296469][ T966] ext4 filesystem being mounted at /402/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1269.385694][T26817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1269.505140][ T980] netlink: 464 bytes leftover after parsing attributes in process `syz.5.8297'. [ 1269.558313][ T982] loop5: detected capacity change from 0 to 512 [ 1269.572533][ T982] EXT4-fs: Ignoring removed nobh option [ 1269.606974][ T982] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8298: corrupted inode contents [ 1269.619198][ T982] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.8298: mark_inode_dirty error [ 1269.632672][ T982] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8298: corrupted inode contents [ 1269.644811][ T982] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.8298: mark_inode_dirty error [ 1269.657945][ T982] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.8298: Failed to acquire dquot type 0 [ 1269.671422][ T982] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8298: corrupted inode contents [ 1269.683811][ T982] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.8298: mark_inode_dirty error [ 1269.695959][ T982] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8298: corrupted inode contents [ 1269.708135][ T982] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.8298: mark_inode_dirty error [ 1269.724693][ T982] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8298: corrupted inode contents [ 1269.737074][ T982] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 1269.745935][ T982] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8298: corrupted inode contents [ 1269.757992][ T982] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.8298: mark_inode_dirty error [ 1269.770380][ T982] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 1269.781857][ T982] EXT4-fs (loop5): 1 truncate cleaned up [ 1269.787949][ T982] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1269.801930][ T982] ext4 filesystem being mounted at /161/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1269.826053][T31004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1269.854315][ T1003] loop0: detected capacity change from 0 to 512 [ 1269.864152][ T1003] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 1269.872561][ T1003] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.8304: invalid indirect mapped block 2683928664 (level 1) [ 1269.886919][ T1003] EXT4-fs (loop0): 1 truncate cleaned up [ 1269.893092][ T1003] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1269.909966][ T1003] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1269.954852][ T1012] ALSA: seq fatal error: cannot create timer (-22) [ 1270.038157][ T1035] FAULT_INJECTION: forcing a failure. [ 1270.038157][ T1035] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1270.039688][ T1031] netlink: 'syz.1.8315': attribute type 4 has an invalid length. [ 1270.051286][ T1035] CPU: 0 UID: 0 PID: 1035 Comm: syz.5.8317 Tainted: G W 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) [ 1270.051331][ T1035] Tainted: [W]=WARN [ 1270.051338][ T1035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1270.051384][ T1035] Call Trace: [ 1270.051392][ T1035] [ 1270.051400][ T1035] __dump_stack+0x1d/0x30 [ 1270.051495][ T1035] dump_stack_lvl+0xe8/0x140 [ 1270.051515][ T1035] dump_stack+0x15/0x1b [ 1270.051561][ T1035] should_fail_ex+0x265/0x280 [ 1270.051593][ T1035] should_fail+0xb/0x20 [ 1270.051687][ T1035] should_fail_usercopy+0x1a/0x20 [ 1270.051707][ T1035] strncpy_from_user+0x25/0x230 [ 1270.051732][ T1035] ? kmem_cache_alloc_noprof+0x186/0x310 [ 1270.051895][ T1035] ? getname_flags+0x80/0x3b0 [ 1270.051976][ T1035] getname_flags+0xae/0x3b0 [ 1270.052012][ T1035] __se_sys_newstat+0x4b/0x280 [ 1270.052050][ T1035] ? fput+0x8f/0xc0 [ 1270.052130][ T1035] ? ksys_write+0x192/0x1a0 [ 1270.052154][ T1035] __x64_sys_newstat+0x31/0x40 [ 1270.052197][ T1035] x64_sys_call+0x73e/0x2ff0 [ 1270.052237][ T1035] do_syscall_64+0xd2/0x200 [ 1270.052316][ T1035] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 1270.052418][ T1035] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 1270.052508][ T1035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1270.052531][ T1035] RIP: 0033:0x7f0b0815eb69 [ 1270.052548][ T1035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1270.052567][ T1035] RSP: 002b:00007f0b067c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 1270.052587][ T1035] RAX: ffffffffffffffda RBX: 00007f0b08385fa0 RCX: 00007f0b0815eb69 [ 1270.052658][ T1035] RDX: 0000000000000000 RSI: 0000200000001c80 RDI: 0000200000000cc0 [ 1270.052670][ T1035] RBP: 00007f0b067c7090 R08: 0000000000000000 R09: 0000000000000000 [ 1270.052715][ T1035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1270.052728][ T1035] R13: 0000000000000000 R14: 00007f0b08385fa0 R15: 00007ffffdf5c9f8 [ 1270.052747][ T1035] [ 1270.073241][ T1032] loop0: detected capacity change from 0 to 512 [ 1270.114873][ T1040] __nla_validate_parse: 1 callbacks suppressed [ 1270.114888][ T1040] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8319'. [ 1270.116571][ T1032] EXT4-fs: Ignoring removed nobh option [ 1270.382595][ T1032] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8316: corrupted inode contents [ 1270.409761][ T1032] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.8316: mark_inode_dirty error [ 1270.435463][ T1066] loop5: detected capacity change from 0 to 512 [ 1270.445081][ T1064] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8327'. [ 1270.458535][ T1066] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 1270.471245][ T1032] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8316: corrupted inode contents [ 1270.528500][ T1066] EXT4-fs (loop5): orphan cleanup on readonly fs [ 1270.535041][ T1032] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.8316: mark_inode_dirty error [ 1270.549987][ T1066] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:517: comm syz.5.8328: Block bitmap for bg 0 marked uninitialized [ 1270.555305][ T1073] netlink: 'wÞ£ÿ': attribute type 10 has an invalid length. [ 1270.571595][ T1032] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8316: Failed to acquire dquot type 0 [ 1270.579149][ T1068] netlink: 92 bytes leftover after parsing attributes in process `syz.3.8329'. [ 1270.593748][ T1066] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 1270.609859][ T1032] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8316: corrupted inode contents [ 1270.622197][ T1073] syz_tun: entered promiscuous mode [ 1270.629098][ T1066] EXT4-fs (loop5): 1 orphan inode deleted [ 1270.631337][ T1076] netlink: 'syz.1.8330': attribute type 10 has an invalid length. [ 1270.635578][ T1066] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1270.644497][ T1073] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 1270.659734][ T1032] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.8316: mark_inode_dirty error [ 1270.664590][ T1076] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1270.689213][ T1076] team0: Port device bond0 added [ 1270.695976][ T1032] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8316: corrupted inode contents [ 1270.710316][ T1075] loop3: detected capacity change from 0 to 512 [ 1270.716879][ T1075] EXT4-fs: Ignoring removed mblk_io_submit option [ 1270.723523][ T1075] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1270.737232][ T1032] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.8316: mark_inode_dirty error [ 1270.750922][ T1075] EXT4-fs (loop3): 1 truncate cleaned up [ 1270.757118][ T1075] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1270.770974][ T1075] EXT4-fs (loop3): resizing filesystem from 256 to 1 blocks [ 1270.778336][ T1075] EXT4-fs warning (device loop3): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 1270.844555][ T1032] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8316: corrupted inode contents [ 1270.848241][ T1066] netlink: 'syz.5.8328': attribute type 4 has an invalid length. [ 1270.856703][ T1032] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 1270.880966][ T1032] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8316: corrupted inode contents [ 1270.895562][ T1032] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.8316: mark_inode_dirty error [ 1270.907107][ T1032] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 1270.918070][T26655] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1270.930138][T31004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1270.939464][ T1032] EXT4-fs (loop0): 1 truncate cleaned up [ 1270.947711][ T1032] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1270.961765][ T1032] ext4 filesystem being mounted at /412/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1271.023993][T26817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1271.027198][ T1088] ALSA: seq fatal error: cannot create timer (-22) [ 1271.205461][ T1125] FAULT_INJECTION: forcing a failure. [ 1271.205461][ T1125] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1271.218624][ T1125] CPU: 0 UID: 0 PID: 1125 Comm: syz.0.8350 Tainted: G W 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) [ 1271.218718][ T1125] Tainted: [W]=WARN [ 1271.218724][ T1125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1271.218737][ T1125] Call Trace: [ 1271.218744][ T1125] [ 1271.218753][ T1125] __dump_stack+0x1d/0x30 [ 1271.218777][ T1125] dump_stack_lvl+0xe8/0x140 [ 1271.218867][ T1125] dump_stack+0x15/0x1b [ 1271.218886][ T1125] should_fail_ex+0x265/0x280 [ 1271.218974][ T1125] should_fail+0xb/0x20 [ 1271.219001][ T1125] should_fail_usercopy+0x1a/0x20 [ 1271.219021][ T1125] _copy_from_user+0x1c/0xb0 [ 1271.219044][ T1125] kstrtouint_from_user+0x69/0xf0 [ 1271.219061][ T1125] ? 0xffffffff81000000 [ 1271.219090][ T1125] ? selinux_file_permission+0x1e4/0x320 [ 1271.219123][ T1125] proc_fail_nth_write+0x50/0x160 [ 1271.219151][ T1125] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1271.219175][ T1125] vfs_write+0x266/0x8e0 [ 1271.219264][ T1125] ? vfs_read+0x47f/0x6f0 [ 1271.219280][ T1125] ? __rcu_read_unlock+0x4f/0x70 [ 1271.219302][ T1125] ? __fget_files+0x184/0x1c0 [ 1271.219327][ T1125] ksys_write+0xda/0x1a0 [ 1271.219346][ T1125] __x64_sys_write+0x40/0x50 [ 1271.219414][ T1125] x64_sys_call+0x27fe/0x2ff0 [ 1271.219512][ T1125] do_syscall_64+0xd2/0x200 [ 1271.219547][ T1125] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 1271.219569][ T1125] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 1271.219591][ T1125] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1271.219635][ T1125] RIP: 0033:0x7f353f50d61f [ 1271.219649][ T1125] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 1271.219664][ T1125] RSP: 002b:00007f353db77030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1271.219684][ T1125] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f353f50d61f [ 1271.219696][ T1125] RDX: 0000000000000001 RSI: 00007f353db770a0 RDI: 0000000000000004 [ 1271.219707][ T1125] RBP: 00007f353db77090 R08: 0000000000000000 R09: 0000000000000000 [ 1271.219778][ T1125] R10: 0000000000000020 R11: 0000000000000293 R12: 0000000000000001 [ 1271.219792][ T1125] R13: 0000000000000000 R14: 00007f353f735fa0 R15: 00007ffe4ff1cdc8 [ 1271.219813][ T1125] [ 1271.487358][ T1130] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 1271.608647][ T1147] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8359'. [ 1271.745312][ T1162] syzkaller0: entered promiscuous mode [ 1271.750836][ T1162] syzkaller0: entered allmulticast mode [ 1271.783798][ T1162] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1272.146278][ T1181] ALSA: seq fatal error: cannot create timer (-22) [ 1272.449863][ T1211] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8384'. [ 1272.459378][ T1207] loop3: detected capacity change from 0 to 512 [ 1272.483082][ T1207] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1272.502398][ T1219] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1272.519613][ T1207] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.8383: invalid indirect mapped block 2683928664 (level 1) [ 1272.539732][ T1207] EXT4-fs (loop3): 1 truncate cleaned up [ 1272.563816][ T1227] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8392'. [ 1272.569031][ T1207] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1272.619742][ T1207] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1272.741853][ T1243] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8399'. [ 1272.769116][ T1247] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1273.117443][ T1324] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8429'. [ 1273.165819][ T1320] ALSA: seq fatal error: cannot create timer (-22) [ 1273.190267][ T29] kauditd_printk_skb: 1309 callbacks suppressed [ 1273.190282][ T29] audit: type=1326 audit(1754057365.051:34753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1325 comm="syz.1.8430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1273.252757][ T29] audit: type=1326 audit(1754057365.081:34754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1325 comm="syz.1.8430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1273.260046][ T1334] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1273.276938][ T29] audit: type=1326 audit(1754057365.081:34755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1325 comm="syz.1.8430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1273.308330][ T29] audit: type=1326 audit(1754057365.081:34756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1325 comm="syz.1.8430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1273.331893][ T29] audit: type=1326 audit(1754057365.081:34757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1325 comm="syz.1.8430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1273.355415][ T29] audit: type=1326 audit(1754057365.081:34758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1325 comm="syz.1.8430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1273.379037][ T29] audit: type=1326 audit(1754057365.081:34759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1325 comm="syz.1.8430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1273.402703][ T29] audit: type=1326 audit(1754057365.081:34760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1325 comm="syz.1.8430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890e74eb69 code=0x7ffc0000 [ 1273.472944][ T29] audit: type=1326 audit(1754057365.301:34761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1338 comm="syz.3.8437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1273.496608][ T29] audit: type=1326 audit(1754057365.301:34762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1338 comm="syz.3.8437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1273.679260][ T1359] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8445'. [ 1273.740391][ T1365] loop0: detected capacity change from 0 to 512 [ 1273.750726][ T1365] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 1273.751135][ T1365] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.8448: invalid indirect mapped block 2683928664 (level 1) [ 1273.751526][ T1365] EXT4-fs (loop0): 1 truncate cleaned up [ 1273.751904][ T1365] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1273.752707][ T1365] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1273.822187][ T1371] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1273.886050][ T1377] loop0: detected capacity change from 0 to 512 [ 1273.886238][ T1377] EXT4-fs: Ignoring removed nobh option [ 1273.900992][ T1377] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8453: corrupted inode contents [ 1273.901189][ T1377] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.8453: mark_inode_dirty error [ 1273.901631][ T1377] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8453: corrupted inode contents [ 1273.901890][ T1377] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.8453: mark_inode_dirty error [ 1273.902242][ T1377] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8453: Failed to acquire dquot type 0 [ 1273.961398][ T1377] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8453: corrupted inode contents [ 1273.961504][ T1377] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.8453: mark_inode_dirty error [ 1273.961776][ T1377] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8453: corrupted inode contents [ 1273.998246][ T1377] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.8453: mark_inode_dirty error [ 1274.011206][ T1377] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8453: corrupted inode contents [ 1274.011336][ T1377] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 1274.011500][ T1377] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8453: corrupted inode contents [ 1274.011601][ T1377] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.8453: mark_inode_dirty error [ 1274.011732][ T1377] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 1274.012059][ T1377] EXT4-fs (loop0): 1 truncate cleaned up [ 1274.070221][ T1377] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1274.082767][ T1377] ext4 filesystem being mounted at /427/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1274.110140][T26817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1274.417203][ T1398] 9pnet_fd: Insufficient options for proto=fd [ 1274.454784][ T1404] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1274.591978][ T1413] FAULT_INJECTION: forcing a failure. [ 1274.591978][ T1413] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1274.605100][ T1413] CPU: 0 UID: 0 PID: 1413 Comm: syz.3.8467 Tainted: G W 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) [ 1274.605131][ T1413] Tainted: [W]=WARN [ 1274.605137][ T1413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1274.605147][ T1413] Call Trace: [ 1274.605206][ T1413] [ 1274.605213][ T1413] __dump_stack+0x1d/0x30 [ 1274.605276][ T1413] dump_stack_lvl+0xe8/0x140 [ 1274.605296][ T1413] dump_stack+0x15/0x1b [ 1274.605359][ T1413] should_fail_ex+0x265/0x280 [ 1274.605385][ T1413] should_fail+0xb/0x20 [ 1274.605409][ T1413] should_fail_usercopy+0x1a/0x20 [ 1274.605451][ T1413] _copy_from_user+0x1c/0xb0 [ 1274.605488][ T1413] memdup_user+0x5e/0xd0 [ 1274.605532][ T1413] strndup_user+0x68/0xb0 [ 1274.605558][ T1413] __se_sys_mount+0x4d/0x2e0 [ 1274.605577][ T1413] ? fput+0x8f/0xc0 [ 1274.605605][ T1413] ? ksys_write+0x192/0x1a0 [ 1274.605651][ T1413] __x64_sys_mount+0x67/0x80 [ 1274.605674][ T1413] x64_sys_call+0x2b4d/0x2ff0 [ 1274.605755][ T1413] do_syscall_64+0xd2/0x200 [ 1274.605774][ T1413] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 1274.605864][ T1413] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 1274.605883][ T1413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1274.605901][ T1413] RIP: 0033:0x7f60fa15eb69 [ 1274.605915][ T1413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1274.605934][ T1413] RSP: 002b:00007f60f87bf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1274.605966][ T1413] RAX: ffffffffffffffda RBX: 00007f60fa385fa0 RCX: 00007f60fa15eb69 [ 1274.606057][ T1413] RDX: 0000200000000040 RSI: 0000200000000080 RDI: 0000000000000000 [ 1274.606071][ T1413] RBP: 00007f60f87bf090 R08: 0000200000000400 R09: 0000000000000000 [ 1274.606085][ T1413] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 1274.606096][ T1413] R13: 0000000000000000 R14: 00007f60fa385fa0 R15: 00007ffe768d0348 [ 1274.606112][ T1413] [ 1274.640301][ T1415] loop5: detected capacity change from 0 to 1024 [ 1274.847602][ T1415] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1274.850730][ T1421] loop3: detected capacity change from 0 to 512 [ 1274.872486][ T1421] EXT4-fs: Ignoring removed nobh option [ 1274.912359][ T1421] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8471: corrupted inode contents [ 1274.924752][ T1421] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.8471: mark_inode_dirty error [ 1274.936578][ T1421] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8471: corrupted inode contents [ 1274.948839][ T1421] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.8471: mark_inode_dirty error [ 1274.967347][ T1421] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.8471: Failed to acquire dquot type 0 [ 1274.986080][ T1421] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8471: corrupted inode contents [ 1275.005378][ T1421] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.8471: mark_inode_dirty error [ 1275.022788][ T1421] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8471: corrupted inode contents [ 1275.035224][ T1421] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8471: mark_inode_dirty error [ 1275.048492][ T1421] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8471: corrupted inode contents [ 1275.061180][T31289] bond0: (slave syz_tun): Releasing backup interface [ 1275.068409][ T1421] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 1275.077758][ T1421] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8471: corrupted inode contents [ 1275.101168][ T1421] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.8471: mark_inode_dirty error [ 1275.120261][ T1421] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 1275.130641][ T1421] EXT4-fs (loop3): 1 truncate cleaned up [ 1275.136786][ T1421] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1275.150408][T31004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1275.166712][ T1421] ext4 filesystem being mounted at /487/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1275.202925][T26655] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1275.237042][ T1438] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1275.296910][ T1410] chnl_net:caif_netlink_parms(): no params data found [ 1275.322582][ T1453] loop5: detected capacity change from 0 to 512 [ 1275.329434][ T1453] EXT4-fs: Ignoring removed nobh option [ 1275.353782][ T1410] bridge0: port 1(bridge_slave_0) entered blocking state [ 1275.358213][ T1453] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8480: corrupted inode contents [ 1275.360919][ T1410] bridge0: port 1(bridge_slave_0) entered disabled state [ 1275.375308][ T1453] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.8480: mark_inode_dirty error [ 1275.381729][ T1410] bridge_slave_0: entered allmulticast mode [ 1275.409707][ T1453] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8480: corrupted inode contents [ 1275.422094][ T1410] bridge_slave_0: entered promiscuous mode [ 1275.440447][ T1453] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.8480: mark_inode_dirty error [ 1275.451819][ T1410] bridge0: port 2(bridge_slave_1) entered blocking state [ 1275.459040][ T1410] bridge0: port 2(bridge_slave_1) entered disabled state [ 1275.461845][ T1453] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.8480: Failed to acquire dquot type 0 [ 1275.487056][ T1410] bridge_slave_1: entered allmulticast mode [ 1275.496952][ T1410] bridge_slave_1: entered promiscuous mode [ 1275.534621][ T1453] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8480: corrupted inode contents [ 1275.547781][ T1453] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.8480: mark_inode_dirty error [ 1275.570212][ T1453] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8480: corrupted inode contents [ 1275.585600][ T1410] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1275.631348][ T1453] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.8480: mark_inode_dirty error [ 1275.648803][ T1463] mmap: syz.3.8481 (1463) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 1275.663433][ T1453] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8480: corrupted inode contents [ 1275.675800][ T1453] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 1275.686588][T10316] team0: Port device bond0 removed [ 1275.692349][T10316] bond0 (unregistering): Released all slaves [ 1275.693310][ T1453] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8480: corrupted inode contents [ 1275.713023][T10316] bond1 (unregistering): Released all slaves [ 1275.714659][ T1453] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.8480: mark_inode_dirty error [ 1275.731638][ T1410] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1275.742954][ T1453] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 1275.752340][ T1453] EXT4-fs (loop5): 1 truncate cleaned up [ 1275.758435][ T1453] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1275.759362][ T1410] team0: Port device team_slave_0 added [ 1275.781133][ T1453] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1275.790021][ T1410] team0: Port device team_slave_1 added [ 1275.810706][T10316] tipc: Left network mode [ 1275.816734][ T1410] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1275.823773][ T1410] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1275.849856][ T1410] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1275.861424][ T1410] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1275.868449][ T1410] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1275.894429][ T1410] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1275.907618][T10316] hsr_slave_0: left promiscuous mode [ 1275.914289][T10316] hsr_slave_1: left promiscuous mode [ 1275.914738][T31004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1275.996898][T10316] team0 (unregistering): Port device dummy0 removed [ 1276.027891][ T1410] hsr_slave_0: entered promiscuous mode [ 1276.034287][ T1410] hsr_slave_1: entered promiscuous mode [ 1276.040438][ T1410] debugfs: 'hsr0' already exists in 'hsr' [ 1276.046181][ T1410] Cannot create hsr debugfs directory [ 1276.281684][ T1486] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1276.296386][T10316] ------------[ cut here ]------------ [ 1276.301923][T10316] WARNING: CPU: 1 PID: 10316 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x17c/0x1f0 [ 1276.311627][T10316] Modules linked in: [ 1276.315522][T10316] CPU: 1 UID: 0 PID: 10316 Comm: kworker/u8:9 Tainted: G W 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) [ 1276.329557][T10316] Tainted: [W]=WARN [ 1276.333435][T10316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1276.343517][T10316] Workqueue: netns cleanup_net [ 1276.348295][T10316] RIP: 0010:xfrm_state_fini+0x17c/0x1f0 [ 1276.353890][T10316] Code: 48 8d bb 30 0e 00 00 e8 22 e8 bd fc 48 8b bb 30 0e 00 00 e8 d6 62 ca fc 5b 41 5e 41 5f 5d e9 0b 7e b3 00 cc e8 d5 46 a3 fc 90 <0f> 0b 90 e9 d9 fe ff ff e8 c7 46 a3 fc 90 0f 0b 90 4c 89 f7 e8 eb [ 1276.373531][T10316] RSP: 0018:ffffc90010b0bc60 EFLAGS: 00010293 [ 1276.379665][T10316] RAX: ffffffff84b4841b RBX: ffff888119b92f80 RCX: ffff88810c491080 [ 1276.387627][T10316] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888119b93d80 [ 1276.395658][T10316] RBP: ffffffff86c8a120 R08: 0001ffff86847f7f R09: 0000000000000000 [ 1276.403651][T10316] R10: ffffc90010b0bbe8 R11: 0001c90010b0bbe8 R12: ffffffff86c8a140 [ 1276.411643][T10316] R13: ffff888119b92fa8 R14: ffff888119b93d80 R15: ffff888119b92f80 [ 1276.419622][T10316] FS: 0000000000000000(0000) GS:ffff8882aef4c000(0000) knlGS:0000000000000000 [ 1276.428602][T10316] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1276.435205][T10316] CR2: 0000001b2fe1eff8 CR3: 000000013bb00000 CR4: 00000000003506f0 [ 1276.443273][T10316] Call Trace: [ 1276.446635][T10316] [ 1276.449593][T10316] xfrm_net_exit+0x2d/0x60 [ 1276.454009][T10316] ops_undo_list+0x27b/0x410 [ 1276.458603][T10316] cleanup_net+0x2de/0x4d0 [ 1276.463032][T10316] process_scheduled_works+0x4cb/0x9d0 [ 1276.468594][T10316] worker_thread+0x582/0x770 [ 1276.473336][T10316] kthread+0x486/0x510 [ 1276.477492][T10316] ? finish_task_switch+0xad/0x2b0 [ 1276.482626][T10316] ? __pfx_worker_thread+0x10/0x10 [ 1276.487802][T10316] ? __pfx_kthread+0x10/0x10 [ 1276.492429][T10316] ret_from_fork+0xdd/0x150 [ 1276.496929][T10316] ? __pfx_kthread+0x10/0x10 [ 1276.501636][T10316] ret_from_fork_asm+0x1a/0x30 [ 1276.506482][T10316] [ 1276.509496][T10316] ---[ end trace 0000000000000000 ]--- [ 1276.600637][ T1410] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1276.620231][ T1410] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1276.633991][ T1410] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1276.658446][ T1410] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1276.734251][ T1410] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1276.756471][ T1410] 8021q: adding VLAN 0 to HW filter on device team0 [ 1276.768866][T10316] bridge0: port 1(bridge_slave_0) entered blocking state [ 1276.776062][T10316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1276.786581][ T1488] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8490'. [ 1276.787995][T10316] bridge0: port 2(bridge_slave_1) entered blocking state [ 1276.795531][ T1488] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8490'. [ 1276.802528][T10316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1276.814801][ T1410] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1276.829442][ T1410] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1276.886383][ T1512] loop5: detected capacity change from 0 to 1024 [ 1276.905170][ T1410] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1276.912521][ T1504] loop0: detected capacity change from 0 to 1024 [ 1276.942212][ T1512] FAULT_INJECTION: forcing a failure. [ 1276.942212][ T1512] name failslab, interval 1, probability 0, space 0, times 0 [ 1276.954896][ T1512] CPU: 0 UID: 0 PID: 1512 Comm: syz.5.8495 Tainted: G W 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) [ 1276.954931][ T1512] Tainted: [W]=WARN [ 1276.954939][ T1512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1276.954979][ T1512] Call Trace: [ 1276.954984][ T1512] [ 1276.954991][ T1512] __dump_stack+0x1d/0x30 [ 1276.955010][ T1512] dump_stack_lvl+0xe8/0x140 [ 1276.955027][ T1512] dump_stack+0x15/0x1b [ 1276.955054][ T1512] should_fail_ex+0x265/0x280 [ 1276.955087][ T1512] should_failslab+0x8c/0xb0 [ 1276.955110][ T1512] __kmalloc_noprof+0xa5/0x3e0 [ 1276.955131][ T1512] ? bpf_test_init+0xa9/0x160 [ 1276.955202][ T1512] bpf_test_init+0xa9/0x160 [ 1276.955229][ T1512] bpf_prog_test_run_xdp+0x274/0x910 [ 1276.955255][ T1512] ? kstrtouint+0x76/0xc0 [ 1276.955320][ T1512] ? __rcu_read_unlock+0x4f/0x70 [ 1276.955342][ T1512] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 1276.955391][ T1512] bpf_prog_test_run+0x22a/0x390 [ 1276.955416][ T1512] __sys_bpf+0x4b9/0x7b0 [ 1276.955443][ T1512] __x64_sys_bpf+0x41/0x50 [ 1276.955462][ T1512] x64_sys_call+0x2aea/0x2ff0 [ 1276.955515][ T1512] do_syscall_64+0xd2/0x200 [ 1276.955583][ T1512] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 1276.955608][ T1512] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 1276.955706][ T1512] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1276.955724][ T1512] RIP: 0033:0x7f0b0815eb69 [ 1276.955815][ T1512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1276.955833][ T1512] RSP: 002b:00007f0b067c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1276.955853][ T1512] RAX: ffffffffffffffda RBX: 00007f0b08385fa0 RCX: 00007f0b0815eb69 [ 1276.955867][ T1512] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 1276.955881][ T1512] RBP: 00007f0b067c7090 R08: 0000000000000000 R09: 0000000000000000 [ 1276.955895][ T1512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1276.955907][ T1512] R13: 0000000000000000 R14: 00007f0b08385fa0 R15: 00007ffffdf5c9f8 [ 1276.955937][ T1512] [ 1277.248059][ T1534] ALSA: seq fatal error: cannot create timer (-22) [ 1277.274980][ T1410] veth0_vlan: entered promiscuous mode [ 1277.285050][ T1410] veth1_vlan: entered promiscuous mode [ 1277.299927][ T1410] veth0_macvtap: entered promiscuous mode [ 1277.307519][ T1410] veth1_macvtap: entered promiscuous mode [ 1277.471504][ T1410] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1277.535009][ T1410] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1277.596344][ T51] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1277.675440][ T51] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1277.703739][ T51] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1277.712735][ T51] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1277.731424][ T1561] loop5: detected capacity change from 0 to 512 [ 1277.746302][ T1561] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 1277.750219][ T1563] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8464'. [ 1277.756095][ T1561] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.8505: invalid indirect mapped block 2683928664 (level 1) [ 1277.779872][ T1561] EXT4-fs (loop5): 1 truncate cleaned up [ 1277.814686][ T1566] loop1: detected capacity change from 0 to 1024 [ 1277.826899][ T1566] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 1277.965912][ T1576] loop5: detected capacity change from 0 to 512 [ 1277.973784][ T1576] EXT4-fs: Ignoring removed nobh option [ 1278.003492][ T1576] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8509: corrupted inode contents [ 1278.016724][ T1576] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.8509: mark_inode_dirty error [ 1278.030464][ T1576] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8509: corrupted inode contents [ 1278.044178][ T1576] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.8509: mark_inode_dirty error [ 1278.056503][ T1576] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.8509: Failed to acquire dquot type 0 [ 1278.241637][ T1576] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8509: corrupted inode contents [ 1278.286486][ T1581] ALSA: seq fatal error: cannot create timer (-22) [ 1278.314450][ T1576] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.8509: mark_inode_dirty error [ 1278.352477][ T1576] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8509: corrupted inode contents [ 1278.369070][ T1576] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.8509: mark_inode_dirty error [ 1278.383821][ T29] kauditd_printk_skb: 486 callbacks suppressed [ 1278.383835][ T29] audit: type=1326 audit(2000000004.630:35241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1582 comm="syz.0.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353f50eb69 code=0x7ffc0000 [ 1278.411170][ T1576] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8509: corrupted inode contents [ 1278.427503][ T1576] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 1278.436397][ T29] audit: type=1326 audit(2000000004.660:35242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1582 comm="syz.0.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f353f50eb69 code=0x7ffc0000 [ 1278.460140][ T29] audit: type=1326 audit(2000000004.660:35243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1582 comm="syz.0.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353f50eb69 code=0x7ffc0000 [ 1278.483859][ T29] audit: type=1326 audit(2000000004.660:35244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1582 comm="syz.0.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353f50eb69 code=0x7ffc0000 [ 1278.507580][ T29] audit: type=1326 audit(2000000004.660:35245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1582 comm="syz.0.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f353f50eb69 code=0x7ffc0000 [ 1278.512136][ T1576] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8509: corrupted inode contents [ 1278.531148][ T29] audit: type=1326 audit(2000000004.660:35246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1582 comm="syz.0.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353f50eb69 code=0x7ffc0000 [ 1278.561448][ T1576] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.8509: mark_inode_dirty error [ 1278.566383][ T29] audit: type=1326 audit(2000000004.660:35247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1582 comm="syz.0.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f353f50eb69 code=0x7ffc0000 [ 1278.600914][ T29] audit: type=1326 audit(2000000004.660:35248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1582 comm="syz.0.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353f50eb69 code=0x7ffc0000 [ 1278.602868][ T1576] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 1278.635983][ T1576] EXT4-fs (loop5): 1 truncate cleaned up [ 1278.642504][ T1576] ext4 filesystem being mounted at /203/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1278.708068][ T29] audit: type=1326 audit(2000000004.920:35249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1586 comm="syz.3.8513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1278.731839][ T29] audit: type=1326 audit(2000000004.920:35250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1586 comm="syz.3.8513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1278.750007][ T1588] veth1_to_team: entered promiscuous mode [ 1278.772234][ T1588] bond_slave_0: entered promiscuous mode [ 1278.780829][ T1588] bond_slave_0: left promiscuous mode [ 1278.792952][ T1588] veth1_to_team: left promiscuous mode [ 1278.799034][ T1594] FAULT_INJECTION: forcing a failure. [ 1278.799034][ T1594] name failslab, interval 1, probability 0, space 0, times 0 [ 1278.811875][ T1594] CPU: 1 UID: 0 PID: 1594 Comm: syz.5.8515 Tainted: G W 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) [ 1278.811910][ T1594] Tainted: [W]=WARN [ 1278.811917][ T1594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1278.811930][ T1594] Call Trace: [ 1278.811937][ T1594] [ 1278.811945][ T1594] __dump_stack+0x1d/0x30 [ 1278.812037][ T1594] dump_stack_lvl+0xe8/0x140 [ 1278.812057][ T1594] dump_stack+0x15/0x1b [ 1278.812074][ T1594] should_fail_ex+0x265/0x280 [ 1278.812133][ T1594] should_failslab+0x8c/0xb0 [ 1278.812156][ T1594] __kmalloc_noprof+0xa5/0x3e0 [ 1278.812185][ T1594] ? bpf_test_init+0xa9/0x160 [ 1278.812203][ T1594] bpf_test_init+0xa9/0x160 [ 1278.812274][ T1594] bpf_prog_test_run_nf+0x186/0x560 [ 1278.812292][ T1594] ? __rcu_read_unlock+0x4f/0x70 [ 1278.812321][ T1594] ? __pfx_bpf_prog_test_run_nf+0x10/0x10 [ 1278.812338][ T1594] bpf_prog_test_run+0x22a/0x390 [ 1278.812356][ T1594] __sys_bpf+0x4b9/0x7b0 [ 1278.812375][ T1594] __x64_sys_bpf+0x41/0x50 [ 1278.812456][ T1594] x64_sys_call+0x2aea/0x2ff0 [ 1278.812469][ T1594] do_syscall_64+0xd2/0x200 [ 1278.812482][ T1594] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 1278.812520][ T1594] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 1278.812612][ T1594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1278.812625][ T1594] RIP: 0033:0x7f0b0815eb69 [ 1278.812635][ T1594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1278.812646][ T1594] RSP: 002b:00007f0b067c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1278.812658][ T1594] RAX: ffffffffffffffda RBX: 00007f0b08385fa0 RCX: 00007f0b0815eb69 [ 1278.812665][ T1594] RDX: 0000000000000050 RSI: 0000200000000580 RDI: 000000000000000a [ 1278.812726][ T1594] RBP: 00007f0b067c7090 R08: 0000000000000000 R09: 0000000000000000 [ 1278.812733][ T1594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1278.812740][ T1594] R13: 0000000000000000 R14: 00007f0b08385fa0 R15: 00007ffffdf5c9f8 [ 1278.812752][ T1594] [ 1279.075879][ T1600] loop0: detected capacity change from 0 to 512 [ 1279.160941][ T1597] bridge0: port 2(bridge_slave_1) entered disabled state [ 1279.168157][ T1597] bridge0: port 1(bridge_slave_0) entered disabled state [ 1279.222414][ T1597] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1279.230543][ T1600] ext4 filesystem being mounted at /442/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1279.233938][ T1597] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1279.322058][T21138] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1279.358056][T21138] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1279.427665][T21138] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1279.457869][T21138] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1279.674873][ T1624] loop3: detected capacity change from 0 to 512 [ 1279.685017][ T1624] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1279.691714][ T10] usb usb2-port1: attempt power cycle [ 1279.699415][ T1624] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.8524: invalid indirect mapped block 2683928664 (level 1) [ 1279.713886][ T1624] EXT4-fs (loop3): 1 truncate cleaned up [ 1280.664493][ T1644] syzkaller0: entered promiscuous mode [ 1280.670044][ T1644] syzkaller0: entered allmulticast mode [ 1280.690810][ T1644] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1280.706120][ T1648] loop1: detected capacity change from 0 to 512 [ 1280.714213][ T1648] EXT4-fs: Ignoring removed nobh option [ 1280.734741][ T1648] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.8533: corrupted inode contents [ 1280.737867][ T1652] loop3: detected capacity change from 0 to 512 [ 1280.746753][ T1648] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.8533: mark_inode_dirty error [ 1280.753410][ T1652] EXT4-fs: Ignoring removed nobh option [ 1280.776934][ T1648] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.8533: corrupted inode contents [ 1280.790122][ T1648] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.8533: mark_inode_dirty error [ 1280.803811][ T1652] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8534: corrupted inode contents [ 1280.858578][ T1648] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.8533: Failed to acquire dquot type 0 [ 1280.871140][ T1652] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.8534: mark_inode_dirty error [ 1280.880238][ T1648] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8533: corrupted inode contents [ 1280.901542][ T1648] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.8533: mark_inode_dirty error [ 1280.901731][ T1652] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8534: corrupted inode contents [ 1280.929883][ T1648] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8533: corrupted inode contents [ 1280.936564][ T1652] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.8534: mark_inode_dirty error [ 1280.961014][ T1648] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.8533: mark_inode_dirty error [ 1280.979860][ T1648] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8533: corrupted inode contents [ 1281.000054][ T1652] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.8534: Failed to acquire dquot type 0 [ 1281.015492][ T1648] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 1281.033375][ T1652] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8534: corrupted inode contents [ 1281.048846][ T1648] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8533: corrupted inode contents [ 1281.070165][ T1652] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.8534: mark_inode_dirty error [ 1281.081633][ T1648] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.8533: mark_inode_dirty error [ 1281.099766][ T1652] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8534: corrupted inode contents [ 1281.112440][ T1648] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 1281.140503][ T1652] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8534: mark_inode_dirty error [ 1281.140562][ T1648] EXT4-fs (loop1): 1 truncate cleaned up [ 1281.160394][ T1648] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1281.171016][ T1652] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8534: corrupted inode contents [ 1281.197698][ T1652] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 1281.216154][ T1652] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8534: corrupted inode contents [ 1281.242588][ T1652] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.8534: mark_inode_dirty error [ 1281.256269][ T1652] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 1281.270021][ T1652] EXT4-fs (loop3): 1 truncate cleaned up [ 1281.277669][ T1652] ext4 filesystem being mounted at /504/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1281.288720][ T1662] tipc: Started in network mode [ 1281.293761][ T1662] tipc: Node identity 2a16e2247339, cluster identity 4711 [ 1281.301063][ T1662] tipc: Enabled bearer , priority 0 [ 1281.325840][ T1662] syzkaller0: entered promiscuous mode [ 1281.331396][ T1662] syzkaller0: entered allmulticast mode [ 1281.341905][ T1662] sch_tbf: burst 0 is lower than device syzkaller0 mtu (1514) ! [ 1281.351075][ T1662] tipc: Resetting bearer [ 1281.357035][ T1665] tipc: Started in network mode [ 1281.361982][ T1665] tipc: Node identity ea4d6cc21d63, cluster identity 4711 [ 1281.369240][ T1665] tipc: Enabled bearer , priority 0 [ 1281.376478][ T1660] tipc: Resetting bearer [ 1281.383058][ T1660] tipc: Disabling bearer [ 1281.391379][ T1665] syzkaller0: entered promiscuous mode [ 1281.396911][ T1665] syzkaller0: entered allmulticast mode [ 1281.404118][ T1665] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1281.414422][ T1665] tipc: Resetting bearer [ 1281.420885][ T1664] tipc: Resetting bearer [ 1281.427583][ T1664] tipc: Disabling bearer [ 1281.509988][ T10] usb usb2-port1: unable to enumerate USB device [ 1281.581841][ T1674] loop5: detected capacity change from 0 to 512 [ 1281.600205][ T1674] EXT4-fs: Ignoring removed nobh option [ 1281.612202][ T1679] loop3: detected capacity change from 0 to 1024 [ 1281.618749][ T1679] EXT4-fs: Ignoring removed orlov option [ 1281.642186][ T1674] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8543: corrupted inode contents [ 1281.673212][ T1674] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.8543: mark_inode_dirty error [ 1281.690708][ T1674] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.8543: corrupted inode contents [ 1281.709186][ T1674] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.8543: mark_inode_dirty error [ 1281.725645][ T1674] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.8543: Failed to acquire dquot type 0 [ 1281.765452][ T1674] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8543: corrupted inode contents [ 1281.780089][ T1674] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.8543: mark_inode_dirty error [ 1281.791719][ T1674] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8543: corrupted inode contents [ 1281.803836][ T1674] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.8543: mark_inode_dirty error [ 1281.831346][ T1674] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8543: corrupted inode contents [ 1281.844481][ T1674] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 1281.853294][ T1674] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.8543: corrupted inode contents [ 1281.865534][ T1674] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.8543: mark_inode_dirty error [ 1281.877133][ T1674] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 1281.887181][ T1674] EXT4-fs (loop5): 1 truncate cleaned up [ 1281.893533][ T1674] ext4 filesystem being mounted at /212/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1282.205875][ T1704] tipc: Enabled bearer , priority 0 [ 1282.270289][ T1704] syzkaller0: entered promiscuous mode [ 1282.275794][ T1704] syzkaller0: entered allmulticast mode [ 1282.284378][ T1704] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1282.301185][ T1704] tipc: Resetting bearer [ 1282.309392][ T1703] tipc: Resetting bearer [ 1282.316426][ T1703] tipc: Disabling bearer [ 1282.810986][ T1726] loop3: detected capacity change from 0 to 512 [ 1282.834448][ T1726] EXT4-fs: Ignoring removed nobh option [ 1282.841808][ T1724] loop1: detected capacity change from 0 to 1024 [ 1282.848376][ T1724] EXT4-fs: Ignoring removed orlov option [ 1282.861861][ T1726] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8563: corrupted inode contents [ 1282.883985][ T1726] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.8563: mark_inode_dirty error [ 1282.900606][ T1726] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8563: corrupted inode contents [ 1282.935062][ T1726] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.8563: mark_inode_dirty error [ 1282.956851][ T1726] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.8563: Failed to acquire dquot type 0 [ 1283.020325][ T1726] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8563: corrupted inode contents [ 1283.044346][ T1726] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.8563: mark_inode_dirty error [ 1283.056002][ T1726] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8563: corrupted inode contents [ 1283.068427][ T1726] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8563: mark_inode_dirty error [ 1283.092867][ T1726] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8563: corrupted inode contents [ 1283.106939][ T1726] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 1283.117622][ T1726] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8563: corrupted inode contents [ 1283.135803][ T1726] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.8563: mark_inode_dirty error [ 1283.148732][ T1726] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 1283.157697][ T1738] netlink: 'syz.1.8566': attribute type 13 has an invalid length. [ 1283.165628][ T1738] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8566'. [ 1283.180327][ T1726] EXT4-fs (loop3): 1 truncate cleaned up [ 1283.196597][ T1726] ext4 filesystem being mounted at /510/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1283.241736][ T1741] ALSA: seq fatal error: cannot create timer (-22) [ 1283.252673][ T1747] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1283.329284][ T1759] loop3: detected capacity change from 0 to 1024 [ 1283.337230][ T1759] EXT4-fs: Ignoring removed orlov option [ 1283.575593][ T1767] loop3: detected capacity change from 0 to 1024 [ 1283.582263][ T1767] EXT4-fs: Ignoring removed orlov option [ 1283.810628][ T29] kauditd_printk_skb: 367 callbacks suppressed [ 1283.810643][ T29] audit: type=1326 audit(2000000010.050:35610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1775 comm="syz.3.8581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1283.813178][ T1776] loop3: detected capacity change from 0 to 512 [ 1283.816878][ T29] audit: type=1326 audit(2000000010.060:35611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1775 comm="syz.3.8581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1283.816906][ T29] audit: type=1326 audit(2000000010.060:35612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1775 comm="syz.3.8581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1283.841455][ T1776] EXT4-fs: Ignoring removed nobh option [ 1283.846771][ T29] audit: type=1326 audit(2000000010.060:35613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1775 comm="syz.3.8581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1283.846795][ T29] audit: type=1326 audit(2000000010.060:35614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1775 comm="syz.3.8581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1283.846835][ T29] audit: type=1326 audit(2000000010.060:35615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1775 comm="syz.3.8581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f60fa15eb69 code=0x7ffc0000 [ 1283.846856][ T29] audit: type=1326 audit(2000000010.060:35616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1775 comm="syz.3.8581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f60fa15eba3 code=0x7ffc0000 [ 1283.966088][ T29] audit: type=1326 audit(2000000010.060:35617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1775 comm="syz.3.8581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f60fa15d61f code=0x7ffc0000 [ 1284.010868][ T1776] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8581: corrupted inode contents [ 1284.016476][ T29] audit: type=1326 audit(2000000010.060:35618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1775 comm="syz.3.8581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f60fa15ebf7 code=0x7ffc0000 [ 1284.029518][ T1776] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.8581: mark_inode_dirty error [ 1284.051535][ T29] audit: type=1326 audit(2000000010.060:35619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1775 comm="syz.3.8581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f60fa15d4d0 code=0x7ffc0000 [ 1284.064461][ T1776] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8581: corrupted inode contents [ 1284.098906][ T1776] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.8581: mark_inode_dirty error [ 1284.111014][ T1776] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.8581: Failed to acquire dquot type 0 [ 1284.123428][ T1776] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8581: corrupted inode contents [ 1284.136293][ T1776] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.8581: mark_inode_dirty error [ 1284.148551][ T1776] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8581: corrupted inode contents [ 1284.149792][ T10] usb usb2-port1: attempt power cycle [ 1284.162028][ T1776] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8581: mark_inode_dirty error [ 1284.178692][ T1776] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8581: corrupted inode contents [ 1284.215940][ T1787] loop1: detected capacity change from 0 to 1024 [ 1284.222723][ T1787] EXT4-fs: Ignoring removed orlov option [ 1284.230433][ T1776] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 1284.239891][ T1776] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8581: corrupted inode contents [ 1284.254616][ T1776] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.8581: mark_inode_dirty error [ 1284.319426][ T1776] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 1284.356550][ T1794] loop0: detected capacity change from 0 to 1024 [ 1284.365850][ T1776] EXT4-fs (loop3): 1 truncate cleaned up [ 1284.372988][ T1794] EXT4-fs: Ignoring removed orlov option [ 1284.390635][ T1776] ext4 filesystem being mounted at /518/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1284.542603][ T1799] netlink: 'syz.3.8587': attribute type 13 has an invalid length. [ 1284.550528][ T1799] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8587'. [ 1284.603094][ T1801] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8588'. [ 1284.619253][ T1803] loop3: detected capacity change from 0 to 1024 [ 1284.626309][ T1803] EXT4-fs: Ignoring removed orlov option [ 1284.803268][ T1817] tipc: Enabled bearer , priority 0 [ 1284.810309][ T1817] syzkaller0: entered promiscuous mode [ 1284.815767][ T1817] syzkaller0: entered allmulticast mode [ 1284.822768][ T1817] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1284.831809][ T1817] tipc: Resetting bearer [ 1284.838371][ T1814] tipc: Resetting bearer [ 1284.844959][ T1814] tipc: Disabling bearer [ 1284.891177][ T1821] loop3: detected capacity change from 0 to 512 [ 1284.897776][ T1821] EXT4-fs: Ignoring removed nobh option [ 1284.911009][ T1821] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8596: corrupted inode contents [ 1284.922955][ T1821] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.8596: mark_inode_dirty error [ 1284.934691][ T1821] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.8596: corrupted inode contents [ 1284.948141][ T1821] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.8596: mark_inode_dirty error [ 1284.960272][ T1821] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.8596: Failed to acquire dquot type 0 [ 1284.972281][ T1821] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8596: corrupted inode contents [ 1284.984838][ T1821] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.8596: mark_inode_dirty error [ 1284.996615][ T1821] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8596: corrupted inode contents [ 1285.008745][ T1827] loop1: detected capacity change from 0 to 512 [ 1285.010222][ T1821] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8596: mark_inode_dirty error [ 1285.015762][ T1827] EXT4-fs: Ignoring removed nobh option [ 1285.027966][ T1821] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8596: corrupted inode contents [ 1285.044697][ T1821] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 1285.051913][ T1827] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.8598: corrupted inode contents [ 1285.053584][ T1821] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.8596: corrupted inode contents [ 1285.066555][ T1827] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.8598: mark_inode_dirty error [ 1285.077435][ T1821] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.8596: mark_inode_dirty error [ 1285.090548][ T1827] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.8598: corrupted inode contents [ 1285.099659][ T1821] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 1285.112787][ T1827] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.8598: mark_inode_dirty error [ 1285.120456][ T1821] EXT4-fs (loop3): 1 truncate cleaned up [ 1285.133140][ T1827] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.8598: Failed to acquire dquot type 0 [ 1285.137204][ T1821] ext4 filesystem being mounted at /521/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1285.148909][ T1827] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8598: corrupted inode contents [ 1285.170669][ T1827] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.8598: mark_inode_dirty error [ 1285.182737][ T1827] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8598: corrupted inode contents [ 1285.194970][ T1827] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.8598: mark_inode_dirty error [ 1285.207070][ T1827] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8598: corrupted inode contents [ 1285.219671][ T1827] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 1285.228506][ T1827] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8598: corrupted inode contents [ 1285.241180][ T1827] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.8598: mark_inode_dirty error [ 1285.253097][ T1827] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 1285.263187][ T1827] EXT4-fs (loop1): 1 truncate cleaned up [ 1285.269279][ T1827] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1285.319979][ T1841] loop3: detected capacity change from 0 to 1024 [ 1285.326671][ T1841] EXT4-fs: Ignoring removed orlov option [ 1285.340387][ T1846] loop1: detected capacity change from 0 to 1024 [ 1285.347065][ T1846] EXT4-fs: Ignoring removed orlov option [ 1285.646589][ T1864] loop1: detected capacity change from 0 to 1024 [ 1285.673985][ T1864] EXT4-fs: Ignoring removed orlov option [ 1285.934958][ T1888] loop1: detected capacity change from 0 to 1024 [ 1285.941711][ T1888] EXT4-fs: Ignoring removed orlov option [ 1286.059927][ T10] usb usb2-port1: unable to enumerate USB device [ 1286.160657][ T1895] loop5: detected capacity change from 0 to 512 [ 1286.184548][ T1895] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 1286.194125][ T1895] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.8621: invalid indirect mapped block 2683928664 (level 1) [ 1286.208857][ T1895] EXT4-fs (loop5): 1 truncate cleaned up [ 1286.361710][ T1909] loop1: detected capacity change from 0 to 512 [ 1286.368430][ T1909] EXT4-fs: Ignoring removed nobh option [ 1286.391692][ T1909] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.8625: corrupted inode contents [ 1286.404061][ T1909] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.8625: mark_inode_dirty error [ 1286.417264][ T1909] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.8625: corrupted inode contents [ 1286.441234][ T1909] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.8625: mark_inode_dirty error [ 1286.452949][ T1909] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.8625: Failed to acquire dquot type 0 [ 1286.464936][ T1909] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8625: corrupted inode contents [ 1286.478397][ T1909] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.8625: mark_inode_dirty error [ 1286.491516][ T1909] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8625: corrupted inode contents [ 1286.503740][ T1909] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.8625: mark_inode_dirty error [ 1286.516492][ T1909] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8625: corrupted inode contents [ 1286.528683][ T1909] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 1286.538700][ T1909] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.8625: corrupted inode contents [ 1286.552677][ T1909] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.8625: mark_inode_dirty error [ 1286.564331][ T1909] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 1286.575128][ T1909] EXT4-fs (loop1): 1 truncate cleaned up [ 1286.592651][ T1909] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1286.608039][ T1915] loop3: detected capacity change from 0 to 1024 [ 1286.644922][ T1915] EXT4-fs: Ignoring removed orlov option [ 1286.717756][ T1917] ALSA: seq fatal error: cannot create timer (-22) [ 1286.790058][ T1931] loop0: detected capacity change from 0 to 512 [ 1286.800244][ T1931] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 1286.809057][ T1931] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.8633: invalid indirect mapped block 2683928664 (level 1) [ 1286.823721][ T1931] EXT4-fs (loop0): 1 truncate cleaned up [ 1286.931745][ T1934] ALSA: seq fatal error: cannot create timer (-22) [ 1287.250847][ T1950] loop0: detected capacity change from 0 to 1024 [ 1287.274737][ T1950] EXT4-fs: Ignoring removed orlov option [ 1287.491647][ T1969] tipc: Enabled bearer , priority 0 [ 1287.499143][ T1969] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 1287.509676][ T1969] tipc: Resetting bearer [ 1287.547205][ T1972] sch_tbf: burst 127 is lower than device syzkaller0 mtu (313) ! [ 1287.722271][ T1985] ALSA: seq fatal error: cannot create timer (-22) [ 1287.843275][ T1993] loop0: detected capacity change from 0 to 512 [ 1287.850184][ T1993] EXT4-fs: Ignoring removed nobh option [ 1287.870891][ T1993] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8665: corrupted inode contents [ 1287.891039][ T1993] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.8665: mark_inode_dirty error [ 1287.905266][ T1993] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.8665: corrupted inode contents [ 1287.917502][ T1993] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.8665: mark_inode_dirty error [ 1287.929301][ T1993] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8665: Failed to acquire dquot type 0 [ 1287.941250][ T1993] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8665: corrupted inode contents [ 1287.954726][ T1993] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.8665: mark_inode_dirty error [ 1287.966390][ T1993] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8665: corrupted inode contents [ 1287.979586][ T1993] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.8665: mark_inode_dirty error [ 1287.992019][ T1993] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8665: corrupted inode contents [ 1288.004652][ T1993] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 1288.014745][ T1993] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.8665: corrupted inode contents [ 1288.026968][ T1993] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.8665: mark_inode_dirty error [ 1288.039016][ T1993] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 1288.048408][ T1993] EXT4-fs (loop0): 1 truncate cleaned up [ 1288.055992][ T1993] ext4 filesystem being mounted at /465/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1288.093361][ T2002] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8659'. [ 1288.139386][ T2008] loop5: detected capacity change from 0 to 1024 [ 1288.146389][ T2008] EXT4-fs: Ignoring removed orlov option [ 1288.201040][ T2014] loop0: detected capacity change from 0 to 1024 [ 1288.207927][ T2014] EXT4-fs: Ignoring removed orlov option [ 1288.298703][ T2028] loop0: detected capacity change from 0 to 1024 [ 1288.305650][ T2028] EXT4-fs: Ignoring removed orlov option [ 1288.401505][ T2030] ================================================================== [ 1288.409624][ T2030] BUG: KCSAN: data-race in filemap_read / filemap_read [ 1288.416501][ T2030] [ 1288.418817][ T2030] read to 0xffff8881153ad468 of 8 bytes by task 2028 on cpu 0: [ 1288.426354][ T2030] filemap_read+0x6f/0xa00 [ 1288.430789][ T2030] generic_file_read_iter+0x79/0x330 [ 1288.436066][ T2030] ext4_file_read_iter+0x1cc/0x290 [ 1288.441180][ T2030] copy_splice_read+0x3c4/0x5f0 [ 1288.446039][ T2030] splice_direct_to_actor+0x290/0x680 [ 1288.451426][ T2030] do_splice_direct+0xda/0x150 [ 1288.456195][ T2030] do_sendfile+0x380/0x650 [ 1288.460608][ T2030] __x64_sys_sendfile64+0x105/0x150 [ 1288.465817][ T2030] x64_sys_call+0x2bb0/0x2ff0 [ 1288.470497][ T2030] do_syscall_64+0xd2/0x200 [ 1288.475004][ T2030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1288.480893][ T2030] [ 1288.483211][ T2030] write to 0xffff8881153ad468 of 8 bytes by task 2030 on cpu 1: [ 1288.490836][ T2030] filemap_read+0x974/0xa00 [ 1288.495357][ T2030] generic_file_read_iter+0x79/0x330 [ 1288.500676][ T2030] ext4_file_read_iter+0x1cc/0x290 [ 1288.505801][ T2030] copy_splice_read+0x3c4/0x5f0 [ 1288.510660][ T2030] splice_direct_to_actor+0x290/0x680 [ 1288.516032][ T2030] do_splice_direct+0xda/0x150 [ 1288.520811][ T2030] do_sendfile+0x380/0x650 [ 1288.525251][ T2030] __x64_sys_sendfile64+0x105/0x150 [ 1288.530436][ T2030] x64_sys_call+0x2bb0/0x2ff0 [ 1288.535091][ T2030] do_syscall_64+0xd2/0x200 [ 1288.539659][ T2030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1288.545547][ T2030] [ 1288.547844][ T2030] value changed: 0x0000000000000160 -> 0x0000000000000161 [ 1288.555009][ T2030] [ 1288.557318][ T2030] Reported by Kernel Concurrency Sanitizer on: [ 1288.563465][ T2030] CPU: 1 UID: 0 PID: 2030 Comm: syz.0.8670 Tainted: G W 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) [ 1288.577097][ T2030] Tainted: [W]=WARN [ 1288.580891][ T2030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1288.590939][ T2030] ================================================================== [ 1288.604020][ T1033] tipc: Node number set to 2986308454 [ 1289.039800][T14061] usb usb2-port1: attempt power cycle [ 1290.891074][T14061] usb usb2-port1: unable to enumerate USB device