last executing test programs: 1.248896194s ago: executing program 3 (id=890): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c460d04000c028000000000000003003e"], 0x78) close(r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0500000004000000e47f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) 1.195025475s ago: executing program 3 (id=892): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.067834026s ago: executing program 3 (id=897): timer_create(0x1, 0x0, &(0x7f0000000480)) r0 = socket(0x21, 0x80000, 0xc8b8) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r2 = syz_io_uring_setup(0x39, &(0x7f0000001800)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=0x0, &(0x7f0000001880)=0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r5, 0x0, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0, 0x10042}) io_uring_enter(r2, 0x92, 0x0, 0x0, 0x0, 0x0) ioctl$TCSETSW2(r1, 0x402c542c, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x15, &(0x7f00000004c0)=ANY=[@ANYBLOB="18120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018420000f9ffffff00000000000000008c22c0ff0000000085100000000000001800000005000000000000001000000018560000010000000000000000000000950000000000000018290000", @ANYRES32, @ANYBLOB="000000000700000018120000", @ANYRES32=0x1, @ANYBLOB="0000000000000000bf03000000000000850000000c000000b700000000000000"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x1b, &(0x7f0000000300)=""/27, 0x41100, 0x7b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x2, 0x8, 0x40, 0x6}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000400)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000440)=[{0x2, 0x2, 0xf, 0x4}, {0x1, 0x5, 0x2, 0x5}], 0x10, 0x85, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r6}, 0x18) ioctl$VT_RELDISP(r1, 0x5605) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r8, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6) recvmmsg(r8, &(0x7f0000000580)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=""/55, 0x37}}], 0x1, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1001f0) bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r0}, 0x8) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcdc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10) r10 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r10, 0x5423, &(0x7f00000002c0)=0x1) 916.934288ms ago: executing program 4 (id=903): symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') socket$inet_udp(0x2, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) r1 = socket$kcm(0x10, 0x2, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', 0x0, 0xa, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX]) close(0xffffffffffffffff) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000340)=@nl=@kern={0x10, 0x0, 0x0, 0x100000}, 0x80, &(0x7f0000000c40)=[{&(0x7f00000004c0)="75de45c56a69447b4c0a0f8bdd2648573f85599d448d5e9a90faebb9883800d2138aaacba917a8f4e5e3a07f96e67d7b867a742354e0612f83b192dd3f0f21b6f7464edddd893ad81199074a1b50f4df38ad49508db43571e5157029b1772b9345ad06b9a044e87448db885ee734819a756f4f3bc69a2c27f1b28076a611eda4dd1985dd7f296d9d5bae4c6d8ddcec77c5563dc0c415215fba", 0x99}, {&(0x7f0000000640)="97c87185a06f0fe8785e92830b65e175fe4a00bffa946707b638045e6d11acb1f7906a121920e22e7220467f85ed71314dd664b5f63361364cade4dae9f5fd9c28a0e6e1dfb6f2d1f437198d3a41f2a0545158dbea149404d8165409f5c6a92ba9024b1636970b57f0e65669c2ef23093eb63ba6859dad28218bc344b442ec82b8de82bfb31c3f33c2f76ba0dcb5d869694f9f8366d1b01d9339179ab5dda85119f4c55365023697cab33b5cb28f", 0xae}, {&(0x7f00000008c0)="acb055adc99f78463d02c0cb0c925f9e0b72706921e763723c64a71162c9098b61d1a6c157b2b8335b7c0ea5a31f300fad5351e563d9a2be6fc43b30f436ab3c421c23dad026c0a1efedb40df326d8a55b874ea62e8e795a7b4413db11713f18aa70ebf579ca1a01e447c91d32dc951486b14e4e48cc00fb45e85c2ed1ceef74c5957d6b36e4aa8859a227a9bc127da2dd1df02418e5e78cdf2ab5b52ec16738ae5fb8c2c6cf2a03e15dffd195e894a51155599b9deba139e216ae70563c0f83eeda957092315ff7f4", 0xc9}, {&(0x7f0000000a00)="5a0dc35c5802a7386adab9d26ff6f2c2220bbd43168cf1684dd1b599aec4378c4947288bae5a1424118003347bb6432be3ab080827d30667384a922fad09244a5628ab4bb0452533f28e09e28bb94ecbda977086e662b1f6c2be2bf1d0d6f5a1fc1b51428b33e5316c235cd0db4f61f24522b5168c29d9cb59862e82209e47ecc3d175bb5ef9136928ae0449dcc8ff4e143d4128993abffbef7e1b2e90ed29294c3a23b6433db599fb336a5ee9598fa5a691c4ca962127be9d84929a276cd90fae477501626a7396f11364d3f6f6fed6f52aa05a8e54e34662d8a9fcad3ee594e3dc592fa9340028d2af478896656865b20a", 0xf2}, {&(0x7f0000000b00)="d050ee03a4a1d93d4083c01d0733a0ed00f4b652c1a47f3e737636638c5a9ac10df9db9aa12767b74adfe7c0bf335d2af86ba75a1fc5ecb23bfe787eea9b79e48a4429b915581a8885ab0ad40e550b533d099d738f3b798617cb146e5f66618756cbc3e11ab094a6cf6e91b75d504e09a616ce36f680235c70b3ab796684a0e20e9ab6e18ab696e775043e9a973ba9dbe08edb01f151e1bd7c51d7450d9b216bb3a6dd09a1", 0xa5}, {&(0x7f0000000580)="9c930ce174dc4d9b0aa4e1e353f0579337fe8cf255c58588eaff0d4cb466c5dbf8fe33c4d6a0711de7078a983f43025f629dcd455a84b71e854444bdb1b554c1ab03f1fccdcffbe1ddfa11", 0x4b}, {&(0x7f0000000200)="2540c11af60622f404a095297af2ecb12ccf60829b42471f6e91f41f99ba04a0e6c19a6e548f0d7bf9356b6c2a9bfd4afd2266", 0x33}, {&(0x7f0000000bc0)="e12e37b7b13211c0812d06916c000ea927f7e2bde3bb32778423a64ab20c93611390adcf3e25e1155b4e3b3036f60147e49143e6e9ad9ccfd2872f6acf09262131bcbf642e8e359d9a", 0x49}], 0x8, &(0x7f0000000cc0)=ANY=[@ANYBLOB="b0000000000000000600000007000000eb8f2f0493fcfdf2a2f233faf633ab36e5be324d2ba1e8eaa39f637de248c6269420feebe2c6a7fff1584b6791e7986c138380fb9a676ea451fac3b04c0066a00e44c12d88d9fba7439751b86d1b6b30a88442153cea435579ec2d9af7b37e1f2c296110c7c163a1a74f609fbb16e2b132ee6cf2c2fb911dc0f9182f3df66936a1d8ea90ef0bc3126aea663129d93742552e24ad5d4b9b855f05292d0611b590b8b3bc0020000000000000000a010000fdffffffde64a9015d3e00d040f3203c125c000018000000000000000f01000036a80000e3000000"], 0xe8}, 0x1) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000280)={0x0, 0x7}, &(0x7f00000002c0)=0x8) sendmsg$kcm(r1, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73f72cc9f0ba1f848350000005e120602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x4000850) 878.856509ms ago: executing program 3 (id=907): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) r0 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f00000000c0)=0xc) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)={0x28, 0x18, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @ipv4=@multicast2}, @nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @uid=r1}]}]}, 0x28}}, 0x0) setuid(r1) 813.73189ms ago: executing program 3 (id=909): perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0xc0, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffc, 0x4, @perf_config_ext={0xa, 0x7}, 0x1100, 0x7, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0xfffffffe, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000140)={0x0}) 689.203801ms ago: executing program 3 (id=912): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) sendfile(r1, r1, 0x0, 0x40000f63c) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES64=r0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r4, &(0x7f0000004440)={&(0x7f0000000ec0)=@id={0x1e, 0x3, 0x1, {0x4e20}}, 0x10, 0x0}, 0x0) r5 = socket$key(0xf, 0x3, 0x2) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') openat$rtc(0xffffffffffffff9c, 0x0, 0x4001, 0x0) r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x6) write$tun(r6, 0x0, 0x82) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000007c0)='task_rename\x00', r7, 0x0, 0x800}, 0x18) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5") sendmsg$key(r5, &(0x7f0000000400)={0x10000000, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYBLOB="020e0080150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff000000000600330000000000000000000000eafffd8000000000000000000000000000aa000000000000000000000000000000000400"], 0xa8}}, 0x2) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000000000000", @ANYRES32, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0xf1d, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}, {0xc, 0x4}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x80) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@gettclass={0x24, 0x2a, 0x129, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x3}, {0x0, 0x2}, {0xd, 0x9}}}, 0x24}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r6, 0x89f0, &(0x7f0000002040)={'tunl0\x00', &(0x7f0000001f00)={'erspan0\x00', 0x0, 0x40, 0x40, 0x8001, 0x8, {{0x44, 0x4, 0x2, 0x1b, 0x110, 0x68, 0x0, 0xfb, 0x2f, 0x0, @rand_addr=0x64010102, @empty, {[@timestamp={0x44, 0x1c, 0x9e, 0x0, 0x8, [0xb78, 0xfffffffb, 0x7, 0xe, 0xd, 0x7ff]}, @generic={0x44, 0x6, "f4430914"}, @timestamp_addr={0x44, 0xc, 0xae, 0x1, 0x7, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x5}]}, @cipso={0x86, 0x62, 0x1, [{0x2, 0xc, "0f2707ec3fe557373c21"}, {0x0, 0xa, "42871b3c1fee0a1a"}, {0x5, 0x7, "7e71a4d62b"}, {0x1, 0xe, "49202e51f80a5bdf09ff77c0"}, {0x2, 0x3, "b3"}, {0x0, 0xf, "8f4e849f95af6c2731598c06e7"}, {0x2, 0x6, "11fd4365"}, {0x7, 0x9, "bc3d631d30dcd0"}, {0x0, 0x9, "a7f64206b751b4"}, {0x6, 0x7, "8bdd205f89"}]}, @end, @timestamp={0x44, 0x24, 0x7e, 0x0, 0x5, [0x6, 0x0, 0x1, 0x5, 0xd6, 0xb, 0xfffffffb, 0x6]}, @ssrr={0x89, 0x13, 0xc3, [@dev={0xac, 0x14, 0x14, 0x32}, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x19}, @local]}, @rr={0x7, 0x7, 0x7c, [@multicast2]}, @cipso={0x86, 0x26, 0x0, [{0x7, 0xa, "a7587c0927c09a49"}, {0x2, 0x10, "dbeccfd3a7b0d6129335798451a8"}, {0x1, 0x4, "8e53"}, {0x0, 0x2}]}, @rr={0x7, 0x7, 0x8a, [@rand_addr=0x64010102]}]}}}}}) r9 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@ipv6_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0xa, 0x80}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x0, @ILA_ATTR_HOOK_TYPE={0x5}}, @RTA_OIF={0x8, 0x4, r10}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x40810}, 0x20000000) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r6, &(0x7f0000002200)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000021c0)={&(0x7f0000002080)={0x114, 0x0, 0x4, 0x70bd27, 0x25dfdbfe, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x114}, 0x1, 0x0, 0x0, 0x488d1}, 0x24840) 629.325142ms ago: executing program 4 (id=915): socket$packet(0x11, 0xa, 0x300) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x4b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 569.550863ms ago: executing program 2 (id=918): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0, 0x0, 0x4}, 0x18) creat(&(0x7f0000000040)='./file0\x00', 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_u}]}}) 569.459813ms ago: executing program 4 (id=919): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) ftruncate(r1, 0x3) 538.894143ms ago: executing program 0 (id=920): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) sendto$inet(r0, 0x0, 0x4000, 0x0, 0x0, 0x0) 491.700244ms ago: executing program 4 (id=921): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000200008385000000710000001801000002696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000340)='./file2\x00', 0x404, &(0x7f0000000600)={[{@abort}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@noblock_validity}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b) 491.125194ms ago: executing program 0 (id=922): perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0xc0, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffc, 0x4, @perf_config_ext={0xa, 0x7}, 0x1100, 0x7, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0xfffffffe, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r1}, &(0x7f0000000080), &(0x7f0000000180)='%ps \x00'}, 0x20) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000140)={0x0}) 463.159904ms ago: executing program 1 (id=923): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x2) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000380)=0x2) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x3, 0x4) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x0, 0x224}, &(0x7f0000000040), &(0x7f00000000c0)) syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001ec0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@func_proto, @func_proto, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x74, 0x0, 0x7c, 0x4}]}}, &(0x7f0000001f00)=""/4096, 0x42, 0x1000, 0x3, 0x0, 0x0, @void, @value}, 0x28) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}, 0x1, 0x0, 0x0, 0x40080}, 0x8000) sendmsg$NFT_BATCH(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000002000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000007"], 0x64}}, 0x0) fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r4, 0x0, 0x0) r7 = openat$cgroup_subtree(r6, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r7, &(0x7f0000000680)=ANY=[@ANYBLOB="2b72646d6120bba99ff9c53ea765f88285fee8dbb367307d098a2c0afec57333903cd5db707e2497efadd7f7379438afae56b1658a8221afd2e0753c9b3b8c2f0a53858222e288f185c11ffc6db201fe91205649eed570e86263fcc97e9ea7d6293d4d6da4081ea0df9d38c680b2267502627977afb00234022078f0e4939fad097eeb8e906f1bda"], 0x6) 454.931154ms ago: executing program 2 (id=924): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0x13, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) getpid() epoll_create1(0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) link(0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xb0}, [@ldst={0x6}], {0x95, 0x0, 0xc00}}, 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fffffff785000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000000)='kfree\x00', r1}, 0x30) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x800401, 0x0) write$vga_arbiter(r2, &(0x7f0000000040), 0xf) syz_clone3(&(0x7f0000001580)={0x198814d00, &(0x7f0000000400), &(0x7f0000000440)=0x0, &(0x7f0000000480)=0x0, {0x27}, &(0x7f00000004c0)=""/91, 0x5b, &(0x7f0000000540)=""/4096, &(0x7f0000001540)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x5}, 0x58) fcntl$lock(r2, 0x6, &(0x7f0000001600)={0x0, 0x2, 0x3, 0x1010, r4}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000001680)={{0x1, 0x1, 0x18, r2, {0x2}}, './file0\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000016c0)={&(0x7f0000001640)='afs_call\x00', r5, 0x0, 0xee}, 0x18) fcntl$setlease(r2, 0x400, 0x1) write(r5, &(0x7f0000001780)="c3466bf187d907b38b8d3e3be3bb42aaa09f22cf9797f8f22d582770eb6b56eb61e023197f88b70d601d09941d5d531c145d0105b68d510855462ac90c8e86a8f15fcb3303927382c4dae5c5ef2706df0c7e738f7045dd9f2743de741a8e9abc2cf69062e4e4e1a0979c2ca91f57a733c26c7e81f0041472226bfb43062989", 0x7f) r6 = creat(&(0x7f0000001800)='./file0/file0\x00', 0x189) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000001840)='veno\x00', 0x5) write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000001900)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000018c0)={0xffffffffffffffff}, 0x106, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_MCAST(r6, &(0x7f0000001940)={0x16, 0x98, 0xfa00, {&(0x7f0000001880), 0x3, r7, 0x10, 0x1, @ib={0x1b, 0x0, 0x38b5, {"823cbf5ed22121ab2d481bd3a812023b"}, 0x3, 0x8, 0x3}}}, 0xa0) getpgid(r3) read$nci(r5, &(0x7f0000001a00)=""/13, 0xd) r8 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0) pwritev(r8, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0) 390.040025ms ago: executing program 0 (id=925): symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') socket$inet_udp(0x2, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) r1 = socket$kcm(0x10, 0x2, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', 0x0, 0xa, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX]) close(0xffffffffffffffff) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000340)=@nl=@kern={0x10, 0x0, 0x0, 0x100000}, 0x80, &(0x7f0000000c40)=[{&(0x7f00000004c0)="75de45c56a69447b4c0a0f8bdd2648573f85599d448d5e9a90faebb9883800d2138aaacba917a8f4e5e3a07f96e67d7b867a742354e0612f83b192dd3f0f21b6f7464edddd893ad81199074a1b50f4df38ad49508db43571e5157029b1772b9345ad06b9a044e87448db885ee734819a756f4f3bc69a2c27f1b28076a611eda4dd1985dd7f296d9d5bae4c6d8ddcec77c5563dc0c415215fba", 0x99}, {&(0x7f0000000640)="97c87185a06f0fe8785e92830b65e175fe4a00bffa946707b638045e6d11acb1f7906a121920e22e7220467f85ed71314dd664b5f63361364cade4dae9f5fd9c28a0e6e1dfb6f2d1f437198d3a41f2a0545158dbea149404d8165409f5c6a92ba9024b1636970b57f0e65669c2ef23093eb63ba6859dad28218bc344b442ec82b8de82bfb31c3f33c2f76ba0dcb5d869694f9f8366d1b01d9339179ab5dda85119f4c55365023697cab33b5cb28f", 0xae}, {&(0x7f00000008c0)="acb055adc99f78463d02c0cb0c925f9e0b72706921e763723c64a71162c9098b61d1a6c157b2b8335b7c0ea5a31f300fad5351e563d9a2be6fc43b30f436ab3c421c23dad026c0a1efedb40df326d8a55b874ea62e8e795a7b4413db11713f18aa70ebf579ca1a01e447c91d32dc951486b14e4e48cc00fb45e85c2ed1ceef74c5957d6b36e4aa8859a227a9bc127da2dd1df02418e5e78cdf2ab5b52ec16738ae5fb8c2c6cf2a03e15dffd195e894a51155599b9deba139e216ae70563c0f83eeda957092315ff7f4", 0xc9}, {&(0x7f0000000a00)="5a0dc35c5802a7386adab9d26ff6f2c2220bbd43168cf1684dd1b599aec4378c4947288bae5a1424118003347bb6432be3ab080827d30667384a922fad09244a5628ab4bb0452533f28e09e28bb94ecbda977086e662b1f6c2be2bf1d0d6f5a1fc1b51428b33e5316c235cd0db4f61f24522b5168c29d9cb59862e82209e47ecc3d175bb5ef9136928ae0449dcc8ff4e143d4128993abffbef7e1b2e90ed29294c3a23b6433db599fb336a5ee9598fa5a691c4ca962127be9d84929a276cd90fae477501626a7396f11364d3f6f6fed6f52aa05a8e54e34662d8a9fcad3ee594e3dc592fa9340028d2af478896656865b20a", 0xf2}, {&(0x7f0000000b00)="d050ee03a4a1d93d4083c01d0733a0ed00f4b652c1a47f3e737636638c5a9ac10df9db9aa12767b74adfe7c0bf335d2af86ba75a1fc5ecb23bfe787eea9b79e48a4429b915581a8885ab0ad40e550b533d099d738f3b798617cb146e5f66618756cbc3e11ab094a6cf6e91b75d504e09a616ce36f680235c70b3ab796684a0e20e9ab6e18ab696e775043e9a973ba9dbe08edb01f151e1bd7c51d7450d9b216bb3a6dd09a1", 0xa5}, {&(0x7f0000000580)="9c930ce174dc4d9b0aa4e1e353f0579337fe8cf255c58588eaff0d4cb466c5dbf8fe33c4d6a0711de7078a983f43025f629dcd455a84b71e854444bdb1b554c1ab03f1fccdcffbe1ddfa11", 0x4b}, {&(0x7f0000000200)="2540c11af60622f404a095297af2ecb12ccf60829b42471f6e91f41f99ba04a0e6c19a6e548f0d7bf9356b6c2a9bfd4afd2266", 0x33}, {&(0x7f0000000bc0)="e12e37b7b13211c0812d06916c000ea927f7e2bde3bb32778423a64ab20c93611390adcf3e25e1155b4e3b3036f60147e49143e6e9ad9ccfd2872f6acf09262131bcbf642e8e359d9a", 0x49}], 0x8, &(0x7f0000000cc0)=ANY=[@ANYBLOB="b0000000000000000600000007000000eb8f2f0493fcfdf2a2f233faf633ab36e5be324d2ba1e8eaa39f637de248c6269420feebe2c6a7fff1584b6791e7986c138380fb9a676ea451fac3b04c0066a00e44c12d88d9fba7439751b86d1b6b30a88442153cea435579ec2d9af7b37e1f2c296110c7c163a1a74f609fbb16e2b132ee6cf2c2fb911dc0f9182f3df66936a1d8ea90ef0bc3126aea663129d93742552e24ad5d4b9b855f05292d0611b590b8b3bc0020000000000000000a010000fdffffffde64a9015d3e00d040f3203c125c000018000000000000000f01000036a80000e3000000"], 0xe8}, 0x1) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000280)={0x0, 0x7}, &(0x7f00000002c0)=0x8) sendmsg$kcm(r1, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73f72cc9f0ba1f848350000005e120602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x4000850) 389.531365ms ago: executing program 1 (id=926): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$inet6(0xa, 0x6, 0x0) socket$kcm(0x2b, 0x1, 0x0) socket$kcm(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket$kcm(0xa, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x14, 0x4, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket$kcm(0xa, 0x3, 0x87) socket$kcm(0x10, 0x400000002, 0x0) socket$kcm(0xa, 0x1, 0x106) socket$kcm(0x10, 0x400000002, 0x0) socket$kcm(0x10, 0x3, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) dup(r1) socket$kcm(0xa, 0x5, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r2], 0x20) 312.524226ms ago: executing program 1 (id=927): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$inet6(0xa, 0x6, 0x0) socket$kcm(0x2b, 0x1, 0x0) socket$kcm(0x10, 0x2, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket$kcm(0xa, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x14, 0x4, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket$kcm(0xa, 0x3, 0x87) socket$kcm(0x10, 0x400000002, 0x0) socket$kcm(0xa, 0x1, 0x106) socket$kcm(0x10, 0x400000002, 0x0) socket$kcm(0x10, 0x3, 0x10) socket$kcm(0xa, 0x5, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r1], 0x20) 311.853996ms ago: executing program 2 (id=928): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000600)='kfree\x00', r0}, 0x18) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r1, 0x84, 0x81, &(0x7f00000002c0)="1ae96d0103010000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000740)=ANY=[], 0xffc9) 256.300647ms ago: executing program 1 (id=929): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x275a, 0x0) fcntl$lock(r0, 0x26, &(0x7f0000000000)={0x0, 0x0, 0x1b8, 0x3}) fcntl$lock(r0, 0x6, &(0x7f0000000200)={0x0, 0x0, 0x3, 0x1fd}) fcntl$lock(r0, 0x24, &(0x7f00000001c0)={0x2, 0x0, 0x3, 0x1}) fsconfig$FSCONFIG_SET_PATH(r0, 0x3, &(0x7f0000000180)='\x00', &(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) uname(&(0x7f0000000000)=""/174) fcntl$setpipe(r1, 0x407, 0x5) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x7}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{}, &(0x7f0000000a00), &(0x7f0000000a40)=r3}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{}, &(0x7f0000000880), &(0x7f00000008c0)=r3}, 0x20) 255.696177ms ago: executing program 0 (id=930): bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$inet6(0xa, 0x6, 0x0) socket$kcm(0x2b, 0x1, 0x0) socket$kcm(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket$kcm(0xa, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x14, 0x4, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket$kcm(0xa, 0x3, 0x87) socket$kcm(0x10, 0x400000002, 0x0) socket$kcm(0xa, 0x1, 0x106) socket$kcm(0x10, 0x400000002, 0x0) socket$kcm(0x10, 0x3, 0x10) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffb, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) dup(r2) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r3], 0x20) 224.321917ms ago: executing program 4 (id=931): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$inet6(0xa, 0x6, 0x0) socket$kcm(0x2b, 0x1, 0x0) socket$kcm(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket$kcm(0xa, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x14, 0x4, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket$kcm(0xa, 0x3, 0x87) socket$kcm(0x10, 0x400000002, 0x0) socket$kcm(0xa, 0x1, 0x106) socket$kcm(0x10, 0x400000002, 0x0) socket$kcm(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffb, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = dup(r3) fsetxattr$security_selinux(r4, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0) socket$kcm(0xa, 0x5, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r5], 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6eaa000000000000611008000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 149.770538ms ago: executing program 2 (id=932): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) sendto$inet(r0, 0x0, 0x4000, 0x0, 0x0, 0x0) 149.323958ms ago: executing program 1 (id=933): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f00000000c0)=0xc) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) setuid(r2) 91.372259ms ago: executing program 2 (id=934): perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0xc0, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffc, 0x4, @perf_config_ext={0xa, 0x7}, 0x1100, 0x7, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0xfffffffe, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000140)={0x0}) 25.44764ms ago: executing program 0 (id=935): perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0xc0, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffc, 0x4, @perf_config_ext={0xa, 0x7}, 0x1100, 0x7, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0xfffffffe, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r1}, &(0x7f0000000080), &(0x7f0000000180)='%ps \x00'}, 0x20) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000140)={0x0}) 25.13788ms ago: executing program 4 (id=936): syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x4, 0x127b, &(0x7f00000011c0)="$eJzs3c1rI2UcB/Bf2vR17Yu6ru6C+KAXRYjbHjx5KbILYkGpdkEFYdamGpompQmFiNh68iT4Z4h69CaI/0AvXjwLgkgvHvcgjqTJrk2Tdt3tm8jnc5mHZ57v88x0mIEp8yN7r3y5vrbaKK1mzRgqFKK4MRLFOylSDMVwdOzEC7d+/uXpt9559/WFxcUbSyndXHh77uWU0vQzP7z3ybfP/ti8dOu76e/HYnf2/b0/5n/dvbJ7de+vb6LSSJVGqtWbKUu36/VmdrtaTiuVxloppTer5axRTpVao7zZs3+1Wt/YaKWstjI1ubFZbjRSVmultXIrNQupudlK2YdZpZZKpVKamgxOYvnrO3meR+T5SIxGnuf5REzGpXgkpmI6ZmI2Ho3H4vG4HE/ElXgyhiL2R130cQMAAAAAAAAAAAAAAAAAAMD/y33q/wu99f9PxVX1/wAAAAAAAAAAAAAAAAAAAHDqDtf/FyPu1f8XihHq/wEAAAAAAAAAAAAAAAAAAODs3ef3/w/V/7+o/h8AAAAAAAAAAAAAAAAAAADOwnhns5TSeMT651vLW8udbad/YTUqUY1yXI+Z+DP2q/87Ou2bry3euJ72zcZL69vd/PbW8nBvfm5kJmYLA/NznXzqzY/F5MH8fMzE5cHrzw/Mj8fzz7Xzn3XypZiJnz6IelRjJaLQPfv9/KdzKb36xuJEb/5ae9yRhs/4sgAAAMBpKqV7+t/fd7qDBu7v7Oq+n6fuyMIx/x849H5ejGvFizpr7mq0Pl7LqtXy5kM2Ro+eZ/RkM/c1ChGRxcGe6cnfltqLn9oSD9sYPtdFR44fc4JrGsX/wB9zYGPogVK/f3WgZzzO+VC7t0RWbT8//10qdvL8pKsPHbfWwJtx7LgJj35mtG/E7XN4NnH2/rnoF30kAAAAAAAAAAAAPIiBX/9NRETf94Af9fXc/Ty8N94/89Grf3EOZwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzNDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+CgAA////TtAs") r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000200), 0x175d9003) socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000500)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000540)=0x4) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b208850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) getsockopt$sock_buf(r3, 0x1, 0x1f, &(0x7f0000002340)=""/4096, &(0x7f0000000340)=0x1000) pipe(0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f00000002c0)) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup/syz0\x00', 0x1ff) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xffffffff}, 0x1320, 0x0, 0x3, 0x5, 0x0, 0x800001, 0xfffb, 0x0, 0xffffffff, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000e2ff00000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000800000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r4}, 0x18) lsm_get_self_attr(0x69, &(0x7f0000000940)={0x0, 0x0, 0xde, 0xbe, ""/190}, &(0x7f00000004c0)=0xde, 0x0) 22.13645ms ago: executing program 1 (id=937): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0200000004000000e47f000001"], 0x50) syz_mount_image$vfat(&(0x7f0000000100), &(0x7f00000004c0)='./file1\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="009f587a31d53b5cb6077bd11087bb6e13aac56feecaaae0b009cee43814e80646ff2772abedb27f35c706ba7c624afb75f473956061ae41834d27270063fa18a3515f9ac6cd6f15a042b1edcd60bdeb55446beed1014aa13d43d399fb4f716b8a24502a8e3e697642b172841c89aecefe0cfb3c32d7c28955601f41fb90d51951d91a35a5abeb4ffceef5cf6e190ec9eb6f91a0d06882039b54dd4485b823414e06691b0244ca11ac0baeaeec1a96861d358464329c64b77e6ff2e2d8a6bb29268be3e7c46750210270d79e1054add6c2ef3f0373", @ANYRES32, @ANYRESOCT=0x0], 0x1, 0x1282, &(0x7f0000002880)="$eJzs3U1rY1UcB+B/pmmbduyLOo52QDzoRhHitAtXborMgFhQqh1QQbhjUy1Nm9KEQkScunIl+DFEXboTxC/QjRvXgiDSjctZiFfSpE7TpB2nNq0Mz7PJ5ZzzO+fce8qFW+7h7r3y5fraSr28kjXiUqEQxc3hKN5NkeJSDEXbTrxw6+dfnn7rnXdfn19YuLGY0s35t2dfTilNPvPDe598++yPjcu3vpv8fjR2p9/f+2Pu192ruzN7f30Tq/W0Wk8btUbK0u1arZHdrlbS8mp9rZzSm9VKVq+kUmeMe/Ur1drmZjNlG8sT45tblXo9ZRvNtFZppkYhNbaaKfswW91I5XI5TYwH/8XS13fzPI/I8+EYiTzP87EYj8vxSEzEZEzFdDwaj8XjcSWeiKvxZDwVM/utDvIjFzt9AAAAAAAAAAAAAAAAAAAAeEjcZ/9/oXf//+hFTxkAAAAAAAAAAAAAAAAAAAAeOkf3/xcjHuD7/wAAAAAAAAAAAAAAAAAAAMBZuM/3/4/s/3/R/n8AAAAAAAAAAAAAAAAAAAAYhFL7ZzGlUsT659tL20vt33b5/EqsRjUqcT2m4s/Y3/3f1j6++drCjetp33S8tH6nk7+zvTTUnZ8dnorpQt/8bDufuvOjMX44PxdTcaX/+HN986V4/rlW/rN2vhxT8dMHUYtqLEcUOme/n/90NqVX31gY685fa7U71tCAlwUAAADOUjn9o/f5fafTqG99u6rzfJ46LQsn/H/gyPN5Ma4VL+qsOVBvfryWVauVrVMejBzfz0h3yVin5anHKkRE1hWfHP9tsdXlaSd/ZgdD5zro8Mltjq7FTOnEDi8dWsEo/g8u5hkc/P7VoZJSDGqs4dafc0/VwQXNqq3757/rMHbyfKCXZaRf1ehJqePvGYUB3o84X/cW/aJnAgAAAAAAAAAAwIPo+/bfWET0vA/4UU/Jwevh3fHeno8f/YtzOEMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+ZgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwVQAAAP//kh3BBA==") truncate(&(0x7f0000000080)='./file1\x00', 0x5) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000e40)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r7 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000032e80)=@delchain={0x674, 0x65, 0x400, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x10, 0xd}, {0x4, 0x2}, {0xc, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x4}}, @filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ICMPV6_CODE={0x5}, @TCA_FLOWER_KEY_IPV4_DST_MASK={0x8}, @TCA_FLOWER_KEY_ENC_IP_TOS_MASK={0x5, 0x51, 0x7}]}}, @filter_kind_options=@f_route={{0xa}, {0x5d4, 0x2, [@TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_CLASSID={0x8, 0x1, {0xa, 0xb}}, @TCA_ROUTE4_ACT={0x3b0, 0x6, [@m_bpf={0x14c, 0x19, 0x0, 0x0, {{0x8}, {0x34, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x7, 0x80000000, 0xffffffffffffffff, 0x8, 0xea}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x80000000, 0x3, 0x0, 0x1}}]}, {0xf3, 0x6, "f7c786566d9a0bf2f3cf330bbd2cfffecc0797c4873833ffe7b88248d6351607e3ee2562f9ed3661968d1258511e33c5fbf405396926844823ef1441c67c64630fcdf5d5496c7966fc7caadd3e7f62292322a214b7b960391616836e7a4be509988f837a6f1c43b913f9e1ff1bb4c4b3b6295971338a5d6ecd34ce7b9faea55a79839546c3d5562cec144599f0376505f3698ec60bec58d5da5f2d941e71438cdf30ac3bdea586099f8d30f4177995eac3acf5d5f893f604e4aa370e078f0fbb6d8b3fdd9c3b4457d0be519838f25b537e7ae7cc1cd555c9db8e7fcd60764c6826b62c4fadfc8cf9069a549de659bf"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ife={0x144, 0x17, 0x0, 0x0, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [@TCA_IFE_TYPE={0x6, 0x5, 0x200}, @TCA_IFE_SMAC={0xa, 0x4, @random="fb0039e824ad"}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xfffffffb, 0x7, 0x7, 0x4, 0x10000}}}, @TCA_IFE_TYPE={0x6, 0x5, 0x7f}]}, {0xe4, 0x6, "7684f7caf248a235b7bf7749377592be934e68463d8f573aed13f042959c2f395edc95dfa047b0870a67a281f86f26ecaa5030180d712d2cf4c016409dda39fa3721c3d93e84a282bbe9e41a79a75899a6517ba181e92982ce479a9d2f2330c1fe9433a023f162e659d4d52d795b8d90ad3115da33ea9e7d49b4bffe162483c6db41c1cdc61dbdf8710ff80d339631c3f639a6de610943ddc7e89b57e5379259e3f2de6d742d59d8161e0e9a4399859df4a15d098fe1db2f23ab5132e286c13d58c893caa2707a619e2c1c6acafc3d80dd875667525b4a2b314e74c2bc73a03c"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_mirred={0x11c, 0x1d, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x5fa6d371, 0x1b, 0xf, 0x8, 0x9}, 0x2, r8}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x7fffffff, 0x6, 0x4, 0x100}, 0x4, r8}}]}, {0xad, 0x6, "2f2a021a8ea02680e5971acd9c786588350d95d8765117e44c854dacf7c9f9d7169501adc1c625db70cf91a10eff19d65adf9f3b906fa060730299dbff6d36745163656b02eb1dd6e6fcb1870ac9a84bf8011a0d71058f9dce14fcf1589cc90f9bb916716450db673647b8065b6a2c47c903610d03b304aba91d1f96731379ec7984685f0b8fdeaeef68adc2643ca5e37d07e070caf2d018e21f9350ef4d20ba5f321229461b928ad5"}, {0xc}, {0xc, 0x8, {0x0, 0x6}}}}]}, @TCA_ROUTE4_ACT={0x210, 0x6, [@m_simple={0x138, 0x17, 0x0, 0x0, {{0xb}, {0xc4, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x6, 0x3, 0x1, 0x3, 0x200}}, @TCA_DEF_PARMS={0x18, 0x2, {0x3b, 0x5, 0xffffffffffffffff, 0x100, 0xa}}, @TCA_DEF_DATA={0x7, 0x3, 'w-\x00'}, @TCA_DEF_DATA={0xf, 0x3, 'syzkaller0\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x3, 0x0, 0x1, 0x2754, 0x3a7cd5b7}}, @TCA_DEF_PARMS={0x18, 0x2, {0x7ff, 0x1, 0x20000000, 0x1, 0x1}}, @TCA_DEF_DATA={0xa, 0x3, '\x9f/\\#$\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x9, 0x80, 0xffffffffffffffff, 0x7, 0x8}}, @TCA_DEF_DATA={0xa, 0x3, 'wlan1\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x3, 0x8, 0x0, 0xfff, 0xd4a}}]}, {0x4b, 0x6, "885ac4a5d4a3fd11d90279c7ca8d3d3b72f42ca4e823f3d5c0e5e7f7aec54351b44032d6774e1591b8e4014081fdf0e2ce4b81c76cfada83173364d24101299bab41d0284be385"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x5, 0x1}}}}, @m_skbedit={0xd4, 0xb, 0x0, 0x0, {{0xc}, {0x54, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x72, 0xfffffff9, 0x2, 0x4}}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x10001, 0x8, 0x5, 0x3, 0x4}}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x2, 0xfffffffb, 0x10000000, 0x100, 0x101}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x800}]}, {0x57, 0x6, "4fbd5a6cc1a419ada89e1aa094618705ee3a615f432d2f619842955c775ac4e387ee88914b3303e2c46b17108ac67bfe302a98cc1a20e39451ab87307ba362eed71e8f3621cd22526ac83e62b173443352ab43"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x5}}}}]}]}}, @filter_kind_options=@f_route={{0xa}, {0x1c, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0xb5}, @TCA_ROUTE4_CLASSID={0x8, 0x1, {0xe, 0xfff3}}, @TCA_ROUTE4_FROM={0x8, 0x3, 0x7}]}}, @TCA_RATE={0x6, 0x5, {0xc, 0x98}}, @TCA_RATE={0x6, 0x5, {0xa, 0x7}}, @TCA_CHAIN={0x8, 0xb, 0x3}]}, 0x674}}, 0x1) sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001380)=@newtfilter={0x7c, 0x2c, 0xd27, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r8, {0x4, 0x4}, {}, {0x1, 0xf}}, [@filter_kind_options=@f_u32={{0x8}, {0x50, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0xb, 0xf, 0x3, 0x2, 0x7ae, 0x9, 0xb11, 0x65, [{0x7fff, 0x401, 0x5, 0x6}, {0x0, 0xe1, 0x7, 0xfffffffd}, {0x3ff, 0xa, 0x76800, 0xd}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0x1, 0x3}}]}}]}, 0x7c}}, 0x20040054) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001680)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=r3, @ANYBLOB="01d02b99b6f7a40e1c00e20d000000040000ffff000000000000", @ANYRES32=r8, @ANYRES32=r8, @ANYBLOB="04000000000100000400"/28], 0x50) splice(r2, 0x0, r5, 0x0, 0x10003, 0x0) readv(r4, &(0x7f00000003c0)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000004200)=""/4084, 0xff4}], 0x2) write$binfmt_elf64(r3, &(0x7f0000000140)=ANY=[], 0x10034) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r9, 0x0, 0xfffffffffffffffd}, 0x18) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) r10 = socket$key(0xf, 0x3, 0x2) r11 = socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r11) sendmsg$NL80211_CMD_GET_WIPHY(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="59bb22bd7000000020001100000008002b01"], 0x28}}, 0x0) sendmsg$key(r10, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB="0203ff030c00000000000000fddbdf25010009000000000003000600000000000200000000000000000000000000010002000100000000000000050b00000000030005000000000002000000ac141daa0000000000000000010014"], 0x60}, 0x1, 0x7}, 0x0) 21.62768ms ago: executing program 2 (id=938): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) mkdirat(0xffffffffffffff9c, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1") 0s ago: executing program 0 (id=939): perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0xc0, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffc, 0x4, @perf_config_ext={0xa, 0x7}, 0x1100, 0x7, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0xfffffffe, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000140)={0x0}) kernel console output (not intermixed with test programs): offset=16, inode=14, rec_len=40, size=56 fake=0 [ 41.599291][ T3518] EXT4-fs: Ignoring removed orlov option [ 41.631214][ T3512] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.17: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0 [ 41.663481][ T3518] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 41.668747][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.684947][ T31] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:1: Failed to release dquot type 1 [ 41.713338][ T3337] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.724439][ T3524] loop0: detected capacity change from 0 to 1024 [ 41.752999][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.770162][ T3524] EXT4-fs: Ignoring removed orlov option [ 41.780174][ T3518] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.800801][ T3524] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 41.891631][ T3524] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.906535][ T3518] EXT4-fs error (device loop2): ext4_check_all_de:659: inode #12: block 7: comm syz.2.20: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 41.935566][ T3524] EXT4-fs error (device loop0): ext4_find_dest_de:2054: inode #12: block 7: comm syz.0.22: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 41.988425][ T3543] EXT4-fs error (device loop0): ext4_check_all_de:659: inode #12: block 7: comm syz.0.22: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0 [ 42.019461][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.029113][ T3540] loop1: detected capacity change from 0 to 512 [ 42.091454][ T3540] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 42.140276][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.218437][ T3553] Zero length message leads to an empty skb [ 42.226367][ T3540] EXT4-fs (loop1): mount failed [ 42.249583][ T3553] netlink: 4 bytes leftover after parsing attributes in process `syz.2.32'. [ 42.270424][ T3557] loop0: detected capacity change from 0 to 1024 [ 42.295267][ T3557] EXT4-fs: Ignoring removed orlov option [ 42.308609][ T3557] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 42.346987][ T3557] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.390185][ T3557] EXT4-fs error (device loop0): ext4_find_dest_de:2054: inode #12: block 7: comm syz.0.31: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 42.441987][ T3560] EXT4-fs error (device loop0): ext4_check_all_de:659: inode #12: block 7: comm syz.0.31: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0 [ 42.497513][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.528576][ T3564] loop3: detected capacity change from 0 to 1024 [ 42.541231][ T3564] EXT4-fs: Ignoring removed orlov option [ 42.576295][ T3564] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 42.624786][ T3564] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.695803][ T3564] EXT4-fs error (device loop3): ext4_find_dest_de:2054: inode #12: block 7: comm syz.3.35: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 42.745197][ T3564] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.35: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0 [ 42.793791][ T3572] loop1: detected capacity change from 0 to 512 [ 42.820476][ T3337] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.837804][ T3572] EXT4-fs (loop1): 1 orphan inode deleted [ 42.848386][ T3412] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1 [ 42.872319][ T3572] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.894424][ T3572] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 42.896234][ T3576] netlink: 4 bytes leftover after parsing attributes in process `syz.0.39'. [ 42.940441][ T3580] sd 0:0:1:0: device reset [ 43.050935][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.060817][ T3412] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1 [ 43.162193][ T3592] loop1: detected capacity change from 0 to 512 [ 43.184583][ T3596] netlink: 24 bytes leftover after parsing attributes in process `syz.4.47'. [ 43.204986][ T3592] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 43.235754][ T3592] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.240057][ T3602] loop3: detected capacity change from 0 to 512 [ 43.260237][ T3592] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.286889][ T3602] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 43.316708][ T3602] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.335865][ T3602] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.336476][ T3592] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 43.371755][ T3602] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 43.454404][ T3337] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.473580][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.517951][ T3618] loop3: detected capacity change from 0 to 512 [ 43.573386][ T3618] EXT4-fs (loop3): too many log groups per flexible block group [ 43.581721][ T3618] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 43.600360][ T3618] EXT4-fs (loop3): mount failed [ 43.867207][ T3646] loop1: detected capacity change from 0 to 512 [ 43.888492][ T3646] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 43.930295][ C0] hrtimer: interrupt took 27157 ns [ 43.951276][ T3646] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.971432][ T3646] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 44.068683][ T3646] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 44.100336][ T3661] loop4: detected capacity change from 0 to 1024 [ 44.109665][ T3661] EXT4-fs: Ignoring removed orlov option [ 44.116292][ T3661] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 44.163071][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.163812][ T3661] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.195171][ T3661] EXT4-fs error (device loop4): ext4_find_dest_de:2054: inode #12: block 7: comm syz.4.73: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 44.279283][ T3670] EXT4-fs error (device loop4): ext4_check_all_de:659: inode #12: block 7: comm syz.4.73: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0 [ 44.310340][ T3674] loop2: detected capacity change from 0 to 1024 [ 44.318541][ T3674] EXT4-fs: Ignoring removed orlov option [ 44.334037][ T3676] netlink: 24 bytes leftover after parsing attributes in process `syz.0.79'. [ 44.373012][ T3674] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 44.393973][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.406890][ T3678] loop1: detected capacity change from 0 to 1024 [ 44.430339][ T3674] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.453743][ T3678] EXT4-fs: Ignoring removed orlov option [ 44.468168][ T3678] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 44.485004][ T3674] EXT4-fs error (device loop2): ext4_find_dest_de:2054: inode #12: block 7: comm syz.2.78: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 44.535865][ T3690] EXT4-fs error (device loop2): ext4_check_all_de:659: inode #12: block 7: comm syz.2.78: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0 [ 44.581681][ T3678] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.604580][ T3694] loop0: detected capacity change from 0 to 512 [ 44.624919][ T3694] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 44.650188][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.669587][ T3697] loop4: detected capacity change from 0 to 512 [ 44.687725][ T3678] EXT4-fs error (device loop1): ext4_check_all_de:659: inode #12: block 7: comm syz.1.80: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 44.706831][ T3697] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 44.739889][ T3694] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.769645][ T3694] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 44.769835][ T3697] EXT4-fs (loop4): 1 truncate cleaned up [ 44.794466][ T3694] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 44.804565][ T3704] netlink: 'syz.3.89': attribute type 10 has an invalid length. [ 44.821243][ T29] kauditd_printk_skb: 524 callbacks suppressed [ 44.821259][ T29] audit: type=1326 audit(1748480287.922:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3702 comm="syz.2.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 44.821636][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.830222][ T29] audit: type=1326 audit(1748480287.922:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3702 comm="syz.2.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 44.881838][ T3697] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.911623][ T29] audit: type=1326 audit(1748480287.972:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3702 comm="syz.2.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 44.941029][ T3704] veth0_vlan: left promiscuous mode [ 44.959303][ T29] audit: type=1326 audit(1748480287.972:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3702 comm="syz.2.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 44.992445][ T29] audit: type=1326 audit(1748480287.972:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3702 comm="syz.2.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 44.993089][ T3704] veth0_vlan: entered promiscuous mode [ 45.019103][ T29] audit: type=1326 audit(1748480287.972:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3702 comm="syz.2.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 45.052578][ T3704] team0: Device veth0_vlan failed to register rx_handler [ 45.054777][ T29] audit: type=1326 audit(1748480287.972:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3702 comm="syz.2.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 45.092798][ T29] audit: type=1326 audit(1748480287.972:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3702 comm="syz.2.88" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 45.125140][ T3707] netlink: 24 bytes leftover after parsing attributes in process `syz.2.92'. [ 45.143066][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.186269][ T29] audit: type=1326 audit(1748480288.292:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3708 comm="syz.2.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 45.217073][ T29] audit: type=1326 audit(1748480288.292:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3708 comm="syz.2.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 45.346205][ T3718] netlink: 24 bytes leftover after parsing attributes in process `syz.2.96'. [ 45.461148][ T3722] loop0: detected capacity change from 0 to 512 [ 45.507121][ T3722] EXT4-fs (loop0): 1 orphan inode deleted [ 45.532791][ T3722] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.558412][ T2920] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1 [ 45.640713][ T3722] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.675872][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.777979][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.794844][ T12] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:0: Failed to release dquot type 1 [ 45.883765][ T3740] netlink: 24 bytes leftover after parsing attributes in process `syz.1.103'. [ 46.000295][ T3747] loop3: detected capacity change from 0 to 1024 [ 46.029489][ T3747] EXT4-fs: Ignoring removed orlov option [ 46.066487][ T3750] netlink: 4 bytes leftover after parsing attributes in process `syz.1.108'. [ 46.111221][ T3747] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 46.168221][ T3747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.194869][ T3761] netlink: 'syz.0.113': attribute type 10 has an invalid length. [ 46.206017][ T3761] veth0_vlan: left promiscuous mode [ 46.217130][ T3761] veth0_vlan: entered promiscuous mode [ 46.228774][ T3761] team0: Device veth0_vlan failed to register rx_handler [ 46.247308][ T3744] loop2: detected capacity change from 0 to 2048 [ 46.259989][ T3747] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.107: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 46.370734][ T3337] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.407766][ T3744] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.489365][ T3772] 9pnet: Could not find request transport: f [ 46.596767][ T3772] infiniband syz!: set active [ 46.602292][ T3772] infiniband syz!: added team_slave_0 [ 46.628935][ T3772] RDS/IB: syz!: added [ 46.637123][ T3772] smc: adding ib device syz! with port count 1 [ 46.669129][ T3772] smc: ib device syz! port 1 has pnetid [ 46.693202][ T3744] netlink: 16 bytes leftover after parsing attributes in process `syz.2.105'. [ 46.714417][ T3781] loop0: detected capacity change from 0 to 512 [ 46.784377][ T3781] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 46.819583][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.875287][ T3781] EXT4-fs (loop0): mount failed [ 46.887942][ T3785] netlink: 24 bytes leftover after parsing attributes in process `syz.2.119'. [ 47.126304][ T3791] loop2: detected capacity change from 0 to 512 [ 47.139393][ T3788] loop1: detected capacity change from 0 to 8192 [ 47.146568][ T3791] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 47.181416][ T3791] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.210924][ T3791] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 47.233727][ T3791] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 47.283087][ T3795] netlink: 24 bytes leftover after parsing attributes in process `syz.4.123'. [ 47.364193][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.443478][ T3799] loop1: detected capacity change from 0 to 1024 [ 47.471299][ T3799] EXT4-fs: Ignoring removed orlov option [ 47.526389][ T3807] loop2: detected capacity change from 0 to 1024 [ 47.533505][ T3799] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 47.572926][ T3799] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.609149][ T3807] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.627277][ T3799] EXT4-fs error (device loop1): ext4_find_dest_de:2054: inode #12: block 7: comm syz.1.124: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 47.661120][ T3807] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 47.673357][ T3807] FAULT_INJECTION: forcing a failure. [ 47.673357][ T3807] name failslab, interval 1, probability 0, space 0, times 1 [ 47.686886][ T3807] CPU: 1 UID: 0 PID: 3807 Comm: syz.2.126 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) [ 47.686920][ T3807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 47.686935][ T3807] Call Trace: [ 47.686942][ T3807] [ 47.686949][ T3807] __dump_stack+0x1d/0x30 [ 47.686976][ T3807] dump_stack_lvl+0xe8/0x140 [ 47.687081][ T3807] dump_stack+0x15/0x1b [ 47.687103][ T3807] should_fail_ex+0x265/0x280 [ 47.687133][ T3807] should_failslab+0x8c/0xb0 [ 47.687164][ T3807] __kmalloc_noprof+0xa5/0x3e0 [ 47.687288][ T3807] ? ext4_find_extent+0x16b/0x7a0 [ 47.687368][ T3807] ext4_find_extent+0x16b/0x7a0 [ 47.687405][ T3807] ext4_ext_map_blocks+0x115/0x3620 [ 47.687489][ T3807] ? __mod_memcg_lruvec_state+0x130/0x280 [ 47.687514][ T3807] ? __rcu_read_unlock+0x4f/0x70 [ 47.687545][ T3807] ? mod_objcg_state+0x40e/0x530 [ 47.687577][ T3807] ? xas_create+0xb89/0xbe0 [ 47.687679][ T3807] ext4_map_query_blocks+0x71/0x170 [ 47.687720][ T3807] ext4_da_get_block_prep+0x259/0xbb0 [ 47.687763][ T3807] ? alloc_buffer_head+0x1c3/0x1f0 [ 47.687873][ T3807] ? folio_alloc_buffers+0x2e5/0x310 [ 47.687908][ T3807] ext4_block_write_begin+0x2d1/0x980 [ 47.687942][ T3807] ? filemap_add_folio+0x129/0x1b0 [ 47.687975][ T3807] ? __pfx_ext4_da_get_block_prep+0x10/0x10 [ 47.688031][ T3807] ext4_da_write_begin+0x34c/0x580 [ 47.688069][ T3807] generic_perform_write+0x184/0x490 [ 47.688096][ T3807] ext4_buffered_write_iter+0x1ee/0x3c0 [ 47.688117][ T3807] ? ext4_file_write_iter+0xfe/0xf00 [ 47.688180][ T3807] ext4_file_write_iter+0x383/0xf00 [ 47.688207][ T3807] ? kstrtouint_from_user+0x9f/0xf0 [ 47.688318][ T3807] ? avc_policy_seqno+0x15/0x30 [ 47.688348][ T3807] ? selinux_file_permission+0x1e4/0x320 [ 47.688370][ T3807] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 47.688388][ T3807] vfs_write+0x4a0/0x8e0 [ 47.688506][ T3807] ksys_write+0xda/0x1a0 [ 47.688541][ T3807] __x64_sys_write+0x40/0x50 [ 47.688578][ T3807] x64_sys_call+0x2cdd/0x2fb0 [ 47.688608][ T3807] do_syscall_64+0xd2/0x200 [ 47.688722][ T3807] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 47.688760][ T3807] ? clear_bhb_loop+0x40/0x90 [ 47.688806][ T3807] ? clear_bhb_loop+0x40/0x90 [ 47.688859][ T3807] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 47.688885][ T3807] RIP: 0033:0x7f3091f0e969 [ 47.688908][ T3807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 47.688978][ T3807] RSP: 002b:00007f3090577038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 47.689003][ T3807] RAX: ffffffffffffffda RBX: 00007f3092135fa0 RCX: 00007f3091f0e969 [ 47.689017][ T3807] RDX: 0000000000000008 RSI: 0000200000000240 RDI: 0000000000000007 [ 47.689081][ T3807] RBP: 00007f3090577090 R08: 0000000000000000 R09: 0000000000000000 [ 47.689162][ T3807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 47.689178][ T3807] R13: 0000000000000000 R14: 00007f3092135fa0 R15: 00007ffc5f8271c8 [ 47.689202][ T3807] [ 47.692680][ T3799] EXT4-fs error (device loop1): ext4_check_all_de:659: inode #12: block 7: comm syz.1.124: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0 [ 47.720909][ T3817] netlink: 24 bytes leftover after parsing attributes in process `syz.4.131'. [ 48.058123][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.058322][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.187572][ T3833] sd 0:0:1:0: device reset [ 48.262134][ T3845] netlink: 28 bytes leftover after parsing attributes in process `syz.4.144'. [ 48.274854][ T3845] netem: change failed [ 48.337404][ T3849] loop1: detected capacity change from 0 to 1024 [ 48.369358][ T3849] EXT4-fs: Ignoring removed orlov option [ 48.388870][ T3853] loop4: detected capacity change from 0 to 512 [ 48.395908][ T3849] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 48.418400][ T3853] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 48.455160][ T3849] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.476462][ T3853] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.502076][ T3853] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.513808][ T3849] EXT4-fs error (device loop1): ext4_find_dest_de:2054: inode #12: block 7: comm syz.1.145: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 48.518402][ T3862] netlink: 24 bytes leftover after parsing attributes in process `syz.2.150'. [ 48.566772][ T3853] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 48.597810][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.623871][ T3849] EXT4-fs error (device loop1): ext4_check_all_de:659: inode #12: block 7: comm syz.1.145: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0 [ 48.703089][ T3869] sd 0:0:1:0: device reset [ 48.772501][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.836458][ T3878] loop1: detected capacity change from 0 to 512 [ 48.875754][ T3878] EXT4-fs (loop1): 1 orphan inode deleted [ 48.890781][ T1410] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 48.905931][ T3878] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.995482][ T3886] loop4: detected capacity change from 0 to 1024 [ 49.002651][ T3878] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 49.025606][ T3886] EXT4-fs: Ignoring removed orlov option [ 49.052888][ T3886] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 49.105019][ T3886] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.126351][ T3886] EXT4-fs error (device loop4): ext4_check_all_de:659: inode #12: block 7: comm syz.4.160: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 49.176000][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.190133][ T1410] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 49.204553][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.226691][ T3891] netlink: 24 bytes leftover after parsing attributes in process `syz.1.161'. [ 49.608766][ T3915] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.647831][ T3917] loop4: detected capacity change from 0 to 1024 [ 49.678608][ T3917] EXT4-fs: Ignoring removed orlov option [ 49.694785][ T3915] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.711344][ T3917] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 49.729771][ T3924] netlink: 4 bytes leftover after parsing attributes in process `syz.3.176'. [ 49.778559][ T3915] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.820841][ T3917] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.871333][ T29] kauditd_printk_skb: 474 callbacks suppressed [ 49.871348][ T29] audit: type=1326 audit(1748480292.982:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.2.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 49.924846][ T3915] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.943202][ T3917] EXT4-fs error (device loop4): ext4_find_dest_de:2054: inode #12: block 7: comm syz.4.173: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 49.985917][ T29] audit: type=1326 audit(1748480293.022:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.2.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 50.017193][ T29] audit: type=1326 audit(1748480293.032:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.2.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 50.041707][ T3932] EXT4-fs error (device loop4): ext4_check_all_de:659: inode #12: block 7: comm syz.4.173: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0 [ 50.042711][ T29] audit: type=1326 audit(1748480293.032:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.2.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 50.089331][ T29] audit: type=1326 audit(1748480293.032:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.2.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 50.119240][ T29] audit: type=1326 audit(1748480293.032:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.2.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 50.147838][ T29] audit: type=1326 audit(1748480293.032:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.2.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 50.172713][ T29] audit: type=1326 audit(1748480293.032:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.2.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 50.197176][ T29] audit: type=1326 audit(1748480293.032:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.2.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 50.221570][ T29] audit: type=1326 audit(1748480293.032:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.2.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 50.269992][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.295024][ T3915] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.328414][ T3915] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.370085][ T3915] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.401124][ T3945] loop2: detected capacity change from 0 to 512 [ 50.413897][ T3915] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.439176][ T3945] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 50.498353][ T3945] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.556096][ T3945] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.634571][ T3945] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 50.692571][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.694535][ T3961] loop3: detected capacity change from 0 to 1024 [ 50.717065][ T3961] EXT4-fs: Ignoring removed orlov option [ 50.729694][ T3962] netlink: 'syz.4.189': attribute type 10 has an invalid length. [ 50.747096][ T3962] veth0_vlan: entered allmulticast mode [ 50.756629][ T3961] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 50.781870][ T3962] veth0_vlan: left promiscuous mode [ 50.786541][ T3961] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.190: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 50.789864][ T3962] veth0_vlan: entered promiscuous mode [ 50.817139][ T3962] team0: Device veth0_vlan failed to register rx_handler [ 50.933943][ T3968] loop2: detected capacity change from 0 to 512 [ 50.969803][ T3968] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 51.013689][ T3977] netlink: 24 bytes leftover after parsing attributes in process `syz.4.196'. [ 51.024142][ T3968] EXT4-fs (loop2): 1 truncate cleaned up [ 51.288028][ T3987] netlink: 8 bytes leftover after parsing attributes in process `syz.4.201'. [ 51.312573][ T3993] netlink: 'syz.2.203': attribute type 10 has an invalid length. [ 51.327653][ T3993] veth0_vlan: entered allmulticast mode [ 51.365804][ T3993] veth0_vlan: left promiscuous mode [ 51.373606][ T3993] veth0_vlan: entered promiscuous mode [ 51.393932][ T3993] team0: Device veth0_vlan failed to register rx_handler [ 51.495509][ T4003] loop4: detected capacity change from 0 to 512 [ 51.498302][ T4006] loop3: detected capacity change from 0 to 1024 [ 51.526124][ T4004] netlink: 24 bytes leftover after parsing attributes in process `syz.1.209'. [ 51.557311][ T4006] EXT4-fs: Ignoring removed orlov option [ 51.601102][ T4006] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 51.625907][ T4003] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 51.705639][ T4019] FAULT_INJECTION: forcing a failure. [ 51.705639][ T4019] name failslab, interval 1, probability 0, space 0, times 0 [ 51.705850][ T4006] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.208: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 51.720489][ T4019] CPU: 1 UID: 0 PID: 4019 Comm: syz.1.213 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) [ 51.720543][ T4019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 51.720696][ T4019] Call Trace: [ 51.720706][ T4019] [ 51.720718][ T4019] __dump_stack+0x1d/0x30 [ 51.720748][ T4019] dump_stack_lvl+0xe8/0x140 [ 51.720777][ T4019] dump_stack+0x15/0x1b [ 51.720801][ T4019] should_fail_ex+0x265/0x280 [ 51.720841][ T4019] should_failslab+0x8c/0xb0 [ 51.720883][ T4019] kmem_cache_alloc_node_noprof+0x57/0x320 [ 51.720919][ T4019] ? __alloc_skb+0x101/0x320 [ 51.720952][ T4019] __alloc_skb+0x101/0x320 [ 51.720984][ T4019] alloc_skb_with_frags+0x7d/0x470 [ 51.721030][ T4019] ? is_bpf_text_address+0x141/0x160 [ 51.721077][ T4019] ? kernel_text_address+0x94/0xb0 [ 51.721111][ T4019] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 51.721223][ T4019] sock_alloc_send_pskb+0x43a/0x4f0 [ 51.721339][ T4019] ? xfrm_selector_match+0x535/0x810 [ 51.721398][ T4019] ? xfrm_policy_lookup_bytype+0x560/0x8b0 [ 51.721446][ T4019] __ip_append_data+0x1995/0x24a0 [ 51.721498][ T4019] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 51.721543][ T4019] ? __rcu_read_unlock+0x4f/0x70 [ 51.721631][ T4019] ? ipv4_mtu+0x210/0x230 [ 51.721699][ T4019] ? __sock_tx_timestamp+0x34/0x40 [ 51.721744][ T4019] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 51.721785][ T4019] ip_make_skb+0x137/0x2c0 [ 51.721881][ T4019] udp_sendmsg+0x1007/0x13a0 [ 51.721923][ T4019] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 51.722069][ T4019] ? __pfx_udp_sendmsg+0x10/0x10 [ 51.722105][ T4019] inet_sendmsg+0xac/0xd0 [ 51.722137][ T4019] __sock_sendmsg+0x102/0x180 [ 51.722183][ T4019] ____sys_sendmsg+0x345/0x4e0 [ 51.722275][ T4019] ___sys_sendmsg+0x17b/0x1d0 [ 51.722332][ T4019] __sys_sendmmsg+0x178/0x300 [ 51.722435][ T4019] __x64_sys_sendmmsg+0x57/0x70 [ 51.722473][ T4019] x64_sys_call+0x2f2f/0x2fb0 [ 51.722513][ T4019] do_syscall_64+0xd2/0x200 [ 51.722554][ T4019] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 51.722590][ T4019] ? clear_bhb_loop+0x40/0x90 [ 51.722619][ T4019] ? clear_bhb_loop+0x40/0x90 [ 51.722681][ T4019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.722709][ T4019] RIP: 0033:0x7f4d5b87e969 [ 51.722737][ T4019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.722761][ T4019] RSP: 002b:00007f4d59ee7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 51.722814][ T4019] RAX: ffffffffffffffda RBX: 00007f4d5baa5fa0 RCX: 00007f4d5b87e969 [ 51.722831][ T4019] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000003 [ 51.722847][ T4019] RBP: 00007f4d59ee7090 R08: 0000000000000000 R09: 0000000000000000 [ 51.722936][ T4019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.722976][ T4019] R13: 0000000000000000 R14: 00007f4d5baa5fa0 R15: 00007ffebf01dd78 [ 51.723001][ T4019] [ 51.859589][ T4003] EXT4-fs (loop4): mount failed [ 52.182888][ T4032] loop3: detected capacity change from 0 to 512 [ 52.191441][ T4032] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 52.223445][ T4032] EXT4-fs (loop3): 1 truncate cleaned up [ 52.240348][ T4036] loop1: detected capacity change from 0 to 512 [ 52.322547][ T4036] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 52.419306][ T4036] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.461675][ T4036] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 52.575528][ T4047] netlink: 24 bytes leftover after parsing attributes in process `syz.4.223'. [ 52.642203][ T4049] netlink: 'syz.1.224': attribute type 5 has an invalid length. [ 52.651012][ T4049] netlink: 152 bytes leftover after parsing attributes in process `syz.1.224'. [ 52.662321][ T4049] : renamed from bond0 (while UP) [ 52.678249][ T4049] vhci_hcd: invalid port number 96 [ 52.683652][ T4049] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 52.695287][ T4052] loop0: detected capacity change from 0 to 512 [ 52.732631][ T4052] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 52.760406][ T4057] netlink: 28 bytes leftover after parsing attributes in process `syz.4.227'. [ 52.787976][ T4052] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.807097][ T4052] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 52.834964][ T4061] loop2: detected capacity change from 0 to 512 [ 52.840470][ T4061] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 52.856218][ T4061] EXT4-fs (loop2): 1 truncate cleaned up [ 53.007217][ T4072] netlink: 'syz.0.231': attribute type 10 has an invalid length. [ 53.041425][ T4072] veth0_vlan: left promiscuous mode [ 53.069329][ T4072] veth0_vlan: entered promiscuous mode [ 53.082622][ T4072] team0: Device veth0_vlan failed to register rx_handler [ 53.087325][ T4076] loop3: detected capacity change from 0 to 512 [ 53.131927][ T4075] netlink: 60 bytes leftover after parsing attributes in process `syz.4.234'. [ 53.156773][ T4079] loop4: detected capacity change from 0 to 512 [ 53.173734][ T4079] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 53.195083][ T4076] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 53.285111][ T4076] EXT4-fs (loop3): mount failed [ 53.407668][ T4089] netlink: 24 bytes leftover after parsing attributes in process `syz.2.238'. [ 53.530373][ T4101] netlink: 4 bytes leftover after parsing attributes in process `syz.2.243'. [ 53.544253][ T4103] loop1: detected capacity change from 0 to 512 [ 53.558491][ T4094] netlink: 4 bytes leftover after parsing attributes in process `syz.0.240'. [ 53.571415][ T4103] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 53.606144][ T4103] EXT4-fs (loop1): 1 truncate cleaned up [ 53.773851][ T4112] loop2: detected capacity change from 0 to 512 [ 53.776465][ T4114] loop0: detected capacity change from 0 to 1024 [ 53.790535][ T4114] EXT4-fs: Ignoring removed orlov option [ 53.853142][ T4112] EXT4-fs (loop2): 1 orphan inode deleted [ 53.863349][ T4114] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 53.880859][ T31] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:1: Failed to release dquot type 1 [ 53.910120][ T4112] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 53.975551][ T4114] EXT4-fs error (device loop0): ext4_check_all_de:659: inode #12: block 7: comm syz.0.246: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 54.103903][ T4135] loop3: detected capacity change from 0 to 512 [ 54.133060][ T4135] EXT4-fs (loop3): too many log groups per flexible block group [ 54.142283][ T4135] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 54.156545][ T4135] EXT4-fs (loop3): mount failed [ 54.169459][ T1410] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 54.220129][ T4143] loop0: detected capacity change from 0 to 1024 [ 54.255383][ T4143] EXT4-fs: Ignoring removed orlov option [ 54.288489][ T4143] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 54.334473][ T4145] netlink: 4 bytes leftover after parsing attributes in process `syz.2.257'. [ 54.344628][ T4157] loop4: detected capacity change from 0 to 512 [ 54.358876][ T4158] sd 0:0:1:0: device reset [ 54.387044][ T4154] loop3: detected capacity change from 0 to 512 [ 54.397495][ T4143] EXT4-fs error (device loop0): ext4_check_all_de:659: inode #12: block 7: comm syz.0.258: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 54.485021][ T4157] EXT4-fs (loop4): 1 orphan inode deleted [ 54.493327][ T4154] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 54.503050][ T4157] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.523307][ T31] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:1: Failed to release dquot type 1 [ 54.543965][ T4154] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.574701][ T4154] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 54.643551][ T4182] netlink: 'syz.0.267': attribute type 10 has an invalid length. [ 54.661276][ T51] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 1 [ 54.671181][ T4182] veth0_vlan: left promiscuous mode [ 54.684448][ T4182] veth0_vlan: entered promiscuous mode [ 54.720826][ T4182] team0: Device veth0_vlan failed to register rx_handler [ 54.860323][ T4198] loop0: detected capacity change from 0 to 512 [ 54.905664][ T4205] loop2: detected capacity change from 0 to 1024 [ 54.907877][ T4198] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 54.938679][ T29] kauditd_printk_skb: 281 callbacks suppressed [ 54.938694][ T29] audit: type=1400 audit(1748480298.042:1370): avc: denied { bind } for pid=4204 comm="syz.4.275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 54.947100][ T4205] EXT4-fs: Ignoring removed orlov option [ 54.984954][ T4209] loop3: detected capacity change from 0 to 512 [ 55.004597][ T4198] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002] [ 55.012329][ T4209] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 55.040241][ T4198] System zones: 1-12 [ 55.050548][ T4198] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 55.072106][ T4205] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 55.083595][ T4209] EXT4-fs (loop3): 1 truncate cleaned up [ 55.090195][ T4198] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #11: comm syz.0.272: corrupted inode contents [ 55.130271][ T4198] EXT4-fs error (device loop0): ext4_dirty_inode:6103: inode #11: comm syz.0.272: mark_inode_dirty error [ 55.155846][ T4217] loop4: detected capacity change from 0 to 512 [ 55.165722][ T4217] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 55.189934][ T4198] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.272: invalid indirect mapped block 1 (level 1) [ 55.219130][ T4198] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #11: comm syz.0.272: corrupted inode contents [ 55.234075][ T4198] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 55.249691][ T4217] EXT4-fs (loop4): 1 truncate cleaned up [ 55.265128][ T4205] EXT4-fs error (device loop2): ext4_check_all_de:659: inode #12: block 7: comm syz.2.274: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 55.265371][ T4198] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #11: comm syz.0.272: corrupted inode contents [ 55.309837][ T4198] EXT4-fs error (device loop0): ext4_truncate:4255: inode #11: comm syz.0.272: mark_inode_dirty error [ 55.310984][ T29] audit: type=1400 audit(1748480298.412:1371): avc: denied { read } for pid=4222 comm="syz.1.279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 55.359309][ T4198] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 55.384584][ T4198] EXT4-fs (loop0): 1 truncate cleaned up [ 55.386974][ T29] audit: type=1326 audit(1748480298.492:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4224 comm="syz.1.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 55.442031][ T4198] netlink: 4 bytes leftover after parsing attributes in process `syz.0.272'. [ 55.481026][ T29] audit: type=1326 audit(1748480298.522:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4224 comm="syz.1.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 55.511093][ T29] audit: type=1326 audit(1748480298.532:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4224 comm="syz.1.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 55.539382][ T29] audit: type=1326 audit(1748480298.532:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4224 comm="syz.1.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 55.569921][ T29] audit: type=1326 audit(1748480298.532:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4224 comm="syz.1.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 55.601419][ T29] audit: type=1326 audit(1748480298.532:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4224 comm="syz.1.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 55.633169][ T29] audit: type=1326 audit(1748480298.532:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4224 comm="syz.1.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 55.664840][ T29] audit: type=1326 audit(1748480298.532:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4224 comm="syz.1.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 55.709037][ T4227] netlink: 4 bytes leftover after parsing attributes in process `syz.3.278'. [ 55.789489][ T4245] loop1: detected capacity change from 0 to 512 [ 55.871317][ T4245] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 55.930273][ T4245] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 55.953261][ T4245] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 56.030211][ T4268] loop4: detected capacity change from 0 to 512 [ 56.108210][ T4268] EXT4-fs (loop4): 1 orphan inode deleted [ 56.125354][ T31] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:1: Failed to release dquot type 1 [ 56.180609][ T4268] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.258577][ T4282] loop2: detected capacity change from 0 to 512 [ 56.270954][ T4282] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 56.394333][ T3412] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1 [ 56.398573][ T4296] sd 0:0:1:0: device reset [ 56.414370][ T4282] EXT4-fs (loop2): 1 truncate cleaned up [ 56.693862][ T4323] loop2: detected capacity change from 0 to 512 [ 56.757839][ T4323] EXT4-fs (loop2): 1 orphan inode deleted [ 56.771024][ T51] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 1 [ 56.794434][ T4323] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.806144][ T4337] FAULT_INJECTION: forcing a failure. [ 56.806144][ T4337] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 56.820111][ T4337] CPU: 1 UID: 0 PID: 4337 Comm: syz.0.321 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) [ 56.820145][ T4337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 56.820160][ T4337] Call Trace: [ 56.820168][ T4337] [ 56.820176][ T4337] __dump_stack+0x1d/0x30 [ 56.820264][ T4337] dump_stack_lvl+0xe8/0x140 [ 56.820292][ T4337] dump_stack+0x15/0x1b [ 56.820376][ T4337] should_fail_ex+0x265/0x280 [ 56.820474][ T4337] should_fail+0xb/0x20 [ 56.820500][ T4337] should_fail_usercopy+0x1a/0x20 [ 56.820532][ T4337] _copy_from_user+0x1c/0xb0 [ 56.820556][ T4337] do_ipv6_setsockopt+0x220/0x22e0 [ 56.820597][ T4337] ? kstrtoull+0x111/0x140 [ 56.820700][ T4337] ? __rcu_read_unlock+0x4f/0x70 [ 56.820728][ T4337] ? avc_has_perm_noaudit+0x1b1/0x200 [ 56.820764][ T4337] ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0 [ 56.820858][ T4337] ipv6_setsockopt+0x59/0x130 [ 56.820895][ T4337] rawv6_setsockopt+0x1d2/0x420 [ 56.820932][ T4337] sock_common_setsockopt+0x66/0x80 [ 56.820959][ T4337] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 56.820987][ T4337] __sys_setsockopt+0x181/0x200 [ 56.821017][ T4337] __x64_sys_setsockopt+0x64/0x80 [ 56.821060][ T4337] x64_sys_call+0x2bd5/0x2fb0 [ 56.821082][ T4337] do_syscall_64+0xd2/0x200 [ 56.821208][ T4337] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 56.821243][ T4337] ? clear_bhb_loop+0x40/0x90 [ 56.821311][ T4337] ? clear_bhb_loop+0x40/0x90 [ 56.821340][ T4337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.821436][ T4337] RIP: 0033:0x7eff0fc3e969 [ 56.821451][ T4337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.821470][ T4337] RSP: 002b:00007eff0e2a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 56.821495][ T4337] RAX: ffffffffffffffda RBX: 00007eff0fe65fa0 RCX: 00007eff0fc3e969 [ 56.821512][ T4337] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000003 [ 56.821652][ T4337] RBP: 00007eff0e2a7090 R08: 0000000000000018 R09: 0000000000000000 [ 56.821664][ T4337] R10: 0000200000001640 R11: 0000000000000246 R12: 0000000000000001 [ 56.821676][ T4337] R13: 0000000000000000 R14: 00007eff0fe65fa0 R15: 00007ffe080a8868 [ 56.821695][ T4337] [ 56.832332][ T4340] loop1: detected capacity change from 0 to 512 [ 56.866595][ T4338] loop4: detected capacity change from 0 to 512 [ 56.939584][ T4340] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 56.986013][ T4338] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 57.014449][ T4340] EXT4-fs (loop1): 1 truncate cleaned up [ 57.028499][ T4338] EXT4-fs (loop4): 1 truncate cleaned up [ 57.227916][ T2920] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1 [ 57.296588][ T4355] loop2: detected capacity change from 0 to 512 [ 57.336317][ T4355] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 57.419595][ T4355] EXT4-fs (loop2): 1 truncate cleaned up [ 57.481897][ T4369] 9pnet: Could not find request transport: f [ 57.499557][ T4375] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 57.606767][ T4380] sd 0:0:1:0: device reset [ 57.849228][ T4393] loop3: detected capacity change from 0 to 512 [ 57.866004][ T4397] __nla_validate_parse: 7 callbacks suppressed [ 57.866028][ T4397] netlink: 24 bytes leftover after parsing attributes in process `syz.0.337'. [ 57.890233][ T4393] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 57.923197][ T4393] EXT4-fs (loop3): 1 truncate cleaned up [ 57.974268][ T4406] loop0: detected capacity change from 0 to 512 [ 57.987621][ T4406] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 57.999809][ T4407] sd 0:0:1:0: device reset [ 58.053271][ T4406] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 58.081004][ T4412] loop4: detected capacity change from 0 to 1024 [ 58.100893][ T4412] EXT4-fs: Ignoring removed orlov option [ 58.124434][ T4414] loop2: detected capacity change from 0 to 512 [ 58.126741][ T4412] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 58.133615][ T4406] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 58.172846][ T4414] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 58.191813][ T4414] EXT4-fs (loop2): 1 truncate cleaned up [ 58.204150][ T4412] EXT4-fs error (device loop4): ext4_check_all_de:659: inode #12: block 7: comm syz.4.347: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 58.225845][ T4419] capability: warning: `syz.3.348' uses deprecated v2 capabilities in a way that may be insecure [ 58.243597][ T4419] 9pnet_rdma: rdma_create_trans (4419): problem binding to privport: 13 [ 58.255736][ T4419] loop3: detected capacity change from 0 to 512 [ 58.263281][ T4419] EXT4-fs: Ignoring removed nomblk_io_submit option [ 58.270456][ T4419] EXT4-fs: Ignoring removed mblk_io_submit option [ 58.283857][ T4419] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 58.293671][ T4419] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 58.306116][ T4419] EXT4-fs (loop3): 1 truncate cleaned up [ 58.326240][ T4419] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 58.416012][ T4432] netlink: 24 bytes leftover after parsing attributes in process `syz.1.355'. [ 58.468127][ T4436] sd 0:0:1:0: device reset [ 58.521779][ T4440] loop1: detected capacity change from 0 to 512 [ 58.545302][ T4440] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 58.577359][ T4440] EXT4-fs (loop1): 1 truncate cleaned up [ 58.591160][ T4438] netlink: 'syz.0.358': attribute type 2 has an invalid length. [ 58.796420][ T4455] 9pnet: Could not find request transport: f [ 58.804072][ T4455] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 58.830342][ T4464] netlink: 24 bytes leftover after parsing attributes in process `syz.1.369'. [ 58.848162][ T4466] sd 0:0:1:0: device reset [ 58.879995][ T4467] 9pnet: Could not find request transport: f [ 58.886880][ T4467] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 59.127381][ T4483] loop4: detected capacity change from 0 to 512 [ 59.134296][ T4481] loop1: detected capacity change from 0 to 2048 [ 59.144384][ T4483] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 59.165205][ T4481] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.166447][ T4483] EXT4-fs (loop4): 1 truncate cleaned up [ 59.360674][ T31] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 345: padding at end of block bitmap is not set [ 59.387332][ T31] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 212 with error 117 [ 59.400011][ T31] EXT4-fs (loop1): This should not happen!! Data will be lost [ 59.400011][ T31] [ 59.437408][ T4490] netlink: 4 bytes leftover after parsing attributes in process `wg1'. [ 59.468975][ T4490] team0 (unregistering): Port device team_slave_0 removed [ 59.481137][ T4490] team0 (unregistering): Port device team_slave_1 removed [ 59.558408][ T4497] loop4: detected capacity change from 0 to 512 [ 59.579210][ T4499] sd 0:0:1:0: device reset [ 59.596476][ T4497] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 59.695749][ T4497] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.718711][ T4497] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 59.803921][ T4509] SELinux: syz.3.386 (4509) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 59.844313][ T4511] netlink: 'syz.0.388': attribute type 10 has an invalid length. [ 59.870842][ T4513] loop2: detected capacity change from 0 to 512 [ 59.903534][ T4513] EXT4-fs (loop2): 1 orphan inode deleted [ 59.921455][ T4519] loop3: detected capacity change from 0 to 1024 [ 59.931482][ T4513] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.932863][ T31] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:1: Failed to release dquot type 1 [ 59.970125][ T4515] loop4: detected capacity change from 0 to 1024 [ 59.979310][ T29] kauditd_printk_skb: 445 callbacks suppressed [ 59.979330][ T29] audit: type=1326 audit(1748480303.082:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.2.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 59.979330][ T4515] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 59.979368][ T29] audit: type=1326 audit(1748480303.082:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.2.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 60.031469][ T4519] EXT4-fs: Ignoring removed orlov option [ 60.047223][ T29] audit: type=1326 audit(1748480303.082:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.2.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 60.079352][ T29] audit: type=1326 audit(1748480303.082:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.2.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 60.105680][ T29] audit: type=1326 audit(1748480303.082:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.2.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 60.137670][ T29] audit: type=1326 audit(1748480303.082:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.2.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 60.168779][ T29] audit: type=1326 audit(1748480303.082:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.2.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 60.201418][ T4519] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 60.208145][ T29] audit: type=1326 audit(1748480303.082:1825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.2.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 60.250117][ T29] audit: type=1326 audit(1748480303.082:1826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.2.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 60.276481][ T4515] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 60.281990][ T29] audit: type=1326 audit(1748480303.082:1827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.2.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 60.291829][ T4515] EXT4-fs (loop4): orphan cleanup on readonly fs [ 60.333948][ T4515] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 60.347678][ T4515] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #3: comm syz.4.389: mark_inode_dirty error [ 60.360872][ T4515] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.389: Invalid block bitmap block 3 in block_group 0 [ 60.380195][ T4515] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.389: Invalid block bitmap block 3 in block_group 0 [ 60.383756][ T4519] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.391: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 60.396190][ T4515] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.389: Invalid block bitmap block 3 in block_group 0 [ 60.438552][ T4515] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 60.455656][ T4515] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #3: comm syz.4.389: mark_inode_dirty error [ 60.467703][ T4515] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 1: comm syz.4.389: lblock 6 mapped to illegal pblock 1 (length 1) [ 60.485467][ T4515] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 48: comm syz.4.389: lblock 0 mapped to illegal pblock 48 (length 1) [ 60.512019][ T4515] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.389: Failed to acquire dquot type 0 [ 60.523950][ T4515] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 49: comm syz.4.389: lblock 1 mapped to illegal pblock 49 (length 1) [ 60.550032][ T4515] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.389: Failed to acquire dquot type 0 [ 60.566427][ T4515] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 60.580022][ T4515] EXT4-fs error (device loop4): ext4_evict_inode:259: inode #15: comm syz.4.389: mark_inode_dirty error [ 60.596652][ T4515] EXT4-fs warning (device loop4): ext4_evict_inode:262: couldn't mark inode dirty (err -117) [ 60.610412][ T4515] EXT4-fs (loop4): 1 orphan inode deleted [ 60.625852][ T4515] netlink: 20 bytes leftover after parsing attributes in process `syz.4.389'. [ 60.626666][ T4534] sd 0:0:1:0: device reset [ 60.642637][ T4481] syz.1.376 (4481) used greatest stack depth: 6080 bytes left [ 60.704580][ T4538] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #2: block 16: comm syz.4.389: lblock 0 mapped to illegal pblock 16 (length 1) [ 60.836761][ T4542] loop2: detected capacity change from 0 to 512 [ 60.837225][ T4547] netlink: 'syz.3.401': attribute type 10 has an invalid length. [ 60.879011][ T4547] veth0_vlan: left promiscuous mode [ 60.898645][ T4542] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 60.904743][ T4547] veth0_vlan: entered promiscuous mode [ 60.921822][ T4552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.397'. [ 60.945153][ T4542] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.945936][ T4547] team0: Device veth0_vlan failed to register rx_handler [ 61.101379][ T4542] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 61.366937][ T4596] loop3: detected capacity change from 0 to 1024 [ 61.376024][ T4590] netlink: 4 bytes leftover after parsing attributes in process `syz.0.414'. [ 61.424897][ T4596] EXT4-fs: Ignoring removed orlov option [ 61.470241][ T4596] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 61.529326][ T4596] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.417: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 61.579908][ T4621] loop4: detected capacity change from 0 to 512 [ 61.605041][ T4625] netlink: 24 bytes leftover after parsing attributes in process `syz.2.425'. [ 61.647737][ T4621] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 61.719752][ T4621] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.757860][ T4621] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 61.911182][ T4642] FAULT_INJECTION: forcing a failure. [ 61.911182][ T4642] name failslab, interval 1, probability 0, space 0, times 0 [ 61.919538][ T4643] loop4: detected capacity change from 0 to 512 [ 61.925864][ T4642] CPU: 1 UID: 0 PID: 4642 Comm: syz.3.433 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) [ 61.925899][ T4642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 61.925916][ T4642] Call Trace: [ 61.925925][ T4642] [ 61.926007][ T4642] __dump_stack+0x1d/0x30 [ 61.926048][ T4642] dump_stack_lvl+0xe8/0x140 [ 61.926075][ T4642] dump_stack+0x15/0x1b [ 61.926096][ T4642] should_fail_ex+0x265/0x280 [ 61.926138][ T4642] should_failslab+0x8c/0xb0 [ 61.926245][ T4642] __kmalloc_noprof+0xa5/0x3e0 [ 61.926312][ T4642] ? nsim_fib_event_nb+0x246/0xcb0 [ 61.926352][ T4642] nsim_fib_event_nb+0x246/0xcb0 [ 61.926393][ T4642] ? __rcu_read_unlock+0x4f/0x70 [ 61.926427][ T4642] ? __pfx_nsim_fib_event_nb+0x10/0x10 [ 61.926467][ T4642] atomic_notifier_call_chain+0x73/0x1c0 [ 61.926519][ T4642] call_fib_notifiers+0x65/0xa0 [ 61.926647][ T4642] call_fib6_notifiers+0x30/0x40 [ 61.926735][ T4642] fib6_del+0x734/0x8a0 [ 61.926766][ T4642] ? fib6_del+0x2d1/0x8a0 [ 61.926817][ T4642] __ip6_del_rt+0x5e/0x120 [ 61.926854][ T4642] ip6_del_rt+0x69/0x90 [ 61.926880][ T4642] cleanup_prefix_route+0xb7/0x260 [ 61.926979][ T4642] ipv6_del_addr+0x499/0x5e0 [ 61.927016][ T4642] inet6_addr_del+0x2f4/0x400 [ 61.927050][ T4642] addrconf_del_ifaddr+0xa7/0xe0 [ 61.927081][ T4642] inet6_ioctl+0x84/0x190 [ 61.927112][ T4642] ? ioctl_has_perm+0x257/0x2a0 [ 61.927153][ T4642] sock_do_ioctl+0x73/0x220 [ 61.927198][ T4642] sock_ioctl+0x41b/0x610 [ 61.927239][ T4642] ? __pfx_sock_ioctl+0x10/0x10 [ 61.927368][ T4642] __se_sys_ioctl+0xcb/0x140 [ 61.927426][ T4642] __x64_sys_ioctl+0x43/0x50 [ 61.927460][ T4642] x64_sys_call+0x19a8/0x2fb0 [ 61.927605][ T4642] do_syscall_64+0xd2/0x200 [ 61.927677][ T4642] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 61.927715][ T4642] ? clear_bhb_loop+0x40/0x90 [ 61.927746][ T4642] ? clear_bhb_loop+0x40/0x90 [ 61.927805][ T4642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.927835][ T4642] RIP: 0033:0x7fc5ab56e969 [ 61.927858][ T4642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 61.927931][ T4642] RSP: 002b:00007fc5a9bd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 61.927957][ T4642] RAX: ffffffffffffffda RBX: 00007fc5ab795fa0 RCX: 00007fc5ab56e969 [ 61.927975][ T4642] RDX: 0000200000000000 RSI: 0000000000008936 RDI: 0000000000000007 [ 61.927991][ T4642] RBP: 00007fc5a9bd7090 R08: 0000000000000000 R09: 0000000000000000 [ 61.928030][ T4642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 61.928046][ T4642] R13: 0000000000000000 R14: 00007fc5ab795fa0 R15: 00007fffc0396968 [ 61.928097][ T4642] [ 62.306161][ T4643] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 62.351228][ T4643] EXT4-fs (loop4): 1 truncate cleaned up [ 62.621328][ T4678] SELinux: syz.1.449 (4678) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 62.658110][ T4681] loop3: detected capacity change from 0 to 1024 [ 62.677315][ T4681] EXT4-fs: Ignoring removed orlov option [ 62.713391][ T4681] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 62.766387][ T4695] 9pnet: Could not find request transport: f [ 62.777333][ T4695] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 62.790699][ T4700] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 62.810510][ T4700] geneve2: entered promiscuous mode [ 62.814688][ T4681] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.450: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 62.815879][ T4700] geneve2: entered allmulticast mode [ 62.942062][ T4709] loop3: detected capacity change from 0 to 512 [ 62.985494][ T4709] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 63.051104][ T4709] EXT4-fs (loop3): 1 truncate cleaned up [ 63.132472][ T4731] netlink: 'syz.1.463': attribute type 10 has an invalid length. [ 63.165250][ T4731] veth0_vlan: left promiscuous mode [ 63.194002][ T4732] netlink: 4 bytes leftover after parsing attributes in process `syz.2.462'. [ 63.211244][ T4731] veth0_vlan: entered promiscuous mode [ 63.234296][ T4731] team0: Device veth0_vlan failed to register rx_handler [ 63.313252][ T4751] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4751 comm=syz.2.464 [ 63.409381][ T4756] netlink: 4 bytes leftover after parsing attributes in process `syz.3.466'. [ 63.426928][ T4761] loop2: detected capacity change from 0 to 512 [ 63.446709][ T4761] EXT4-fs (loop2): 1 orphan inode deleted [ 63.462392][ T1410] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 63.474483][ T4761] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.507055][ T4769] loop1: detected capacity change from 0 to 512 [ 63.520832][ T4769] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 63.554195][ T4769] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.590197][ T4775] loop4: detected capacity change from 0 to 1024 [ 63.605039][ T4775] EXT4-fs: Ignoring removed orlov option [ 63.618619][ T4775] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 63.619818][ T4769] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 63.675606][ T4775] EXT4-fs error (device loop4): ext4_check_all_de:659: inode #12: block 7: comm syz.4.474: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 63.749574][ T4785] loop2: detected capacity change from 0 to 512 [ 63.768630][ T4785] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 63.782466][ T4785] EXT4-fs (loop2): 1 truncate cleaned up [ 63.818060][ T4790] loop4: detected capacity change from 0 to 1024 [ 63.868137][ T4790] EXT4-fs: Ignoring removed orlov option [ 63.899640][ T4790] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 63.971998][ T4800] loop1: detected capacity change from 0 to 512 [ 63.984187][ T4800] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 64.018687][ T4800] EXT4-fs (loop1): 1 truncate cleaned up [ 64.031183][ T4790] EXT4-fs error (device loop4): ext4_check_all_de:659: inode #12: block 7: comm syz.4.479: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 64.098541][ T4811] netlink: 'syz.0.488': attribute type 10 has an invalid length. [ 64.439278][ T4838] netlink: 4 bytes leftover after parsing attributes in process `syz.4.502'. [ 64.449818][ T4830] loop2: detected capacity change from 0 to 8192 [ 64.532408][ T4847] loop3: detected capacity change from 0 to 512 [ 64.578050][ T4847] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 64.636685][ T4847] EXT4-fs (loop3): mount failed [ 65.042332][ T29] kauditd_printk_skb: 493 callbacks suppressed [ 65.042350][ T29] audit: type=1326 audit(1748480308.152:2313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4872 comm="syz.1.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 65.104832][ T29] audit: type=1326 audit(1748480308.152:2314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4872 comm="syz.1.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 65.105258][ T4878] loop1: detected capacity change from 0 to 512 [ 65.132456][ T29] audit: type=1326 audit(1748480308.152:2315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4872 comm="syz.1.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 65.132499][ T29] audit: type=1326 audit(1748480308.152:2316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4872 comm="syz.1.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 65.132697][ T29] audit: type=1326 audit(1748480308.152:2317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4872 comm="syz.1.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 65.132797][ T29] audit: type=1326 audit(1748480308.152:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4872 comm="syz.1.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 65.249603][ T29] audit: type=1326 audit(1748480308.152:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4872 comm="syz.1.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 65.252601][ T4878] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 65.273905][ T29] audit: type=1326 audit(1748480308.152:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4872 comm="syz.1.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 65.273944][ T29] audit: type=1326 audit(1748480308.162:2321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4872 comm="syz.1.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 65.340454][ T29] audit: type=1326 audit(1748480308.162:2322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4872 comm="syz.1.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 65.422931][ T4878] EXT4-fs (loop1): 1 truncate cleaned up [ 65.450802][ T4889] netlink: 24 bytes leftover after parsing attributes in process `syz.3.521'. [ 65.505061][ T4892] netlink: 'syz.0.522': attribute type 10 has an invalid length. [ 65.516301][ T4878] EXT4-fs error (device loop1): ext4_generic_delete_entry:2670: inode #2: block 13: comm syz.1.516: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 65.559160][ T4897] loop0: detected capacity change from 0 to 512 [ 65.572672][ T4878] EXT4-fs error (device loop1) in ext4_delete_entry:2741: Corrupt filesystem [ 65.599296][ T4900] loop3: detected capacity change from 0 to 1024 [ 65.623992][ T4901] loop2: detected capacity change from 0 to 1024 [ 65.644807][ T4901] EXT4-fs: Ignoring removed orlov option [ 65.660452][ T4897] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 65.672618][ T4901] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 65.691436][ T4900] EXT4-fs: Ignoring removed orlov option [ 65.716515][ T4897] EXT4-fs (loop0): 1 truncate cleaned up [ 65.724210][ T4900] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 65.799941][ T4901] EXT4-fs error (device loop2): ext4_check_all_de:659: inode #12: block 7: comm syz.2.524: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 65.813387][ T4900] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.525: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 65.867616][ T4914] netlink: 4 bytes leftover after parsing attributes in process `syz.4.529'. [ 65.939762][ T4916] loop4: detected capacity change from 0 to 512 [ 65.984455][ T4924] netlink: 'syz.3.533': attribute type 10 has an invalid length. [ 65.996462][ T4924] veth0_vlan: left promiscuous mode [ 66.002339][ T4924] veth0_vlan: entered promiscuous mode [ 66.009650][ T4924] team0: Device veth0_vlan failed to register rx_handler [ 66.014151][ T4916] EXT4-fs (loop4): 1 orphan inode deleted [ 66.024438][ T1410] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 66.049461][ T4927] 9pnet: Could not find request transport: f [ 66.073538][ T4916] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 66.158335][ T4930] netlink: 4 bytes leftover after parsing attributes in process `syz.2.536'. [ 66.223175][ T4947] loop2: detected capacity change from 0 to 1024 [ 66.233995][ T4947] EXT4-fs: Ignoring removed orlov option [ 66.257174][ T4949] loop0: detected capacity change from 0 to 512 [ 66.274393][ T4949] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 66.301317][ T4947] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 66.310007][ T4949] EXT4-fs (loop0): 1 truncate cleaned up [ 66.323087][ T33] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1 [ 66.373735][ T4954] netlink: 4 bytes leftover after parsing attributes in process `syz.4.543'. [ 66.420416][ T4947] EXT4-fs error (device loop2): ext4_check_all_de:659: inode #12: block 7: comm syz.2.541: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 66.445792][ T4958] loop3: detected capacity change from 0 to 512 [ 66.454036][ T4958] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 66.472637][ T4958] EXT4-fs (loop3): 1 truncate cleaned up [ 66.813273][ T4978] netlink: 4 bytes leftover after parsing attributes in process `syz.3.551'. [ 66.876824][ T4991] loop0: detected capacity change from 0 to 1024 [ 66.890605][ T4991] EXT4-fs: Ignoring removed orlov option [ 66.954503][ T4991] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 66.994838][ T5000] loop3: detected capacity change from 0 to 512 [ 67.045614][ T5000] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 67.050132][ T4991] EXT4-fs error (device loop0): ext4_check_all_de:659: inode #12: block 7: comm syz.0.559: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 67.059297][ T5000] EXT4-fs (loop3): 1 truncate cleaned up [ 67.316386][ T5016] netlink: 4 bytes leftover after parsing attributes in process `syz.4.568'. [ 67.354836][ T5032] netlink: 8 bytes leftover after parsing attributes in process `syz.3.572'. [ 67.381787][ T5032] IPVS: Unknown mcast interface: vcan0 [ 67.518736][ T5049] ipvlan2: entered promiscuous mode [ 67.525793][ T5053] loop3: detected capacity change from 0 to 512 [ 67.565697][ T5053] EXT4-fs (loop3): 1 orphan inode deleted [ 67.580858][ T33] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1 [ 67.588852][ T5053] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 67.713975][ T5076] loop2: detected capacity change from 0 to 512 [ 67.731229][ T998] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 1 [ 67.745321][ T5076] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 67.774122][ T5076] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 67.793801][ T5076] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 68.032674][ T5121] loop2: detected capacity change from 0 to 512 [ 68.052110][ T5121] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 68.082185][ T5121] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.124089][ T5121] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 68.253230][ T5146] loop0: detected capacity change from 0 to 1024 [ 68.265577][ T5151] FAULT_INJECTION: forcing a failure. [ 68.265577][ T5151] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 68.274499][ T5146] EXT4-fs: Ignoring removed orlov option [ 68.279732][ T5151] CPU: 1 UID: 0 PID: 5151 Comm: syz.4.617 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) [ 68.279772][ T5151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 68.279848][ T5151] Call Trace: [ 68.279857][ T5151] [ 68.279868][ T5151] __dump_stack+0x1d/0x30 [ 68.279900][ T5151] dump_stack_lvl+0xe8/0x140 [ 68.279927][ T5151] dump_stack+0x15/0x1b [ 68.279951][ T5151] should_fail_ex+0x265/0x280 [ 68.280040][ T5151] should_fail+0xb/0x20 [ 68.280075][ T5151] should_fail_usercopy+0x1a/0x20 [ 68.280116][ T5151] _copy_from_user+0x1c/0xb0 [ 68.280149][ T5151] restore_altstack+0x4b/0x2d0 [ 68.280245][ T5151] ? __set_task_blocked+0x23a/0x2a0 [ 68.280276][ T5151] __ia32_sys_rt_sigreturn+0xdc/0x350 [ 68.280307][ T5151] ? _raw_spin_unlock_irq+0x26/0x50 [ 68.280334][ T5151] ? signal_setup_done+0x266/0x290 [ 68.280392][ T5151] ? xfd_validate_state+0x45/0xf0 [ 68.280417][ T5151] ? fpu__clear_user_states+0x63/0x1e0 [ 68.280515][ T5151] ? fpregs_mark_activate+0x66/0x140 [ 68.280556][ T5151] ? fpu__clear_user_states+0x63/0x1e0 [ 68.280615][ T5151] ? arch_do_signal_or_restart+0x2f3/0x480 [ 68.280646][ T5151] ? __rcu_read_unlock+0x4f/0x70 [ 68.280824][ T5151] x64_sys_call+0x2e8a/0x2fb0 [ 68.280894][ T5151] do_syscall_64+0xd2/0x200 [ 68.280937][ T5151] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 68.280974][ T5151] ? clear_bhb_loop+0x40/0x90 [ 68.281005][ T5151] ? clear_bhb_loop+0x40/0x90 [ 68.281036][ T5151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.281124][ T5151] RIP: 0033:0x7ffb04e5ab39 [ 68.281147][ T5151] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 68.281173][ T5151] RSP: 002b:00007ffb03526a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f [ 68.281201][ T5151] RAX: ffffffffffffffda RBX: 00007ffb050e5fa0 RCX: 00007ffb04e5ab39 [ 68.281218][ T5151] RDX: 00007ffb03526a80 RSI: 00007ffb03526bb0 RDI: 0000000000000021 [ 68.281236][ T5151] RBP: 00007ffb03527090 R08: 0000000000000004 R09: 0000000000000001 [ 68.281331][ T5151] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001 [ 68.281350][ T5151] R13: 0000000000000000 R14: 00007ffb050e5fa0 R15: 00007ffdd15d5348 [ 68.281389][ T5151] [ 68.361460][ T5154] FAULT_INJECTION: forcing a failure. [ 68.361460][ T5154] name failslab, interval 1, probability 0, space 0, times 0 [ 68.467202][ T5146] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 68.471780][ T5154] CPU: 1 UID: 0 PID: 5154 Comm: syz.4.620 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) [ 68.471815][ T5154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 68.471832][ T5154] Call Trace: [ 68.471858][ T5154] [ 68.471869][ T5154] __dump_stack+0x1d/0x30 [ 68.471902][ T5154] dump_stack_lvl+0xe8/0x140 [ 68.471931][ T5154] dump_stack+0x15/0x1b [ 68.471956][ T5154] should_fail_ex+0x265/0x280 [ 68.471996][ T5154] ? getname_flags+0x208/0x3b0 [ 68.472092][ T5154] should_failslab+0x8c/0xb0 [ 68.472179][ T5154] __kmalloc_cache_noprof+0x4c/0x320 [ 68.472218][ T5154] getname_flags+0x208/0x3b0 [ 68.472246][ T5154] __se_sys_newlstat+0x4b/0x280 [ 68.472311][ T5154] ? fput+0x8f/0xc0 [ 68.472340][ T5154] ? ksys_write+0x192/0x1a0 [ 68.472449][ T5154] __x64_sys_newlstat+0x31/0x40 [ 68.472488][ T5154] x64_sys_call+0x1c47/0x2fb0 [ 68.472592][ T5154] do_syscall_64+0xd2/0x200 [ 68.472710][ T5154] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 68.472850][ T5154] ? clear_bhb_loop+0x40/0x90 [ 68.472882][ T5154] ? clear_bhb_loop+0x40/0x90 [ 68.472913][ T5154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.472942][ T5154] RIP: 0033:0x7ffb04ebe969 [ 68.473031][ T5154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.473055][ T5154] RSP: 002b:00007ffb03527038 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 68.473082][ T5154] RAX: ffffffffffffffda RBX: 00007ffb050e5fa0 RCX: 00007ffb04ebe969 [ 68.473158][ T5154] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000121c0 [ 68.473190][ T5154] RBP: 00007ffb03527090 R08: 0000000000000000 R09: 0000000000000000 [ 68.473207][ T5154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.473286][ T5154] R13: 0000000000000000 R14: 00007ffb050e5fa0 R15: 00007ffdd15d5348 [ 68.473313][ T5154] [ 68.862440][ T5149] __nla_validate_parse: 8 callbacks suppressed [ 68.862456][ T5149] netlink: 4 bytes leftover after parsing attributes in process `syz.3.616'. [ 68.900031][ T5146] EXT4-fs error (device loop0): ext4_check_all_de:659: inode #12: block 7: comm syz.0.615: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 69.017426][ T5178] loop3: detected capacity change from 0 to 8192 [ 69.047376][ T5178] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 2068) [ 69.058447][ T5178] FAT-fs (loop3): Filesystem has been set read-only [ 69.098110][ T5188] netlink: 'syz.2.629': attribute type 10 has an invalid length. [ 69.112504][ T5189] loop4: detected capacity change from 0 to 512 [ 69.128588][ T5188] veth0_vlan: left promiscuous mode [ 69.136728][ T5189] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 69.138079][ T5188] veth0_vlan: entered promiscuous mode [ 69.167157][ T5188] team0: Device veth0_vlan failed to register rx_handler [ 69.180163][ T5189] EXT4-fs (loop4): 1 truncate cleaned up [ 69.523987][ T5213] netlink: 4 bytes leftover after parsing attributes in process `syz.1.638'. [ 69.696150][ T5233] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 69.741865][ T5241] netlink: 'syz.2.647': attribute type 10 has an invalid length. [ 69.777048][ T5241] veth0_vlan: left promiscuous mode [ 69.790400][ T5239] loop1: detected capacity change from 0 to 512 [ 69.801092][ T5241] veth0_vlan: entered promiscuous mode [ 69.821016][ T5239] EXT4-fs (loop1): can't mount with both data=journal and delalloc [ 69.846057][ T5241] team0: Device veth0_vlan failed to register rx_handler [ 70.042417][ T5258] loop4: detected capacity change from 0 to 512 [ 70.074364][ T5258] EXT4-fs (loop4): 1 orphan inode deleted [ 70.081947][ T5258] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 70.093472][ T3412] __quota_error: 693 callbacks suppressed [ 70.093488][ T3412] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 70.109803][ T3412] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1 [ 70.132910][ T5267] netlink: 4 bytes leftover after parsing attributes in process `syz.2.654'. [ 70.221883][ T998] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 70.231941][ T998] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 1 [ 70.264193][ T5274] bond0: option mode: unable to set because the bond device has slaves [ 70.275224][ T5276] loop2: detected capacity change from 0 to 512 [ 70.284429][ T29] audit: type=1400 audit(1748480313.382:3012): avc: denied { create } for pid=5271 comm="syz.3.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 70.331204][ T5276] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 70.373305][ T5276] EXT4-fs (loop2): 1 truncate cleaned up [ 70.425490][ T5276] EXT4-fs mount: 128 callbacks suppressed [ 70.425513][ T5276] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.704168][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.741782][ T29] audit: type=1326 audit(1748480313.852:3013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5290 comm="syz.2.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 70.765456][ T29] audit: type=1326 audit(1748480313.852:3014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5290 comm="syz.2.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 70.824511][ T5291] FAULT_INJECTION: forcing a failure. [ 70.824511][ T5291] name failslab, interval 1, probability 0, space 0, times 0 [ 70.841300][ T5291] CPU: 0 UID: 0 PID: 5291 Comm: syz.2.664 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) [ 70.841367][ T5291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 70.841380][ T5291] Call Trace: [ 70.841535][ T5291] [ 70.841552][ T5291] __dump_stack+0x1d/0x30 [ 70.841580][ T5291] dump_stack_lvl+0xe8/0x140 [ 70.841676][ T5291] dump_stack+0x15/0x1b [ 70.841698][ T5291] should_fail_ex+0x265/0x280 [ 70.841735][ T5291] should_failslab+0x8c/0xb0 [ 70.841760][ T5291] kmem_cache_alloc_node_noprof+0x57/0x320 [ 70.841793][ T5291] ? __alloc_skb+0x101/0x320 [ 70.841862][ T5291] __alloc_skb+0x101/0x320 [ 70.841889][ T5291] ? audit_log_start+0x365/0x6c0 [ 70.841923][ T5291] audit_log_start+0x380/0x6c0 [ 70.842010][ T5291] audit_seccomp+0x48/0x100 [ 70.842228][ T5291] ? __seccomp_filter+0x68c/0x10d0 [ 70.842287][ T5291] __seccomp_filter+0x69d/0x10d0 [ 70.842341][ T5291] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 70.842381][ T5291] ? vfs_write+0x75e/0x8e0 [ 70.842413][ T5291] ? __rcu_read_unlock+0x4f/0x70 [ 70.842437][ T5291] ? __fget_files+0x184/0x1c0 [ 70.842526][ T5291] __secure_computing+0x82/0x150 [ 70.842570][ T5291] syscall_trace_enter+0xcf/0x1e0 [ 70.842602][ T5291] do_syscall_64+0xac/0x200 [ 70.842708][ T5291] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 70.842793][ T5291] ? clear_bhb_loop+0x40/0x90 [ 70.842881][ T5291] ? clear_bhb_loop+0x40/0x90 [ 70.842903][ T5291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.842927][ T5291] RIP: 0033:0x7f3091f0e969 [ 70.842945][ T5291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.842966][ T5291] RSP: 002b:00007f3090577038 EFLAGS: 00000246 ORIG_RAX: 000000000000004a [ 70.843028][ T5291] RAX: ffffffffffffffda RBX: 00007f3092135fa0 RCX: 00007f3091f0e969 [ 70.843043][ T5291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff [ 70.843059][ T5291] RBP: 00007f3090577090 R08: 0000000000000000 R09: 0000000000000000 [ 70.843075][ T5291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.843091][ T5291] R13: 0000000000000000 R14: 00007f3092135fa0 R15: 00007ffc5f8271c8 [ 70.843127][ T5291] [ 70.843148][ T5291] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64 [ 70.850298][ T29] audit: type=1326 audit(1748480313.912:3015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5290 comm="syz.2.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 70.858658][ T5291] audit: out of memory in audit_log_start [ 71.199300][ T29] audit: type=1326 audit(1748480313.912:3016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5290 comm="syz.2.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 71.229573][ T29] audit: type=1326 audit(1748480313.912:3017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5290 comm="syz.2.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 71.293322][ T5302] loop2: detected capacity change from 0 to 8192 [ 71.468458][ T5309] netlink: 4 bytes leftover after parsing attributes in process `syz.1.672'. [ 71.954790][ T5342] loop3: detected capacity change from 0 to 1024 [ 71.966441][ T5342] EXT4-fs: Ignoring removed orlov option [ 71.976184][ T5342] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 71.999544][ T5342] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.050813][ T3337] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.124232][ T5351] loop1: detected capacity change from 0 to 1024 [ 72.146051][ T5351] EXT4-fs: Ignoring removed orlov option [ 72.170746][ T5351] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 72.215756][ T5362] loop4: detected capacity change from 0 to 512 [ 72.229506][ T5362] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 72.270321][ T5351] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.286617][ T5357] netlink: 4 bytes leftover after parsing attributes in process `syz.3.691'. [ 72.302017][ T5359] netlink: 4 bytes leftover after parsing attributes in process `syz.2.689'. [ 72.360184][ T5362] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.395442][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.418189][ T5362] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.457322][ T5362] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 72.502729][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.546001][ T5386] loop4: detected capacity change from 0 to 1024 [ 72.554814][ T5386] EXT4-fs: Ignoring removed orlov option [ 72.586135][ T5386] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 72.671175][ T5386] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.723830][ T5390] netlink: 4 bytes leftover after parsing attributes in process `syz.3.699'. [ 72.770914][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.047840][ T5430] FAULT_INJECTION: forcing a failure. [ 73.047840][ T5430] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 73.061719][ T5430] CPU: 0 UID: 0 PID: 5430 Comm: syz.4.713 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) [ 73.061752][ T5430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 73.061768][ T5430] Call Trace: [ 73.061775][ T5430] [ 73.061838][ T5430] __dump_stack+0x1d/0x30 [ 73.061861][ T5430] dump_stack_lvl+0xe8/0x140 [ 73.061881][ T5430] dump_stack+0x15/0x1b [ 73.061899][ T5430] should_fail_ex+0x265/0x280 [ 73.061927][ T5430] should_fail+0xb/0x20 [ 73.061988][ T5430] should_fail_usercopy+0x1a/0x20 [ 73.062018][ T5430] _copy_from_user+0x1c/0xb0 [ 73.062037][ T5430] restore_altstack+0x4b/0x2d0 [ 73.062067][ T5430] ? __set_task_blocked+0x1dc/0x2a0 [ 73.062127][ T5430] __ia32_sys_rt_sigreturn+0xdc/0x350 [ 73.062152][ T5430] ? _raw_spin_unlock_irq+0x26/0x50 [ 73.062180][ T5430] ? signal_setup_done+0x266/0x290 [ 73.062224][ T5430] ? xfd_validate_state+0x45/0xf0 [ 73.062247][ T5430] ? fpu__clear_user_states+0x63/0x1e0 [ 73.062332][ T5430] ? fpregs_mark_activate+0x66/0x140 [ 73.062411][ T5430] ? fpu__clear_user_states+0x63/0x1e0 [ 73.062453][ T5430] ? arch_do_signal_or_restart+0x2f3/0x480 [ 73.062531][ T5430] ? __rcu_read_unlock+0x4f/0x70 [ 73.062563][ T5430] x64_sys_call+0x2e8a/0x2fb0 [ 73.062585][ T5430] do_syscall_64+0xd2/0x200 [ 73.062617][ T5430] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 73.062654][ T5430] ? clear_bhb_loop+0x40/0x90 [ 73.062751][ T5430] ? clear_bhb_loop+0x40/0x90 [ 73.062777][ T5430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.062805][ T5430] RIP: 0033:0x7ffb04e5ab39 [ 73.062843][ T5430] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 73.062861][ T5430] RSP: 002b:00007ffb03526a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f [ 73.062882][ T5430] RAX: ffffffffffffffda RBX: 00007ffb050e5fa0 RCX: 00007ffb04e5ab39 [ 73.062898][ T5430] RDX: 00007ffb03526a80 RSI: 00007ffb03526bb0 RDI: 0000000000000021 [ 73.062913][ T5430] RBP: 00007ffb03527090 R08: 0000000000000004 R09: 0000000000000001 [ 73.062925][ T5430] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001 [ 73.062992][ T5430] R13: 0000000000000000 R14: 00007ffb050e5fa0 R15: 00007ffdd15d5348 [ 73.063017][ T5430] [ 73.329156][ T5428] loop2: detected capacity change from 0 to 8192 [ 73.372677][ T5428] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 2068) [ 73.381785][ T5428] FAT-fs (loop2): Filesystem has been set read-only [ 73.404075][ T5436] loop4: detected capacity change from 0 to 512 [ 73.447601][ T5436] EXT4-fs (loop4): 1 orphan inode deleted [ 73.467809][ T3412] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1 [ 73.483029][ T5436] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.536566][ T5436] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.569041][ T5449] loop1: detected capacity change from 0 to 512 [ 73.625558][ T5449] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 73.647376][ T5449] EXT4-fs (loop1): 1 truncate cleaned up [ 73.658640][ T5449] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.696278][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.711046][ T3412] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1 [ 73.808591][ T5462] loop4: detected capacity change from 0 to 512 [ 73.846755][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.866634][ T5462] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 73.878816][ T5466] netlink: 4 bytes leftover after parsing attributes in process `syz.2.725'. [ 73.899717][ T5472] loop0: detected capacity change from 0 to 512 [ 73.910979][ T5475] loop2: detected capacity change from 0 to 1024 [ 73.919765][ T5475] EXT4-fs: Ignoring removed orlov option [ 73.920833][ T5462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.944611][ T5478] netlink: 14 bytes leftover after parsing attributes in process `syz.1.727'. [ 73.955241][ T5462] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.957376][ T5475] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 73.979870][ T5478]  (unregistering): (slave bond_slave_0): Releasing backup interface [ 74.006529][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.018366][ T5472] EXT4-fs (loop0): 1 orphan inode deleted [ 74.024910][ T5475] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.026159][ T5472] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.040773][ T3412] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1 [ 74.052903][ T5472] ext4 filesystem being mounted at /syzcgroup/cpu/syz0/cgroup.procs supports timestamps until 2038-01-19 (0x7fffffff) [ 74.066671][ T5478]  (unregistering): (slave bond_slave_1): Releasing backup interface [ 74.091750][ T5472] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.114194][ T5478]  (unregistering): Released all slaves [ 74.121845][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.167943][ T5496] loop4: detected capacity change from 0 to 512 [ 74.183627][ T5497] loop0: detected capacity change from 0 to 1024 [ 74.190581][ T5497] EXT4-fs: Ignoring removed orlov option [ 74.197824][ T5497] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 74.268255][ T5496] EXT4-fs (loop4): 1 orphan inode deleted [ 74.278655][ T5496] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.296567][ T3412] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1 [ 74.311206][ T5497] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.329000][ T5496] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.360990][ T5508] loop2: detected capacity change from 0 to 512 [ 74.370976][ T5508] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 74.408239][ T5508] EXT4-fs (loop2): 1 truncate cleaned up [ 74.415605][ T5508] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.447513][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.487521][ T5516] netlink: 24 bytes leftover after parsing attributes in process `syz.1.740'. [ 74.507397][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.522179][ T3412] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1 [ 74.631171][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.677819][ T5518] netlink: 4 bytes leftover after parsing attributes in process `syz.0.739'. [ 74.756298][ T5530] netlink: 24 bytes leftover after parsing attributes in process `syz.4.741'. [ 74.878836][ T5541] FAULT_INJECTION: forcing a failure. [ 74.878836][ T5541] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 74.892435][ T5541] CPU: 1 UID: 0 PID: 5541 Comm: syz.4.747 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) [ 74.892469][ T5541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 74.892484][ T5541] Call Trace: [ 74.892492][ T5541] [ 74.892515][ T5541] __dump_stack+0x1d/0x30 [ 74.892544][ T5541] dump_stack_lvl+0xe8/0x140 [ 74.892620][ T5541] dump_stack+0x15/0x1b [ 74.892637][ T5541] should_fail_ex+0x265/0x280 [ 74.892672][ T5541] should_fail+0xb/0x20 [ 74.892706][ T5541] should_fail_usercopy+0x1a/0x20 [ 74.892819][ T5541] _copy_to_user+0x20/0xa0 [ 74.892857][ T5541] simple_read_from_buffer+0xb5/0x130 [ 74.892897][ T5541] proc_fail_nth_read+0x100/0x140 [ 74.892940][ T5541] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 74.892978][ T5541] vfs_read+0x1a0/0x6f0 [ 74.893069][ T5541] ? __rcu_read_unlock+0x4f/0x70 [ 74.893148][ T5541] ? __fget_files+0x184/0x1c0 [ 74.893194][ T5541] ksys_read+0xda/0x1a0 [ 74.893231][ T5541] __x64_sys_read+0x40/0x50 [ 74.893300][ T5541] x64_sys_call+0x2d77/0x2fb0 [ 74.893330][ T5541] do_syscall_64+0xd2/0x200 [ 74.893411][ T5541] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 74.893495][ T5541] ? clear_bhb_loop+0x40/0x90 [ 74.893519][ T5541] ? clear_bhb_loop+0x40/0x90 [ 74.893543][ T5541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.893569][ T5541] RIP: 0033:0x7ffb04ebd37c [ 74.893642][ T5541] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 74.893664][ T5541] RSP: 002b:00007ffb03527030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 74.893688][ T5541] RAX: ffffffffffffffda RBX: 00007ffb050e5fa0 RCX: 00007ffb04ebd37c [ 74.893705][ T5541] RDX: 000000000000000f RSI: 00007ffb035270a0 RDI: 0000000000000007 [ 74.893721][ T5541] RBP: 00007ffb03527090 R08: 0000000000000000 R09: 000000000000000f [ 74.893737][ T5541] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 74.893752][ T5541] R13: 0000000000000000 R14: 00007ffb050e5fa0 R15: 00007ffdd15d5348 [ 74.893777][ T5541] [ 75.145451][ T5546] loop0: detected capacity change from 0 to 1024 [ 75.164777][ T5546] EXT4-fs: Ignoring removed orlov option [ 75.188560][ T5549] netlink: 12 bytes leftover after parsing attributes in process `syz.1.752'. [ 75.190847][ T5546] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 75.212367][ T5549] netlink: 12 bytes leftover after parsing attributes in process `syz.1.752'. [ 75.265196][ T5546] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.294398][ T5549] netlink: 12 bytes leftover after parsing attributes in process `syz.1.752'. [ 75.327141][ T5560] loop4: detected capacity change from 0 to 512 [ 75.350241][ T5562] loop2: detected capacity change from 0 to 512 [ 75.360945][ T5562] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 75.384951][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.396630][ T5564] netlink: 24 bytes leftover after parsing attributes in process `syz.1.757'. [ 75.426049][ T5562] EXT4-fs (loop2): 1 truncate cleaned up [ 75.436360][ T5560] EXT4-fs (loop4): 1 orphan inode deleted [ 75.450952][ T1410] __quota_error: 186 callbacks suppressed [ 75.450972][ T1410] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 75.451210][ T5562] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.457470][ T1410] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 75.483901][ T5560] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.579694][ T5560] ext4 filesystem being mounted at /syzcgroup/cpu/syz4/cgroup.procs supports timestamps until 2038-01-19 (0x7fffffff) [ 75.636690][ T5560] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.651646][ T5574] loop1: detected capacity change from 0 to 512 [ 75.742434][ T5574] Quota error (device loop1): v2_read_file_info: Free block number 1 out of range (1, 6). [ 75.761769][ T5574] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 75.790943][ T5574] EXT4-fs (loop1): mount failed [ 75.799107][ T5573] loop0: detected capacity change from 0 to 8192 [ 75.870690][ T29] audit: type=1400 audit(1748480318.972:3199): avc: denied { watch } for pid=5559 comm="syz.4.755" path="/164" dev="tmpfs" ino=878 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 75.992774][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.402080][ T5587] netlink: 'syz.1.764': attribute type 10 has an invalid length. [ 76.422313][ T5587] veth0_vlan: left promiscuous mode [ 76.428616][ T5587] veth0_vlan: entered promiscuous mode [ 76.438144][ T29] audit: type=1326 audit(1748480319.542:3200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5583 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 76.467371][ T29] audit: type=1326 audit(1748480319.542:3201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5583 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 76.493409][ T29] audit: type=1326 audit(1748480319.542:3202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5583 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 76.519041][ T29] audit: type=1326 audit(1748480319.542:3203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5583 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 76.546043][ T29] audit: type=1326 audit(1748480319.542:3204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5583 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 76.576763][ T5587] team0: Device veth0_vlan failed to register rx_handler [ 76.589569][ T29] audit: type=1326 audit(1748480319.682:3205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5583 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 76.618476][ T29] audit: type=1326 audit(1748480319.682:3206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5583 comm="syz.2.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3091f0e969 code=0x7ffc0000 [ 76.683320][ T5594] loop1: detected capacity change from 0 to 512 [ 76.692785][ T5594] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 76.709228][ T5598] netlink: 12 bytes leftover after parsing attributes in process `syz.4.767'. [ 76.733222][ T5594] EXT4-fs (loop1): 1 truncate cleaned up [ 76.740073][ T5594] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.043641][ T5619] netlink: 'syz.2.777': attribute type 10 has an invalid length. [ 77.070920][ T5619] veth0_vlan: left promiscuous mode [ 77.079534][ T5619] veth0_vlan: entered promiscuous mode [ 77.143332][ T5619] team0: Device veth0_vlan failed to register rx_handler [ 77.231057][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.292817][ T5634] loop0: detected capacity change from 0 to 512 [ 77.303167][ T5629] loop2: detected capacity change from 0 to 8192 [ 77.330126][ T5629] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 2068) [ 77.344969][ T5629] FAT-fs (loop2): Filesystem has been set read-only [ 77.359450][ T5634] EXT4-fs (loop0): 1 orphan inode deleted [ 77.367502][ T5634] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.383586][ T33] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1 [ 77.403186][ T5634] ext4 filesystem being mounted at /syzcgroup/cpu/syz0/cgroup.procs supports timestamps until 2038-01-19 (0x7fffffff) [ 77.425235][ T5634] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.446694][ T5640] 9pnet: Could not find request transport: f [ 77.454870][ T5640] syz!: rxe_newlink: already configured on team_slave_0 [ 77.589261][ T5655] loop1: detected capacity change from 0 to 1024 [ 77.606743][ T5655] EXT4-fs: Ignoring removed orlov option [ 77.627633][ T5655] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 77.655835][ T5655] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.696893][ T5655] EXT4-fs error (device loop1): ext4_check_all_de:659: inode #12: block 7: comm syz.1.789: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 77.743546][ T5659] loop0: detected capacity change from 0 to 512 [ 77.757387][ T5659] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 77.795247][ T5659] EXT4-fs (loop0): 1 truncate cleaned up [ 77.796378][ T5664] netlink: 'syz.2.792': attribute type 10 has an invalid length. [ 77.801705][ T5659] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.809748][ T5664] veth0_vlan: left promiscuous mode [ 77.829590][ T5664] veth0_vlan: entered promiscuous mode [ 77.836990][ T5664] team0: Device veth0_vlan failed to register rx_handler [ 77.871761][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.083199][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.092435][ T5677] loop2: detected capacity change from 0 to 512 [ 78.123776][ T5677] EXT4-fs (loop2): too many log groups per flexible block group [ 78.132016][ T5677] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 78.155825][ T5677] EXT4-fs (loop2): mount failed [ 78.330213][ T5701] loop4: detected capacity change from 0 to 8192 [ 78.489641][ T5717] loop3: detected capacity change from 0 to 512 [ 78.523824][ T5717] EXT4-fs (loop3): too many log groups per flexible block group [ 78.532642][ T5717] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 78.558230][ T5730] loop1: detected capacity change from 0 to 8192 [ 78.569384][ T5717] EXT4-fs (loop3): mount failed [ 78.587459][ T5730] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 2068) [ 78.596865][ T5730] FAT-fs (loop1): Filesystem has been set read-only [ 78.812157][ T5759] loop0: detected capacity change from 0 to 512 [ 78.839430][ T5759] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 78.974746][ T5759] EXT4-fs (loop0): mount failed [ 79.245962][ T5794] loop4: detected capacity change from 0 to 1024 [ 79.283327][ T5798] loop3: detected capacity change from 0 to 512 [ 79.283469][ T5794] EXT4-fs: Ignoring removed orlov option [ 79.297169][ T5798] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 79.298324][ T5794] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 79.357910][ T5798] EXT4-fs (loop3): 1 truncate cleaned up [ 79.377799][ T5798] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.393489][ T5794] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.451915][ T5794] EXT4-fs error (device loop4): ext4_find_dest_de:2054: inode #12: block 7: comm syz.4.844: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 79.473243][ T5796] __nla_validate_parse: 1 callbacks suppressed [ 79.473311][ T5796] netlink: 4 bytes leftover after parsing attributes in process `syz.1.848'. [ 79.513344][ T5794] EXT4-fs error (device loop4): ext4_check_all_de:659: inode #12: block 7: comm syz.4.844: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0 [ 79.665445][ T5820] loop1: detected capacity change from 0 to 1024 [ 79.676008][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.688573][ T3337] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.695736][ T5820] EXT4-fs: Ignoring removed orlov option [ 79.715863][ T5820] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 79.753576][ T5828] netlink: 'syz.2.860': attribute type 10 has an invalid length. [ 79.766729][ T5820] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.780251][ T5828] veth0_vlan: left promiscuous mode [ 79.792130][ T5828] veth0_vlan: entered promiscuous mode [ 79.799143][ T5828] team0: Device veth0_vlan failed to register rx_handler [ 79.808721][ T5834] loop0: detected capacity change from 0 to 512 [ 79.824266][ T5834] EXT4-fs (loop0): too many log groups per flexible block group [ 79.824396][ T5834] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 79.824430][ T5834] EXT4-fs (loop0): mount failed [ 79.846690][ T5820] EXT4-fs error (device loop1): ext4_check_all_de:659: inode #12: block 7: comm syz.1.856: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 79.867773][ T5838] loop3: detected capacity change from 0 to 512 [ 79.878092][ T5838] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 79.922171][ T5844] loop2: detected capacity change from 0 to 512 [ 79.928986][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.965885][ T5844] EXT4-fs (loop2): 1 orphan inode deleted [ 79.972649][ T5844] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.986221][ T1410] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 80.004003][ T5838] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.010994][ T5844] ext4 filesystem being mounted at /179/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.022772][ T5838] ext4 filesystem being mounted at /162/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.072834][ T5861] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5861 comm=syz.1.872 [ 80.110711][ T5862] 9pnet: Could not find request transport: f [ 80.111222][ T5838] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 80.129437][ T5862] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 80.153438][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.173869][ T33] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1 [ 80.187402][ T3337] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.196612][ T5867] loop1: detected capacity change from 0 to 8192 [ 80.275821][ T5876] loop4: detected capacity change from 0 to 512 [ 80.296823][ T5871] netlink: 4 bytes leftover after parsing attributes in process `syz.2.875'. [ 80.348085][ T5880] loop3: detected capacity change from 0 to 512 [ 80.369205][ T5876] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 80.378591][ T5880] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 80.404722][ T5876] EXT4-fs (loop4): mount failed [ 80.485402][ T5880] EXT4-fs (loop3): 1 truncate cleaned up [ 80.498930][ T5880] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.692204][ T5894] loop2: detected capacity change from 0 to 512 [ 80.715481][ T5894] __quota_error: 154 callbacks suppressed [ 80.715569][ T5894] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6). [ 80.766071][ T5894] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 80.824866][ T5894] EXT4-fs (loop2): mount failed [ 80.899172][ T5898] netlink: 4 bytes leftover after parsing attributes in process `syz.0.883'. [ 81.026737][ T3337] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.268075][ T5925] loop0: detected capacity change from 0 to 512 [ 81.287045][ T5925] EXT4-fs (loop0): too many log groups per flexible block group [ 81.295454][ T5925] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 81.321897][ T5925] EXT4-fs (loop0): mount failed [ 81.388286][ T29] audit: type=1400 audit(1748480324.492:3356): avc: denied { create } for pid=5934 comm="syz.3.897" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 81.434594][ T5930] netlink: 4 bytes leftover after parsing attributes in process `syz.4.895'. [ 81.435157][ T29] audit: type=1400 audit(1748480324.532:3357): avc: denied { allowed } for pid=5934 comm="syz.3.897" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 81.465873][ T29] audit: type=1400 audit(1748480324.532:3358): avc: denied { read } for pid=5934 comm="syz.3.897" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 81.573137][ T5960] loop1: detected capacity change from 0 to 512 [ 81.584977][ T5960] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 81.601441][ T5953] netlink: 'syz.4.903': attribute type 10 has an invalid length. [ 81.612966][ T5960] EXT4-fs (loop1): 1 truncate cleaned up [ 81.620582][ T5960] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.640721][ T5953] veth0_vlan: left promiscuous mode [ 81.668426][ T5953] veth0_vlan: entered promiscuous mode [ 81.685977][ T5953] team0: Device veth0_vlan failed to register rx_handler [ 81.769559][ T5974] loop3: detected capacity change from 0 to 512 [ 81.787420][ T29] audit: type=1400 audit(1748480324.892:3359): avc: denied { mounton } for pid=5972 comm="+}[@" path="/171/file0" dev="tmpfs" ino=919 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 81.835862][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.878187][ T5974] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 81.924970][ T5974] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 81.941835][ T5995] loop4: detected capacity change from 0 to 512 [ 81.949669][ T5995] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 81.961297][ T5974] EXT4-fs (loop3): mount failed [ 81.984267][ T5995] EXT4-fs (loop4): 1 truncate cleaned up [ 81.991104][ T5995] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.087761][ T6007] netlink: 'syz.0.925': attribute type 10 has an invalid length. [ 82.180187][ T29] audit: type=1326 audit(1748480325.282:3360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6012 comm="syz.1.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 82.203961][ T29] audit: type=1326 audit(1748480325.282:3361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6012 comm="syz.1.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 82.236794][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.285405][ T29] audit: type=1326 audit(1748480325.282:3362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6012 comm="syz.1.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 82.313018][ T29] audit: type=1326 audit(1748480325.282:3363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6012 comm="syz.1.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5b87e969 code=0x7ffc0000 [ 82.441605][ T6032] loop2: detected capacity change from 0 to 512 [ 82.483540][ T6036] ================================================================== [ 82.492061][ T6036] BUG: KCSAN: data-race in __percpu_counter_init_many / copy_mm [ 82.499851][ T6036] [ 82.502214][ T6036] write to 0xffff88810936c908 of 8 bytes by task 6032 on cpu 1: [ 82.504935][ T6029] loop4: detected capacity change from 0 to 8192 [ 82.510024][ T6036] __percpu_counter_init_many+0x292/0x310 [ 82.522149][ T6036] ext4_es_register_shrinker+0x91/0x280 [ 82.527883][ T6036] ext4_fill_super+0x1de0/0x34e0 [ 82.532862][ T6036] get_tree_bdev_flags+0x291/0x300 [ 82.538458][ T6036] get_tree_bdev+0x1f/0x30 [ 82.543012][ T6036] ext4_get_tree+0x1c/0x30 [ 82.547461][ T6036] vfs_get_tree+0x54/0x1d0 [ 82.551986][ T6036] do_new_mount+0x207/0x680 [ 82.556699][ T6036] path_mount+0x4a4/0xb20 [ 82.561056][ T6036] __se_sys_mount+0x28f/0x2e0 [ 82.565946][ T6036] __x64_sys_mount+0x67/0x80 [ 82.570684][ T6036] x64_sys_call+0xd36/0x2fb0 [ 82.575301][ T6036] do_syscall_64+0xd2/0x200 [ 82.580916][ T6036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.586955][ T6036] [ 82.589460][ T6036] read to 0xffff88810936c500 of 1408 bytes by task 6036 on cpu 0: [ 82.597383][ T6036] copy_mm+0xfb/0x1360 [ 82.601663][ T6036] copy_process+0xcf1/0x1fe0 [ 82.606386][ T6036] kernel_clone+0x16c/0x5b0 [ 82.611077][ T6036] __x64_sys_clone+0xe6/0x120 [ 82.616015][ T6036] x64_sys_call+0x2c59/0x2fb0 [ 82.620838][ T6036] do_syscall_64+0xd2/0x200 [ 82.625553][ T6036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.631563][ T6036] [ 82.633898][ T6036] Reported by Kernel Concurrency Sanitizer on: [ 82.640352][ T6036] CPU: 0 UID: 0 PID: 6036 Comm: syz.0.939 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) [ 82.652903][ T6036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 82.663935][ T6036] ================================================================== [ 82.735343][ T6034] loop1: detected capacity change from 0 to 8192 [ 82.743092][ T6032] EXT4-fs (loop2): too many log groups per flexible block group [ 82.751798][ T6032] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 82.763320][ T6032] EXT4-fs (loop2): mount failed [ 82.774983][ T6034] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 2068) [ 82.785411][ T6034] FAT-fs (loop1): Filesystem has been set read-only