last executing test programs: 4.373130798s ago: executing program 1 (id=898): socket$inet6_sctp(0xa, 0x801, 0x84) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) r2 = openat$cgroup_type(r1, &(0x7f00000002c0), 0x2, 0x0) write$cgroup_type(r2, &(0x7f0000000280), 0x9) r3 = openat$cgroup_procs(r1, &(0x7f0000000340)='cgroup.threads\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000c40), 0x12) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) sendto(0xffffffffffffffff, &(0x7f0000000440)="9bc0f2bb1f99194ea93de83f2b692d639c5159b3b1c1386ed03fdc4b8eafa792ae3049f02aef269f76cf563a4fd41a2f7212ffd6ad31b096729f7003ef7a5ba684fd3b35256bb7fcecbfb903ef0f7490ce86d0c0e95d47c7d3ecdc13a9372d975db40fa60d9b452ae7b0ac6ac7b11cff1fb4c143ea15ec3b0475078b81e10dfaa881a1c891cd47fdf7ce311bd98cc9340597e49064254afb", 0x98, 0x80, &(0x7f0000000500)=@ieee802154={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0302}}}, 0x80) socket$nl_route(0x10, 0x3, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r5, &(0x7f0000000200)=0x1, 0x12) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_procs(r6, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r7, &(0x7f0000000380), 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x1000) 3.888518665s ago: executing program 4 (id=899): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000800000000f80000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x5}, 0x50) faccessat2(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x70, 0x100) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_POSITION_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xa4}}, 0x4800) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) socket$kcm(0xa, 0x922000000003, 0x11) socket$nl_netfilter(0x10, 0x3, 0xc) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r3) sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYRESHEX=r3, @ANYRES16=r4, @ANYRES32=r4], 0x2c}, 0x1, 0x0, 0x0, 0x200400c1}, 0x2000c800) r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x77, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r6}, 0x18) r7 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a00"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0) bind$can_raw(r5, &(0x7f0000000300), 0x10) r8 = syz_open_dev$rtc(&(0x7f0000000000), 0x0, 0x40802) ioctl$RTC_PIE_OFF(r8, 0x7006) mount$bind(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x10010, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x99ed8d43af96217a) 3.724775418s ago: executing program 4 (id=901): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000ac0)="$eJzs3EtvG0UcAPD/bpq+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRKqIpQuWI+gmAIxKfgBNcEHACcYU7QqpQLgQOaNHau6lx7GAncZ3g30/aeGZ31jt/7449O2MngJ41lP9JIvZGxM8RMRARffUFhqoPS4vzk38uzk8mkWWv/57ku8Ufi/OTZdGkeNxTZIbTiPTDJA43OO7slasXJqanpy4X+dG5i++Mzl65+sz5ixPnps5NXRo/efLE8bHnnxt/dkPi3JfX9dD7M0cOnnrz5quTp2++9d0XeX33Fttr46gaXPcxh2Jo+TWp9/i6n31z2VeTTrZ1sSK0JW/r+enqr7T/geiL2ydvIF75oKuVAzoqy7Jsx4q1yz2AhQz4H0ui2zUAuqP8oM/vf8vlDnY/uu7Wi9UboDzupWKpbtkWaVGmv+7+diMNRcTphb8+yZdoOA4BALCxvsr7P0836v+lcV9NubuKuaHBiLg7IvZHxD0RcSAi7o2olL0/Ih5o8/hDdfmV/Z8fd60psBbl/b8Xirmtf/f/yt5fDPYVuX2V+PuTs+enp44Vr8lw9O/I82OrHOPrl3/6uNm22v5fviz1x2TZFyzq8du2ugG6MxNzE+uJudat65UxwGsr40+WZwKSiDgYEYfW8Pw7I+L8k58fabZ9RfyL83Xxr2ID5pmyzyKeqJ7/haiLv5SsPj85ujOmp46NllfFSt//cOO1ZsdfV/wbID//uxte/8vxDya187Wz7R/jxi8fNb2n+e/4G1//25M3Kuntxbr3JubmLo9FbE8WVq4fv71vmS/L5/EPH23c/vdH/P1psd/hiMgv4gcj4qGIeLio+yMR8WhEHF0l/m9feuzttcffWXn8Z9o6/+0n+i5882Wz47d2/k9UUsPFmlbe/1qt4HpeOwAAANgq0sp34JN0ZDmdpiMj1e/wH4jd6fTM7NxTZ2fevXSm+l35wehPy5GugZrx0LFibLjMj9flj1fGjbMsy3ZV8iOTM9OdmlMHWrOnSfvP/drX7doBHdfWPFqzX7QBW5Lfa0Lv0v6hd2n/0Lu0f+hdjdr/tYilVXe63rHqAHeQz3/oXdo/9C7tH3qX9g89aT2/618tsf9Ua4XLf0DYoWpsgUTf5qhG24lIN0U11pZIN0c1qokdEdFq4Wt3rKV0+Y0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7YA6Ok=") r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0) open_by_handle_at(r2, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0) 3.52451148s ago: executing program 4 (id=903): syz_emit_ethernet(0x8a, &(0x7f0000000c00)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @val={@val={0x88a8, 0x6}, {0x8100, 0x3, 0x1, 0x2}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '@\x00', 0x4c, 0x6, 0x1, @empty, @local, {[@hopopts={0x1, 0x4, '\x00', [@generic={0x3, 0x24, "1c77ec50c8a5260b9657f14c0b4d5f8413ff4eb8537049fd4ebef9682fb13788a5a2d116"}]}, @fragment={0x5e, 0x0, 0x5, 0x0, 0x0, 0x19, 0x65}], {{0x4e21, 0x4e1e, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0x13}}}}}}}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000500)=0x2) socket$inet6(0xa, 0x3, 0xff) r1 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r2, 0x0, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x100000004, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1}) io_uring_enter(r1, 0x6e2, 0x3900, 0x1, 0x0, 0xe00) rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYRESOCT=r0], &(0x7f00000001c0)='GPL\x00'}, 0x94) openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000006c0)={[{@noquota}, {@noquota}, {@grpjquota}, {@noauto_da_alloc}, {@dioread_lock}]}, 0x2, 0x4f3, &(0x7f0000000700)="$eJzs3c9vG0sdAPDvOnGTtHk4Dzg8nsSjgofSCmonDW0jDiVICE6VKOXCKYTEiaI4cRQ7bRNVKBV/ABLil+DEiQsSZ4SE+icgpEpwRwiBKmjLgQNgtM6ahtRJnNc4buPPR5ru7M7ufmfqeOzZWXkD6FsXI2ImIgYi4nJEFLLtuSzFzm5K93v29MF8mpJoDN35WxJJtq11riRbXsgOG46Ir30l4lvJy3FrW9src5VKeSNbL9VX10u1re0ry6tzS+Wl8trM1OT16RvT16YnTqytN7/05x9+9+dfvvmbz9774+xfL307rdZoVra3HZ3Y6XC/3abnm/8XLYMRsXGcYK+xgaw9+V5XBACAjqTf8T8cEZ+MiOc/6XVtAAAAgG5ofGE0/pVENAAAAIAzK9e8BzbJFbN7AUYjlysWd+/h/Wicz1WqtfpnFqubawu798qORT63uFwpT2T3Co9FPknXJ5v5F+tX961PRcTbEfH9wkhzvThfrSz0+uIHAAAA9IkL+8b//yjsjv8BAACAM2as1xUAAAAAus74HwAAAM6+A8f/yeDpVgQAAADohq/eupWmRuv51wt3tzZXqnevLJRrK8XVzfnifHVjvbhUrS41f7Nv9ajzVarV9c/F2ub9Ur1cq5dqW9uzq9XNtfps87nes+VG4VSaBQAAAOzx9ice/SGJiJ3PjzRT6lxWlj/68Jnu1g7optzxdk+6VQ/g9A30ugJAz7jBF/pXB2N84Iw7YmD/g33rx7xsAAAAvA7GP/ZK8//mA+ENZiAP/cv8P/Qv8//Qv8z/Q58bOnqX4YMKfnvCdQEAALpmtJmSXDGbCxyNXK5YjHir+ViAfLK4XClPRMSHIuL3hfxQuj7Z60oDAAAAAAAAAAAAAAAAAAAAAAAAwBum0UiiAQAAAJxpEbm/JNmD/McL74/uvz5wLvlnobmMiHs/vfOj+3P1+sZkuv3v/9te/3G2/WprS+obp3wlAwAAAGhpjdNb43gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEnPnj6Yb6XTjPvkixEx1i7+YAw3l8O/KkTE+edJDO45LomIgROIv/MwIt5pFz9JqxVjWS32x89FxEiP4184gfjQzx6l/c9M+v7L73v/5eJic9n+/TeYpVf15OJB/V+u1f81+7l2/d9bh596uJV59/EvSy+VFrL4DyPeHWzf/7TiJ+3in+u8jd/8+vb2QWWNn0WMH/H5k8Yv1VfXS7Wt7SvLq3NL5aXy2tTU5PXpG9PXpidKi8uVcvZv2xjf+/iv/3NQ/LT959vG3+1/D2x/RLzfYfv//fj+048cEv/Sp9q//u8cEj/9m/h09jmQlo+38ju7+b3e+8Xv3jus/QsHtP/Q1z8iLnXY/su3v/OnDncFAE5BbWt7Za5SKW90JTPStTPLpJnq2lH7pN8TP3CI/Kn8kch0M3M7ew2PfXgPOyUAAKArXnzp319yjAkeAAAAAAAAAAAAAAAAAAAA4JV0/UfIhv7/lwWGe9dUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBD/TcAAP//V7HNuw==") chmod(&(0x7f0000000340)='./file1\x00', 0x0) 2.966920618s ago: executing program 1 (id=908): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x5, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x63, 0x11, 0x22}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) mq_unlink(0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000400)={0x18, 0x76, 0x31f, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@broadcast}]}, 0x18}], 0x1}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18) statx(0xffffffffffffffff, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6000, 0x4, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000100), 0x1, 0x57e, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/zGbffuV90xcUVHooKlQo3ST90OqpvYqFQg+CFw2bbSjZZEM20SbkkN6L2IOo9FJvevCoePAgXjx6ErwonoVig0LTg67MfqRpvtzUJlszvx/M7jzz7Oz/eXb2/+zMMMMGkFtHs4c04umIuJhEDKyq64t25dHW65aXFsr3lhbKSTQal35NIomIu0sL5c7rk/bzoYhYjIinIuKbYsTxdH3c+tz8+Ei1WplulwdnJqYG63PzJ65MjIxVxiqTp156+czZ02eGTw6vXu1eY3WpuL2+Xv/pxrvXv3v11o1PPzuyWH5/JIlz0d+uW92PR6n1mRTj3Jrlp3ciWA8lvW4AD6XQzvMslZ6MgSi0s34jjYFdbRqwwxr7IhpATiXyH3Kqsx+QHf92pt3c/7h9vnUAksVdbk+tmr7WuYnY3zw2Ofhb8sCRSXa8eXg3G8qetHgtIob6+tZ//5P29+/hDT2KBrKjvj7f2lDrt3+6Mv7EBuNPf+fc6T/UGf+W141/9+MXNhn/LnYZ4483fv5o0/jXIp7ZMH6yEj/ZIH4aEW91Gf/m61+e3ayu8XHEsdg4fkey9fnhwctXqpWh1uOGMb46duSVrfp/cJP4rXO2+5s/M2v6fyhr01SX/f/i28+fXdwi/gvPbb39N/r8D0TEe13G///dT17brO72teROthew3e2fLbvVZfwXzx39scuXAgAAAAAAAAAA25A2r2VL0tLKfJqWSq17eJ+Ig2m1Vp85frk2OznauubtcBTTzpVWA61ykpWH29fjdson15RPFdoBCwea5VK5Vh3tcd8BAAAAAAAAAAAAAAAAAADgcXFozf3/vxea9/+v/btqYK/a/C+/gb1O/kN+PZj/Sc/aAew+v/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwI64eOFCNjXuLS2Us/Jo39zseO3tE6OV+nhpYrZcKtemp0pjtdpYtVIq1yb+7v2SWm1qKCZnrw7OVOozg/W5+TcnarOTSXzfrK4Ud6FPAAAAAAAAAAAAAAAAAAAA8G/T35yStBQRaXM+TUuliP9GxOEoJpevVCtDEfG/iPihUNyXlYd73WgAAAAAAAAAAAAAAAAAAADYY+pz8+Mj1Wplek/O7I+IB5f0bWf1iFh8tA3L3nHbaxXb2+px+VTN5GGmxwMTAAAAAAAAAAAAAAAAAADk0P2bfrtd48+dbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdGzg+f61tf9JlgvN54h45+alD66OzMxMD2fL76wsn/mwvfxkL9oPdKuTp508BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rz82Pj1SrlekdnOl1HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexl8BAAD//5aV1q4=") pwrite64(0xffffffffffffffff, &(0x7f0000000140)='2', 0xfdef, 0xfecc) sync_file_range(0xffffffffffffffff, 0x10, 0x6, 0x7) setsockopt$inet6_tcp_int(r4, 0x6, 0x2, &(0x7f00000001c0)=0x7ff, 0x4) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f0000000000), 0x0, 0x0, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r4, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0) 2.79984333s ago: executing program 0 (id=914): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000ac0)="$eJzs3EtvG0UcAPD/bpq+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRKqIpQuWI+gmAIxKfgBNcEHACcYU7QqpQLgQOaNHau6lx7GAncZ3g30/aeGZ31jt/7449O2MngJ41lP9JIvZGxM8RMRARffUFhqoPS4vzk38uzk8mkWWv/57ku8Ufi/OTZdGkeNxTZIbTiPTDJA43OO7slasXJqanpy4X+dG5i++Mzl65+sz5ixPnps5NXRo/efLE8bHnnxt/dkPi3JfX9dD7M0cOnnrz5quTp2++9d0XeX33Fttr46gaXPcxh2Jo+TWp9/i6n31z2VeTTrZ1sSK0JW/r+enqr7T/geiL2ydvIF75oKuVAzoqy7Jsx4q1yz2AhQz4H0ui2zUAuqP8oM/vf8vlDnY/uu7Wi9UboDzupWKpbtkWaVGmv+7+diMNRcTphb8+yZdoOA4BALCxvsr7P0836v+lcV9NubuKuaHBiLg7IvZHxD0RcSAi7o2olL0/Ih5o8/hDdfmV/Z8fd60psBbl/b8Xirmtf/f/yt5fDPYVuX2V+PuTs+enp44Vr8lw9O/I82OrHOPrl3/6uNm22v5fviz1x2TZFyzq8du2ugG6MxNzE+uJudat65UxwGsr40+WZwKSiDgYEYfW8Pw7I+L8k58fabZ9RfyL83Xxr2ID5pmyzyKeqJ7/haiLv5SsPj85ujOmp46NllfFSt//cOO1ZsdfV/wbID//uxte/8vxDya187Wz7R/jxi8fNb2n+e/4G1//25M3Kuntxbr3JubmLo9FbE8WVq4fv71vmS/L5/EPH23c/vdH/P1psd/hiMgv4gcj4qGIeLio+yMR8WhEHF0l/m9feuzttcffWXn8Z9o6/+0n+i5882Wz47d2/k9UUsPFmlbe/1qt4HpeOwAAANgq0sp34JN0ZDmdpiMj1e/wH4jd6fTM7NxTZ2fevXSm+l35wehPy5GugZrx0LFibLjMj9flj1fGjbMsy3ZV8iOTM9OdmlMHWrOnSfvP/drX7doBHdfWPFqzX7QBW5Lfa0Lv0v6hd2n/0Lu0f+hdjdr/tYilVXe63rHqAHeQz3/oXdo/9C7tH3qX9g89aT2/618tsf9Ua4XLf0DYoWpsgUTf5qhG24lIN0U11pZIN0c1qokdEdFq4Wt3rKV0+Y0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7YA6Ok=") r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0) open_by_handle_at(r2, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0) 2.770673961s ago: executing program 1 (id=915): openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18) syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0), 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP") r1 = open(0x0, 0x100, 0x123) copy_file_range(r1, 0x0, 0xffffffffffffffff, 0x0, 0x3df1, 0x0) r2 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169) pwritev2(r2, &(0x7f0000000240)=[{0x0}], 0x1, 0x2000, 0x0, 0x3) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) 2.616756383s ago: executing program 4 (id=919): socket$inet6_sctp(0xa, 0x801, 0x84) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) r2 = openat$cgroup_type(r1, &(0x7f00000002c0), 0x2, 0x0) write$cgroup_type(r2, &(0x7f0000000280), 0x9) r3 = openat$cgroup_procs(r1, &(0x7f0000000340)='cgroup.threads\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000c40), 0x12) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) sendto(0xffffffffffffffff, &(0x7f0000000440)="9bc0f2bb1f99194ea93de83f2b692d639c5159b3b1c1386ed03fdc4b8eafa792ae3049f02aef269f76cf563a4fd41a2f7212ffd6ad31b096729f7003ef7a5ba684fd3b35256bb7fcecbfb903ef0f7490ce86d0c0e95d47c7d3ecdc13a9372d975db40fa60d9b452ae7b0ac6ac7b11cff1fb4c143ea15ec3b0475078b81e10dfaa881a1c891cd47fdf7ce311bd98cc9340597e49064254afb", 0x98, 0x80, &(0x7f0000000500)=@ieee802154={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0302}}}, 0x80) socket$nl_route(0x10, 0x3, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r5, &(0x7f0000000200)=0x1, 0x12) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_procs(r6, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r7, &(0x7f0000000380), 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x1000) 2.511133775s ago: executing program 1 (id=920): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xfffffffffffffff7, 0x1ff}, 0x106263, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="10000000040000000400", @ANYRES32, @ANYBLOB="0000f7ff2300", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x3c, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x8}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x101}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10000047}, 0x0) dup(0xffffffffffffffff) mbind(&(0x7f0000188000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x1, 0x1) r3 = syz_open_dev$usbfs(0x0, 0x77, 0x41341) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, 0x0, 0x0) fsetxattr$security_capability(r3, 0x0, &(0x7f00000003c0)=@v2={0x2000000, [{0x80000000, 0x6}, {0x0, 0xfffffffd}]}, 0x14, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001d000100000000000000000007000000fc46119bf4573fdb309a18579ed2e272d18821ac0294923437422ace858698d01cbee84a4df7de5f3d4b5967058116d0944aa3dddc2054580a81fb72816ab2", @ANYRES32=r5, @ANYBLOB="800002000a000200"], 0x28}}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 2.510605005s ago: executing program 0 (id=921): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) r3 = semget$private(0x0, 0x2, 0x24) semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000000)) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) readv(r4, &(0x7f0000000240)=[{&(0x7f0000000040)=""/3, 0x3}], 0x1) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRES32=r3, @ANYRES32=r1], 0x50) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000a40)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000080000000200000ffffdffff0e00000000000000030000000700000003000000fffdffff00000000000000002e"], 0x0, 0x46, 0x0, 0x8, 0xfffffffe}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = shmget$private(0x0, 0x4000, 0x20, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_SET(r6, 0x1, &(0x7f0000000580)={{0x1, 0x0, 0x0, 0x0, 0x0, 0xa, 0xfffd}, 0x80000001, 0x80, 0x2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff, 0xfff2}) shmctl$IPC_STAT(r6, 0x2, &(0x7f0000000340)=""/189) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) semctl$GETALL(0x0, 0x0, 0xd, &(0x7f00000030c0)=""/4096) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, 0x0) r7 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r2, &(0x7f0000000140)) 1.42603039s ago: executing program 3 (id=929): syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) cachestat(r0, &(0x7f0000000240)={0x2, 0x5}, &(0x7f0000000340), 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r2, 0x0, 0x415}, 0x18) unshare(0x64000600) 1.278221292s ago: executing program 2 (id=930): openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18) syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0), 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP") r1 = open(0x0, 0x100, 0x123) copy_file_range(r1, 0x0, 0xffffffffffffffff, 0x0, 0x3df1, 0x0) r2 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169) pwritev2(r2, &(0x7f0000000240)=[{0x0}], 0x1, 0x2000, 0x0, 0x3) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) 1.260341892s ago: executing program 3 (id=931): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000ac0)="$eJzs3EtvG0UcAPD/bpq+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRKqIpQuWI+gmAIxKfgBNcEHACcYU7QqpQLgQOaNHau6lx7GAncZ3g30/aeGZ31jt/7449O2MngJ41lP9JIvZGxM8RMRARffUFhqoPS4vzk38uzk8mkWWv/57ku8Ufi/OTZdGkeNxTZIbTiPTDJA43OO7slasXJqanpy4X+dG5i++Mzl65+sz5ixPnps5NXRo/efLE8bHnnxt/dkPi3JfX9dD7M0cOnnrz5quTp2++9d0XeX33Fttr46gaXPcxh2Jo+TWp9/i6n31z2VeTTrZ1sSK0JW/r+enqr7T/geiL2ydvIF75oKuVAzoqy7Jsx4q1yz2AhQz4H0ui2zUAuqP8oM/vf8vlDnY/uu7Wi9UboDzupWKpbtkWaVGmv+7+diMNRcTphb8+yZdoOA4BALCxvsr7P0836v+lcV9NubuKuaHBiLg7IvZHxD0RcSAi7o2olL0/Ih5o8/hDdfmV/Z8fd60psBbl/b8Xirmtf/f/yt5fDPYVuX2V+PuTs+enp44Vr8lw9O/I82OrHOPrl3/6uNm22v5fviz1x2TZFyzq8du2ugG6MxNzE+uJudat65UxwGsr40+WZwKSiDgYEYfW8Pw7I+L8k58fabZ9RfyL83Xxr2ID5pmyzyKeqJ7/haiLv5SsPj85ujOmp46NllfFSt//cOO1ZsdfV/wbID//uxte/8vxDya187Wz7R/jxi8fNb2n+e/4G1//25M3Kuntxbr3JubmLo9FbE8WVq4fv71vmS/L5/EPH23c/vdH/P1psd/hiMgv4gcj4qGIeLio+yMR8WhEHF0l/m9feuzttcffWXn8Z9o6/+0n+i5882Wz47d2/k9UUsPFmlbe/1qt4HpeOwAAANgq0sp34JN0ZDmdpiMj1e/wH4jd6fTM7NxTZ2fevXSm+l35wehPy5GugZrx0LFibLjMj9flj1fGjbMsy3ZV8iOTM9OdmlMHWrOnSfvP/drX7doBHdfWPFqzX7QBW5Lfa0Lv0v6hd2n/0Lu0f+hdjdr/tYilVXe63rHqAHeQz3/oXdo/9C7tH3qX9g89aT2/618tsf9Ua4XLf0DYoWpsgUTf5qhG24lIN0U11pZIN0c1qokdEdFq4Wt3rKV0+Y0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7YA6Ok=") r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0) open_by_handle_at(r2, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0) 1.165332884s ago: executing program 0 (id=932): r0 = fsopen(&(0x7f0000000080)='ncpfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)}) inotify_rm_watch(0xffffffffffffffff, 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)="6ed4f9d0f312", 0x6) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0) r1 = io_uring_setup(0x22c6, &(0x7f00000000c0)={0x0, 0xfffffffe, 0x3000, 0x0, 0xfffffffc}) r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000001c0)=0x14, 0x80800) setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000300)=@req3={0x1, 0x6, 0x1, 0xfffff676, 0x800007bf, 0x18, 0xd8}, 0x1c) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000022c0)=ANY=[@ANYBLOB="b702000008000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749da00000097f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff472558014391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d74e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00000000000000000000000000c8b8b5b137dcb7a7949e12307d1fce56fe5b76d2f3f5a7692379542e3fd9a5a7dc57e1dec0bdce65b5db59a0733c9b9da612ad"], &(0x7f0000000340)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001300)={r3, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000000)="b9ff03076844268cb8be14f088470f", 0x0, 0x20000005, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) io_uring_enter(r1, 0x0, 0xc7, 0x7, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000056, &(0x7f0000000740)={[{@minixdf}, {@usrjquota}, {@nobarrier}, {@data_journal}, {@norecovery}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@delalloc}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_nolock}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2a}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mlockall(0x2) 1.162462314s ago: executing program 3 (id=933): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x6d33, 0x1000, 0x0, 0x4000000}) syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0) 1.056965346s ago: executing program 2 (id=934): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000500000005"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x32, &(0x7f00000001c0)=ANY=[@ANYBLOB="ffffffffffffffffffffffff0800452000240001000000119078000000000001000000014e20001008008208000080000000c5fc29db44bf8719eb8ecbeba7b7f62ae745b0870d3eb797cf48b3cac4a3a4c24da1b0e19a371a377d22889b6ba2d5397bcbc512f8ed998eb447c128905088824c1bd043e6c97b4744cfb445481c8e9f030ae249443d8d29d220b2a0d4674370e66df1652783b21daca83606ace3822617cb285cfb463e864d2bb18f328961f44e3178c13571b13696b74b6bc149d5354775dd9ce538000000000000000000"], 0x0) 1.021029046s ago: executing program 3 (id=935): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x5, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x63, 0x11, 0x22}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) mq_unlink(0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000400)={0x1c, 0x76, 0x31f, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@broadcast}, @nested={0x4, 0xd}]}, 0x1c}], 0x1}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18) statx(0xffffffffffffffff, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6000, 0x4, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000100), 0x1, 0x57e, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/zGbffuV90xcUVHooKlQo3ST90OqpvYqFQg+CFw2bbSjZZEM20SbkkN6L2IOo9FJvevCoePAgXjx6ErwonoVig0LTg67MfqRpvtzUJlszvx/M7jzz7Oz/eXb2/+zMMMMGkFtHs4c04umIuJhEDKyq64t25dHW65aXFsr3lhbKSTQal35NIomIu0sL5c7rk/bzoYhYjIinIuKbYsTxdH3c+tz8+Ei1WplulwdnJqYG63PzJ65MjIxVxiqTp156+czZ02eGTw6vXu1eY3WpuL2+Xv/pxrvXv3v11o1PPzuyWH5/JIlz0d+uW92PR6n1mRTj3Jrlp3ciWA8lvW4AD6XQzvMslZ6MgSi0s34jjYFdbRqwwxr7IhpATiXyH3Kqsx+QHf92pt3c/7h9vnUAksVdbk+tmr7WuYnY3zw2Ofhb8sCRSXa8eXg3G8qetHgtIob6+tZ//5P29+/hDT2KBrKjvj7f2lDrt3+6Mv7EBuNPf+fc6T/UGf+W141/9+MXNhn/LnYZ4483fv5o0/jXIp7ZMH6yEj/ZIH4aEW91Gf/m61+e3ayu8XHEsdg4fkey9fnhwctXqpWh1uOGMb46duSVrfp/cJP4rXO2+5s/M2v6fyhr01SX/f/i28+fXdwi/gvPbb39N/r8D0TEe13G///dT17brO72teROthew3e2fLbvVZfwXzx39scuXAgAAAAAAAAAA25A2r2VL0tLKfJqWSq17eJ+Ig2m1Vp85frk2OznauubtcBTTzpVWA61ykpWH29fjdson15RPFdoBCwea5VK5Vh3tcd8BAAAAAAAAAAAAAAAAAADgcXFozf3/vxea9/+v/btqYK/a/C+/gb1O/kN+PZj/Sc/aAew+v/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwI64eOFCNjXuLS2Us/Jo39zseO3tE6OV+nhpYrZcKtemp0pjtdpYtVIq1yb+7v2SWm1qKCZnrw7OVOozg/W5+TcnarOTSXzfrK4Ud6FPAAAAAAAAAAAAAAAAAAAA8G/T35yStBQRaXM+TUuliP9GxOEoJpevVCtDEfG/iPihUNyXlYd73WgAAAAAAAAAAAAAAAAAAADYY+pz8+Mj1Wplek/O7I+IB5f0bWf1iFh8tA3L3nHbaxXb2+px+VTN5GGmxwMTAAAAAAAAAAAAAAAAAADk0P2bfrtd48+dbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdGzg+f61tf9JlgvN54h45+alD66OzMxMD2fL76wsn/mwvfxkL9oPdKuTp508BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rz82Pj1SrlekdnOl1HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexl8BAAD//5aV1q4=") pwrite64(0xffffffffffffffff, &(0x7f0000000140)='2', 0xfdef, 0xfecc) sync_file_range(0xffffffffffffffff, 0x10, 0x6, 0x7) setsockopt$inet6_tcp_int(r4, 0x6, 0x2, &(0x7f00000001c0)=0x7ff, 0x4) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f0000000000), 0x0, 0x0, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r4, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0) 966.322017ms ago: executing program 2 (id=936): r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4) cachestat(r2, &(0x7f0000000240)={0x2, 0x5}, &(0x7f0000000340), 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r4, 0x0, 0x415}, 0x18) unshare(0x64000600) unshare(0x2040400) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) syz_clone(0x200, &(0x7f00000000c0)="e6b60244ad4a5ddedfd8b523387991b81bb7ea0808973071dd88af3c7992bfccfe83b4de2cd34330e5c00b4fcedc37ba003120e4fb83b8", 0x37, &(0x7f0000000100), &(0x7f0000000180), &(0x7f00000001c0)="992db59cd0349c85c24f519648d4ccbbec21c8386d43e2be648b6b559cf7") 947.426787ms ago: executing program 1 (id=937): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x121301) ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000140)={0x60, 0x17, 0x5, 0xf92, 0x2, 0x1, &(0x7f0000000000)='es'}) ioctl$USBDEVFS_GET_SPEED(r1, 0x551f) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r0, 0x0, 0xfffffffffffffff5}, 0x18) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000180)={0x7, 0x8, 0xfa00, {r3, 0x9}}, 0x10) 928.138987ms ago: executing program 4 (id=938): fcntl$addseals(0xffffffffffffffff, 0x409, 0xc) r0 = io_uring_setup(0x6f6, &(0x7f0000005100)={0x0, 0x0, 0x802}) socket$nl_generic(0x10, 0x3, 0x10) remap_file_pages(&(0x7f00005f4000/0x3000)=nil, 0xa00, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, 0x0, 0x6, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0900000001000000e27f00000100000012", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000740), 0x80000002, r1}, 0x38) mremap(&(0x7f00003c9000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f00001de000/0x2000)=nil) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0xffffffff}, 0x100, 0x5dd8, 0x3a65, 0x9, 0x0, 0x8, 0x8, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0x8) prctl$PR_SET_IO_FLUSHER(0x39, 0x1) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) socket$nl_route(0x10, 0x3, 0x0) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, 0x0, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305829, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x80}) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) 760.2787ms ago: executing program 1 (id=939): openat(0xffffffffffffff9c, 0x0, 0x143042, 0x58) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) r1 = socket(0x2, 0x80805, 0x0) socket$rds(0x15, 0x5, 0x0) r2 = socket(0x15, 0x5, 0x0) bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) getsockopt(r2, 0x200000000114, 0x2716, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00'}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x8, 0x3, 0x4c0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f0, 0xffffffff, 0xffffffff, 0x3f0, 0xffffffff, 0xb, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x1a}, @dev={0xfe, 0x80, '\x00', 0x28}, [0xffffff00, 0xffffff00, 0x0, 0xff000000], [0xff, 0x0, 0x9f19fd7a5e924fa7, 0xff], 'macvtap0\x00', 'bridge0\x00', {0xff}, {0xff}, 0x2b, 0x7, 0x5, 0x10}, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1c8, 0x230, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@tcpmss={{0x28}, {0x39d3, 0x9, 0x1}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = socket$kcm(0x29, 0x2, 0x0) setxattr$incfs_size(&(0x7f0000000240)='./file0\x00', &(0x7f0000001240), &(0x7f0000001340)=0x3, 0x8, 0x1) write$cgroup_pressure(r3, &(0x7f0000000140)={'full'}, 0xfffffdef) sendmmsg$inet(r1, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)}, 0x20000000}], 0x1, 0x0) sendmsg$IPSET_CMD_TYPE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000000d080000000000000000010007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x810}, 0x40004) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r5 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800050030000000600000001228290081e949b93897bc3b0000000040007d01ff020000000000000000000000000001"], 0xfdef) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5, 0xffffffff}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0xffffffff, 0x1, 0x0, 0xfffffffd}, {0x2, 0x0, 0x400000, 0x0, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x1000, 0x0, 0x0, 0x0, 0x20}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x100, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff}, {}, {}, {}, {0xffffffff, 0x0, 0x20000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x1}, {0x80}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3, 0x4}, {}, {0x0, 0xfffffff9}, {0x0, 0x15, 0x0, 0x48510}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xd, 0xffffffff}, {}, {}, {0x0, 0xfffefffd}, {0x0, 0xffffffff, 0x0, 0xfffffffe}, {}, {0x5}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0x0, 0x200}, {}, {}, {0x5}, {0x0, 0x0, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfb4}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x40, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x4, 0x9}, {0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x800000, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x6, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x2, 0x0, 0x20000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x295}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x0, 0x1, 0xfffffff7}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x5}, {}, {0xfffffffe, 0x0, 0x0, 0x0, 0x8000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x8000, 0x7fffffff}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7dff800}], [{}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {0x3, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x2, 0x1}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x7, 0x1}, {}, {}, {0x1}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10) r8 = socket(0x40000000015, 0x5, 0x0) bind$inet(r8, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10) recvmmsg(r8, &(0x7f0000000d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60010020, 0x0) 751.63934ms ago: executing program 2 (id=940): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kmem_cache_free\x00', r1, 0x0, 0xd22}, 0x17) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r2, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112) 669.476271ms ago: executing program 2 (id=941): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_adj\x00') r1 = socket(0x400000000010, 0x0, 0x2) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}}, 0x24}}, 0x0) write$tun(r0, 0x0, 0xfce) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000040000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x24044, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x1100, 0x5dd9, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xf, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, 0x0, 0x0) getresuid(&(0x7f0000000000)=0x0, &(0x7f0000000080), &(0x7f00000000c0)) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xb00000, &(0x7f00000009c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@acl}], [{@subj_user={'subj_user', 0x3d, 'rootcontext'}}, {@euid_lt={'euid<', 0xffffffffffffffff}}, {@fowner_gt={'fowner>', 0xee01}}, {@uid_lt={'uid<', r2}}, {@measure}, {@euid_lt={'euid<', r2}}, {@smackfsfloor={'smackfsfloor', 0x3d, ',@@'}}, {@subj_type}]}, 0x43, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==") open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x3) socket(0x17, 0x1, 0x7ff) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) semtimedop(0x0, &(0x7f00000002c0)=[{0x0, 0x3}, {0x3}, {0x2, 0x8001}], 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) sync() getpid() semctl$IPC_RMID(0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0xfe, 0x7fff0000}]}) mq_unlink(0x0) 560.224313ms ago: executing program 3 (id=942): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x18) r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802) writev(r1, &(0x7f0000000000), 0x0) read(r1, 0x0, 0x0) 480.778803ms ago: executing program 4 (id=943): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) r3 = semget$private(0x0, 0x2, 0x24) semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000000)) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) readv(r4, &(0x7f0000000240)=[{&(0x7f0000000040)=""/3, 0x3}], 0x1) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRES32=r3, @ANYRES32=r1], 0x50) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000a40)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000080000000200000ffffdffff0e00000000000000030000000700000003000000fffdffff00000000000000002e"], 0x0, 0x46, 0x0, 0x8, 0xfffffffe}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = shmget$private(0x0, 0x4000, 0x20, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_SET(r6, 0x1, &(0x7f0000000580)={{0x1, 0x0, 0x0, 0x0, 0x0, 0xa, 0xfffd}, 0x80000001, 0x80, 0x2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff, 0xfff2}) shmctl$IPC_STAT(r6, 0x2, &(0x7f0000000340)=""/189) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) semctl$GETALL(0x0, 0x0, 0xd, &(0x7f00000030c0)=""/4096) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, 0x0) r7 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r2, &(0x7f0000000140)) 316.652596ms ago: executing program 0 (id=944): openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18) syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0), 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP") r1 = open(0x0, 0x100, 0x123) copy_file_range(r1, 0x0, 0xffffffffffffffff, 0x0, 0x3df1, 0x0) r2 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169) pwritev2(r2, &(0x7f0000000240)=[{0x0}], 0x1, 0x2000, 0x0, 0x3) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) 244.690907ms ago: executing program 0 (id=945): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000ac0)="$eJzs3EtvG0UcAPD/bpq+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRKqIpQuWI+gmAIxKfgBNcEHACcYU7QqpQLgQOaNHau6lx7GAncZ3g30/aeGZ31jt/7449O2MngJ41lP9JIvZGxM8RMRARffUFhqoPS4vzk38uzk8mkWWv/57ku8Ufi/OTZdGkeNxTZIbTiPTDJA43OO7slasXJqanpy4X+dG5i++Mzl65+sz5ixPnps5NXRo/efLE8bHnnxt/dkPi3JfX9dD7M0cOnnrz5quTp2++9d0XeX33Fttr46gaXPcxh2Jo+TWp9/i6n31z2VeTTrZ1sSK0JW/r+enqr7T/geiL2ydvIF75oKuVAzoqy7Jsx4q1yz2AhQz4H0ui2zUAuqP8oM/vf8vlDnY/uu7Wi9UboDzupWKpbtkWaVGmv+7+diMNRcTphb8+yZdoOA4BALCxvsr7P0836v+lcV9NubuKuaHBiLg7IvZHxD0RcSAi7o2olL0/Ih5o8/hDdfmV/Z8fd60psBbl/b8Xirmtf/f/yt5fDPYVuX2V+PuTs+enp44Vr8lw9O/I82OrHOPrl3/6uNm22v5fviz1x2TZFyzq8du2ugG6MxNzE+uJudat65UxwGsr40+WZwKSiDgYEYfW8Pw7I+L8k58fabZ9RfyL83Xxr2ID5pmyzyKeqJ7/haiLv5SsPj85ujOmp46NllfFSt//cOO1ZsdfV/wbID//uxte/8vxDya187Wz7R/jxi8fNb2n+e/4G1//25M3Kuntxbr3JubmLo9FbE8WVq4fv71vmS/L5/EPH23c/vdH/P1psd/hiMgv4gcj4qGIeLio+yMR8WhEHF0l/m9feuzttcffWXn8Z9o6/+0n+i5882Wz47d2/k9UUsPFmlbe/1qt4HpeOwAAANgq0sp34JN0ZDmdpiMj1e/wH4jd6fTM7NxTZ2fevXSm+l35wehPy5GugZrx0LFibLjMj9flj1fGjbMsy3ZV8iOTM9OdmlMHWrOnSfvP/drX7doBHdfWPFqzX7QBW5Lfa0Lv0v6hd2n/0Lu0f+hdjdr/tYilVXe63rHqAHeQz3/oXdo/9C7tH3qX9g89aT2/618tsf9Ua4XLf0DYoWpsgUTf5qhG24lIN0U11pZIN0c1qokdEdFq4Wt3rKV0+Y0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7YA6Ok=") r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0) open_by_handle_at(r2, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0) 78.356619ms ago: executing program 2 (id=946): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000500000005"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x32, &(0x7f00000001c0)=ANY=[@ANYBLOB="ffffffffffffffffffffffff0800452000240001000000119078000000000001000000014e20001008008208000080000000c5fc29db44bf8719eb8ecbeba7b7f62ae745b0870d3eb797cf48b3cac4a3a4c24da1b0e19a371a377d22889b6ba2d5397bcbc512f8ed998eb447c128905088824c1bd043e6c97b4744cfb445481c8e9f030ae249443d8d29d220b2a0d4674370e66df1652783b21daca83606ace3822617cb285cfb463e864d2bb18f328961f44e3178c13571b13696b74b6bc149d5354775dd9ce538000000000000000000"], 0x0) 68.525859ms ago: executing program 3 (id=947): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x6d33, 0x1000, 0x0, 0x4000000}) syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 0 (id=948): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xfffffffffffffff7, 0x1ff}, 0x106263, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="10000000040000000400", @ANYRES32, @ANYBLOB="0000f7ff2300", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x3c, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x8}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x101}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10000047}, 0x0) dup(0xffffffffffffffff) mbind(&(0x7f0000188000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x1, 0x1) r3 = syz_open_dev$usbfs(0x0, 0x77, 0x41341) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, 0x0, 0x0) fsetxattr$security_capability(r3, 0x0, &(0x7f00000003c0)=@v2={0x2000000, [{0x80000000, 0x6}, {0x0, 0xfffffffd}]}, 0x14, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001d000100000000000000000007000000fc46119bf4573fdb309a18579ed2e272d18821ac0294923437422ace858698d01cbee84a4df7de5f3d4b5967058116d0944aa3dddc2054580a81fb72816ab2", @ANYRES32=r5, @ANYBLOB="800002000a000200"], 0x28}}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): yzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) [ 64.602168][ T4779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 64.602234][ T4779] Call Trace: [ 64.602239][ T4779] [ 64.602244][ T4779] __dump_stack+0x1d/0x30 [ 64.602257][ T4779] dump_stack_lvl+0xe8/0x140 [ 64.602267][ T4779] dump_stack+0x15/0x1b [ 64.602276][ T4779] dump_header+0x81/0x220 [ 64.602359][ T4779] oom_kill_process+0x334/0x3f0 [ 64.602382][ T4779] out_of_memory+0x979/0xb80 [ 64.602398][ T4779] try_charge_memcg+0x5e6/0x9e0 [ 64.602436][ T4779] obj_cgroup_charge_pages+0xa6/0x150 [ 64.602452][ T4779] __memcg_kmem_charge_page+0x9f/0x170 [ 64.602468][ T4779] __alloc_frozen_pages_noprof+0x188/0x360 [ 64.602517][ T4779] alloc_pages_mpol+0xb3/0x250 [ 64.602534][ T4779] alloc_pages_noprof+0x90/0x130 [ 64.602550][ T4779] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 64.602631][ T4779] __kvmalloc_node_noprof+0x30f/0x4e0 [ 64.602726][ T4779] ? ip_set_alloc+0x1f/0x30 [ 64.602742][ T4779] ? ip_set_alloc+0x1f/0x30 [ 64.602756][ T4779] ? __kmalloc_cache_noprof+0x189/0x320 [ 64.602848][ T4779] ip_set_alloc+0x1f/0x30 [ 64.602864][ T4779] hash_netiface_create+0x282/0x740 [ 64.602892][ T4779] ? __pfx_hash_netiface_create+0x10/0x10 [ 64.602908][ T4779] ip_set_create+0x3cc/0x960 [ 64.602929][ T4779] ? __nla_parse+0x40/0x60 [ 64.602956][ T4779] nfnetlink_rcv_msg+0x4c3/0x590 [ 64.602978][ T4779] ? selinux_capable+0x1f9/0x270 [ 64.603033][ T4779] netlink_rcv_skb+0x123/0x220 [ 64.603079][ T4779] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 64.603098][ T4779] nfnetlink_rcv+0x16b/0x1690 [ 64.603112][ T4779] ? __kfree_skb+0x109/0x150 [ 64.603130][ T4779] ? nlmon_xmit+0x4f/0x60 [ 64.603142][ T4779] ? consume_skb+0x49/0x150 [ 64.603198][ T4779] ? nlmon_xmit+0x4f/0x60 [ 64.603209][ T4779] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 64.603307][ T4779] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 64.603323][ T4779] ? __dev_queue_xmit+0x182/0x1fb0 [ 64.603407][ T4779] ? ref_tracker_free+0x37d/0x3e0 [ 64.603425][ T4779] ? __netlink_deliver_tap+0x4dc/0x500 [ 64.603443][ T4779] netlink_unicast+0x59e/0x670 [ 64.603529][ T4779] netlink_sendmsg+0x58b/0x6b0 [ 64.603540][ T4779] ? __pfx_netlink_sendmsg+0x10/0x10 [ 64.603550][ T4779] __sock_sendmsg+0x145/0x180 [ 64.603599][ T4779] ____sys_sendmsg+0x31e/0x4e0 [ 64.603627][ T4779] ___sys_sendmsg+0x17b/0x1d0 [ 64.603649][ T4779] __x64_sys_sendmsg+0xd4/0x160 [ 64.603668][ T4779] x64_sys_call+0x2999/0x2fb0 [ 64.603727][ T4779] do_syscall_64+0xd2/0x200 [ 64.603737][ T4779] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 64.603752][ T4779] ? clear_bhb_loop+0x40/0x90 [ 64.603764][ T4779] ? clear_bhb_loop+0x40/0x90 [ 64.603775][ T4779] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.603792][ T4779] RIP: 0033:0x7f3939f1e929 [ 64.603802][ T4779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.603812][ T4779] RSP: 002b:00007f3938587038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 64.603901][ T4779] RAX: ffffffffffffffda RBX: 00007f393a145fa0 RCX: 00007f3939f1e929 [ 64.603912][ T4779] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005 [ 64.603919][ T4779] RBP: 00007f3939fa0b39 R08: 0000000000000000 R09: 0000000000000000 [ 64.603926][ T4779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 64.603933][ T4779] R13: 0000000000000000 R14: 00007f393a145fa0 R15: 00007fffc3063658 [ 64.603942][ T4779] [ 64.603946][ T4779] memory: usage 307200kB, limit 307200kB, failcnt 7231 [ 64.956000][ T4779] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0 [ 64.963906][ T4779] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 64.971184][ T4779] Memory cgroup stats for /syz4: [ 64.971825][ T4779] cache 0 [ 64.979738][ T4779] rss 0 [ 64.982507][ T4779] shmem 0 [ 64.985439][ T4779] mapped_file 0 [ 64.988934][ T4779] dirty 0 [ 64.991920][ T4779] writeback 0 [ 64.995198][ T4779] workingset_refault_anon 197 [ 64.999959][ T4779] workingset_refault_file 268 [ 65.004684][ T4779] swap 196608 [ 65.007959][ T4779] swapcached 4096 [ 65.011597][ T4779] pgpgin 58240 [ 65.014948][ T4779] pgpgout 58239 [ 65.018384][ T4779] pgfault 75376 [ 65.021842][ T4779] pgmajfault 76 [ 65.025280][ T4779] inactive_anon 0 [ 65.028947][ T4779] active_anon 4096 [ 65.032674][ T4779] inactive_file 0 [ 65.036295][ T4779] active_file 0 [ 65.039817][ T4779] unevictable 0 [ 65.043274][ T4779] hierarchical_memory_limit 314572800 [ 65.048721][ T4779] hierarchical_memsw_limit 9223372036854771712 [ 65.054897][ T4779] total_cache 0 [ 65.058350][ T4779] total_rss 0 [ 65.061661][ T4779] total_shmem 0 [ 65.065139][ T4779] total_mapped_file 0 [ 65.069115][ T4779] total_dirty 0 [ 65.070733][ T4803] netlink: 12 bytes leftover after parsing attributes in process `syz.0.433'. [ 65.072630][ T4779] total_writeback 0 [ 65.085280][ T4779] total_workingset_refault_anon 197 [ 65.090600][ T4779] total_workingset_refault_file 268 [ 65.095776][ T4779] total_swap 196608 [ 65.099601][ T4779] total_swapcached 4096 [ 65.103748][ T4779] total_pgpgin 69737 [ 65.107631][ T4779] total_pgpgout 69736 [ 65.111699][ T4779] total_pgfault 87023 [ 65.115660][ T4779] total_pgmajfault 142 [ 65.119743][ T4779] total_inactive_anon 0 [ 65.123954][ T4779] total_active_anon 4096 [ 65.128175][ T4779] total_inactive_file 0 [ 65.132352][ T4779] total_active_file 0 [ 65.136413][ T4779] total_unevictable 0 [ 65.140435][ T4779] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4/syz1,task=syz.4.426,pid=4778,uid=0 [ 65.155398][ T4779] Memory cgroup out of memory: Killed process 4778 (syz.4.426) total-vm:93884kB, anon-rss:932kB, file-rss:22312kB, shmem-rss:128kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 65.457913][ T4815] loop0: detected capacity change from 0 to 1024 [ 65.468046][ T4815] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 65.480458][ T4815] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 65.488566][ T4815] EXT4-fs (loop0): orphan cleanup on readonly fs [ 65.495655][ T4815] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.439: bg 0: block 10: padding at end of block bitmap is not set [ 65.515943][ T4820] loop3: detected capacity change from 0 to 1024 [ 65.533623][ T4815] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.439: Failed to acquire dquot type 0 [ 65.553680][ T4815] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.439: Failed to acquire dquot type 0 [ 65.565188][ T4815] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.439: Freeing blocks not in datazone - block = 0, count = 4096 [ 65.578929][ T4815] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.439: Failed to acquire dquot type 0 [ 65.592049][ T4815] EXT4-fs (loop0): 1 orphan inode deleted [ 65.630163][ T4815] EXT4-fs mount: 74 callbacks suppressed [ 65.630176][ T4815] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 65.663965][ T4831] netlink: 12 bytes leftover after parsing attributes in process `syz.1.444'. [ 65.693854][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.382600][ T29] kauditd_printk_skb: 321 callbacks suppressed [ 66.382613][ T29] audit: type=1326 audit(1751491077.201:11255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4827 comm="syz.2.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb65892e929 code=0x7fc00000 [ 66.429236][ T4846] syz.1.451 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 66.443316][ T4846] CPU: 0 UID: 0 PID: 4846 Comm: syz.1.451 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) [ 66.443346][ T4846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 66.443359][ T4846] Call Trace: [ 66.443365][ T4846] [ 66.443372][ T4846] __dump_stack+0x1d/0x30 [ 66.443411][ T4846] dump_stack_lvl+0xe8/0x140 [ 66.443479][ T4846] dump_stack+0x15/0x1b [ 66.443497][ T4846] dump_header+0x81/0x220 [ 66.443594][ T4846] oom_kill_process+0x334/0x3f0 [ 66.443627][ T4846] out_of_memory+0x979/0xb80 [ 66.443671][ T4846] try_charge_memcg+0x5e6/0x9e0 [ 66.443693][ T4846] obj_cgroup_charge_pages+0xa6/0x150 [ 66.443779][ T4846] __memcg_kmem_charge_page+0x9f/0x170 [ 66.443809][ T4846] __alloc_frozen_pages_noprof+0x188/0x360 [ 66.443973][ T4846] alloc_pages_mpol+0xb3/0x250 [ 66.444006][ T4846] alloc_pages_noprof+0x90/0x130 [ 66.444036][ T4846] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 66.444068][ T4846] __kvmalloc_node_noprof+0x30f/0x4e0 [ 66.444130][ T4846] ? ip_set_alloc+0x1f/0x30 [ 66.444152][ T4846] ? ip_set_alloc+0x1f/0x30 [ 66.444243][ T4846] ? __kmalloc_cache_noprof+0x189/0x320 [ 66.444266][ T4846] ip_set_alloc+0x1f/0x30 [ 66.444328][ T4846] hash_netiface_create+0x282/0x740 [ 66.444358][ T4846] ? __pfx_hash_netiface_create+0x10/0x10 [ 66.444383][ T4846] ip_set_create+0x3cc/0x960 [ 66.444485][ T4846] ? __nla_parse+0x40/0x60 [ 66.444563][ T4846] nfnetlink_rcv_msg+0x4c3/0x590 [ 66.444599][ T4846] ? selinux_capable+0x1f9/0x270 [ 66.444664][ T4846] netlink_rcv_skb+0x123/0x220 [ 66.444761][ T4846] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 66.444791][ T4846] nfnetlink_rcv+0x16b/0x1690 [ 66.444817][ T4846] ? __kfree_skb+0x109/0x150 [ 66.444914][ T4846] ? nlmon_xmit+0x4f/0x60 [ 66.444934][ T4846] ? consume_skb+0x49/0x150 [ 66.445035][ T4846] ? nlmon_xmit+0x4f/0x60 [ 66.445057][ T4846] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 66.445171][ T4846] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 66.445203][ T4846] ? __dev_queue_xmit+0x182/0x1fb0 [ 66.445268][ T4846] ? ref_tracker_free+0x37d/0x3e0 [ 66.445302][ T4846] ? __netlink_deliver_tap+0x4dc/0x500 [ 66.445351][ T4846] netlink_unicast+0x59e/0x670 [ 66.445382][ T4846] netlink_sendmsg+0x58b/0x6b0 [ 66.445404][ T4846] ? __pfx_netlink_sendmsg+0x10/0x10 [ 66.445423][ T4846] __sock_sendmsg+0x145/0x180 [ 66.445453][ T4846] ____sys_sendmsg+0x31e/0x4e0 [ 66.445538][ T4846] ___sys_sendmsg+0x17b/0x1d0 [ 66.445570][ T4846] __x64_sys_sendmsg+0xd4/0x160 [ 66.445654][ T4846] x64_sys_call+0x2999/0x2fb0 [ 66.445676][ T4846] do_syscall_64+0xd2/0x200 [ 66.445693][ T4846] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 66.445715][ T4846] ? clear_bhb_loop+0x40/0x90 [ 66.445770][ T4846] ? clear_bhb_loop+0x40/0x90 [ 66.445792][ T4846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.445879][ T4846] RIP: 0033:0x7fdff28be929 [ 66.445892][ T4846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.445911][ T4846] RSP: 002b:00007fdff0f27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 66.445931][ T4846] RAX: ffffffffffffffda RBX: 00007fdff2ae5fa0 RCX: 00007fdff28be929 [ 66.445977][ T4846] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005 [ 66.445991][ T4846] RBP: 00007fdff2940b39 R08: 0000000000000000 R09: 0000000000000000 [ 66.446004][ T4846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 66.446018][ T4846] R13: 0000000000000000 R14: 00007fdff2ae5fa0 R15: 00007ffd54aede88 [ 66.446036][ T4846] [ 66.446043][ T4846] memory: usage 307200kB, limit 307200kB, failcnt 8019 [ 66.637590][ T4861] netlink: 12 bytes leftover after parsing attributes in process `syz.2.455'. [ 66.641286][ T4846] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0 [ 66.641302][ T4846] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0 [ 66.822134][ T4846] Memory cgroup stats for /syz1: [ 66.822754][ T4846] cache 0 [ 66.830666][ T4846] rss 0 [ 66.833424][ T4846] shmem 0 [ 66.836336][ T4846] mapped_file 0 [ 66.839794][ T4846] dirty 0 [ 66.842709][ T4846] writeback 0 [ 66.845992][ T4846] workingset_refault_anon 161 [ 66.850659][ T4846] workingset_refault_file 345 [ 66.855394][ T4846] swap 176128 [ 66.858653][ T4846] swapcached 24576 [ 66.862462][ T4846] pgpgin 54678 [ 66.865865][ T4846] pgpgout 54672 [ 66.869356][ T4846] pgfault 67693 [ 66.872843][ T4846] pgmajfault 66 [ 66.876280][ T4846] inactive_anon 24576 [ 66.880300][ T4846] active_anon 0 [ 66.883804][ T4846] inactive_file 0 [ 66.887408][ T4846] active_file 0 [ 66.890935][ T4846] unevictable 0 [ 66.894372][ T4846] hierarchical_memory_limit 314572800 [ 66.899823][ T4846] hierarchical_memsw_limit 9223372036854771712 [ 66.905964][ T4846] total_cache 0 [ 66.909398][ T4846] total_rss 0 [ 66.912689][ T4846] total_shmem 0 [ 66.916144][ T4846] total_mapped_file 0 [ 66.920114][ T4846] total_dirty 0 [ 66.923627][ T4846] total_writeback 0 [ 66.927461][ T4846] total_workingset_refault_anon 161 [ 66.932734][ T4846] total_workingset_refault_file 415 [ 66.937923][ T4846] total_swap 176128 [ 66.941839][ T4846] total_swapcached 24576 [ 66.946060][ T4846] total_pgpgin 74916 [ 66.949962][ T4846] total_pgpgout 74910 [ 66.953952][ T4846] total_pgfault 87915 [ 66.957912][ T4846] total_pgmajfault 107 [ 66.961971][ T4846] total_inactive_anon 24576 [ 66.966450][ T4846] total_active_anon 0 [ 66.970462][ T4846] total_inactive_file 0 [ 66.974590][ T4846] total_active_file 0 [ 66.978543][ T4846] total_unevictable 0 [ 66.982516][ T4846] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1/syz1,task=syz.1.451,pid=4845,uid=0 [ 66.997517][ T4846] Memory cgroup out of memory: Killed process 4845 (syz.1.451) total-vm:93884kB, anon-rss:1060kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000 [ 67.292493][ T4871] loop1: detected capacity change from 0 to 1024 [ 67.299761][ T4871] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 67.313037][ T4871] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 67.321048][ T4871] EXT4-fs (loop1): orphan cleanup on readonly fs [ 67.329386][ T4871] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.459: bg 0: block 10: padding at end of block bitmap is not set [ 67.346006][ T4871] Quota error (device loop1): write_blk: dquota write failed [ 67.353444][ T4871] Quota error (device loop1): find_free_dqentry: Can't write quota data block 3 [ 67.362599][ T4871] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 67.372532][ T4871] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.459: Failed to acquire dquot type 0 [ 67.383870][ T4871] Quota error (device loop1): write_blk: dquota write failed [ 67.391385][ T4871] Quota error (device loop1): find_free_dqentry: Can't write quota data block 3 [ 67.400455][ T4871] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 67.410349][ T4871] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.459: Failed to acquire dquot type 0 [ 67.421865][ T4871] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.459: Freeing blocks not in datazone - block = 0, count = 4096 [ 67.435360][ T4871] Quota error (device loop1): write_blk: dquota write failed [ 67.442768][ T4871] Quota error (device loop1): find_free_dqentry: Can't write quota data block 3 [ 67.451893][ T4871] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 67.461728][ T4871] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.459: Failed to acquire dquot type 0 [ 67.473018][ T4871] EXT4-fs (loop1): 1 orphan inode deleted [ 67.478744][ T4886] loop2: detected capacity change from 0 to 1024 [ 67.487640][ T4871] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 67.492439][ T4890] netlink: 12 bytes leftover after parsing attributes in process `syz.3.467'. [ 67.550484][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.287502][ T4899] syz.1.470 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 68.301589][ T4899] CPU: 1 UID: 0 PID: 4899 Comm: syz.1.470 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) [ 68.301725][ T4899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 68.301767][ T4899] Call Trace: [ 68.301772][ T4899] [ 68.301778][ T4899] __dump_stack+0x1d/0x30 [ 68.301800][ T4899] dump_stack_lvl+0xe8/0x140 [ 68.301825][ T4899] dump_stack+0x15/0x1b [ 68.301843][ T4899] dump_header+0x81/0x220 [ 68.301944][ T4899] oom_kill_process+0x334/0x3f0 [ 68.301974][ T4899] out_of_memory+0x979/0xb80 [ 68.302005][ T4899] try_charge_memcg+0x5e6/0x9e0 [ 68.302105][ T4899] obj_cgroup_charge_pages+0xa6/0x150 [ 68.302132][ T4899] __memcg_kmem_charge_page+0x9f/0x170 [ 68.302175][ T4899] __alloc_frozen_pages_noprof+0x188/0x360 [ 68.302208][ T4899] alloc_pages_mpol+0xb3/0x250 [ 68.302305][ T4899] alloc_pages_noprof+0x90/0x130 [ 68.302331][ T4899] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 68.302386][ T4899] __kvmalloc_node_noprof+0x30f/0x4e0 [ 68.302477][ T4899] ? ip_set_alloc+0x1f/0x30 [ 68.302528][ T4899] ? ip_set_alloc+0x1f/0x30 [ 68.302549][ T4899] ? hash_netiface_create+0x21b/0x740 [ 68.302573][ T4899] ? __kmalloc_cache_noprof+0x189/0x320 [ 68.302614][ T4899] ip_set_alloc+0x1f/0x30 [ 68.302706][ T4899] hash_netiface_create+0x282/0x740 [ 68.302733][ T4899] ? __pfx_hash_netiface_create+0x10/0x10 [ 68.302810][ T4899] ip_set_create+0x3cc/0x960 [ 68.302847][ T4899] ? __nla_parse+0x40/0x60 [ 68.302868][ T4899] nfnetlink_rcv_msg+0x4c3/0x590 [ 68.302938][ T4899] ? selinux_capable+0x1f9/0x270 [ 68.302963][ T4899] netlink_rcv_skb+0x123/0x220 [ 68.302989][ T4899] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 68.303040][ T4899] nfnetlink_rcv+0x16b/0x1690 [ 68.303130][ T4899] ? __kfree_skb+0x109/0x150 [ 68.303226][ T4899] ? nlmon_xmit+0x4f/0x60 [ 68.303293][ T4899] ? consume_skb+0x49/0x150 [ 68.303318][ T4899] ? nlmon_xmit+0x4f/0x60 [ 68.303342][ T4899] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 68.303449][ T4899] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 68.303478][ T4899] ? __dev_queue_xmit+0x182/0x1fb0 [ 68.303524][ T4899] ? ref_tracker_free+0x37d/0x3e0 [ 68.303594][ T4899] ? __netlink_deliver_tap+0x4dc/0x500 [ 68.303674][ T4899] netlink_unicast+0x59e/0x670 [ 68.303703][ T4899] netlink_sendmsg+0x58b/0x6b0 [ 68.303721][ T4899] ? __pfx_netlink_sendmsg+0x10/0x10 [ 68.303738][ T4899] __sock_sendmsg+0x145/0x180 [ 68.303831][ T4899] ____sys_sendmsg+0x31e/0x4e0 [ 68.303862][ T4899] ___sys_sendmsg+0x17b/0x1d0 [ 68.303887][ T4899] ? _raw_spin_unlock_irqrestore+0x2b/0x60 [ 68.303934][ T4899] __x64_sys_sendmsg+0xd4/0x160 [ 68.303966][ T4899] x64_sys_call+0x2999/0x2fb0 [ 68.303986][ T4899] do_syscall_64+0xd2/0x200 [ 68.304042][ T4899] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 68.304070][ T4899] ? clear_bhb_loop+0x40/0x90 [ 68.304089][ T4899] ? clear_bhb_loop+0x40/0x90 [ 68.304187][ T4899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.304210][ T4899] RIP: 0033:0x7fdff28be929 [ 68.304227][ T4899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.304244][ T4899] RSP: 002b:00007fdff0f27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.304260][ T4899] RAX: ffffffffffffffda RBX: 00007fdff2ae5fa0 RCX: 00007fdff28be929 [ 68.304271][ T4899] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005 [ 68.304354][ T4899] RBP: 00007fdff2940b39 R08: 0000000000000000 R09: 0000000000000000 [ 68.304368][ T4899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 68.304478][ T4899] R13: 0000000000000000 R14: 00007fdff2ae5fa0 R15: 00007ffd54aede88 [ 68.304494][ T4899] [ 68.304500][ T4899] memory: usage 307200kB, limit 307200kB, failcnt 10995 [ 68.667698][ T4899] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0 [ 68.675653][ T4899] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 68.682922][ T4899] Memory cgroup stats for /syz1: [ 68.683226][ T4899] cache 0 [ 68.691195][ T4899] rss 0 [ 68.694036][ T4899] shmem 0 [ 68.696965][ T4899] mapped_file 0 [ 68.700538][ T4899] dirty 0 [ 68.703465][ T4899] writeback 0 [ 68.706730][ T4899] workingset_refault_anon 249 [ 68.711530][ T4899] workingset_refault_file 507 [ 68.716225][ T4899] swap 200704 [ 68.719486][ T4899] swapcached 0 [ 68.722870][ T4899] pgpgin 58062 [ 68.726219][ T4899] pgpgout 58062 [ 68.729655][ T4899] pgfault 71064 [ 68.733114][ T4899] pgmajfault 110 [ 68.736636][ T4899] inactive_anon 0 [ 68.740344][ T4899] active_anon 0 [ 68.743793][ T4899] inactive_file 0 [ 68.747401][ T4899] active_file 0 [ 68.750937][ T4899] unevictable 0 [ 68.754372][ T4899] hierarchical_memory_limit 314572800 [ 68.759736][ T4899] hierarchical_memsw_limit 9223372036854771712 [ 68.765868][ T4899] total_cache 0 [ 68.769350][ T4899] total_rss 0 [ 68.772635][ T4899] total_shmem 0 [ 68.776084][ T4899] total_mapped_file 0 [ 68.780113][ T4899] total_dirty 0 [ 68.783559][ T4899] total_writeback 0 [ 68.787352][ T4899] total_workingset_refault_anon 249 [ 68.792556][ T4899] total_workingset_refault_file 577 [ 68.797779][ T4899] total_swap 200704 [ 68.801648][ T4899] total_swapcached 0 [ 68.805522][ T4899] total_pgpgin 81170 [ 68.809397][ T4899] total_pgpgout 81170 [ 68.813378][ T4899] total_pgfault 94173 [ 68.817420][ T4899] total_pgmajfault 162 [ 68.821483][ T4899] total_inactive_anon 0 [ 68.825625][ T4899] total_active_anon 0 [ 68.829585][ T4899] total_inactive_file 0 [ 68.833744][ T4899] total_active_file 0 [ 68.837703][ T4899] total_unevictable 0 [ 68.841673][ T4899] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1/syz1,task=syz.1.470,pid=4897,uid=0 [ 68.856623][ T4899] Memory cgroup out of memory: Killed process 4897 (syz.1.470) total-vm:93884kB, anon-rss:1064kB, file-rss:22312kB, shmem-rss:128kB, UID:0 pgtables:144kB oom_score_adj:1000 [ 68.937117][ T4924] netlink: 12 bytes leftover after parsing attributes in process `syz.4.479'. [ 69.058897][ T4926] loop4: detected capacity change from 0 to 1024 [ 69.070042][ T4926] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 69.087225][ T4926] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 69.089938][ T4929] loop1: detected capacity change from 0 to 1024 [ 69.095228][ T4926] EXT4-fs (loop4): orphan cleanup on readonly fs [ 69.111275][ T4926] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.480: bg 0: block 10: padding at end of block bitmap is not set [ 69.125738][ T4926] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.480: Failed to acquire dquot type 0 [ 69.151146][ T4926] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.480: Failed to acquire dquot type 0 [ 69.162878][ T4926] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.480: Freeing blocks not in datazone - block = 0, count = 4096 [ 69.178443][ T4926] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.480: Failed to acquire dquot type 0 [ 69.191926][ T4926] EXT4-fs (loop4): 1 orphan inode deleted [ 69.198463][ T4926] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 69.255065][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.342015][ T4954] netlink: 12 bytes leftover after parsing attributes in process `syz.2.491'. [ 69.538042][ T4965] loop3: detected capacity change from 0 to 1024 [ 69.550455][ T4965] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 69.561377][ T4965] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 69.569409][ T4965] EXT4-fs (loop3): orphan cleanup on readonly fs [ 69.576419][ T4965] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.496: bg 0: block 10: padding at end of block bitmap is not set [ 69.590920][ T4965] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.496: Failed to acquire dquot type 0 [ 69.602269][ T4965] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.496: Failed to acquire dquot type 0 [ 69.613583][ T4965] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.496: Freeing blocks not in datazone - block = 0, count = 4096 [ 69.627079][ T4965] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.496: Failed to acquire dquot type 0 [ 69.638426][ T4965] EXT4-fs (loop3): 1 orphan inode deleted [ 69.646221][ T4965] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 69.720608][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.215345][ T4963] syz.2.494 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 70.229418][ T4963] CPU: 0 UID: 0 PID: 4963 Comm: syz.2.494 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) [ 70.229516][ T4963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 70.229529][ T4963] Call Trace: [ 70.229536][ T4963] [ 70.229544][ T4963] __dump_stack+0x1d/0x30 [ 70.229566][ T4963] dump_stack_lvl+0xe8/0x140 [ 70.229595][ T4963] dump_stack+0x15/0x1b [ 70.229628][ T4963] dump_header+0x81/0x220 [ 70.229655][ T4963] oom_kill_process+0x334/0x3f0 [ 70.229685][ T4963] out_of_memory+0x979/0xb80 [ 70.229710][ T4963] try_charge_memcg+0x5e6/0x9e0 [ 70.229759][ T4963] obj_cgroup_charge_pages+0xa6/0x150 [ 70.229848][ T4963] __memcg_kmem_charge_page+0x9f/0x170 [ 70.229872][ T4963] __alloc_frozen_pages_noprof+0x188/0x360 [ 70.229996][ T4963] alloc_pages_mpol+0xb3/0x250 [ 70.230021][ T4963] alloc_pages_noprof+0x90/0x130 [ 70.230052][ T4963] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 70.230092][ T4963] __kvmalloc_node_noprof+0x30f/0x4e0 [ 70.230203][ T4963] ? ip_set_alloc+0x1f/0x30 [ 70.230234][ T4963] ? ip_set_alloc+0x1f/0x30 [ 70.230263][ T4963] ? __kmalloc_cache_noprof+0x189/0x320 [ 70.230293][ T4963] ip_set_alloc+0x1f/0x30 [ 70.230378][ T4963] hash_netiface_create+0x282/0x740 [ 70.230411][ T4963] ? __pfx_hash_netiface_create+0x10/0x10 [ 70.230442][ T4963] ip_set_create+0x3cc/0x960 [ 70.230524][ T4963] ? __nla_parse+0x40/0x60 [ 70.230541][ T4963] nfnetlink_rcv_msg+0x4c3/0x590 [ 70.230579][ T4963] ? selinux_capable+0x1f9/0x270 [ 70.230604][ T4963] netlink_rcv_skb+0x123/0x220 [ 70.230635][ T4963] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 70.230704][ T4963] nfnetlink_rcv+0x16b/0x1690 [ 70.230725][ T4963] ? __kfree_skb+0x109/0x150 [ 70.230809][ T4963] ? nlmon_xmit+0x4f/0x60 [ 70.230830][ T4963] ? consume_skb+0x49/0x150 [ 70.230854][ T4963] ? nlmon_xmit+0x4f/0x60 [ 70.230871][ T4963] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 70.230949][ T4963] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 70.231026][ T4963] ? __dev_queue_xmit+0x182/0x1fb0 [ 70.231053][ T4963] ? ref_tracker_free+0x37d/0x3e0 [ 70.231144][ T4963] ? __netlink_deliver_tap+0x4dc/0x500 [ 70.231173][ T4963] netlink_unicast+0x59e/0x670 [ 70.231200][ T4963] netlink_sendmsg+0x58b/0x6b0 [ 70.231252][ T4963] ? __pfx_netlink_sendmsg+0x10/0x10 [ 70.231272][ T4963] __sock_sendmsg+0x145/0x180 [ 70.231293][ T4963] ____sys_sendmsg+0x31e/0x4e0 [ 70.231439][ T4963] ___sys_sendmsg+0x17b/0x1d0 [ 70.231517][ T4963] __x64_sys_sendmsg+0xd4/0x160 [ 70.231632][ T4963] x64_sys_call+0x2999/0x2fb0 [ 70.231655][ T4963] do_syscall_64+0xd2/0x200 [ 70.231674][ T4963] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 70.231702][ T4963] ? clear_bhb_loop+0x40/0x90 [ 70.231768][ T4963] ? clear_bhb_loop+0x40/0x90 [ 70.231867][ T4963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.231934][ T4963] RIP: 0033:0x7fb65892e929 [ 70.231951][ T4963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.231967][ T4963] RSP: 002b:00007fb656f97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 70.231985][ T4963] RAX: ffffffffffffffda RBX: 00007fb658b55fa0 RCX: 00007fb65892e929 [ 70.231998][ T4963] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005 [ 70.232016][ T4963] RBP: 00007fb6589b0b39 R08: 0000000000000000 R09: 0000000000000000 [ 70.232028][ T4963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.232062][ T4963] R13: 0000000000000000 R14: 00007fb658b55fa0 R15: 00007ffcd2561cd8 [ 70.232078][ T4963] [ 70.575567][ T4963] memory: usage 307200kB, limit 307200kB, failcnt 6051 [ 70.582682][ T4963] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0 [ 70.590607][ T4963] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0 [ 70.597894][ T4963] Memory cgroup stats for /syz2: [ 70.602537][ T4963] cache 0 [ 70.610653][ T4963] rss 0 [ 70.613423][ T4963] shmem 0 [ 70.616382][ T4963] mapped_file 0 [ 70.619905][ T4963] dirty 0 [ 70.622831][ T4963] writeback 0 [ 70.626189][ T4963] workingset_refault_anon 193 [ 70.630874][ T4963] workingset_refault_file 161 [ 70.635545][ T4963] swap 204800 [ 70.638879][ T4963] swapcached 0 [ 70.642270][ T4963] pgpgin 109034 [ 70.645727][ T4963] pgpgout 109034 [ 70.649269][ T4963] pgfault 123824 [ 70.652841][ T4963] pgmajfault 91 [ 70.656302][ T4963] inactive_anon 0 [ 70.659944][ T4963] active_anon 0 [ 70.663419][ T4963] inactive_file 0 [ 70.667041][ T4963] active_file 0 [ 70.670523][ T4963] unevictable 0 [ 70.673980][ T4963] hierarchical_memory_limit 314572800 [ 70.679414][ T4963] hierarchical_memsw_limit 9223372036854771712 [ 70.685724][ T4963] total_cache 0 [ 70.689181][ T4963] total_rss 0 [ 70.692549][ T4963] total_shmem 0 [ 70.696007][ T4963] total_mapped_file 0 [ 70.700076][ T4963] total_dirty 0 [ 70.703681][ T4963] total_writeback 0 [ 70.707512][ T4963] total_workingset_refault_anon 193 [ 70.712719][ T4963] total_workingset_refault_file 161 [ 70.718039][ T4963] total_swap 204800 [ 70.720580][ T4988] loop0: detected capacity change from 0 to 1024 [ 70.721946][ T4963] total_swapcached 0 [ 70.732113][ T4963] total_pgpgin 123438 [ 70.736067][ T4963] total_pgpgout 123438 [ 70.740124][ T4963] total_pgfault 138249 [ 70.744167][ T4963] total_pgmajfault 125 [ 70.748219][ T4963] total_inactive_anon 0 [ 70.752376][ T4963] total_active_anon 0 [ 70.756342][ T4963] total_inactive_file 0 [ 70.760482][ T4963] total_active_file 0 [ 70.764516][ T4963] total_unevictable 0 [ 70.768479][ T4963] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2/syz1,task=syz.2.494,pid=4959,uid=0 [ 70.783458][ T4963] Memory cgroup out of memory: Killed process 4959 (syz.2.494) total-vm:93884kB, anon-rss:936kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000 [ 70.829767][ T4990] netlink: 12 bytes leftover after parsing attributes in process `syz.4.504'. [ 71.008912][ T4996] loop0: detected capacity change from 0 to 1024 [ 71.017077][ T4996] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 71.036333][ T4996] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 71.044351][ T4996] EXT4-fs (loop0): orphan cleanup on readonly fs [ 71.071653][ T4996] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.507: bg 0: block 10: padding at end of block bitmap is not set [ 71.086340][ T4996] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.507: Failed to acquire dquot type 0 [ 71.097995][ T4996] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.507: Failed to acquire dquot type 0 [ 71.109417][ T4996] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.507: Freeing blocks not in datazone - block = 0, count = 4096 [ 71.125177][ T4996] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.507: Failed to acquire dquot type 0 [ 71.137398][ T4996] EXT4-fs (loop0): 1 orphan inode deleted [ 71.153140][ T4996] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 71.210215][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.258942][ T5014] netlink: 12 bytes leftover after parsing attributes in process `syz.3.515'. [ 71.355465][ T5024] loop0: detected capacity change from 0 to 1024 [ 71.396182][ T29] kauditd_printk_skb: 117 callbacks suppressed [ 71.396215][ T29] audit: type=1326 audit(1751491082.211:11346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5022 comm="syz.0.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 71.429305][ T29] audit: type=1326 audit(1751491082.241:11347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5022 comm="syz.0.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 71.452793][ T29] audit: type=1326 audit(1751491082.241:11348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5022 comm="syz.0.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 71.476340][ T29] audit: type=1326 audit(1751491082.241:11349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5022 comm="syz.0.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 71.520308][ T29] audit: type=1326 audit(1751491082.341:11350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5022 comm="syz.0.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 71.987190][ T29] audit: type=1326 audit(1751491082.801:11351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5003 comm="syz.1.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdff28be929 code=0x7fc00000 [ 72.035141][ T5031] syz.2.522 invoked oom-killer: gfp_mask=0x402d02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 72.049540][ T5031] CPU: 0 UID: 0 PID: 5031 Comm: syz.2.522 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) [ 72.049615][ T5031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 72.049625][ T5031] Call Trace: [ 72.049631][ T5031] [ 72.049718][ T5031] __dump_stack+0x1d/0x30 [ 72.049741][ T5031] dump_stack_lvl+0xe8/0x140 [ 72.049759][ T5031] dump_stack+0x15/0x1b [ 72.049773][ T5031] dump_header+0x81/0x220 [ 72.049876][ T5031] oom_kill_process+0x334/0x3f0 [ 72.049964][ T5031] out_of_memory+0x979/0xb80 [ 72.050041][ T5031] try_charge_memcg+0x5e6/0x9e0 [ 72.050068][ T5031] obj_cgroup_charge_pages+0xa6/0x150 [ 72.050101][ T5031] __memcg_kmem_charge_page+0x9f/0x170 [ 72.050126][ T5031] __alloc_frozen_pages_noprof+0x188/0x360 [ 72.050156][ T5031] alloc_pages_mpol+0xb3/0x250 [ 72.050247][ T5031] alloc_pages_noprof+0x90/0x130 [ 72.050288][ T5031] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 72.050320][ T5031] __kvmalloc_node_noprof+0x30f/0x4e0 [ 72.050346][ T5031] ? ip_set_alloc+0x1f/0x30 [ 72.050452][ T5031] ? ip_set_alloc+0x1f/0x30 [ 72.050474][ T5031] ? hash_netiface_create+0x21b/0x740 [ 72.050499][ T5031] ? __kmalloc_cache_noprof+0x189/0x320 [ 72.050522][ T5031] ip_set_alloc+0x1f/0x30 [ 72.050574][ T5031] hash_netiface_create+0x282/0x740 [ 72.050604][ T5031] ? __pfx_hash_netiface_create+0x10/0x10 [ 72.050632][ T5031] ip_set_create+0x3cc/0x960 [ 72.050752][ T5031] ? __nla_parse+0x40/0x60 [ 72.050773][ T5031] nfnetlink_rcv_msg+0x4c3/0x590 [ 72.050812][ T5031] ? selinux_capable+0x1f9/0x270 [ 72.050861][ T5031] netlink_rcv_skb+0x123/0x220 [ 72.050926][ T5031] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 72.050951][ T5031] nfnetlink_rcv+0x16b/0x1690 [ 72.051042][ T5031] ? __kfree_skb+0x109/0x150 [ 72.051072][ T5031] ? nlmon_xmit+0x4f/0x60 [ 72.051093][ T5031] ? consume_skb+0x49/0x150 [ 72.051118][ T5031] ? nlmon_xmit+0x4f/0x60 [ 72.051217][ T5031] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 72.051298][ T5031] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 72.051329][ T5031] ? __dev_queue_xmit+0x182/0x1fb0 [ 72.051363][ T5031] ? ref_tracker_free+0x37d/0x3e0 [ 72.051419][ T5031] ? __netlink_deliver_tap+0x4dc/0x500 [ 72.051525][ T5031] netlink_unicast+0x59e/0x670 [ 72.051551][ T5031] netlink_sendmsg+0x58b/0x6b0 [ 72.051572][ T5031] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.051634][ T5031] __sock_sendmsg+0x145/0x180 [ 72.051729][ T5031] ____sys_sendmsg+0x31e/0x4e0 [ 72.051756][ T5031] ___sys_sendmsg+0x17b/0x1d0 [ 72.051818][ T5031] __x64_sys_sendmsg+0xd4/0x160 [ 72.051849][ T5031] x64_sys_call+0x2999/0x2fb0 [ 72.051935][ T5031] do_syscall_64+0xd2/0x200 [ 72.051955][ T5031] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 72.051982][ T5031] ? clear_bhb_loop+0x40/0x90 [ 72.052006][ T5031] ? clear_bhb_loop+0x40/0x90 [ 72.052028][ T5031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.052098][ T5031] RIP: 0033:0x7fb65892e929 [ 72.052113][ T5031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.052132][ T5031] RSP: 002b:00007fb656f97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.052153][ T5031] RAX: ffffffffffffffda RBX: 00007fb658b55fa0 RCX: 00007fb65892e929 [ 72.052167][ T5031] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005 [ 72.052180][ T5031] RBP: 00007fb6589b0b39 R08: 0000000000000000 R09: 0000000000000000 [ 72.052221][ T5031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 72.052232][ T5031] R13: 0000000000000000 R14: 00007fb658b55fa0 R15: 00007ffcd2561cd8 [ 72.052246][ T5031] [ 72.401644][ T5031] memory: usage 307200kB, limit 307200kB, failcnt 6302 [ 72.408527][ T5031] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0 [ 72.416527][ T5031] kmem: usage 296872kB, limit 9007199254740988kB, failcnt 0 [ 72.423848][ T5031] Memory cgroup stats for /syz2: [ 72.460118][ T5031] cache 10371072 [ 72.468703][ T5031] rss 110592 [ 72.471949][ T5031] shmem 10305536 [ 72.475499][ T5031] mapped_file 10371072 [ 72.479556][ T5031] dirty 0 [ 72.482501][ T5031] writeback 8192 [ 72.486040][ T5031] workingset_refault_anon 243 [ 72.490732][ T5031] workingset_refault_file 257 [ 72.495454][ T5031] swap 77824 [ 72.498716][ T5031] swapcached 110592 [ 72.502536][ T5031] pgpgin 115034 [ 72.506070][ T5031] pgpgout 112471 [ 72.509611][ T5031] pgfault 129898 [ 72.513168][ T5031] pgmajfault 115 [ 72.516703][ T5031] inactive_anon 90112 [ 72.520741][ T5031] active_anon 10080256 [ 72.524799][ T5031] inactive_file 0 [ 72.528629][ T5031] active_file 65536 [ 72.532462][ T5031] unevictable 0 [ 72.535910][ T5031] hierarchical_memory_limit 314572800 [ 72.541345][ T5031] hierarchical_memsw_limit 9223372036854771712 [ 72.547536][ T5031] total_cache 10371072 [ 72.551673][ T5031] total_rss 110592 [ 72.555448][ T5031] total_shmem 10305536 [ 72.559505][ T5031] total_mapped_file 10371072 [ 72.564181][ T5031] total_dirty 0 [ 72.567659][ T5031] total_writeback 8192 [ 72.571736][ T5031] total_workingset_refault_anon 243 [ 72.576940][ T5031] total_workingset_refault_file 257 [ 72.582141][ T5031] total_swap 77824 [ 72.585852][ T5031] total_swapcached 110592 [ 72.590210][ T5031] total_pgpgin 129438 [ 72.594183][ T5031] total_pgpgout 126875 [ 72.598237][ T5031] total_pgfault 144327 [ 72.602319][ T5031] total_pgmajfault 154 [ 72.606458][ T5031] total_inactive_anon 90112 [ 72.610971][ T5031] total_active_anon 10080256 [ 72.615736][ T5031] total_inactive_file 0 [ 72.619940][ T5031] total_active_file 65536 [ 72.624263][ T5031] total_unevictable 0 [ 72.628229][ T5031] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.522,pid=5030,uid=0 [ 72.642915][ T5031] Memory cgroup out of memory: Killed process 5031 (syz.2.522) total-vm:93884kB, anon-rss:1060kB, file-rss:22312kB, shmem-rss:9984kB, UID:0 pgtables:144kB oom_score_adj:1000 [ 72.675036][ T5052] netlink: 12 bytes leftover after parsing attributes in process `syz.4.528'. [ 72.792774][ T5050] loop0: detected capacity change from 0 to 1024 [ 72.801604][ T5050] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 72.815409][ T5050] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 72.823728][ T5050] EXT4-fs (loop0): orphan cleanup on readonly fs [ 72.830785][ T5050] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.527: bg 0: block 10: padding at end of block bitmap is not set [ 72.849980][ T5050] Quota error (device loop0): write_blk: dquota write failed [ 72.857388][ T5050] Quota error (device loop0): find_free_dqentry: Can't write quota data block 3 [ 72.923367][ T5050] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 72.933685][ T5050] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.527: Failed to acquire dquot type 0 [ 72.947992][ T5050] Quota error (device loop0): write_blk: dquota write failed [ 72.969765][ T5050] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.527: Failed to acquire dquot type 0 [ 73.002042][ T5050] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.527: Freeing blocks not in datazone - block = 0, count = 4096 [ 73.026381][ T5050] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.527: Failed to acquire dquot type 0 [ 73.043285][ T5066] loop4: detected capacity change from 0 to 1024 [ 73.051049][ T5050] EXT4-fs (loop0): 1 orphan inode deleted [ 73.059702][ T5050] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 73.090193][ T5066] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.095691][ T5078] loop2: detected capacity change from 0 to 1024 [ 73.103216][ T5066] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.109295][ T5078] EXT4-fs: Ignoring removed orlov option [ 73.124829][ T5078] EXT4-fs: Ignoring removed nomblk_io_submit option [ 73.135628][ T5079] loop3: detected capacity change from 0 to 1024 [ 73.153073][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.163406][ T5079] EXT4-fs: Ignoring removed nobh option [ 73.163806][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.169375][ T5079] EXT4-fs (loop3): can't mount with both data=journal and delalloc [ 73.186790][ T5078] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.187920][ T5082] loop1: detected capacity change from 0 to 512 [ 73.210043][ T5082] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 73.223305][ T5084] loop0: detected capacity change from 0 to 512 [ 73.242890][ T5082] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.256013][ T5084] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 73.262609][ T5092] loop4: detected capacity change from 0 to 1024 [ 73.264341][ T5082] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.271628][ T5084] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.540: invalid indirect mapped block 2683928664 (level 1) [ 73.283734][ T5092] EXT4-fs: Ignoring removed nomblk_io_submit option [ 73.295170][ T5084] EXT4-fs (loop0): Remounting filesystem read-only [ 73.303500][ T5082] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.536: corrupted xattr block 19: overlapping e_value [ 73.308407][ T5084] EXT4-fs (loop0): 1 truncate cleaned up [ 73.323995][ T5082] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 73.327397][ T5084] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.336263][ T5082] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.536: corrupted xattr block 19: overlapping e_value [ 73.355745][ T5092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.362505][ T5082] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 73.389876][ T5082] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.536: corrupted xattr block 19: overlapping e_value [ 73.404122][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.424652][ T5099] loop0: detected capacity change from 0 to 1024 [ 73.432966][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.453361][ T5099] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.471380][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.489778][ T5099] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.508489][ T5099] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 8: comm syz.0.542: lblock 8 mapped to illegal pblock 8 (length 8) [ 73.541703][ T5099] EXT4-fs error (device loop0): ext4_ext_remove_space:2955: inode #15: comm syz.0.542: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 73.578383][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.619178][ T5114] loop0: detected capacity change from 0 to 1024 [ 73.628683][ T5114] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.641001][ T5114] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.751304][ T5108] loop2: detected capacity change from 0 to 1024 [ 73.759429][ T5108] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 73.788909][ T5108] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 73.797090][ T5108] EXT4-fs (loop2): orphan cleanup on readonly fs [ 73.804118][ T5108] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.544: bg 0: block 10: padding at end of block bitmap is not set [ 73.818368][ T5108] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.544: Failed to acquire dquot type 0 [ 73.829876][ T5108] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.544: Failed to acquire dquot type 0 [ 73.841213][ T5108] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.544: Freeing blocks not in datazone - block = 0, count = 4096 [ 73.854803][ T5108] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.544: Failed to acquire dquot type 0 [ 73.866259][ T5108] EXT4-fs (loop2): 1 orphan inode deleted [ 73.872801][ T5108] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 73.890047][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.916634][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.971345][ T5124] loop1: detected capacity change from 0 to 1024 [ 74.009226][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.019744][ T5124] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.031912][ T5124] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.789521][ T5139] loop3: detected capacity change from 0 to 1024 [ 74.796642][ T5139] EXT4-fs: Ignoring removed nomblk_io_submit option [ 74.814143][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.824705][ T5139] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.850530][ T5130] syz.2.551 invoked oom-killer: gfp_mask=0x402d02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 74.865037][ T5130] CPU: 0 UID: 0 PID: 5130 Comm: syz.2.551 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) [ 74.865065][ T5130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 74.865088][ T5130] Call Trace: [ 74.865094][ T5130] [ 74.865100][ T5130] __dump_stack+0x1d/0x30 [ 74.865118][ T5130] dump_stack_lvl+0xe8/0x140 [ 74.865141][ T5130] dump_stack+0x15/0x1b [ 74.865211][ T5130] dump_header+0x81/0x220 [ 74.865248][ T5130] oom_kill_process+0x334/0x3f0 [ 74.865278][ T5130] out_of_memory+0x979/0xb80 [ 74.865302][ T5130] try_charge_memcg+0x5e6/0x9e0 [ 74.865422][ T5130] obj_cgroup_charge_pages+0xa6/0x150 [ 74.865447][ T5130] __memcg_kmem_charge_page+0x9f/0x170 [ 74.865477][ T5130] __alloc_frozen_pages_noprof+0x188/0x360 [ 74.865570][ T5130] alloc_pages_mpol+0xb3/0x250 [ 74.865600][ T5130] alloc_pages_noprof+0x90/0x130 [ 74.865631][ T5130] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 74.865807][ T5130] __kvmalloc_node_noprof+0x30f/0x4e0 [ 74.865834][ T5130] ? ip_set_alloc+0x1f/0x30 [ 74.865857][ T5130] ? ip_set_alloc+0x1f/0x30 [ 74.865879][ T5130] ? __kmalloc_cache_noprof+0x189/0x320 [ 74.865908][ T5130] ip_set_alloc+0x1f/0x30 [ 74.865997][ T5130] hash_netiface_create+0x282/0x740 [ 74.866027][ T5130] ? __pfx_hash_netiface_create+0x10/0x10 [ 74.866167][ T5130] ip_set_create+0x3cc/0x960 [ 74.866265][ T5130] ? __nla_parse+0x40/0x60 [ 74.866276][ T5130] nfnetlink_rcv_msg+0x4c3/0x590 [ 74.866324][ T5130] ? selinux_capable+0x1f9/0x270 [ 74.866341][ T5130] netlink_rcv_skb+0x123/0x220 [ 74.866415][ T5130] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 74.866432][ T5130] nfnetlink_rcv+0x16b/0x1690 [ 74.866445][ T5130] ? __kfree_skb+0x109/0x150 [ 74.866501][ T5130] ? nlmon_xmit+0x4f/0x60 [ 74.866512][ T5130] ? consume_skb+0x49/0x150 [ 74.866528][ T5130] ? nlmon_xmit+0x4f/0x60 [ 74.866539][ T5130] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 74.866578][ T5130] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 74.866595][ T5130] ? __dev_queue_xmit+0x182/0x1fb0 [ 74.866614][ T5130] ? sysvec_irq_work+0xe/0x80 [ 74.866627][ T5130] ? ref_tracker_free+0x37d/0x3e0 [ 74.866645][ T5130] ? __netlink_deliver_tap+0x4dc/0x500 [ 74.866729][ T5130] netlink_unicast+0x59e/0x670 [ 74.866776][ T5130] netlink_sendmsg+0x58b/0x6b0 [ 74.866787][ T5130] ? __pfx_netlink_sendmsg+0x10/0x10 [ 74.866798][ T5130] __sock_sendmsg+0x145/0x180 [ 74.866812][ T5130] ____sys_sendmsg+0x31e/0x4e0 [ 74.866885][ T5130] ___sys_sendmsg+0x17b/0x1d0 [ 74.866931][ T5130] __x64_sys_sendmsg+0xd4/0x160 [ 74.866950][ T5130] x64_sys_call+0x2999/0x2fb0 [ 74.867033][ T5130] do_syscall_64+0xd2/0x200 [ 74.867043][ T5130] ? clear_bhb_loop+0x40/0x90 [ 74.867055][ T5130] ? clear_bhb_loop+0x40/0x90 [ 74.867067][ T5130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.867079][ T5130] RIP: 0033:0x7fb65892e929 [ 74.867088][ T5130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.867145][ T5130] RSP: 002b:00007fb656f97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.867167][ T5130] RAX: ffffffffffffffda RBX: 00007fb658b55fa0 RCX: 00007fb65892e929 [ 74.867179][ T5130] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005 [ 74.867192][ T5130] RBP: 00007fb6589b0b39 R08: 0000000000000000 R09: 0000000000000000 [ 74.867204][ T5130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 74.867216][ T5130] R13: 0000000000000000 R14: 00007fb658b55fa0 R15: 00007ffcd2561cd8 [ 74.867254][ T5130] [ 74.867258][ T5130] memory: usage 307200kB, limit 307200kB, failcnt 6413 [ 75.218885][ T5130] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0 [ 75.226798][ T5130] kmem: usage 295464kB, limit 9007199254740988kB, failcnt 0 [ 75.234105][ T5130] Memory cgroup stats for /syz2: [ 75.234608][ T5130] cache 11759616 [ 75.243182][ T5130] rss 204800 [ 75.246499][ T5130] shmem 11755520 [ 75.250139][ T5130] mapped_file 11759616 [ 75.254232][ T5130] dirty 4096 [ 75.257423][ T5130] writeback 0 [ 75.260907][ T5130] workingset_refault_anon 260 [ 75.265578][ T5130] workingset_refault_file 257 [ 75.270242][ T5130] swap 0 [ 75.273120][ T5130] swapcached 8192 [ 75.276733][ T5130] pgpgin 121343 [ 75.280201][ T5130] pgpgout 118422 [ 75.283732][ T5130] pgfault 136479 [ 75.287381][ T5130] pgmajfault 127 [ 75.290920][ T5130] inactive_anon 167936 [ 75.294985][ T5130] active_anon 11792384 [ 75.299031][ T5130] inactive_file 0 [ 75.302733][ T5130] active_file 4096 [ 75.306483][ T5130] unevictable 0 [ 75.309952][ T5130] hierarchical_memory_limit 314572800 [ 75.315450][ T5130] hierarchical_memsw_limit 9223372036854771712 [ 75.321668][ T5130] total_cache 11759616 [ 75.325714][ T5130] total_rss 204800 [ 75.329410][ T5130] total_shmem 11755520 [ 75.333498][ T5130] total_mapped_file 11759616 [ 75.338217][ T5130] total_dirty 4096 [ 75.341945][ T5130] total_writeback 0 [ 75.345747][ T5130] total_workingset_refault_anon 260 [ 75.350957][ T5130] total_workingset_refault_file 257 [ 75.356134][ T5130] total_swap 0 [ 75.359488][ T5130] total_swapcached 8192 [ 75.363675][ T5130] total_pgpgin 135747 [ 75.367633][ T5130] total_pgpgout 132826 [ 75.371723][ T5130] total_pgfault 150908 [ 75.375772][ T5130] total_pgmajfault 166 [ 75.379843][ T5130] total_inactive_anon 167936 [ 75.384434][ T5130] total_active_anon 11792384 [ 75.389022][ T5130] total_inactive_file 0 [ 75.393226][ T5130] total_active_file 4096 [ 75.397455][ T5130] total_unevictable 0 [ 75.401477][ T5130] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.551,pid=5129,uid=0 [ 75.416064][ T5130] Memory cgroup out of memory: Killed process 5130 (syz.2.551) total-vm:93884kB, anon-rss:1064kB, file-rss:22312kB, shmem-rss:11392kB, UID:0 pgtables:144kB oom_score_adj:1000 [ 75.434865][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.583364][ T5156] loop4: detected capacity change from 0 to 1024 [ 75.656919][ T5160] loop2: detected capacity change from 0 to 1024 [ 75.758649][ T5160] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.791232][ T5160] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 75.805871][ T5160] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #15: block 8: comm syz.2.560: lblock 8 mapped to illegal pblock 8 (length 8) [ 75.850922][ T5160] EXT4-fs error (device loop2): ext4_ext_remove_space:2955: inode #15: comm syz.2.560: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 75.879870][ T5171] loop3: detected capacity change from 0 to 1024 [ 75.887933][ T5171] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 75.940743][ T5171] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 75.949010][ T5171] EXT4-fs (loop3): orphan cleanup on readonly fs [ 75.957148][ T5171] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.562: bg 0: block 10: padding at end of block bitmap is not set [ 75.972047][ T5171] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.562: Failed to acquire dquot type 0 [ 75.983779][ T5171] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.562: Failed to acquire dquot type 0 [ 75.995089][ T5171] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.562: Freeing blocks not in datazone - block = 0, count = 4096 [ 76.008923][ T5171] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.562: Failed to acquire dquot type 0 [ 76.020262][ T5171] EXT4-fs (loop3): 1 orphan inode deleted [ 76.053875][ T5176] loop0: detected capacity change from 0 to 1024 [ 76.081791][ T5176] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.108351][ T5176] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.508885][ T29] kauditd_printk_skb: 5823 callbacks suppressed [ 76.508901][ T29] audit: type=1326 audit(1751491086.911:17152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdff28b58e7 code=0x7ffc0000 [ 76.538789][ T29] audit: type=1326 audit(1751491086.911:17153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdff285ab19 code=0x7ffc0000 [ 76.542261][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.562125][ T29] audit: type=1326 audit(1751491086.911:17154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdff28b58e7 code=0x7ffc0000 [ 76.562152][ T29] audit: type=1326 audit(1751491086.911:17155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdff285ab19 code=0x7ffc0000 [ 76.562171][ T29] audit: type=1326 audit(1751491086.911:17156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdff28b58e7 code=0x7ffc0000 [ 76.641000][ T29] audit: type=1326 audit(1751491086.911:17157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdff285ab19 code=0x7ffc0000 [ 76.664346][ T29] audit: type=1326 audit(1751491086.911:17158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdff28be929 code=0x7ffc0000 [ 76.687735][ T29] audit: type=1326 audit(1751491086.911:17159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdff28b58e7 code=0x7ffc0000 [ 76.711102][ T29] audit: type=1326 audit(1751491086.911:17160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdff285ab19 code=0x7ffc0000 [ 76.734422][ T29] audit: type=1326 audit(1751491086.911:17161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdff28b58e7 code=0x7ffc0000 [ 76.758349][ T5171] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 76.827254][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.831868][ T5189] loop2: detected capacity change from 0 to 1024 [ 76.843039][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.852904][ T5189] EXT4-fs: Ignoring removed nomblk_io_submit option [ 76.881661][ T5189] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.969703][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.317284][ T5218] loop4: detected capacity change from 0 to 1024 [ 77.375214][ T5224] loop2: detected capacity change from 0 to 1024 [ 77.391227][ T5224] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.403383][ T5224] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.415637][ T5224] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #15: block 8: comm syz.2.578: lblock 8 mapped to illegal pblock 8 (length 8) [ 77.439179][ T5229] loop4: detected capacity change from 0 to 1024 [ 77.446191][ T5224] EXT4-fs error (device loop2): ext4_ext_remove_space:2955: inode #15: comm syz.2.578: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 77.454231][ T5229] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.489149][ T5229] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.518347][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.528636][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.722470][ T5239] loop4: detected capacity change from 0 to 1024 [ 77.730100][ T5239] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 77.800763][ T5239] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 77.808862][ T5239] EXT4-fs (loop4): orphan cleanup on readonly fs [ 77.831310][ T5239] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.580: bg 0: block 10: padding at end of block bitmap is not set [ 77.846108][ T5239] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.580: Failed to acquire dquot type 0 [ 77.859534][ T5239] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.580: Failed to acquire dquot type 0 [ 77.874274][ T5239] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.580: Freeing blocks not in datazone - block = 0, count = 4096 [ 77.888314][ T5239] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.580: Failed to acquire dquot type 0 [ 77.900140][ T5239] EXT4-fs (loop4): 1 orphan inode deleted [ 77.982254][ T5239] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 78.026746][ T5248] loop1: detected capacity change from 0 to 1024 [ 78.033654][ T5248] EXT4-fs: Ignoring removed nomblk_io_submit option [ 78.051708][ T5248] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.098677][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.380195][ T5267] loop3: detected capacity change from 0 to 1024 [ 78.420655][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.430672][ T5267] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.453108][ T5267] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.495678][ T5275] loop0: detected capacity change from 0 to 1024 [ 78.527384][ T5275] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.557013][ T5271] loop4: detected capacity change from 0 to 1024 [ 78.630363][ T5275] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.679216][ T5275] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 8: comm syz.0.593: lblock 8 mapped to illegal pblock 8 (length 8) [ 78.724843][ T5275] EXT4-fs error (device loop0): ext4_ext_remove_space:2955: inode #15: comm syz.0.593: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 78.795863][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.911533][ T5291] loop4: detected capacity change from 0 to 1024 [ 78.922878][ T5291] EXT4-fs: Ignoring removed nomblk_io_submit option [ 78.933547][ T5291] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.223338][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.264069][ T5272] syz.2.592 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 79.275091][ T5272] CPU: 0 UID: 0 PID: 5272 Comm: syz.2.592 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) [ 79.275117][ T5272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 79.275204][ T5272] Call Trace: [ 79.275212][ T5272] [ 79.275220][ T5272] __dump_stack+0x1d/0x30 [ 79.275264][ T5272] dump_stack_lvl+0xe8/0x140 [ 79.275279][ T5272] dump_stack+0x15/0x1b [ 79.275293][ T5272] dump_header+0x81/0x220 [ 79.275393][ T5272] oom_kill_process+0x334/0x3f0 [ 79.275455][ T5272] out_of_memory+0x979/0xb80 [ 79.275532][ T5272] try_charge_memcg+0x5e6/0x9e0 [ 79.275559][ T5272] charge_memcg+0x51/0xc0 [ 79.275588][ T5272] mem_cgroup_swapin_charge_folio+0xcc/0x150 [ 79.275696][ T5272] __read_swap_cache_async+0x1df/0x350 [ 79.275736][ T5272] swap_cluster_readahead+0x376/0x3e0 [ 79.275823][ T5272] swapin_readahead+0xde/0x6f0 [ 79.275876][ T5272] ? __filemap_get_folio+0x4f7/0x6b0 [ 79.275900][ T5272] ? __rcu_read_unlock+0x34/0x70 [ 79.275922][ T5272] ? swap_cache_get_folio+0x77/0x200 [ 79.276006][ T5272] do_swap_page+0x301/0x2430 [ 79.276027][ T5272] ? css_rstat_updated+0xcd/0x5b0 [ 79.276057][ T5272] ? __pfx_default_wake_function+0x10/0x10 [ 79.276083][ T5272] handle_mm_fault+0x9a5/0x2be0 [ 79.276101][ T5272] ? mas_walk+0xf2/0x120 [ 79.276184][ T5272] do_user_addr_fault+0x636/0x1090 [ 79.276211][ T5272] exc_page_fault+0x62/0xa0 [ 79.276233][ T5272] asm_exc_page_fault+0x26/0x30 [ 79.276250][ T5272] RIP: 0033:0x7fb658961193 [ 79.276315][ T5272] Code: e1 08 00 48 8d 3d 56 e1 08 00 e8 f8 48 f6 ff 0f 1f 84 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 <80> 3d 9e 43 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 c3 66 2e 0f [ 79.276333][ T5272] RSP: 002b:00007ffcd2561df8 EFLAGS: 00010293 [ 79.276365][ T5272] RAX: 00000000fffffffa RBX: 00007fb658b55fa0 RCX: 0000000000000000 [ 79.276377][ T5272] RDX: 00007ffcd2561e10 RSI: 0000000000000000 RDI: 0000000000000000 [ 79.276388][ T5272] RBP: 00007fb658b57ba0 R08: 000000000d56b2a4 R09: 7fffffffffffffff [ 79.276400][ T5272] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000135be [ 79.276413][ T5272] R13: 00007ffcd2561f30 R14: ffffffffffffffff R15: 00007ffcd2561f50 [ 79.276431][ T5272] [ 79.276438][ T5272] memory: usage 307200kB, limit 307200kB, failcnt 9223 [ 79.497871][ T5272] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0 [ 79.505802][ T5272] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 79.513176][ T5272] Memory cgroup stats for /syz2: [ 79.513638][ T5272] cache 0 [ 79.521532][ T5272] rss 0 [ 79.524290][ T5272] shmem 0 [ 79.527226][ T5272] mapped_file 0 [ 79.530690][ T5272] dirty 0 [ 79.533618][ T5272] writeback 0 [ 79.536894][ T5272] workingset_refault_anon 312 [ 79.541657][ T5272] workingset_refault_file 290 [ 79.546339][ T5272] swap 204800 [ 79.549789][ T5272] swapcached 0 [ 79.553254][ T5272] pgpgin 125030 [ 79.556759][ T5272] pgpgout 125030 [ 79.560331][ T5272] pgfault 140547 [ 79.563941][ T5272] pgmajfault 162 [ 79.567482][ T5272] inactive_anon 0 [ 79.571212][ T5272] active_anon 0 [ 79.574666][ T5272] inactive_file 0 [ 79.578289][ T5272] active_file 0 [ 79.581868][ T5272] unevictable 0 [ 79.585321][ T5272] hierarchical_memory_limit 314572800 [ 79.590744][ T5272] hierarchical_memsw_limit 9223372036854771712 [ 79.596951][ T5272] total_cache 0 [ 79.600498][ T5272] total_rss 0 [ 79.603778][ T5272] total_shmem 0 [ 79.607230][ T5272] total_mapped_file 0 [ 79.611454][ T5272] total_dirty 0 [ 79.615035][ T5272] total_writeback 0 [ 79.618908][ T5272] total_workingset_refault_anon 312 [ 79.624109][ T5272] total_workingset_refault_file 290 [ 79.629308][ T5272] total_swap 204800 [ 79.633182][ T5272] total_swapcached 0 [ 79.637142][ T5272] total_pgpgin 142304 [ 79.641121][ T5272] total_pgpgout 142304 [ 79.645166][ T5272] total_pgfault 157860 [ 79.649360][ T5272] total_pgmajfault 206 [ 79.653421][ T5272] total_inactive_anon 0 [ 79.657603][ T5272] total_active_anon 0 [ 79.661625][ T5272] total_inactive_file 0 [ 79.665765][ T5272] total_active_file 0 [ 79.669751][ T5272] total_unevictable 0 [ 79.673719][ T5272] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2/syz1,task=syz.2.592,pid=5272,uid=0 [ 79.688708][ T5272] Memory cgroup out of memory: Killed process 5272 (syz.2.592) total-vm:93884kB, anon-rss:1064kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000 [ 79.706801][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.827887][ T5316] loop3: detected capacity change from 0 to 1024 [ 79.840850][ T5316] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 79.951223][ T5316] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 79.959457][ T5316] EXT4-fs (loop3): orphan cleanup on readonly fs [ 79.968121][ T5316] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.602: bg 0: block 10: padding at end of block bitmap is not set [ 79.982667][ T5316] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.602: Failed to acquire dquot type 0 [ 79.994985][ T5316] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.602: Failed to acquire dquot type 0 [ 80.006701][ T5316] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.602: Freeing blocks not in datazone - block = 0, count = 4096 [ 80.020788][ T5316] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.602: Failed to acquire dquot type 0 [ 80.032320][ T5316] EXT4-fs (loop3): 1 orphan inode deleted [ 80.094930][ T5316] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 80.289785][ T5328] loop1: detected capacity change from 0 to 1024 [ 80.312457][ T5329] loop2: detected capacity change from 0 to 1024 [ 80.340929][ T5329] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.353096][ T5329] ext4 filesystem being mounted at /128/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.365899][ T5329] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #15: block 8: comm syz.2.607: lblock 8 mapped to illegal pblock 8 (length 8) [ 80.391155][ T5329] EXT4-fs error (device loop2): ext4_ext_remove_space:2955: inode #15: comm syz.2.607: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 80.412715][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.438240][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.457446][ T5333] loop3: detected capacity change from 0 to 1024 [ 80.466826][ T5333] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.481326][ T5333] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.506229][ T5341] loop2: detected capacity change from 0 to 1024 [ 80.514263][ T5341] EXT4-fs: Ignoring removed nomblk_io_submit option [ 80.527850][ T5341] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.297227][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.337943][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.570236][ T5373] loop2: detected capacity change from 0 to 1024 [ 81.577842][ T5373] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 81.701757][ T5375] loop0: detected capacity change from 0 to 1024 [ 81.711600][ T5373] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 81.719931][ T5373] EXT4-fs (loop2): orphan cleanup on readonly fs [ 81.730070][ T5373] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.620: bg 0: block 10: padding at end of block bitmap is not set [ 81.755495][ T5373] __quota_error: 9418 callbacks suppressed [ 81.755508][ T5373] Quota error (device loop2): write_blk: dquota write failed [ 81.768712][ T5373] Quota error (device loop2): find_free_dqentry: Can't write quota data block 3 [ 81.777857][ T5373] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 81.787850][ T5373] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.620: Failed to acquire dquot type 0 [ 81.799887][ T5373] Quota error (device loop2): write_blk: dquota write failed [ 81.807275][ T5373] Quota error (device loop2): find_free_dqentry: Can't write quota data block 3 [ 81.816361][ T5373] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 81.826205][ T5373] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.620: Failed to acquire dquot type 0 [ 81.850779][ T5373] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.620: Freeing blocks not in datazone - block = 0, count = 4096 [ 81.864487][ T5373] Quota error (device loop2): write_blk: dquota write failed [ 81.871917][ T5373] Quota error (device loop2): find_free_dqentry: Can't write quota data block 3 [ 81.881088][ T5373] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 81.890941][ T5373] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.620: Failed to acquire dquot type 0 [ 81.902797][ T5373] EXT4-fs (loop2): 1 orphan inode deleted [ 81.910997][ T5373] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 81.936483][ T5375] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.949403][ T5375] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.973317][ T29] audit: type=1326 audit(1751491092.791:26562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5383 comm="syz.3.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8d943e929 code=0x7ffc0000 [ 82.010462][ T5375] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 8: comm syz.0.622: lblock 8 mapped to illegal pblock 8 (length 8) [ 82.034823][ T5384] loop3: detected capacity change from 0 to 1024 [ 82.045255][ T5375] EXT4-fs error (device loop0): ext4_ext_remove_space:2955: inode #15: comm syz.0.622: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 82.045346][ T5386] netlink: 12 bytes leftover after parsing attributes in process `syz.1.626'. [ 82.135214][ T5391] loop0: detected capacity change from 0 to 1024 [ 82.151990][ T5391] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.349465][ T5401] loop2: detected capacity change from 0 to 1024 [ 82.382453][ T5401] EXT4-fs: Ignoring removed nomblk_io_submit option [ 82.950190][ T5430] loop2: detected capacity change from 0 to 1024 [ 82.971310][ T5430] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.993598][ T5432] loop1: detected capacity change from 0 to 1024 [ 83.011678][ T5430] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #15: block 8: comm syz.2.639: lblock 8 mapped to illegal pblock 8 (length 8) [ 83.050854][ T5430] EXT4-fs error (device loop2): ext4_ext_remove_space:2955: inode #15: comm syz.2.639: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 83.317639][ T5443] loop2: detected capacity change from 0 to 1024 [ 83.390828][ T5420] syz.0.637 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 83.401840][ T5420] CPU: 0 UID: 0 PID: 5420 Comm: syz.0.637 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) [ 83.401865][ T5420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 83.401877][ T5420] Call Trace: [ 83.401902][ T5420] [ 83.401990][ T5420] __dump_stack+0x1d/0x30 [ 83.402008][ T5420] dump_stack_lvl+0xe8/0x140 [ 83.402024][ T5420] dump_stack+0x15/0x1b [ 83.402038][ T5420] dump_header+0x81/0x220 [ 83.402095][ T5420] oom_kill_process+0x334/0x3f0 [ 83.402119][ T5420] out_of_memory+0x979/0xb80 [ 83.402145][ T5420] try_charge_memcg+0x5e6/0x9e0 [ 83.402171][ T5420] charge_memcg+0x51/0xc0 [ 83.402237][ T5420] mem_cgroup_swapin_charge_folio+0xcc/0x150 [ 83.402267][ T5420] __read_swap_cache_async+0x1df/0x350 [ 83.402300][ T5420] swap_cluster_readahead+0x277/0x3e0 [ 83.402388][ T5420] swapin_readahead+0xde/0x6f0 [ 83.402417][ T5420] ? __filemap_get_folio+0x4f7/0x6b0 [ 83.402470][ T5420] ? swap_cache_get_folio+0x77/0x200 [ 83.402494][ T5420] do_swap_page+0x301/0x2430 [ 83.402511][ T5420] ? finish_task_switch+0xad/0x2b0 [ 83.402537][ T5420] ? __pfx_default_wake_function+0x10/0x10 [ 83.402627][ T5420] handle_mm_fault+0x9a5/0x2be0 [ 83.402649][ T5420] ? mas_walk+0xf2/0x120 [ 83.402675][ T5420] do_user_addr_fault+0x636/0x1090 [ 83.402732][ T5420] ? fpregs_restore_userregs+0xad/0x1d0 [ 83.402761][ T5420] ? switch_fpu_return+0xe/0x20 [ 83.402789][ T5420] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 83.402810][ T5420] exc_page_fault+0x62/0xa0 [ 83.402883][ T5420] asm_exc_page_fault+0x26/0x30 [ 83.402900][ T5420] RIP: 0033:0x7f31e2611193 [ 83.402915][ T5420] Code: e1 08 00 48 8d 3d 56 e1 08 00 e8 f8 48 f6 ff 0f 1f 84 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 <80> 3d 9e 43 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 c3 66 2e 0f [ 83.402933][ T5420] RSP: 002b:00007ffd82d55798 EFLAGS: 00010293 [ 83.402975][ T5420] RAX: 00000000fffffffa RBX: 00007f31e2805fa0 RCX: 0000000000000000 [ 83.403060][ T5420] RDX: 00007ffd82d557b0 RSI: 0000000000000000 RDI: 0000000000000000 [ 83.403071][ T5420] RBP: 00007f31e2807ba0 R08: 00000000140f4f9c R09: 7fffffffffffffff [ 83.403081][ T5420] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000145df [ 83.403093][ T5420] R13: 00007ffd82d558d0 R14: ffffffffffffffff R15: 00007ffd82d558f0 [ 83.403110][ T5420] [ 83.403117][ T5420] memory: usage 307200kB, limit 307200kB, failcnt 5997 [ 83.636540][ T5420] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0 [ 83.644510][ T5420] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0 [ 83.651847][ T5420] Memory cgroup stats for /syz0: [ 83.652082][ T5443] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 83.652413][ T5420] cache 0 [ 83.670432][ T5420] rss 0 [ 83.673344][ T5420] shmem 0 [ 83.676298][ T5420] mapped_file 0 [ 83.679847][ T5420] dirty 0 [ 83.682778][ T5420] writeback 0 [ 83.686137][ T5420] workingset_refault_anon 95 [ 83.690806][ T5420] workingset_refault_file 271 [ 83.695547][ T5420] swap 196608 [ 83.698822][ T5420] swapcached 8192 [ 83.702483][ T5420] pgpgin 157419 [ 83.705931][ T5420] pgpgout 157417 [ 83.709466][ T5420] pgfault 145438 [ 83.713077][ T5420] pgmajfault 70 [ 83.716528][ T5420] inactive_anon 8192 [ 83.720477][ T5420] active_anon 0 [ 83.723957][ T5420] inactive_file 0 [ 83.727638][ T5420] active_file 0 [ 83.731122][ T5420] unevictable 0 [ 83.734574][ T5420] hierarchical_memory_limit 314572800 [ 83.739982][ T5420] hierarchical_memsw_limit 9223372036854771712 [ 83.746131][ T5420] total_cache 0 [ 83.749584][ T5420] total_rss 0 [ 83.752901][ T5420] total_shmem 0 [ 83.756359][ T5420] total_mapped_file 0 [ 83.760353][ T5420] total_dirty 0 [ 83.763848][ T5420] total_writeback 0 [ 83.767723][ T5420] total_workingset_refault_anon 95 [ 83.772905][ T5420] total_workingset_refault_file 271 [ 83.778105][ T5420] total_swap 196608 [ 83.781931][ T5420] total_swapcached 8192 [ 83.786087][ T5420] total_pgpgin 180379 [ 83.790098][ T5420] total_pgpgout 180377 [ 83.794159][ T5420] total_pgfault 168419 [ 83.798217][ T5420] total_pgmajfault 71 [ 83.802278][ T5420] total_inactive_anon 8192 [ 83.802280][ T5443] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 83.802353][ T5443] EXT4-fs (loop2): orphan cleanup on readonly fs [ 83.806678][ T5420] total_active_anon 0 [ 83.806687][ T5420] total_inactive_file 0 [ 83.806694][ T5420] total_active_file 0 [ 83.816161][ T5443] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.642: bg 0: block 10: padding at end of block bitmap is not set [ 83.820924][ T5420] total_unevictable 0 [ 83.825083][ T5443] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.642: Failed to acquire dquot type 0 [ 83.829018][ T5420] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null) [ 83.833938][ T5443] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.642: Failed to acquire dquot type 0 [ 83.847058][ T5420] ,cpuset=/ [ 83.851133][ T5443] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.642: Freeing blocks not in datazone - block = 0, count = 4096 [ 83.862198][ T5420] ,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0/syz1,task=syz.0.637,pid=5420,uid=0 [ 83.869233][ T5443] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.642: Failed to acquire dquot type 0 [ 83.880165][ T5420] Memory cgroup out of memory: Killed process 5420 (syz.0.637) total-vm:93884kB, anon-rss:936kB, file-rss:22312kB, shmem-rss:128kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 83.889827][ T5443] EXT4-fs (loop2): 1 orphan inode deleted [ 83.996322][ T5451] loop3: detected capacity change from 0 to 1024 [ 84.013347][ T5451] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.017133][ T5455] loop4: detected capacity change from 0 to 1024 [ 84.031023][ T5455] EXT4-fs: Ignoring removed nomblk_io_submit option [ 84.123879][ T5456] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 84.303170][ T5479] loop1: detected capacity change from 0 to 1024 [ 84.443589][ T5489] loop0: detected capacity change from 0 to 1024 [ 84.465008][ T5489] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.497321][ T5495] loop3: detected capacity change from 0 to 1024 [ 84.522396][ T5495] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.549044][ T5489] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 8: comm syz.0.657: lblock 8 mapped to illegal pblock 8 (length 8) [ 84.630476][ T5489] EXT4-fs error (device loop0): ext4_ext_remove_space:2955: inode #15: comm syz.0.657: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 84.664491][ T5502] loop2: detected capacity change from 0 to 1024 [ 84.673356][ T5502] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 84.685142][ T5502] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 84.693177][ T5502] EXT4-fs (loop2): orphan cleanup on readonly fs [ 84.700851][ T5502] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.660: bg 0: block 10: padding at end of block bitmap is not set [ 84.715205][ T5502] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.660: Failed to acquire dquot type 0 [ 84.726603][ T5502] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.660: Failed to acquire dquot type 0 [ 84.737941][ T5502] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.660: Freeing blocks not in datazone - block = 0, count = 4096 [ 84.751692][ T5502] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.660: Failed to acquire dquot type 0 [ 84.763112][ T5502] EXT4-fs (loop2): 1 orphan inode deleted [ 84.922430][ T5507] loop0: detected capacity change from 0 to 1024 [ 84.929171][ T5507] EXT4-fs: Ignoring removed nomblk_io_submit option [ 85.097486][ T5523] loop4: detected capacity change from 0 to 1024 [ 85.449948][ T5539] loop4: detected capacity change from 0 to 1024 [ 85.465275][ T5539] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.626651][ T5545] loop4: detected capacity change from 0 to 1024 [ 85.691302][ T5549] loop1: detected capacity change from 0 to 1024 [ 85.702637][ T5549] EXT4-fs: Ignoring removed nomblk_io_submit option [ 85.737499][ T5545] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.750381][ T5545] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 8: comm syz.4.674: lblock 8 mapped to illegal pblock 8 (length 8) [ 85.766002][ T5545] EXT4-fs error (device loop4): ext4_ext_remove_space:2955: inode #15: comm syz.4.674: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 85.850828][ T5557] loop0: detected capacity change from 0 to 1024 [ 85.861278][ T5557] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 85.967587][ T5557] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 85.975780][ T5557] EXT4-fs (loop0): orphan cleanup on readonly fs [ 85.987950][ T5557] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.675: bg 0: block 10: padding at end of block bitmap is not set [ 86.002967][ T5557] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.675: Failed to acquire dquot type 0 [ 86.014561][ T5557] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.675: Failed to acquire dquot type 0 [ 86.026578][ T5557] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.675: Freeing blocks not in datazone - block = 0, count = 4096 [ 86.040625][ T5557] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.675: Failed to acquire dquot type 0 [ 86.052068][ T5557] EXT4-fs (loop0): 1 orphan inode deleted [ 86.262141][ T5575] loop3: detected capacity change from 0 to 1024 [ 86.405030][ T5583] loop3: detected capacity change from 0 to 1024 [ 86.415674][ T5583] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.486419][ T5591] loop3: detected capacity change from 0 to 1024 [ 86.508339][ T5593] loop2: detected capacity change from 0 to 1024 [ 86.516104][ T5593] EXT4-fs: Ignoring removed nomblk_io_submit option [ 86.524523][ T5591] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.536746][ T5591] EXT4-fs error (device loop3): ext4_map_blocks:816: inode #15: block 8: comm syz.3.688: lblock 8 mapped to illegal pblock 8 (length 8) [ 86.552321][ T5591] EXT4-fs error (device loop3): ext4_ext_remove_space:2955: inode #15: comm syz.3.688: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 86.662520][ T5612] loop3: detected capacity change from 0 to 1024 [ 86.867467][ T5616] loop3: detected capacity change from 0 to 1024 [ 86.875053][ T5616] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 86.886297][ T5616] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 86.894527][ T5616] EXT4-fs (loop3): orphan cleanup on readonly fs [ 86.901570][ T5616] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.696: bg 0: block 10: padding at end of block bitmap is not set [ 86.915965][ T5616] __quota_error: 4663 callbacks suppressed [ 86.915978][ T5616] Quota error (device loop3): write_blk: dquota write failed [ 86.929214][ T5616] Quota error (device loop3): find_free_dqentry: Can't write quota data block 3 [ 86.938320][ T5616] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 86.948260][ T5616] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.696: Failed to acquire dquot type 0 [ 86.959857][ T5616] Quota error (device loop3): write_blk: dquota write failed [ 86.967265][ T5616] Quota error (device loop3): find_free_dqentry: Can't write quota data block 3 [ 86.976339][ T5616] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 86.986222][ T5616] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.696: Failed to acquire dquot type 0 [ 86.997324][ T29] audit: type=1326 audit(1751491097.801:31199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5565 comm="syz.4.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3939f1e929 code=0x7fc00000 [ 87.079973][ T5616] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.696: Freeing blocks not in datazone - block = 0, count = 4096 [ 87.094837][ T5616] Quota error (device loop3): write_blk: dquota write failed [ 87.102303][ T5616] Quota error (device loop3): find_free_dqentry: Can't write quota data block 3 [ 87.111388][ T5616] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 87.121285][ T5616] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.696: Failed to acquire dquot type 0 [ 87.128639][ T5621] loop4: detected capacity change from 0 to 512 [ 87.138540][ T5616] EXT4-fs (loop3): 1 orphan inode deleted [ 87.140336][ T5621] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 87.199291][ T5621] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.697: invalid indirect mapped block 2683928664 (level 1) [ 87.257125][ T5626] loop1: detected capacity change from 0 to 1024 [ 87.270096][ T5626] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.320052][ T5621] EXT4-fs (loop4): Remounting filesystem read-only [ 87.326922][ T5621] EXT4-fs (loop4): 1 truncate cleaned up [ 87.426127][ T5636] loop3: detected capacity change from 0 to 1024 [ 87.441038][ T5636] EXT4-fs: Ignoring removed nobh option [ 87.457365][ T5636] EXT4-fs (loop3): can't mount with both data=journal and delalloc [ 87.472538][ T5639] loop4: detected capacity change from 0 to 1024 [ 87.479737][ T5639] EXT4-fs: Ignoring removed nomblk_io_submit option [ 87.563411][ T5643] loop1: detected capacity change from 0 to 1024 [ 87.573657][ T5643] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 87.671491][ T5643] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 87.679934][ T5643] EXT4-fs (loop1): orphan cleanup on readonly fs [ 87.688069][ T5643] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.702: bg 0: block 10: padding at end of block bitmap is not set [ 87.702766][ T5643] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.702: Failed to acquire dquot type 0 [ 87.714264][ T5643] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.702: Failed to acquire dquot type 0 [ 87.725843][ T5643] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.702: Freeing blocks not in datazone - block = 0, count = 4096 [ 87.747097][ T5643] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.702: Failed to acquire dquot type 0 [ 87.759736][ T5643] EXT4-fs (loop1): 1 orphan inode deleted [ 87.876761][ T5650] loop4: detected capacity change from 0 to 1024 [ 87.913378][ T5650] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.930202][ T5650] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 8: comm syz.4.705: lblock 8 mapped to illegal pblock 8 (length 8) [ 87.946180][ T5656] netlink: 12 bytes leftover after parsing attributes in process `syz.2.707'. [ 87.956117][ T5650] EXT4-fs error (device loop4): ext4_ext_remove_space:2955: inode #15: comm syz.4.705: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 88.104716][ T5667] netlink: 80 bytes leftover after parsing attributes in process `syz.4.712'. [ 88.142424][ T5669] loop4: detected capacity change from 0 to 1024 [ 88.181107][ T5673] loop3: detected capacity change from 0 to 1024 [ 88.187809][ T5673] EXT4-fs: Ignoring removed nomblk_io_submit option [ 88.308545][ T5677] loop0: detected capacity change from 0 to 1024 [ 88.318834][ T5677] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 88.331000][ T5687] netlink: 12 bytes leftover after parsing attributes in process `syz.3.719'. [ 88.344020][ T5677] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 88.352165][ T5677] EXT4-fs (loop0): orphan cleanup on readonly fs [ 88.359118][ T5677] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.717: bg 0: block 10: padding at end of block bitmap is not set [ 88.370672][ T5692] loop1: detected capacity change from 0 to 512 [ 88.373427][ T5677] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.717: Failed to acquire dquot type 0 [ 88.391000][ T5677] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.717: Failed to acquire dquot type 0 [ 88.402370][ T5677] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.717: Freeing blocks not in datazone - block = 0, count = 4096 [ 88.405123][ T5692] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 88.416044][ T5677] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.717: Failed to acquire dquot type 0 [ 88.435023][ T5677] EXT4-fs (loop0): 1 orphan inode deleted [ 88.441898][ T5692] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.721: invalid indirect mapped block 2683928664 (level 1) [ 88.457017][ T5692] EXT4-fs (loop1): Remounting filesystem read-only [ 88.467636][ T5692] EXT4-fs (loop1): 1 truncate cleaned up [ 88.516399][ T5700] loop4: detected capacity change from 0 to 1024 [ 88.524159][ T5700] EXT4-fs: Ignoring removed orlov option [ 88.528627][ T5701] netlink: 80 bytes leftover after parsing attributes in process `syz.1.723'. [ 88.529911][ T5700] EXT4-fs: Ignoring removed nomblk_io_submit option [ 88.597947][ T5712] loop0: detected capacity change from 0 to 1024 [ 88.609594][ T5712] EXT4-fs: Ignoring removed nomblk_io_submit option [ 88.716206][ T5729] netlink: 12 bytes leftover after parsing attributes in process `syz.0.734'. [ 88.766693][ T5734] loop4: detected capacity change from 0 to 512 [ 88.776122][ T5736] netlink: 80 bytes leftover after parsing attributes in process `syz.0.737'. [ 88.778900][ T5734] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 88.795479][ T5734] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.736: invalid indirect mapped block 2683928664 (level 1) [ 88.810487][ T5734] EXT4-fs (loop4): Remounting filesystem read-only [ 88.817292][ T5734] EXT4-fs (loop4): 1 truncate cleaned up [ 88.997747][ T5753] loop1: detected capacity change from 0 to 1024 [ 89.033336][ T5753] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.292988][ T5766] netlink: 12 bytes leftover after parsing attributes in process `syz.4.747'. [ 89.311172][ T5769] netlink: 80 bytes leftover after parsing attributes in process `syz.0.749'. [ 89.329821][ T5770] loop2: detected capacity change from 0 to 1024 [ 89.337019][ T5770] EXT4-fs: Ignoring removed nomblk_io_submit option [ 89.342640][ T5774] loop0: detected capacity change from 0 to 1024 [ 89.373758][ T5774] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.505862][ T5794] loop3: detected capacity change from 0 to 1024 [ 89.562111][ T5800] netlink: 12 bytes leftover after parsing attributes in process `syz.0.760'. [ 89.589255][ T5802] netlink: 80 bytes leftover after parsing attributes in process `syz.0.761'. [ 89.629961][ T5804] loop0: detected capacity change from 0 to 1024 [ 89.641254][ T5804] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.698249][ T5808] loop3: detected capacity change from 0 to 1024 [ 89.715147][ T5808] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.726070][ T5810] loop0: detected capacity change from 0 to 1024 [ 89.733017][ T5810] EXT4-fs: Ignoring removed nomblk_io_submit option [ 89.873233][ T5840] loop3: detected capacity change from 0 to 1024 [ 89.876240][ T5831] loop1: detected capacity change from 0 to 512 [ 89.881682][ T5840] EXT4-fs: Ignoring removed orlov option [ 89.886294][ T5838] loop2: detected capacity change from 0 to 1024 [ 89.891662][ T5840] EXT4-fs: Ignoring removed nomblk_io_submit option [ 89.906079][ T5831] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 89.916597][ T5838] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.923193][ T5831] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.771: invalid indirect mapped block 2683928664 (level 1) [ 89.972543][ T5831] EXT4-fs (loop1): Remounting filesystem read-only [ 89.983369][ T5831] EXT4-fs (loop1): 1 truncate cleaned up [ 90.051079][ T5854] loop1: detected capacity change from 0 to 1024 [ 90.057818][ T5854] EXT4-fs: Ignoring removed nomblk_io_submit option [ 90.135126][ T5868] loop2: detected capacity change from 0 to 1024 [ 90.143699][ T5868] EXT4-fs: Ignoring removed nobh option [ 90.149568][ T5868] EXT4-fs (loop2): can't mount with both data=journal and delalloc [ 90.339215][ T5891] loop1: detected capacity change from 0 to 1024 [ 90.346017][ T5891] EXT4-fs: Ignoring removed nomblk_io_submit option [ 90.350740][ T5889] vhci_hcd: invalid port number 146 [ 90.357890][ T5889] vhci_hcd: default hub control req: 6017 v0005 i0092 l2 [ 90.565574][ T5910] loop1: detected capacity change from 0 to 512 [ 90.573220][ T5910] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 90.581475][ T5910] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.798: invalid indirect mapped block 2683928664 (level 1) [ 90.595664][ T5910] EXT4-fs (loop1): Remounting filesystem read-only [ 90.602249][ T5910] EXT4-fs (loop1): 1 truncate cleaned up [ 90.723644][ T5924] loop0: detected capacity change from 0 to 1024 [ 90.778218][ T5920] loop1: detected capacity change from 0 to 1024 [ 90.785113][ T5920] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 90.796092][ T5920] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 90.804260][ T5920] EXT4-fs (loop1): orphan cleanup on readonly fs [ 90.812210][ T5920] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.802: bg 0: block 10: padding at end of block bitmap is not set [ 90.826572][ T5920] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.802: Failed to acquire dquot type 0 [ 90.838291][ T5920] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.802: Failed to acquire dquot type 0 [ 90.849924][ T5920] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.802: Freeing blocks not in datazone - block = 0, count = 4096 [ 90.863505][ T5920] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.802: Failed to acquire dquot type 0 [ 90.873070][ T5930] loop3: detected capacity change from 0 to 1024 [ 90.881363][ T5920] EXT4-fs (loop1): 1 orphan inode deleted [ 90.881716][ T5930] EXT4-fs: Ignoring removed nomblk_io_submit option [ 91.002640][ T5943] loop2: detected capacity change from 0 to 512 [ 91.029901][ T5943] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 91.039428][ T5943] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.810: invalid indirect mapped block 2683928664 (level 1) [ 91.054945][ T5943] EXT4-fs (loop2): Remounting filesystem read-only [ 91.062131][ T5943] EXT4-fs (loop2): 1 truncate cleaned up [ 91.121389][ T5952] vhci_hcd: invalid port number 146 [ 91.126636][ T5952] vhci_hcd: default hub control req: 6017 v0005 i0092 l2 [ 91.315887][ T5964] loop0: detected capacity change from 0 to 1024 [ 91.323511][ T5964] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 91.341929][ T5968] loop3: detected capacity change from 0 to 1024 [ 91.348930][ T5964] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 91.357144][ T5964] EXT4-fs (loop0): orphan cleanup on readonly fs [ 91.368172][ T5964] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.819: bg 0: block 10: padding at end of block bitmap is not set [ 91.382536][ T5964] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.819: Failed to acquire dquot type 0 [ 91.398035][ T5964] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.819: Failed to acquire dquot type 0 [ 91.409608][ T5964] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.819: Freeing blocks not in datazone - block = 0, count = 4096 [ 91.424091][ T5964] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.819: Failed to acquire dquot type 0 [ 91.435417][ T5964] EXT4-fs (loop0): 1 orphan inode deleted [ 91.549401][ T5977] loop0: detected capacity change from 0 to 1024 [ 91.579018][ T5977] EXT4-fs: Ignoring removed nomblk_io_submit option [ 91.644810][ T5982] loop3: detected capacity change from 0 to 1024 [ 91.653650][ T5982] EXT4-fs: Ignoring removed orlov option [ 91.659404][ T5982] EXT4-fs: Ignoring removed nomblk_io_submit option [ 91.826441][ T5993] loop0: detected capacity change from 0 to 512 [ 91.867821][ T5993] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 91.885040][ T5993] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.826: invalid indirect mapped block 2683928664 (level 1) [ 91.924081][ T5993] EXT4-fs (loop0): Remounting filesystem read-only [ 91.937467][ T5993] EXT4-fs (loop0): 1 truncate cleaned up [ 92.253869][ T29] kauditd_printk_skb: 2224 callbacks suppressed [ 92.253881][ T29] audit: type=1326 audit(1751491103.071:33388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6013 comm="syz.4.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3939f1e929 code=0x7ffc0000 [ 92.283608][ T29] audit: type=1326 audit(1751491103.071:33389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6013 comm="syz.4.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f3939f1e929 code=0x7ffc0000 [ 92.306938][ T29] audit: type=1326 audit(1751491103.071:33390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6013 comm="syz.4.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3939f1e929 code=0x7ffc0000 [ 92.330374][ T29] audit: type=1326 audit(1751491103.071:33391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6013 comm="syz.4.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3939f1e929 code=0x7ffc0000 [ 92.353787][ T29] audit: type=1326 audit(1751491103.071:33392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6013 comm="syz.4.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3939f1e929 code=0x7ffc0000 [ 92.377185][ T29] audit: type=1326 audit(1751491103.071:33393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6013 comm="syz.4.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3939f1e929 code=0x7ffc0000 [ 92.407771][ T6016] loop0: detected capacity change from 0 to 512 [ 92.417718][ T6016] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 92.425919][ T29] audit: type=1326 audit(1751491103.131:33394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6013 comm="syz.4.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3939f1e929 code=0x7ffc0000 [ 92.449724][ T29] audit: type=1326 audit(1751491103.131:33395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6013 comm="syz.4.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3939f1e929 code=0x7ffc0000 [ 92.471055][ T6016] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.833: invalid indirect mapped block 2683928664 (level 1) [ 92.473292][ T29] audit: type=1326 audit(1751491103.221:33396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6013 comm="syz.4.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3939f1e929 code=0x7ffc0000 [ 92.510385][ T29] audit: type=1326 audit(1751491103.221:33397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6013 comm="syz.4.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3939f1e929 code=0x7ffc0000 [ 92.530167][ T6015] loop4: detected capacity change from 0 to 1024 [ 92.544664][ T6016] EXT4-fs (loop0): Remounting filesystem read-only [ 92.551429][ T6016] EXT4-fs (loop0): 1 truncate cleaned up [ 92.648515][ T6019] loop2: detected capacity change from 0 to 1024 [ 92.655534][ T6019] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 92.666801][ T6019] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 92.674942][ T6019] EXT4-fs (loop2): orphan cleanup on readonly fs [ 92.691383][ T6019] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.835: bg 0: block 10: padding at end of block bitmap is not set [ 92.705649][ T6019] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.835: Failed to acquire dquot type 0 [ 92.717014][ T6019] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.835: Failed to acquire dquot type 0 [ 92.729140][ T6019] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.835: Freeing blocks not in datazone - block = 0, count = 4096 [ 92.742754][ T6019] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.835: Failed to acquire dquot type 0 [ 92.743619][ T6022] loop0: detected capacity change from 0 to 1024 [ 92.761013][ T6019] EXT4-fs (loop2): 1 orphan inode deleted [ 92.767571][ T6022] EXT4-fs: Ignoring removed nobh option [ 92.780892][ T6022] EXT4-fs (loop0): can't mount with both data=journal and delalloc [ 92.822942][ T6030] loop4: detected capacity change from 0 to 1024 [ 92.846474][ T6030] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.872793][ T6037] loop2: detected capacity change from 0 to 512 [ 92.892167][ T6037] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 92.905387][ T6037] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.841: invalid indirect mapped block 2683928664 (level 1) [ 92.927257][ T6037] EXT4-fs (loop2): Remounting filesystem read-only [ 92.939909][ T6037] EXT4-fs (loop2): 1 truncate cleaned up [ 92.945709][ T6045] loop4: detected capacity change from 0 to 1024 [ 92.982523][ T6051] loop1: detected capacity change from 0 to 1024 [ 92.990173][ T6051] EXT4-fs: Ignoring removed orlov option [ 92.995959][ T6051] EXT4-fs: Ignoring removed nomblk_io_submit option [ 93.004422][ T6045] ext4 filesystem being mounted at /172/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.050234][ T6056] vhci_hcd: invalid port number 146 [ 93.055482][ T6056] vhci_hcd: default hub control req: 6017 v0005 i0092 l2 [ 93.132597][ T6066] loop4: detected capacity change from 0 to 1024 [ 93.139081][ T6063] loop3: detected capacity change from 0 to 1024 [ 93.147850][ T6063] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 93.160920][ T6063] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 93.169030][ T6063] EXT4-fs (loop3): orphan cleanup on readonly fs [ 93.170095][ T6074] loop2: detected capacity change from 0 to 1024 [ 93.176015][ T6063] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.852: bg 0: block 10: padding at end of block bitmap is not set [ 93.196105][ T6063] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.852: Failed to acquire dquot type 0 [ 93.207498][ T6063] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.852: Failed to acquire dquot type 0 [ 93.218910][ T6063] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.852: Freeing blocks not in datazone - block = 0, count = 4096 [ 93.221012][ T6074] ext4 filesystem being mounted at /172/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.235820][ T6063] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.852: Failed to acquire dquot type 0 [ 93.259407][ T6063] EXT4-fs (loop3): 1 orphan inode deleted [ 93.326658][ T6084] __nla_validate_parse: 4 callbacks suppressed [ 93.326672][ T6084] netlink: 28 bytes leftover after parsing attributes in process `syz.3.858'. [ 93.431924][ T6093] loop3: detected capacity change from 0 to 512 [ 93.438414][ T6091] loop4: detected capacity change from 0 to 1024 [ 93.439582][ T6093] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 93.452970][ T6093] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.862: invalid indirect mapped block 2683928664 (level 1) [ 93.461418][ T6091] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.467271][ T6093] EXT4-fs (loop3): Remounting filesystem read-only [ 93.483917][ T6093] EXT4-fs (loop3): 1 truncate cleaned up [ 93.560239][ T6100] vhci_hcd: invalid port number 146 [ 93.565563][ T6100] vhci_hcd: default hub control req: 6017 v0005 i0092 l2 [ 93.644086][ T6104] loop3: detected capacity change from 0 to 512 [ 93.651831][ T6104] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 93.682200][ T6104] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.693893][ T6104] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.865: corrupted xattr block 19: overlapping e_value [ 93.708447][ T6104] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 93.718645][ T6104] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.865: corrupted xattr block 19: overlapping e_value [ 93.734180][ T6104] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 93.743627][ T6104] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.865: corrupted xattr block 19: overlapping e_value [ 93.772087][ T6113] loop4: detected capacity change from 0 to 1024 [ 93.781718][ T6113] ext4 filesystem being mounted at /179/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.890841][ T6119] netlink: 28 bytes leftover after parsing attributes in process `syz.1.870'. [ 93.936926][ T6121] loop1: detected capacity change from 0 to 1024 [ 93.951339][ T6125] loop4: detected capacity change from 0 to 1024 [ 93.961943][ T6125] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.992301][ T6129] netlink: 12 bytes leftover after parsing attributes in process `syz.4.874'. [ 94.084627][ T6141] loop1: detected capacity change from 0 to 1024 [ 94.101378][ T6141] EXT4-fs: Ignoring removed orlov option [ 94.107097][ T6141] EXT4-fs: Ignoring removed nomblk_io_submit option [ 94.163074][ T6147] loop2: detected capacity change from 0 to 1024 [ 94.179040][ T6147] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.243275][ T6157] netlink: 28 bytes leftover after parsing attributes in process `syz.0.883'. [ 94.260089][ T6155] loop4: detected capacity change from 0 to 1024 [ 94.283815][ T6162] netlink: 12 bytes leftover after parsing attributes in process `syz.1.886'. [ 94.318218][ T6164] loop0: detected capacity change from 0 to 1024 [ 94.367820][ T6155] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.376700][ T6164] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.423707][ T6159] hub 9-0:1.0: USB hub found [ 94.428382][ T6159] hub 9-0:1.0: 8 ports detected [ 94.527532][ T6177] loop2: detected capacity change from 0 to 1024 [ 94.742724][ T6184] loop2: detected capacity change from 0 to 1024 [ 94.760931][ T6184] EXT4-fs: Ignoring removed orlov option [ 94.766665][ T6184] EXT4-fs: Ignoring removed nomblk_io_submit option [ 94.777898][ T6182] loop1: detected capacity change from 0 to 1024 [ 94.791698][ T6182] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.339621][ T6197] loop3: detected capacity change from 0 to 1024 [ 95.346574][ T6197] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 95.359013][ T6201] netlink: 12 bytes leftover after parsing attributes in process `syz.4.899'. [ 95.369440][ T6197] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 95.377651][ T6197] EXT4-fs (loop3): orphan cleanup on readonly fs [ 95.385572][ T6197] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.892: bg 0: block 10: padding at end of block bitmap is not set [ 95.400236][ T6197] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.892: Failed to acquire dquot type 0 [ 95.411724][ T6197] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.892: Failed to acquire dquot type 0 [ 95.423224][ T6197] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.892: Freeing blocks not in datazone - block = 0, count = 4096 [ 95.437878][ T6197] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.892: Failed to acquire dquot type 0 [ 95.449330][ T6197] EXT4-fs (loop3): 1 orphan inode deleted [ 95.467013][ T6206] loop4: detected capacity change from 0 to 512 [ 95.506321][ T6206] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 95.532809][ T6206] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.901: invalid indirect mapped block 2683928664 (level 1) [ 95.581326][ T6206] EXT4-fs (loop4): Remounting filesystem read-only [ 95.594502][ T6206] EXT4-fs (loop4): 1 truncate cleaned up [ 95.640351][ T6206] EXT4-fs mount: 138 callbacks suppressed [ 95.640368][ T6206] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.700059][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.794434][ T6215] loop4: detected capacity change from 0 to 512 [ 95.807858][ T6215] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 95.823293][ T6215] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.849638][ T6215] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.867252][ T6215] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.903: corrupted xattr block 19: overlapping e_value [ 95.896832][ T6220] loop3: detected capacity change from 0 to 1024 [ 95.921006][ T6215] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=15 [ 95.940310][ T6215] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.903: corrupted xattr block 19: overlapping e_value [ 95.967268][ T6215] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=15 [ 95.985098][ T6215] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.903: corrupted xattr block 19: overlapping e_value [ 96.001738][ T6220] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.014869][ T6220] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.038752][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.082723][ T6224] vhci_hcd: invalid port number 146 [ 96.087992][ T6224] vhci_hcd: default hub control req: 6017 v0005 i0092 l2 [ 96.153785][ T6228] loop0: detected capacity change from 0 to 1024 [ 96.294620][ T6231] loop1: detected capacity change from 0 to 1024 [ 96.314789][ T6231] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.318460][ T6233] netlink: 20 bytes leftover after parsing attributes in process `syz.2.909'. [ 96.326952][ T6231] ext4 filesystem being mounted at /173/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.363831][ T6239] netlink: 12 bytes leftover after parsing attributes in process `syz.0.911'. [ 96.453838][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.506137][ T6245] loop0: detected capacity change from 0 to 512 [ 96.514499][ T6245] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 96.523078][ T6241] hub 9-0:1.0: USB hub found [ 96.527784][ T6241] hub 9-0:1.0: 8 ports detected [ 96.534804][ T6245] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.914: invalid indirect mapped block 2683928664 (level 1) [ 96.553577][ T6254] loop1: detected capacity change from 0 to 1024 [ 96.587373][ T6245] EXT4-fs (loop0): Remounting filesystem read-only [ 96.605796][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.615544][ T6245] EXT4-fs (loop0): 1 truncate cleaned up [ 96.631885][ T6254] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.652753][ T6254] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.664439][ T6245] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.698741][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.711614][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.761069][ T6264] loop2: detected capacity change from 0 to 1024 [ 96.929515][ T6268] netlink: 12 bytes leftover after parsing attributes in process `syz.2.924'. [ 97.068851][ T6272] loop2: detected capacity change from 0 to 1024 [ 97.078321][ T6272] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 97.089376][ T6272] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 97.097368][ T6272] EXT4-fs (loop2): orphan cleanup on readonly fs [ 97.127647][ T6272] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.926: bg 0: block 10: padding at end of block bitmap is not set [ 97.142368][ T6272] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.926: Failed to acquire dquot type 0 [ 97.154372][ T6272] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.926: Failed to acquire dquot type 0 [ 97.165704][ T6272] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.926: Freeing blocks not in datazone - block = 0, count = 4096 [ 97.179383][ T6272] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.926: Failed to acquire dquot type 0 [ 97.192231][ T6272] EXT4-fs (loop2): 1 orphan inode deleted [ 97.286679][ T6272] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 97.342263][ T29] kauditd_printk_skb: 3461 callbacks suppressed [ 97.342277][ T29] audit: type=1326 audit(1751491108.161:36823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6274 comm="syz.0.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 97.376851][ T29] audit: type=1326 audit(1751491108.191:36824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6274 comm="syz.0.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 97.400326][ T29] audit: type=1326 audit(1751491108.191:36825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6274 comm="syz.0.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 97.400909][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.423685][ T29] audit: type=1326 audit(1751491108.191:36826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6274 comm="syz.0.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 97.456094][ T29] audit: type=1326 audit(1751491108.191:36827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6274 comm="syz.0.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 97.479770][ T29] audit: type=1326 audit(1751491108.191:36828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6274 comm="syz.0.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 97.503225][ T29] audit: type=1326 audit(1751491108.191:36829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6274 comm="syz.0.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 97.526635][ T29] audit: type=1326 audit(1751491108.191:36830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6274 comm="syz.0.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 97.550064][ T29] audit: type=1326 audit(1751491108.191:36831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6274 comm="syz.0.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 97.573541][ T29] audit: type=1326 audit(1751491108.191:36832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6274 comm="syz.0.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31e25de929 code=0x7ffc0000 [ 97.612925][ T6286] loop2: detected capacity change from 0 to 1024 [ 97.626058][ T6286] EXT4-fs: Ignoring removed orlov option [ 97.631887][ T6286] EXT4-fs: Ignoring removed nomblk_io_submit option [ 97.772364][ T6286] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.945468][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.968623][ T6297] loop3: detected capacity change from 0 to 512 [ 97.984515][ T6297] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 97.993648][ T6297] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.931: invalid indirect mapped block 2683928664 (level 1) [ 98.012130][ T6297] EXT4-fs (loop3): Remounting filesystem read-only [ 98.017760][ T6299] loop2: detected capacity change from 0 to 1024 [ 98.018796][ T6297] EXT4-fs (loop3): 1 truncate cleaned up [ 98.032373][ T6297] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.061786][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.071519][ T6299] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.083868][ T6299] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.122714][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.141764][ T6308] loop0: detected capacity change from 0 to 1024 [ 98.148474][ T6308] EXT4-fs: Ignoring removed nobh option [ 98.210729][ T6308] EXT4-fs (loop0): can't mount with both data=journal and delalloc [ 98.243663][ T6313] loop3: detected capacity change from 0 to 1024 [ 98.261354][ T6313] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.278279][ T6313] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.420640][ T6319] hub 9-0:1.0: USB hub found [ 98.425397][ T6319] hub 9-0:1.0: 8 ports detected [ 98.600896][ T6333] loop2: detected capacity change from 0 to 1024 [ 98.627917][ T6333] EXT4-fs: Ignoring removed orlov option [ 98.633703][ T6333] EXT4-fs: Ignoring removed nomblk_io_submit option [ 98.662283][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.682353][ T6333] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.916072][ T6343] loop0: detected capacity change from 0 to 1024 [ 98.931155][ T6343] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.945899][ T6343] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.978859][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.134296][ T6348] loop0: detected capacity change from 0 to 512 [ 99.144593][ T6348] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 99.153923][ T6348] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.945: invalid indirect mapped block 2683928664 (level 1) [ 99.168540][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.170830][ T6348] EXT4-fs (loop0): Remounting filesystem read-only [ 99.186270][ T6348] EXT4-fs (loop0): 1 truncate cleaned up [ 99.192598][ T6348] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.221951][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.236987][ T3309] ================================================================== [ 99.245124][ T3309] BUG: KCSAN: data-race in find_get_block_common / has_bh_in_lru [ 99.252849][ T3309] [ 99.255164][ T3309] read-write to 0xffff888237d26f10 of 8 bytes by task 6353 on cpu 1: [ 99.263216][ T3309] find_get_block_common+0x4f0/0x960 [ 99.268499][ T3309] bdev_getblk+0x83/0x3d0 [ 99.272825][ T3309] __ext4_get_inode_loc+0x303/0x930 [ 99.278027][ T3309] ext4_reserve_inode_write+0xd7/0x250 [ 99.283492][ T3309] __ext4_mark_inode_dirty+0x8c/0x3f0 [ 99.288865][ T3309] ext4_dirty_inode+0x92/0xc0 [ 99.293543][ T3309] __mark_inode_dirty+0x15c/0x760 [ 99.298562][ T3309] file_update_time+0x288/0x2b0 [ 99.303410][ T3309] ext4_page_mkwrite+0x18b/0xba0 [ 99.308342][ T3309] handle_mm_fault+0x15ce/0x2be0 [ 99.313270][ T3309] do_user_addr_fault+0x636/0x1090 [ 99.318377][ T3309] exc_page_fault+0x62/0xa0 [ 99.322872][ T3309] asm_exc_page_fault+0x26/0x30 [ 99.327710][ T3309] [ 99.330022][ T3309] read to 0xffff888237d26f10 of 8 bytes by task 3309 on cpu 0: [ 99.337549][ T3309] has_bh_in_lru+0x35/0x1f0 [ 99.342047][ T3309] smp_call_function_many_cond+0x38c/0xbf0 [ 99.347846][ T3309] on_each_cpu_cond_mask+0x3c/0x80 [ 99.352945][ T3309] invalidate_bh_lrus+0x2a/0x30 [ 99.357790][ T3309] blkdev_flush_mapping+0x9a/0x1a0 [ 99.362894][ T3309] bdev_release+0x2bf/0x3d0 [ 99.367387][ T3309] blkdev_release+0x15/0x20 [ 99.371883][ T3309] __fput+0x298/0x650 [ 99.375854][ T3309] ____fput+0x1c/0x30 [ 99.379825][ T3309] task_work_run+0x131/0x1a0 [ 99.384415][ T3309] exit_to_user_mode_loop+0xe4/0x100 [ 99.389705][ T3309] do_syscall_64+0x1d6/0x200 [ 99.394298][ T3309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.400181][ T3309] [ 99.402490][ T3309] value changed: 0x0000000000000000 -> 0xffff8881004509c0 [ 99.409581][ T3309] [ 99.411889][ T3309] Reported by Kernel Concurrency Sanitizer on: [ 99.418028][ T3309] CPU: 0 UID: 0 PID: 3309 Comm: syz-executor Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) [ 99.430601][ T3309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 99.440641][ T3309] ==================================================================