last executing test programs: 3.91043606s ago: executing program 0 (id=601): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r6], 0x54}}, 0x0) r7 = socket(0x1, 0x803, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newlink={0x50, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20, 0x20}}}}}}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 3.748674302s ago: executing program 0 (id=605): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x3}, 0x18) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) recvmmsg(r5, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f00000052c0)=""/235, 0xeb}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x3}, 0x3}], 0x1b00, 0x0, 0x0) 3.568907185s ago: executing program 4 (id=608): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0) sendmsg$NFT_BATCH(r0, 0x0, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)=@generic={&(0x7f0000000000)='./bus\x00', 0x0, 0x18}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000240)='./bus\x00', 0x404, &(0x7f0000000200)={[{@data_err_ignore}, {@mb_optimize_scan}]}, 0x1, 0x5e6, &(0x7f0000001200)="$eJzs3c1vFVUbAPBnbj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sRr5nam9LZzW3r7MZX5/ZJLZ+bc4TzT26fn3NNz5gZQWYPpP7WI/RExnUT0J/OLZZ2RFQ4uPO/Bnx+dTR9J1Ouv/Z5Ekh3Ln59kX/uyk3si4scfktjXsbLemblrF8enpiavZvvDs5emh2fmrh2+cGn8/OT5ycujL4yeOH7s+ImRI21d1/WCY6dvvvt+/ydjb37z1V/JyLe/jCVxMl7Onrj0OjbLYAw2vifJyqK+E5tdWUk6sp+TpS9x0lliQKxL/vp1RcQT0R8d8fDF64+PXyk1OGBL1ZOIOlBRifyHisr7Afl7++Xvg2ul9EqA7XD/1MIAwMr871wYG4yextjA7gdJLB3WSSKivZG5Znsi4u6dsZvn7ozdjC0ahwOKzd+IiCeL8j9p5P9A9MRAI/9rTfmf9gvOZF/T46+2Wf/yoWL5D9tnIf97Vs3/aJH/by3J/7fbrH/w4eY7vU3539vuJQEAAAAAAEBl3T4VEc8X/f2/tjj/Jwrm//RFxMlNqH9w2f7Kv//X7m1CNUCB+6ciXiqc/1vLZ/8OdGRb/2nMB+hKzl2YmjwSEf+NiEPRtSvdH1mljsOf7vuyVdlgNv8vf6T1383mAmZx3Ovc1XzOxPjs+EavG4i4fyPiqcL5v8li+58UtP/p74PpR6xj37O3zrQqWzv/ga1S/zriYGH7//CuFcnq9+cYbvQHhvNewUpPf/jZd63qbzf/3WICNi5t/3evnv8DydL79cysv46jc531VmXt9v+7k9cbt5zpzo59MD47e3Ukojs53ZEebTo+uv6Y4XGU50OeL2n+H3pm9fG/ov5/b0TML/u/kz+a1xTn/v9336+t4tH/h/Kk+T+xrvZ//Rujtwa+b1X/o7X/xxpt/aHsiPE/WPBFnqbdzccL0rGzqGi74wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAx0EtIvZEUhta3K7VhoYi+iLif7G7NnVlZva5c1feuzyRljU+/7+Wf9Jv/8J+kn/+/8CS/dFl+0cjYm9EfN7R29gfOntlaqLsiwcAAAAAAAAAAAAAAAAAAIAdoq/F+v/Ubx1lRwdsuc6yAwBKU5D/P5URB7D9tP9QXfIfqkv+Q3XJf6gu+Q/VJf+huuQ/VNc68z/JHgAAAAAAwM6098Dtn5OImH+xt/FIdWdlXaVGBmy1WtkBAKVxix+oLlP/oLrW+x7/5BbFAZRnrfm8PS1P2shM4OmzGzgZAAAAAAAAAAAAACrn4H7r/6GqrP+H6rL+H6orX/9/oOQ4gO3nPT4Qa6zkL1z/v+ZZAAAAAAAAAAAAAMBmmpm7dnF8amryqo03dkYY27lRr9evpz8FOyWef/lGPhV+p8SzbCNf6/doZ5X3OwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGj2TwAAAP//030lBw==") r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) write(r2, &(0x7f0000004200)='t', 0x1) sendfile(r2, r1, 0x0, 0x3ffff) write$binfmt_aout(r2, &(0x7f0000000600)=ANY=[], 0x20) sendfile(r2, r1, 0x0, 0x7ffff000) 3.077574282s ago: executing program 3 (id=613): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000780)=ANY=[@ANYBLOB="05000000000000007111800000000000851000000200000085000000050000009500000000000000950000008947fdf445de6cb359635a02e8375af6eb84181b0da6ef21b4458055497e061beb2a49e557353fc885fb4a57b53f0536b6ccca0410f7f7c75e38e078b047544660f1392cdb187a0ac7c7f4aedf57e7cdf5e847e86c3a7d6d02bcaa5b201c4e8e35"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x4, 0x5, 0x0, 0x1, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r0, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000580)}, 0x33) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000001240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0) bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r3}, 0x8) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000440)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}], {{}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94) 2.842853976s ago: executing program 0 (id=614): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x43}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) 2.55826822s ago: executing program 3 (id=615): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, 0x0}, 0x0) close(0xffffffffffffffff) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x48) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f0000000040)={0x0, 0x1, 0x0, 0xfffd, 0x3, 0x3}) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c0002800500010006"], 0x44}}, 0x0) 2.260967474s ago: executing program 2 (id=618): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000180), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7abff, 0x0, 0x3) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) fallocate(r1, 0x0, 0x0, 0x8000c62) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) pwritev2(r4, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xe7c, 0x0, 0x0) 2.029075098s ago: executing program 3 (id=619): creat(&(0x7f0000000080)='./file0\x00', 0x248) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x9, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) creat(&(0x7f0000000380)='./file0\x00', 0x2000000) 1.966435069s ago: executing program 1 (id=620): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x1, 0x7ffc1ffb}]}) pipe2(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000440)={0xa, &(0x7f00000003c0)=[{0x40, 0xc9, 0x0, 0xfe80}, {0x400, 0x2, 0x6, 0x9}, {0x5, 0x6c, 0x1, 0x85f6}, {0x3, 0x5, 0x6, 0x8}, {0x2c, 0xff, 0x0, 0xc100000}, {0x1, 0x2, 0x97, 0xffff7fff}, {0x7ff, 0x6, 0xf, 0x4}, {0x1, 0x80, 0x6, 0x200}, {0x8, 0x86}, {0x1ff, 0x6, 0x9, 0x6}]}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000015c0)='leases_conflict\x00'}, 0x18) socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0) copy_file_range(r3, &(0x7f0000000000)=0x7, r3, 0x0, 0x7, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'dvmrp0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r4, @ANYBLOB="080003"], 0x44}}, 0x0) 1.965226669s ago: executing program 3 (id=621): openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfe, 0x0, 0x7ffc0002}]}) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@noblock_validity}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x0, 0x5fd, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySG8rLm+kn+vD3PDEfEt0cjHq2srnfhytWz09Vaw3sR+xfPXdy/cOXqvvlz02dmz8yenzrwwsFDky9OHZzakDi358/Hjr/25Mfvv/383HfVfUkcjpOD787Eijg2yniMx508xNbygYg4lCXafC4Pmy0QQqlV8t/HwYh4PMaiUs81jMX8R4U2DuipWiWiBpRUov9DSTXHAc1j++6Og0/2eFTSP7eONA6AVsc/0Dg3EsP1Y6Ntt5OWI6PGuY0dG1B/Vsc/13Z/nj1i2XmIP+9unYENqKeTpesR8US7+JN623bUI83iT5e1I4mIyYj6OaCs/JUHaEPSku7FeZi1rDf+NCIO589Z+dF11j++It/v+AEop5tH8h35Upa7t//Lxh7N8U+0Gf+Mttl3rUfR+7/O47/m/n64fo48XTEOy8YsJ9q/5eDKgp8+PPZpp/pbx3/ZI6u/ORbsh1vXI3aviP+DLNh8/JPFn7TZ/tkqpw53V8er3/9yrNOyouOv3YjY0/b4596oNEutcX1y/9x8dXay8bNtHV9/89aXneovOv5s+2/rEH/L9k9Xvi77TC52WcdXJ26c67Rs9L7xpz8PJY3jzaG85J3pxcVLUxFDyfF8lZbyA2u3pblO8z2y+Pc+077/L/v9v778fUaafzK7cPGNs7c7LVvP9m+5mHyn1mUbOsnin7n/9l/V/7OyT7qs4483Lz/Vadla8Y88SGAAAAAAAABQQmn9GmySTtxNp+nERGO+7GOxLa1eWFh8du7C5fMzEXvr/w85mDavdI818kmWn8r/H7aZP7Ai/1xE7IyIzyoj9fzE6QvVmaKDBwAAAAAAAAAAAAAAAAAAgE1iez7/v3mf6t8rjfn/QEn08gZzwOam/0N51fv/qls8AWVg/w/lpf9Deen/UF76P5SX/g/lpf9Deen/UF76PwAAAABsSTufvvljEhFLL43UH5mhfJkZQbC1DRbdAKAwlaIbABTm7qV/g30ona7G/3/lXw7Y++YABUjaFdYHB7W1O//Ntq8EAAAAAAAAAAAAAHpgz67O8//NDYatzbQ/KK8HmP/vqwPgIeer/6G8HOMD95vFP9xpgfn/AAAAAAAAAAAAANA3o/VHkk7kc4FHI00nJiL+HxE7YjCZm6/OTkbEIxHxQ2Xwf1l+quhGAwAAAAAAAAAAAAAAAAAAwBazcOXq2elqdfZSa+LvVSVbO9G8C2of6no5/uOrIun/xzISEYVvlJ4lBlpKkoilbMtvioZdWojN0Yx6ouA/TAAAAAAAAAAAAAAAAAAAUEItc4/b2/1Fn1sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP137/7/vUsUHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HD6NwAA//+ipUAx") bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0), 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)={{0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x400000000000}) 1.96354966s ago: executing program 4 (id=622): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000180), &(0x7f0000000240)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x105042, 0x1db) writev(r2, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) 1.891793791s ago: executing program 1 (id=623): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r0, r2, 0x1, 0x0, @void}, 0x10) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10) connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_opts(r3, 0x0, 0x4, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000140), 0x4) 1.853817171s ago: executing program 2 (id=624): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r0, 0x0, 0x2}, 0x18) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000a44000/0x4000)=nil, 0x4000, 0x0, 0xbc32038f2d035af6, 0xffffffffffffffff, 0x2882c000) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000020000001c0012000c000100626f6e64"], 0x3c}}, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x58, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1f, 0x1f}}, @IFLA_VLAN_ID={0x6, 0x1, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0) 1.806526482s ago: executing program 1 (id=625): recvmsg$unix(0xffffffffffffffff, 0x0, 0x10042) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x8205, &(0x7f0000001340)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x15}}, {@stripe}, {@grpid}, {@errors_remount}, {@data_err_ignore}, {@noblock_validity}, {@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x13}}]}, 0x1, 0x60a, &(0x7f0000001c40)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBCDhaW5AivbGHJEDuGyJBDAgmEkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78lrR/pDn84FZvXkzu+999+lp3uzo7QRQWtPZQxpxOCIuJRFTTdsmo75xurHfw+/uXM6WJGq1/32bRNLIK/Z/1Pi5P3tIIsYj4tOzEb+vbC13/dbtqwvVWt2rEbMbq2uz67duH19ZXbiydGXp2vyJf548Nfev+ZPzuxJnEde58//901uvvfSP5c+qx5M4HRdHX1mMljh2y3RMx6NGiM35IxFxKku0eV/2miKEZMD1YGcqjd/H0Yg4FFNRydfqpmLlzYFWDuipWiWiBpRUov9DSRXjgOLcvhfnwcPswZn6CdDW+Efqn43EeH5utO9h0nRmVD/fPbAL5Wdl/HznyHvZEh0+hxjZhXI62bwbEX9sF3+S1+1A/ilOFn8aadPzsvRcRIw13ot0h+VPt6z3+/fvWeJvbocs3tONn1n+2R2WP+j4ASin+2caB/LNbO3J8S8bGRbjn2gz/plsc+zaiUEf/zqP/4rj/Xj+GXnaMg7LxjwX2r/kaGvGV2+ce6dT+c3jv2zJyi/Ggv3w4G7EkZb4X88Hc8nj9k/atH+2y6Uuy/jP59+c67Rt0PHX7kUcbXv+8+SKVpaa3VhdK/Jark/OLq9Ul+bqj23L+OiTFz/oVP6g48/aPzrEv137Z3lrXZbx4YV7q522TT41/vTrseRinhpr5Ly8sLFxYz5iLDnf2KUp/8T2dSn2KV4ji//YX9v3/23izxt6s8v41/5/9WE9tfUqadftv+WvSu5Rrcs6dJLFv7jD9n+7yzJ+eOHmn1uyJorEdvFPbH2ppNv3HAAAAAAAAMooza/BJunM43SazszU5/D+Ifal1evrG39bvn7z2mLEsfz/IUfT4kr3VH09ydbnG/8PW6yfaFn/e0QcjIh3KxP5+szl69XFQQcPAAAAAAAAAAAAAAAAAAAAQ2J/Y/5/cZ/q7yv1+f9d2TjU49oBPdfLG8wBw03/h/LK+/9O7+AK7GmO/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMBz6eBf7n+ZRMTmvyfyJTPW2DY60JoBvfbsfXy6J/UA+q/S16cBw+TxpX/T/6F0uhr//9j4csDeVwcYgKRdZj44qG3f+e+3fSYAAAAAAAAAAAAA0ANHD5v/D2WVxseDrgIwIL9iIr/vAIA9zlf/Q3k5xweeNot/vNMG8/8BAAAAAAAAAAAAoG8m8yVJZxq3AJ2MNJ2ZifhtRByI0WR5pbo0FxG/i4gvKqO/ydbnB11pAAAAAAAAAAAAAAAAAAAAeM6s37p9daFaXbrRnPhpS87znSjugjos9WlORNL/QiciYhhi701ipCknidjMWn4oKnZjPYaiGmlejQH/YQIAAAAAAAAAAAAAAAAAgBJqmnvc3pH3+1wjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi/J/f/33kiecrrDDpGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBv+iUAAP//q+Q5KA==") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) unshare(0x8000000) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) creat(0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000000906010200000000004e2200020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000003}, 0x80) 1.804818282s ago: executing program 0 (id=635): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000180), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7abff, 0x0, 0x3) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) fallocate(r1, 0x0, 0x0, 0x8000c62) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) pwritev2(r4, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xe7c, 0x0, 0x0) 1.482255437s ago: executing program 4 (id=626): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x30}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYRES32, @ANYBLOB="00000000000000001800120008000100736974"], 0x38}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0xffffffffffffffff}, 0x18) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x21081e, &(0x7f00000003c0)={[{@journal_async_commit}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@dioread_nolock}, {@auto_da_alloc}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, 0x0, 0x8, 0x101, 0x0, 0x0, {0x1, 0x0, 0x1}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @sctp}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x883e}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x88}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x40040000) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000240)={0x3920e, 0xffffffffffffffff, 0x0, 0x0, 0x9, 0x3}) 1.362383158s ago: executing program 3 (id=627): prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ffe000/0x1000)=nil) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc) syz_clone(0x44208400, 0x0, 0x0, 0x0, 0x0, 0x0) 1.24003708s ago: executing program 1 (id=628): mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10) r6 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}}) 1.155799882s ago: executing program 4 (id=629): r0 = syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000, 0x0, 0x0, 0x0, 0x1000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB, @ANYRES64=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f0000001540)=r1}, 0x20) prctl$PR_SET_NAME(0xf, &(0x7f0000001980)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8fv\x9f\x05\xd1\x984\xc8\x14\xaaa\xe9\x91\x8e\xf9\xc8\xa4e\x00u\xef\xc2\xa5\xe27\xb4\xcds\xf4*I\x8f\x00\x00\x00\x00\x00\x00\x10\xac5\x1a\v\n\xca\x18\xfc\xd3G\xbd\'\xad<\x19O\xa6#\x82\xff \x03\xccA\x9f\x0e@\r\x1cD\x80nbWR\\\xfb\xc0a\xc5\x95P\xe7\xf4fPA\xc8\x03\xaeN\x12u\x91\x18\x17\xab\xc9\xf2\x1d\x96D\xc8\x0ft\x88\xb6{\xf6p\xfaU\x9a\x8f\xb1\xaf\x90\xb2u\'\xdc\x81\f\xe1\\89d\xe9\x06\xb1\xd9\x90\xb4\x9f\x11\'\xac\x14r\xfa\x88\xc9p#~E\x1c\xab\x96\b\xad\f\xe6\xc9\xad\xc9\xa0\f\x83\xb94\x0e[\xcd\xd6\xc9O\xba\xac\xc5\'\xdb\xce\xb4\xa4\xa3\x9a\x1eXk\x92g\x81\x7f\xfdBr\x84\xaf:O\xcf}N\xe1\x91\xaf\xd1\xb7\xd6=\xaf\xc1gf\x9d\x0fl;y\x05\xc0\xd7\xef\x05\xd3\xa0U\x12\xf4\xe2>\xad\x1df\xcf\xaaL,#\x82:\xb6\x8d\x89\xd9i\xcd\x88\x9a\x83Ig\x15m\x15\x1d\xd7m\xa48\xb3\x06\xec\xbe\xa2\xb8\xb6\xc8\xbec\x968\xa3\x00;\x85\x90-\x12\x16\xfa\x86jf\x9c\x17h\fIaUK\xf8\xc3\xf2\xe9\xaa\xb4=H\x8bF\xdb\x18\xcfM\xf8\x93\xb2\xb2F\x017k\xbe\xadr\x8b\xf0T^m0\xe2\xec\x9f\xddi\x82}\xa1\x85\xc1\xb9\x8b\xd9\x12(\xd5\xb3\xa7\xe8\xfen\xf8\xf5\xe4z\x02uC\x8f\x18\xe4D\x90\xfa1\x0e\x1c\xa7\xe0)Z\x86;V\x03\x84\x9b\x97\xe1\x97\xc3\x8bSc\xb4\xc7\xafk\xda\xb6\a\x1d\v\x00\x00\x00\x00\x00\x00\x00\xffbz:\x04\xfa\xb0\xbc\x15b\x1b\x1f\xbc\x17c5 p\x0f\xbb2\xc7k\x1b\xe8\xe3G\xba\x8d\x9e\xf3s\xd7\x13-\x0ec++B\x96\x98\r\x03\x88\xd6b)m\x80h/?i\x82t\xad\x91\xe7\x8b\x10\xed\x02\xd7wmt\x18\x12g\xbcL@\x9f\x98=\xc4\x9d2\xb9\xb5\xd0\x0f\xfc9\xac!\xd7\xb3\xe3n\xfe\xc0S\xa3\xc1\xe3\xd4\xa4kN\xba\xd4F\x97C \x1ckK,T\x03\xb6\x19\x9a\xeb\x11=\x8b\xd6\x86\x10oR\x8d\xcf\xa3\x8a\x01\x92T\x05bE\n{\xf8\xbac\x10\x9a\xee{,\xb4?\x92#{\xe4Mv\xab\x1d\x957\f\xd1') bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000016c0)={[{@resgid}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}], [{@func={'func', 0x3d, 'CREDS_CHECK'}}, {@hash}, {@uid_eq}, {@obj_type={'obj_type', 0x3d, '-'}}, {@uid_gt}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@smackfstransmute}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@obj_user}, {@euid_lt}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x2e40ab, &(0x7f0000001800)=ANY=[@ANYBLOB="696e6f646533322c6e725f696e6d6425733d703c0058ad5dd55b5213"]) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x1, r0}) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x8, 0xfff, 0x7fffffffc}) ioprio_set$uid(0x3, 0x0, 0x0) 1.154804002s ago: executing program 1 (id=630): setreuid(0x0, 0xee01) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = gettid() r1 = eventfd2(0x0, 0x0) write$eventfd(r1, &(0x7f0000000140)=0xfffffffffffffff8, 0x8) write$eventfd(r1, &(0x7f0000000040)=0x8, 0x8) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) syz_open_pts(0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) clock_nanosleep(0x9, 0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 606.38381ms ago: executing program 0 (id=631): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002240)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0020000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc3600040543a34b195c6a8fc054282cd41b264906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af41000000000000007f5ab0d534b8d63e4ca3be71f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733097f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee24250d6d9cf19878dd62c53062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b017d23c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b9ee4a0a0b9636bef4c23788494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74587100e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f26c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada4764320889000000000000000000000000000000a790af4fc17872b55b10db99e212d18193235659df45627da300959eafc8bfb44f70d250f8f2e86532700254c9a8b14999f59c8b9034c4bb2448eaeff5db21d4a7f3d974790d4c3cba7c402f50585b9289d86400679e5c2bcacb2841ca074d51fdb4a29e84d72b6c996cfbee06aa52cd632e82ba068e8e1572ef2eb414ba5fccfc3c03e64df6a9cc3936c604aa2c0e2ec7b777475023f29b146af003472ce146a5ff997ba53c51026c0096154f9280a34bbf21d66f57a250b5397766122fc86950ce5252e96868cd04df54764cf2082153d6cedd8aaf9700c734aa4a1cb33a2e0a13c5687be4de327511bff9816d13c3219dac1c1535f10243db6f96960ea6a621f5e1b7babbedf0a6bf0cf74123d2e78d01be2b048883a2459eec630fb0293d28d9799fd3a792caff693fd9f002f14c43fb5a1051cc686b7f114d7927eed559bdf2e8ddea3e61d5d942b63fe90230b2e1948fc563ef94d437281671d2fe5032d2a091fa842b0af2e116ba"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x3, 0x0, &(0x7f0000000440)="5cdd30", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7737, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 604.79241ms ago: executing program 2 (id=632): socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r5) socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$SIOCSIFHWADDR(r5, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="630000004ec6"}) 583.08167ms ago: executing program 4 (id=633): creat(&(0x7f0000000080)='./file0\x00', 0x248) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x9, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) creat(&(0x7f0000000380)='./file0\x00', 0x2000000) 438.955102ms ago: executing program 3 (id=634): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0) sendmsg$NFT_BATCH(r0, 0x0, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)=@generic={&(0x7f0000000000)='./bus\x00', 0x0, 0x18}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000240)='./bus\x00', 0x404, &(0x7f0000000200)={[{@data_err_ignore}, {@mb_optimize_scan}]}, 0x1, 0x5e6, &(0x7f0000001200)="$eJzs3c1vFVUbAPBnbj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sRr5nam9LZzW3r7MZX5/ZJLZ+bc4TzT26fn3NNz5gZQWYPpP7WI/RExnUT0J/OLZZ2RFQ4uPO/Bnx+dTR9J1Ouv/Z5Ekh3Ln59kX/uyk3si4scfktjXsbLemblrF8enpiavZvvDs5emh2fmrh2+cGn8/OT5ycujL4yeOH7s+ImRI21d1/WCY6dvvvt+/ydjb37z1V/JyLe/jCVxMl7Onrj0OjbLYAw2vifJyqK+E5tdWUk6sp+TpS9x0lliQKxL/vp1RcQT0R8d8fDF64+PXyk1OGBL1ZOIOlBRifyHisr7Afl7++Xvg2ul9EqA7XD/1MIAwMr871wYG4yextjA7gdJLB3WSSKivZG5Znsi4u6dsZvn7ozdjC0ahwOKzd+IiCeL8j9p5P9A9MRAI/9rTfmf9gvOZF/T46+2Wf/yoWL5D9tnIf97Vs3/aJH/by3J/7fbrH/w4eY7vU3539vuJQEAAAAAAEBl3T4VEc8X/f2/tjj/Jwrm//RFxMlNqH9w2f7Kv//X7m1CNUCB+6ciXiqc/1vLZ/8OdGRb/2nMB+hKzl2YmjwSEf+NiEPRtSvdH1mljsOf7vuyVdlgNv8vf6T1383mAmZx3Ovc1XzOxPjs+EavG4i4fyPiqcL5v8li+58UtP/p74PpR6xj37O3zrQqWzv/ga1S/zriYGH7//CuFcnq9+cYbvQHhvNewUpPf/jZd63qbzf/3WICNi5t/3evnv8DydL79cysv46jc531VmXt9v+7k9cbt5zpzo59MD47e3Ukojs53ZEebTo+uv6Y4XGU50OeL2n+H3pm9fG/ov5/b0TML/u/kz+a1xTn/v9336+t4tH/h/Kk+T+xrvZ//Rujtwa+b1X/o7X/xxpt/aHsiPE/WPBFnqbdzccL0rGzqGi74wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAx0EtIvZEUhta3K7VhoYi+iLif7G7NnVlZva5c1feuzyRljU+/7+Wf9Jv/8J+kn/+/8CS/dFl+0cjYm9EfN7R29gfOntlaqLsiwcAAAAAAAAAAAAAAAAAAIAdoq/F+v/Ubx1lRwdsuc6yAwBKU5D/P5URB7D9tP9QXfIfqkv+Q3XJf6gu+Q/VJf+huuQ/VNc68z/JHgAAAAAAwM6098Dtn5OImH+xt/FIdWdlXaVGBmy1WtkBAKVxix+oLlP/oLrW+x7/5BbFAZRnrfm8PS1P2shM4OmzGzgZAAAAAAAAAAAAACrn4H7r/6GqrP+H6rL+H6orX/9/oOQ4gO3nPT4Qa6zkL1z/v+ZZAAAAAAAAAAAAAMBmmpm7dnF8amryqo03dkYY27lRr9evpz8FOyWef/lGPhV+p8SzbCNf6/doZ5X3OwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGj2TwAAAP//030lBw==") r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) write(r2, &(0x7f0000004200)='t', 0x1) sendfile(r2, r1, 0x0, 0x3ffff) write$binfmt_aout(r2, &(0x7f0000000600)=ANY=[], 0x20) sendfile(r2, r1, 0x0, 0x7ffff000) 408.168653ms ago: executing program 2 (id=636): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) getsockopt$inet6_buf(0xffffffffffffffff, 0x6, 0x6, 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x141c00, 0x0) ioctl$TCSETS(r2, 0x40045431, 0x0) r3 = socket$inet6(0xa, 0x5, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) listen(r3, 0x50) close_range(r2, 0xffffffffffffffff, 0x0) 407.531273ms ago: executing program 4 (id=637): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x8014, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000) 367.869094ms ago: executing program 2 (id=638): bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94) r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x20}}, 0x2}}, 0x2e) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) syz_clone(0x40800000, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)={0x34, r2, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x30) 176.368306ms ago: executing program 2 (id=639): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) r1 = getpid() r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0) sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r4}, &(0x7f0000000200), &(0x7f0000000800)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18) bind$packet(0xffffffffffffffff, 0x0, 0x0) 168.582787ms ago: executing program 1 (id=649): socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="010001000000000000001000015b097ead858478", 0x14, 0xfffffffffffffffd) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) r1 = gettid() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) read(r0, &(0x7f00000003c0)=""/4096, 0x1000) 0s ago: executing program 0 (id=640): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x61680, 0x20, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) r2 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socketpair(0xa, 0x3, 0x4, &(0x7f0000000000)) sendmsg$unix(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000540)={0x2, 0x80, 0x56, 0x8e, 0x7, 0x2, 0x0, 0x5, 0x4b620, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000280)}, 0x20, 0x5, 0x2, 0x8, 0x100000000, 0x9, 0x2000, 0x0, 0x1, 0x0, 0x3}) close(r3) syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): (slave bond_slave_1): Enslaving as an active interface with an up link [ 27.873479][ T3315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 27.907299][ T3315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 27.924378][ T3318] team0: Port device team_slave_0 added [ 27.930575][ T3307] team0: Port device team_slave_0 added [ 27.952947][ T3318] team0: Port device team_slave_1 added [ 27.963975][ T3307] team0: Port device team_slave_1 added [ 27.977783][ T3315] team0: Port device team_slave_0 added [ 27.998454][ T3315] team0: Port device team_slave_1 added [ 28.014492][ T3318] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 28.021469][ T3318] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 28.048021][ T3318] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 28.076500][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 28.083473][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 28.109587][ T3315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 28.120397][ T3318] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 28.127451][ T3318] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 28.153425][ T3318] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 28.167098][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 28.174209][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 28.200284][ T3307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 28.211476][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 28.218460][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 28.245067][ T3307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 28.258161][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 28.265206][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 28.291321][ T3315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 28.342590][ T3315] hsr_slave_0: entered promiscuous mode [ 28.348662][ T3315] hsr_slave_1: entered promiscuous mode [ 28.355223][ T3315] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 28.362765][ T3315] Cannot create hsr debugfs directory [ 28.381167][ T3307] hsr_slave_0: entered promiscuous mode [ 28.387328][ T3307] hsr_slave_1: entered promiscuous mode [ 28.393216][ T3307] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 28.400793][ T3307] Cannot create hsr debugfs directory [ 28.408250][ T3318] hsr_slave_0: entered promiscuous mode [ 28.414705][ T3318] hsr_slave_1: entered promiscuous mode [ 28.420592][ T3318] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 28.428462][ T3318] Cannot create hsr debugfs directory [ 28.439062][ T3306] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 28.472628][ T3306] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 28.487282][ T3306] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 28.498199][ T3306] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 28.541251][ T3311] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 28.563089][ T3311] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 28.587378][ T3311] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 28.611867][ T3311] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 28.649823][ T3307] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 28.658464][ T3307] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 28.670020][ T3307] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 28.684225][ T3307] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 28.715935][ T3315] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 28.727730][ T3315] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 28.738517][ T3315] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 28.747821][ T3315] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 28.762655][ T3306] 8021q: adding VLAN 0 to HW filter on device bond0 [ 28.785491][ T3306] 8021q: adding VLAN 0 to HW filter on device team0 [ 28.803391][ T3318] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 28.813177][ T3318] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 28.822215][ T3318] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 28.831199][ T3318] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 28.843569][ T3311] 8021q: adding VLAN 0 to HW filter on device bond0 [ 28.853390][ T2218] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.860525][ T2218] bridge0: port 1(bridge_slave_0) entered forwarding state [ 28.880582][ T160] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.887659][ T160] bridge0: port 2(bridge_slave_1) entered forwarding state [ 28.897442][ T3311] 8021q: adding VLAN 0 to HW filter on device team0 [ 28.922789][ T160] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.929984][ T160] bridge0: port 1(bridge_slave_0) entered forwarding state [ 28.939199][ T160] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.946328][ T160] bridge0: port 2(bridge_slave_1) entered forwarding state [ 28.967716][ T3307] 8021q: adding VLAN 0 to HW filter on device bond0 [ 28.995006][ T3307] 8021q: adding VLAN 0 to HW filter on device team0 [ 29.030255][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.037510][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.069478][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.076625][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.102242][ T3315] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.116148][ T3306] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 29.133979][ T3315] 8021q: adding VLAN 0 to HW filter on device team0 [ 29.142516][ T3311] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 29.155146][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.167480][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.174693][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.183034][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.190082][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.210394][ T3318] 8021q: adding VLAN 0 to HW filter on device team0 [ 29.257924][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.265175][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.277161][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.284299][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.297686][ T3307] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 29.380800][ T3311] veth0_vlan: entered promiscuous mode [ 29.388491][ T3306] veth0_vlan: entered promiscuous mode [ 29.427101][ T3306] veth1_vlan: entered promiscuous mode [ 29.440559][ T3311] veth1_vlan: entered promiscuous mode [ 29.450769][ T3318] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 29.471801][ T3315] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 29.490255][ T3311] veth0_macvtap: entered promiscuous mode [ 29.501763][ T3306] veth0_macvtap: entered promiscuous mode [ 29.528137][ T3311] veth1_macvtap: entered promiscuous mode [ 29.541396][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 29.557621][ T3306] veth1_macvtap: entered promiscuous mode [ 29.566175][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 29.578284][ T3307] veth0_vlan: entered promiscuous mode [ 29.589501][ T3311] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 29.598521][ T3311] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 29.607378][ T3311] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 29.616313][ T3311] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 29.634745][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 29.644688][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 29.659825][ T3318] veth0_vlan: entered promiscuous mode [ 29.666547][ T3306] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 29.675538][ T3306] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 29.684366][ T3306] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 29.693079][ T3306] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 29.706718][ T3307] veth1_vlan: entered promiscuous mode [ 29.726564][ T3318] veth1_vlan: entered promiscuous mode [ 29.738479][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 29.738494][ T29] audit: type=1400 audit(1750358133.358:82): avc: denied { mounton } for pid=3311 comm="syz-executor" path="/root/syzkaller.CpR2O5/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 29.769132][ T29] audit: type=1400 audit(1750358133.358:83): avc: denied { mount } for pid=3311 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 29.792205][ T29] audit: type=1400 audit(1750358133.358:84): avc: denied { mounton } for pid=3311 comm="syz-executor" path="/root/syzkaller.CpR2O5/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 29.817936][ T29] audit: type=1400 audit(1750358133.358:85): avc: denied { mount } for pid=3311 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 29.839783][ T29] audit: type=1400 audit(1750358133.358:86): avc: denied { mounton } for pid=3311 comm="syz-executor" path="/root/syzkaller.CpR2O5/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 29.866665][ T29] audit: type=1400 audit(1750358133.358:87): avc: denied { mounton } for pid=3311 comm="syz-executor" path="/root/syzkaller.CpR2O5/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 29.894228][ T29] audit: type=1400 audit(1750358133.358:88): avc: denied { unmount } for pid=3311 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 29.915173][ T29] audit: type=1400 audit(1750358133.418:89): avc: denied { mounton } for pid=3311 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 29.938064][ T29] audit: type=1400 audit(1750358133.418:90): avc: denied { mount } for pid=3311 comm="syz-executor" name="/" dev="gadgetfs" ino=3697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 29.962544][ T3311] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 29.974491][ T3307] veth0_macvtap: entered promiscuous mode [ 29.986725][ T3307] veth1_macvtap: entered promiscuous mode [ 30.004321][ T3318] veth0_macvtap: entered promiscuous mode [ 30.011826][ T3318] veth1_macvtap: entered promiscuous mode [ 30.023345][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.037736][ T29] audit: type=1400 audit(1750358133.658:91): avc: denied { read write } for pid=3311 comm="syz-executor" name="loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 30.047455][ T3318] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.070442][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.082220][ T3307] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.091158][ T3307] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.100101][ T3307] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.108991][ T3307] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.109314][ T3478] loop1: detected capacity change from 0 to 512 [ 30.123265][ T3315] veth0_vlan: entered promiscuous mode [ 30.135673][ T3478] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 30.136304][ T3318] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.149004][ T3478] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 30.151477][ T3478] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 30.174887][ T3478] System zones: 1-12 [ 30.180409][ T3315] veth1_vlan: entered promiscuous mode [ 30.189953][ T3478] EXT4-fs (loop1): 1 truncate cleaned up [ 30.197231][ T3478] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 30.216482][ T3315] veth0_macvtap: entered promiscuous mode [ 30.231635][ T3476] loop0: detected capacity change from 0 to 2048 [ 30.243214][ T3318] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.252137][ T3318] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.260972][ T3318] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.269788][ T3318] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.297575][ T3476] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 30.312363][ T3315] veth1_macvtap: entered promiscuous mode [ 30.328977][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.361788][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.390333][ T3315] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.399362][ T3315] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.408304][ T3315] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.417108][ T3315] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.569853][ T3495] loop3: detected capacity change from 0 to 1024 [ 30.611307][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 30.639448][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 30.641041][ T3495] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 31.101843][ T3500] syz.0.6 (3500) used greatest stack depth: 10872 bytes left [ 31.485739][ T3531] tipc: Failed to obtain node identity [ 31.491434][ T3531] tipc: Enabling of bearer rejected, failed to enable media [ 31.644364][ T3490] syz.2.3 (3490) used greatest stack depth: 10728 bytes left [ 31.686698][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 31.919405][ C1] hrtimer: interrupt took 40555 ns [ 31.973714][ T3542] ÿÿÿÿÿÿ: renamed from vlan1 (while UP) [ 31.990920][ T3544] netlink: 'syz.3.18': attribute type 1 has an invalid length. [ 32.088269][ T3549] gretap1: entered promiscuous mode [ 32.108103][ T3523] kexec: Could not allocate swap buffer [ 32.141667][ T3551] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 32.152261][ T3551] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 32.156097][ T3544] 8021q: VLANs not supported on sit0 [ 32.193186][ T3557] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 32.244834][ T3557] netlink: 'syz.1.23': attribute type 13 has an invalid length. [ 32.264925][ T3556] netlink: 'syz.4.24': attribute type 10 has an invalid length. [ 32.265438][ T3551] syz.2.21 (3551) used greatest stack depth: 10712 bytes left [ 32.286386][ T3556] netlink: 40 bytes leftover after parsing attributes in process `syz.4.24'. [ 32.461369][ T3557] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.468812][ T3557] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.514336][ T3557] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 32.525638][ T3557] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 32.566059][ T3567] loop2: detected capacity change from 0 to 512 [ 32.748104][ T3557] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 32.757144][ T3557] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 32.766125][ T3557] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 32.775260][ T3557] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 33.061798][ T3556] team0: Port device geneve1 added [ 33.129683][ T3567] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.142366][ T3567] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 33.472845][ T3556] syz.4.24 (3556) used greatest stack depth: 9992 bytes left [ 33.725474][ T3577] vlan2: entered allmulticast mode [ 33.823223][ T3579] loop1: detected capacity change from 0 to 512 [ 33.881747][ T3579] EXT4-fs (loop1): 1 orphan inode deleted [ 33.914527][ T3579] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.990343][ T3579] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 34.023018][ T3583] Cannot find add_set index 0 as target [ 34.396199][ T41] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1 [ 34.457478][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.480982][ T3579] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 34.534851][ T3587] netlink: 14 bytes leftover after parsing attributes in process `syz.2.30'. [ 34.543836][ T3587] hsr_slave_0: left promiscuous mode [ 34.556244][ T3587] hsr_slave_1: left promiscuous mode [ 34.580610][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.857434][ T3593] loop2: detected capacity change from 0 to 8192 [ 34.907919][ T29] kauditd_printk_skb: 128 callbacks suppressed [ 34.907938][ T29] audit: type=1400 audit(1750358138.528:219): avc: denied { mount } for pid=3592 comm="syz.2.33" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 34.971918][ T29] audit: type=1400 audit(1750358138.588:220): avc: denied { create } for pid=3592 comm="syz.2.33" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 35.025101][ T29] audit: type=1400 audit(1750358138.648:221): avc: denied { unmount } for pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 35.081258][ T29] audit: type=1400 audit(1750358138.698:222): avc: denied { watch_reads } for pid=3594 comm="syz.0.34" path="/4" dev="tmpfs" ino=34 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 35.082170][ T3595] process 'syz.0.34' launched './file1' with NULL argv: empty string added [ 35.137584][ T29] audit: type=1400 audit(1750358138.698:223): avc: denied { execute } for pid=3594 comm="syz.0.34" name="file1" dev="tmpfs" ino=39 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 35.159760][ T29] audit: type=1400 audit(1750358138.738:224): avc: denied { execute_no_trans } for pid=3594 comm="syz.0.34" path="/4/file1" dev="tmpfs" ino=39 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 35.185850][ T29] audit: type=1326 audit(1750358138.788:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3594 comm="syz.0.34" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f54e680e929 code=0x0 [ 35.214800][ T3597] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 35.255217][ T29] audit: type=1400 audit(1750358138.878:226): avc: denied { read } for pid=3598 comm="syz.2.35" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 35.278577][ T29] audit: type=1400 audit(1750358138.878:227): avc: denied { open } for pid=3598 comm="syz.2.35" path="/dev/ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 35.304631][ T3599] 9pnet_fd: Insufficient options for proto=fd [ 35.310044][ T3603] loop4: detected capacity change from 0 to 128 [ 35.330799][ T3599] loop2: detected capacity change from 0 to 512 [ 35.337658][ T3599] ======================================================= [ 35.337658][ T3599] WARNING: The mand mount option has been deprecated and [ 35.337658][ T3599] and is ignored by this kernel. Remove the mand [ 35.337658][ T3599] option from the mount to silence this warning. [ 35.337658][ T3599] ======================================================= [ 35.377167][ T29] audit: type=1400 audit(1750358138.928:228): avc: denied { write } for pid=3598 comm="syz.2.35" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 35.415512][ T3606] syz.4.37: attempt to access beyond end of device [ 35.415512][ T3606] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 35.438266][ T3606] syz.4.37: attempt to access beyond end of device [ 35.438266][ T3606] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 35.452157][ T3603] syz.4.37: attempt to access beyond end of device [ 35.452157][ T3603] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 35.465561][ T3599] EXT4-fs (loop2): required journal recovery suppressed and not mounted read-only [ 35.475509][ T3606] syz.4.37: attempt to access beyond end of device [ 35.475509][ T3606] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 35.498825][ T3606] syz.4.37: attempt to access beyond end of device [ 35.498825][ T3606] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 35.535062][ T3606] syz.4.37: attempt to access beyond end of device [ 35.535062][ T3606] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 35.548801][ T3606] syz.4.37: attempt to access beyond end of device [ 35.548801][ T3606] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 35.562799][ T3603] syz.4.37: attempt to access beyond end of device [ 35.562799][ T3603] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 35.577370][ T3603] syz.4.37: attempt to access beyond end of device [ 35.577370][ T3603] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 35.599205][ T3606] syz.4.37: attempt to access beyond end of device [ 35.599205][ T3606] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 35.721023][ T3617] loop3: detected capacity change from 0 to 128 [ 35.832224][ T3624] loop3: detected capacity change from 0 to 764 [ 35.911713][ T3624] rock: directory entry would overflow storage [ 35.918058][ T3624] rock: sig=0x4654, size=5, remaining=4 [ 35.948195][ T3624] rock: directory entry would overflow storage [ 35.954513][ T3624] rock: sig=0x4f50, size=4, remaining=3 [ 35.960088][ T3624] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 36.033954][ T3627] mmap: syz.4.45 (3627) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 36.239768][ T3637] Cannot find add_set index 0 as target [ 36.315208][ T3627] Cannot find del_set index 0 as target [ 36.870260][ T3613] loop2: detected capacity change from 0 to 1024 [ 37.000503][ T3613] EXT4-fs: Ignoring removed orlov option [ 37.018606][ T3613] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 37.074939][ T3650] netlink: 4 bytes leftover after parsing attributes in process `syz.3.51'. [ 37.101501][ T3613] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 37.259521][ T3650] hsr_slave_0 (unregistering): left promiscuous mode [ 38.078601][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.441495][ T3670] loop4: detected capacity change from 0 to 2048 [ 38.487131][ T3670] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 38.508642][ T3680] netlink: 112 bytes leftover after parsing attributes in process `syz.0.60'. [ 38.517895][ T3680] Zero length message leads to an empty skb [ 38.526925][ T3420] IPVS: starting estimator thread 0... [ 38.623946][ T3681] IPVS: using max 2976 ests per chain, 148800 per kthread [ 39.249027][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.258414][ T3694] netlink: 2036 bytes leftover after parsing attributes in process `syz.2.65'. [ 39.267459][ T3694] netlink: 24 bytes leftover after parsing attributes in process `syz.2.65'. [ 39.423768][ T3691] loop1: detected capacity change from 0 to 512 [ 39.454903][ T3691] EXT4-fs: Ignoring removed nomblk_io_submit option [ 39.506466][ T3691] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.540538][ T3691] ext4 filesystem being mounted at /8/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 39.740331][ T3711] loop0: detected capacity change from 0 to 512 [ 39.758780][ T3711] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 39.778633][ T3711] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 39.914068][ T3711] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 39.929464][ T3711] EXT4-fs (loop0): 1 truncate cleaned up [ 39.937162][ T3711] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.973981][ T29] kauditd_printk_skb: 291 callbacks suppressed [ 39.974048][ T29] audit: type=1400 audit(1750358143.568:520): avc: denied { ioctl } for pid=3690 comm="syz.1.64" path="/8/bus/file2" dev="loop1" ino=16 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 40.095730][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.297946][ T29] audit: type=1400 audit(1750358143.678:521): avc: denied { lock } for pid=3708 comm="syz.0.72" path="/16/bus/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 40.334966][ T3720] netlink: 'syz.4.75': attribute type 39 has an invalid length. [ 40.368174][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.369479][ T3720] veth1_macvtap: left promiscuous mode [ 40.387439][ T3722] !: renamed from dummy0 (while UP) [ 40.629685][ T3724] tipc: Started in network mode [ 40.634651][ T3724] tipc: Node identity ac14140f, cluster identity 4711 [ 40.776736][ T3724] tipc: New replicast peer: 255.255.255.255 [ 40.782877][ T3724] tipc: Enabled bearer , priority 10 [ 41.109034][ T3741] loop3: detected capacity change from 0 to 512 [ 41.138375][ T3740] loop4: detected capacity change from 0 to 1024 [ 41.147522][ T3741] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 41.169160][ T3740] EXT4-fs: Ignoring removed bh option [ 41.178190][ T3740] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 41.197844][ T3741] EXT4-fs (loop3): 1 truncate cleaned up [ 41.206190][ T3741] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.218271][ T3740] EXT4-fs error (device loop4): ext4_quota_enable:7124: comm syz.4.82: inode #2304: comm syz.4.82: iget: illegal inode # [ 41.253611][ T3746] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.266568][ T29] audit: type=1400 audit(1750358144.858:522): avc: denied { bind } for pid=3745 comm="syz.2.84" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 41.287608][ T29] audit: type=1400 audit(1750358144.858:523): avc: denied { setopt } for pid=3745 comm="syz.2.84" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 41.289681][ T3740] EXT4-fs (loop4): Remounting filesystem read-only [ 41.314610][ T3740] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix. [ 41.333771][ T3749] netlink: 'syz.2.84': attribute type 10 has an invalid length. [ 41.341659][ T3749] netlink: 40 bytes leftover after parsing attributes in process `syz.2.84'. [ 41.352663][ T3740] EXT4-fs (loop4): mount failed [ 41.357900][ T29] audit: type=1400 audit(1750358144.888:524): avc: denied { write } for pid=3742 comm="syz.0.83" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 41.380626][ T29] audit: type=1400 audit(1750358144.888:525): avc: denied { create } for pid=3742 comm="syz.0.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 41.399991][ T29] audit: type=1400 audit(1750358144.888:526): avc: denied { create } for pid=3742 comm="syz.0.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 41.419315][ T29] audit: type=1400 audit(1750358144.908:527): avc: denied { append } for pid=3735 comm="syz.3.80" path="/20/file1/blkio.bfq.avg_queue_size" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 41.444006][ T29] audit: type=1400 audit(1750358144.938:528): avc: denied { sqpoll } for pid=3742 comm="syz.0.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 41.463480][ T29] audit: type=1400 audit(1750358145.028:529): avc: denied { map } for pid=3735 comm="syz.3.80" path="/20/file1/blkio.bfq.avg_queue_size" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 41.489227][ T3749] team0: Failed to send port change of device geneve1 via netlink (err -105) [ 41.502668][ T3749] team0: Failed to send options change via netlink (err -105) [ 41.510464][ T3749] team0: Port device geneve1 added [ 41.543411][ T3746] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.558527][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.637720][ T3746] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.670072][ T3760] netlink: 4 bytes leftover after parsing attributes in process `syz.0.88'. [ 41.678902][ T3760] netlink: 4 bytes leftover after parsing attributes in process `syz.0.88'. [ 41.687942][ T3760] netlink: 4 bytes leftover after parsing attributes in process `syz.0.88'. [ 41.691965][ T3762] netlink: 'syz.3.89': attribute type 27 has an invalid length. [ 41.741282][ T3762] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.748526][ T3762] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.780313][ T3767] loop3: detected capacity change from 0 to 1024 [ 41.786789][ T3762] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 41.789133][ T3762] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 41.794250][ T3357] tipc: Node number set to 2886997007 [ 41.815768][ T3767] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 41.836735][ T3762] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.846042][ T3762] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.855768][ T3762] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.864886][ T3762] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.896634][ T3746] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.968724][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.976565][ T3746] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.990423][ T3746] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.002629][ T3746] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.041514][ T3777] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.052810][ T3779] loop3: detected capacity change from 0 to 512 [ 42.069286][ T3780] netlink: 'syz.4.97': attribute type 10 has an invalid length. [ 42.077460][ T3780] netlink: 40 bytes leftover after parsing attributes in process `syz.4.97'. [ 42.086979][ T3746] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.095601][ T3779] EXT4-fs (loop3): blocks per group (71) and clusters per group (20800) inconsistent [ 42.132463][ T3777] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.161691][ T3780] team0: Failed to send port change of device geneve1 via netlink (err -105) [ 42.277064][ T3777] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.448115][ T3777] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.517378][ T3777] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.532598][ T3777] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.549913][ T3777] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.643152][ T3777] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.094483][ T3803] netlink: 'syz.4.105': attribute type 4 has an invalid length. [ 43.145197][ T3806] netlink: 'syz.4.105': attribute type 4 has an invalid length. [ 43.858314][ T3793] syz.0.101 (3793) used greatest stack depth: 7160 bytes left [ 43.926597][ T3822] loop3: detected capacity change from 0 to 1024 [ 43.959151][ T3822] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 43.981887][ T3822] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 44.000352][ T3822] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 44.016673][ T3822] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28 [ 44.029123][ T3822] EXT4-fs (loop3): This should not happen!! Data will be lost [ 44.029123][ T3822] [ 44.038907][ T3822] EXT4-fs (loop3): Total free blocks count 0 [ 44.045033][ T3822] EXT4-fs (loop3): Free/Dirty block details [ 44.050961][ T3822] EXT4-fs (loop3): free_blocks=4293918720 [ 44.056735][ T3822] EXT4-fs (loop3): dirty_blocks=64 [ 44.061897][ T3822] EXT4-fs (loop3): Block reservation details [ 44.067916][ T3822] EXT4-fs (loop3): i_reserved_data_blocks=4 [ 44.082302][ T3829] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 48 with error 28 [ 44.396730][ T3848] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 44.433320][ T3850] loop2: detected capacity change from 0 to 512 [ 44.454088][ T3850] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 44.501357][ T3850] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.122: invalid indirect mapped block 2683928664 (level 1) [ 44.537227][ T3850] EXT4-fs (loop2): Remounting filesystem read-only [ 44.545898][ T3850] EXT4-fs (loop2): 1 truncate cleaned up [ 44.552036][ T3850] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.667205][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.735078][ T3865] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 44.763684][ T3865] team_slave_0: entered promiscuous mode [ 44.763728][ T3865] team_slave_1: entered promiscuous mode [ 44.763747][ T3865] geneve1: entered promiscuous mode [ 44.763847][ T3865] vlan2: entered promiscuous mode [ 44.785487][ T3865] team0: entered promiscuous mode [ 44.806308][ T3867] No such timeout policy "syz0" [ 44.829786][ T3870] netlink: 'syz.1.131': attribute type 4 has an invalid length. [ 44.839286][ T3870] netlink: 'syz.1.131': attribute type 4 has an invalid length. [ 44.891353][ T3876] loop2: detected capacity change from 0 to 512 [ 44.909028][ T3876] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.929596][ T3876] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 44.980037][ T3880] SELinux: Context system_u:object is not valid (left unmapped). [ 44.988211][ T29] kauditd_printk_skb: 344 callbacks suppressed [ 44.988227][ T29] audit: type=1400 audit(1750358148.608:874): avc: denied { relabelto } for pid=3879 comm="syz.1.135" name="cgroup.procs" dev="cgroup" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object" [ 45.058677][ T3883] : renamed from bond0 [ 45.080406][ T3885] loop1: detected capacity change from 0 to 2048 [ 45.083937][ T29] audit: type=1400 audit(1750358148.608:875): avc: denied { associate } for pid=3879 comm="syz.1.135" name="cgroup.procs" dev="cgroup" ino=102 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object" [ 45.113399][ T29] audit: type=1400 audit(1750358148.678:876): avc: denied { ioctl } for pid=3882 comm="syz.3.136" path="socket:[5451]" dev="sockfs" ino=5451 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 45.139062][ T29] audit: type=1400 audit(1750358148.688:877): avc: denied { ioctl } for pid=3875 comm="syz.2.134" path="/23/file0/pids.current" dev="loop2" ino=18 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 45.167237][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.200084][ T3885] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.212830][ T3885] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.260723][ T29] audit: type=1400 audit(1750358148.878:878): avc: denied { read } for pid=3897 comm="syz.4.142" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 45.283795][ T29] audit: type=1400 audit(1750358148.878:879): avc: denied { open } for pid=3897 comm="syz.4.142" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 45.308692][ T29] audit: type=1400 audit(1750358148.928:880): avc: denied { read } for pid=3895 comm="syz.2.139" path="socket:[6485]" dev="sockfs" ino=6485 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 45.400762][ T48] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 345: padding at end of block bitmap is not set [ 45.417214][ T48] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 324 with error 117 [ 45.430127][ T48] EXT4-fs (loop1): This should not happen!! Data will be lost [ 45.430127][ T48] [ 45.525431][ T29] audit: type=1400 audit(1750358149.148:881): avc: denied { write } for pid=3884 comm="syz.1.138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 45.752859][ T3885] syz.1.138 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 45.767038][ T3885] CPU: 0 UID: 0 PID: 3885 Comm: syz.1.138 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) [ 45.767065][ T3885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 45.767075][ T3885] Call Trace: [ 45.767082][ T3885] [ 45.767161][ T3885] __dump_stack+0x1d/0x30 [ 45.767228][ T3885] dump_stack_lvl+0xe8/0x140 [ 45.767251][ T3885] dump_stack+0x15/0x1b [ 45.767286][ T3885] dump_header+0x81/0x220 [ 45.767315][ T3885] oom_kill_process+0x334/0x3f0 [ 45.767341][ T3885] out_of_memory+0x979/0xb80 [ 45.767375][ T3885] try_charge_memcg+0x5e6/0x9e0 [ 45.767441][ T3885] obj_cgroup_charge_pages+0xa6/0x150 [ 45.767547][ T3885] __memcg_kmem_charge_page+0x9f/0x170 [ 45.767615][ T3885] __alloc_frozen_pages_noprof+0x188/0x360 [ 45.767647][ T3885] alloc_pages_mpol+0xb3/0x250 [ 45.767683][ T3885] alloc_pages_noprof+0x90/0x130 [ 45.767710][ T3885] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 45.767815][ T3885] __kvmalloc_node_noprof+0x30f/0x4e0 [ 45.767846][ T3885] ? ip_set_alloc+0x1f/0x30 [ 45.767875][ T3885] ? ip_set_alloc+0x1f/0x30 [ 45.767925][ T3885] ? __kmalloc_cache_noprof+0x189/0x320 [ 45.767949][ T3885] ip_set_alloc+0x1f/0x30 [ 45.767979][ T3885] hash_netiface_create+0x282/0x740 [ 45.768025][ T3885] ? __pfx_hash_netiface_create+0x10/0x10 [ 45.768057][ T3885] ip_set_create+0x3cc/0x960 [ 45.768118][ T3885] ? __nla_parse+0x40/0x60 [ 45.768136][ T3885] nfnetlink_rcv_msg+0x4c6/0x590 [ 45.768171][ T3885] ? selinux_capable+0x1f9/0x270 [ 45.768203][ T3885] netlink_rcv_skb+0x123/0x220 [ 45.768282][ T3885] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 45.768310][ T3885] nfnetlink_rcv+0x16b/0x1690 [ 45.768390][ T3885] ? enqueue_dl_entity+0x35c/0x610 [ 45.768418][ T3885] ? enqueue_task_fair+0x891/0x980 [ 45.768458][ T3885] ? _raw_spin_unlock+0x26/0x50 [ 45.768486][ T3885] ? sched_balance_rq+0x1932/0x1e80 [ 45.768574][ T3885] ? should_fail_ex+0x30/0x280 [ 45.768609][ T3885] ? selinux_nlmsg_lookup+0x99/0x890 [ 45.768639][ T3885] ? selinux_netlink_send+0x59f/0x5f0 [ 45.768669][ T3885] ? __rcu_read_unlock+0x34/0x70 [ 45.768716][ T3885] ? __netlink_lookup+0x266/0x2a0 [ 45.768742][ T3885] netlink_unicast+0x5a1/0x670 [ 45.768768][ T3885] netlink_sendmsg+0x58b/0x6b0 [ 45.768787][ T3885] ? __pfx_netlink_sendmsg+0x10/0x10 [ 45.768821][ T3885] __sock_sendmsg+0x145/0x180 [ 45.768846][ T3885] ____sys_sendmsg+0x31e/0x4e0 [ 45.768875][ T3885] ___sys_sendmsg+0x17b/0x1d0 [ 45.768963][ T3885] __x64_sys_sendmsg+0xd4/0x160 [ 45.769068][ T3885] x64_sys_call+0x2999/0x2fb0 [ 45.769094][ T3885] do_syscall_64+0xd2/0x200 [ 45.769113][ T3885] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 45.769184][ T3885] ? clear_bhb_loop+0x40/0x90 [ 45.769319][ T3885] ? clear_bhb_loop+0x40/0x90 [ 45.769345][ T3885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 45.769370][ T3885] RIP: 0033:0x7fdd5f11e929 [ 45.769387][ T3885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 45.769434][ T3885] RSP: 002b:00007fdd5d787038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 45.769462][ T3885] RAX: ffffffffffffffda RBX: 00007fdd5f345fa0 RCX: 00007fdd5f11e929 [ 45.769474][ T3885] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000004 [ 45.769486][ T3885] RBP: 00007fdd5f1a0b39 R08: 0000000000000000 R09: 0000000000000000 [ 45.769498][ T3885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 45.769509][ T3885] R13: 0000000000000000 R14: 00007fdd5f345fa0 R15: 00007ffe8c24e3d8 [ 45.769524][ T3885] [ 45.769531][ T3885] memory: usage 307200kB, limit 307200kB, failcnt 338 [ 46.082821][ T29] audit: type=1326 audit(1750358149.698:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3895 comm="syz.2.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9388e9e929 code=0x7fc00000 [ 46.090833][ T3885] memory+swap: usage 308436kB, limit 9007199254740988kB, failcnt 0 [ 46.090851][ T3885] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0 [ 46.090864][ T3885] Memory cgroup stats for /syz1: [ 46.111215][ T3908] audit: audit_backlog=65 > audit_backlog_limit=64 [ 46.148472][ T3885] cache 8192 [ 46.178582][ T3885] rss 0 [ 46.181390][ T3885] shmem 0 [ 46.184379][ T3885] mapped_file 0 [ 46.187945][ T3885] dirty 0 [ 46.190971][ T3885] writeback 0 [ 46.194512][ T3885] workingset_refault_anon 84 [ 46.199257][ T3885] workingset_refault_file 161 [ 46.204153][ T3885] swap 1265664 [ 46.207551][ T3885] swapcached 0 [ 46.210963][ T3885] pgpgin 10771 [ 46.214489][ T3885] pgpgout 10769 [ 46.217963][ T3885] pgfault 16264 [ 46.221435][ T3885] pgmajfault 54 [ 46.225087][ T3885] inactive_anon 0 [ 46.229006][ T3885] active_anon 0 [ 46.232479][ T3885] inactive_file 4096 [ 46.236437][ T3885] active_file 4096 [ 46.240159][ T3885] unevictable 0 [ 46.243595][ T3885] hierarchical_memory_limit 314572800 [ 46.249051][ T3885] hierarchical_memsw_limit 9223372036854771712 [ 46.255243][ T3885] total_cache 8192 [ 46.258996][ T3885] total_rss 0 [ 46.262338][ T3885] total_shmem 0 [ 46.265844][ T3885] total_mapped_file 0 [ 46.269981][ T3885] total_dirty 0 [ 46.273430][ T3885] total_writeback 0 [ 46.277313][ T3885] total_workingset_refault_anon 84 [ 46.282462][ T3885] total_workingset_refault_file 161 [ 46.287713][ T3885] total_swap 1265664 [ 46.291677][ T3885] total_swapcached 0 [ 46.295602][ T3885] total_pgpgin 10771 [ 46.299517][ T3885] total_pgpgout 10769 [ 46.303644][ T3885] total_pgfault 16264 [ 46.307781][ T3885] total_pgmajfault 54 [ 46.311784][ T3885] total_inactive_anon 0 [ 46.315990][ T3885] total_active_anon 0 [ 46.320052][ T3885] total_inactive_file 4096 [ 46.324497][ T3885] total_active_file 4096 [ 46.328834][ T3885] total_unevictable 0 [ 46.332808][ T3885] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.138,pid=3884,uid=0 [ 46.347560][ T3885] Memory cgroup out of memory: Killed process 3884 (syz.1.138) total-vm:95932kB, anon-rss:936kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 46.693142][ T3885] syz.1.138 (3885) used greatest stack depth: 7000 bytes left [ 46.737914][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.844989][ T3939] loop1: detected capacity change from 0 to 1024 [ 46.859863][ T3939] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 46.870904][ T3939] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 46.893805][ T3939] JBD2: no valid journal superblock found [ 46.899729][ T3939] EXT4-fs (loop1): Could not load journal inode [ 46.936964][ T3945] loop2: detected capacity change from 0 to 128 [ 46.986771][ T3943] bridge0: entered promiscuous mode [ 47.007064][ T3943] bridge0: port 3(macsec1) entered blocking state [ 47.013627][ T3943] bridge0: port 3(macsec1) entered disabled state [ 47.042113][ T3943] macsec1: entered allmulticast mode [ 47.047544][ T3943] bridge0: entered allmulticast mode [ 47.063181][ T3951] loop1: detected capacity change from 0 to 512 [ 47.114201][ T3943] macsec1: left allmulticast mode [ 47.119443][ T3943] bridge0: left allmulticast mode [ 47.125795][ T3943] bridge0: left promiscuous mode [ 47.136323][ T3951] netlink: 'syz.1.161': attribute type 27 has an invalid length. [ 47.230263][ T3957] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.265964][ T3959] netlink: 4 bytes leftover after parsing attributes in process `syz.3.165'. [ 47.275128][ T3959] vcan0: entered promiscuous mode [ 47.280246][ T3959] vcan0: entered allmulticast mode [ 47.307102][ T3957] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.387977][ T3957] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.442741][ T3957] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.466104][ T3966] loop3: detected capacity change from 0 to 512 [ 47.473038][ T3966] EXT4-fs: Ignoring removed mblk_io_submit option [ 47.504268][ T3966] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 47.523109][ T3957] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.524535][ T3966] EXT4-fs (loop3): 1 truncate cleaned up [ 47.540541][ T3957] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.564392][ T3966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.568464][ T3957] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.658354][ T3957] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.686900][ T3966] xt_TPROXY: Can be used only with -p tcp or -p udp [ 47.732574][ T3976] netlink: 8 bytes leftover after parsing attributes in process `syz.1.172'. [ 47.757610][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.149393][ T3991] netlink: 'syz.3.178': attribute type 1 has an invalid length. [ 48.165530][ T3978] loop4: detected capacity change from 0 to 8192 [ 48.190830][ T3993] loop0: detected capacity change from 0 to 2048 [ 48.258664][ T3995] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 48.276230][ T3991] bond0: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 48.317031][ T3993] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 48.361412][ T4000] veth3: entered promiscuous mode [ 48.377406][ T3993] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.409842][ T4000] bond0: (slave veth3): Enslaving as a backup interface with a down link [ 48.727451][ T4006] xt_hashlimit: max too large, truncated to 1048576 [ 48.919403][ T48] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 345: padding at end of block bitmap is not set [ 48.953039][ T48] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 712 with error 117 [ 48.965735][ T48] EXT4-fs (loop0): This should not happen!! Data will be lost [ 48.965735][ T48] [ 49.300715][ T4022] syzkaller0: entered promiscuous mode [ 49.306369][ T4022] syzkaller0: entered allmulticast mode [ 49.655055][ T4031] tipc: Started in network mode [ 49.660058][ T4031] tipc: Node identity fe53a7ad6a1f, cluster identity 4711 [ 49.667268][ T4031] tipc: Enabled bearer , priority 0 [ 49.699577][ T4029] tipc: Resetting bearer [ 49.760980][ T4029] tipc: Disabling bearer [ 49.820977][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.594145][ T4048] rdma_op ffff88813e784980 conn xmit_rdma 0000000000000000 [ 51.119490][ T4058] loop0: detected capacity change from 0 to 512 [ 51.130008][ T4058] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 51.162618][ T4067] vhci_hcd: invalid port number 96 [ 51.167833][ T4067] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 51.175912][ T4058] EXT4-fs (loop0): 1 truncate cleaned up [ 51.183019][ T4058] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.384851][ T4078] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 51.669993][ T4079] loop1: detected capacity change from 0 to 1764 [ 51.706576][ T4079] ISOFS: Unable to identify CD-ROM format. [ 51.756169][ T29] kauditd_printk_skb: 138 callbacks suppressed [ 51.756187][ T29] audit: type=1326 audit(1750358155.378:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.4.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 51.813845][ T29] audit: type=1326 audit(1750358155.408:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.4.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 51.828324][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.837377][ T29] audit: type=1326 audit(1750358155.408:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.4.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 51.870223][ T29] audit: type=1326 audit(1750358155.408:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.4.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 51.893776][ T29] audit: type=1326 audit(1750358155.408:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.4.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 51.929810][ T29] audit: type=1326 audit(1750358155.548:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.4.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 51.953374][ T29] audit: type=1326 audit(1750358155.548:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.4.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 51.955334][ T4078] pim6reg: entered allmulticast mode [ 51.976926][ T29] audit: type=1326 audit(1750358155.548:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.4.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 52.005515][ T29] audit: type=1326 audit(1750358155.548:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.4.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 52.029231][ T29] audit: type=1326 audit(1750358155.548:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.4.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 52.049281][ T4084] pim6reg: left allmulticast mode [ 52.513279][ T4101] wireguard0: entered promiscuous mode [ 52.525236][ T4101] wireguard0: entered allmulticast mode [ 52.549612][ T4107] netlink: 'syz.1.214': attribute type 1 has an invalid length. [ 52.812079][ T4107] 8021q: adding VLAN 0 to HW filter on device bond1 [ 52.831950][ T4111] 8021q: adding VLAN 0 to HW filter on device bond1 [ 52.839869][ T4111] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 52.852929][ T4111] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 52.875444][ T4114] veth3: entered promiscuous mode [ 52.882616][ T4114] bond1: (slave veth3): Enslaving as an active interface with a down link [ 52.892779][ T4116] erspan0: entered allmulticast mode [ 52.905507][ T4116] bond1: (slave erspan0): making interface the new active one [ 52.917468][ T4116] bond1: (slave erspan0): Enslaving as an active interface with an up link [ 52.991456][ T4122] bridge_slave_1: left allmulticast mode [ 52.997415][ T4122] bridge_slave_1: left promiscuous mode [ 53.003104][ T4122] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.011379][ T4122] bridge_slave_0: left allmulticast mode [ 53.017217][ T4122] bridge_slave_0: left promiscuous mode [ 53.022897][ T4122] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.052046][ T4127] netlink: 48 bytes leftover after parsing attributes in process `syz.4.221'. [ 53.102181][ T4131] netlink: 28 bytes leftover after parsing attributes in process `syz.4.222'. [ 53.152215][ T4137] netlink: 4 bytes leftover after parsing attributes in process `syz.1.224'. [ 53.166326][ T4137] netlink: 4 bytes leftover after parsing attributes in process `syz.1.224'. [ 53.334763][ T4141] loop1: detected capacity change from 0 to 512 [ 53.341618][ T4141] EXT4-fs (loop1): blocks per group (95) and clusters per group (32768) inconsistent [ 53.708929][ T4149] syz.2.229 uses obsolete (PF_INET,SOCK_PACKET) [ 53.799509][ T4150] loop4: detected capacity change from 0 to 4096 [ 53.810905][ T4150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.834491][ T4149] loop2: detected capacity change from 0 to 512 [ 53.841738][ T4149] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 53.865025][ T4149] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 53.873260][ T4149] System zones: 0-2, 18-18, 34-34 [ 53.879223][ T4149] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.891937][ T4149] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 53.912201][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.065183][ T4163] loop2: detected capacity change from 0 to 1024 [ 54.073602][ T4163] EXT4-fs: Ignoring removed orlov option [ 54.079467][ T4163] EXT4-fs: Ignoring removed nomblk_io_submit option [ 54.095575][ T4163] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 54.120098][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.198130][ T4171] loop3: detected capacity change from 0 to 512 [ 54.221728][ T4171] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent [ 54.368930][ T31] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.437436][ T31] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.481368][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.515755][ T31] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.590589][ T4181] syzkaller0: entered promiscuous mode [ 54.596144][ T4181] syzkaller0: entered allmulticast mode [ 54.625984][ T31] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.797716][ T31] bridge_slave_1: left allmulticast mode [ 54.803495][ T31] bridge_slave_1: left promiscuous mode [ 54.809283][ T31] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.854481][ T31] bridge_slave_0: left allmulticast mode [ 54.860171][ T31] bridge_slave_0: left promiscuous mode [ 54.865949][ T31] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.996685][ T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 55.014013][ T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 55.027237][ T31] bond0 (unregistering): Released all slaves [ 55.134106][ T31] hsr_slave_0: left promiscuous mode [ 55.140590][ T31] hsr_slave_1: left promiscuous mode [ 55.147440][ T31] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 55.154916][ T31] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 55.183677][ T31] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 55.191302][ T31] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 55.247366][ T31] veth1_macvtap: left promiscuous mode [ 55.262506][ T31] veth0_macvtap: left promiscuous mode [ 55.288389][ T31] veth1_vlan: left promiscuous mode [ 55.302238][ T31] veth0_vlan: left promiscuous mode [ 55.394830][ T4220] loop2: detected capacity change from 0 to 512 [ 55.406770][ T4220] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.419476][ T31] team0 (unregistering): Port device team_slave_1 removed [ 55.424620][ T4220] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 55.440013][ T31] team0 (unregistering): Port device team_slave_0 removed [ 55.521188][ T4182] chnl_net:caif_netlink_parms(): no params data found [ 55.558942][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.618471][ T4182] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.625584][ T4182] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.633022][ T4182] bridge_slave_0: entered allmulticast mode [ 55.639636][ T4182] bridge_slave_0: entered promiscuous mode [ 55.655898][ T4182] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.663088][ T4182] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.670457][ T4182] bridge_slave_1: entered allmulticast mode [ 55.677061][ T4182] bridge_slave_1: entered promiscuous mode [ 55.725716][ T4245] netlink: 4 bytes leftover after parsing attributes in process `syz.2.244'. [ 55.741358][ T4182] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.767477][ T4182] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.793046][ T4245] netlink: 4 bytes leftover after parsing attributes in process `syz.2.244'. [ 55.829362][ T4182] team0: Port device team_slave_0 added [ 55.835951][ T4182] team0: Port device team_slave_1 added [ 55.920429][ T31] IPVS: stop unused estimator thread 0... [ 55.949641][ T4182] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.956741][ T4182] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.982922][ T4182] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.005783][ T4182] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.012866][ T4182] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.038928][ T4182] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.112261][ T4182] hsr_slave_0: entered promiscuous mode [ 56.131640][ T4182] hsr_slave_1: entered promiscuous mode [ 56.149766][ T4273] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 56.157340][ T4273] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 56.181393][ T4182] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.273974][ T4182] Cannot create hsr debugfs directory [ 56.296434][ T4282] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.361465][ T4282] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.406058][ T4282] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.485443][ T4282] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.608656][ T4282] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.631655][ T4282] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.665586][ T4282] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.691837][ T4282] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.775476][ T4182] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 56.807464][ T4182] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 56.826248][ T4182] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 56.836257][ T29] kauditd_printk_skb: 198 callbacks suppressed [ 56.836271][ T29] audit: type=1326 audit(1750358160.458:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4330 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 56.845172][ T4182] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 56.918240][ T29] audit: type=1326 audit(1750358160.488:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4330 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 56.941858][ T29] audit: type=1326 audit(1750358160.498:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4330 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 56.965409][ T29] audit: type=1326 audit(1750358160.498:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4330 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 56.989345][ T29] audit: type=1326 audit(1750358160.498:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4330 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 57.012761][ T29] audit: type=1326 audit(1750358160.498:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4330 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 57.023672][ T4182] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.036423][ T29] audit: type=1326 audit(1750358160.498:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4330 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 57.066376][ T29] audit: type=1326 audit(1750358160.498:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4330 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 57.073803][ T4182] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.089711][ T29] audit: type=1326 audit(1750358160.498:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4330 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 57.089742][ T29] audit: type=1326 audit(1750358160.498:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4330 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 57.169712][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.176844][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.240443][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.247583][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.279554][ T4355] Driver unsupported XDP return value 0 on prog (id 236) dev N/A, expect packet loss! [ 57.282495][ T4357] loop1: detected capacity change from 0 to 512 [ 57.304083][ T4353] netlink: 96 bytes leftover after parsing attributes in process `syz.2.260'. [ 57.317466][ T4182] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 57.327971][ T4182] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.355416][ T4357] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 57.399251][ T4357] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 57.422460][ T4357] EXT4-fs (loop1): 1 truncate cleaned up [ 57.446156][ T4357] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.557464][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.558890][ T4182] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.598253][ T4390] Cannot find add_set index 0 as target [ 57.697965][ T3388] IPVS: starting estimator thread 0... [ 57.770046][ T4182] veth0_vlan: entered promiscuous mode [ 57.774703][ T4403] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 57.786688][ T4182] veth1_vlan: entered promiscuous mode [ 57.793313][ T4403] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 57.804161][ T4407] IPVS: using max 2592 ests per chain, 129600 per kthread [ 57.832518][ T4182] veth0_macvtap: entered promiscuous mode [ 57.846153][ T4182] veth1_macvtap: entered promiscuous mode [ 57.906293][ T4182] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.928714][ T4182] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.975235][ T4182] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.984079][ T4182] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.992863][ T4182] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.001664][ T4182] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.117727][ T4430] tipc: Enabled bearer , priority 0 [ 58.131753][ T4429] tipc: Resetting bearer [ 58.150270][ T4429] tipc: Disabling bearer [ 58.161770][ T4428] x_tables: ip_tables: osf match: only valid for protocol 6 [ 58.215648][ T4436] loop4: detected capacity change from 0 to 2048 [ 58.344672][ T4436] loop4: p3 < > p4 < > [ 58.348885][ T4436] loop4: partition table partially beyond EOD, truncated [ 58.369757][ T4436] loop4: p3 start 4284289 is beyond EOD, truncated [ 59.952938][ T4479] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 60.095142][ T4501] loop4: detected capacity change from 0 to 1024 [ 60.126174][ T4501] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 60.151022][ T4501] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 60.304942][ T4501] EXT4-fs (loop4): Remounting filesystem read-only [ 60.311656][ T4501] EXT4-fs (loop4): error restoring inline_data for inode -- potential data loss! (inode 15, error -30) [ 60.406036][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.721893][ T3388] hid-generic 0000:0000:8000.0001: unknown main item tag 0x0 [ 60.726354][ T4522] tipc: Enabled bearer , priority 0 [ 60.736547][ T3388] hid-generic 0000:0000:8000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 60.741681][ T4522] syzkaller0: MTU too low for tipc bearer [ 60.752171][ T4522] tipc: Disabling bearer [ 61.158690][ T4543] veth0_vlan: entered allmulticast mode [ 61.206995][ T4543] ÿÿÿÿÿÿ: renamed from vlan1 [ 61.295979][ T4545] wg2: entered promiscuous mode [ 61.303422][ T4545] wg2: entered allmulticast mode [ 61.454951][ T4557] syzkaller0: entered promiscuous mode [ 61.460441][ T4557] syzkaller0: entered allmulticast mode [ 61.535796][ T4565] SELinux: policydb magic number 0x6d616574 does not match expected magic number 0xf97cff8c [ 61.556586][ T4565] SELinux: failed to load policy [ 61.635542][ T4567] loop3: detected capacity change from 0 to 2048 [ 61.659522][ T4576] gtp0: entered promiscuous mode [ 61.675307][ T4567] Alternate GPT is invalid, using primary GPT. [ 61.681688][ T4567] loop3: p1 p2 p3 [ 61.837879][ T4587] loop3: detected capacity change from 0 to 512 [ 61.845827][ T29] kauditd_printk_skb: 169 callbacks suppressed [ 61.845904][ T29] audit: type=1326 audit(1750358165.468:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4586 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f837129d58a code=0x7ffc0000 [ 61.846461][ T4587] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 61.852166][ T29] audit: type=1326 audit(1750358165.468:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4586 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f837129d58a code=0x7ffc0000 [ 61.878657][ T4587] EXT4-fs (loop3): 1 truncate cleaned up [ 61.885615][ T29] audit: type=1326 audit(1750358165.468:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4586 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f837129d197 code=0x7ffc0000 [ 61.885642][ T29] audit: type=1326 audit(1750358165.468:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4586 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f83712a00ca code=0x7ffc0000 [ 61.911317][ T4587] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 61.944377][ T4582] loop2: detected capacity change from 0 to 512 [ 61.996045][ T4582] ext4: Unknown parameter 'func' [ 62.014403][ T29] audit: type=1326 audit(1750358165.638:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4586 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f837129d290 code=0x7ffc0000 [ 62.039243][ T29] audit: type=1326 audit(1750358165.658:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4586 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f837129d677 code=0x7ffc0000 [ 62.062554][ T29] audit: type=1326 audit(1750358165.658:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4586 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f837129d290 code=0x7ffc0000 [ 62.086061][ T29] audit: type=1326 audit(1750358165.658:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4586 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837129e929 code=0x7ffc0000 [ 62.109545][ T29] audit: type=1326 audit(1750358165.658:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4586 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837129e929 code=0x7ffc0000 [ 62.233041][ T4591] netlink: 14593 bytes leftover after parsing attributes in process `syz.0.335'. [ 62.316865][ T29] audit: type=1326 audit(1750358165.938:1415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4586 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f837129e929 code=0x7ffc0000 [ 62.347373][ T4591] netlink: 4 bytes leftover after parsing attributes in process `syz.0.335'. [ 62.366864][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.508475][ T4602] netlink: 24 bytes leftover after parsing attributes in process `syz.2.340'. [ 62.534652][ T4602] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4602 comm=syz.2.340 [ 62.547476][ T4604] loop1: detected capacity change from 0 to 256 [ 62.638752][ T4608] loop4: detected capacity change from 0 to 1024 [ 62.704285][ T4608] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 62.715440][ T4608] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 62.725667][ T4608] JBD2: no valid journal superblock found [ 62.731631][ T4608] EXT4-fs (loop4): Could not load journal inode [ 62.815114][ T4625] __vm_enough_memory: pid: 4625, comm: syz.1.349, bytes: 21199847198720 not enough memory for the allocation [ 62.828216][ T4623] loop4: detected capacity change from 0 to 1024 [ 62.862046][ T4623] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 62.875316][ T4623] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.889113][ T4623] netlink: 'syz.4.350': attribute type 10 has an invalid length. [ 62.905681][ T4623] team0 (unregistering): Port device team_slave_0 removed [ 62.919988][ T4623] team0 (unregistering): Port device team_slave_1 removed [ 62.928875][ T4623] team0 (unregistering): Port device geneve1 removed [ 62.935614][ T4625] loop1: detected capacity change from 0 to 512 [ 62.953593][ T4625] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 62.965964][ T4625] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c0a8, mo2=0002] [ 62.975462][ T4625] System zones: 1-12 [ 62.980536][ T4625] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.349: missing EA_INODE flag [ 62.992525][ T4625] EXT4-fs (loop1): Remounting filesystem read-only [ 63.000684][ T4625] EXT4-fs (loop1): 1 orphan inode deleted [ 63.012376][ T4625] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.027287][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.037416][ T4625] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.198677][ T4659] netlink: 8 bytes leftover after parsing attributes in process `syz.4.357'. [ 63.382285][ T4663] loop1: detected capacity change from 0 to 512 [ 63.396744][ T4663] EXT4-fs (loop1): 1 orphan inode deleted [ 63.403657][ T4663] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.416915][ T160] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1 [ 63.430957][ T4663] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.581997][ T4663] hub 9-0:1.0: USB hub found [ 63.587192][ T4663] hub 9-0:1.0: 8 ports detected [ 63.641202][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.717733][ T4671] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 63.728742][ T4671] syzkaller0: entered promiscuous mode [ 63.734326][ T4671] syzkaller0: entered allmulticast mode [ 63.851933][ T4675] wg2: entered promiscuous mode [ 63.856932][ T4675] wg2: entered allmulticast mode [ 64.041027][ T4682] netlink: 12 bytes leftover after parsing attributes in process `syz.3.369'. [ 64.656405][ T4682] loop3: detected capacity change from 0 to 512 [ 64.832869][ T4698] loop2: detected capacity change from 0 to 512 [ 65.090300][ T4682] EXT4-fs (loop3): 1 truncate cleaned up [ 65.101328][ T4682] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 65.126875][ T4707] loop1: detected capacity change from 0 to 512 [ 65.139113][ T4707] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 65.139228][ T4698] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 65.175744][ T4707] EXT4-fs (loop1): 1 truncate cleaned up [ 65.182150][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.184688][ T4707] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.231860][ T4714] veth0: entered promiscuous mode [ 65.248195][ T4714] netlink: 4 bytes leftover after parsing attributes in process `syz.3.378'. [ 65.300054][ T4714] veth0 (unregistering): left promiscuous mode [ 65.337572][ T4720] netlink: 'syz.0.380': attribute type 4 has an invalid length. [ 65.350885][ T4720] netlink: 'syz.0.380': attribute type 4 has an invalid length. [ 65.602425][ T4746] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.639403][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.666022][ T4746] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.682899][ T3318] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 65.713736][ T4753] loop1: detected capacity change from 0 to 1024 [ 65.725972][ T4746] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.736469][ T4753] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 65.775682][ T4753] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 65.798436][ T4746] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.810589][ T4753] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000] [ 65.820164][ T4753] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.388: lblock 2 mapped to illegal pblock 2 (length 1) [ 65.839247][ T4753] EXT4-fs (loop1): Remounting filesystem read-only [ 65.870579][ T4753] EXT4-fs (loop1): 1 orphan inode deleted [ 65.871797][ T4746] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.887303][ T4746] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.898787][ T4746] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.910128][ T4746] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.933973][ T4753] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 65.966984][ T4753] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.620959][ T4783] loop3: detected capacity change from 0 to 2048 [ 66.647814][ T4783] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.688562][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.833133][ T4792] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4792 comm=syz.3.404 [ 66.939055][ T4796] netlink: 24 bytes leftover after parsing attributes in process `syz.1.405'. [ 67.009446][ T4796] netlink: 4 bytes leftover after parsing attributes in process `syz.1.405'. [ 67.207810][ T29] kauditd_printk_skb: 356 callbacks suppressed [ 67.207828][ T29] audit: type=1326 audit(1750358170.828:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4807 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 67.240248][ T29] audit: type=1326 audit(1750358170.828:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4807 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 67.244787][ T4818] loop4: detected capacity change from 0 to 128 [ 67.263760][ T29] audit: type=1326 audit(1750358170.828:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4807 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 67.293395][ T29] audit: type=1326 audit(1750358170.838:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4807 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 67.316924][ T29] audit: type=1326 audit(1750358170.838:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4807 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 67.358994][ T29] audit: type=1326 audit(1750358170.858:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 67.382437][ T29] audit: type=1326 audit(1750358170.858:1775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 67.406073][ T29] audit: type=1326 audit(1750358170.858:1776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 67.429564][ T29] audit: type=1326 audit(1750358170.858:1777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 67.452997][ T29] audit: type=1326 audit(1750358170.858:1778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 67.478609][ T4823] netlink: 4 bytes leftover after parsing attributes in process `syz.2.415'. [ 67.495631][ T4822] capability: warning: `syz.0.416' uses deprecated v2 capabilities in a way that may be insecure [ 67.516711][ T3388] kernel write not supported for file /252/attr/exec (pid: 3388 comm: kworker/1:3) [ 67.561876][ T4827] geneve2: entered promiscuous mode [ 67.634493][ T4834] netlink: 12 bytes leftover after parsing attributes in process `syz.0.420'. [ 67.711336][ T4838] xt_CT: You must specify a L4 protocol and not use inversions on it [ 67.754135][ T4842] netlink: 4 bytes leftover after parsing attributes in process `syz.3.423'. [ 67.763084][ T4842] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 67.770962][ T4842] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 68.009547][ T4853] bridge1: entered promiscuous mode [ 68.014946][ T4853] bridge1: entered allmulticast mode [ 68.040488][ T4857] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 68.068737][ T4857] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 68.089710][ T4857] loop1: detected capacity change from 0 to 1024 [ 68.176451][ T4857] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.212255][ T4857] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.287786][ T4857] kernel read not supported for file /policy (pid: 4857 comm: syz.1.430) [ 68.533043][ T4883] loop2: detected capacity change from 0 to 512 [ 68.540906][ T4883] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 68.553823][ T4883] EXT4-fs (loop2): 1 truncate cleaned up [ 68.560659][ T4883] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.612994][ T4886] netlink: 24 bytes leftover after parsing attributes in process `syz.4.438'. [ 68.771166][ T4888] pimreg: entered allmulticast mode [ 68.780931][ T4888] pimreg: left allmulticast mode [ 68.812347][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.855405][ T4892] netlink: 8 bytes leftover after parsing attributes in process `+}[@'. [ 69.087852][ T4881] syz.2.439 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 69.102019][ T4881] CPU: 0 UID: 0 PID: 4881 Comm: syz.2.439 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) [ 69.102119][ T4881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 69.102136][ T4881] Call Trace: [ 69.102142][ T4881] [ 69.102148][ T4881] __dump_stack+0x1d/0x30 [ 69.102171][ T4881] dump_stack_lvl+0xe8/0x140 [ 69.102189][ T4881] dump_stack+0x15/0x1b [ 69.102204][ T4881] dump_header+0x81/0x220 [ 69.102236][ T4881] oom_kill_process+0x334/0x3f0 [ 69.102353][ T4881] out_of_memory+0x979/0xb80 [ 69.102383][ T4881] try_charge_memcg+0x5e6/0x9e0 [ 69.102412][ T4881] obj_cgroup_charge_pages+0xa6/0x150 [ 69.102509][ T4881] __memcg_kmem_charge_page+0x9f/0x170 [ 69.102542][ T4881] __alloc_frozen_pages_noprof+0x188/0x360 [ 69.102592][ T4881] alloc_pages_mpol+0xb3/0x250 [ 69.102635][ T4881] alloc_pages_noprof+0x90/0x130 [ 69.102667][ T4881] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 69.102711][ T4881] __kvmalloc_node_noprof+0x30f/0x4e0 [ 69.102767][ T4881] ? ip_set_alloc+0x1f/0x30 [ 69.102799][ T4881] ? ip_set_alloc+0x1f/0x30 [ 69.102828][ T4881] ? __kmalloc_cache_noprof+0x189/0x320 [ 69.102897][ T4881] ip_set_alloc+0x1f/0x30 [ 69.102927][ T4881] hash_netiface_create+0x282/0x740 [ 69.103029][ T4881] ? __pfx_hash_netiface_create+0x10/0x10 [ 69.103062][ T4881] ip_set_create+0x3cc/0x960 [ 69.103100][ T4881] ? __nla_parse+0x40/0x60 [ 69.103173][ T4881] nfnetlink_rcv_msg+0x4c6/0x590 [ 69.103215][ T4881] ? selinux_capable+0x1f9/0x270 [ 69.103328][ T4881] netlink_rcv_skb+0x123/0x220 [ 69.103362][ T4881] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 69.103550][ T4881] nfnetlink_rcv+0x16b/0x1690 [ 69.103581][ T4881] ? __kfree_skb+0x109/0x150 [ 69.103611][ T4881] ? nlmon_xmit+0x4f/0x60 [ 69.103632][ T4881] ? consume_skb+0x49/0x150 [ 69.103731][ T4881] ? nlmon_xmit+0x4f/0x60 [ 69.103762][ T4881] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 69.103803][ T4881] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 69.103833][ T4881] ? __dev_queue_xmit+0x182/0x1fb0 [ 69.103862][ T4881] ? ref_tracker_free+0x37d/0x3e0 [ 69.103942][ T4881] ? __netlink_deliver_tap+0x4dc/0x500 [ 69.103975][ T4881] netlink_unicast+0x5a1/0x670 [ 69.104007][ T4881] netlink_sendmsg+0x58b/0x6b0 [ 69.104033][ T4881] ? __pfx_netlink_sendmsg+0x10/0x10 [ 69.104053][ T4881] __sock_sendmsg+0x145/0x180 [ 69.104078][ T4881] ____sys_sendmsg+0x31e/0x4e0 [ 69.104194][ T4881] ___sys_sendmsg+0x17b/0x1d0 [ 69.104243][ T4881] __x64_sys_sendmsg+0xd4/0x160 [ 69.104364][ T4881] x64_sys_call+0x2999/0x2fb0 [ 69.104387][ T4881] do_syscall_64+0xd2/0x200 [ 69.104406][ T4881] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 69.104433][ T4881] ? clear_bhb_loop+0x40/0x90 [ 69.104457][ T4881] ? clear_bhb_loop+0x40/0x90 [ 69.104524][ T4881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.104549][ T4881] RIP: 0033:0x7f9388e9e929 [ 69.104568][ T4881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.104588][ T4881] RSP: 002b:00007f9387507038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 69.104613][ T4881] RAX: ffffffffffffffda RBX: 00007f93890c5fa0 RCX: 00007f9388e9e929 [ 69.104628][ T4881] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003 [ 69.104641][ T4881] RBP: 00007f9388f20b39 R08: 0000000000000000 R09: 0000000000000000 [ 69.104727][ T4881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 69.104741][ T4881] R13: 0000000000000000 R14: 00007f93890c5fa0 R15: 00007ffc7038c058 [ 69.104762][ T4881] [ 69.451763][ T4881] memory: usage 307200kB, limit 307200kB, failcnt 286 [ 69.458853][ T4881] memory+swap: usage 307748kB, limit 9007199254740988kB, failcnt 0 [ 69.466815][ T4881] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0 [ 69.474235][ T4881] Memory cgroup stats for /syz2: [ 69.474513][ T4881] cache 4096 [ 69.482746][ T4881] rss 0 [ 69.485604][ T4881] shmem 0 [ 69.488631][ T4881] mapped_file 0 [ 69.492107][ T4881] dirty 0 [ 69.495095][ T4881] writeback 0 [ 69.498414][ T4881] workingset_refault_anon 340 [ 69.503108][ T4881] workingset_refault_file 96 [ 69.507763][ T4881] swap 561152 [ 69.511083][ T4881] swapcached 4096 [ 69.514811][ T4881] pgpgin 71701 [ 69.518263][ T4881] pgpgout 71699 [ 69.521751][ T4881] pgfault 50187 [ 69.525343][ T4881] pgmajfault 60 [ 69.528864][ T4881] inactive_anon 0 [ 69.532578][ T4881] active_anon 4096 [ 69.536341][ T4881] inactive_file 0 [ 69.539998][ T4881] active_file 4096 [ 69.543815][ T4881] unevictable 0 [ 69.547325][ T4881] hierarchical_memory_limit 314572800 [ 69.552680][ T4881] hierarchical_memsw_limit 9223372036854771712 [ 69.558864][ T4881] total_cache 4096 [ 69.562763][ T4881] total_rss 0 [ 69.566107][ T4881] total_shmem 0 [ 69.569772][ T4881] total_mapped_file 0 [ 69.573754][ T4881] total_dirty 0 [ 69.577248][ T4881] total_writeback 0 [ 69.581051][ T4881] total_workingset_refault_anon 340 [ 69.586332][ T4881] total_workingset_refault_file 96 [ 69.591519][ T4881] total_swap 561152 [ 69.595336][ T4881] total_swapcached 4096 [ 69.599542][ T4881] total_pgpgin 71701 [ 69.603433][ T4881] total_pgpgout 71699 [ 69.607445][ T4881] total_pgfault 50187 [ 69.611410][ T4881] total_pgmajfault 60 [ 69.615383][ T4881] total_inactive_anon 0 [ 69.619517][ T4881] total_active_anon 4096 [ 69.623744][ T4881] total_inactive_file 0 [ 69.627971][ T4881] total_active_file 4096 [ 69.632196][ T4881] total_unevictable 0 [ 69.636276][ T4881] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.439,pid=4880,uid=0 [ 69.651030][ T4881] Memory cgroup out of memory: Killed process 4880 (syz.2.439) total-vm:95800kB, anon-rss:936kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 70.057519][ T4919] netlink: 'syz.4.452': attribute type 21 has an invalid length. [ 70.084462][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.096209][ T4919] netlink: 132 bytes leftover after parsing attributes in process `syz.4.452'. [ 70.188798][ T4924] loop2: detected capacity change from 0 to 512 [ 70.207223][ T4924] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 70.225901][ T4924] EXT4-fs (loop2): 1 orphan inode deleted [ 70.231721][ T4924] EXT4-fs (loop2): 1 truncate cleaned up [ 70.261587][ T4924] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.380374][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.439767][ T4928] loop2: detected capacity change from 0 to 128 [ 70.458447][ T4928] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 70.483280][ T4928] ext4 filesystem being mounted at /78/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 70.841853][ T3318] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 70.936721][ T4944] loop2: detected capacity change from 0 to 256 [ 70.944348][ T4942] netlink: 4 bytes leftover after parsing attributes in process `syz.1.460'. [ 70.964040][ T4944] FAT-fs (loop2): Directory bread(block 64) failed [ 70.970665][ T4944] FAT-fs (loop2): Directory bread(block 65) failed [ 70.997484][ T4944] FAT-fs (loop2): Directory bread(block 66) failed [ 71.023912][ T4944] FAT-fs (loop2): Directory bread(block 67) failed [ 71.034046][ T4944] FAT-fs (loop2): Directory bread(block 68) failed [ 71.040614][ T4944] FAT-fs (loop2): Directory bread(block 69) failed [ 71.057292][ T4944] FAT-fs (loop2): Directory bread(block 70) failed [ 71.094633][ T4944] FAT-fs (loop2): Directory bread(block 71) failed [ 71.105689][ T4944] FAT-fs (loop2): Directory bread(block 72) failed [ 71.120972][ T4944] FAT-fs (loop2): Directory bread(block 73) failed [ 71.193950][ T4944] usb usb1: usbfs: process 4944 (syz.2.461) did not claim interface 0 before use [ 71.283099][ T4953] loop4: detected capacity change from 0 to 164 [ 71.300475][ T4953] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 71.342048][ T4953] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 71.383351][ T4953] Symlink component flag not implemented [ 71.389068][ T4953] Symlink component flag not implemented [ 71.411077][ T4953] Symlink component flag not implemented (7) [ 71.417171][ T4953] Symlink component flag not implemented (116) [ 71.624964][ T4957] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.695583][ T4957] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.720968][ T4960] netlink: 27 bytes leftover after parsing attributes in process `syz.4.467'. [ 71.758295][ T4957] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.815813][ T4957] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.909514][ T4957] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.953186][ T4957] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.987199][ T4957] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.007371][ T4957] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.169111][ T4977] Invalid ELF header magic: != ELF [ 72.474106][ T29] kauditd_printk_skb: 255 callbacks suppressed [ 72.474121][ T29] audit: type=1400 audit(1750358176.098:2034): avc: denied { execute } for pid=4981 comm="syz.2.476" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=10556 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 72.609797][ T4989] xt_CT: You must specify a L4 protocol and not use inversions on it [ 72.622773][ T4988] netlink: 4 bytes leftover after parsing attributes in process `syz.4.478'. [ 72.787760][ T29] audit: type=1400 audit(1750358176.408:2035): avc: denied { associate } for pid=4992 comm="syz.4.480" name="0" dev="devpts" ino=3 scontext=system_u:object_r:mouse_device_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 73.052207][ T29] audit: type=1326 audit(1750358176.668:2036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4999 comm="syz.0.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2025de929 code=0x7ffc0000 [ 73.075750][ T29] audit: type=1326 audit(1750358176.668:2037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4999 comm="syz.0.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2025de929 code=0x7ffc0000 [ 73.099200][ T29] audit: type=1326 audit(1750358176.668:2038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4999 comm="syz.0.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2025de929 code=0x7ffc0000 [ 73.122903][ T29] audit: type=1326 audit(1750358176.668:2039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4999 comm="syz.0.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2025de929 code=0x7ffc0000 [ 73.146292][ T29] audit: type=1326 audit(1750358176.668:2040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4999 comm="syz.0.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2025de929 code=0x7ffc0000 [ 73.169746][ T29] audit: type=1326 audit(1750358176.668:2041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4999 comm="syz.0.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc2025e0847 code=0x7ffc0000 [ 73.193152][ T29] audit: type=1326 audit(1750358176.668:2042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4999 comm="syz.0.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fc2025e07bc code=0x7ffc0000 [ 73.216676][ T29] audit: type=1326 audit(1750358176.668:2043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4999 comm="syz.0.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc2025e06f4 code=0x7ffc0000 [ 73.230723][ T5008] netlink: 4 bytes leftover after parsing attributes in process `syz.4.484'. [ 73.400291][ T5020] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067968) [ 73.410772][ T5020] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647 [ 73.505115][ T5035] netlink: 'syz.0.492': attribute type 4 has an invalid length. [ 73.521717][ T5035] netlink: 'syz.0.492': attribute type 4 has an invalid length. [ 73.607293][ T5041] tipc: Started in network mode [ 73.612429][ T5041] tipc: Node identity 123810312e89, cluster identity 4711 [ 73.620187][ T5041] tipc: Enabled bearer , priority 0 [ 73.683219][ T5041] syzkaller0: MTU too low for tipc bearer [ 73.689060][ T5041] tipc: Disabling bearer [ 74.336929][ T5073] netlink: 'syz.0.507': attribute type 4 has an invalid length. [ 74.634027][ T5092] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 74.753394][ T5094] loop2: detected capacity change from 0 to 1024 [ 74.874467][ T5094] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.483927][ T5109] loop4: detected capacity change from 0 to 164 [ 75.513996][ T5109] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 75.588682][ T5113] netlink: 12 bytes leftover after parsing attributes in process `syz.3.521'. [ 75.621476][ T5113] loop3: detected capacity change from 0 to 1024 [ 75.634655][ T5113] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.690085][ T5119] netlink: 100 bytes leftover after parsing attributes in process `syz.1.520'. [ 75.919367][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.957047][ T5141] netlink: 'syz.2.525': attribute type 1 has an invalid length. [ 76.005054][ T5141] 8021q: adding VLAN 0 to HW filter on device bond1 [ 76.026191][ T5145] netlink: 4 bytes leftover after parsing attributes in process `syz.2.525'. [ 76.096170][ T5145] ipvlan2: entered promiscuous mode [ 76.101841][ T5145] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 76.109904][ T5145] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 76.365759][ T5163] netlink: 16 bytes leftover after parsing attributes in process `syz.2.532'. [ 76.374856][ T5163] netlink: 8 bytes leftover after parsing attributes in process `syz.2.532'. [ 76.413033][ T5163] loop2: detected capacity change from 0 to 512 [ 76.507018][ T5163] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.538384][ T5163] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.604974][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.751976][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.790885][ T5174] loop3: detected capacity change from 0 to 128 [ 76.866825][ T5174] bio_check_eod: 101 callbacks suppressed [ 76.866897][ T5174] syz.3.535: attempt to access beyond end of device [ 76.866897][ T5174] loop3: rw=2049, sector=140, nr_sectors = 8 limit=128 [ 76.906897][ T5174] syz.3.535: attempt to access beyond end of device [ 76.906897][ T5174] loop3: rw=2049, sector=156, nr_sectors = 1 limit=128 [ 76.921523][ T5174] Buffer I/O error on dev loop3, logical block 156, lost async page write [ 76.952104][ T5174] syz.3.535: attempt to access beyond end of device [ 76.952104][ T5174] loop3: rw=2049, sector=157, nr_sectors = 1 limit=128 [ 76.965817][ T5174] Buffer I/O error on dev loop3, logical block 157, lost async page write [ 76.988673][ T5174] syz.3.535: attempt to access beyond end of device [ 76.988673][ T5174] loop3: rw=2049, sector=158, nr_sectors = 1 limit=128 [ 77.002285][ T5174] Buffer I/O error on dev loop3, logical block 158, lost async page write [ 77.011043][ T5174] syz.3.535: attempt to access beyond end of device [ 77.011043][ T5174] loop3: rw=2049, sector=159, nr_sectors = 1 limit=128 [ 77.024477][ T5174] Buffer I/O error on dev loop3, logical block 159, lost async page write [ 77.065993][ T5186] loop4: detected capacity change from 0 to 1024 [ 77.073095][ T5174] syz.3.535: attempt to access beyond end of device [ 77.073095][ T5174] loop3: rw=2049, sector=160, nr_sectors = 1 limit=128 [ 77.086563][ T5174] Buffer I/O error on dev loop3, logical block 160, lost async page write [ 77.122467][ T5174] syz.3.535: attempt to access beyond end of device [ 77.122467][ T5174] loop3: rw=2049, sector=161, nr_sectors = 1 limit=128 [ 77.136125][ T5174] Buffer I/O error on dev loop3, logical block 161, lost async page write [ 77.150211][ T5174] syz.3.535: attempt to access beyond end of device [ 77.150211][ T5174] loop3: rw=2049, sector=132, nr_sectors = 1 limit=128 [ 77.163791][ T5174] Buffer I/O error on dev loop3, logical block 132, lost async page write [ 77.174178][ T5174] syz.3.535: attempt to access beyond end of device [ 77.174178][ T5174] loop3: rw=2049, sector=133, nr_sectors = 1 limit=128 [ 77.187586][ T5174] Buffer I/O error on dev loop3, logical block 133, lost async page write [ 77.197743][ T5174] syz.3.535: attempt to access beyond end of device [ 77.197743][ T5174] loop3: rw=2049, sector=150, nr_sectors = 1 limit=128 [ 77.211202][ T5174] Buffer I/O error on dev loop3, logical block 150, lost async page write [ 77.300225][ T5186] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.477336][ T5174] Buffer I/O error on dev loop3, logical block 151, lost async page write [ 77.655629][ T5198] 9pnet_fd: Insufficient options for proto=fd [ 77.672602][ T29] kauditd_printk_skb: 99 callbacks suppressed [ 77.672618][ T29] audit: type=1326 audit(1750358181.288:2143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5185 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 77.707625][ T5198] loop2: detected capacity change from 0 to 512 [ 77.715125][ T29] audit: type=1326 audit(1750358181.338:2144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5185 comm="syz.4.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9bd5be929 code=0x7ffc0000 [ 77.778189][ T5198] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 77.799209][ T5198] EXT4-fs (loop2): 1 truncate cleaned up [ 77.805429][ T5198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.809303][ T5202] tipc: New replicast peer: 255.255.255.255 [ 77.824629][ T5202] tipc: Enabled bearer , priority 10 [ 77.842383][ T29] audit: type=1400 audit(1750358181.458:2145): avc: denied { setattr } for pid=5197 comm="syz.2.544" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 77.954723][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.969674][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.977337][ T29] audit: type=1400 audit(1750358181.588:2146): avc: denied { bind } for pid=5211 comm="syz.0.550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 78.004033][ T5212] netlink: 4 bytes leftover after parsing attributes in process `syz.0.550'. [ 78.039908][ T29] audit: type=1326 audit(1750358181.618:2147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837129e929 code=0x7ffc0000 [ 78.063408][ T29] audit: type=1326 audit(1750358181.618:2148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837129e929 code=0x7ffc0000 [ 78.148556][ T29] audit: type=1326 audit(1750358181.768:2149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f837129e929 code=0x7ffc0000 [ 78.203658][ T29] audit: type=1326 audit(1750358181.808:2150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837129e929 code=0x7ffc0000 [ 78.227235][ T29] audit: type=1326 audit(1750358181.808:2151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837129e929 code=0x7ffc0000 [ 78.253649][ T5207] netlink: 'syz.3.547': attribute type 13 has an invalid length. [ 78.261678][ T5207] netlink: 152 bytes leftover after parsing attributes in process `syz.3.547'. [ 78.271130][ T5207] erspan0: refused to change device tx_queue_len [ 78.277576][ T5207] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 78.309929][ T29] audit: type=1326 audit(1750358181.878:2152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f837129e929 code=0x7ffc0000 [ 78.323937][ T5226] netlink: 12 bytes leftover after parsing attributes in process `syz.1.548'. [ 78.411541][ T5237] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 78.500033][ T5241] netlink: 100 bytes leftover after parsing attributes in process `syz.4.554'. [ 78.541498][ T5210] vlan3: entered allmulticast mode [ 78.546718][ T5210] bond2: entered allmulticast mode [ 78.588787][ T5228] sch_fq: defrate 0 ignored. [ 78.619006][ T5247] smc: net device bond0 applied user defined pnetid SYZ0 [ 78.630586][ T5247] smc: net device bond0 erased user defined pnetid SYZ0 [ 78.643416][ T5246] loop3: detected capacity change from 0 to 128 [ 78.659441][ T5246] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 78.689980][ T5246] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 78.904753][ T5260] bond3: entered promiscuous mode [ 78.909894][ T5260] bond3: entered allmulticast mode [ 78.943936][ T3388] tipc: Node number set to 1018236977 [ 78.982346][ T5260] 8021q: adding VLAN 0 to HW filter on device bond3 [ 79.047062][ T5260] bond3 (unregistering): Released all slaves [ 79.794643][ T12] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 79.918275][ T5276] loop3: detected capacity change from 0 to 1024 [ 79.925448][ T5276] EXT4-fs: Ignoring removed nomblk_io_submit option [ 79.955980][ T5276] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.055249][ T5299] netlink: 48 bytes leftover after parsing attributes in process `syz.0.572'. [ 80.093769][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.929102][ T5329] Cannot find add_set index 0 as target [ 80.986528][ T5335] netlink: 763 bytes leftover after parsing attributes in process `syz.0.585'. [ 81.027179][ T5335] bridge0: port 3(bond0) entered blocking state [ 81.033509][ T5335] bridge0: port 3(bond0) entered disabled state [ 81.073186][ T5335] bond0: entered allmulticast mode [ 81.078452][ T5335] bond_slave_0: entered allmulticast mode [ 81.084301][ T5335] bond_slave_1: entered allmulticast mode [ 81.094628][ T5335] bond0: entered promiscuous mode [ 81.099713][ T5335] bond_slave_0: entered promiscuous mode [ 81.105667][ T5335] bond_slave_1: entered promiscuous mode [ 81.113653][ T5335] bridge0: port 3(bond0) entered blocking state [ 81.120114][ T5335] bridge0: port 3(bond0) entered forwarding state [ 81.127076][ T5338] bond0: left allmulticast mode [ 81.132029][ T5338] bond_slave_0: left allmulticast mode [ 81.137577][ T5338] bond_slave_1: left allmulticast mode [ 81.143156][ T5338] bond0: left promiscuous mode [ 81.148017][ T5338] bond_slave_0: left promiscuous mode [ 81.153519][ T5338] bond_slave_1: left promiscuous mode [ 81.159202][ T5338] bridge0: port 3(bond0) entered disabled state [ 81.329160][ T5343] bridge0: port 3(gretap0) entered blocking state [ 81.335693][ T5343] bridge0: port 3(gretap0) entered disabled state [ 81.342670][ T5343] gretap0: entered allmulticast mode [ 81.367920][ T5343] gretap0: entered promiscuous mode [ 81.393998][ T5343] bridge0: port 3(gretap0) entered blocking state [ 81.400489][ T5343] bridge0: port 3(gretap0) entered forwarding state [ 81.538958][ T5347] gretap0: left allmulticast mode [ 81.544098][ T5347] gretap0: left promiscuous mode [ 81.549323][ T5347] bridge0: port 3(gretap0) entered disabled state [ 82.155361][ T5361] loop3: detected capacity change from 0 to 1024 [ 82.178398][ T5361] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 82.215732][ T5363] netlink: 4 bytes leftover after parsing attributes in process `syz.1.594'. [ 82.229635][ T5363] vcan0: entered promiscuous mode [ 82.235060][ T5363] vcan0: entered allmulticast mode [ 82.242999][ T5361] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 82.279677][ T5366] loop4: detected capacity change from 0 to 2048 [ 82.291226][ T5361] EXT4-fs (loop3): orphan cleanup on readonly fs [ 82.316188][ T5361] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.603: Invalid inode table block 0 in block_group 0 [ 82.339818][ T5366] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.361521][ T5361] EXT4-fs (loop3): Remounting filesystem read-only [ 82.368360][ T5366] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.380421][ T5361] EXT4-fs (loop3): 1 truncate cleaned up [ 82.396283][ T5361] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 82.576202][ T12] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:0: bg 0: block 345: padding at end of block bitmap is not set [ 82.669801][ T12] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 353 with error 117 [ 82.682571][ T12] EXT4-fs (loop4): This should not happen!! Data will be lost [ 82.682571][ T12] [ 82.850607][ T5390] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.875274][ T5387] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.883675][ T5387] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.892028][ T5387] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.900267][ T5387] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.916219][ T5387] geneve2: entered promiscuous mode [ 82.926087][ T5395] netlink: 'syz.0.601': attribute type 1 has an invalid length. [ 82.956568][ T5390] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.973556][ T5395] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 82.990378][ T5398] bridge0: entered promiscuous mode [ 82.995715][ T5398] bridge0: entered allmulticast mode [ 83.025786][ T5395] veth5: entered promiscuous mode [ 83.043459][ T5395] bond1: (slave veth5): Enslaving as a backup interface with a down link [ 83.053558][ T5390] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.115517][ T5390] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.171910][ T5390] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.190177][ T5390] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.216028][ T5390] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.222390][ T5366] syz.4.596 (5366) used greatest stack depth: 6040 bytes left [ 83.236290][ T5390] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.243623][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.265729][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.293475][ T5400] sch_fq: defrate 0 ignored. [ 83.298448][ T5407] loop3: detected capacity change from 0 to 512 [ 83.305508][ T5407] EXT4-fs: Ignoring removed mblk_io_submit option [ 83.320002][ T5409] loop4: detected capacity change from 0 to 1024 [ 83.326863][ T5407] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 83.374940][ T29] kauditd_printk_skb: 59 callbacks suppressed [ 83.375028][ T29] audit: type=1326 audit(1750358186.998:2210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5413 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 83.408566][ T29] audit: type=1326 audit(1750358187.028:2211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5413 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 83.432242][ T29] audit: type=1326 audit(1750358187.028:2212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5413 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 83.435760][ T5409] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.455616][ T29] audit: type=1326 audit(1750358187.028:2213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5413 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 83.470019][ T5407] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002] [ 83.491482][ T29] audit: type=1326 audit(1750358187.028:2214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5413 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 83.491512][ T29] audit: type=1326 audit(1750358187.028:2215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5413 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 83.500204][ T5407] System zones: [ 83.522804][ T29] audit: type=1326 audit(1750358187.028:2216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5413 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 83.546133][ T5407] 1-12 [ 83.549711][ T29] audit: type=1326 audit(1750358187.028:2217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5413 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 83.599914][ T29] audit: type=1326 audit(1750358187.028:2218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5413 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 83.623300][ T29] audit: type=1326 audit(1750358187.028:2219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5413 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd5f11e929 code=0x7ffc0000 [ 83.656500][ T5407] EXT4-fs (loop3): 1 truncate cleaned up [ 83.663018][ T5407] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.747750][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.295103][ T5425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.615'. [ 84.507021][ T5425] bond1: entered promiscuous mode [ 84.512125][ T5425] bond1: entered allmulticast mode [ 84.595138][ T5425] 8021q: adding VLAN 0 to HW filter on device bond1 [ 84.618662][ T5436] netlink: 'syz.1.617': attribute type 4 has an invalid length. [ 84.670275][ T5435] loop2: detected capacity change from 0 to 1024 [ 84.688531][ T5437] netlink: 'syz.1.617': attribute type 4 has an invalid length. [ 84.738046][ T5435] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.800500][ T5435] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 433:freeing already freed block (bit 27); block bitmap corrupt. [ 84.846600][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.879739][ T5446] loop4: detected capacity change from 0 to 2048 [ 84.881603][ T5435] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28 [ 84.898494][ T5435] EXT4-fs (loop2): This should not happen!! Data will be lost [ 84.898494][ T5435] [ 84.908276][ T5435] EXT4-fs (loop2): Total free blocks count 0 [ 84.914565][ T5435] EXT4-fs (loop2): Free/Dirty block details [ 84.920556][ T5435] EXT4-fs (loop2): free_blocks=16 [ 84.925767][ T5435] EXT4-fs (loop2): dirty_blocks=0 [ 84.930826][ T5435] EXT4-fs (loop2): Block reservation details [ 84.936872][ T5435] EXT4-fs (loop2): i_reserved_data_blocks=0 [ 84.941570][ T5446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.970939][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.025645][ T5452] loop3: detected capacity change from 0 to 1024 [ 85.059685][ T5452] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 85.101090][ T5452] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 85.164239][ T5452] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000] [ 85.206332][ T5452] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.621: lblock 2 mapped to illegal pblock 2 (length 1) [ 85.261385][ T5452] EXT4-fs (loop3): Remounting filesystem read-only [ 85.309235][ T5452] EXT4-fs (loop3): 1 orphan inode deleted [ 85.324441][ T5452] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.347407][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.355238][ T5455] netlink: 12 bytes leftover after parsing attributes in process `syz.2.624'. [ 85.366034][ T5452] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.417837][ T5455] vlan1: entered allmulticast mode [ 85.423001][ T5455] bond2: entered allmulticast mode [ 85.609000][ T5469] loop4: detected capacity change from 0 to 512 [ 85.625236][ T5469] EXT4-fs (loop4): can't mount with journal_async_commit, fs mounted w/o journal [ 86.132778][ T5479] loop4: detected capacity change from 0 to 512 [ 86.154260][ T5479] ext4: Unknown parameter 'func' [ 86.241691][ T5481] tipc: Started in network mode [ 86.246677][ T5481] tipc: Node identity c6b6cfca0073, cluster identity 4711 [ 86.254032][ T5481] tipc: Enabled bearer , priority 0 [ 86.265471][ T5481] syzkaller0: MTU too low for tipc bearer [ 86.271260][ T5481] tipc: Disabling bearer [ 86.403830][ T5485] loop3: detected capacity change from 0 to 1024 [ 86.421231][ T5485] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.673145][ T5501] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.736771][ T5501] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.796834][ T5501] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.895834][ T5501] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.159362][ T5485] ================================================================== [ 87.167997][ T5485] BUG: KCSAN: data-race in filemap_write_and_wait_range / xas_set_mark [ 87.176320][ T5485] [ 87.178635][ T5485] write to 0xffff88810b9593ec of 4 bytes by task 5493 on cpu 0: [ 87.186778][ T5485] xas_set_mark+0x12b/0x140 [ 87.191284][ T5485] __folio_start_writeback+0x1dd/0x440 [ 87.196725][ T5485] ext4_bio_write_folio+0x5ad/0x9f0 [ 87.201914][ T5485] mpage_submit_folio+0xe4/0x170 [ 87.206851][ T5485] mpage_process_page_bufs+0x39b/0x4a0 [ 87.212294][ T5485] mpage_prepare_extent_to_map+0x741/0xaa0 [ 87.218085][ T5485] ext4_do_writepages+0xa1a/0x21c0 [ 87.223282][ T5485] ext4_writepages+0x176/0x300 [ 87.228145][ T5485] do_writepages+0x1c6/0x310 [ 87.232749][ T5485] file_write_and_wait_range+0x156/0x2c0 [ 87.238428][ T5485] generic_buffers_fsync_noflush+0x45/0x120 [ 87.244452][ T5485] ext4_sync_file+0x1ab/0x690 [ 87.249175][ T5485] vfs_fsync_range+0x10d/0x130 [ 87.253971][ T5485] ext4_buffered_write_iter+0x34f/0x3c0 [ 87.259545][ T5485] ext4_file_write_iter+0xdbf/0xf00 [ 87.264772][ T5485] iter_file_splice_write+0x5f2/0x970 [ 87.270185][ T5485] direct_splice_actor+0x156/0x2a0 [ 87.275334][ T5485] splice_direct_to_actor+0x312/0x680 [ 87.280750][ T5485] do_splice_direct+0xda/0x150 [ 87.285533][ T5485] do_sendfile+0x380/0x650 [ 87.289961][ T5485] __x64_sys_sendfile64+0x105/0x150 [ 87.295171][ T5485] x64_sys_call+0xb39/0x2fb0 [ 87.299853][ T5485] do_syscall_64+0xd2/0x200 [ 87.304358][ T5485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.310434][ T5485] [ 87.312765][ T5485] read to 0xffff88810b9593ec of 4 bytes by task 5485 on cpu 1: [ 87.320319][ T5485] filemap_write_and_wait_range+0xfc/0x340 [ 87.326311][ T5485] filemap_invalidate_pages+0xa4/0x1a0 [ 87.331798][ T5485] kiocb_invalidate_pages+0x6e/0x80 [ 87.337008][ T5485] __iomap_dio_rw+0x5d4/0x1250 [ 87.341785][ T5485] iomap_dio_rw+0x40/0x90 [ 87.346135][ T5485] ext4_file_write_iter+0xad9/0xf00 [ 87.351520][ T5485] iter_file_splice_write+0x5f2/0x970 [ 87.356903][ T5485] direct_splice_actor+0x156/0x2a0 [ 87.362023][ T5485] splice_direct_to_actor+0x312/0x680 [ 87.367413][ T5485] do_splice_direct+0xda/0x150 [ 87.372186][ T5485] do_sendfile+0x380/0x650 [ 87.376634][ T5485] __x64_sys_sendfile64+0x105/0x150 [ 87.381843][ T5485] x64_sys_call+0xb39/0x2fb0 [ 87.386442][ T5485] do_syscall_64+0xd2/0x200 [ 87.390954][ T5485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.396851][ T5485] [ 87.399174][ T5485] value changed: 0x0a000021 -> 0x04000021 [ 87.404894][ T5485] [ 87.407218][ T5485] Reported by Kernel Concurrency Sanitizer on: [ 87.413371][ T5485] CPU: 1 UID: 0 PID: 5485 Comm: syz.3.634 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) [ 87.425788][ T5485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 87.435848][ T5485] ================================================================== [ 87.518080][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.532449][ T5501] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.543090][ T5501] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.554314][ T5501] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.565216][ T5501] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0