last executing test programs: 1.663876553s ago: executing program 3 (id=2107): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0}, 0x18) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}) sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)={0x20, 0x2, 0x1, 0x5, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x4}]}]}, 0x20}}, 0x4000040) r1 = semget$private(0x0, 0x1, 0x4ac0c2fc29e33682) semtimedop(r1, 0x0, 0x0, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0x1000, 0x1000}, {0x0, 0xfffe, 0x1000}, {0x4, 0x1}, {0x2, 0x6, 0x1000}, {0x4, 0xfe2d, 0x2000}, {0x4, 0x81}, {0x3, 0x4}, {0x2, 0x0, 0x800}], 0x8, &(0x7f00000000c0)={0x77359400}) epoll_create(0x8) 1.607237594s ago: executing program 3 (id=2109): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x7aaffc28465866a2, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) getgroups(0x9, &(0x7f0000001ec0)=[0x0, 0x0, 0xee00, 0xee01, 0x0, 0xffffffffffffffff, 0xee00, 0x0, 0xee00]) 1.584862925s ago: executing program 3 (id=2113): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) arch_prctl$ARCH_GET_CPUID(0x1011) 1.509599336s ago: executing program 3 (id=2115): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000000c0), 0x1, 0x553, &(0x7f0000000480)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) statfs(0x0, 0x0) clock_gettime(0xe20c6c34a41ee90b, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18) newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) (fail_nth: 2) setresuid(0x0, r3, 0x0) syz_clone(0xb0201100, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x1800a, &(0x7f0000003f80)=ANY=[], 0xfd, 0x30d, &(0x7f0000000bc0)="$eJzs3U1PE1sYwPGHvkFLoCxu7s01MZzoRjcTqK6VxkBibCJBanxJTAaYatOxJZ0GU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc05lO32hpC4Ui/H8J9GHOeWbO6ZTkOZMZ2Ln39mkmZWkpvSC+ISUDIiK7ImPiK0XOd2dbJQ5JrVdyefjH5/N37j+4FU8kpueUmonPX4kppUbHPzx7ES532xyU7bFHO99j37b/3f5/5/f8k7Sl0pbK5gpKVwu5rwV9wTTUUtrKaErNmoZuGSqdtYy8255z21Nmbnm5qPTs0khkOW9YltKzRZUxiqqQU4V8Ufkf6+ms0jRNjUQE7STX5ub0eFcpQ5Vo8QgGhCOQz8d1v4iE97Qk1/oyIAAA0FeN9b9PVF39L23r/9B+9f/6ha3C8N2N0XL9vxlqVv9f/eLuq67+L9WZTet/7/hN63+9u/p/b0V0thyg/sdJMx7as2mgGpYa83E9Uv79dbx+uD7hBNT/AAAAAAAAAAAAAAAAAAAAAAD8DXZtO2rbdtR79b6k/Kh37c8N/CJy/fhHjF5qdf4H259/nALVB/cCoyLmm5XkStJ9LXfYEhFTDJmQqPxyPg9lpdh78kiVjMlHc7Wcv7qS9Dst8ZSknfxJiQalNt/dh0hielK56vODEqnNj0lU/mk8vm3P3ExMx5rmh+TSxZp8TaLyaVFyYsqSM45q/stJpW7cTjTkh51+AAAAAACcBpqqaLJ+HxRNa9Xu5lfW143XB/zV9fVE0/V5QM4F+j17AAAAAADOBqv4PKObppHfJwhL+z5uEOygT2MQ6KZzF4E3w06zvHsZejyMzgLv4AERqTTZ7i0U0vO3ZaCLt6VF4JODZI2XZqMOOwvvslGrPjI7dfxn0An+e/f+Z+92eG1jqM1MDx749/8ABOv+0wsAAACAU6Fa9HtbpjrM3K25hx8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABzGcfx1tH7PEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgp/gQAAP//6/ULkQ==") r4 = getpgrp(0x0) pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0xfffffffffffffffb, 0x2, 0xffffffffffff4024, 0x0, 0x8, 0xfffffffffffffffd, 0xc000000000, 0x80}, 0x0, 0x0) r5 = syz_pidfd_open(r4, 0x0) pidfd_send_signal(r5, 0x0, &(0x7f0000000140)={0x0, 0x0, 0xd2000000}, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) getsockopt$SO_TIMESTAMP(r6, 0x1, 0x1d, 0x0, &(0x7f0000000040)) llistxattr(&(0x7f0000000080)='./file1\x00', 0x0, 0x0) 836.315236ms ago: executing program 1 (id=2134): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c) setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x4, 0x0, 0x0) 769.912098ms ago: executing program 1 (id=2135): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x7aaffc28465866a2, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) getgroups(0x9, &(0x7f0000001ec0)=[0x0, 0x0, 0xee00, 0xee01, 0x0, 0xffffffffffffffff, 0xee00, 0x0, 0xee00]) 759.994378ms ago: executing program 1 (id=2136): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8a, 0xf23}, 0x0, 0x1, 0x8001, 0x0, 0x0, 0x1, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000180), &(0x7f00000002c0)=r1}, 0x20) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340), 0x4) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r3}, &(0x7f00000001c0), &(0x7f0000000200)=r2}, 0xf) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r4}, 0x10) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r7 = dup(r6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}}) 627.03345ms ago: executing program 3 (id=2140): perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x480, 0x2000000000c8, 0x1, 0x4, 0x0, 0x0, 0xb, 0x0, 0x1c, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, 0x0, 0x0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r2, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) close(r1) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r2}, &(0x7f0000000340), &(0x7f0000000440)=r3}, 0x20) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea031100fe08000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef) 462.500292ms ago: executing program 3 (id=2143): setresgid(0xee01, 0x0, 0xffffffffffffffff) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1}) fcntl$lock(r0, 0x25, &(0x7f0000000340)={0x0, 0x0, 0x10080000f}) fcntl$lock(r0, 0x25, &(0x7f0000000180)={0x0, 0x0, 0x300}) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket(0x2b, 0x6, 0x2) socket$inet_icmp(0x2, 0x2, 0x1) r2 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3000000000080041007278650014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x4000840}, 0x24004000) connect$unix(0xffffffffffffffff, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7030000000000208500000072000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x24, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[], 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a9998500000004000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_DELLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'pimreg0\x00', 0x8000}) 430.363853ms ago: executing program 1 (id=2144): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0xce, 0x0, 0x0, 0x9}, {0x7, 0x7f, 0x5, 0x6}, {0x85, 0x6, 0x2, 0x3ff}]}) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000500000000000000", @ANYRES32=0x1, @ANYBLOB="0000000300", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000080)=0x40005, 0x4) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x4, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x400, 0x100, 0x6, 0x4, 0x0, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000001001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000000f1ff000000000000000018110000", @ANYBLOB="6b3605e22abfd74ea36ed9d743cd898b05b2520b84cf2845cb5cf4ab7055d816f830d482d931c4c49fae15c096f078d148c36f05879ffc228537645b6394ece4503238daf328532d15f38fef1d84d30dbea875c7dedb8a3442eee3b108728e851d529de32102cca2fa4675f2a1ed6e8b78b85885e2226598a0a4650400e72fe83371a432dd85050b9581c56a5af64ec9f5cc4fe8640069f5acd28c31f6931ebce76a7af5e6b074b7e98db6598559c9bef0d6621b2a", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) r4 = socket$key(0xf, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, 0x0) sendmsg$key(r4, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="020300000f0000000000000000000000010018000000000005000600000000000a00000000000000fc0200000700000000000000000000000000000000000000020001000000000000000280ff00000005000500000000000a"], 0x78}, 0x1, 0x7}, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='mm_page_free\x00', r5, 0x0, 0xfffffffffffffffe}, 0x18) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000540), 0x84) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r6, 0x0) perf_event_open(&(0x7f0000000400)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(r0, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0}, 0x80181}], 0x1, 0x120, 0x0) r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="180100001e0001000000000000000000"], 0x118}], 0x1}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0xc, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r2, @ANYRESHEX=r1], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94) r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10) socket(0x10, 0x3, 0x0) 325.643345ms ago: executing program 0 (id=2148): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r2) sendmsg$NFC_CMD_DEP_LINK_UP(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x40) 309.967805ms ago: executing program 4 (id=2149): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) arch_prctl$ARCH_GET_CPUID(0x1011) 294.077505ms ago: executing program 2 (id=2150): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00"/11], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a09040000000000000000020000000900010073797a30000000000900020073797a320000000038000000080a05000000000000000000020000060c00034000000000000c00020900020073797a32000000000900010073797a30"], 0x8c}}, 0x0) 278.451175ms ago: executing program 4 (id=2151): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x3a) sendfile(r2, r1, 0x0, 0x20000023893) 276.903165ms ago: executing program 0 (id=2152): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'sit0\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd') sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x60000, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x0, 0x6}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0) 265.205595ms ago: executing program 2 (id=2153): perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x480, 0x2000000000c8, 0x1, 0x4, 0x0, 0x0, 0xb, 0x0, 0x1c, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, 0x0, 0x0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r2, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) close(r1) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r2}, &(0x7f0000000340), &(0x7f0000000440)=r3}, 0x20) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea031100fe08000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef) 257.240915ms ago: executing program 1 (id=2154): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0xffffffff}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r1}, &(0x7f0000000880), &(0x7f00000008c0)=r0}, 0x20) 239.420226ms ago: executing program 2 (id=2155): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000700000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.metacopy\x00', 0x0, 0x20, 0x1) 238.202646ms ago: executing program 4 (id=2156): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', 0x0}) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000000)={r4, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x45}}, 0x10) setsockopt$packet_add_memb(r3, 0x107, 0x2, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 190.768847ms ago: executing program 0 (id=2157): r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8936, &(0x7f0000000000)) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000012c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4739}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@norecovery}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000000)={0x20000009}) 190.495337ms ago: executing program 2 (id=2158): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$netlink(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00'}, 0x10) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000a00)={[{@auto_da_alloc}]}, 0x0, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") 190.081867ms ago: executing program 4 (id=2159): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x7aaffc28465866a2, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) getgroups(0x9, &(0x7f0000001ec0)=[0x0, 0x0, 0xee00, 0xee01, 0x0, 0xffffffffffffffff, 0xee00, 0x0, 0xee00]) 187.350957ms ago: executing program 1 (id=2160): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000380)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x26, 0x0, 0x0, 0xffffffff, 0x0, @void, @value}, 0x28) r1 = socket$caif_seqpacket(0x25, 0x5, 0x1) setsockopt$CAIFSO_REQ_PARAM(r1, 0x116, 0x80, &(0x7f0000000600)="ad3fefa2fb2f5fba8565a1e6ba683425f80cb9a83fda36219d05d04060d20bb713733f4a8e14cc0cf1a74ff4b461c7008e72dabe69a343632804a0152f410f0bc23fff7aea58523c454385c5dc25b243b42f2fbefee78a526d9b6e3b1a5c5065d757755bdd675d3e57903016291799deecbb649c83e4f88d02579a9c37bae068075aa630e4564c2afe3a120f8c15d7aa2d2e98e09d75726e", 0x98) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) socket$l2tp6(0xa, 0x2, 0x73) socket$nl_route(0x10, 0x3, 0x0) r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 179.138597ms ago: executing program 0 (id=2161): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) arch_prctl$ARCH_GET_CPUID(0x1011) 148.139698ms ago: executing program 4 (id=2162): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00"/11], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r2) sendmsg$NFC_CMD_DEP_LINK_UP(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x40) 145.771308ms ago: executing program 0 (id=2163): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00"/11], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a09040000000000000000020000000900010073797a30000000000900020073797a320000000038000000080a05000000000000000000020000060c00034000000000000c00020900020073797a32000000000900010073797a30"], 0x8c}}, 0x0) 96.766218ms ago: executing program 4 (id=2164): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0xffffffff}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r1}, &(0x7f0000000880), &(0x7f00000008c0)=r0}, 0x20) (fail_nth: 2) 93.419488ms ago: executing program 0 (id=2165): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0xce, 0x0, 0x0, 0x9}, {0x7, 0x7f, 0x5, 0x6}, {0x85, 0x6, 0x2, 0x3ff}]}) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000500000000000000", @ANYRES32=0x1, @ANYBLOB="0000000300", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000080)=0x40005, 0x4) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x4, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x400, 0x100, 0x6, 0x4, 0x0, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000001001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000000f1ff000000000000000018110000", @ANYBLOB="6b3605e22abfd74ea36ed9d743cd898b05b2520b84cf2845cb5cf4ab7055d816f830d482d931c4c49fae15c096f078d148c36f05879ffc228537645b6394ece4503238daf328532d15f38fef1d84d30dbea875c7dedb8a3442eee3b108728e851d529de32102cca2fa4675f2a1ed6e8b78b85885e2226598a0a4650400e72fe83371a432dd85050b9581c56a5af64ec9f5cc4fe8640069f5acd28c31f6931ebce76a7af5e6b074b7e98db6598559c9bef0d6621b2a", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) r4 = socket$key(0xf, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, 0x0) sendmsg$key(r4, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="020300000f0000000000000000000000010018000000000005000600000000000a00000000000000fc0200000700000000000000000000000000000000000000020001000000000000000280ff00000005000500000000000a"], 0x78}, 0x1, 0x7}, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='mm_page_free\x00', r5, 0x0, 0xfffffffffffffffe}, 0x18) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000540), 0x84) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r6, 0x0) perf_event_open(&(0x7f0000000400)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(r0, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0}, 0x80181}], 0x1, 0x120, 0x0) r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="180100001e000100000000000000000005"], 0x118}], 0x1}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10) socket(0x10, 0x3, 0x0) 23.342699ms ago: executing program 2 (id=2166): perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x480, 0x2000000000c8, 0x1, 0x4, 0x0, 0x0, 0xb, 0x0, 0x1c, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, 0x0, 0x0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r2, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) close(r1) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r2}, &(0x7f0000000340), &(0x7f0000000440)=r3}, 0x20) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea031100fe08000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef) 0s ago: executing program 2 (id=2167): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x3a) sendfile(r2, r1, 0x0, 0x20000023893) kernel console output (not intermixed with test programs): : 0000200000002480 [ 101.063073][ T6838] RBP: 00007f60fff47090 R08: 0000000000000000 R09: 0000000000000000 [ 101.063088][ T6838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 101.063103][ T6838] R13: 0000000000000001 R14: 00007f6101af5fa0 R15: 00007ffc82227fe8 [ 101.063125][ T6838] [ 101.172958][ T6846] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 101.245413][ T6831] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #3: block 2: comm syz.4.1229: lblock 2 mapped to illegal pblock 2 (length 1) [ 101.317979][ T6831] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #3: block 48: comm syz.4.1229: lblock 0 mapped to illegal pblock 48 (length 1) [ 101.349094][ T6850] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1236'. [ 101.424038][ T6831] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1229: Failed to acquire dquot type 0 [ 101.437017][ T6831] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 101.455687][ T6831] EXT4-fs error (device loop4): ext4_evict_inode:256: inode #11: comm syz.4.1229: mark_inode_dirty error [ 101.536962][ T6831] EXT4-fs warning (device loop4): ext4_evict_inode:259: couldn't mark inode dirty (err -117) [ 101.547584][ T6875] loop1: detected capacity change from 0 to 128 [ 101.554527][ T6875] EXT4-fs: Ignoring removed nobh option [ 101.571579][ T6831] EXT4-fs (loop4): 1 orphan inode deleted [ 101.572911][ T6875] ext4 filesystem being mounted at /261/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 101.594802][ T12] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 101.611152][ T12] EXT4-fs error (device loop4): ext4_release_dquot:6950: comm kworker/u8:0: Failed to release dquot type 0 [ 101.634211][ T6875] serio: Serial port ptm1 [ 102.113804][ T6902] loop1: detected capacity change from 0 to 1024 [ 102.121412][ T6902] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 102.143062][ T3309] EXT4-fs error (device loop4): __ext4_get_inode_loc:4439: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 102.157298][ T3309] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 102.158420][ T6902] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 102.175304][ T6902] EXT4-fs (loop1): orphan cleanup on readonly fs [ 102.178818][ T3309] EXT4-fs error (device loop4): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error [ 102.194700][ T6902] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 102.212500][ T6902] EXT4-fs (loop1): Remounting filesystem read-only [ 102.219358][ T6902] EXT4-fs (loop1): 1 orphan inode deleted [ 102.228432][ T6908] FAULT_INJECTION: forcing a failure. [ 102.228432][ T6908] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 102.241678][ T6908] CPU: 1 UID: 0 PID: 6908 Comm: syz.4.1254 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 102.241713][ T6908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 102.241728][ T6908] Call Trace: [ 102.241736][ T6908] [ 102.241745][ T6908] dump_stack_lvl+0xf6/0x150 [ 102.241769][ T6908] dump_stack+0x15/0x1a [ 102.241788][ T6908] should_fail_ex+0x261/0x270 [ 102.241816][ T6908] should_fail+0xb/0x10 [ 102.241853][ T6908] should_fail_usercopy+0x1a/0x20 [ 102.241901][ T6908] _copy_from_user+0x1c/0xa0 [ 102.241926][ T6908] memdup_user+0x6b/0xd0 [ 102.241997][ T6908] ucma_set_option+0xd0/0x6f0 [ 102.242025][ T6908] ? kstrtouint+0x7b/0xc0 [ 102.242045][ T6908] ? kstrtouint_from_user+0xbf/0x100 [ 102.242075][ T6908] ? should_fail_ex+0xd7/0x270 [ 102.242167][ T6908] ucma_write+0x1b6/0x250 [ 102.242188][ T6908] ? __pfx_ucma_write+0x10/0x10 [ 102.242214][ T6908] vfs_write+0x295/0x950 [ 102.242273][ T6908] ? putname+0xe1/0x100 [ 102.242300][ T6908] ? __fget_files+0x186/0x1c0 [ 102.242326][ T6908] ksys_write+0xeb/0x1b0 [ 102.242358][ T6908] __x64_sys_write+0x42/0x50 [ 102.242392][ T6908] x64_sys_call+0x2a45/0x2e10 [ 102.242428][ T6908] do_syscall_64+0xc9/0x1c0 [ 102.242509][ T6908] ? clear_bhb_loop+0x25/0x80 [ 102.242529][ T6908] ? clear_bhb_loop+0x25/0x80 [ 102.242550][ T6908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.242576][ T6908] RIP: 0033:0x7fb0f66dd169 [ 102.242594][ T6908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.242656][ T6908] RSP: 002b:00007fb0f4d47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 102.242677][ T6908] RAX: ffffffffffffffda RBX: 00007fb0f68f5fa0 RCX: 00007fb0f66dd169 [ 102.242689][ T6908] RDX: 0000000000000020 RSI: 0000200000000380 RDI: 0000000000000004 [ 102.242733][ T6908] RBP: 00007fb0f4d47090 R08: 0000000000000000 R09: 0000000000000000 [ 102.242748][ T6908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 102.242760][ T6908] R13: 0000000000000000 R14: 00007fb0f68f5fa0 R15: 00007ffd7057eab8 [ 102.242779][ T6908] [ 102.249833][ T6902] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 102.317030][ T6912] serio: Serial port ptm0 [ 102.625795][ T6921] loop2: detected capacity change from 0 to 1024 [ 102.658819][ T6921] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 102.670987][ T6921] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 102.928242][ T6921] JBD2: no valid journal superblock found [ 102.935065][ T6921] EXT4-fs (loop2): Could not load journal inode [ 103.066171][ T6941] SELinux: policydb magic number 0x1 does not match expected magic number 0xf97cff8c [ 103.123964][ T6941] SELinux: failed to load policy [ 103.155585][ T6939] SELinux: ebitmap: truncated map [ 103.160985][ T6939] SELinux: failed to load policy [ 103.218537][ T6943] SELinux: ebitmap: truncated map [ 103.224153][ T6943] SELinux: failed to load policy [ 103.294205][ T6955] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 103.310772][ T6951] loop4: detected capacity change from 0 to 8192 [ 103.350462][ T6955] bridge_slave_0: left allmulticast mode [ 103.356269][ T6955] bridge_slave_0: left promiscuous mode [ 103.361989][ T6955] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.372874][ T6955] bridge_slave_1: left allmulticast mode [ 103.378569][ T6955] bridge_slave_1: left promiscuous mode [ 103.384618][ T6955] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.411563][ T6955] bond0: (slave bond_slave_0): Releasing backup interface [ 103.444620][ T6955] bond0: (slave bond_slave_1): Releasing backup interface [ 103.514921][ T6974] FAULT_INJECTION: forcing a failure. [ 103.514921][ T6974] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 103.528082][ T6974] CPU: 1 UID: 0 PID: 6974 Comm: syz.3.1284 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 103.528111][ T6974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 103.528125][ T6974] Call Trace: [ 103.528132][ T6974] [ 103.528141][ T6974] dump_stack_lvl+0xf6/0x150 [ 103.528167][ T6974] dump_stack+0x15/0x1a [ 103.528226][ T6974] should_fail_ex+0x261/0x270 [ 103.528269][ T6974] should_fail+0xb/0x10 [ 103.528292][ T6974] should_fail_usercopy+0x1a/0x20 [ 103.528318][ T6974] strncpy_from_user+0x25/0x230 [ 103.528429][ T6974] ? __se_sys_memfd_create+0x1ea/0x5a0 [ 103.528472][ T6955] team0: Port device team_slave_0 removed [ 103.528467][ T6974] __se_sys_memfd_create+0x218/0x5a0 [ 103.528569][ T6974] __x64_sys_memfd_create+0x31/0x40 [ 103.528658][ T6974] x64_sys_call+0x1163/0x2e10 [ 103.528686][ T6974] do_syscall_64+0xc9/0x1c0 [ 103.528720][ T6974] ? clear_bhb_loop+0x25/0x80 [ 103.528748][ T6974] ? clear_bhb_loop+0x25/0x80 [ 103.528912][ T6974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.528939][ T6974] RIP: 0033:0x7f683634d169 [ 103.528957][ T6974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.528981][ T6974] RSP: 002b:00007f68349b6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 103.529013][ T6974] RAX: ffffffffffffffda RBX: 000000000000120b RCX: 00007f683634d169 [ 103.529029][ T6974] RDX: 00007f68349b6ef0 RSI: 0000000000000000 RDI: 00007f68363cec3c [ 103.529065][ T6974] RBP: 0000200000002300 R08: 00007f68349b6bb7 R09: 00007f68349b6e40 [ 103.529080][ T6974] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000000c0 [ 103.529095][ T6974] R13: 00007f68349b6ef0 R14: 00007f68349b6eb0 R15: 00002000000006c0 [ 103.529118][ T6974] [ 103.564842][ T6977] FAULT_INJECTION: forcing a failure. [ 103.564842][ T6977] name failslab, interval 1, probability 0, space 0, times 0 [ 103.667438][ T6969] loop4: detected capacity change from 0 to 1024 [ 103.671898][ T6977] CPU: 1 UID: 0 PID: 6977 Comm: syz.0.1285 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 103.671933][ T6977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 103.671945][ T6977] Call Trace: [ 103.671952][ T6977] [ 103.671965][ T6977] dump_stack_lvl+0xf6/0x150 [ 103.672010][ T6977] dump_stack+0x15/0x1a [ 103.672030][ T6977] should_fail_ex+0x261/0x270 [ 103.672057][ T6977] should_failslab+0x8f/0xb0 [ 103.672081][ T6977] kmem_cache_alloc_node_noprof+0x5c/0x340 [ 103.672114][ T6977] ? __alloc_skb+0x10d/0x320 [ 103.672168][ T6977] __alloc_skb+0x10d/0x320 [ 103.672207][ T6977] netlink_alloc_large_skb+0xad/0xe0 [ 103.672240][ T6977] netlink_sendmsg+0x3da/0x720 [ 103.672350][ T6977] ? __pfx_netlink_sendmsg+0x10/0x10 [ 103.672385][ T6977] __sock_sendmsg+0x140/0x180 [ 103.672420][ T6977] ____sys_sendmsg+0x350/0x4e0 [ 103.672492][ T6977] __sys_sendmsg+0x1a0/0x240 [ 103.672533][ T6977] __x64_sys_sendmsg+0x46/0x50 [ 103.672557][ T6977] x64_sys_call+0x26f3/0x2e10 [ 103.672585][ T6977] do_syscall_64+0xc9/0x1c0 [ 103.672621][ T6977] ? clear_bhb_loop+0x25/0x80 [ 103.672706][ T6977] ? clear_bhb_loop+0x25/0x80 [ 103.672733][ T6977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.672759][ T6977] RIP: 0033:0x7f709ef2d169 [ 103.672779][ T6977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.672824][ T6977] RSP: 002b:00007f709d56e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 103.672848][ T6977] RAX: ffffffffffffffda RBX: 00007f709f146080 RCX: 00007f709ef2d169 [ 103.672864][ T6977] RDX: 0000000004004000 RSI: 0000200000000100 RDI: 0000000000000004 [ 103.672879][ T6977] RBP: 00007f709d56e090 R08: 0000000000000000 R09: 0000000000000000 [ 103.672894][ T6977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 103.672909][ T6977] R13: 0000000000000000 R14: 00007f709f146080 R15: 00007ffe22b33828 [ 103.672932][ T6977] [ 103.943041][ T6955] team0: Port device team_slave_1 removed [ 103.950136][ T6955] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 103.957737][ T6955] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 103.965682][ T6969] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 103.977665][ T6969] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 103.991114][ T6955] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 103.998667][ T6955] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 104.018596][ T6969] JBD2: no valid journal superblock found [ 104.024911][ T6969] EXT4-fs (loop4): Could not load journal inode [ 104.045575][ T6955] vlan2: left allmulticast mode [ 104.050528][ T6955] gretap0: left allmulticast mode [ 104.056558][ T6955] vlan2: left promiscuous mode [ 104.061439][ T6955] gretap0: left promiscuous mode [ 104.066592][ T6955] bridge0: port 3(vlan2) entered disabled state [ 104.180864][ T6998] loop4: detected capacity change from 0 to 1024 [ 104.190845][ T6998] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 104.207460][ T6998] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 104.232628][ T6998] EXT4-fs (loop4): orphan cleanup on readonly fs [ 104.250587][ T7004] FAULT_INJECTION: forcing a failure. [ 104.250587][ T7004] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 104.250906][ T6998] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 104.263728][ T7004] CPU: 1 UID: 0 PID: 7004 Comm: syz.3.1294 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 104.263842][ T7004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 104.263859][ T7004] Call Trace: [ 104.263868][ T7004] [ 104.263878][ T7004] dump_stack_lvl+0xf6/0x150 [ 104.263908][ T7004] dump_stack+0x15/0x1a [ 104.263928][ T7004] should_fail_ex+0x261/0x270 [ 104.264033][ T7004] should_fail+0xb/0x10 [ 104.264100][ T7004] should_fail_usercopy+0x1a/0x20 [ 104.264157][ T7004] _copy_to_user+0x20/0xa0 [ 104.264198][ T7004] simple_read_from_buffer+0xb2/0x130 [ 104.264249][ T7004] proc_fail_nth_read+0x103/0x140 [ 104.264279][ T7004] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 104.264342][ T7004] vfs_read+0x1b2/0x710 [ 104.264380][ T7004] ? __rcu_read_unlock+0x4e/0x70 [ 104.264411][ T7004] ? __fget_files+0x186/0x1c0 [ 104.264440][ T7004] ksys_read+0xeb/0x1b0 [ 104.264507][ T7004] __x64_sys_read+0x42/0x50 [ 104.264545][ T7004] x64_sys_call+0x2a3b/0x2e10 [ 104.264571][ T7004] do_syscall_64+0xc9/0x1c0 [ 104.264606][ T7004] ? clear_bhb_loop+0x25/0x80 [ 104.264712][ T7004] ? clear_bhb_loop+0x25/0x80 [ 104.264751][ T7004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.264777][ T7004] RIP: 0033:0x7f683634bb7c [ 104.264797][ T7004] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 104.264819][ T7004] RSP: 002b:00007f68349b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 104.264844][ T7004] RAX: ffffffffffffffda RBX: 00007f6836565fa0 RCX: 00007f683634bb7c [ 104.264859][ T7004] RDX: 000000000000000f RSI: 00007f68349b70a0 RDI: 0000000000000004 [ 104.264875][ T7004] RBP: 00007f68349b7090 R08: 0000000000000000 R09: 0000000000000000 [ 104.264890][ T7004] R10: 0000000000800000 R11: 0000000000000246 R12: 0000000000000001 [ 104.264905][ T7004] R13: 0000000000000000 R14: 00007f6836565fa0 R15: 00007ffdbdbde568 [ 104.264980][ T7004] [ 104.277687][ T7005] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1289'. [ 104.326314][ T6998] EXT4-fs (loop4): Remounting filesystem read-only [ 104.356729][ T7007] FAULT_INJECTION: forcing a failure. [ 104.356729][ T7007] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 104.359591][ T6998] EXT4-fs (loop4): 1 orphan inode deleted [ 104.363666][ T7007] CPU: 1 UID: 0 PID: 7007 Comm: syz.2.1295 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 104.363711][ T7007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 104.363736][ T7007] Call Trace: [ 104.363744][ T7007] [ 104.363754][ T7007] dump_stack_lvl+0xf6/0x150 [ 104.363786][ T7007] dump_stack+0x15/0x1a [ 104.363806][ T7007] should_fail_ex+0x261/0x270 [ 104.363837][ T7007] should_fail+0xb/0x10 [ 104.363900][ T7007] should_fail_usercopy+0x1a/0x20 [ 104.363939][ T7007] _copy_from_iter+0xd8/0xd10 [ 104.363972][ T7007] ? alloc_pages_mpol+0x214/0x260 [ 104.364010][ T7007] copy_page_from_iter+0x14f/0x280 [ 104.364112][ T7007] tun_get_user+0x68b/0x2670 [ 104.364186][ T7007] ? ref_tracker_alloc+0x1ff/0x310 [ 104.364220][ T7007] tun_chr_write_iter+0x188/0x240 [ 104.364262][ T7007] vfs_write+0x79b/0x950 [ 104.364299][ T7007] ? perf_trace_run_bpf_submit+0xb0/0x110 [ 104.364390][ T7007] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 104.364436][ T7007] ksys_write+0xeb/0x1b0 [ 104.364523][ T7007] __x64_sys_write+0x42/0x50 [ 104.364689][ T7007] x64_sys_call+0x2a45/0x2e10 [ 104.364854][ T7007] do_syscall_64+0xc9/0x1c0 [ 104.364888][ T7007] ? clear_bhb_loop+0x25/0x80 [ 104.364915][ T7007] ? clear_bhb_loop+0x25/0x80 [ 104.364961][ T7007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.364987][ T7007] RIP: 0033:0x7f582877bc1f [ 104.365007][ T7007] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 104.365094][ T7007] RSP: 002b:00007f5826ddf000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 104.365117][ T7007] RAX: ffffffffffffffda RBX: 00007f5828995fa0 RCX: 00007f582877bc1f [ 104.365164][ T7007] RDX: 0000000000000042 RSI: 0000200000000380 RDI: 00000000000000c8 [ 104.365187][ T7007] RBP: 00007f5826ddf090 R08: 0000000000000000 R09: 0000000000000000 [ 104.365203][ T7007] R10: 0000000000000042 R11: 0000000000000293 R12: 0000000000000001 [ 104.365218][ T7007] R13: 0000000000000000 R14: 00007f5828995fa0 R15: 00007ffc62eff968 [ 104.365243][ T7007] [ 104.711782][ T6998] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 104.796646][ T7015] 9pnet_fd: Insufficient options for proto=fd [ 104.838162][ T7024] netlink: 180900 bytes leftover after parsing attributes in process `syz.1.1301'. [ 104.848170][ T7024] netlink: zone id is out of range [ 104.853387][ T7024] netlink: zone id is out of range [ 104.865692][ T7024] netlink: set zone limit has 8 unknown bytes [ 104.977263][ T7044] loop1: detected capacity change from 0 to 764 [ 105.172941][ T7054] FAULT_INJECTION: forcing a failure. [ 105.172941][ T7054] name failslab, interval 1, probability 0, space 0, times 0 [ 105.185748][ T7054] CPU: 0 UID: 0 PID: 7054 Comm: syz.3.1313 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 105.185859][ T7054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 105.185875][ T7054] Call Trace: [ 105.185882][ T7054] [ 105.185891][ T7054] dump_stack_lvl+0xf6/0x150 [ 105.185918][ T7054] dump_stack+0x15/0x1a [ 105.185937][ T7054] should_fail_ex+0x261/0x270 [ 105.185965][ T7054] should_failslab+0x8f/0xb0 [ 105.186058][ T7054] kmem_cache_alloc_node_noprof+0x5c/0x340 [ 105.186122][ T7054] ? __alloc_skb+0x10d/0x320 [ 105.186156][ T7054] __alloc_skb+0x10d/0x320 [ 105.186240][ T7054] netlink_alloc_large_skb+0xad/0xe0 [ 105.186332][ T7054] netlink_sendmsg+0x3da/0x720 [ 105.186409][ T7054] ? __pfx_netlink_sendmsg+0x10/0x10 [ 105.186437][ T7054] __sock_sendmsg+0x140/0x180 [ 105.186492][ T7054] ____sys_sendmsg+0x350/0x4e0 [ 105.186516][ T7054] __sys_sendmsg+0x1a0/0x240 [ 105.186591][ T7054] __x64_sys_sendmsg+0x46/0x50 [ 105.186611][ T7054] x64_sys_call+0x26f3/0x2e10 [ 105.186703][ T7054] do_syscall_64+0xc9/0x1c0 [ 105.186730][ T7054] ? clear_bhb_loop+0x25/0x80 [ 105.186773][ T7054] ? clear_bhb_loop+0x25/0x80 [ 105.186801][ T7054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.186843][ T7054] RIP: 0033:0x7f683634d169 [ 105.186858][ T7054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.186876][ T7054] RSP: 002b:00007f68349b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 105.186894][ T7054] RAX: ffffffffffffffda RBX: 00007f6836565fa0 RCX: 00007f683634d169 [ 105.186906][ T7054] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003 [ 105.186920][ T7054] RBP: 00007f68349b7090 R08: 0000000000000000 R09: 0000000000000000 [ 105.186931][ T7054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 105.186942][ T7054] R13: 0000000000000000 R14: 00007f6836565fa0 R15: 00007ffdbdbde568 [ 105.186959][ T7054] [ 105.395709][ T29] kauditd_printk_skb: 386 callbacks suppressed [ 105.395723][ T29] audit: type=1400 audit(1743055169.758:8581): avc: denied { unmount } for pid=3305 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 105.426256][ T29] audit: type=1107 audit(1743055169.768:8582): pid=7057 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 105.450099][ T7061] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1317'. [ 105.483224][ T7064] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1318'. [ 105.643969][ T29] audit: type=1400 audit(1743055170.008:8583): avc: denied { create } for pid=7068 comm="syz.1.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 105.739936][ T7070] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1313'. [ 105.792276][ T29] audit: type=1400 audit(1743055170.038:8584): avc: denied { ioctl } for pid=7068 comm="syz.1.1320" path="socket:[17113]" dev="sockfs" ino=17113 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 105.817026][ T29] audit: type=1400 audit(1743055170.118:8585): avc: denied { execute } for pid=7053 comm="syz.3.1313" dev="tmpfs" ino=1177 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 105.838241][ T29] audit: type=1400 audit(1743055170.118:8586): avc: denied { execute_no_trans } for pid=7053 comm="syz.3.1313" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1177 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 106.394223][ T29] audit: type=1400 audit(1743055170.338:8587): avc: denied { create } for pid=7068 comm="syz.1.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 106.414129][ T29] audit: type=1400 audit(1743055170.338:8588): avc: denied { sys_admin } for pid=7068 comm="syz.1.1320" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 106.563187][ T7082] loop1: detected capacity change from 0 to 1024 [ 106.592193][ T7086] loop4: detected capacity change from 0 to 164 [ 106.615064][ T7082] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 106.632663][ T7086] iso9660: Bad value for 'map' [ 106.651259][ T7082] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 106.659830][ T7086] xt_hashlimit: max too large, truncated to 1048576 [ 106.695586][ T29] audit: type=1326 audit(1743055170.898:8589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.1.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61018dd169 code=0x7ffc0000 [ 106.719141][ T29] audit: type=1326 audit(1743055170.898:8590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.1.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61018dd169 code=0x7ffc0000 [ 106.746070][ T7082] EXT4-fs (loop1): orphan cleanup on readonly fs [ 106.769150][ T7082] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 106.781042][ T7086] No such timeout policy "syz1" [ 106.826009][ T7082] EXT4-fs (loop1): Remounting filesystem read-only [ 106.849059][ T7082] EXT4-fs (loop1): 1 orphan inode deleted [ 106.878308][ T7082] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 107.099246][ T7099] loop2: detected capacity change from 0 to 1024 [ 107.118651][ T7099] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 107.130818][ T7099] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 107.191084][ T7099] JBD2: no valid journal superblock found [ 107.197491][ T7099] EXT4-fs (loop2): Could not load journal inode [ 107.212603][ T7112] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1333'. [ 107.298162][ T7123] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.349366][ T7128] loop2: detected capacity change from 0 to 512 [ 107.403411][ T7128] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 107.426564][ T7136] netlink: 'syz.1.1337': attribute type 4 has an invalid length. [ 107.445182][ T7128] EXT4-fs (loop2): 1 truncate cleaned up [ 107.491142][ T7112] loop3: detected capacity change from 0 to 2048 [ 107.505979][ T7093] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 107.517401][ T7123] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.528588][ T7093] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 107.579392][ T7123] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.627074][ T7123] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.643824][ T7149] loop4: detected capacity change from 0 to 1024 [ 107.655535][ T7149] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 107.677857][ T7149] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 107.686182][ T7149] EXT4-fs (loop4): orphan cleanup on readonly fs [ 107.695160][ T7149] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 107.704804][ T7149] EXT4-fs (loop4): Remounting filesystem read-only [ 107.711492][ T7149] EXT4-fs (loop4): 1 orphan inode deleted [ 107.721679][ T7149] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 107.723483][ T7123] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.744946][ T7123] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.757010][ T7123] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.788251][ T7123] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.866136][ T7163] loop1: detected capacity change from 0 to 512 [ 107.875107][ T7163] EXT4-fs: inline encryption not supported [ 107.895313][ T7163] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 107.918430][ T7157] EXT4-fs error (device loop1): ext4_do_update_inode:5158: inode #2: comm syz.1.1343: corrupted inode contents [ 107.930572][ T7157] EXT4-fs error (device loop1): ext4_dirty_inode:6046: inode #2: comm syz.1.1343: mark_inode_dirty error [ 107.944746][ T7155] loop3: detected capacity change from 0 to 1024 [ 107.957016][ T7157] EXT4-fs error (device loop1): ext4_do_update_inode:5158: inode #2: comm syz.1.1343: corrupted inode contents [ 107.970073][ T7162] loop2: detected capacity change from 0 to 1024 [ 107.996693][ T7162] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 108.009724][ T7162] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 108.010080][ T7155] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 108.010308][ T7155] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 108.045284][ T7157] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.1343: mark_inode_dirty error [ 108.057719][ T7155] JBD2: no valid journal superblock found [ 108.065119][ T7155] EXT4-fs (loop3): Could not load journal inode [ 108.112632][ T7175] netlink: 'syz.4.1350': attribute type 4 has an invalid length. [ 108.143945][ T7162] JBD2: no valid journal superblock found [ 108.151426][ T7162] EXT4-fs (loop2): Could not load journal inode [ 108.175709][ T3305] EXT4-fs unmount: 55 callbacks suppressed [ 108.175726][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.430714][ T7210] netlink: 'syz.3.1365': attribute type 4 has an invalid length. [ 108.445086][ T7212] loop2: detected capacity change from 0 to 512 [ 108.452821][ T7212] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 108.515609][ T7212] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.528385][ T7212] ext4 filesystem being mounted at /264/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.861356][ T7222] FAULT_INJECTION: forcing a failure. [ 108.861356][ T7222] name failslab, interval 1, probability 0, space 0, times 0 [ 108.874218][ T7222] CPU: 1 UID: 0 PID: 7222 Comm: syz.0.1368 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 108.874277][ T7222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 108.874339][ T7222] Call Trace: [ 108.874346][ T7222] [ 108.874355][ T7222] dump_stack_lvl+0xf6/0x150 [ 108.874379][ T7222] dump_stack+0x15/0x1a [ 108.874398][ T7222] should_fail_ex+0x261/0x270 [ 108.874427][ T7222] should_failslab+0x8f/0xb0 [ 108.874450][ T7222] kmem_cache_alloc_node_noprof+0x5c/0x340 [ 108.874519][ T7222] ? __alloc_skb+0x10d/0x320 [ 108.874563][ T7222] __alloc_skb+0x10d/0x320 [ 108.874602][ T7222] pfkey_sendmsg+0x10f/0x950 [ 108.874697][ T7222] ? avc_has_perm+0xd6/0x150 [ 108.874761][ T7222] ? selinux_socket_sendmsg+0x18a/0x1c0 [ 108.874806][ T7222] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 108.874826][ T7222] __sock_sendmsg+0x140/0x180 [ 108.874941][ T7222] ____sys_sendmsg+0x350/0x4e0 [ 108.875045][ T7222] __sys_sendmsg+0x1a0/0x240 [ 108.875082][ T7222] __x64_sys_sendmsg+0x46/0x50 [ 108.875106][ T7222] x64_sys_call+0x26f3/0x2e10 [ 108.875176][ T7222] do_syscall_64+0xc9/0x1c0 [ 108.875251][ T7222] ? clear_bhb_loop+0x25/0x80 [ 108.875278][ T7222] ? clear_bhb_loop+0x25/0x80 [ 108.875298][ T7222] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.875341][ T7222] RIP: 0033:0x7f709ef2d169 [ 108.875359][ T7222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.875381][ T7222] RSP: 002b:00007f709d58f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 108.875404][ T7222] RAX: ffffffffffffffda RBX: 00007f709f145fa0 RCX: 00007f709ef2d169 [ 108.875419][ T7222] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 108.875433][ T7222] RBP: 00007f709d58f090 R08: 0000000000000000 R09: 0000000000000000 [ 108.875454][ T7222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 108.875465][ T7222] R13: 0000000000000000 R14: 00007f709f145fa0 R15: 00007ffe22b33828 [ 108.875481][ T7222] [ 109.387364][ T7230] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1372'. [ 109.399104][ T7226] loop3: detected capacity change from 0 to 1024 [ 109.433842][ T7226] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 109.445636][ T7226] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 109.629810][ T7230] syzkaller1: entered promiscuous mode [ 109.635447][ T7230] syzkaller1: entered allmulticast mode [ 110.257657][ T7226] JBD2: no valid journal superblock found [ 110.265359][ T7226] EXT4-fs (loop3): Could not load journal inode [ 110.420398][ T29] kauditd_printk_skb: 236 callbacks suppressed [ 110.420417][ T29] audit: type=1107 audit(1743055174.778:8819): pid=7244 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 110.483531][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.507129][ T7243] loop1: detected capacity change from 0 to 1024 [ 110.531391][ T7249] netlink: 'syz.2.1379': attribute type 3 has an invalid length. [ 110.540794][ T7243] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 110.553294][ T7243] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 110.572122][ T29] audit: type=1400 audit(1743055174.928:8820): avc: denied { ioctl } for pid=7248 comm="syz.2.1379" path="socket:[18202]" dev="sockfs" ino=18202 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 110.633548][ T7255] netlink: 'syz.2.1380': attribute type 4 has an invalid length. [ 110.646815][ T7243] JBD2: no valid journal superblock found [ 110.653523][ T7243] EXT4-fs (loop1): Could not load journal inode [ 110.779829][ T29] audit: type=1326 audit(1743055175.138:8821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7246 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0f66dd169 code=0x7ffc0000 [ 110.825120][ T29] audit: type=1326 audit(1743055175.138:8822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7246 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0f66dd169 code=0x7ffc0000 [ 110.849026][ T29] audit: type=1326 audit(1743055175.138:8823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7246 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0f66dd169 code=0x7ffc0000 [ 110.872559][ T29] audit: type=1326 audit(1743055175.138:8824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7246 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0f66dd169 code=0x7ffc0000 [ 110.896320][ T29] audit: type=1326 audit(1743055175.138:8825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7246 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0f66dd169 code=0x7ffc0000 [ 110.919927][ T29] audit: type=1326 audit(1743055175.138:8826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7246 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0f66dd169 code=0x7ffc0000 [ 110.943602][ T29] audit: type=1326 audit(1743055175.138:8827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7246 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0f66dd169 code=0x7ffc0000 [ 110.967063][ T29] audit: type=1326 audit(1743055175.178:8828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7246 comm="syz.4.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0f66dd169 code=0x7ffc0000 [ 111.417695][ T7288] netlink: 'syz.4.1392': attribute type 3 has an invalid length. [ 111.572540][ T7293] loop4: detected capacity change from 0 to 1024 [ 111.607624][ T7293] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 111.620076][ T7293] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 111.751435][ T7293] JBD2: no valid journal superblock found [ 111.758915][ T7293] EXT4-fs (loop4): Could not load journal inode [ 112.023166][ T7324] FAULT_INJECTION: forcing a failure. [ 112.023166][ T7324] name failslab, interval 1, probability 0, space 0, times 0 [ 112.035868][ T7324] CPU: 0 UID: 0 PID: 7324 Comm: syz.3.1407 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 112.035896][ T7324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 112.035909][ T7324] Call Trace: [ 112.035944][ T7324] [ 112.035994][ T7324] dump_stack_lvl+0xf6/0x150 [ 112.036017][ T7324] dump_stack+0x15/0x1a [ 112.036034][ T7324] should_fail_ex+0x261/0x270 [ 112.036131][ T7324] should_failslab+0x8f/0xb0 [ 112.036188][ T7324] __kmalloc_cache_noprof+0x55/0x320 [ 112.036214][ T7324] ? proc_cgroup_show+0x3f/0x660 [ 112.036308][ T7324] proc_cgroup_show+0x3f/0x660 [ 112.036332][ T7324] ? __rcu_read_unlock+0x4e/0x70 [ 112.036358][ T7324] proc_single_show+0x89/0x100 [ 112.036392][ T7324] traverse+0x155/0x3c0 [ 112.036472][ T7324] seq_read_iter+0x89f/0x970 [ 112.036498][ T7324] ? _parse_integer+0x27/0x30 [ 112.036538][ T7324] ? kstrtoull+0x115/0x140 [ 112.036652][ T7324] seq_read+0x1fa/0x240 [ 112.036714][ T7324] vfs_readv+0x3e5/0x660 [ 112.036737][ T7324] ? __pfx_seq_read+0x10/0x10 [ 112.036772][ T7324] __x64_sys_preadv+0xf9/0x1c0 [ 112.036791][ T7324] x64_sys_call+0x1410/0x2e10 [ 112.036856][ T7324] do_syscall_64+0xc9/0x1c0 [ 112.036884][ T7324] ? clear_bhb_loop+0x25/0x80 [ 112.036905][ T7324] ? clear_bhb_loop+0x25/0x80 [ 112.036926][ T7324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.037021][ T7324] RIP: 0033:0x7f683634d169 [ 112.037036][ T7324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.037054][ T7324] RSP: 002b:00007f68349b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 112.037072][ T7324] RAX: ffffffffffffffda RBX: 00007f6836565fa0 RCX: 00007f683634d169 [ 112.037084][ T7324] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000004 [ 112.037096][ T7324] RBP: 00007f68349b7090 R08: 0000000000000000 R09: 0000000000000000 [ 112.037108][ T7324] R10: 0000000000000131 R11: 0000000000000246 R12: 0000000000000001 [ 112.037119][ T7324] R13: 0000000000000000 R14: 00007f6836565fa0 R15: 00007ffdbdbde568 [ 112.037161][ T7324] [ 112.415755][ T7332] netlink: 'syz.3.1410': attribute type 3 has an invalid length. [ 112.547437][ T7342] netlink: 'syz.2.1413': attribute type 3 has an invalid length. [ 112.656473][ T3376] hid-generic 0005:FFFFFFFE:0000.0001: unknown main item tag 0x0 [ 112.664634][ T3376] hid-generic 0005:FFFFFFFE:0000.0001: unknown main item tag 0x0 [ 112.672412][ T3376] hid-generic 0005:FFFFFFFE:0000.0001: unknown main item tag 0x0 [ 112.680243][ T3376] hid-generic 0005:FFFFFFFE:0000.0001: unknown main item tag 0x0 [ 112.688060][ T3376] hid-generic 0005:FFFFFFFE:0000.0001: unknown main item tag 0x0 [ 112.695841][ T3376] hid-generic 0005:FFFFFFFE:0000.0001: unknown main item tag 0x0 [ 112.703719][ T3376] hid-generic 0005:FFFFFFFE:0000.0001: unknown main item tag 0x0 [ 112.711495][ T3376] hid-generic 0005:FFFFFFFE:0000.0001: unknown main item tag 0x0 [ 112.719417][ T3376] hid-generic 0005:FFFFFFFE:0000.0001: item fetching failed at offset 8/43 [ 112.728451][ T3376] hid-generic 0005:FFFFFFFE:0000.0001: probe with driver hid-generic failed with error -22 [ 112.817503][ T7354] loop2: detected capacity change from 0 to 1024 [ 112.832430][ T7354] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 112.845031][ T7354] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 112.880520][ T7354] JBD2: no valid journal superblock found [ 112.887871][ T7354] EXT4-fs (loop2): Could not load journal inode [ 112.950106][ T7358] batadv_slave_1: entered promiscuous mode [ 112.960004][ T7358] batadv_slave_1: left promiscuous mode [ 113.023740][ T7360] program syz.2.1421 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 113.097343][ T7367] netlink: 'syz.2.1423': attribute type 3 has an invalid length. [ 113.439528][ T7382] loop3: detected capacity change from 0 to 512 [ 113.478064][ T7382] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1427: bg 0: block 248: padding at end of block bitmap is not set [ 113.494541][ T7382] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.1427: Failed to acquire dquot type 1 [ 113.507902][ T7382] EXT4-fs (loop3): 1 truncate cleaned up [ 113.514179][ T7382] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.526872][ T7382] ext4 filesystem being mounted at /285/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 113.589546][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.788062][ T7398] loop4: detected capacity change from 0 to 512 [ 114.040784][ T7405] program syz.0.1432 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 114.680318][ T7398] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 114.694887][ T7398] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.707640][ T7398] ext4 filesystem being mounted at /280/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 115.567562][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.650379][ T29] kauditd_printk_skb: 347 callbacks suppressed [ 115.650395][ T29] audit: type=1400 audit(1743055180.008:9174): avc: denied { ioctl } for pid=7435 comm="syz.4.1446" path="socket:[19635]" dev="sockfs" ino=19635 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 115.707021][ T7436] loop2: detected capacity change from 0 to 4096 [ 115.752381][ T7436] EXT4-fs: Ignoring removed orlov option [ 115.758115][ T7436] EXT4-fs: Ignoring removed nomblk_io_submit option [ 115.781403][ T7436] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.802518][ T29] audit: type=1400 audit(1743055180.168:9175): avc: denied { read } for pid=7433 comm="syz.2.1445" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 115.824920][ T29] audit: type=1400 audit(1743055180.168:9176): avc: denied { open } for pid=7433 comm="syz.2.1445" path="/289/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 115.851376][ T29] audit: type=1400 audit(1743055180.208:9177): avc: denied { ioctl } for pid=7433 comm="syz.2.1445" path="/289/file1/file1" dev="loop2" ino=15 ioctlcmd=0x660c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 115.936536][ T7436] vhci_hcd: invalid port number 15 [ 115.941746][ T7436] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 115.976718][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.005035][ T29] audit: type=1326 audit(1743055180.368:9178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7445 comm="syz.2.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f582877d169 code=0x7ffc0000 [ 116.028715][ T29] audit: type=1326 audit(1743055180.368:9179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7445 comm="syz.2.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f582877d169 code=0x7ffc0000 [ 116.052164][ T29] audit: type=1326 audit(1743055180.368:9180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7445 comm="syz.2.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f582877d169 code=0x7ffc0000 [ 116.052941][ T7446] loop2: detected capacity change from 0 to 1024 [ 116.075592][ T29] audit: type=1326 audit(1743055180.368:9181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7445 comm="syz.2.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f582877d169 code=0x7ffc0000 [ 116.105376][ T29] audit: type=1326 audit(1743055180.368:9182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7445 comm="syz.2.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f582877d169 code=0x7ffc0000 [ 116.112178][ T7446] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 116.128816][ T29] audit: type=1326 audit(1743055180.368:9183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7445 comm="syz.2.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f582877d169 code=0x7ffc0000 [ 116.203713][ T7446] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 116.211933][ T7446] EXT4-fs (loop2): orphan cleanup on readonly fs [ 116.229447][ T7456] syz0: rxe_newlink: already configured on bond0 [ 116.236595][ T7456] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1453'. [ 116.246659][ T7456] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 116.262265][ T7456] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 116.282625][ T7446] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 116.300157][ T7446] EXT4-fs (loop2): Remounting filesystem read-only [ 116.308760][ T7458] loop3: detected capacity change from 0 to 512 [ 116.317657][ T7446] EXT4-fs (loop2): 1 orphan inode deleted [ 116.324144][ T7458] EXT4-fs: Ignoring removed nomblk_io_submit option [ 116.331174][ T7446] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 116.334480][ T7458] EXT4-fs: Ignoring removed mblk_io_submit option [ 116.349846][ T7446] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 116.356960][ T7446] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.367390][ T7458] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 116.375716][ T7458] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 116.385991][ T7458] EXT4-fs (loop3): 1 truncate cleaned up [ 116.392163][ T7458] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.407262][ T7458] EXT4-fs error (device loop3): ext4_map_blocks:671: inode #2: block 4: comm syz.3.1454: lblock 0 mapped to illegal pblock 4 (length 1) [ 116.430940][ T7458] EXT4-fs (loop3): Remounting filesystem read-only [ 116.449076][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.476838][ T7465] netlink: 'syz.2.1458': attribute type 3 has an invalid length. [ 116.626236][ T7486] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1466'. [ 116.666119][ T7491] FAULT_INJECTION: forcing a failure. [ 116.666119][ T7491] name failslab, interval 1, probability 0, space 0, times 0 [ 116.680219][ T7491] CPU: 1 UID: 0 PID: 7491 Comm: syz.2.1467 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 116.680331][ T7491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 116.680347][ T7491] Call Trace: [ 116.680354][ T7491] [ 116.680362][ T7491] dump_stack_lvl+0xf6/0x150 [ 116.680389][ T7491] dump_stack+0x15/0x1a [ 116.680406][ T7491] should_fail_ex+0x261/0x270 [ 116.680469][ T7491] should_failslab+0x8f/0xb0 [ 116.680528][ T7491] kmem_cache_alloc_noprof+0x59/0x340 [ 116.680630][ T7491] ? skb_clone+0x154/0x1f0 [ 116.680655][ T7491] skb_clone+0x154/0x1f0 [ 116.680681][ T7491] __netlink_deliver_tap+0x2bd/0x4f0 [ 116.680774][ T7491] netlink_unicast+0x69e/0x6c0 [ 116.680849][ T7491] netlink_sendmsg+0x609/0x720 [ 116.680880][ T7491] ? __pfx_netlink_sendmsg+0x10/0x10 [ 116.680906][ T7491] __sock_sendmsg+0x140/0x180 [ 116.680967][ T7491] ____sys_sendmsg+0x350/0x4e0 [ 116.681004][ T7491] __sys_sendmsg+0x1a0/0x240 [ 116.681036][ T7491] __x64_sys_sendmsg+0x46/0x50 [ 116.681126][ T7491] x64_sys_call+0x26f3/0x2e10 [ 116.681145][ T7491] do_syscall_64+0xc9/0x1c0 [ 116.681170][ T7491] ? clear_bhb_loop+0x25/0x80 [ 116.681191][ T7491] ? clear_bhb_loop+0x25/0x80 [ 116.681218][ T7491] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.681289][ T7491] RIP: 0033:0x7f582877d169 [ 116.681305][ T7491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.681322][ T7491] RSP: 002b:00007f5826ddf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 116.681340][ T7491] RAX: ffffffffffffffda RBX: 00007f5828995fa0 RCX: 00007f582877d169 [ 116.681351][ T7491] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000009 [ 116.681398][ T7491] RBP: 00007f5826ddf090 R08: 0000000000000000 R09: 0000000000000000 [ 116.681409][ T7491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 116.681419][ T7491] R13: 0000000000000000 R14: 00007f5828995fa0 R15: 00007ffc62eff968 [ 116.681435][ T7491] [ 116.684229][ T7491] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1467'. [ 116.932597][ T7491] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1467'. [ 116.942664][ T7491] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1467'. [ 116.997470][ T7491] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1467'. [ 117.006877][ T7491] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1467'. [ 117.011711][ T7501] netlink: 'syz.0.1470': attribute type 3 has an invalid length. [ 117.018012][ T7491] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1467'. [ 117.066677][ T7491] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1467'. [ 117.079519][ T7491] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1467'. [ 117.128855][ T7513] netlink: 'syz.2.1474': attribute type 4 has an invalid length. [ 117.181940][ T7523] loop1: detected capacity change from 0 to 512 [ 117.205958][ T7523] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1478: bg 0: block 248: padding at end of block bitmap is not set [ 117.224280][ T7523] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.1478: Failed to acquire dquot type 1 [ 117.236365][ T7523] EXT4-fs (loop1): 1 truncate cleaned up [ 117.242482][ T7523] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.255276][ T7523] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.292846][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.334692][ T7534] netlink: 'syz.1.1481': attribute type 3 has an invalid length. [ 117.376710][ T7538] netlink: 'syz.1.1482': attribute type 3 has an invalid length. [ 117.609563][ T7551] netlink: 'syz.1.1487': attribute type 4 has an invalid length. [ 118.218660][ T7587] loop3: detected capacity change from 0 to 1024 [ 118.240869][ T7587] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 118.254607][ T7587] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 118.275658][ T7591] FAULT_INJECTION: forcing a failure. [ 118.275658][ T7591] name failslab, interval 1, probability 0, space 0, times 0 [ 118.288531][ T7591] CPU: 0 UID: 0 PID: 7591 Comm: syz.0.1504 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 118.288608][ T7591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 118.288688][ T7591] Call Trace: [ 118.288696][ T7591] [ 118.288704][ T7591] dump_stack_lvl+0xf6/0x150 [ 118.288732][ T7591] dump_stack+0x15/0x1a [ 118.288751][ T7591] should_fail_ex+0x261/0x270 [ 118.288780][ T7591] should_failslab+0x8f/0xb0 [ 118.288844][ T7591] __kmalloc_cache_noprof+0x55/0x320 [ 118.288877][ T7591] ? __hw_addr_add_ex+0x15a/0x430 [ 118.288916][ T7591] __hw_addr_add_ex+0x15a/0x430 [ 118.289026][ T7591] dev_addr_init+0xb7/0x130 [ 118.289052][ T7591] ? stack_depot_init+0x55/0x1d0 [ 118.289070][ T7591] ? __pfx_vlan_setup+0x10/0x10 [ 118.289112][ T7591] alloc_netdev_mqs+0x225/0xab0 [ 118.289140][ T7591] rtnl_create_link+0x232/0x720 [ 118.289180][ T7591] rtnl_newlink_create+0x135/0x5e0 [ 118.289240][ T7591] ? ns_capable+0x7d/0xb0 [ 118.289263][ T7591] ? netlink_ns_capable+0x88/0xa0 [ 118.289316][ T7591] rtnl_newlink+0xeea/0x1280 [ 118.289350][ T7591] ? __rcu_read_unlock+0x34/0x70 [ 118.289385][ T7591] ? bpf_trace_run3+0x134/0x1d0 [ 118.289408][ T7591] ? __memcg_slab_free_hook+0xc9/0x1e0 [ 118.289440][ T7591] ? __rcu_read_unlock+0x4e/0x70 [ 118.289493][ T7591] ? avc_has_perm_noaudit+0x1cc/0x210 [ 118.289530][ T7591] ? selinux_capable+0x1f9/0x260 [ 118.289573][ T7591] ? security_capable+0x81/0x90 [ 118.289600][ T7591] ? ns_capable+0x7d/0xb0 [ 118.289699][ T7591] ? __pfx_rtnl_newlink+0x10/0x10 [ 118.289728][ T7591] rtnetlink_rcv_msg+0x65a/0x740 [ 118.289773][ T7591] ? should_fail_ex+0xd7/0x270 [ 118.289797][ T7591] ? ref_tracker_free+0x3b8/0x420 [ 118.289825][ T7591] netlink_rcv_skb+0x12f/0x230 [ 118.289858][ T7591] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 118.289954][ T7591] rtnetlink_rcv+0x1c/0x30 [ 118.289976][ T7591] netlink_unicast+0x605/0x6c0 [ 118.290003][ T7591] netlink_sendmsg+0x609/0x720 [ 118.290073][ T7591] ? __pfx_netlink_sendmsg+0x10/0x10 [ 118.290113][ T7591] __sock_sendmsg+0x140/0x180 [ 118.290143][ T7591] ____sys_sendmsg+0x350/0x4e0 [ 118.290168][ T7591] __sys_sendmsg+0x1a0/0x240 [ 118.290222][ T7591] __x64_sys_sendmsg+0x46/0x50 [ 118.290248][ T7591] x64_sys_call+0x26f3/0x2e10 [ 118.290275][ T7591] do_syscall_64+0xc9/0x1c0 [ 118.290309][ T7591] ? clear_bhb_loop+0x25/0x80 [ 118.290336][ T7591] ? clear_bhb_loop+0x25/0x80 [ 118.290359][ T7591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.290422][ T7591] RIP: 0033:0x7f709ef2d169 [ 118.290441][ T7591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.290464][ T7591] RSP: 002b:00007f709d58f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 118.290487][ T7591] RAX: ffffffffffffffda RBX: 00007f709f145fa0 RCX: 00007f709ef2d169 [ 118.290503][ T7591] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000e [ 118.290518][ T7591] RBP: 00007f709d58f090 R08: 0000000000000000 R09: 0000000000000000 [ 118.290530][ T7591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 118.290558][ T7591] R13: 0000000000000000 R14: 00007f709f145fa0 R15: 00007ffe22b33828 [ 118.290579][ T7591] [ 118.622378][ T7587] JBD2: no valid journal superblock found [ 118.629808][ T7587] EXT4-fs (loop3): Could not load journal inode [ 118.637122][ T7594] FAULT_INJECTION: forcing a failure. [ 118.637122][ T7594] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 118.637151][ T7594] CPU: 0 UID: 0 PID: 7594 Comm: syz.0.1505 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 118.637183][ T7594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 118.637198][ T7594] Call Trace: [ 118.637205][ T7594] [ 118.637213][ T7594] dump_stack_lvl+0xf6/0x150 [ 118.637293][ T7594] dump_stack+0x15/0x1a [ 118.637313][ T7594] should_fail_ex+0x261/0x270 [ 118.637341][ T7594] should_fail+0xb/0x10 [ 118.637366][ T7594] should_fail_usercopy+0x1a/0x20 [ 118.637413][ T7594] _copy_from_iter+0xd8/0xd10 [ 118.637521][ T7594] ? kmalloc_reserve+0x16e/0x190 [ 118.637565][ T7594] ? __build_skb_around+0x199/0x1f0 [ 118.637606][ T7594] ? __alloc_skb+0x227/0x320 [ 118.637690][ T7594] ? __virt_addr_valid+0x1ed/0x250 [ 118.637759][ T7594] ? __check_object_size+0x367/0x510 [ 118.637795][ T7594] netlink_sendmsg+0x492/0x720 [ 118.637837][ T7594] ? __pfx_netlink_sendmsg+0x10/0x10 [ 118.637899][ T7594] __sock_sendmsg+0x140/0x180 [ 118.637942][ T7594] ____sys_sendmsg+0x350/0x4e0 [ 118.637972][ T7594] __sys_sendmsg+0x1a0/0x240 [ 118.638086][ T7594] __x64_sys_sendmsg+0x46/0x50 [ 118.638113][ T7594] x64_sys_call+0x26f3/0x2e10 [ 118.638139][ T7594] do_syscall_64+0xc9/0x1c0 [ 118.638195][ T7594] ? clear_bhb_loop+0x25/0x80 [ 118.638222][ T7594] ? clear_bhb_loop+0x25/0x80 [ 118.638250][ T7594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.638276][ T7594] RIP: 0033:0x7f709ef2d169 [ 118.638295][ T7594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.638322][ T7594] RSP: 002b:00007f709d58f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 118.638345][ T7594] RAX: ffffffffffffffda RBX: 00007f709f145fa0 RCX: 00007f709ef2d169 [ 118.638361][ T7594] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000006 [ 118.638427][ T7594] RBP: 00007f709d58f090 R08: 0000000000000000 R09: 0000000000000000 [ 118.638443][ T7594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 118.638458][ T7594] R13: 0000000000000000 R14: 00007f709f145fa0 R15: 00007ffe22b33828 [ 118.638480][ T7594] [ 118.807762][ T7596] rdma_rxe: rxe_newlink: failed to add bond0 [ 118.896986][ T7595] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 118.908384][ T7595] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 118.973105][ T7608] netlink: 'syz.1.1512': attribute type 4 has an invalid length. [ 118.975288][ T7607] netlink: 'syz.3.1510': attribute type 4 has an invalid length. [ 119.027076][ T7612] loop1: detected capacity change from 0 to 512 [ 119.044095][ T7612] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1515: bg 0: block 248: padding at end of block bitmap is not set [ 119.058868][ T7612] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.1515: Failed to acquire dquot type 1 [ 119.071144][ T7612] EXT4-fs (loop1): 1 truncate cleaned up [ 119.083806][ T7612] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.100210][ T7624] batadv_slave_1: entered promiscuous mode [ 119.109262][ T7624] batadv_slave_1: left promiscuous mode [ 119.151663][ T7612] ext4 filesystem being mounted at /326/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.271680][ T7628] loop3: detected capacity change from 0 to 1024 [ 119.286836][ T7628] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 119.298835][ T7628] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 119.325144][ T7628] JBD2: no valid journal superblock found [ 119.332478][ T7628] EXT4-fs (loop3): Could not load journal inode [ 119.374535][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.441925][ T7649] x_tables: unsorted underflow at hook 4 [ 119.488981][ T7654] loop4: detected capacity change from 0 to 1024 [ 119.503551][ T7654] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.550349][ T7654] Cannot find set identified by id 0 to match [ 119.552257][ T7661] netlink: 'syz.1.1533': attribute type 3 has an invalid length. [ 119.569981][ T7664] loop2: detected capacity change from 0 to 128 [ 119.584905][ T7664] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 119.597834][ T7664] ext4 filesystem being mounted at /303/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 119.847091][ T7676] loop1: detected capacity change from 0 to 1024 [ 119.857050][ T7676] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 119.869581][ T7676] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 119.884043][ T7676] JBD2: no valid journal superblock found [ 119.890189][ T7676] EXT4-fs (loop1): Could not load journal inode [ 119.987501][ T3302] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 120.006857][ T7680] loop2: detected capacity change from 0 to 512 [ 120.023848][ T7680] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1539: bg 0: block 248: padding at end of block bitmap is not set [ 120.051032][ T7680] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1539: Failed to acquire dquot type 1 [ 120.065069][ T7680] EXT4-fs (loop2): 1 truncate cleaned up [ 120.068438][ T7684] rdma_rxe: rxe_newlink: failed to add bond0 [ 120.071220][ T7680] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.078529][ T7684] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.092232][ T7680] ext4 filesystem being mounted at /304/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 120.097897][ T7684] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.136716][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.158240][ T7686] batadv_slave_1: entered promiscuous mode [ 120.164547][ T7686] batadv_slave_1: left promiscuous mode [ 120.297528][ T7700] syzkaller1: entered promiscuous mode [ 120.303271][ T7700] syzkaller1: entered allmulticast mode [ 120.345372][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.439334][ T7712] batadv_slave_1: entered promiscuous mode [ 120.445985][ T7712] batadv_slave_1: left promiscuous mode [ 120.657318][ T7734] syzkaller1: entered promiscuous mode [ 120.663044][ T7734] syzkaller1: entered allmulticast mode [ 120.699343][ T29] kauditd_printk_skb: 577 callbacks suppressed [ 120.699358][ T29] audit: type=1326 audit(1743055185.058:9751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.0.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709ef2d169 code=0x7ffc0000 [ 120.732460][ T29] audit: type=1326 audit(1743055185.078:9752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7730 comm="syz.0.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709ef2d169 code=0x7ffc0000 [ 120.737789][ T7738] loop3: detected capacity change from 0 to 512 [ 120.790335][ T7738] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.803480][ T7738] ext4 filesystem being mounted at /316/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 120.815390][ T29] audit: type=1400 audit(1743055185.188:9753): avc: denied { write } for pid=7737 comm="syz.3.1564" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 121.015775][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.052528][ T7746] batadv_slave_1: entered promiscuous mode [ 121.059021][ T7746] batadv_slave_1: left promiscuous mode [ 121.134203][ T29] audit: type=1326 audit(1743055185.498:9754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7751 comm="syz.3.1569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 121.161337][ T29] audit: type=1326 audit(1743055185.498:9755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7751 comm="syz.3.1569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 121.185070][ T29] audit: type=1326 audit(1743055185.518:9756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7751 comm="syz.3.1569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 121.208870][ T29] audit: type=1326 audit(1743055185.518:9757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7751 comm="syz.3.1569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 121.232358][ T29] audit: type=1326 audit(1743055185.518:9758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7751 comm="syz.3.1569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 121.255891][ T29] audit: type=1326 audit(1743055185.518:9759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7751 comm="syz.3.1569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 121.279418][ T29] audit: type=1326 audit(1743055185.538:9760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7751 comm="syz.3.1569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 121.349701][ T7762] rdma_rxe: rxe_newlink: failed to add bond0 [ 121.351676][ T7761] loop2: detected capacity change from 0 to 1024 [ 121.358954][ T7762] __nla_validate_parse: 9 callbacks suppressed [ 121.358972][ T7762] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1574'. [ 121.380384][ T7766] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1575'. [ 121.393052][ T7761] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.409663][ T7770] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 121.418899][ T7770] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 121.427157][ T7766] syzkaller1: entered promiscuous mode [ 121.432708][ T7766] syzkaller1: entered allmulticast mode [ 121.442417][ T7769] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1576'. [ 121.470209][ T7772] batadv_slave_1: entered promiscuous mode [ 121.476705][ T7772] batadv_slave_1: left promiscuous mode [ 121.679573][ T7799] batadv_slave_1: entered promiscuous mode [ 121.686004][ T7799] batadv_slave_1: left promiscuous mode [ 121.735439][ T7806] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1592'. [ 121.849094][ T7814] loop1: detected capacity change from 0 to 1024 [ 121.856909][ T7814] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 121.868873][ T7814] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 121.877227][ T7814] EXT4-fs (loop1): orphan cleanup on readonly fs [ 121.888575][ T7814] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 121.898510][ T7814] EXT4-fs (loop1): Remounting filesystem read-only [ 121.905370][ T7814] EXT4-fs (loop1): 1 orphan inode deleted [ 121.911718][ T7814] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 121.923832][ T7814] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 121.930952][ T7814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.973598][ T7822] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1597'. [ 122.062814][ T7833] loop4: detected capacity change from 0 to 1024 [ 122.070182][ T7833] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 122.083587][ T7833] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 122.085391][ T7838] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1604'. [ 122.091777][ T7833] EXT4-fs (loop4): orphan cleanup on readonly fs [ 122.109483][ T7833] EXT4-fs warning (device loop4): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 122.124872][ T7833] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 122.131823][ T7833] EXT4-fs error (device loop4): ext4_free_blocks:6589: comm syz.4.1603: Freeing blocks not in datazone - block = 0, count = 4096 [ 122.145924][ T7833] EXT4-fs (loop4): Remounting filesystem read-only [ 122.152579][ T7833] EXT4-fs (loop4): 1 orphan inode deleted [ 122.158896][ T7833] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 122.171460][ T7833] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 122.178555][ T7833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.209208][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.240909][ T7846] loop4: detected capacity change from 0 to 512 [ 122.248109][ T7846] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 122.259747][ T7846] EXT4-fs (loop4): 1 orphan inode deleted [ 122.265693][ T7846] EXT4-fs (loop4): 1 truncate cleaned up [ 122.274723][ T7846] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.303870][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.329614][ T7854] netlink: '+}[@': attribute type 1 has an invalid length. [ 122.337015][ T7854] netlink: 16 bytes leftover after parsing attributes in process `+}[@'. [ 122.390001][ T7858] loop4: detected capacity change from 0 to 1024 [ 122.395498][ T7860] loop1: detected capacity change from 0 to 1024 [ 122.397901][ T7858] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 122.406741][ T7860] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 122.424634][ T7858] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 122.433033][ T7858] EXT4-fs (loop4): orphan cleanup on readonly fs [ 122.434114][ T7860] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 122.447580][ T7860] EXT4-fs (loop1): orphan cleanup on readonly fs [ 122.450093][ T7858] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 122.465921][ T7860] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 122.466490][ T7858] EXT4-fs (loop4): Remounting filesystem read-only [ 122.482531][ T7858] EXT4-fs (loop4): 1 orphan inode deleted [ 122.488324][ T7860] EXT4-fs (loop1): Remounting filesystem read-only [ 122.495132][ T7860] EXT4-fs (loop1): 1 orphan inode deleted [ 122.502995][ T7858] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 122.516091][ T7860] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 122.530304][ T7860] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 122.534225][ T7858] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 122.543818][ T7860] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.544572][ T7858] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.567225][ T7868] netlink: 'syz.0.1615': attribute type 3 has an invalid length. [ 122.607755][ T7872] loop2: detected capacity change from 0 to 512 [ 122.652738][ T7872] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.662521][ T7880] batadv_slave_1: entered promiscuous mode [ 122.665369][ T7872] ext4 filesystem being mounted at /315/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 122.687472][ T7880] batadv_slave_1: left promiscuous mode [ 122.765785][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.806213][ T7892] batadv_slave_1: entered promiscuous mode [ 122.809671][ T7894] loop1: detected capacity change from 0 to 512 [ 122.812614][ T7892] batadv_slave_1: left promiscuous mode [ 122.823037][ T7894] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 122.839567][ T7894] EXT4-fs (loop1): 1 orphan inode deleted [ 122.845390][ T7894] EXT4-fs (loop1): 1 truncate cleaned up [ 122.851531][ T7894] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.889972][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.912954][ T7900] netlink: 'syz.2.1626': attribute type 3 has an invalid length. [ 122.939701][ T7906] loop4: detected capacity change from 0 to 1024 [ 122.952999][ T7906] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 122.966038][ T7911] loop1: detected capacity change from 0 to 512 [ 122.974909][ T7906] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 122.981457][ T7915] loop2: detected capacity change from 0 to 512 [ 122.983155][ T7906] EXT4-fs (loop4): orphan cleanup on readonly fs [ 123.005798][ T7906] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 123.006575][ T7911] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.022185][ T7906] EXT4-fs (loop4): Remounting filesystem read-only [ 123.030562][ T7911] ext4 filesystem being mounted at /355/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 123.045033][ T7906] EXT4-fs (loop4): 1 orphan inode deleted [ 123.051316][ T7906] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 123.065714][ T7906] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 123.072769][ T7906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.083779][ T7915] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1630: bg 0: block 248: padding at end of block bitmap is not set [ 123.142285][ T7925] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1634'. [ 123.168142][ T7915] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1630: Failed to acquire dquot type 1 [ 123.199817][ T7915] EXT4-fs (loop2): 1 truncate cleaned up [ 123.209429][ T7915] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.224520][ T7915] ext4 filesystem being mounted at /318/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 123.280336][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.307236][ T7933] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1637'. [ 123.320581][ T7934] loop3: detected capacity change from 0 to 512 [ 123.352336][ T7936] batadv_slave_1: entered promiscuous mode [ 123.356136][ T7934] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.358602][ T7936] batadv_slave_1: left promiscuous mode [ 123.391178][ T7934] ext4 filesystem being mounted at /336/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 123.449567][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.514770][ T7942] rdma_rxe: rxe_newlink: failed to add bond0 [ 123.533525][ T7944] loop1: detected capacity change from 0 to 1024 [ 123.560941][ T7942] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1641'. [ 123.582964][ T7944] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 123.593915][ T7942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 123.612290][ T7942] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 123.620295][ T7944] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 123.628592][ T7944] EXT4-fs (loop1): orphan cleanup on readonly fs [ 123.635450][ T7944] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 123.650169][ T7944] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 123.656177][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.666328][ T7944] EXT4-fs error (device loop1): ext4_free_blocks:6589: comm syz.1.1640: Freeing blocks not in datazone - block = 0, count = 4096 [ 123.682390][ T7944] EXT4-fs (loop1): Remounting filesystem read-only [ 123.688966][ T7944] EXT4-fs (loop1): 1 orphan inode deleted [ 123.695471][ T7944] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 123.715527][ T7944] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 123.738337][ T7944] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.810476][ T7960] netlink: 'syz.3.1648': attribute type 3 has an invalid length. [ 123.964274][ T7981] loop1: detected capacity change from 0 to 1024 [ 123.982952][ T7981] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 123.992627][ T7981] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 124.001674][ T7981] EXT4-fs (loop1): orphan cleanup on readonly fs [ 124.002471][ T7981] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 124.022334][ T7981] EXT4-fs (loop1): Remounting filesystem read-only [ 124.022499][ T7981] EXT4-fs (loop1): 1 orphan inode deleted [ 124.023202][ T7981] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 124.047252][ T7981] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 124.047649][ T7981] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.196206][ T7999] batadv_slave_1: entered promiscuous mode [ 124.204428][ T7999] batadv_slave_1: left promiscuous mode [ 124.330652][ T8010] loop1: detected capacity change from 0 to 1024 [ 124.340074][ T8010] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 124.351289][ T8010] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 124.359399][ T8010] EXT4-fs (loop1): orphan cleanup on readonly fs [ 124.366289][ T8010] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 124.380932][ T8010] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 124.387967][ T8010] EXT4-fs error (device loop1): ext4_free_blocks:6589: comm syz.1.1666: Freeing blocks not in datazone - block = 0, count = 4096 [ 124.401580][ T8010] EXT4-fs (loop1): Remounting filesystem read-only [ 124.408255][ T8010] EXT4-fs (loop1): 1 orphan inode deleted [ 124.423804][ T8010] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 124.436426][ T8010] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 124.443500][ T8010] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.470912][ T8013] loop3: detected capacity change from 0 to 1024 [ 124.478793][ T8013] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 124.490069][ T8013] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 124.498484][ T8013] EXT4-fs (loop3): orphan cleanup on readonly fs [ 124.502313][ T8013] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 124.515367][ T8013] EXT4-fs (loop3): Remounting filesystem read-only [ 124.515499][ T8013] EXT4-fs (loop3): 1 orphan inode deleted [ 124.532438][ T8013] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 124.544482][ T8013] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 124.544797][ T8013] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.613012][ T8023] rdma_rxe: rxe_newlink: failed to add bond0 [ 124.620226][ T8023] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 124.620280][ T8023] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 124.733721][ T8030] loop4: detected capacity change from 0 to 128 [ 124.740405][ T8030] EXT4-fs: Ignoring removed nobh option [ 124.747985][ T8030] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 124.760447][ T8030] ext4 filesystem being mounted at /311/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 124.777271][ T8030] serio: Serial port ptm0 [ 124.809665][ T8035] rdma_rxe: rxe_newlink: failed to add bond0 [ 124.817457][ T8035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 124.826437][ T8035] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 124.859211][ T3309] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 124.949562][ T8044] loop4: detected capacity change from 0 to 512 [ 124.956198][ T8044] EXT4-fs: Ignoring removed nomblk_io_submit option [ 124.962957][ T8044] EXT4-fs: Ignoring removed mblk_io_submit option [ 124.970652][ T8044] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 124.978815][ T8044] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 124.987536][ T8044] EXT4-fs (loop4): 1 truncate cleaned up [ 124.993879][ T8044] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.009129][ T8044] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #2: block 4: comm syz.4.1678: lblock 0 mapped to illegal pblock 4 (length 1) [ 125.031423][ T8044] EXT4-fs (loop4): Remounting filesystem read-only [ 125.051318][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.184629][ T8070] loop3: detected capacity change from 0 to 512 [ 125.197488][ T8069] serio: Serial port ptm0 [ 125.214185][ T8070] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.226833][ T8070] ext4 filesystem being mounted at /349/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 125.382411][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.438134][ T8089] loop1: detected capacity change from 0 to 1024 [ 125.445767][ T8089] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 125.456757][ T8089] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 125.464965][ T8089] EXT4-fs (loop1): orphan cleanup on readonly fs [ 125.471889][ T8089] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 125.481513][ T8089] EXT4-fs (loop1): Remounting filesystem read-only [ 125.490103][ T8089] EXT4-fs (loop1): 1 orphan inode deleted [ 125.496530][ T8089] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 125.508994][ T8089] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 125.572842][ T8095] batadv_slave_1: entered promiscuous mode [ 125.579312][ T8095] batadv_slave_1: left promiscuous mode [ 125.583944][ T8096] x_tables: unsorted underflow at hook 4 [ 125.655925][ T8098] loop1: detected capacity change from 0 to 1024 [ 125.665436][ T8098] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 125.676877][ T8098] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 125.689650][ T8098] JBD2: no valid journal superblock found [ 125.695978][ T8098] EXT4-fs (loop1): Could not load journal inode [ 125.836497][ T8108] loop1: detected capacity change from 0 to 512 [ 125.854124][ T8108] ext4 filesystem being mounted at /377/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 125.880210][ T29] kauditd_printk_skb: 778 callbacks suppressed [ 125.880228][ T29] audit: type=1326 audit(1743055190.238:10509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8111 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 125.910505][ T29] audit: type=1326 audit(1743055190.258:10510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8111 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 125.934299][ T29] audit: type=1326 audit(1743055190.258:10511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8111 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 125.957835][ T29] audit: type=1326 audit(1743055190.258:10512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8111 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 125.981485][ T29] audit: type=1326 audit(1743055190.258:10513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8111 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 126.005181][ T29] audit: type=1326 audit(1743055190.258:10514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8111 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 126.028873][ T29] audit: type=1326 audit(1743055190.258:10515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8111 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 126.052531][ T29] audit: type=1326 audit(1743055190.258:10516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8111 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 126.076087][ T29] audit: type=1326 audit(1743055190.258:10517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8111 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 126.099610][ T29] audit: type=1326 audit(1743055190.258:10518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8111 comm="syz.3.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 126.227991][ T8128] loop4: detected capacity change from 0 to 1024 [ 126.252893][ T8128] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 126.264885][ T8128] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 126.300920][ T8128] JBD2: no valid journal superblock found [ 126.308120][ T8128] EXT4-fs (loop4): Could not load journal inode [ 126.378231][ T8141] rdma_rxe: rxe_newlink: failed to add bond0 [ 126.385067][ T8141] __nla_validate_parse: 2 callbacks suppressed [ 126.385081][ T8141] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1717'. [ 126.401273][ T8144] x_tables: unsorted underflow at hook 4 [ 126.414198][ T8141] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 126.424865][ T8141] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 126.737947][ T8162] loop3: detected capacity change from 0 to 512 [ 126.794282][ T8162] ext4 filesystem being mounted at /356/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 127.154567][ T8189] loop1: detected capacity change from 0 to 1024 [ 127.161775][ T8191] x_tables: unsorted underflow at hook 4 [ 127.165904][ T8192] loop3: detected capacity change from 0 to 512 [ 127.175046][ T8189] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 127.186449][ T8189] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 127.195150][ T8189] EXT4-fs (loop1): orphan cleanup on readonly fs [ 127.202234][ T8189] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 127.213832][ T8189] EXT4-fs (loop1): Remounting filesystem read-only [ 127.214318][ T8192] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1737: bg 0: block 248: padding at end of block bitmap is not set [ 127.234945][ T8192] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.1737: Failed to acquire dquot type 1 [ 127.246612][ T8189] EXT4-fs (loop1): 1 orphan inode deleted [ 127.256207][ T8189] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 127.266054][ T8192] EXT4-fs (loop3): 1 truncate cleaned up [ 127.277634][ T8200] loop4: detected capacity change from 0 to 512 [ 127.281807][ T8192] ext4 filesystem being mounted at /358/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 127.316399][ T8200] ext4 filesystem being mounted at /322/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 127.447567][ T8208] loop1: detected capacity change from 0 to 1024 [ 127.462788][ T8208] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 127.485370][ T8208] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 127.529021][ T8208] JBD2: no valid journal superblock found [ 127.540500][ T8208] EXT4-fs (loop1): Could not load journal inode [ 127.576812][ T8222] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1748'. [ 127.821820][ T8240] loop1: detected capacity change from 0 to 1024 [ 127.829454][ T8240] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 127.842363][ T8240] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 127.850806][ T8240] EXT4-fs (loop1): orphan cleanup on readonly fs [ 127.858218][ T8240] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 127.868615][ T8240] EXT4-fs (loop1): Remounting filesystem read-only [ 127.875617][ T8240] EXT4-fs (loop1): 1 orphan inode deleted [ 127.882924][ T8240] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 127.902303][ T8246] x_tables: unsorted underflow at hook 4 [ 127.985028][ T8259] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1762'. [ 128.111650][ T8265] loop2: detected capacity change from 0 to 1024 [ 128.126706][ T8265] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 128.138875][ T8265] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 128.157095][ T8265] JBD2: no valid journal superblock found [ 128.163287][ T8265] EXT4-fs (loop2): Could not load journal inode [ 128.237184][ T8271] syz0: rxe_newlink: already configured on bond0 [ 128.254279][ T8271] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1769'. [ 128.270867][ T8271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 128.281564][ T8271] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 128.329413][ T8285] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1776'. [ 128.375391][ T8292] x_tables: unsorted underflow at hook 4 [ 128.403378][ T8294] loop1: detected capacity change from 0 to 512 [ 128.434263][ T8294] ext4 filesystem being mounted at /400/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 128.707465][ T8301] loop2: detected capacity change from 0 to 1024 [ 128.720591][ T8301] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 128.732623][ T8301] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 128.755421][ T8301] JBD2: no valid journal superblock found [ 128.762819][ T8301] EXT4-fs (loop2): Could not load journal inode [ 128.944756][ T8327] x_tables: unsorted underflow at hook 4 [ 128.959867][ T8326] loop2: detected capacity change from 0 to 512 [ 129.046895][ T8326] ext4 filesystem being mounted at /355/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 129.123254][ T8347] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1802'. [ 129.155591][ T8341] loop1: detected capacity change from 0 to 1024 [ 129.166564][ T8341] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 129.180012][ T8341] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 129.206727][ T8341] JBD2: no valid journal superblock found [ 129.216819][ T8341] EXT4-fs (loop1): Could not load journal inode [ 129.334060][ T8356] loop1: detected capacity change from 0 to 512 [ 129.354602][ T8357] x_tables: unsorted underflow at hook 4 [ 129.376251][ T8356] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1807: bg 0: block 248: padding at end of block bitmap is not set [ 129.414419][ T8356] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.1807: Failed to acquire dquot type 1 [ 129.440982][ T8356] EXT4-fs (loop1): 1 truncate cleaned up [ 129.465659][ T8356] ext4 filesystem being mounted at /407/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 129.564823][ T8380] batadv_slave_1: entered promiscuous mode [ 129.571066][ T8380] batadv_slave_1: left promiscuous mode [ 129.704027][ T8385] loop2: detected capacity change from 0 to 512 [ 129.743203][ T8385] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1816: bg 0: block 248: padding at end of block bitmap is not set [ 129.757962][ T8385] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1816: Failed to acquire dquot type 1 [ 129.772589][ T8385] EXT4-fs (loop2): 1 truncate cleaned up [ 129.778914][ T8385] ext4 filesystem being mounted at /362/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 129.839858][ T8392] netlink: 'syz.2.1818': attribute type 3 has an invalid length. [ 129.879463][ T8398] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1819'. [ 129.998654][ T8402] loop2: detected capacity change from 0 to 1024 [ 130.012906][ T8402] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 130.025568][ T8402] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 130.049395][ T8416] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1828'. [ 130.058577][ T8417] loop1: detected capacity change from 0 to 512 [ 130.066386][ T8402] JBD2: no valid journal superblock found [ 130.072977][ T8402] EXT4-fs (loop2): Could not load journal inode [ 130.114173][ T8417] ext4 filesystem being mounted at /412/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 130.159600][ T8428] netlink: 'syz.2.1833': attribute type 3 has an invalid length. [ 130.207822][ T8437] rdma_rxe: rxe_newlink: failed to add bond0 [ 130.216395][ T8437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1836'. [ 130.241363][ T8437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 130.252098][ T8437] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 130.281932][ T8447] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1840'. [ 130.374067][ T8459] loop3: detected capacity change from 0 to 512 [ 130.396081][ T8459] ext4 filesystem being mounted at /365/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 130.529288][ T8469] netlink: 'syz.0.1848': attribute type 3 has an invalid length. [ 130.794396][ T8500] netlink: 'syz.1.1861': attribute type 3 has an invalid length. [ 130.848972][ T8508] loop3: detected capacity change from 0 to 1024 [ 130.890202][ T29] kauditd_printk_skb: 509 callbacks suppressed [ 130.890219][ T29] audit: type=1326 audit(1743055195.238:11014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8507 comm="syz.3.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 130.922290][ T8508] Cannot find set identified by id 0 to match [ 130.955182][ T8526] syz0: rxe_newlink: already configured on bond0 [ 130.962977][ T8526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 130.965566][ T29] audit: type=1326 audit(1743055195.288:11015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8507 comm="syz.3.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 130.975442][ T8526] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 130.994887][ T29] audit: type=1326 audit(1743055195.288:11016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8507 comm="syz.3.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 131.026069][ T29] audit: type=1326 audit(1743055195.288:11017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8507 comm="syz.3.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 131.049833][ T29] audit: type=1326 audit(1743055195.288:11018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8507 comm="syz.3.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 131.073426][ T29] audit: type=1326 audit(1743055195.288:11019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8507 comm="syz.3.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 131.096963][ T29] audit: type=1326 audit(1743055195.288:11020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8507 comm="syz.3.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 131.120538][ T29] audit: type=1326 audit(1743055195.288:11021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8507 comm="syz.3.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 131.144102][ T29] audit: type=1326 audit(1743055195.288:11022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8507 comm="syz.3.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 131.167688][ T29] audit: type=1326 audit(1743055195.288:11023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8507 comm="syz.3.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 131.192889][ T8529] batadv_slave_1: entered promiscuous mode [ 131.205487][ T8528] batadv_slave_1: left promiscuous mode [ 131.215810][ T8524] syzkaller1: entered promiscuous mode [ 131.221430][ T8524] syzkaller1: entered allmulticast mode [ 131.336124][ T8540] x_tables: unsorted underflow at hook 4 [ 131.377749][ T8546] loop4: detected capacity change from 0 to 512 [ 131.394293][ T8546] ext4 filesystem being mounted at /344/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 131.701573][ T8574] loop3: detected capacity change from 0 to 512 [ 131.727884][ T8574] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1893: bg 0: block 248: padding at end of block bitmap is not set [ 131.745061][ T8574] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.1893: Failed to acquire dquot type 1 [ 131.758200][ T8574] EXT4-fs (loop3): 1 truncate cleaned up [ 131.766548][ T8574] ext4 filesystem being mounted at /376/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 131.811583][ T8579] __nla_validate_parse: 4 callbacks suppressed [ 131.811679][ T8579] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1894'. [ 131.900999][ T8583] loop3: detected capacity change from 0 to 1024 [ 131.911583][ T8583] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 131.924280][ T8583] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 131.932477][ T8583] EXT4-fs (loop3): orphan cleanup on readonly fs [ 131.939448][ T8583] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 131.949285][ T8583] EXT4-fs (loop3): Remounting filesystem read-only [ 131.956046][ T8583] EXT4-fs (loop3): 1 orphan inode deleted [ 131.964016][ T8583] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 132.006074][ T8597] loop1: detected capacity change from 0 to 1024 [ 132.014387][ T8597] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 132.025954][ T8597] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 132.037340][ T8597] EXT4-fs (loop1): orphan cleanup on readonly fs [ 132.045612][ T8597] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 132.060278][ T8597] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 132.072826][ T8597] EXT4-fs error (device loop1): ext4_free_blocks:6589: comm syz.1.1902: Freeing blocks not in datazone - block = 0, count = 4096 [ 132.087498][ T8597] EXT4-fs (loop1): Remounting filesystem read-only [ 132.095759][ T8597] EXT4-fs (loop1): 1 orphan inode deleted [ 132.101940][ T8606] loop3: detected capacity change from 0 to 512 [ 132.104389][ T8597] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 132.145779][ T8606] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1905: bg 0: block 248: padding at end of block bitmap is not set [ 132.160853][ T8606] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.1905: Failed to acquire dquot type 1 [ 132.176905][ T8606] EXT4-fs (loop3): 1 truncate cleaned up [ 132.183047][ T8606] ext4 filesystem being mounted at /382/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 132.235601][ T8616] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1909'. [ 132.262495][ T8616] syzkaller1: entered promiscuous mode [ 132.268223][ T8616] syzkaller1: entered allmulticast mode [ 132.425687][ T8631] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1916'. [ 132.471290][ T8633] loop2: detected capacity change from 0 to 1024 [ 132.480884][ T8633] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 132.492519][ T8633] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 132.500549][ T8633] EXT4-fs (loop2): orphan cleanup on readonly fs [ 132.515464][ T8625] loop4: detected capacity change from 0 to 1024 [ 132.518024][ T8633] EXT4-fs warning (device loop2): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 132.537022][ T8633] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 132.565702][ T8625] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 132.578395][ T8625] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 132.597926][ T8633] EXT4-fs error (device loop2): ext4_free_blocks:6589: comm syz.2.1917: Freeing blocks not in datazone - block = 0, count = 4096 [ 132.617168][ T8642] netlink: 'syz.0.1920': attribute type 3 has an invalid length. [ 132.624973][ T8633] EXT4-fs (loop2): Remounting filesystem read-only [ 132.631556][ T8633] EXT4-fs (loop2): 1 orphan inode deleted [ 132.637824][ T8633] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 132.665882][ T8625] JBD2: no valid journal superblock found [ 132.673068][ T8625] EXT4-fs (loop4): Could not load journal inode [ 132.744170][ T8656] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1925'. [ 132.762703][ T8654] rdma_rxe: rxe_newlink: failed to add bond0 [ 132.775417][ T8656] syzkaller1: entered promiscuous mode [ 132.780945][ T8656] syzkaller1: entered allmulticast mode [ 132.800413][ T8654] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1924'. [ 132.811902][ T8654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 132.825947][ T8658] loop2: detected capacity change from 0 to 1024 [ 132.832486][ T8654] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 132.841873][ T8658] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 132.859154][ T8658] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 132.867304][ T8658] EXT4-fs (loop2): orphan cleanup on readonly fs [ 132.874567][ T8658] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 132.884604][ T8658] EXT4-fs (loop2): Remounting filesystem read-only [ 132.891284][ T8658] EXT4-fs (loop2): 1 orphan inode deleted [ 132.897921][ T8658] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 132.990301][ T8677] batadv_slave_1: entered promiscuous mode [ 132.997988][ T8677] batadv_slave_1: left promiscuous mode [ 133.031757][ T8670] 9pnet_fd: Insufficient options for proto=fd [ 133.295995][ T8689] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1939'. [ 133.316140][ T8689] syzkaller1: entered promiscuous mode [ 133.321676][ T8689] syzkaller1: entered allmulticast mode [ 133.458007][ T8700] netlink: 'syz.0.1944': attribute type 3 has an invalid length. [ 133.480310][ T8704] loop1: detected capacity change from 0 to 1024 [ 133.488319][ T8704] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 133.512149][ T8704] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 133.526337][ T8704] EXT4-fs (loop1): orphan cleanup on readonly fs [ 133.541862][ T8704] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 133.556566][ T8704] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 133.566739][ T8704] EXT4-fs error (device loop1): ext4_free_blocks:6589: comm syz.1.1945: Freeing blocks not in datazone - block = 0, count = 4096 [ 133.581384][ T8704] EXT4-fs (loop1): Remounting filesystem read-only [ 133.591477][ T8704] EXT4-fs (loop1): 1 orphan inode deleted [ 133.598226][ T8704] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 133.613020][ T8713] loop3: detected capacity change from 0 to 1024 [ 133.627476][ T8713] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 133.639782][ T8713] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 133.682157][ T8713] JBD2: no valid journal superblock found [ 133.683153][ T8718] batadv_slave_1: entered promiscuous mode [ 133.688354][ T8713] EXT4-fs (loop3): Could not load journal inode [ 133.700663][ T8718] batadv_slave_1: left promiscuous mode [ 133.724847][ T8720] rdma_rxe: rxe_newlink: failed to add bond0 [ 133.731598][ T8720] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1951'. [ 133.742546][ T8720] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 133.751631][ T8720] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 133.765570][ T8726] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1952'. [ 133.795057][ T8726] syzkaller1: entered promiscuous mode [ 133.800625][ T8726] syzkaller1: entered allmulticast mode [ 133.841255][ T8734] netlink: 'syz.4.1958': attribute type 3 has an invalid length. [ 133.859389][ T8738] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1959'. [ 134.003857][ T8750] batadv_slave_1: entered promiscuous mode [ 134.010306][ T8750] batadv_slave_1: left promiscuous mode [ 134.089478][ T8759] loop3: detected capacity change from 0 to 1024 [ 134.098465][ T8759] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 134.109581][ T8759] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 134.117845][ T8759] EXT4-fs (loop3): orphan cleanup on readonly fs [ 134.125203][ T8759] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 134.135144][ T8759] EXT4-fs (loop3): Remounting filesystem read-only [ 134.141936][ T8759] EXT4-fs (loop3): 1 orphan inode deleted [ 134.148118][ T8759] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 134.209006][ T8766] netlink: 'syz.3.1971': attribute type 3 has an invalid length. [ 134.266068][ T8773] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1973'. [ 134.292547][ T8773] syzkaller1: entered promiscuous mode [ 134.298113][ T8773] syzkaller1: entered allmulticast mode [ 134.321087][ T8777] batadv_slave_1: entered promiscuous mode [ 134.327599][ T8777] batadv_slave_1: left promiscuous mode [ 134.484172][ T8789] loop3: detected capacity change from 0 to 512 [ 134.514654][ T8789] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1981: bg 0: block 248: padding at end of block bitmap is not set [ 134.530234][ T8789] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.1981: Failed to acquire dquot type 1 [ 134.548721][ T8789] EXT4-fs (loop3): 1 truncate cleaned up [ 134.558725][ T8789] ext4 filesystem being mounted at /405/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 134.569499][ T8794] netlink: 'syz.4.1982': attribute type 3 has an invalid length. [ 134.668306][ T8803] rdma_rxe: rxe_newlink: failed to add bond0 [ 134.677676][ T8803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 134.691546][ T8803] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 134.707441][ T8805] batadv_slave_1: entered promiscuous mode [ 134.716196][ T8805] batadv_slave_1: left promiscuous mode [ 134.757855][ T8809] syzkaller1: entered promiscuous mode [ 134.763525][ T8809] syzkaller1: entered allmulticast mode [ 134.816655][ T8821] netlink: 'syz.2.1994': attribute type 3 has an invalid length. [ 134.885959][ T8829] loop2: detected capacity change from 0 to 512 [ 134.898653][ T8825] 9pnet_fd: Insufficient options for proto=fd [ 134.907632][ T8829] ext4 filesystem being mounted at /385/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 134.983818][ T8841] batadv_slave_1: entered promiscuous mode [ 134.990326][ T8841] batadv_slave_1: left promiscuous mode [ 135.096025][ T8852] netlink: 'syz.1.2006': attribute type 3 has an invalid length. [ 135.219352][ T8859] syzkaller1: entered promiscuous mode [ 135.225068][ T8859] syzkaller1: entered allmulticast mode [ 135.244019][ T8862] loop4: detected capacity change from 0 to 1024 [ 135.254880][ T8862] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 135.276392][ T8862] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 135.286254][ T8862] EXT4-fs (loop4): orphan cleanup on readonly fs [ 135.296413][ T8862] EXT4-fs warning (device loop4): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 135.311082][ T8862] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 135.311338][ T8868] loop1: detected capacity change from 0 to 1024 [ 135.318363][ T8862] EXT4-fs error (device loop4): ext4_free_blocks:6589: comm syz.4.2009: Freeing blocks not in datazone - block = 0, count = 4096 [ 135.334844][ T8868] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 135.338271][ T8862] EXT4-fs (loop4): Remounting filesystem read-only [ 135.354750][ T8862] EXT4-fs (loop4): 1 orphan inode deleted [ 135.355192][ T8868] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 135.361008][ T8862] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 135.375736][ T8868] EXT4-fs (loop1): orphan cleanup on readonly fs [ 135.382957][ T8868] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 135.397810][ T8868] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 135.407646][ T8868] EXT4-fs error (device loop1): ext4_free_blocks:6589: comm syz.1.2011: Freeing blocks not in datazone - block = 0, count = 4096 [ 135.422148][ T8868] EXT4-fs (loop1): Remounting filesystem read-only [ 135.428797][ T8868] EXT4-fs (loop1): 1 orphan inode deleted [ 135.436882][ T8868] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 135.509051][ T8882] netlink: 'syz.1.2017': attribute type 3 has an invalid length. [ 135.537943][ T8887] x_tables: unsorted underflow at hook 4 [ 135.723667][ T8893] loop1: detected capacity change from 0 to 1024 [ 135.740008][ T8893] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 135.752806][ T8893] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 135.783436][ T8893] JBD2: no valid journal superblock found [ 135.789846][ T8893] EXT4-fs (loop1): Could not load journal inode [ 135.826942][ T8901] syzkaller1: entered promiscuous mode [ 135.832626][ T8901] syzkaller1: entered allmulticast mode [ 135.899814][ T8903] loop1: detected capacity change from 0 to 512 [ 135.914596][ T8903] ext4 filesystem being mounted at /452/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 135.946508][ T8910] loop3: detected capacity change from 0 to 512 [ 135.981724][ T8910] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2026: bg 0: block 248: padding at end of block bitmap is not set [ 135.996594][ T8910] __quota_error: 368 callbacks suppressed [ 135.996612][ T8910] Quota error (device loop3): write_blk: dquota write failed [ 136.010087][ T8910] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 136.020132][ T29] audit: type=1326 audit(1743055200.378:11374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8919 comm="syz.1.2030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61018dd169 code=0x7ffc0000 [ 136.043663][ T29] audit: type=1326 audit(1743055200.378:11375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8919 comm="syz.1.2030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61018dd169 code=0x7ffc0000 [ 136.052282][ T8910] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2026: Failed to acquire dquot type 1 [ 136.067519][ T29] audit: type=1326 audit(1743055200.378:11376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8919 comm="syz.1.2030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f61018dd169 code=0x7ffc0000 [ 136.102231][ T29] audit: type=1326 audit(1743055200.378:11377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8919 comm="syz.1.2030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61018dd169 code=0x7ffc0000 [ 136.108961][ T8910] EXT4-fs (loop3): 1 truncate cleaned up [ 136.125897][ T29] audit: type=1326 audit(1743055200.378:11378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8919 comm="syz.1.2030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61018dd169 code=0x7ffc0000 [ 136.155599][ T29] audit: type=1107 audit(1743055200.418:11379): pid=8921 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 136.169304][ T8910] ext4 filesystem being mounted at /413/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.195398][ T8928] loop2: detected capacity change from 0 to 1024 [ 136.205643][ T29] audit: type=1326 audit(1743055200.568:11380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8909 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 136.229658][ T8928] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 136.231791][ T29] audit: type=1326 audit(1743055200.568:11381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8909 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683634d169 code=0x7ffc0000 [ 136.264527][ T8928] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 136.275833][ T8928] EXT4-fs (loop2): orphan cleanup on readonly fs [ 136.282768][ T8928] EXT4-fs warning (device loop2): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 136.297530][ T8928] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 136.363162][ T8928] EXT4-fs error (device loop2): ext4_free_blocks:6589: comm syz.2.2034: Freeing blocks not in datazone - block = 0, count = 4096 [ 136.378237][ T8934] netlink: 'syz.3.2036': attribute type 3 has an invalid length. [ 136.386732][ T8932] loop1: detected capacity change from 0 to 1024 [ 136.392240][ T8928] EXT4-fs (loop2): Remounting filesystem read-only [ 136.401132][ T8928] EXT4-fs (loop2): 1 orphan inode deleted [ 136.407469][ T8928] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 136.427178][ T8932] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 136.441475][ T8932] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 136.505501][ T8932] JBD2: no valid journal superblock found [ 136.515300][ T8932] EXT4-fs (loop1): Could not load journal inode [ 136.534413][ T8949] batadv_slave_1: entered promiscuous mode [ 136.550593][ T8943] syzkaller1: entered promiscuous mode [ 136.556219][ T8943] syzkaller1: entered allmulticast mode [ 136.566556][ T8949] batadv_slave_1: left promiscuous mode [ 136.625243][ T8957] loop1: detected capacity change from 0 to 512 [ 136.644525][ T8957] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2046: bg 0: block 248: padding at end of block bitmap is not set [ 136.679898][ T8957] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.2046: Failed to acquire dquot type 1 [ 136.692521][ T8957] EXT4-fs (loop1): 1 truncate cleaned up [ 136.698885][ T8957] ext4 filesystem being mounted at /458/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.709867][ T8966] netlink: 'syz.3.2049': attribute type 3 has an invalid length. [ 136.815439][ T8981] batadv_slave_1: entered promiscuous mode [ 136.822676][ T8981] batadv_slave_1: left promiscuous mode [ 136.917475][ T8986] loop1: detected capacity change from 0 to 1024 [ 136.948048][ T8986] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 136.962343][ T8986] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 136.969229][ T9002] loop3: detected capacity change from 0 to 512 [ 136.984771][ T8986] JBD2: no valid journal superblock found [ 136.991349][ T8986] EXT4-fs (loop1): Could not load journal inode [ 137.002255][ T9004] __nla_validate_parse: 8 callbacks suppressed [ 137.002270][ T9004] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2065'. [ 137.034676][ T9002] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2064: bg 0: block 248: padding at end of block bitmap is not set [ 137.072283][ T9002] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2064: Failed to acquire dquot type 1 [ 137.084190][ T9012] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2068'. [ 137.099083][ T9002] EXT4-fs (loop3): 1 truncate cleaned up [ 137.111325][ T9002] ext4 filesystem being mounted at /426/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.116018][ T9014] netlink: 'syz.4.2069': attribute type 3 has an invalid length. [ 137.149785][ T9019] batadv_slave_1: entered promiscuous mode [ 137.161075][ T9019] batadv_slave_1: left promiscuous mode [ 137.275185][ T9037] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2079'. [ 137.341084][ T9045] rdma_rxe: rxe_newlink: failed to add bond0 [ 137.350040][ T9045] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2083'. [ 137.359737][ T9045] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 137.368382][ T9045] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 137.397893][ T9041] loop3: detected capacity change from 0 to 1024 [ 137.421847][ T9049] batadv_slave_1: entered promiscuous mode [ 137.429861][ T9041] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 137.430194][ T9049] batadv_slave_1: left promiscuous mode [ 137.450331][ T9041] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 137.475652][ T9041] JBD2: no valid journal superblock found [ 137.482727][ T9041] EXT4-fs (loop3): Could not load journal inode [ 137.530961][ T9057] loop2: detected capacity change from 0 to 1024 [ 137.538705][ T9057] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 137.541707][ T9060] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2090'. [ 137.552301][ T9057] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 137.573669][ T9057] EXT4-fs (loop2): orphan cleanup on readonly fs [ 137.586446][ T9063] 9pnet_fd: Insufficient options for proto=fd [ 137.592725][ T9057] EXT4-fs warning (device loop2): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 137.607383][ T9057] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 137.617181][ T9057] EXT4-fs error (device loop2): ext4_free_blocks:6589: comm syz.2.2088: Freeing blocks not in datazone - block = 0, count = 4096 [ 137.646121][ T9057] EXT4-fs (loop2): Remounting filesystem read-only [ 137.661542][ T9057] EXT4-fs (loop2): 1 orphan inode deleted [ 137.667976][ T9057] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 138.021129][ T9088] loop4: detected capacity change from 0 to 1024 [ 138.043664][ T9088] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 138.056103][ T9088] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 138.087402][ T9088] JBD2: no valid journal superblock found [ 138.093979][ T9088] EXT4-fs (loop4): Could not load journal inode [ 138.204625][ T9109] rdma_rxe: rxe_newlink: failed to add bond0 [ 138.211758][ T9109] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2112'. [ 138.222708][ T9109] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 138.231339][ T9109] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 138.261241][ T9113] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2114'. [ 138.288843][ T9116] loop3: detected capacity change from 0 to 1024 [ 138.347078][ T9116] EXT4-fs mount: 65 callbacks suppressed [ 138.347098][ T9116] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 138.388409][ T9116] FAULT_INJECTION: forcing a failure. [ 138.388409][ T9116] name failslab, interval 1, probability 0, space 0, times 0 [ 138.401274][ T9116] CPU: 1 UID: 0 PID: 9116 Comm: syz.3.2115 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 138.401309][ T9116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 138.401401][ T9116] Call Trace: [ 138.401408][ T9116] [ 138.401416][ T9116] dump_stack_lvl+0xf6/0x150 [ 138.401559][ T9116] dump_stack+0x15/0x1a [ 138.401579][ T9116] should_fail_ex+0x261/0x270 [ 138.401607][ T9116] should_failslab+0x8f/0xb0 [ 138.401652][ T9116] kmem_cache_alloc_node_noprof+0x5c/0x340 [ 138.401685][ T9116] ? __alloc_skb+0x10d/0x320 [ 138.401726][ T9116] __alloc_skb+0x10d/0x320 [ 138.401762][ T9116] ? audit_log_start+0x363/0x6d0 [ 138.401787][ T9116] audit_log_start+0x37e/0x6d0 [ 138.401876][ T9116] ? kstrtouint+0x7b/0xc0 [ 138.401893][ T9116] audit_seccomp+0x4b/0x130 [ 138.401930][ T9116] __seccomp_filter+0x694/0x10e0 [ 138.402031][ T9116] ? vfs_write+0x669/0x950 [ 138.402069][ T9116] ? putname+0xe1/0x100 [ 138.402098][ T9116] __secure_computing+0x7e/0x160 [ 138.402194][ T9116] syscall_trace_enter+0xcf/0x1f0 [ 138.402225][ T9116] ? fpregs_assert_state_consistent+0x83/0xa0 [ 138.402280][ T9116] do_syscall_64+0xaa/0x1c0 [ 138.402356][ T9116] ? clear_bhb_loop+0x25/0x80 [ 138.402381][ T9116] ? clear_bhb_loop+0x25/0x80 [ 138.402407][ T9116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.402433][ T9116] RIP: 0033:0x7f683634d169 [ 138.402451][ T9116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.402532][ T9116] RSP: 002b:00007f68349b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 138.402552][ T9116] RAX: ffffffffffffffda RBX: 00007f6836565fa0 RCX: 00007f683634d169 [ 138.402566][ T9116] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 138.402582][ T9116] RBP: 00007f68349b7090 R08: 0000000000000000 R09: 0000000000000000 [ 138.402596][ T9116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.402611][ T9116] R13: 0000000000000000 R14: 00007f6836565fa0 R15: 00007ffdbdbde568 [ 138.402633][ T9116] [ 138.713388][ T9130] loop2: detected capacity change from 0 to 1024 [ 138.727687][ T9130] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 138.739237][ T9130] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 138.758624][ T9138] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2124'. [ 138.769982][ T9130] JBD2: no valid journal superblock found [ 138.776857][ T9130] EXT4-fs (loop2): Could not load journal inode [ 138.806571][ T9138] syzkaller1: entered promiscuous mode [ 138.812104][ T9138] syzkaller1: entered allmulticast mode [ 138.916695][ T9153] loop2: detected capacity change from 0 to 1024 [ 138.932634][ T9153] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 138.950877][ T9153] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 138.961262][ T9153] EXT4-fs (loop2): orphan cleanup on readonly fs [ 138.968087][ T9153] EXT4-fs warning (device loop2): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 138.982969][ T9153] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 138.991360][ T9153] EXT4-fs error (device loop2): ext4_free_blocks:6589: comm syz.2.2131: Freeing blocks not in datazone - block = 0, count = 4096 [ 139.005289][ T9153] EXT4-fs (loop2): Remounting filesystem read-only [ 139.011903][ T9153] EXT4-fs (loop2): 1 orphan inode deleted [ 139.018321][ T9153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 139.032363][ T9153] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 139.039273][ T9153] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.142636][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.225414][ T9169] loop2: detected capacity change from 0 to 1024 [ 139.246741][ T9169] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 139.262156][ T9169] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 139.287843][ T9169] JBD2: no valid journal superblock found [ 139.296520][ T9169] EXT4-fs (loop2): Could not load journal inode [ 139.306440][ T9181] rdma_rxe: rxe_newlink: failed to add bond0 [ 139.340255][ T9181] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2143'. [ 139.369146][ T9181] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 139.381165][ T9181] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 139.474684][ T9193] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2148'. [ 139.556599][ T9207] batadv_slave_1: entered promiscuous mode [ 139.562941][ T9207] batadv_slave_1: left promiscuous mode [ 139.665966][ T9214] loop2: detected capacity change from 0 to 1024 [ 139.681048][ T9214] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 139.692967][ T9214] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 139.716573][ T9214] JBD2: no valid journal superblock found [ 139.724342][ T9214] EXT4-fs (loop2): Could not load journal inode [ 139.789926][ T9235] ================================================================== [ 139.798069][ T9235] BUG: KCSAN: data-race in hrtimer_interrupt / print_cpu [ 139.805127][ T9235] [ 139.807465][ T9235] read-write to 0xffff888237c1ae18 of 2 bytes by interrupt on cpu 0: [ 139.815562][ T9235] hrtimer_interrupt+0x33a/0x4a0 [ 139.820536][ T9235] __sysvec_apic_timer_interrupt+0x5c/0x1d0 [ 139.826505][ T9235] sysvec_apic_timer_interrupt+0x6e/0x80 [ 139.832167][ T9235] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 139.838268][ T9235] __tsan_unaligned_write8+0x44/0x190 [ 139.843678][ T9235] folio_mark_accessed+0x6f/0x3e0 [ 139.848736][ T9235] unmap_page_range+0xfb9/0x2660 [ 139.853720][ T9235] unmap_single_vma+0x142/0x1d0 [ 139.858607][ T9235] zap_page_range_single+0x210/0x2f0 [ 139.863971][ T9235] unmap_mapping_range+0x16d/0x1b0 [ 139.869112][ T9235] shmem_fallocate+0x28b/0x890 [ 139.873919][ T9235] vfs_fallocate+0x368/0x3b0 [ 139.878545][ T9235] do_madvise+0x14cc/0x2a60 [ 139.883078][ T9235] __x64_sys_madvise+0x61/0x70 [ 139.887878][ T9235] x64_sys_call+0x23b8/0x2e10 [ 139.892582][ T9235] do_syscall_64+0xc9/0x1c0 [ 139.897127][ T9235] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.903057][ T9235] [ 139.905399][ T9235] read to 0xffff888237c1ae18 of 2 bytes by task 9235 on cpu 1: [ 139.912966][ T9235] print_cpu+0x376/0x680 [ 139.917236][ T9235] timer_list_show+0x115/0x180 [ 139.922027][ T9235] seq_read_iter+0x661/0x970 [ 139.926677][ T9235] proc_reg_read_iter+0x118/0x190 [ 139.931719][ T9235] copy_splice_read+0x390/0x5d0 [ 139.936630][ T9235] splice_direct_to_actor+0x26c/0x680 [ 139.942033][ T9235] do_splice_direct+0xd9/0x150 [ 139.946820][ T9235] do_sendfile+0x40a/0x690 [ 139.951248][ T9235] __x64_sys_sendfile64+0x113/0x160 [ 139.956472][ T9235] x64_sys_call+0xfc3/0x2e10 [ 139.961079][ T9235] do_syscall_64+0xc9/0x1c0 [ 139.965606][ T9235] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.971520][ T9235] [ 139.973849][ T9235] value changed: 0x5312 -> 0x5314 [ 139.978873][ T9235] [ 139.981241][ T9235] Reported by Kernel Concurrency Sanitizer on: [ 139.987399][ T9235] CPU: 1 UID: 0 PID: 9235 Comm: syz.2.2167 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(voluntary) [ 139.999739][ T9235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 140.009814][ T9235] ==================================================================