last executing test programs: 15.56631673s ago: executing program 4 (id=3344): syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r1, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) ioctl$MON_IOCX_GET(r2, 0x40189206, &(0x7f0000000340)={&(0x7f0000000300), 0x0}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r4, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f0000000200)=@ccm_128={{0x304}, "76131e58a256d4af", "4448076cc60af592e8f823bedc797041", "8076e30e", "f79d7fbbf3985dbb"}, 0x28) setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x4, &(0x7f0000000100)=@gcm_128={{}, "f3d5f7097800", "88b7ac706bfe97a5e6c5e1d82e8306a4", "711ba4b1", "5e9db6360d005e0f"}, 0x28) r5 = dup3(r2, r3, 0x0) unshare(0x2040400) ioctl$MON_IOCX_GETX(r5, 0x4018920a, &(0x7f0000000280)={&(0x7f00000000c0), &(0x7f0000002e40)=""/4086, 0xff6}) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) bind$unix(r6, &(0x7f0000000180)=@file={0x1}, 0x6e) listen(r6, 0x0) setsockopt$SO_BINDTODEVICE_wg(r6, 0x1, 0x19, &(0x7f0000000100)='wg1\x00', 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) ptrace(0x10, 0x1) inotify_init1(0x0) socket$unix(0x1, 0x1, 0x0) 3.332846425s ago: executing program 3 (id=3461): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x2c, 0x3b, 0x9, 0x0, 0x0, {0x1}, [@nested={0x18, 0x4, 0x0, 0x1, [@typed={0x14, 0x20, 0x0, 0x0, @ipv6=@local}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 3.321131456s ago: executing program 3 (id=3462): perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) iopl(0x2) socket$packet(0x11, 0x2, 0x300) ioperm(0x0, 0x6, 0xd644) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x418484, &(0x7f0000000440), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=") mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0) rt_sigqueueinfo(0x0, 0x0, &(0x7f0000000fc0)={0x40, 0x0, 0x200}) unshare(0x2c060000) unshare(0x24020400) r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000680)=@file={0x1, './file0\x00'}, 0x6e) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x402, &(0x7f0000000800)=ANY=[@ANYBLOB="756e695f786c6174653d312c6e6f6e756d7461696c3d300000000000000008303030303030303030303034303030303030303030302c73686f72746e616d653d65722c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d6d697865642c696f630100727365743d757466f69e75731725e72216799ebd57484a7e1948a8aa65667265652c757466383d312c6e66733d6e6f7374616c655f726f2c73686f72682e616d653d6d697865642c757466383d306d653d77696e6e742c007aea3388304ddedb3208ceb9b2c23924743277bd2c0d0019d44efede967f3df81cce421f7aafa8aa7c706311ab7a0ce39abf7858b6ba6ef5206da03692650000000000000001d0559b166f8c433d34c03a60999dea3bab649a260b216354ecc726cd1f6519546e8ef6ae17a0da1b9313ef4b5633c5f1bf756a7816d304d61c4d15539bae9f6e8dc91d178c85744c5cc226ca0568f9f6da8997bc10100b836488e47d0b7e6ccffaf123b1000000d6d876f2e37dde582f497ab6d4d11f7211b4aaf087f529ffc0000ee312a30cc69ae25ac6a986a76824020b12971980e00a27786eef1c2537fdcb1de9c4bed7175c6704f0c39d14da07a8edf97525a0c8138686d6e2b8d90102027245729e944719894ebe079bf1ab2b7002c54c5c714bff93d9475ff23f653874321e4ecc1ebd2baa44aea86a1617e53fcc5683e5c7b14e5158239aebf96ef3b73359414993575bf4e880ac24d7fee38c5a22f6fae6a22a2185cd5a25b7bc11062d649340f8220bfa18cae94fd73afbb38b2fc20a263e091c5eb14ce630628aaf65b7ccab9b4d3b2c220153cd28c86e6c8e58903c66698fd27f4f22a9fd1dd67d70de664e3b985f20ada8c0f531865a9093fe6d3cd52c721dcfe391a812583c4e745b824429ce98f2a7928d22c9b5302719058f593fddbbb60ca7"], 0x1, 0x27a, &(0x7f0000000540)="$eJzs3DFrE38cx/FP0/zbNKVNhr+CgvhFF12ONj4ACdKCGFBqI+ogXO1FQ85cyYVKRGw3FwcfR3F0E9Qn0MXN3a2L4FJQjCRNTdKmitr0onm/oHff5pdP8rvkEr53kNu6+fxBqRA6BbeqWMIUk9a1LaUbVctIax1r1mPqtK7zk5/en7p+6/aVbC43t2A2n128kDGz6dOvHz5+ceZtdfLGy+lX49pM39n6mPmweXzzxNbXxfvF0IqhlYOqubYUBFV3yfdsuRiWHLNrvueGnhXLoVfpGi/4wcpKzdzy8lRypeKFobnlmpW8mlUDq1Zq5t5zi2VzHMemksLP5DcWFtxs1LNA38Qbi0ol645Kmtg3nN+IYlIAACBanf2/Bq7/b3QtP+7/1+n//wD9/zBo9P/J1ue3G/0/AAAAAAAAAAAAAAAAAAAAAAB/g+16PVWv11O7692/cUkJSbv/Rz1P9Afv/3Dr+OFeQvKfruZX85I/0lg2ZAsqypenGaX0pbk/tOzU85dzczPWlNYbf62VX1vNj3bnZ5VSund+didv3fn/lOzMZ5TS/73zmZ75MZ0725F3lNK7uwrka7m5X7fzT2bNLl3N7clPNO8HAAAAAMC/wLHveh6/O85B4zv5Xzg/sOf4Oq6T8Wi3HQAAAACAYRHWHpVc3/cq0RSfWycLIp7GgBfHJP1W/GLHVV/bQ/F9txx28SwYlJduAIuEpEN9wAn1Y6oRfikBAAAA6It20x/1TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF5HccGzA546dsSbCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAETuWwAAAP//AmwlzQ==") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) lsm_get_self_attr(0x68, &(0x7f0000000640)={0x0, 0x0, 0x82, 0x62, ""/98}, &(0x7f0000000080)=0x82, 0x0) 3.191690837s ago: executing program 2 (id=3463): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000140), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r1, 0x5452, &(0x7f0000000040)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x6, [@func_proto={0x0, 0x0, 0x0, 0xd, 0xa}, @struct={0x4, 0x1, 0x0, 0x4, 0x0, 0xf, [{0xb, 0x2, 0x9}]}]}, {0x0, [0x0, 0x30, 0x5f, 0x2e]}}, &(0x7f0000000f40)=""/4089, 0x42, 0xff9, 0x8}, 0x20) 3.03902831s ago: executing program 2 (id=3465): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r2 = socket$netlink(0x10, 0x3, 0xf) r3 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4) dup(r1) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_GET(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)={0x14, 0x1, 0x8, 0x101}, 0x14}}, 0x0) 2.958427337s ago: executing program 2 (id=3466): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)={0x18, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_FILTER={0x4}]}, 0x18}}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000000000)=ANY=[], 0x48) setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18) open(&(0x7f0000000180)='./file0\x00', 0x440201, 0x129) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) sendto$packet(r3, &(0x7f0000000080)="18", 0x1, 0x0, &(0x7f00000000c0)={0x11, 0xd, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) socketpair$unix(0x1, 0x1, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xa, 0x2, &(0x7f0000000000)=@raw=[@ldst={0x1, 0x0, 0x0, 0x0, 0x1, 0x85}, @exit], &(0x7f0000000280)='GPL\x00'}, 0x80) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r5 = socket(0x10, 0x803, 0x0) sendto(r5, &(0x7f0000000000)="120000003200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl0\x00', 0x0, 0x29, 0x7, 0xfb, 0x8, 0x8, @empty, @local, 0x7890, 0x8000, 0x5, 0x401}}) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001c00070c000000050000000007000000", @ANYRES32=r0, @ANYBLOB="40000f000a000200aaaaaaaaaa0c"], 0x28}}, 0x0) 2.742722935s ago: executing program 2 (id=3468): perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x13, 0x0, 0x0, 0x8001, 0x11, &(0x7f0000000140)=""/17, 0x60700, 0x3, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000003c0)=[0xffffffffffffffff], &(0x7f0000000280)=[{0x0, 0x3, 0x6, 0x8}, {0x5, 0x1, 0xd, 0x8}, {0xc, 0x2, 0xe, 0x2}, {0x5, 0x3, 0xb, 0x7}], 0x10, 0xa0}, 0x90) gettid() r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x1010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x0, 0x1000}, 0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r0, r1, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7) socketpair$unix(0x1, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) open(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) read(r3, &(0x7f00000002c0)=""/200, 0x39) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2) bpf$PROG_LOAD(0x5, 0x0, 0x0) lseek(0xffffffffffffffff, 0x0, 0x4) r4 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r6) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008100000000b142"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x8}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2688634c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 1.75108453s ago: executing program 0 (id=3471): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$nl_route(0x10, 0x3, 0x0) open$dir(&(0x7f0000000140)='./file1\x00', 0x212000, 0x1c) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4a8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext, 0x80, 0x1, 0x1, 0x4, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x80040, 0x0) accept$unix(0xffffffffffffffff, &(0x7f0000000500)=@abs, &(0x7f0000000000)=0x6e) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r3, 0x7, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffffb, 0x0, 0xffffffffffffffff}) 1.743100021s ago: executing program 0 (id=3472): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x2c, 0x3b, 0x9, 0x0, 0x0, {0x1}, [@nested={0x18, 0x4, 0x0, 0x1, [@typed={0x14, 0x20, 0x0, 0x0, @ipv6=@local}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 1.742558821s ago: executing program 2 (id=3473): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file1\x00', 0x844, &(0x7f0000000800)=ANY=[@ANYBLOB="00694ba7e2ae8959c3a1a1006a809454d1b9e49ca9bcfc4fc4988c654d24bf47f2193dc2fb66905490f63da0382e7e8b6fa7bc01215b438ad0a0c54300383d371f98a51969e94000800000d1a09c066c83c90eb1659f642d9740b323fc7da8f03a2e547ee2dd62af8c0b51da0e3b75a1ccf23bb04d83fa977502819dcc5fbe622c4c35880cfe115f8743ddf5255ed6532d8ce90700000000000000bd3c353b218ccf99b00749bccd22cdc096d92b7eaf583df7f136a59dade8dafa14bcefad343abff7d790b6e7152b1031acbba628c1f5310e53cd87b92cdfd51281dba68af9b738f0a097e59b277ef9a9bd361570f431b43d9a107367e5ed6f27bd9ef071148bc60b4845accf826763066baf9b092754602e7fe53fbd347a39262850b6890a0200863518f5cd8e1d6d388c66123eac43a65f0b3a585c80576666c4ee5d579c349d415741bd3de7fd5af2fa9b50f63bbd192fa1ee4eb9d2eb2b4afffa5dd5a32f292bffcecbcc18071375b13a01e4643601001601b7a1eca9816df0137b589441fca8bd69993caed53c6d9deae2183ebdb1d37c31837dd80d88d2b991a03ac3007ba522716c110cc8e8ca11b8815b0e6e7b07505d2d6d9a6e9b846965a6dc000cbbb2b8312b8e4a9981468eb97b7c089d1592edbce5d97203ce4d11f4e3a8dbae0a819ea246f29b13795bbece4ccd27c8448055daa14ee855d1c70644c6cc4fd8d916c39b03b10894b8e98389b44dbbe0d8719e487b6a37d0"], 0x1, 0x240, &(0x7f0000000a40)="$eJzs3cFLFG8YB/BH3d9P7bISQRBBAxF0WlTobkSBJBXJEkZIW64hrggJQh3UTkGnLh07djOCOnSr/yHo0iW6RMe8dQgndMJ1c1e2cndDP5+LDzPP13nnPbyzy7Lv3jw+Nzs1vzC9tvY5+vq6IjdyZz1Nu2IguqMnMisBAOwn39I0vqaZ3Tt72zUkAKDFmn/+AwD7RZPP/yttHBIA0GJ//v7/ycSbj6XyyJkmWtPqZwcfJn9/jADA3hqfuH5x/e2p/tF49Thi7uFicbGY/c3On52OmahEOQYjH98j0i1ZfWF07PxgsqE/oji3/DO/vFjsqc0PRT4GIq5d2pkfSjK1+f/i0Pb8cOTjSP3rD9fN/x+nT27LFyIf727HfFRiauMlybb80lCSnLs89ku+d7MPAAAAAAAAAAAAAAAAAAAAAABaoZBsGai3f0+h0Oh8lm9+f6Dq/jyPNvO5OJaLB529ewAAAAAAAAAAAAAAAAAAAPg3LNy7P1uqVMp3t4pbV2cO1x5R7HGxMfEtvMSJiGj1XbxcLb9/NnljvPOT2cai/qy+6PzAdim6I2KzOPp0pPR66dOXnT2xUj3SlcvWhVKlzmKRtHlxAgAAAAAAAAAAAAAAAACAA6b6NeBGHWl7BwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHVD9/f+/KFb7s3/WoCc7+byj9wkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMH2IwAA//9XF6x9") r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00') mount$9p_unix(0x0, &(0x7f0000000140)='./cgroup\x00', 0x0, 0x928071, 0x0) r1 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x4d) sendfile(r1, r0, 0x0, 0x8000000d) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f00000001c0)={[{@dioread_lock}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@grpquota}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) ftruncate(r2, 0x2007ffb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r2, 0x0) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r3 = open(&(0x7f0000000000)='./bus\x00', 0x161142, 0x6) r4 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0) lstat(&(0x7f0000000040)='./file1\x00', &(0x7f0000000380)) sendfile(r3, r4, 0x0, 0x1000000201005) 1.667440537s ago: executing program 0 (id=3474): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180100001700000000000000a54b0000850000007500000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='signal_generate\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x2b) memfd_secret(0x80000) 1.524366699s ago: executing program 0 (id=3475): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001800090000000000000000001c14"], 0x24}}, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0) preadv(r2, &(0x7f00000032c0)=[{&(0x7f00000030c0)=""/105, 0x4dd}], 0x2, 0x4, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) unshare(0x400) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) r6 = socket$kcm(0x2, 0x2, 0x73) bind$inet(r6, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) r7 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r2, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000340)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, &(0x7f0000000380)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x94, &(0x7f0000000400)=[{}], 0x8, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0x31, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10) bind$xdp(r7, &(0x7f00000005c0)={0x2c, 0x13, r8, 0x40}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f00000001c0)=0x2) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r4, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) ioctl$USBDEVFS_DISCARDURB(r2, 0x550b, &(0x7f00000000c0)=0x7fff) r9 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r9, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000002900)=ANY=[@ANYBLOB="140000001000010000000000000000000000000af0000000060a000000000000000000000200000008000940000000010c000640000000000000000308000940000000030c00034000000000000000010900010073797a30000000000800094000000000240005800800024000000002080001400000880e08000140000086dd08000140000000670900020073797a310000000057000740a12c8a6e509c2ba4ec4e5171fb9410235b0d76d21e2d2bad65183c0a2d868f55d641694924abcd6d035316f9ecf21018e9654bf85ca056eca187915895074f158b3313bcb0db8f57f9137e530d8d1dd6896e5000150007400df5af99f2e48851f355522100a991d21400000058000000090a0300000000000000000002000000080003400000001226000d40564f543f2fbcc53fa93dc9a7f1d10683a1e1bf2877de142a0e09c71672335d767b7c000008000840000000010c00118008000100667764003c000000140a030000000000000000000200000108000340000000070c000640000000000000000408000340000000090c00064000000000000000045c020000180a0101000000000000000000000000a8000380a4000380140001006272696467655f736c6176655f3000001400010076657468305f766972745f776966690014000100766c616e300000000000000000000000140001007465616d5f736c6176655f31000000001400010076657468305f766972745f776966690014000100776c616e30000000000000000000000014000100697036746e6c300000000000000000001400010067656e65766531000000000000000000f0000380080002400000040b080002400000762454000380140001007866726d30000000000000000000000014000100626f6e645f736c6176655f300000000014000100697036746e6c30000000000000000000140001006d6163767461703000000000000000006800038014000100626f6e645f736c6176655f31000000001400010070696d3672656731000000000000000014000100697036746e6c300000000000000000001400010076657468315f746f5f626174616476001400010070696d36726567300000000000000000180003801400010070696d7265673000000000000000000008000240000002b50c0005400000000000000002a400038090000380140001006272696467655f736c6176655f3100001400010076657468300000000000000000000000140001006970766c616e31000000000000000000140001007767310000000000000000000000000014000100766574683100000000000000000000001400010070696d7265673000000000000000000014000100"], 0x7a8}, 0x1, 0x0, 0x0, 0x48044}, 0x20000084) 1.261044182s ago: executing program 4 (id=3447): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000340)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[], 0x1, 0x24e, &(0x7f00000006c0)="$eJzs3c9LFGEYB/DHH2l2WYkgiKCFCDotKnQ3okCSimQJI6Q11xBXhAQhD2qnoFOXjh29GUEdutX/EHTpEl2iY946hBM6sq66lobuhPv5XPZh3uc7+87M7szuYWfvn52aHJueGV9Z+RbHkyRJ+h+uJklLdEdrtEVqMQCAo+RnksSPJJX1XACAxnD9B4Dms8fr/60GTgkAOGT//v3/xfD7L6Vy/6U9tCad1fLzyP7nCAAcrKHhu9dXP1zoGoi3zyOmns4WZ4vpYzp+eTwmohLl6Ilc/IpIqtL62sDg1Z78mq6I4tTCRn5htti2Nd8bueiOuHNjZ743n9qaPxYnavN9kYtT9Z+/r26+Iy6er8kXIhcfH8R0VGJs7SNJTX6+N5+/cnNwW75zvS+W2jI9PgAAAAAAAAAAAAAAAAAAAAAAHE2FfFV3vfv3FAq7jaf5vd8faPP+PM/W8+1xpj2eZLv1AAAAAAAAAAAAAAAAAAAA8H+YeTw3WapUyo+qxejtiZNbl/ytaNlPs2Jucm3HH8R62jcO4rahcxFx2FvxZrn8aWnk3lD2O7OBRf29+jrziY3+oac1ItaL0y/7S+/mv37f2ROLNe/ljddUqVLnZJFv4IkJAAAAAAAAAAAAAAAAAACa0ObPgHfrSBo7IQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIwOb//++76KguWe5KV7ZLczr4KtPtBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACguf0OAAD//zgnrLI=") syz_open_procfs(0x0, &(0x7f0000000000)='net/ip6_mr_cache\x00') r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) r3 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r3) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000840)='z', 0x1, 0x0, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000280)="aa", 0x1, 0x0, 0x0, 0x0) socket$inet(0x2, 0x80001, 0x84) sendto$inet6(r0, &(0x7f0000000040)="93", 0x34000, 0x0, 0x0, 0x44) 1.206957037s ago: executing program 4 (id=3477): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)={0x18, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_FILTER={0x4}]}, 0x18}}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000000000)=ANY=[], 0x48) setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18) open(&(0x7f0000000180)='./file0\x00', 0x440201, 0x129) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) sendto$packet(r3, &(0x7f0000000080)="18", 0x1, 0x0, &(0x7f00000000c0)={0x11, 0xd, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) socketpair$unix(0x1, 0x1, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xa, 0x2, &(0x7f0000000000)=@raw=[@ldst={0x1, 0x0, 0x0, 0x0, 0x1, 0x85}, @exit], &(0x7f0000000280)='GPL\x00'}, 0x80) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r5 = socket(0x10, 0x803, 0x0) sendto(r5, &(0x7f0000000000)="120000003200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl0\x00', 0x0, 0x29, 0x7, 0xfb, 0x8, 0x8, @empty, @local, 0x7890, 0x8000, 0x5, 0x401}}) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001c00070c000000050000000007000000", @ANYRES32=r0, @ANYBLOB="40000f000a000200aaaaaaaaaa0c"], 0x28}}, 0x0) 1.203653927s ago: executing program 1 (id=3478): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)={0x18, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_FILTER={0x4}]}, 0x18}}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000000000)=ANY=[], 0x48) setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18) open(&(0x7f0000000180)='./file0\x00', 0x440201, 0x129) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) sendto$packet(r3, &(0x7f0000000080)="18", 0x1, 0x0, &(0x7f00000000c0)={0x11, 0xd, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) socketpair$unix(0x1, 0x1, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xa, 0x2, &(0x7f0000000000)=@raw=[@ldst={0x1, 0x0, 0x0, 0x0, 0x1, 0x85}, @exit], &(0x7f0000000280)='GPL\x00'}, 0x80) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r5 = socket(0x10, 0x803, 0x0) sendto(r5, &(0x7f0000000000)="120000003200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl0\x00', 0x0, 0x29, 0x7, 0xfb, 0x8, 0x8, @empty, @local, 0x7890, 0x8000, 0x5, 0x401}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000400)={'syztnl2\x00', &(0x7f0000000380)={'syztnl1\x00', 0x0, 0x4, 0xa3, 0x0, 0xad4d, 0x2, @local, @mcast2, 0x80, 0x8, 0x7, 0xfffffff4}}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000500)={'gretap0\x00', &(0x7f00000004c0)={'ip_vti0\x00', 0x0, 0x20, 0x8, 0x80000001, 0x7, {{0x6, 0x4, 0x2, 0x2b, 0x18, 0x64, 0x0, 0x0, 0x2f, 0x0, @private=0xa010101, @multicast1, {[@generic={0x89, 0x3, '\\'}]}}}}}) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001c00070c000000050000000007000000", @ANYRES32=r0, @ANYBLOB="40000f000a000200aaaaaaaaaa0c"], 0x28}}, 0x0) 985.728565ms ago: executing program 4 (id=3479): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000380)=@urb_type_interrupt={0x1, {0xd}, 0x0, 0x20, &(0x7f0000001340)="5f919bad6d6f2fdfc928397d6cc2a4dc8f6ef142efc55899b19ff4c953952771fd0839b6116ef8b289994b6d69d209655a0f95db47615aead2a9ea3c2f3ff4e252fdb7f8ab0f83d2a571f3678bc73cc6f48bc00a9aac931dc16ea5d7434d67f2923910b53091e238ba3870a2f7870b1e2546fa5f33e1220e7ad21748ac60377672364c7e3fda688af5e6a1a1b158524b856051ae32c84256cd8e34e8ee09fac6c6ed145e017afd2f9a4abe7adbec334b8f758b2da6ffa40bebf5b9376b072ac0a48730f986f4a046cc8191135bb37c81337a0317380e271c03aee1def1c9d5b45d300ecc254063a943dc7281967544bd4458fc421eac92b7a13539c8c3365d2f6ebeec4d99f3dd5d8ea00571185f6763039def5fb63db514ec9e46681cd3ea0539f9b4a75d8ed2dc386a4b73f4a2f96b4618eb0881c92e943b7fcbcf02617a5af3f1ad337324b9d51ba2ce7c7184da09c95acf97fb7ebf9d95d3daf9e642e80d47fcfcba164da6ae76ae57c98ccd849c6323aff1a0d48f2056e496305a3eaf9a8307c582ba01b89f64fea85a03db1f59b97de3482213ad4477b3e30a2e44f739ecf0c26311fa7076dc409345f7ab3b6f80971c999e8249865a6b8cd7424a1ab2159685432051c8c15b32435b1cf18a41e11e7e8dd82f870fc16b9c4a0cf4bbf7b2b97ba101fe66fc9d9347e884bee7daadaaafb2baf511b98603322c5f4ff167a4f90ea17c3e7bdfd793de8724179c28218739b93e8ddd2919b8238534e3e92ce24c80c13d291a496416bf7bd2d8f239f4be7c1092692f064e0c9fff8a2d9c934ee4158caeb003c44de8db5c9bf7fe49cc732d02144d8a86d3178a820ebe923a9b65083d072a5e88c5ce5047bb8a1f777c393feb7f6ee6584e6a77ab5fb43f82a49dd9c160998718baa251ff0263a409aa18e20ce314eb8a494f3bd79af7be725670768e58a6e652b66a1b6fd16a0aebc5acfb5d10a41732e48118d7925f9dcda9904d4d2b81bb04beca0e845f4e683ff910f6b82542604294727af0bc5367fc782d9cbe6741ba7df6630d4da35f3f40570368ad694354348bd17c35f17f84adc8c108b12db824ab03447d0e19939a80dd2f26b4a0204a67d491cb498f4ed741b05281bfadded3a9aaaacb7f38b0651da7e564b8cf64461ef846f4b045a78d4f69038ba151f61272e3c18e3575ceeae0ec4b2733394168a5f986b19e92f8276d07b9c0c6f5f1aa1826d988a3e1762295d78ac5be7abc3e4a270b376c1aa690587030e09d79524a1fc299de6c4e5820859a8fa65b8a8e2dc398867154617dbd97fb584b56319cea072c17cbad5b740188cd2608710d17437b25916301b2ba7752e8c16711aab7538de13c4ba5a517fb01f15982ed21baa211e855fa68c30ee9eb47be92b0b9dee2c4413ccd7dcbdcad207a5b76bfd214863130da6d3b929b982c311a6779a7dab931741e1674e02def0445e45ba734763e7f17901bc0583446b0176373460668e2a59917ece73a1a90b85f2fdf59ef35ee951547f5d773f3a817d6228765b63560e3b23f2f796f2c823afa18b5459762af987615eeed8467368fdafaeca372b5203f39d80ed5b52f2148f44072fe54d31bc3d14a5ebc86cba204e2574b02e89506a361e68709450cdf8416ed417306a858992b61996899eaeb6e6ab01c550c8e537aab73e20c4b60c6890b285a5fa4bb22bd1eb699d96ceeaf9cedd563109c6ba0084a76d81f8cd131f38b27ace67f910fa1f858e8aa5ae499a09eca1ae287a9d35cb33a54fdcb6718930429cb75c5a5682b137c146775894e0491f0e9ce65b8663c9c4b4a3fa59c865dd92c78781ebf0d9eb38df5a9d37efa989492318629ef7bfd4925147b0fc1733fc00d1b998966ab76171408a93ba21608e6fced469ba9b2e5f922959836b234001b3ed0f1a90b6aebb52e7520f9f3da4afc02c9e2fdbc0eb2ddf42307811fe713bf00ae8dc4bc1cf5d104229e248d70d29b75001fdd277dc66e9dc9966dece849ea47101b662eb3ffea5697cdb1d25c4987a28f936a191b3b5bb9970f3684cbd7ba91e4569775344d015c12740572cdce42cbef50514ed44996a6597b508e838727b394decddbb6c81481e2f3c51c2aa2246bc42638cab0d23bd6c536027a6a34304426a571b46c6be2258eb67b88ff13eb4f80fc12afac9442df2a70dc77121b2a9962f7e6a9348cce004dfcf91dee6f1e403d222f714deedbfe339ac0cf80ecf216805340cb016352438dd889f8adbafe52bed5776b2aecb3e592d385e9c290645cbbbf5b21dbe3bf675d2734cfdf651a83b877cb623cde0acca3564de8f81f2e57aafe593b3b2542f8b47c3bc7cfff763347b4f6a661b60dbeec5db8b446d0017aceef55ccbd920d63753c8a1504bf6c71adc651c712653f19cf06f9330d56613ce726f619b2915149a71c766c14a5d2a735570bb8b46d250f32c8a427bbc10fb4ca43236d12a693f463e046f29266df73b57c74d37e17af9c8a28ffa5a0418f66dfcbcf9163dc34d43e5e21eee9d4e54c993333c42f18dec432d91641120a3c45af24b8356dcb4bdcb9965e8b14fff18ea9fe6287b27e02a61fd9ce2b107a97cb27bcb43f124547c3a88d7f5a6f1eb70cf908fd1328b59da7415840a28bb1e4c9c7847adf973e69c74c085dd4ed53814e2b2178c25e772f09a603c4ba2cb89192fbd637d901ef6c007576d548818db260ddd4edd438844b5774c33eaf068f0c92ccd01aa11d79ca156728ffcfbc2ccceec16a9908b1b6b5a2fcaceebe151ffe3c6256d2bbb3c794b43ac8fad37d09592b1fe4e304cc8f867551283b5e80d3a68035f91327ad867247ae565514f956360fd4a86ba13381435c8bd0cc2f3c7cadef8e1cab28d3696d47693cfa5cee28e31ff949e4eaccbe95cbe375e3ecc5a366caa231a867113074f139384ce41054d62c9601738d7e0372a4570925e2133bb2856d76d91850c6ffe599e5f5f8ce35e65bf2608665114d1b0cf9ab08e98f9f63ddb16bbd697e0bdb2b5dbce13fb5760065c5d9332774d91d9338297f6fef17ede34512caac4e2c787c06a020b32a4bf9cfb52a4784c7dcee9f9b3646553473a433b41d9fef378bc8d82ffdbbeb6a04e1cb67443c458ed05f5de9ed11c260208988ae1d8c74eb711d13ca307bce2330a2b6b42eb80e9abe94370b87b1f2f3ac60042978201e2a0e883af18df00b5df606ed352c9f75ddbb445ea4660a9be4fbd105ff2a74293341e5b99815e5d0eea9ee5bb6dfe4bd8d12833d4d636f08b35065cb46ef63967c1e083de75ae1f792974b9b21ade95dd53740a6b9dd6008a51f09a170ba6e863311f8d5859efcb748f2ae6802e14a5830ff638a0e998a963a5d9bc527c1f1ea4145225a6b1b99f1bd74ecfd11e52fec815dd00e0574fef34af2bcb0897e0ea1f2bfb6d62a96b5936fe0a697e2a7997c2b51d39756d5cc312dc117208b6a695aca0e9f972d1a90b573ec809d3bb130c8a5d5320a316f9f479c4fcea94fe224d383f798ac6547c1fe15e16fb4a927dfeaec1b7bc4168eeba887b5c39e8deb07b9fe06bf09aee0d0327fa60d3dd8174d59a37566fcfe2f3df69a6989d3be4fcebdefa8d0ab86a436c7c7b1ea9370983225e0e9e4e26587d3faf0ede550b1889b978522c6bd064837ed110c7c84af29f32f260293596623b862cb3818809535d596e3477feefc0ef25a5edc2fde49db5ba107776d83a551cd3934f6e13d85ad091dc29d46cdc608f579bf1d7d940f0bacbea9d71106cf4f075f95243f8e2eb94d411df64e094652580e48201e52b1fd0b8ca464640ddf4f78c8cf2266130ebcc0ea432b376c7d4cce9a66131d0a8112cf7ba8e51b994235041f55d7c93208f81bafd380008fc712af55bd9db49383830999ada08bd0d5e5b7b11603c5b4c774d32e1764988165374116f4818478c8d570cf96eca65a40f43505a623d9c25b780784e46c4d95faba1ba7fb7c35f018fa945c8d4e05ba99986696e7503998b0fc0c1d97fefcae13e155f72b93a3997f6a9735551959d245b73a2b997211a6fdd0481e3eae3d84e6562e1659d1264dac34aab35127a5235507a9d75530e22e08bd058fe3ed3005988b22bce22251971c696a972f45db94303611a8ca24e8c38372a229dcb114f960b14699f7e0c0603c171622785e9d07e7a65afe2e51c18f0c1f843f9e9c3aeaabdc07c1ba7e8b68f45915f0e9a7b5450608e308f802d944cb73fc10c1cb4087b4db27c29441d5da1838e59d0da38e0604c505f9487a4e3e119224fc596377b6668a782691bc9ba85b61f1ff80ebfcee5732686fd70ca210e232303ade3584d475d0aaa9f127c115738c40ad5a17777f059a01b8f6c92684d33ccd185425fb6b015a967c785705e2c08fe7f93812c3133dff89ddadee3131858624953c142308b215eabad1a7afe9be4a2aeb93a4aa3cb4234dc980e2a5e49d7af29a5c22d32cc88cce71883fc352c63ae3e578c7cf968c6c8612a9c7730220b800f0b9f602e1dd682322b546a998ec77a1c92c700a7a1d191312d10f61559612aef969f84d9916da00b8da5d2f0b6a68c18cb70b20df3c79153bb89cbb1015fd76d78e30747c4efc81a2257596e9507831a5e7d3d10fd6bc3bbce6d3d00394657a03935badd5585cd44e1a67cdff3c1d1fc861be705705df524849f8d0a9641b4b342ab758793a25cccf83f5162322b2aed820f9cfc60979f0ff80bb59ca0d8f3b132d5aa63e91b4f0bf55ab5da907dcd67ab9e0f5d050b80cad7f3d0bcc5793befe5dd094284a7f157e5e3267fa06f556ba82e26f63fce71b91ddaa690b61c6cf0f58e039a5f6d0cb4945b5d3bddf31d77fe962dc6cc42e22b6c2c2d8734ed2577be37575e277e264b1a54d61f26db7ed560a13c848981793bd94c7eda7693495df7769f5f1d14b2f6ce3f85d0e8a41c500210f1ba3a0c0b156e9bd8b37c970f7a479e710b96b5e35f75e0a34d8798095a61d69c5a4b35fa44bc70e381a5bf3a20e56fbcc32c11d55329da6340c1baa87f3623063957bb25a029fdcf6da1fc05cbd659ba81c330da10dc6d460c4027a0b35dcdffd5e811e2dc4d15d3ae1961fc26fa3608083a2313b854155967103f32c48b7bc61ab0397ae383aa3e96f3c2bd92fde30965c5bc9df9d6a1ae5662d48933eea59bfeb5ab3eeed8a00424a2c373034ef06b6e434a6900cb89ebfdd97a2732926cf603f3ff888c2136c39a6faad4a2ba5e4cddec75baa9a0dc8a5980335cb908da688b3e101bf129fd77ee679914c296b2d1b7b5e83d1646544b0abf19320298322a6a9151e14af4f88dcfa897cdb2122f43be42f6f313a96ac0f5172ad55706b487e9c26f171dfbed10d549079704e9d1f4aa20cd7825a9271a72592fdbcce7e6176ea4bd42f2742fffbca1fc9a4f1ebb0ca796f7c6b355fcfe76142e04c14c8857be495484859aa82e475c279519965505c4c5a03c0523a68468b5ac8c5a9427570563fddee225811592ad77df7bfa46491b907d7e5c9a007a3258c5bf33bed4e879c3cae1128963ac44a82797dbdf642d2fa10278372e2a02365fcdb0f502ebfcdc05e25a611c81268cd6cd3b6a084cd0df2f42fb7dd6d70164083d028030c9bb51d96d3082ad81895fc2cc134296122cfd332f67f1d4407d185dccf4bcf0cda9118627914af0ece4f1271c1a3790abdc79c79e0675a642246bb2c60fbc583ff6100125225f4fc6e205e24ca2839e5e12af57e8aa2172c20c47a0b7ecf7a616667e3ba9f9517217f18105928dd3438735347357a41121f9f", 0x1000, 0x7, 0x2c5e, 0x0, 0xe6, 0xfffffffb, &(0x7f00000008c0)="3fa763de5a5df657206e032bf510acff4e87617283a27efcd71ca50fa73174950f8bc88d1e74d55f7159ef08f90d6c62d985a596e1c2e5e91859d6966bbba9ddbbd8fcf6ffc7c48eae599df4a154183deb55cf1d82ba85be4ab3b1ae426ff19aaae7675e836bc1981c6d5de5781189a268f18157e0526b5c000634a2f710e676717345be7fc344bf001e83200d2a8620e3091d8751febc0d043bd6c3bfc6bff386cc4eceabe7b5e4eac9486afc079401a37ac79dc84069768ca0a951de285bbdec32bca1072393f05ab5e0"}) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000540)={'team0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$USBDEVFS_RELEASE_PORT(0xffffffffffffffff, 0x80045519, &(0x7f0000000500)=0xffffff40) bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) r5 = dup(r4) ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x0, 0x0, 0x0, 0x403}}) syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000a40)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c7", 0x7f}, {&(0x7f0000000c00)="316f825a3d29f96a2093a917016e0283e3e9a3e2ae7391b7c0d62f8715f33a0a3d68db3659bc9c0cfa0e40d07b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f73430670040cdd4b16742e94b62f4eb1c01000000f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4a9f77a486e10d1d50e44155790748b7226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67b1cd03b076bf90286b63eb7aaea4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74afa52db1ac07f7cce47d5e8ce5b2806ff7171c64a689a0ba35e934506a46a10b9a579dc43630831e2c5400853b58e00ed35a858d44b25d5b8dad1be420467333d9ce17dddc425dad69c4c9395a5c170170a4fa63091786e2a563e3d5982a73c15edf854046e1a33b2728e74c856a58ba74c80f4f4166ac51d720f507c2c205ef5a04370c77928dfde47e15d533060084d4fc271eab837367369218b1bfc59752696396f49c2f58268000000000000000000", 0x1a3}, {&(0x7f0000000700)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd", 0xc9}], 0x3}}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000002c0)="a48ddda58f0c3202e4331de15e27c2f6b69ccda5c86d79ec8171a6447231bbf9a1a064d718209a1013baec29196d3ae2707e8d813dc1c962f5edc8a102000000684b", 0x42}], 0x1}}], 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendmsg$inet(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000880)}, 0x24000090) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 953.936428ms ago: executing program 1 (id=3480): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000340)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[], 0x1, 0x24e, &(0x7f00000006c0)="$eJzs3c9LFGEYB/DHH2l2WYkgiKCFCDotKnQ3okCSimQJI6Q11xBXhAQhD2qnoFOXjh29GUEdutX/EHTpEl2iY946hBM6sq66lobuhPv5XPZh3uc7+87M7szuYWfvn52aHJueGV9Z+RbHkyRJ+h+uJklLdEdrtEVqMQCAo+RnksSPJJX1XACAxnD9B4Dms8fr/60GTgkAOGT//v3/xfD7L6Vy/6U9tCad1fLzyP7nCAAcrKHhu9dXP1zoGoi3zyOmns4WZ4vpYzp+eTwmohLl6Ilc/IpIqtL62sDg1Z78mq6I4tTCRn5htti2Nd8bueiOuHNjZ743n9qaPxYnavN9kYtT9Z+/r26+Iy6er8kXIhcfH8R0VGJs7SNJTX6+N5+/cnNwW75zvS+W2jI9PgAAAAAAAAAAAAAAAAAAAAAAHE2FfFV3vfv3FAq7jaf5vd8faPP+PM/W8+1xpj2eZLv1AAAAAAAAAAAAAAAAAAAA8H+YeTw3WapUyo+qxejtiZNbl/ytaNlPs2Jucm3HH8R62jcO4rahcxFx2FvxZrn8aWnk3lD2O7OBRf29+jrziY3+oac1ItaL0y/7S+/mv37f2ROLNe/ljddUqVLnZJFv4IkJAAAAAAAAAAAAAAAAAACa0ObPgHfrSBo7IQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIwOb//++76KguWe5KV7ZLczr4KtPtBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACguf0OAAD//zgnrLI=") syz_open_procfs(0x0, &(0x7f0000000000)='net/ip6_mr_cache\x00') r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) r3 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000840)='z', 0x1, 0x0, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000280)="aa", 0x1, 0x0, 0x0, 0x0) socket$inet(0x2, 0x80001, 0x84) sendto$inet6(r0, &(0x7f0000000040)="93", 0x34000, 0x0, 0x0, 0x44) 917.753381ms ago: executing program 4 (id=3481): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000380)=@urb_type_interrupt={0x1, {0xd}, 0x0, 0x20, &(0x7f0000001340)="5f919bad6d6f2fdfc928397d6cc2a4dc8f6ef142efc55899b19ff4c953952771fd0839b6116ef8b289994b6d69d209655a0f95db47615aead2a9ea3c2f3ff4e252fdb7f8ab0f83d2a571f3678bc73cc6f48bc00a9aac931dc16ea5d7434d67f2923910b53091e238ba3870a2f7870b1e2546fa5f33e1220e7ad21748ac60377672364c7e3fda688af5e6a1a1b158524b856051ae32c84256cd8e34e8ee09fac6c6ed145e017afd2f9a4abe7adbec334b8f758b2da6ffa40bebf5b9376b072ac0a48730f986f4a046cc8191135bb37c81337a0317380e271c03aee1def1c9d5b45d300ecc254063a943dc7281967544bd4458fc421eac92b7a13539c8c3365d2f6ebeec4d99f3dd5d8ea00571185f6763039def5fb63db514ec9e46681cd3ea0539f9b4a75d8ed2dc386a4b73f4a2f96b4618eb0881c92e943b7fcbcf02617a5af3f1ad337324b9d51ba2ce7c7184da09c95acf97fb7ebf9d95d3daf9e642e80d47fcfcba164da6ae76ae57c98ccd849c6323aff1a0d48f2056e496305a3eaf9a8307c582ba01b89f64fea85a03db1f59b97de3482213ad4477b3e30a2e44f739ecf0c26311fa7076dc409345f7ab3b6f80971c999e8249865a6b8cd7424a1ab2159685432051c8c15b32435b1cf18a41e11e7e8dd82f870fc16b9c4a0cf4bbf7b2b97ba101fe66fc9d9347e884bee7daadaaafb2baf511b98603322c5f4ff167a4f90ea17c3e7bdfd793de8724179c28218739b93e8ddd2919b8238534e3e92ce24c80c13d291a496416bf7bd2d8f239f4be7c1092692f064e0c9fff8a2d9c934ee4158caeb003c44de8db5c9bf7fe49cc732d02144d8a86d3178a820ebe923a9b65083d072a5e88c5ce5047bb8a1f777c393feb7f6ee6584e6a77ab5fb43f82a49dd9c160998718baa251ff0263a409aa18e20ce314eb8a494f3bd79af7be725670768e58a6e652b66a1b6fd16a0aebc5acfb5d10a41732e48118d7925f9dcda9904d4d2b81bb04beca0e845f4e683ff910f6b82542604294727af0bc5367fc782d9cbe6741ba7df6630d4da35f3f40570368ad694354348bd17c35f17f84adc8c108b12db824ab03447d0e19939a80dd2f26b4a0204a67d491cb498f4ed741b05281bfadded3a9aaaacb7f38b0651da7e564b8cf64461ef846f4b045a78d4f69038ba151f61272e3c18e3575ceeae0ec4b2733394168a5f986b19e92f8276d07b9c0c6f5f1aa1826d988a3e1762295d78ac5be7abc3e4a270b376c1aa690587030e09d79524a1fc299de6c4e5820859a8fa65b8a8e2dc398867154617dbd97fb584b56319cea072c17cbad5b740188cd2608710d17437b25916301b2ba7752e8c16711aab7538de13c4ba5a517fb01f15982ed21baa211e855fa68c30ee9eb47be92b0b9dee2c4413ccd7dcbdcad207a5b76bfd214863130da6d3b929b982c311a6779a7dab931741e1674e02def0445e45ba734763e7f17901bc0583446b0176373460668e2a59917ece73a1a90b85f2fdf59ef35ee951547f5d773f3a817d6228765b63560e3b23f2f796f2c823afa18b5459762af987615eeed8467368fdafaeca372b5203f39d80ed5b52f2148f44072fe54d31bc3d14a5ebc86cba204e2574b02e89506a361e68709450cdf8416ed417306a858992b61996899eaeb6e6ab01c550c8e537aab73e20c4b60c6890b285a5fa4bb22bd1eb699d96ceeaf9cedd563109c6ba0084a76d81f8cd131f38b27ace67f910fa1f858e8aa5ae499a09eca1ae287a9d35cb33a54fdcb6718930429cb75c5a5682b137c146775894e0491f0e9ce65b8663c9c4b4a3fa59c865dd92c78781ebf0d9eb38df5a9d37efa989492318629ef7bfd4925147b0fc1733fc00d1b998966ab76171408a93ba21608e6fced469ba9b2e5f922959836b234001b3ed0f1a90b6aebb52e7520f9f3da4afc02c9e2fdbc0eb2ddf42307811fe713bf00ae8dc4bc1cf5d104229e248d70d29b75001fdd277dc66e9dc9966dece849ea47101b662eb3ffea5697cdb1d25c4987a28f936a191b3b5bb9970f3684cbd7ba91e4569775344d015c12740572cdce42cbef50514ed44996a6597b508e838727b394decddbb6c81481e2f3c51c2aa2246bc42638cab0d23bd6c536027a6a34304426a571b46c6be2258eb67b88ff13eb4f80fc12afac9442df2a70dc77121b2a9962f7e6a9348cce004dfcf91dee6f1e403d222f714deedbfe339ac0cf80ecf216805340cb016352438dd889f8adbafe52bed5776b2aecb3e592d385e9c290645cbbbf5b21dbe3bf675d2734cfdf651a83b877cb623cde0acca3564de8f81f2e57aafe593b3b2542f8b47c3bc7cfff763347b4f6a661b60dbeec5db8b446d0017aceef55ccbd920d63753c8a1504bf6c71adc651c712653f19cf06f9330d56613ce726f619b2915149a71c766c14a5d2a735570bb8b46d250f32c8a427bbc10fb4ca43236d12a693f463e046f29266df73b57c74d37e17af9c8a28ffa5a0418f66dfcbcf9163dc34d43e5e21eee9d4e54c993333c42f18dec432d91641120a3c45af24b8356dcb4bdcb9965e8b14fff18ea9fe6287b27e02a61fd9ce2b107a97cb27bcb43f124547c3a88d7f5a6f1eb70cf908fd1328b59da7415840a28bb1e4c9c7847adf973e69c74c085dd4ed53814e2b2178c25e772f09a603c4ba2cb89192fbd637d901ef6c007576d548818db260ddd4edd438844b5774c33eaf068f0c92ccd01aa11d79ca156728ffcfbc2ccceec16a9908b1b6b5a2fcaceebe151ffe3c6256d2bbb3c794b43ac8fad37d09592b1fe4e304cc8f867551283b5e80d3a68035f91327ad867247ae565514f956360fd4a86ba13381435c8bd0cc2f3c7cadef8e1cab28d3696d47693cfa5cee28e31ff949e4eaccbe95cbe375e3ecc5a366caa231a867113074f139384ce41054d62c9601738d7e0372a4570925e2133bb2856d76d91850c6ffe599e5f5f8ce35e65bf2608665114d1b0cf9ab08e98f9f63ddb16bbd697e0bdb2b5dbce13fb5760065c5d9332774d91d9338297f6fef17ede34512caac4e2c787c06a020b32a4bf9cfb52a4784c7dcee9f9b3646553473a433b41d9fef378bc8d82ffdbbeb6a04e1cb67443c458ed05f5de9ed11c260208988ae1d8c74eb711d13ca307bce2330a2b6b42eb80e9abe94370b87b1f2f3ac60042978201e2a0e883af18df00b5df606ed352c9f75ddbb445ea4660a9be4fbd105ff2a74293341e5b99815e5d0eea9ee5bb6dfe4bd8d12833d4d636f08b35065cb46ef63967c1e083de75ae1f792974b9b21ade95dd53740a6b9dd6008a51f09a170ba6e863311f8d5859efcb748f2ae6802e14a5830ff638a0e998a963a5d9bc527c1f1ea4145225a6b1b99f1bd74ecfd11e52fec815dd00e0574fef34af2bcb0897e0ea1f2bfb6d62a96b5936fe0a697e2a7997c2b51d39756d5cc312dc117208b6a695aca0e9f972d1a90b573ec809d3bb130c8a5d5320a316f9f479c4fcea94fe224d383f798ac6547c1fe15e16fb4a927dfeaec1b7bc4168eeba887b5c39e8deb07b9fe06bf09aee0d0327fa60d3dd8174d59a37566fcfe2f3df69a6989d3be4fcebdefa8d0ab86a436c7c7b1ea9370983225e0e9e4e26587d3faf0ede550b1889b978522c6bd064837ed110c7c84af29f32f260293596623b862cb3818809535d596e3477feefc0ef25a5edc2fde49db5ba107776d83a551cd3934f6e13d85ad091dc29d46cdc608f579bf1d7d940f0bacbea9d71106cf4f075f95243f8e2eb94d411df64e094652580e48201e52b1fd0b8ca464640ddf4f78c8cf2266130ebcc0ea432b376c7d4cce9a66131d0a8112cf7ba8e51b994235041f55d7c93208f81bafd380008fc712af55bd9db49383830999ada08bd0d5e5b7b11603c5b4c774d32e1764988165374116f4818478c8d570cf96eca65a40f43505a623d9c25b780784e46c4d95faba1ba7fb7c35f018fa945c8d4e05ba99986696e7503998b0fc0c1d97fefcae13e155f72b93a3997f6a9735551959d245b73a2b997211a6fdd0481e3eae3d84e6562e1659d1264dac34aab35127a5235507a9d75530e22e08bd058fe3ed3005988b22bce22251971c696a972f45db94303611a8ca24e8c38372a229dcb114f960b14699f7e0c0603c171622785e9d07e7a65afe2e51c18f0c1f843f9e9c3aeaabdc07c1ba7e8b68f45915f0e9a7b5450608e308f802d944cb73fc10c1cb4087b4db27c29441d5da1838e59d0da38e0604c505f9487a4e3e119224fc596377b6668a782691bc9ba85b61f1ff80ebfcee5732686fd70ca210e232303ade3584d475d0aaa9f127c115738c40ad5a17777f059a01b8f6c92684d33ccd185425fb6b015a967c785705e2c08fe7f93812c3133dff89ddadee3131858624953c142308b215eabad1a7afe9be4a2aeb93a4aa3cb4234dc980e2a5e49d7af29a5c22d32cc88cce71883fc352c63ae3e578c7cf968c6c8612a9c7730220b800f0b9f602e1dd682322b546a998ec77a1c92c700a7a1d191312d10f61559612aef969f84d9916da00b8da5d2f0b6a68c18cb70b20df3c79153bb89cbb1015fd76d78e30747c4efc81a2257596e9507831a5e7d3d10fd6bc3bbce6d3d00394657a03935badd5585cd44e1a67cdff3c1d1fc861be705705df524849f8d0a9641b4b342ab758793a25cccf83f5162322b2aed820f9cfc60979f0ff80bb59ca0d8f3b132d5aa63e91b4f0bf55ab5da907dcd67ab9e0f5d050b80cad7f3d0bcc5793befe5dd094284a7f157e5e3267fa06f556ba82e26f63fce71b91ddaa690b61c6cf0f58e039a5f6d0cb4945b5d3bddf31d77fe962dc6cc42e22b6c2c2d8734ed2577be37575e277e264b1a54d61f26db7ed560a13c848981793bd94c7eda7693495df7769f5f1d14b2f6ce3f85d0e8a41c500210f1ba3a0c0b156e9bd8b37c970f7a479e710b96b5e35f75e0a34d8798095a61d69c5a4b35fa44bc70e381a5bf3a20e56fbcc32c11d55329da6340c1baa87f3623063957bb25a029fdcf6da1fc05cbd659ba81c330da10dc6d460c4027a0b35dcdffd5e811e2dc4d15d3ae1961fc26fa3608083a2313b854155967103f32c48b7bc61ab0397ae383aa3e96f3c2bd92fde30965c5bc9df9d6a1ae5662d48933eea59bfeb5ab3eeed8a00424a2c373034ef06b6e434a6900cb89ebfdd97a2732926cf603f3ff888c2136c39a6faad4a2ba5e4cddec75baa9a0dc8a5980335cb908da688b3e101bf129fd77ee679914c296b2d1b7b5e83d1646544b0abf19320298322a6a9151e14af4f88dcfa897cdb2122f43be42f6f313a96ac0f5172ad55706b487e9c26f171dfbed10d549079704e9d1f4aa20cd7825a9271a72592fdbcce7e6176ea4bd42f2742fffbca1fc9a4f1ebb0ca796f7c6b355fcfe76142e04c14c8857be495484859aa82e475c279519965505c4c5a03c0523a68468b5ac8c5a9427570563fddee225811592ad77df7bfa46491b907d7e5c9a007a3258c5bf33bed4e879c3cae1128963ac44a82797dbdf642d2fa10278372e2a02365fcdb0f502ebfcdc05e25a611c81268cd6cd3b6a084cd0df2f42fb7dd6d70164083d028030c9bb51d96d3082ad81895fc2cc134296122cfd332f67f1d4407d185dccf4bcf0cda9118627914af0ece4f1271c1a3790abdc79c79e0675a642246bb2c60fbc583ff6100125225f4fc6e205e24ca2839e5e12af57e8aa2172c20c47a0b7ecf7a616667e3ba9f9517217f18105928dd3438735347357a41121f9f", 0x1000, 0x7, 0x2c5e, 0x0, 0xe6, 0xfffffffb, &(0x7f00000008c0)="3fa763de5a5df657206e032bf510acff4e87617283a27efcd71ca50fa73174950f8bc88d1e74d55f7159ef08f90d6c62d985a596e1c2e5e91859d6966bbba9ddbbd8fcf6ffc7c48eae599df4a154183deb55cf1d82ba85be4ab3b1ae426ff19aaae7675e836bc1981c6d5de5781189a268f18157e0526b5c000634a2f710e676717345be7fc344bf001e83200d2a8620e3091d8751febc0d043bd6c3bfc6bff386cc4eceabe7b5e4eac9486afc079401a37ac79dc84069768ca0a951de285bbdec32bca1072393f05ab5e0"}) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000540)={'team0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$USBDEVFS_RELEASE_PORT(0xffffffffffffffff, 0x80045519, &(0x7f0000000500)=0xffffff40) bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) r5 = dup(r4) ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x0, 0x0, 0x0, 0x403}}) syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000a40)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c7", 0x7f}, {&(0x7f0000000c00)="316f825a3d29f96a2093a917016e0283e3e9a3e2ae7391b7c0d62f8715f33a0a3d68db3659bc9c0cfa0e40d07b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f73430670040cdd4b16742e94b62f4eb1c01000000f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4a9f77a486e10d1d50e44155790748b7226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67b1cd03b076bf90286b63eb7aaea4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74afa52db1ac07f7cce47d5e8ce5b2806ff7171c64a689a0ba35e934506a46a10b9a579dc43630831e2c5400853b58e00ed35a858d44b25d5b8dad1be420467333d9ce17dddc425dad69c4c9395a5c170170a4fa63091786e2a563e3d5982a73c15edf854046e1a33b2728e74c856a58ba74c80f4f4166ac51d720f507c2c205ef5a04370c77928dfde47e15d533060084d4fc271eab837367369218b1bfc59752696396f49c2f58268000000000000000000", 0x1a3}, {&(0x7f0000000700)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd", 0xc9}], 0x3}}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000002c0)="a48ddda58f0c3202e4331de15e27c2f6b69ccda5c86d79ec8171a6447231bbf9a1a064d718209a1013baec29196d3ae2707e8d813dc1c962f5edc8a102000000684b", 0x42}], 0x1}}], 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendmsg$inet(r0, 0x0, 0x24000090) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 864.383996ms ago: executing program 4 (id=3482): r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") r1 = open(&(0x7f00000000c0)='./bus\x00', 0x24142, 0x0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x60302, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0) r6 = dup(r5) r7 = open(&(0x7f0000000000)='./bus\x00', 0x44542, 0x0) sendfile(r6, r7, 0x0, 0x8000fffffffe) sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r4, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x18, 0x140a, 0x400, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000004}, 0x11) vmsplice(r0, &(0x7f0000000140), 0x0, 0x2) ftruncate(r3, 0x2007ffd) r8 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000003200)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec06000000000000002176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f3cc2b0da31fa21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf1683010000ddbe2255d6a0244d35b213bca84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e03564f7f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf05003f6cded6a2f8550b973b818184ebad0485fbaa816e3b26199d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c10a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d02000000a3ff4f8a4cf796b07a6ff61c5d52417fd703f7f14d8b78ac02ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c9ad943e392955f4f979ea13201bafe4f0f6ea5080000000cdcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12289ee34463aaf28345bd168b4177ce37ed85464c31799053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b0030000000000ea8809820000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f55e550fafa4cedd763ada3104f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2a81425ef1b71c1d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efc794874eac73381e6f523d9c8c21578fe3245097c280abe51427b9f6cd72b51b7689969c72fb632d1c072492d9da6d0252803c66730cd5eac907f09b9695906313f88735fce513974a24eee239baa91322608c6fc01e1b9e16587bb5f721303e6b89000000fa08ad0731c4b839688b22c4da2a6bc4cf45dbeea042f9b33393f85a0417854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296ac2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692baffffffff5c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b042d84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf53928867d596987024952b698d4a01c08aca45ea8727b"], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9) syz_open_dev$evdev(0x0, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) timer_delete(0x0) sendfile(r3, r4, 0x0, 0x1000000201005) sendfile(r1, r2, 0x0, 0x47a752ba) 849.540037ms ago: executing program 1 (id=3483): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$nl_route(0x10, 0x3, 0x0) open$dir(&(0x7f0000000140)='./file1\x00', 0x212000, 0x1c) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4a8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext, 0x80, 0x1, 0x1, 0x4, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x80040, 0x0) accept$unix(0xffffffffffffffff, &(0x7f0000000500)=@abs, &(0x7f0000000000)=0x6e) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r3, 0x7, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffffb, 0x0, 0xffffffffffffffff}) 747.156786ms ago: executing program 1 (id=3484): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000004c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) mbind(&(0x7f0000126000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x2) setresuid(0x0, 0x0, 0x0) 746.930986ms ago: executing program 2 (id=3485): r0 = socket$nl_route(0x10, 0x3, 0x0) rseq(0x0, 0x0, 0x0, 0x0) epoll_create(0x7) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r1, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r2 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x58, &(0x7f0000000100)={[{@abort}, {@bh}, {@nomblk_io_submit}, {@stripe={'stripe', 0x3d, 0x4ffff}}, {@norecovery}, {@minixdf}, {@nobh}]}, 0xfe, 0x799, &(0x7f00000001c0)="$eJzs3c1rHGUYAPBnNp+m1UYQbL00Jy2UbtoaWwWh8SSChYKebcNmG2I22ZLdlCbkYBFBEEGLB0Evnv2oN28ievZv8CIiLVXTYsWDrMx+JJtukm7TTdI2vx9M8r4zs/PMs7Pzvu/uDLsB7FpD6Z9MxIGI+CiJ2Fefn0RET7XUHTFaW+/20mIunZKoVN74M6muc2tpMRdNj0ntqVf2R8SP70UczrTGLc0vTI0VCvnZen24PH1huDS/cGRyemwiP5GfOXFsZOT4yRdOnuhcrn//vLD3+sevPvfN6L/vPn31w5+SGI299WXNeXTKUAzVn5Oe9Cms+b7TUR4MyU7vAJuSnppdtbM8DsS+6KqWAIBHWdr/VwCAXSbR/wPALtP4HODW0mKuMe3sJxLb68YrEdFfy79xfbO2pLt+za6/eh104Fay6spIEhGDHYi/PyI+/+6tr9Iptug6JMBa3rkcEecGh1rb/2TlnoVNOtrGOkN31LV/sH1+SMc/L641/sssj39ijfFP3xrn7mYMRfTWN1fVev5nrq0K2nCqA8Hr47+Xa/e2pYk2jf+Wb1ob7KrXHk8rByNispBP27YnIuJQ9PSdnyzkj20Q49DN/26ut2yoafz315W3v0zjp/9X1shc6+5b/ZjxsfLY/eTc7MbliGe6V+7tu93S/jeOeuv498xGGz64Unztpfc/W2+1NP8038bUmv/WqnwR8WysnX9DsuH9icPp4T9a+7t2jG9//XRgvfjNxz+d0viN9wLbIT3+AxvnP5g0369Z6mz8u+e//Ppf3qH09d+bvFkt99bnXRorl2ePRfQmr7fOP76ytUa9sX6af23Di72xKv+V9i9Zo/1L3xOeazPH7ut/fL35/LdWmv/4PR3/ey9cvT3VtV789o7/SLV0qD6nnfav3R28n+cOAAAAAAAAAAAAAAAAAAAAAAAAANqViYi9kWSyy+VMJput/Yb3UzGQKRRL5cPni3Mz41H9rezB6Mk0vupyX62eNL7/dLCpfvyO+vMR8WREfNL3WLWezRUL4zudPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU7Vnn9/9Tv/ft9N4BAFumv2VOpVKpNNdv5jdcDAA8dFr7fwDgUaf/B4DdR/8PALuP/h8Adh/9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvszOnT6VT5Z2kxl9bHL87PTRUvHhnPl6ay03O5bK44eyE7USxOFPLZXHH6btsrFIsXRmJm7tJwOV8qD5fmF85OF+dmymcnp8dOxdl8z7ZkBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3pjS/MDVWKORnH4nCBxHxAOyGQmcLvx35Zf9G61y5y8t4tI1Y/fUT4gFJeecLO9wwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwk/g8AAP//Ez0kyA==") r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_ASSOCIATE(r2, &(0x7f0000001ac0)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001a80)={&(0x7f0000001a40)=ANY=[@ANYRES16=0x0, @ANYBLOB="8a2d2dbd7000ffdbdf252600000008000300", @ANYRES32=0x0, @ANYBLOB="1000b000000007000000fdff424101010a004f030000000d1898dc0004009300"], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x20004000) r4 = dup3(r3, r3, 0x80000) openat$incfs(r4, &(0x7f0000000d40)='.log\x00', 0x80100, 0x4) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = timerfd_create(0x7, 0x0) r6 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil) shmat(r6, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff) shmat(r6, &(0x7f0000589000/0x1000)=nil, 0x2000) shmctl$IPC_INFO(r6, 0x3, 0x0) fcntl$dupfd(r4, 0x406, r4) syz_emit_ethernet(0x346, &(0x7f0000000980)=ANY=[@ANYBLOB="757e938fd660aaaaaaaaaabb86dd6012000803103300fe8000000000000000000000000000bbff020000000000000000000000000001040090780000000060752a4900000000fe8000000000000000000000000000aaff0100000000000000000000000000015c12010800000000ff020000000000000000000000000001fe80000000000000000000000000001bfe80000000000000000000000000001efc010000000000000000000000000001fe8000000000000000000000000000bbff020000000000000000000000000001fe80000000000000000000000000000ffe800000000000000000000000000022ff010000000000000000000000000001061300000000000006963714177457916b03c5c0fe5fb84ba7e93a4c4c8c4239e9ea2abb06e3e7d3cd387c64cf869ef57234badc8e80e0a2c0ba5dd72755ab350cdca3b272d0776c2bfa2c26c611a5d54ef25c0dae1a43431addcff2efe21e2f5a698bad70e249ed9df9cfc5d831d240a834132afa46ed2f493e4d9aa744e71d5bf935abfb97938cc6812e05f494d6b24868988d361f06a2dec44838dc64a5d53b003f3068000000930a000000000000c204000001010502ca290401b001040000000007180000000304080300050000000000000000000100000000000502fc00c20400000006c910fe8000000000000000000000000000bbc204000000070502024800000000002f12020100000000ff02000000000000000000000000000100000000000000000000000000000000fe88000000000000000000000000010100000000000000000000000000000000fe80000000000000000000000000002c00000000000000000000ffffac1e000100000000000000000000000000000000fe8000000000000000000000000000bbff0200000000000000000000000000013312030400000000fc020000000000000000000000000000fe880000000000000000000000000001fe8000000000000000000000000000bb2001000000000000000000000000000200000000000000000000000000000001fe880000000000000000000000000101fe88000000000000000000000000010100000000000000000000000000000001fe8000000000000000000000000000aa3c0020"], 0x0) accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) timerfd_settime(r5, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x3938700}}, 0x0) read(r5, &(0x7f0000000100)=""/206, 0xce) open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) 733.239737ms ago: executing program 1 (id=3486): r0 = open(&(0x7f0000000140)='./file0\x00', 0xc2, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) dup2(r1, r0) mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) (fail_nth: 15) 630.877656ms ago: executing program 0 (id=3487): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f600"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="600000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800e00010069703665727370616e0000002c0002801400180000000000000000000000000000000001050016000200000004001200050017"], 0x60}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x50, 0x0, 0x9, 0x3, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x2}}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x24, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x50}}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r2}, 0x10) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x0, 0x0) 618.428297ms ago: executing program 1 (id=3488): r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") r1 = open(&(0x7f00000000c0)='./bus\x00', 0x24142, 0x0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x60302, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0) r6 = dup(r5) r7 = open(&(0x7f0000000000)='./bus\x00', 0x44542, 0x0) sendfile(r6, r7, 0x0, 0x8000fffffffe) sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r4, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x18, 0x140a, 0x400, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000004}, 0x11) vmsplice(r0, &(0x7f0000000140), 0x0, 0x2) ftruncate(r3, 0x2007ffd) r8 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000003200)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec06000000000000002176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f3cc2b0da31fa21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf1683010000ddbe2255d6a0244d35b213bca84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e03564f7f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf05003f6cded6a2f8550b973b818184ebad0485fbaa816e3b26199d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c10a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d02000000a3ff4f8a4cf796b07a6ff61c5d52417fd703f7f14d8b78ac02ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c9ad943e392955f4f979ea13201bafe4f0f6ea5080000000cdcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12289ee34463aaf28345bd168b4177ce37ed85464c31799053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b0030000000000ea8809820000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f55e550fafa4cedd763ada3104f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2a81425ef1b71c1d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efc794874eac73381e6f523d9c8c21578fe3245097c280abe51427b9f6cd72b51b7689969c72fb632d1c072492d9da6d0252803c66730cd5eac907f09b9695906313f88735fce513974a24eee239baa91322608c6fc01e1b9e16587bb5f721303e6b89000000fa08ad0731c4b839688b22c4da2a6bc4cf45dbeea042f9b33393f85a0417854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296ac2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692baffffffff5c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b042d84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf53928867d596987024952b698d4a01c08aca45ea8727b"], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9) syz_open_dev$evdev(0x0, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) timer_delete(0x0) sendfile(r3, r4, 0x0, 0x1000000201005) sendfile(r1, r2, 0x0, 0x47a752ba) 545.422343ms ago: executing program 0 (id=3489): socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000280)={0xa, 0x2, 0x0, @loopback, 0x9}, 0x1c) sendto$inet6(r1, &(0x7f0000000500)="044aac2f202c5feda71e039a57a93088fdcce4afe28aac61837792741a190670ccbe1a2b00aa77a87d56a3f12c7920ad02928a5dac14e5b896f000fcf6521928480be9af82613a5c661f4110adba358afd8b5b4ef1702051e393ede2698112a1f1bdf1d0f568546ed322ab4c53545bd2cd6e48522f0c154cb3c6864dc30ae921db100f1ee97a234503338f8fdf356472da0c7ab62f274f34a9e42d07d80ec4500490af81ec29d06ff32465ad17a550f034fff344f609c9c3bd09aec89a9756c2de823523a0089d1bed", 0xfffffffffffffeca, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @rand_addr, 0x40}, 0x1c) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000640)=ANY=[], 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) recvmsg(r1, &(0x7f00000008c0)={0x0, 0x4, &(0x7f0000000840)=[{&(0x7f0000000040)=""/50, 0xfffffe72}, {&(0x7f0000000240)=""/52, 0x34}, {&(0x7f0000000780)=""/129, 0x80}, {&(0x7f0000000300)=""/68, 0x44}, {&(0x7f0000000380)=""/121, 0x79}, {&(0x7f0000000400)=""/183, 0xb7}], 0x6}, 0x40000110) 300.342854ms ago: executing program 3 (id=3490): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$nl_route(0x10, 0x3, 0x0) open$dir(&(0x7f0000000140)='./file1\x00', 0x212000, 0x1c) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4a8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext, 0x80, 0x1, 0x1, 0x4, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x7d) openat$cgroup_ro(r2, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x80040, 0x0) r3 = accept$unix(r2, &(0x7f0000000500)=@abs, &(0x7f0000000000)=0x6e) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) clock_adjtime(0x4, 0x0) recvfrom$unix(r3, &(0x7f0000000200)=""/173, 0xad, 0x1, &(0x7f00000002c0)=@file={0x1, './file0\x00'}, 0x6e) getresgid(&(0x7f0000000000), &(0x7f0000000180), &(0x7f0000000140)) socket$packet(0x11, 0x2, 0x300) perf_event_open(&(0x7f0000001a00)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x329}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) ioctl$sock_SIOCGIFBR(r5, 0x8940, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r6, 0x7, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffffb, 0x0, 0xffffffffffffffff}) r7 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) setsockopt$inet_dccp_buf(r7, 0x21, 0x0, &(0x7f0000000380)="f926d7dce6ebeadfb0426fbceb86491c472aa68f6615fa646346f5921dca4d46c9882167f8df7456f2e8dd92add99af596061154f662ca8e862886db521d6350a41a7ad2d04b908971e7ad4d4caf7aed5be33f35c6d9ed67b514d8fe896510f9e99f223565a9c3e44d2f6b219bcaf1d4e4566e24e17ab468bf9b", 0x7a) creat(&(0x7f0000000440)='./control/file0\x00', 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r8, &(0x7f0000005900)={0x0, 0x0, &(0x7f00000058c0)={&(0x7f0000005840)={0x34, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @gre}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}]}, 0x34}}, 0x0) 180.104335ms ago: executing program 3 (id=3491): getpgrp(0x0) 7.872319ms ago: executing program 3 (id=3492): r0 = open(&(0x7f0000000000)='./bus\x00', 0x145542, 0x0) fgetxattr(r0, &(0x7f0000001e40)=@known='security.selinux\x00', 0x0, 0x0) 0s ago: executing program 3 (id=3493): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000001800dd8d00000000000000000200001000000006"], 0x24}}, 0x0) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r2, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f0000000180)=[0x0, 0x0], &(0x7f00000001c0)=[0x0], 0x0, 0x57, &(0x7f0000000200)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000280), &(0x7f00000002c0), 0x8, 0x8, 0x8, 0x8, &(0x7f0000000300)}}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, r3, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90) socket$inet_udp(0x2, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) kernel console output (not intermixed with test programs): 49.839425][T14364] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3010: inode #19: comm syz.3.2957: mark inode dirty (error -117) [ 249.854007][T14364] EXT4-fs warning (device loop3): ext4_evict_inode:271: xattr delete (err -117) [ 249.867394][T14384] netlink: 'syz.0.2962': attribute type 1 has an invalid length. [ 249.875178][T14384] netlink: 'syz.0.2962': attribute type 2 has an invalid length. [ 249.902969][ T5941] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.960143][T14388] loop0: detected capacity change from 0 to 2048 [ 249.988341][T14388] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.016090][T14398] loop3: detected capacity change from 0 to 2048 [ 250.023049][T14398] EXT4-fs: Ignoring removed bh option [ 250.028598][T14398] EXT4-fs: Ignoring removed nomblk_io_submit option [ 250.040919][T14398] EXT4-fs: Ignoring removed nobh option [ 250.057596][T14398] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.084675][T14398] EXT4-fs error (device loop3): __ext4_remount:6491: comm syz.3.2969: Abort forced by user [ 250.130583][T14401] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 250.130612][T14398] EXT4-fs (loop3): Remounting filesystem read-only [ 250.152159][T14401] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 250.164489][T14401] EXT4-fs (loop0): This should not happen!! Data will be lost [ 250.164489][T14401] [ 250.174167][T14401] EXT4-fs (loop0): Total free blocks count 0 [ 250.180171][T14401] EXT4-fs (loop0): Free/Dirty block details [ 250.186106][T14401] EXT4-fs (loop0): free_blocks=2415919104 [ 250.191816][T14401] EXT4-fs (loop0): dirty_blocks=2624 [ 250.197135][T14401] EXT4-fs (loop0): Block reservation details [ 250.203107][T14401] EXT4-fs (loop0): i_reserved_data_blocks=164 [ 250.210626][T14401] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 250.279274][T14410] netlink: 244 bytes leftover after parsing attributes in process `syz.2.2972'. [ 250.304435][T14412] loop4: detected capacity change from 0 to 512 [ 250.307119][T14414] netlink: 'syz.2.2974': attribute type 1 has an invalid length. [ 250.318501][T14414] netlink: 'syz.2.2974': attribute type 2 has an invalid length. [ 250.340302][T14412] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.370356][T14412] ext4 filesystem being mounted at /176/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 250.379664][T14422] loop2: detected capacity change from 0 to 512 [ 250.396790][T14422] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.409463][T14422] ext4 filesystem being mounted at /437/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 250.420735][T10622] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.433615][T14422] netlink: 'syz.2.2977': attribute type 10 has an invalid length. [ 250.450513][T14422] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #19: comm syz.2.2977: corrupted inode contents [ 250.486506][T14422] EXT4-fs error (device loop2): ext4_dirty_inode:6014: inode #19: comm syz.2.2977: mark_inode_dirty error [ 250.511306][T14422] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #19: comm syz.2.2977: corrupted inode contents [ 250.543607][T14422] EXT4-fs error (device loop2): ext4_xattr_delete_inode:3007: inode #19: comm syz.2.2977: mark_inode_dirty error [ 250.582673][T14422] EXT4-fs error (device loop2): ext4_xattr_delete_inode:3010: inode #19: comm syz.2.2977: mark inode dirty (error -117) [ 250.617718][T14422] EXT4-fs warning (device loop2): ext4_evict_inode:271: xattr delete (err -117) [ 250.667205][ T5886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.847004][ T5941] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.892813][T14447] netlink: 'syz.3.2986': attribute type 1 has an invalid length. [ 250.894093][T14446] loop4: detected capacity change from 0 to 512 [ 250.900636][T14447] netlink: 'syz.3.2986': attribute type 2 has an invalid length. [ 250.957666][T14446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.991658][T14446] ext4 filesystem being mounted at /180/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 251.017431][T14463] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2985'. [ 251.033312][T14465] loop3: detected capacity change from 0 to 512 [ 251.034333][T14467] loop2: detected capacity change from 0 to 2048 [ 251.046301][T14467] EXT4-fs: Ignoring removed bh option [ 251.051710][T14467] EXT4-fs: Ignoring removed nomblk_io_submit option [ 251.060277][T14467] EXT4-fs: Ignoring removed nobh option [ 251.073118][T14469] loop0: detected capacity change from 0 to 2048 [ 251.084989][T10622] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.094400][T14465] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.107546][T14465] ext4 filesystem being mounted at /449/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 251.120150][T14467] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.122971][T14469] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.145031][T14467] EXT4-fs error (device loop2): __ext4_remount:6491: comm syz.2.2996: Abort forced by user [ 251.150356][T14465] netlink: 'syz.3.2995': attribute type 10 has an invalid length. [ 251.163322][T14467] EXT4-fs (loop2): Remounting filesystem read-only [ 251.172158][T14465] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.2995: corrupted inode contents [ 251.193200][T14465] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #19: comm syz.3.2995: mark_inode_dirty error [ 251.206510][T14465] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.2995: corrupted inode contents [ 251.218615][T14465] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3007: inode #19: comm syz.3.2995: mark_inode_dirty error [ 251.238411][T14465] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3010: inode #19: comm syz.3.2995: mark inode dirty (error -117) [ 251.254249][T14480] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 251.269808][T14480] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 251.272027][T14465] EXT4-fs warning (device loop3): ext4_evict_inode:271: xattr delete (err -117) [ 251.282080][T14480] EXT4-fs (loop0): This should not happen!! Data will be lost [ 251.282080][T14480] [ 251.282104][T14480] EXT4-fs (loop0): Total free blocks count 0 [ 251.307087][T14480] EXT4-fs (loop0): Free/Dirty block details [ 251.313164][T14480] EXT4-fs (loop0): free_blocks=2415919104 [ 251.318918][T14480] EXT4-fs (loop0): dirty_blocks=3008 [ 251.324285][T14480] EXT4-fs (loop0): Block reservation details [ 251.330586][T14480] EXT4-fs (loop0): i_reserved_data_blocks=188 [ 251.338793][T14480] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 251.339168][ T5941] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.669058][T14500] netlink: 244 bytes leftover after parsing attributes in process `syz.3.3007'. [ 251.820764][T14506] loop3: detected capacity change from 0 to 512 [ 251.863841][ T5886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.886022][T14506] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.904487][T14488] loop1: detected capacity change from 0 to 2048 [ 251.911053][T14506] ext4 filesystem being mounted at /459/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 251.928668][T14506] netlink: 'syz.3.3010': attribute type 10 has an invalid length. [ 251.937428][T14506] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.3010: corrupted inode contents [ 251.950119][T14506] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #19: comm syz.3.3010: mark_inode_dirty error [ 251.963300][T14506] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.3010: corrupted inode contents [ 251.975383][T14506] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3007: inode #19: comm syz.3.3010: mark_inode_dirty error [ 251.987835][T14506] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3010: inode #19: comm syz.3.3010: mark inode dirty (error -117) [ 252.002360][T14506] EXT4-fs warning (device loop3): ext4_evict_inode:271: xattr delete (err -117) [ 252.019162][T14488] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.048725][ T5941] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.224207][T14527] netlink: 244 bytes leftover after parsing attributes in process `syz.2.3018'. [ 252.296394][ T6291] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.313279][T14535] loop0: detected capacity change from 0 to 2048 [ 252.346720][T14535] EXT4-fs: Ignoring removed bh option [ 252.352219][T14535] EXT4-fs: Ignoring removed nomblk_io_submit option [ 252.366511][T14541] netlink: 244 bytes leftover after parsing attributes in process `syz.1.3023'. [ 252.375921][T14535] EXT4-fs: Ignoring removed nobh option [ 252.386346][T14543] loop2: detected capacity change from 0 to 2048 [ 252.406237][T14535] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.427984][T14543] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.440942][T14535] EXT4-fs error (device loop0): __ext4_remount:6491: comm syz.0.3022: Abort forced by user [ 252.456316][T14535] EXT4-fs (loop0): Remounting filesystem read-only [ 252.525146][T14551] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 252.554706][T14551] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 252.567066][T14551] EXT4-fs (loop2): This should not happen!! Data will be lost [ 252.567066][T14551] [ 252.576704][T14551] EXT4-fs (loop2): Total free blocks count 0 [ 252.582685][T14551] EXT4-fs (loop2): Free/Dirty block details [ 252.588598][T14551] EXT4-fs (loop2): free_blocks=2415919104 [ 252.594301][T14551] EXT4-fs (loop2): dirty_blocks=3488 [ 252.599598][T14551] EXT4-fs (loop2): Block reservation details [ 252.605646][T14551] EXT4-fs (loop2): i_reserved_data_blocks=218 [ 252.612580][T14551] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 252.731592][T14557] loop4: detected capacity change from 0 to 2048 [ 252.748885][T14557] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.835267][T14565] netlink: 244 bytes leftover after parsing attributes in process `syz.3.3031'. [ 252.852773][T14566] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 252.895002][T14566] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 252.907337][T14566] EXT4-fs (loop4): This should not happen!! Data will be lost [ 252.907337][T14566] [ 252.917046][T14566] EXT4-fs (loop4): Total free blocks count 0 [ 252.923052][T14566] EXT4-fs (loop4): Free/Dirty block details [ 252.928992][T14566] EXT4-fs (loop4): free_blocks=2415919104 [ 252.934780][T14566] EXT4-fs (loop4): dirty_blocks=2368 [ 252.940062][T14566] EXT4-fs (loop4): Block reservation details [ 252.946086][T14566] EXT4-fs (loop4): i_reserved_data_blocks=148 [ 252.956436][T14566] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 253.138226][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.504910][ T29] kauditd_printk_skb: 212 callbacks suppressed [ 253.504925][ T29] audit: type=1326 audit(1725028974.863:10221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14590 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 253.591174][ T29] audit: type=1326 audit(1725028974.893:10222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14590 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 253.614863][ T29] audit: type=1326 audit(1725028974.903:10223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14590 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 253.638537][ T29] audit: type=1326 audit(1725028974.903:10224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14590 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 253.662118][ T29] audit: type=1326 audit(1725028974.903:10225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14590 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 253.685683][ T29] audit: type=1326 audit(1725028974.903:10226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14590 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 253.709266][ T29] audit: type=1326 audit(1725028974.903:10227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14590 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 253.732917][ T29] audit: type=1326 audit(1725028974.903:10228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14590 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 253.756501][ T29] audit: type=1326 audit(1725028974.903:10229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14590 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 253.780090][ T29] audit: type=1326 audit(1725028974.903:10230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14590 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 253.852290][T14570] loop3: detected capacity change from 0 to 2048 [ 253.897056][T14570] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.004443][T14600] loop4: detected capacity change from 0 to 2048 [ 254.011178][T14600] EXT4-fs: Ignoring removed bh option [ 254.016702][T14600] EXT4-fs: Ignoring removed nomblk_io_submit option [ 254.026495][T14600] EXT4-fs: Ignoring removed nobh option [ 254.054725][T14600] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.078714][T14600] EXT4-fs error (device loop4): __ext4_remount:6491: comm syz.4.3045: Abort forced by user [ 254.089005][T14600] EXT4-fs (loop4): Remounting filesystem read-only [ 254.101253][ T5941] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.226612][T14611] loop0: detected capacity change from 0 to 512 [ 254.231530][T14613] loop1: detected capacity change from 0 to 2048 [ 254.246863][T14611] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 254.259121][T14611] EXT4-fs (loop0): invalid journal inode [ 254.265842][T14613] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.268898][T14611] EXT4-fs (loop0): can't get journal size [ 254.295360][T14611] EXT4-fs (loop0): 1 truncate cleaned up [ 254.301428][T14611] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.302153][T14622] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14622 comm=syz.3.3054 [ 254.332306][T14611] 9pnet_fd: Insufficient options for proto=fd [ 254.340544][T14623] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 254.355521][T14623] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 254.367886][T14623] EXT4-fs (loop1): This should not happen!! Data will be lost [ 254.367886][T14623] [ 254.377550][T14623] EXT4-fs (loop1): Total free blocks count 0 [ 254.383598][T14623] EXT4-fs (loop1): Free/Dirty block details [ 254.389513][T14623] EXT4-fs (loop1): free_blocks=2415919104 [ 254.395321][T14623] EXT4-fs (loop1): dirty_blocks=2080 [ 254.400630][T14623] EXT4-fs (loop1): Block reservation details [ 254.406632][T14623] EXT4-fs (loop1): i_reserved_data_blocks=130 [ 254.414111][T14623] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 254.421699][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.445939][T14626] netlink: 87 bytes leftover after parsing attributes in process `syz.3.3056'. [ 254.492659][T14630] netlink: 'syz.3.3057': attribute type 1 has an invalid length. [ 254.492929][T14628] loop0: detected capacity change from 0 to 2048 [ 254.500428][T14630] netlink: 'syz.3.3057': attribute type 2 has an invalid length. [ 254.537904][T14628] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.668519][T14639] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 254.702747][T14639] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 254.715096][T14639] EXT4-fs (loop0): This should not happen!! Data will be lost [ 254.715096][T14639] [ 254.724748][T14639] EXT4-fs (loop0): Total free blocks count 0 [ 254.730764][T14639] EXT4-fs (loop0): Free/Dirty block details [ 254.736700][T14639] EXT4-fs (loop0): free_blocks=2415919104 [ 254.742428][T14639] EXT4-fs (loop0): dirty_blocks=3168 [ 254.747721][T14639] EXT4-fs (loop0): Block reservation details [ 254.753789][T14639] EXT4-fs (loop0): i_reserved_data_blocks=198 [ 254.796304][T14639] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 254.835647][T10622] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.127345][T14650] loop4: detected capacity change from 0 to 128 [ 255.157598][T14650] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 255.281767][T14638] loop3: detected capacity change from 0 to 2048 [ 255.325858][T14654] loop1: detected capacity change from 0 to 512 [ 255.333233][T14654] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 255.342065][T14654] EXT4-fs (loop1): invalid journal inode [ 255.349245][T14654] EXT4-fs (loop1): can't get journal size [ 255.380746][T14638] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.424012][T14654] EXT4-fs (loop1): 1 truncate cleaned up [ 255.435039][T14654] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.520959][T14654] 9pnet_fd: Insufficient options for proto=fd [ 255.725410][T14661] netlink: 'syz.2.3068': attribute type 1 has an invalid length. [ 255.733195][T14661] netlink: 'syz.2.3068': attribute type 2 has an invalid length. [ 255.753494][ T6291] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.199770][T14672] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14672 comm=syz.0.3070 [ 256.284478][T14674] loop0: detected capacity change from 0 to 2048 [ 256.293285][T14674] EXT4-fs: Ignoring removed bh option [ 256.298784][T14674] EXT4-fs: Ignoring removed nomblk_io_submit option [ 256.307402][T14674] EXT4-fs: Ignoring removed nobh option [ 256.326205][T14674] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.340641][T14674] EXT4-fs error (device loop0): __ext4_remount:6491: comm syz.0.3073: Abort forced by user [ 256.351508][T14674] EXT4-fs (loop0): Remounting filesystem read-only [ 257.224105][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.267843][T14686] loop4: detected capacity change from 0 to 128 [ 257.275382][T14686] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 257.289101][T14684] loop2: detected capacity change from 0 to 2048 [ 257.330816][T14694] loop0: detected capacity change from 0 to 256 [ 257.345065][T14694] FAT-fs (loop0): bogus sectors per cluster 255 [ 257.351433][T14694] FAT-fs (loop0): Can't find a valid FAT filesystem [ 257.399244][T14701] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 257.407055][T14703] loop0: detected capacity change from 0 to 512 [ 257.422100][T14701] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 257.434502][T14701] EXT4-fs (loop2): This should not happen!! Data will be lost [ 257.434502][T14701] [ 257.444245][T14701] EXT4-fs (loop2): Total free blocks count 0 [ 257.450305][T14701] EXT4-fs (loop2): Free/Dirty block details [ 257.456219][T14701] EXT4-fs (loop2): free_blocks=2415919104 [ 257.462011][T14701] EXT4-fs (loop2): dirty_blocks=3072 [ 257.467386][T14701] EXT4-fs (loop2): Block reservation details [ 257.473350][T14701] EXT4-fs (loop2): i_reserved_data_blocks=192 [ 257.480449][T14701] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 257.492736][T14701] EXT4-fs (loop2): This should not happen!! Data will be lost [ 257.492736][T14701] [ 257.503628][T14703] ext4 filesystem being mounted at /301/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 257.562320][T14712] loop4: detected capacity change from 0 to 512 [ 257.569649][T14710] loop0: detected capacity change from 0 to 2048 [ 257.578129][T14710] EXT4-fs: Ignoring removed bh option [ 257.583571][T14710] EXT4-fs: Ignoring removed nomblk_io_submit option [ 257.591067][T14710] EXT4-fs: Ignoring removed nobh option [ 257.599281][T14712] ext4 filesystem being mounted at /195/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 257.626100][T14710] EXT4-fs error (device loop0): __ext4_remount:6491: comm syz.0.3086: Abort forced by user [ 257.646333][T14712] netlink: 'syz.4.3087': attribute type 10 has an invalid length. [ 257.654432][T14710] EXT4-fs (loop0): Remounting filesystem read-only [ 257.663378][T14712] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #19: comm syz.4.3087: corrupted inode contents [ 257.675525][T14712] EXT4-fs error (device loop4): ext4_dirty_inode:6014: inode #19: comm syz.4.3087: mark_inode_dirty error [ 257.688367][T14712] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #19: comm syz.4.3087: corrupted inode contents [ 257.762024][T14712] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3007: inode #19: comm syz.4.3087: mark_inode_dirty error [ 257.774451][T14712] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3010: inode #19: comm syz.4.3087: mark inode dirty (error -117) [ 257.795752][T14712] EXT4-fs warning (device loop4): ext4_evict_inode:271: xattr delete (err -117) [ 258.063284][T14728] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3090'. [ 258.216259][T14730] loop1: detected capacity change from 0 to 128 [ 258.228926][T14730] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 258.536049][T14738] netlink: 'syz.0.3097': attribute type 1 has an invalid length. [ 258.543819][T14738] netlink: 'syz.0.3097': attribute type 2 has an invalid length. [ 258.672358][ T29] kauditd_printk_skb: 216 callbacks suppressed [ 258.672375][ T29] audit: type=1326 audit(1725028980.023:10447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14742 comm="syz.0.3099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 258.702351][ T29] audit: type=1326 audit(1725028980.023:10448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14742 comm="syz.0.3099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 258.725989][ T29] audit: type=1326 audit(1725028980.023:10449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14742 comm="syz.0.3099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 258.749615][ T29] audit: type=1326 audit(1725028980.023:10450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14742 comm="syz.0.3099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 258.773290][ T29] audit: type=1326 audit(1725028980.023:10451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14742 comm="syz.0.3099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 258.796799][ T29] audit: type=1326 audit(1725028980.023:10452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14742 comm="syz.0.3099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 258.820373][ T29] audit: type=1326 audit(1725028980.023:10453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14742 comm="syz.0.3099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc73bfa8890 code=0x7ffc0000 [ 258.844304][ T29] audit: type=1326 audit(1725028980.023:10454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14742 comm="syz.0.3099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc73bfa8890 code=0x7ffc0000 [ 258.867993][ T29] audit: type=1326 audit(1725028980.023:10455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14742 comm="syz.0.3099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 258.891642][ T29] audit: type=1326 audit(1725028980.023:10456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14742 comm="syz.0.3099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 259.019754][T14751] loop2: detected capacity change from 0 to 2048 [ 259.029881][T14751] EXT4-fs: Ignoring removed bh option [ 259.035345][T14751] EXT4-fs: Ignoring removed nomblk_io_submit option [ 259.044986][T14751] EXT4-fs: Ignoring removed nobh option [ 259.067438][T14751] EXT4-fs error (device loop2): __ext4_remount:6491: comm syz.2.3098: Abort forced by user [ 259.078943][T14751] EXT4-fs (loop2): Remounting filesystem read-only [ 260.108123][T14771] loop2: detected capacity change from 0 to 256 [ 260.112010][T14769] loop4: detected capacity change from 0 to 2048 [ 260.124506][T14771] FAT-fs (loop2): bogus sectors per cluster 255 [ 260.130928][T14771] FAT-fs (loop2): Can't find a valid FAT filesystem [ 260.131129][T14769] EXT4-fs: Ignoring removed bh option [ 260.143072][T14769] EXT4-fs: Ignoring removed nomblk_io_submit option [ 260.154728][T14769] EXT4-fs: Ignoring removed nobh option [ 260.171732][T14775] loop3: detected capacity change from 0 to 512 [ 260.178982][T14773] loop1: detected capacity change from 0 to 2048 [ 260.195361][T14769] EXT4-fs error (device loop4): __ext4_remount:6491: comm syz.4.3108: Abort forced by user [ 260.197538][T14767] loop0: detected capacity change from 0 to 2048 [ 260.207750][T14769] EXT4-fs (loop4): Remounting filesystem read-only [ 260.222477][T14775] ext4 filesystem being mounted at /481/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 260.249130][T14767] loop0: p1 < > p3 [ 260.261578][T14767] loop0: p3 size 134217728 extends beyond EOD, truncated [ 260.289039][T14788] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3113'. [ 260.308520][T14789] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 260.334232][T14789] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 260.346628][T14789] EXT4-fs (loop1): This should not happen!! Data will be lost [ 260.346628][T14789] [ 260.356336][T14789] EXT4-fs (loop1): Total free blocks count 0 [ 260.362330][T14789] EXT4-fs (loop1): Free/Dirty block details [ 260.368260][T14789] EXT4-fs (loop1): free_blocks=2415919104 [ 260.373985][T14789] EXT4-fs (loop1): dirty_blocks=2208 [ 260.379313][T14789] EXT4-fs (loop1): Block reservation details [ 260.385379][T14789] EXT4-fs (loop1): i_reserved_data_blocks=138 [ 260.400474][T14794] loop0: detected capacity change from 0 to 2048 [ 260.405367][T14789] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 260.413508][T14794] EXT4-fs: Ignoring removed bh option [ 260.419062][T14789] EXT4-fs (loop1): This should not happen!! Data will be lost [ 260.419062][T14789] [ 260.424444][T14794] EXT4-fs: Ignoring removed nomblk_io_submit option [ 260.484808][T14794] EXT4-fs: Ignoring removed nobh option [ 260.589980][T14794] EXT4-fs error (device loop0): __ext4_remount:6491: comm syz.0.3115: Abort forced by user [ 260.600340][T14794] EXT4-fs (loop0): Remounting filesystem read-only [ 261.144215][T14811] loop4: detected capacity change from 0 to 256 [ 261.164211][T14812] loop3: detected capacity change from 0 to 512 [ 261.188089][T14811] FAT-fs (loop4): bogus sectors per cluster 255 [ 261.194503][T14811] FAT-fs (loop4): Can't find a valid FAT filesystem [ 261.347100][T14812] ext4 filesystem being mounted at /488/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 262.273244][T14823] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3127'. [ 262.291599][T14826] loop1: detected capacity change from 0 to 256 [ 262.321179][T14826] FAT-fs (loop1): Directory bread(block 64) failed [ 262.331068][T14826] FAT-fs (loop1): Directory bread(block 65) failed [ 262.352966][T14826] FAT-fs (loop1): Directory bread(block 66) failed [ 262.372906][T14826] FAT-fs (loop1): Directory bread(block 67) failed [ 262.375253][T14843] loop0: detected capacity change from 0 to 256 [ 262.386077][T14837] loop2: detected capacity change from 0 to 2048 [ 262.392645][T14837] EXT4-fs: Ignoring removed bh option [ 262.398113][T14837] EXT4-fs: Ignoring removed nomblk_io_submit option [ 262.404836][T14826] FAT-fs (loop1): Directory bread(block 68) failed [ 262.405090][T14843] FAT-fs (loop0): bogus sectors per cluster 255 [ 262.411349][T14826] FAT-fs (loop1): Directory bread(block 69) failed [ 262.411460][T14826] FAT-fs (loop1): Directory bread(block 70) failed [ 262.417616][T14843] FAT-fs (loop0): Can't find a valid FAT filesystem [ 262.445489][T14837] EXT4-fs: Ignoring removed nobh option [ 262.451912][T14826] FAT-fs (loop1): Directory bread(block 71) failed [ 262.459004][T14826] FAT-fs (loop1): Directory bread(block 72) failed [ 262.466759][T14826] FAT-fs (loop1): Directory bread(block 73) failed [ 262.481355][T14837] EXT4-fs error (device loop2): __ext4_remount:6491: comm syz.2.3134: Abort forced by user [ 262.495054][T14826] lo speed is unknown, defaulting to 1000 [ 262.501525][T14849] loop0: detected capacity change from 0 to 2048 [ 262.517236][T14837] EXT4-fs (loop2): Remounting filesystem read-only [ 262.710307][T14864] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 262.761356][T14866] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3143'. [ 262.774573][T14864] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 262.787033][T14864] EXT4-fs (loop0): This should not happen!! Data will be lost [ 262.787033][T14864] [ 262.796794][T14864] EXT4-fs (loop0): Total free blocks count 0 [ 262.802880][T14864] EXT4-fs (loop0): Free/Dirty block details [ 262.808791][T14864] EXT4-fs (loop0): free_blocks=2415919104 [ 262.814512][T14864] EXT4-fs (loop0): dirty_blocks=736 [ 262.819755][T14864] EXT4-fs (loop0): Block reservation details [ 262.825757][T14864] EXT4-fs (loop0): i_reserved_data_blocks=46 [ 262.930131][T14864] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 262.942440][T14864] EXT4-fs (loop0): This should not happen!! Data will be lost [ 262.942440][T14864] [ 263.194205][T14826] syz.1.3123: attempt to access beyond end of device [ 263.194205][T14826] loop1: rw=2049, sector=1296, nr_sectors = 536 limit=256 [ 263.318642][T14826] syz.1.3123: attempt to access beyond end of device [ 263.318642][T14826] loop1: rw=2049, sector=1864, nr_sectors = 2712 limit=256 [ 263.339361][T14872] loop3: detected capacity change from 0 to 2048 [ 263.349471][T14872] EXT4-fs: Ignoring removed bh option [ 263.354998][T14872] EXT4-fs: Ignoring removed nomblk_io_submit option [ 263.365648][T14826] syz.1.3123: attempt to access beyond end of device [ 263.365648][T14826] loop1: rw=2049, sector=4576, nr_sectors = 112 limit=256 [ 263.404707][T14872] EXT4-fs: Ignoring removed nobh option [ 263.414481][ T7190] kworker/u8:8: attempt to access beyond end of device [ 263.414481][ T7190] loop1: rw=1, sector=1224, nr_sectors = 72 limit=256 [ 263.476243][T14872] EXT4-fs error (device loop3): __ext4_remount:6491: comm syz.3.3146: Abort forced by user [ 263.517207][T14886] netlink: 'syz.2.3152': attribute type 1 has an invalid length. [ 263.521109][T14872] EXT4-fs (loop3): Remounting filesystem read-only [ 263.525028][T14886] netlink: 'syz.2.3152': attribute type 2 has an invalid length. [ 263.561091][T14890] loop4: detected capacity change from 0 to 512 [ 263.568010][T14890] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 263.578836][T14890] EXT4-fs (loop4): invalid journal inode [ 263.584503][T14890] EXT4-fs (loop4): can't get journal size [ 263.614443][T14890] EXT4-fs (loop4): 1 truncate cleaned up [ 263.647660][T14890] 9pnet_fd: Insufficient options for proto=fd [ 263.661707][T14903] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14903 comm=syz.2.3158 [ 263.874022][T14910] netlink: 'syz.2.3161': attribute type 1 has an invalid length. [ 263.881971][T14910] netlink: 'syz.2.3161': attribute type 2 has an invalid length. [ 263.990290][ T29] kauditd_printk_skb: 138 callbacks suppressed [ 263.990345][ T29] audit: type=1400 audit(1725028985.343:10595): avc: denied { create } for pid=14908 comm="syz.4.3160" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=tcp_socket permissive=1 [ 264.361654][ T29] audit: type=1326 audit(1725028985.713:10596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14922 comm="syz.2.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 264.385369][ T29] audit: type=1326 audit(1725028985.713:10597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14922 comm="syz.2.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 264.409064][ T29] audit: type=1326 audit(1725028985.713:10598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14922 comm="syz.2.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 264.432622][ T29] audit: type=1326 audit(1725028985.713:10599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14922 comm="syz.2.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 264.503764][ T29] audit: type=1326 audit(1725028985.853:10600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14922 comm="syz.2.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 264.527483][ T29] audit: type=1326 audit(1725028985.853:10601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14922 comm="syz.2.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 264.551106][ T29] audit: type=1326 audit(1725028985.853:10602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14922 comm="syz.2.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 264.574751][ T29] audit: type=1326 audit(1725028985.853:10603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14922 comm="syz.2.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 264.598957][ T29] audit: type=1326 audit(1725028985.853:10604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14922 comm="syz.2.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 264.645799][T14923] loop4: detected capacity change from 0 to 2048 [ 264.791743][T14935] loop3: detected capacity change from 0 to 512 [ 264.804308][T14936] loop2: detected capacity change from 0 to 128 [ 264.814977][T14935] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 264.830081][T14936] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 264.845305][T14935] EXT4-fs (loop3): invalid journal inode [ 264.854007][T14935] EXT4-fs (loop3): can't get journal size [ 264.863908][T14935] EXT4-fs (loop3): 1 truncate cleaned up [ 264.936896][T14943] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 264.952539][T14943] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 264.964860][T14943] EXT4-fs (loop4): This should not happen!! Data will be lost [ 264.964860][T14943] [ 264.974491][T14943] EXT4-fs (loop4): Total free blocks count 0 [ 264.980525][T14943] EXT4-fs (loop4): Free/Dirty block details [ 264.986501][T14943] EXT4-fs (loop4): free_blocks=2415919104 [ 264.992264][T14943] EXT4-fs (loop4): dirty_blocks=2112 [ 264.997560][T14943] EXT4-fs (loop4): Block reservation details [ 265.003541][T14943] EXT4-fs (loop4): i_reserved_data_blocks=132 [ 265.030427][T14943] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 265.042710][T14943] EXT4-fs (loop4): This should not happen!! Data will be lost [ 265.042710][T14943] [ 265.424205][T14946] 9pnet_fd: Insufficient options for proto=fd [ 266.302946][T14953] loop3: detected capacity change from 0 to 512 [ 266.331064][T14953] ext4 filesystem being mounted at /502/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 266.362817][T14953] netlink: 'syz.3.3175': attribute type 10 has an invalid length. [ 266.396528][T14953] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.3175: corrupted inode contents [ 266.423883][T14968] loop2: detected capacity change from 0 to 1024 [ 266.438708][T14953] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #19: comm syz.3.3175: mark_inode_dirty error [ 266.461586][T14979] netlink: 'syz.0.3183': attribute type 1 has an invalid length. [ 266.466872][T14953] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.3175: corrupted inode contents [ 266.469379][T14979] netlink: 'syz.0.3183': attribute type 2 has an invalid length. [ 266.485086][T14953] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3007: inode #19: comm syz.3.3175: mark_inode_dirty error [ 266.502484][T14953] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3010: inode #19: comm syz.3.3175: mark inode dirty (error -117) [ 266.515995][T14953] EXT4-fs warning (device loop3): ext4_evict_inode:271: xattr delete (err -117) [ 266.698025][T14989] loop3: detected capacity change from 0 to 512 [ 266.723852][T14989] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 266.732538][T14988] loop0: detected capacity change from 0 to 2048 [ 266.774673][T14989] EXT4-fs (loop3): invalid journal inode [ 266.782153][T14989] EXT4-fs (loop3): can't get journal size [ 266.816640][T14989] EXT4-fs (loop3): 1 truncate cleaned up [ 266.873207][T14989] 9pnet_fd: Insufficient options for proto=fd [ 266.892414][T14993] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 266.917416][T14993] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 266.929790][T14993] EXT4-fs (loop0): This should not happen!! Data will be lost [ 266.929790][T14993] [ 266.939534][T14993] EXT4-fs (loop0): Total free blocks count 0 [ 266.945524][T14993] EXT4-fs (loop0): Free/Dirty block details [ 266.951424][T14993] EXT4-fs (loop0): free_blocks=2415919104 [ 266.957166][T14993] EXT4-fs (loop0): dirty_blocks=1024 [ 266.962447][T14993] EXT4-fs (loop0): Block reservation details [ 266.968458][T14993] EXT4-fs (loop0): i_reserved_data_blocks=64 [ 267.102659][T14996] loop3: detected capacity change from 0 to 128 [ 267.114296][T14996] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 267.132661][T14993] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 267.145103][T14993] EXT4-fs (loop0): This should not happen!! Data will be lost [ 267.145103][T14993] [ 267.319828][T15000] loop2: detected capacity change from 0 to 128 [ 267.355083][T15000] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 267.474239][T15014] loop3: detected capacity change from 0 to 2048 [ 267.481101][T15014] EXT4-fs: Ignoring removed bh option [ 267.486581][T15014] EXT4-fs: Ignoring removed nomblk_io_submit option [ 267.495385][T15014] EXT4-fs: Ignoring removed nobh option [ 267.498805][T15017] loop2: detected capacity change from 0 to 2048 [ 267.515331][T15019] netlink: 'syz.1.3198': attribute type 1 has an invalid length. [ 267.523084][T15019] netlink: 'syz.1.3198': attribute type 2 has an invalid length. [ 267.538217][T15014] EXT4-fs error (device loop3): __ext4_remount:6491: comm syz.3.3194: Abort forced by user [ 267.571328][T15014] EXT4-fs (loop3): Remounting filesystem read-only [ 267.586176][T15026] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 267.604754][T15026] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 267.617065][T15026] EXT4-fs (loop2): This should not happen!! Data will be lost [ 267.617065][T15026] [ 267.627006][T15026] EXT4-fs (loop2): Total free blocks count 0 [ 267.633240][T15026] EXT4-fs (loop2): Free/Dirty block details [ 267.639246][T15026] EXT4-fs (loop2): free_blocks=2415919104 [ 267.645020][T15026] EXT4-fs (loop2): dirty_blocks=3648 [ 267.650305][T15026] EXT4-fs (loop2): Block reservation details [ 267.653702][T15034] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15034 comm=syz.0.3201 [ 267.656317][T15026] EXT4-fs (loop2): i_reserved_data_blocks=228 [ 267.676109][T15026] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 267.676992][T15035] loop1: detected capacity change from 0 to 128 [ 267.688474][T15026] EXT4-fs (loop2): This should not happen!! Data will be lost [ 267.688474][T15026] [ 267.715689][T15035] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 268.598151][T15057] loop1: detected capacity change from 0 to 256 [ 268.605203][T15057] FAT-fs (loop1): bogus sectors per cluster 255 [ 268.611633][T15057] FAT-fs (loop1): Can't find a valid FAT filesystem [ 268.616072][T15061] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15061 comm=syz.0.3213 [ 268.627792][T15055] loop3: detected capacity change from 0 to 2048 [ 268.723354][T15069] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 268.738862][T15069] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 268.751229][T15069] EXT4-fs (loop3): This should not happen!! Data will be lost [ 268.751229][T15069] [ 268.761047][T15069] EXT4-fs (loop3): Total free blocks count 0 [ 268.767166][T15069] EXT4-fs (loop3): Free/Dirty block details [ 268.773134][T15069] EXT4-fs (loop3): free_blocks=2415919104 [ 268.778899][T15069] EXT4-fs (loop3): dirty_blocks=1792 [ 268.784349][T15069] EXT4-fs (loop3): Block reservation details [ 268.790444][T15069] EXT4-fs (loop3): i_reserved_data_blocks=112 [ 268.798596][T15069] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 268.810880][T15069] EXT4-fs (loop3): This should not happen!! Data will be lost [ 268.810880][T15069] [ 268.854737][T15078] loop2: detected capacity change from 0 to 2048 [ 268.958104][T15090] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 268.973423][T15090] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 268.985769][T15090] EXT4-fs (loop2): This should not happen!! Data will be lost [ 268.985769][T15090] [ 268.995571][T15090] EXT4-fs (loop2): Total free blocks count 0 [ 269.001576][T15090] EXT4-fs (loop2): Free/Dirty block details [ 269.007499][T15090] EXT4-fs (loop2): free_blocks=2415919104 [ 269.013226][T15090] EXT4-fs (loop2): dirty_blocks=3840 [ 269.018559][T15090] EXT4-fs (loop2): Block reservation details [ 269.024623][T15090] EXT4-fs (loop2): i_reserved_data_blocks=240 [ 269.032590][T15090] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 269.045011][T15090] EXT4-fs (loop2): This should not happen!! Data will be lost [ 269.045011][T15090] [ 269.487433][T15097] loop4: detected capacity change from 0 to 256 [ 269.507539][T15097] FAT-fs (loop4): bogus sectors per cluster 255 [ 269.513834][T15097] FAT-fs (loop4): Can't find a valid FAT filesystem [ 270.046919][ T29] kauditd_printk_skb: 249 callbacks suppressed [ 270.046934][ T29] audit: type=1326 audit(1725028991.403:10854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15112 comm="syz.1.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a0a359ef9 code=0x7ffc0000 [ 270.076750][ T29] audit: type=1326 audit(1725028991.403:10855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15112 comm="syz.1.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a0a359ef9 code=0x7ffc0000 [ 270.156851][ T29] audit: type=1326 audit(1725028991.493:10856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15112 comm="syz.1.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a0a359ef9 code=0x7ffc0000 [ 270.180542][ T29] audit: type=1326 audit(1725028991.493:10857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15112 comm="syz.1.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a0a359ef9 code=0x7ffc0000 [ 270.204212][ T29] audit: type=1326 audit(1725028991.493:10858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15112 comm="syz.1.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a0a359ef9 code=0x7ffc0000 [ 270.228036][ T29] audit: type=1326 audit(1725028991.493:10859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15112 comm="syz.1.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a0a359ef9 code=0x7ffc0000 [ 270.251733][ T29] audit: type=1326 audit(1725028991.493:10860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15112 comm="syz.1.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a0a359ef9 code=0x7ffc0000 [ 270.275547][ T29] audit: type=1326 audit(1725028991.493:10861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15112 comm="syz.1.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a0a359ef9 code=0x7ffc0000 [ 270.299271][ T29] audit: type=1326 audit(1725028991.493:10862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15112 comm="syz.1.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a0a359ef9 code=0x7ffc0000 [ 270.323044][ T29] audit: type=1326 audit(1725028991.493:10863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15112 comm="syz.1.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a0a359ef9 code=0x7ffc0000 [ 270.550611][T15124] loop4: detected capacity change from 0 to 512 [ 270.560898][T15127] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15127 comm=syz.0.3236 [ 270.577065][T15124] ext4 filesystem being mounted at /228/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 271.442566][T15147] loop4: detected capacity change from 0 to 256 [ 271.451661][T15147] FAT-fs (loop4): bogus sectors per cluster 255 [ 271.457961][T15147] FAT-fs (loop4): Can't find a valid FAT filesystem [ 271.488038][T15150] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3246'. [ 271.504872][T15140] loop0: detected capacity change from 0 to 128 [ 271.558283][T15152] netlink: 'syz.1.3247': attribute type 1 has an invalid length. [ 271.566127][T15152] netlink: 'syz.1.3247': attribute type 2 has an invalid length. [ 271.600478][ T50] kworker/u8:3: attempt to access beyond end of device [ 271.600478][ T50] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 271.628498][T15159] loop1: detected capacity change from 0 to 512 [ 271.650967][T15159] ext4 filesystem being mounted at /433/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 271.663520][T15165] loop0: detected capacity change from 0 to 128 [ 271.675881][T15165] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 271.706888][T15171] netlink: 'syz.4.3255': attribute type 1 has an invalid length. [ 271.714711][T15171] netlink: 'syz.4.3255': attribute type 2 has an invalid length. [ 271.765532][T15159] netlink: 'syz.1.3250': attribute type 10 has an invalid length. [ 271.822528][T15159] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #19: comm syz.1.3250: corrupted inode contents [ 271.913754][T15179] loop0: detected capacity change from 0 to 512 [ 271.928819][T15159] EXT4-fs error (device loop1): ext4_dirty_inode:6014: inode #19: comm syz.1.3250: mark_inode_dirty error [ 271.948747][T15181] FAULT_INJECTION: forcing a failure. [ 271.948747][T15181] name failslab, interval 1, probability 0, space 0, times 0 [ 271.961460][T15181] CPU: 1 UID: 0 PID: 15181 Comm: syz.4.3259 Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 271.972266][T15181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 271.982320][T15181] Call Trace: [ 271.985609][T15181] [ 271.988542][T15181] dump_stack_lvl+0xf2/0x150 [ 271.993144][T15181] dump_stack+0x15/0x20 [ 271.997369][T15181] should_fail_ex+0x229/0x230 [ 272.002055][T15181] ? skb_clone+0x154/0x1f0 [ 272.006554][T15181] should_failslab+0x8f/0xb0 [ 272.011167][T15181] kmem_cache_alloc_noprof+0x4c/0x290 [ 272.016587][T15181] skb_clone+0x154/0x1f0 [ 272.020917][T15181] __netlink_deliver_tap+0x2bd/0x4c0 [ 272.026263][T15181] netlink_unicast+0x64a/0x670 [ 272.031176][T15181] netlink_sendmsg+0x5cc/0x6e0 [ 272.035956][T15181] ? __pfx_netlink_sendmsg+0x10/0x10 [ 272.041242][T15181] __sock_sendmsg+0x140/0x180 [ 272.045944][T15181] ____sys_sendmsg+0x312/0x410 [ 272.050796][T15181] __sys_sendmsg+0x1e9/0x280 [ 272.055464][T15181] __x64_sys_sendmsg+0x46/0x50 [ 272.060298][T15181] x64_sys_call+0x2689/0x2d60 [ 272.065114][T15181] do_syscall_64+0xc9/0x1c0 [ 272.069661][T15181] ? clear_bhb_loop+0x55/0xb0 [ 272.074348][T15181] ? clear_bhb_loop+0x55/0xb0 [ 272.079117][T15181] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.085040][T15181] RIP: 0033:0x7fd562f29ef9 [ 272.089475][T15181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.109116][T15181] RSP: 002b:00007fd561ba7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 272.117541][T15181] RAX: ffffffffffffffda RBX: 00007fd5630c5f80 RCX: 00007fd562f29ef9 [ 272.125537][T15181] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000005 [ 272.133579][T15181] RBP: 00007fd561ba7090 R08: 0000000000000000 R09: 0000000000000000 [ 272.141548][T15181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 272.149523][T15181] R13: 0000000000000000 R14: 00007fd5630c5f80 R15: 00007ffd45de1838 [ 272.157508][T15181] [ 272.219094][T15159] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #19: comm syz.1.3250: corrupted inode contents [ 272.234809][T15181] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3259'. [ 272.261121][T15159] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3007: inode #19: comm syz.1.3250: mark_inode_dirty error [ 272.317807][T15186] loop3: detected capacity change from 0 to 256 [ 272.327356][T15159] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3010: inode #19: comm syz.1.3250: mark inode dirty (error -117) [ 272.346434][T15186] FAT-fs (loop3): bogus sectors per cluster 255 [ 272.352706][T15186] FAT-fs (loop3): Can't find a valid FAT filesystem [ 272.366862][T15159] EXT4-fs warning (device loop1): ext4_evict_inode:271: xattr delete (err -117) [ 272.378216][T15179] ext4 filesystem being mounted at /336/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 272.558290][T15188] loop4: detected capacity change from 0 to 2048 [ 272.564971][T15188] EXT4-fs: Ignoring removed bh option [ 272.570360][T15188] EXT4-fs: Ignoring removed nomblk_io_submit option [ 272.585367][T15188] EXT4-fs: Ignoring removed nobh option [ 272.658476][T15188] EXT4-fs error (device loop4): __ext4_remount:6491: comm syz.4.3261: Abort forced by user [ 272.682716][T15201] loop2: detected capacity change from 0 to 512 [ 272.691397][T15188] EXT4-fs (loop4): Remounting filesystem read-only [ 272.703585][T15206] loop0: detected capacity change from 0 to 512 [ 272.716231][T15201] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 272.726878][T15206] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 272.737339][T15206] EXT4-fs (loop0): invalid journal inode [ 272.743152][T15206] EXT4-fs (loop0): can't get journal size [ 272.749604][T15201] EXT4-fs (loop2): 1 orphan inode deleted [ 272.752017][T15209] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3269'. [ 272.755346][T15201] EXT4-fs (loop2): 1 truncate cleaned up [ 272.758115][T15201] EXT4-fs error (device loop2): empty_inline_dir:1833: inode #12: block 7: comm syz.2.3267: bad entry in directory: directory entry overrun - offset=4, inode=13, rec_len=784, size=60 fake=0 [ 272.790153][T15206] EXT4-fs (loop0): 1 truncate cleaned up [ 272.795993][T15201] EXT4-fs (loop2): Remounting filesystem read-only [ 272.802527][T15201] EXT4-fs warning (device loop2): empty_inline_dir:1840: bad inline directory (dir #12) - inode 13, rec_len 784, name_len 5inline size 60 [ 272.888039][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 272.897157][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 272.903574][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 272.917974][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 272.920852][T15225] loop0: detected capacity change from 0 to 256 [ 272.924412][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 272.938630][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 272.950230][T15225] FAT-fs (loop0): bogus sectors per cluster 255 [ 272.951696][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 272.956566][T15225] FAT-fs (loop0): Can't find a valid FAT filesystem [ 272.962934][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 272.991680][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 272.998730][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.007659][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.014154][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.021003][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.027714][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.034238][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.040726][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.054793][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.061254][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.067788][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.075957][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.083388][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.090031][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.101949][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.108596][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.115812][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.122380][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.128932][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.135539][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.142490][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.155022][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.162681][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.167550][T15244] loop0: detected capacity change from 0 to 512 [ 273.169142][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.175996][T15244] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 273.181632][T15223] ieee802154 phy0 wpan0: encryption failed: -126 [ 273.192455][T15244] EXT4-fs (loop0): invalid journal inode [ 273.202303][T15244] EXT4-fs (loop0): can't get journal size [ 273.213063][T15244] EXT4-fs (loop0): 1 truncate cleaned up [ 273.221341][T15247] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3284'. [ 273.233048][T15247] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3284'. [ 273.299681][T15255] loop2: detected capacity change from 0 to 256 [ 273.315025][T15255] FAT-fs (loop2): bogus sectors per cluster 255 [ 273.321354][T15255] FAT-fs (loop2): Can't find a valid FAT filesystem [ 273.586827][T15268] loop3: detected capacity change from 0 to 512 [ 273.606183][T15268] ext4 filesystem being mounted at /515/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 274.196051][T15276] loop0: detected capacity change from 0 to 2048 [ 274.207037][T15278] loop4: detected capacity change from 0 to 512 [ 274.213824][T15276] EXT4-fs: Ignoring removed bh option [ 274.219298][T15276] EXT4-fs: Ignoring removed nomblk_io_submit option [ 274.228102][T15278] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 274.236378][T15276] EXT4-fs: Ignoring removed nobh option [ 274.243661][T15278] EXT4-fs (loop4): invalid journal inode [ 274.251830][T15278] EXT4-fs (loop4): can't get journal size [ 274.264310][T15276] EXT4-fs error (device loop0): __ext4_remount:6491: comm syz.0.3295: Abort forced by user [ 274.276370][T15276] EXT4-fs (loop0): Remounting filesystem read-only [ 274.284511][T15282] Cannot find add_set index 0 as target [ 274.290638][T15278] EXT4-fs (loop4): 1 truncate cleaned up [ 274.397793][T15294] loop4: detected capacity change from 0 to 256 [ 274.408330][T15294] FAT-fs (loop4): bogus sectors per cluster 255 [ 274.414758][T15294] FAT-fs (loop4): Can't find a valid FAT filesystem [ 274.427878][T15282] loop2: detected capacity change from 0 to 128 [ 274.434406][T15282] vfat: Unknown parameter ''' [ 274.665523][T15316] loop4: detected capacity change from 0 to 512 [ 274.673386][T15316] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 274.683981][T15316] EXT4-fs (loop4): invalid journal inode [ 274.689841][T15316] EXT4-fs (loop4): can't get journal size [ 274.696307][T15316] EXT4-fs (loop4): 1 truncate cleaned up [ 274.769797][T15332] loop2: detected capacity change from 0 to 128 [ 274.911801][T15340] FAULT_INJECTION: forcing a failure. [ 274.911801][T15340] name failslab, interval 1, probability 0, space 0, times 0 [ 274.924775][T15340] CPU: 1 UID: 0 PID: 15340 Comm: syz.2.3316 Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 274.935544][T15340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 274.945590][T15340] Call Trace: [ 274.948889][T15340] [ 274.951806][T15340] dump_stack_lvl+0xf2/0x150 [ 274.956391][T15340] dump_stack+0x15/0x20 [ 274.960545][T15340] should_fail_ex+0x229/0x230 [ 274.965233][T15340] ? vmemdup_user+0x42/0x1b0 [ 274.969863][T15340] should_failslab+0x8f/0xb0 [ 274.974452][T15340] __kmalloc_node_noprof+0xa8/0x380 [ 274.979693][T15340] vmemdup_user+0x42/0x1b0 [ 274.984109][T15340] __se_sys_fsetxattr+0x1af/0x370 [ 274.989127][T15340] ? proc_fail_nth_write+0x130/0x160 [ 274.994432][T15340] __x64_sys_fsetxattr+0x67/0x80 [ 274.999420][T15340] x64_sys_call+0x16a5/0x2d60 [ 275.004138][T15340] do_syscall_64+0xc9/0x1c0 [ 275.008694][T15340] ? clear_bhb_loop+0x55/0xb0 [ 275.013368][T15340] ? clear_bhb_loop+0x55/0xb0 [ 275.018038][T15340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.023931][T15340] RIP: 0033:0x7fda6e729ef9 [ 275.028339][T15340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.048084][T15340] RSP: 002b:00007fda6d3a1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 275.056516][T15340] RAX: ffffffffffffffda RBX: 00007fda6e8c5f80 RCX: 00007fda6e729ef9 [ 275.064528][T15340] RDX: 0000000020001080 RSI: 0000000020000000 RDI: 0000000000000003 [ 275.072530][T15340] RBP: 00007fda6d3a1090 R08: 0000000000000000 R09: 0000000000000000 [ 275.080490][T15340] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001 [ 275.088467][T15340] R13: 0000000000000000 R14: 00007fda6e8c5f80 R15: 00007ffc755a4608 [ 275.096454][T15340] [ 275.121603][T15346] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3319'. [ 275.131889][ T29] kauditd_printk_skb: 10325 callbacks suppressed [ 275.131947][ T29] audit: type=1326 audit(1725028996.483:21189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15344 comm="syz.2.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 275.163016][T15347] audit: audit_lost=11 audit_rate_limit=0 audit_backlog_limit=64 [ 275.170820][T15347] audit: out of memory in audit_log_start [ 275.180369][ T29] audit: type=1326 audit(1725028996.483:21190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15344 comm="syz.2.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 275.204010][ T29] audit: type=1326 audit(1725028996.483:21191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15344 comm="syz.2.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 275.227605][ T29] audit: type=1326 audit(1725028996.483:21192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15344 comm="syz.2.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 275.251205][ T29] audit: type=1326 audit(1725028996.483:21193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15344 comm="syz.2.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 275.274750][ T29] audit: type=1326 audit(1725028996.483:21194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15344 comm="syz.2.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 275.298368][ T29] audit: type=1326 audit(1725028996.483:21195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15344 comm="syz.2.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 275.321918][ T29] audit: type=1326 audit(1725028996.483:21196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15344 comm="syz.2.3319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6e729ef9 code=0x7ffc0000 [ 275.387415][T15355] loop0: detected capacity change from 0 to 2048 [ 275.440725][T15361] netlink: 'syz.2.3325': attribute type 1 has an invalid length. [ 275.453125][T15361] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3325'. [ 275.462519][T15361] bond2: entered promiscuous mode [ 275.468325][T15361] 8021q: adding VLAN 0 to HW filter on device bond2 [ 275.617962][T15370] loop2: detected capacity change from 0 to 2048 [ 275.624610][T15370] EXT4-fs: Ignoring removed bh option [ 275.630068][T15370] EXT4-fs: Ignoring removed nomblk_io_submit option [ 275.636728][T15370] EXT4-fs: Ignoring removed nobh option [ 275.648027][T15370] EXT4-fs error (device loop2): __ext4_remount:6491: comm syz.2.3328: Abort forced by user [ 275.658400][T15370] EXT4-fs (loop2): Remounting filesystem read-only [ 275.674872][T15377] loop3: detected capacity change from 0 to 256 [ 275.681660][T15377] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 275.695217][T15377] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 275.781065][T15388] loop4: detected capacity change from 0 to 256 [ 275.803512][T15392] SELinux: Context system_u:object_r:udev_tbl_t:s0 is not valid (left unmapped). [ 275.968831][T15402] FAULT_INJECTION: forcing a failure. [ 275.968831][T15402] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 275.981977][T15402] CPU: 1 UID: 0 PID: 15402 Comm: syz.4.3341 Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 275.992815][T15402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 276.002890][T15402] Call Trace: [ 276.006230][T15402] [ 276.009204][T15402] dump_stack_lvl+0xf2/0x150 [ 276.013791][T15402] dump_stack+0x15/0x20 [ 276.017935][T15402] should_fail_ex+0x229/0x230 [ 276.022605][T15402] should_fail+0xb/0x10 [ 276.026770][T15402] should_fail_usercopy+0x1a/0x20 [ 276.031789][T15402] _copy_from_user+0x1e/0xd0 [ 276.036545][T15402] do_sys_poll+0x156/0xc10 [ 276.041077][T15402] ? avc_has_perm+0xd4/0x160 [ 276.045747][T15402] ? selinux_file_open+0x34c/0x3b0 [ 276.051004][T15402] __se_sys_poll+0xe1/0x200 [ 276.055587][T15402] __x64_sys_poll+0x43/0x50 [ 276.060137][T15402] x64_sys_call+0x29db/0x2d60 [ 276.064814][T15402] do_syscall_64+0xc9/0x1c0 [ 276.069307][T15402] ? clear_bhb_loop+0x55/0xb0 [ 276.074045][T15402] ? clear_bhb_loop+0x55/0xb0 [ 276.078785][T15402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.084693][T15402] RIP: 0033:0x7fd562f29ef9 [ 276.089104][T15402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 276.108755][T15402] RSP: 002b:00007fd561ba7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 276.117209][T15402] RAX: ffffffffffffffda RBX: 00007fd5630c5f80 RCX: 00007fd562f29ef9 [ 276.125245][T15402] RDX: 0000000080000000 RSI: 20000000000000f3 RDI: 00000000200004c0 [ 276.133215][T15402] RBP: 00007fd561ba7090 R08: 0000000000000000 R09: 0000000000000000 [ 276.141198][T15402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 276.149160][T15402] R13: 0000000000000000 R14: 00007fd5630c5f80 R15: 00007ffd45de1838 [ 276.157226][T15402] [ 276.488514][T15416] netlink: 'syz.2.3347': attribute type 1 has an invalid length. [ 276.496364][T15416] netlink: 'syz.2.3347': attribute type 2 has an invalid length. [ 276.525723][T15418] loop2: detected capacity change from 0 to 2048 [ 276.532305][T15418] EXT4-fs: Ignoring removed bh option [ 276.537721][T15418] EXT4-fs: Ignoring removed nomblk_io_submit option [ 276.544357][T15418] EXT4-fs: Ignoring removed nobh option [ 276.558017][T15418] EXT4-fs error (device loop2): __ext4_remount:6491: comm syz.2.3348: Abort forced by user [ 276.568224][T15418] EXT4-fs (loop2): Remounting filesystem read-only [ 276.625809][T15422] loop3: detected capacity change from 0 to 512 [ 276.636273][T15422] ext4 filesystem being mounted at /530/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 276.650512][T15422] netlink: 'syz.3.3349': attribute type 10 has an invalid length. [ 276.659759][T15422] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.3349: corrupted inode contents [ 276.674098][T15422] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #19: comm syz.3.3349: mark_inode_dirty error [ 276.685867][T15422] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.3349: corrupted inode contents [ 276.699350][T15422] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3007: inode #19: comm syz.3.3349: mark_inode_dirty error [ 276.712293][T15422] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3010: inode #19: comm syz.3.3349: mark inode dirty (error -117) [ 276.726948][T15422] EXT4-fs warning (device loop3): ext4_evict_inode:271: xattr delete (err -117) [ 276.811008][T15430] loop3: detected capacity change from 0 to 2048 [ 276.881397][T15433] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 276.896997][T15433] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 276.909296][T15433] EXT4-fs (loop3): This should not happen!! Data will be lost [ 276.909296][T15433] [ 276.918927][T15433] EXT4-fs (loop3): Total free blocks count 0 [ 276.924914][T15433] EXT4-fs (loop3): Free/Dirty block details [ 276.930837][T15433] EXT4-fs (loop3): free_blocks=2415919104 [ 276.936621][T15433] EXT4-fs (loop3): dirty_blocks=5024 [ 276.941963][T15433] EXT4-fs (loop3): Block reservation details [ 276.947964][T15433] EXT4-fs (loop3): i_reserved_data_blocks=314 [ 276.956465][T15433] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 276.968794][T15433] EXT4-fs (loop3): This should not happen!! Data will be lost [ 276.968794][T15433] [ 277.217337][T15445] loop1: detected capacity change from 0 to 2048 [ 277.224143][T15445] EXT4-fs: Ignoring removed bh option [ 277.229673][T15445] EXT4-fs: Ignoring removed nomblk_io_submit option [ 277.239130][T15445] EXT4-fs: Ignoring removed nobh option [ 277.268170][T15445] EXT4-fs mount: 78 callbacks suppressed [ 277.268186][T15445] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.293729][T15445] EXT4-fs error (device loop1): __ext4_remount:6491: comm syz.1.3355: Abort forced by user [ 277.306806][T15445] EXT4-fs (loop1): Remounting filesystem read-only [ 277.374894][ T5886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.409604][T15451] loop2: detected capacity change from 0 to 128 [ 277.469029][T15459] netlink: 'syz.2.3359': attribute type 1 has an invalid length. [ 277.476829][T15459] netlink: 'syz.2.3359': attribute type 2 has an invalid length. [ 277.500778][T15461] FAULT_INJECTION: forcing a failure. [ 277.500778][T15461] name failslab, interval 1, probability 0, space 0, times 0 [ 277.513580][T15461] CPU: 1 UID: 0 PID: 15461 Comm: syz.2.3360 Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 277.524357][T15461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 277.534493][T15461] Call Trace: [ 277.537773][T15461] [ 277.540771][T15461] dump_stack_lvl+0xf2/0x150 [ 277.545423][T15461] dump_stack+0x15/0x20 [ 277.549642][T15461] should_fail_ex+0x229/0x230 [ 277.554378][T15461] ? selinux_tun_dev_alloc_security+0x35/0xd0 [ 277.560451][T15461] should_failslab+0x8f/0xb0 [ 277.565081][T15461] __kmalloc_cache_noprof+0x4b/0x2a0 [ 277.570439][T15461] selinux_tun_dev_alloc_security+0x35/0xd0 [ 277.576343][T15461] security_tun_dev_alloc_security+0x3a/0x70 [ 277.582414][T15461] tun_net_init+0x52/0x280 [ 277.586847][T15461] register_netdevice+0x293/0xe30 [ 277.591893][T15461] ? strcpy+0x30/0x50 [ 277.595888][T15461] ? alloc_netdev_mqs+0x8b7/0x8d0 [ 277.600966][T15461] tun_set_iff+0x5da/0x820 [ 277.605389][T15461] __tun_chr_ioctl+0x652/0x1860 [ 277.610256][T15461] tun_chr_ioctl+0x27/0x30 [ 277.614699][T15461] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 277.619943][T15461] __se_sys_ioctl+0xd3/0x150 [ 277.624556][T15461] __x64_sys_ioctl+0x43/0x50 [ 277.629246][T15461] x64_sys_call+0x15cc/0x2d60 [ 277.633936][T15461] do_syscall_64+0xc9/0x1c0 [ 277.638573][T15461] ? clear_bhb_loop+0x55/0xb0 [ 277.643261][T15461] ? clear_bhb_loop+0x55/0xb0 [ 277.647961][T15461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.653956][T15461] RIP: 0033:0x7fda6e729ef9 [ 277.658374][T15461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 277.678024][T15461] RSP: 002b:00007fda6d3a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 277.686523][T15461] RAX: ffffffffffffffda RBX: 00007fda6e8c5f80 RCX: 00007fda6e729ef9 [ 277.694562][T15461] RDX: 0000000020000200 RSI: 00000000400454ca RDI: 0000000000000006 [ 277.702535][T15461] RBP: 00007fda6d3a1090 R08: 0000000000000000 R09: 0000000000000000 [ 277.710508][T15461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 277.718484][T15461] R13: 0000000000000000 R14: 00007fda6e8c5f80 R15: 00007ffc755a4608 [ 277.726585][T15461] [ 277.765376][T15463] loop2: detected capacity change from 0 to 512 [ 277.773344][T15463] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 277.782965][T15463] EXT4-fs (loop2): invalid journal inode [ 277.788684][T15463] EXT4-fs (loop2): can't get journal size [ 277.795216][T15463] EXT4-fs (loop2): 1 truncate cleaned up [ 277.801256][T15463] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.834131][ T5886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.988485][T15470] xt_socket: unknown flags 0x3c [ 278.037637][ T6291] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.067738][T15474] loop1: detected capacity change from 0 to 512 [ 278.077656][T15474] EXT4-fs (loop1): orphan cleanup on readonly fs [ 278.079524][T15476] loop3: detected capacity change from 0 to 2048 [ 278.084687][T15474] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3365: bg 0: block 248: padding at end of block bitmap is not set [ 278.090947][T15476] EXT4-fs: Ignoring removed bh option [ 278.106747][T15474] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.3365: Failed to acquire dquot type 1 [ 278.110058][T15476] EXT4-fs: Ignoring removed nomblk_io_submit option [ 278.121771][T15474] EXT4-fs (loop1): 1 truncate cleaned up [ 278.129365][T15476] EXT4-fs: Ignoring removed nobh option [ 278.134319][T15474] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 278.156088][T15476] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.170661][T15474] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3365'. [ 278.180240][T15476] EXT4-fs error (device loop3): __ext4_remount:6491: comm syz.3.3366: Abort forced by user [ 278.190552][T15476] EXT4-fs (loop3): Remounting filesystem read-only [ 278.268325][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.786248][T15495] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3372'. [ 278.795221][T15495] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3372'. [ 278.804186][T15495] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3372'. [ 278.815774][T15495] serio: Serial port pts0 [ 278.912991][ T5941] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.938107][T15499] loop3: detected capacity change from 0 to 2048 [ 278.957678][T15499] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.971462][ T6291] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.016279][T15506] loop1: detected capacity change from 0 to 2048 [ 279.022844][T15506] EXT4-fs: Ignoring removed bh option [ 279.028259][T15506] EXT4-fs: Ignoring removed nomblk_io_submit option [ 279.036351][T15506] EXT4-fs: Ignoring removed nobh option [ 279.042962][T15508] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 279.058117][T15508] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 279.070389][T15508] EXT4-fs (loop3): This should not happen!! Data will be lost [ 279.070389][T15508] [ 279.080034][T15508] EXT4-fs (loop3): Total free blocks count 0 [ 279.085126][T15506] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 279.086025][T15508] EXT4-fs (loop3): Free/Dirty block details [ 279.103871][T15508] EXT4-fs (loop3): free_blocks=2415919104 [ 279.109665][T15508] EXT4-fs (loop3): dirty_blocks=3456 [ 279.115005][T15508] EXT4-fs (loop3): Block reservation details [ 279.121078][T15508] EXT4-fs (loop3): i_reserved_data_blocks=216 [ 279.127655][T15506] EXT4-fs error (device loop1): __ext4_remount:6491: comm syz.1.3375: Abort forced by user [ 279.128555][T15508] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 279.138906][T15506] EXT4-fs (loop1): Remounting filesystem read-only [ 279.258782][T15517] loop0: detected capacity change from 0 to 128 [ 279.275033][T15517] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 279.312650][T15519] loop0: detected capacity change from 0 to 512 [ 279.324759][T15519] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 279.334702][T15519] EXT4-fs (loop0): invalid journal inode [ 279.340350][T15519] EXT4-fs (loop0): can't get journal size [ 279.356674][T15519] EXT4-fs (loop0): 1 truncate cleaned up [ 279.362786][T15519] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 279.427266][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.846004][ T6291] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.909852][T15531] loop1: detected capacity change from 0 to 2048 [ 279.918207][T15531] EXT4-fs: Ignoring removed bh option [ 279.923616][T15531] EXT4-fs: Ignoring removed nomblk_io_submit option [ 279.930400][T15531] EXT4-fs: Ignoring removed nobh option [ 279.940439][T15533] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3381'. [ 279.954714][T15531] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 279.967842][T15531] EXT4-fs error (device loop1): __ext4_remount:6491: comm syz.1.3383: Abort forced by user [ 279.983392][T15531] EXT4-fs (loop1): Remounting filesystem read-only [ 280.061618][T15547] loop3: detected capacity change from 0 to 128 [ 280.068351][T15547] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 280.090904][T15549] loop3: detected capacity change from 0 to 256 [ 280.097668][T15549] FAT-fs (loop3): bogus sectors per cluster 255 [ 280.104029][T15549] FAT-fs (loop3): Can't find a valid FAT filesystem [ 280.322372][ T29] kauditd_printk_skb: 168 callbacks suppressed [ 280.322388][ T29] audit: type=1326 audit(1725029001.673:21363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15553 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 280.352513][ T29] audit: type=1326 audit(1725029001.673:21364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15553 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 280.376465][ T29] audit: type=1326 audit(1725029001.693:21365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15553 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 280.377526][T15556] loop0: detected capacity change from 0 to 2048 [ 280.400303][ T29] audit: type=1326 audit(1725029001.693:21366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15553 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 280.409268][T15556] EXT4-fs: Ignoring removed bh option [ 280.429963][ T29] audit: type=1326 audit(1725029001.693:21367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15553 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 280.435347][T15556] EXT4-fs: Ignoring removed nomblk_io_submit option [ 280.437557][T15556] EXT4-fs: Ignoring removed nobh option [ 280.458971][ T29] audit: type=1326 audit(1725029001.693:21368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15553 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 280.494736][ T29] audit: type=1326 audit(1725029001.693:21369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15553 comm="syz.0.3391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 280.529576][T15558] loop2: detected capacity change from 0 to 2048 [ 280.535623][T15556] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.549890][T15556] EXT4-fs error (device loop0): __ext4_remount:6491: comm syz.0.3392: Abort forced by user [ 280.560131][T15556] EXT4-fs (loop0): Remounting filesystem read-only [ 280.567883][T15558] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.639255][T15564] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 280.654301][T15564] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 280.666668][T15564] EXT4-fs (loop2): This should not happen!! Data will be lost [ 280.666668][T15564] [ 280.676320][T15564] EXT4-fs (loop2): Total free blocks count 0 [ 280.682307][T15564] EXT4-fs (loop2): Free/Dirty block details [ 280.688213][T15564] EXT4-fs (loop2): free_blocks=2415919104 [ 280.693936][T15564] EXT4-fs (loop2): dirty_blocks=4800 [ 280.699239][T15564] EXT4-fs (loop2): Block reservation details [ 280.705219][T15564] EXT4-fs (loop2): i_reserved_data_blocks=300 [ 280.712003][T15564] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 280.740644][ T6291] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.796384][T15569] FAULT_INJECTION: forcing a failure. [ 280.796384][T15569] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 280.809610][T15569] CPU: 0 UID: 0 PID: 15569 Comm: syz.1.3395 Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 280.820471][T15569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 280.830535][T15569] Call Trace: [ 280.833860][T15569] [ 280.836848][T15569] dump_stack_lvl+0xf2/0x150 [ 280.841542][T15569] dump_stack+0x15/0x20 [ 280.845715][T15569] should_fail_ex+0x229/0x230 [ 280.850439][T15569] should_fail_alloc_page+0xfd/0x110 [ 280.855755][T15569] __alloc_pages_noprof+0x109/0x360 [ 280.861049][T15569] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 280.866511][T15569] vma_alloc_folio_noprof+0x1a0/0x2f0 [ 280.871911][T15569] do_wp_page+0x62b/0x22c0 [ 280.876356][T15569] ? __rcu_read_lock+0x36/0x50 [ 280.881214][T15569] ? __rcu_read_lock+0x36/0x50 [ 280.885994][T15569] handle_mm_fault+0xc4d/0x2a30 [ 280.891007][T15569] exc_page_fault+0x296/0x650 [ 280.895750][T15569] asm_exc_page_fault+0x26/0x30 [ 280.900677][T15569] RIP: 0010:__put_user_4+0x11/0x20 [ 280.905813][T15569] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 [ 280.925567][T15569] RSP: 0018:ffffc900058dfdb8 EFLAGS: 00050206 [ 280.931727][T15569] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020600000 [ 280.939693][T15569] RDX: 0000000000000520 RSI: 0000000000000000 RDI: ffffc900058dfdf4 [ 280.947679][T15569] RBP: 0000000000000000 R08: 0001c900058dfdf7 R09: 0000000000000000 [ 280.955645][T15569] R10: 0001ffffffffffff R11: 0001c900058dfdf4 R12: 0000000020600000 [ 280.963627][T15569] R13: 0000000000000000 R14: ffff88810841b000 R15: ffffc900058dfdf4 [ 280.971698][T15569] packet_getsockopt+0x5e8/0x6f0 [ 280.976661][T15569] do_sock_getsockopt+0x121/0x1a0 [ 280.981685][T15569] ? __pfx_packet_getsockopt+0x10/0x10 [ 280.987223][T15569] __sys_getsockopt+0x19a/0x210 [ 280.992120][T15569] __x64_sys_getsockopt+0x66/0x80 [ 280.997154][T15569] x64_sys_call+0x11cd/0x2d60 [ 281.001952][T15569] do_syscall_64+0xc9/0x1c0 [ 281.006453][T15569] ? clear_bhb_loop+0x55/0xb0 [ 281.011128][T15569] ? clear_bhb_loop+0x55/0xb0 [ 281.015861][T15569] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.021781][T15569] RIP: 0033:0x7f4a0a359ef9 [ 281.026256][T15569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 281.045859][T15569] RSP: 002b:00007f4a08fd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 281.054384][T15569] RAX: ffffffffffffffda RBX: 00007f4a0a4f5f80 RCX: 00007f4a0a359ef9 [ 281.062347][T15569] RDX: 0000000000000009 RSI: 0000000000000107 RDI: 0000000000000003 [ 281.070360][T15569] RBP: 00007f4a08fd1090 R08: 0000000020600000 R09: 0000000000000000 [ 281.078362][T15569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 281.086334][T15569] R13: 0000000000000000 R14: 00007f4a0a4f5f80 R15: 00007ffffbd7be78 [ 281.094410][T15569] [ 281.156027][T15577] loop3: detected capacity change from 0 to 128 [ 281.163391][T15577] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 281.206004][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.215664][T15581] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15581 comm=syz.3.3401 [ 281.255987][T15583] loop0: detected capacity change from 0 to 512 [ 281.262485][T15583] EXT4-fs: Ignoring removed nobh option [ 281.270871][T15587] FAULT_INJECTION: forcing a failure. [ 281.270871][T15587] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 281.283959][T15587] CPU: 0 UID: 0 PID: 15587 Comm: syz.1.3403 Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 281.294730][T15587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 281.298744][T15583] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 281.304778][T15587] Call Trace: [ 281.304789][T15587] [ 281.304797][T15587] dump_stack_lvl+0xf2/0x150 [ 281.304827][T15587] dump_stack+0x15/0x20 [ 281.318500][T15583] EXT4-fs (loop0): 1 truncate cleaned up [ 281.318979][T15587] should_fail_ex+0x229/0x230 [ 281.338065][T15587] should_fail+0xb/0x10 [ 281.342334][T15587] should_fail_usercopy+0x1a/0x20 [ 281.347383][T15587] _copy_from_user+0x1e/0xd0 [ 281.352004][T15587] copy_msghdr_from_user+0x54/0x2a0 [ 281.357265][T15587] __sys_sendmsg+0x17d/0x280 [ 281.361902][T15587] __x64_sys_sendmsg+0x46/0x50 [ 281.366705][T15587] x64_sys_call+0x2689/0x2d60 [ 281.371399][T15587] do_syscall_64+0xc9/0x1c0 [ 281.375925][T15587] ? clear_bhb_loop+0x55/0xb0 [ 281.380675][T15587] ? clear_bhb_loop+0x55/0xb0 [ 281.385365][T15587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.391291][T15587] RIP: 0033:0x7f4a0a359ef9 [ 281.395715][T15587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 281.415393][T15587] RSP: 002b:00007f4a08fd1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 281.423915][T15587] RAX: ffffffffffffffda RBX: 00007f4a0a4f5f80 RCX: 00007f4a0a359ef9 [ 281.431928][T15587] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003 [ 281.439930][T15587] RBP: 00007f4a08fd1090 R08: 0000000000000000 R09: 0000000000000000 [ 281.447910][T15587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 281.455917][T15587] R13: 0000000000000000 R14: 00007f4a0a4f5f80 R15: 00007ffffbd7be78 [ 281.464021][T15587] [ 281.485654][T15583] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.816737][ T29] audit: type=1400 audit(1725029003.173:21370): avc: denied { bind } for pid=15592 comm="syz.1.3406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 281.882640][T15596] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3406'. [ 282.223365][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.241920][T15598] loop2: detected capacity change from 0 to 512 [ 282.267434][T15598] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.281683][T15600] loop0: detected capacity change from 0 to 1024 [ 282.290555][T15598] ext4 filesystem being mounted at /525/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 282.302742][T15600] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 282.378716][T15605] tipc: Enabling of bearer rejected, failed to enable media [ 282.467779][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.491138][T15607] loop0: detected capacity change from 0 to 512 [ 282.507247][T15607] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.523307][T15607] ext4 filesystem being mounted at /364/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 282.590180][T15610] netlink: 'syz.0.3409': attribute type 10 has an invalid length. [ 282.600586][T15610] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #19: comm syz.0.3409: corrupted inode contents [ 282.612626][T15610] EXT4-fs error (device loop0): ext4_dirty_inode:6014: inode #19: comm syz.0.3409: mark_inode_dirty error [ 282.625660][T15610] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #19: comm syz.0.3409: corrupted inode contents [ 282.638181][T15610] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3007: inode #19: comm syz.0.3409: mark_inode_dirty error [ 282.656784][T15610] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3010: inode #19: comm syz.0.3409: mark inode dirty (error -117) [ 282.670824][T15610] EXT4-fs warning (device loop0): ext4_evict_inode:271: xattr delete (err -117) [ 283.380182][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.389858][ T5886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.430078][T15613] loop3: detected capacity change from 0 to 2048 [ 283.437191][T15613] EXT4-fs: Ignoring removed bh option [ 283.442591][T15613] EXT4-fs: Ignoring removed nomblk_io_submit option [ 283.457248][T15617] loop2: detected capacity change from 0 to 2048 [ 283.466526][T15613] EXT4-fs: Ignoring removed nobh option [ 283.472966][ T29] audit: type=1400 audit(1725029004.823:21371): avc: denied { ioctl } for pid=15616 comm="syz.2.3411" path="socket:[39826]" dev="sockfs" ino=39826 ioctlcmd=0x8941 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 283.508079][T15613] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 283.516541][ T29] audit: type=1326 audit(1725029004.863:21372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15618 comm="syz.0.3413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 283.546737][T15613] EXT4-fs error (device loop3): __ext4_remount:6491: comm syz.3.3412: Abort forced by user [ 283.557150][T15613] EXT4-fs (loop3): Remounting filesystem read-only [ 283.557529][T15625] IPv4: Oversized IP packet from 172.20.20.24 [ 283.569900][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 283.576031][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 283.637050][T15634] loop2: detected capacity change from 0 to 2048 [ 283.646599][T15634] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 283.714411][T15637] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 283.731493][T15637] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 283.743865][T15637] EXT4-fs (loop2): This should not happen!! Data will be lost [ 283.743865][T15637] [ 283.753515][T15637] EXT4-fs (loop2): Total free blocks count 0 [ 283.759518][T15637] EXT4-fs (loop2): Free/Dirty block details [ 283.765538][T15637] EXT4-fs (loop2): free_blocks=2415919104 [ 283.771302][T15637] EXT4-fs (loop2): dirty_blocks=4672 [ 283.776595][T15637] EXT4-fs (loop2): Block reservation details [ 283.782637][T15637] EXT4-fs (loop2): i_reserved_data_blocks=292 [ 283.792734][T15637] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 284.254956][ T5941] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.424477][T15649] loop3: detected capacity change from 0 to 512 [ 284.447799][T15649] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 284.490104][T15649] ext4 filesystem being mounted at /551/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 284.554252][T15649] netlink: 'syz.3.3421': attribute type 10 has an invalid length. [ 284.569404][T15649] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.3421: corrupted inode contents [ 284.581948][T15649] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #19: comm syz.3.3421: mark_inode_dirty error [ 284.593627][T15649] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.3421: corrupted inode contents [ 284.605779][T15649] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3007: inode #19: comm syz.3.3421: mark_inode_dirty error [ 284.622319][T15649] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3010: inode #19: comm syz.3.3421: mark inode dirty (error -117) [ 284.635228][T15649] EXT4-fs warning (device loop3): ext4_evict_inode:271: xattr delete (err -117) [ 284.687706][ T5941] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.735611][T15668] loop0: detected capacity change from 0 to 2048 [ 284.759154][T15668] EXT4-fs: Ignoring removed bh option [ 284.764645][T15668] EXT4-fs: Ignoring removed nomblk_io_submit option [ 284.774765][T15668] EXT4-fs: Ignoring removed nobh option [ 284.797294][T15668] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 284.896285][T15681] loop3: detected capacity change from 0 to 2048 [ 284.910652][T15668] EXT4-fs error (device loop0): __ext4_remount:6491: comm syz.0.3429: Abort forced by user [ 284.927443][T15681] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 284.939690][T15668] EXT4-fs (loop0): Remounting filesystem read-only [ 285.004863][ T5941] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 285.043348][ T5941] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.553706][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.603694][T15690] loop2: detected capacity change from 0 to 512 [ 285.611904][ T29] kauditd_printk_skb: 113 callbacks suppressed [ 285.611959][ T29] audit: type=1400 audit(1725029006.963:21486): avc: denied { mounton } for pid=15689 comm="syz.2.3434" path="/532/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 285.648720][ T29] audit: type=1400 audit(1725029006.963:21487): avc: denied { module_request } for pid=15689 comm="syz.2.3434" kmod="fs-/dev/virtual_nci" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 285.727618][T15707] FAULT_INJECTION: forcing a failure. [ 285.727618][T15707] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 285.729802][T15709] loop0: detected capacity change from 0 to 512 [ 285.740719][T15707] CPU: 1 UID: 0 PID: 15707 Comm: syz.1.3438 Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 285.757696][T15707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 285.767747][T15707] Call Trace: [ 285.771019][T15707] [ 285.774072][T15707] dump_stack_lvl+0xf2/0x150 [ 285.778697][T15707] dump_stack+0x15/0x20 [ 285.782856][T15707] should_fail_ex+0x229/0x230 [ 285.787562][T15707] should_fail+0xb/0x10 [ 285.791721][T15707] should_fail_usercopy+0x1a/0x20 [ 285.796752][T15707] _copy_from_user+0x1e/0xd0 [ 285.801350][T15707] move_addr_to_kernel+0x82/0x120 [ 285.806441][T15707] copy_msghdr_from_user+0x271/0x2a0 [ 285.811740][T15707] __sys_sendmsg+0x17d/0x280 [ 285.816348][T15707] __x64_sys_sendmsg+0x46/0x50 [ 285.821112][T15707] x64_sys_call+0x2689/0x2d60 [ 285.825793][T15707] do_syscall_64+0xc9/0x1c0 [ 285.830323][T15707] ? clear_bhb_loop+0x55/0xb0 [ 285.835012][T15707] ? clear_bhb_loop+0x55/0xb0 [ 285.839693][T15707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.845630][T15707] RIP: 0033:0x7f4a0a359ef9 [ 285.850041][T15707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 285.869719][T15707] RSP: 002b:00007f4a08fd1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 285.878125][T15707] RAX: ffffffffffffffda RBX: 00007f4a0a4f5f80 RCX: 00007f4a0a359ef9 [ 285.886094][T15707] RDX: 0000000000000000 RSI: 0000000020007940 RDI: 0000000000000005 [ 285.894072][T15707] RBP: 00007f4a08fd1090 R08: 0000000000000000 R09: 0000000000000000 [ 285.902041][T15707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 285.910010][T15707] R13: 0000000000000000 R14: 00007f4a0a4f5f80 R15: 00007ffffbd7be78 [ 285.918069][T15707] [ 285.936792][T15709] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 285.951079][T15709] ext4 filesystem being mounted at /375/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 285.967331][T15709] netlink: 'syz.0.3439': attribute type 10 has an invalid length. [ 285.974372][T15717] loop2: detected capacity change from 0 to 164 [ 285.982688][T15709] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #19: comm syz.0.3439: corrupted inode contents [ 285.994719][T15709] EXT4-fs error (device loop0): ext4_dirty_inode:6014: inode #19: comm syz.0.3439: mark_inode_dirty error [ 286.006530][T15717] Unable to read rock-ridge attributes [ 286.009317][T15709] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #19: comm syz.0.3439: corrupted inode contents [ 286.024672][T15709] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3007: inode #19: comm syz.0.3439: mark_inode_dirty error [ 286.038844][T15717] Unable to read rock-ridge attributes [ 286.053658][T15709] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3010: inode #19: comm syz.0.3439: mark inode dirty (error -117) [ 286.066299][T15717] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 286.081026][T15709] EXT4-fs warning (device loop0): ext4_evict_inode:271: xattr delete (err -117) [ 286.222313][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.627576][ T29] audit: type=1326 audit(1725029007.983:21488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15743 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 286.651296][ T29] audit: type=1326 audit(1725029007.983:21489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15743 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 286.674913][ T29] audit: type=1326 audit(1725029007.983:21490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15743 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 286.698528][ T29] audit: type=1326 audit(1725029007.983:21491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15743 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 286.722157][ T29] audit: type=1326 audit(1725029007.983:21492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15743 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 286.784652][ T29] audit: type=1326 audit(1725029008.133:21493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15743 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc73bfa8890 code=0x7ffc0000 [ 286.808356][ T29] audit: type=1326 audit(1725029008.133:21494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15743 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc73bfa8890 code=0x7ffc0000 [ 286.831917][ T29] audit: type=1326 audit(1725029008.133:21495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15743 comm="syz.0.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc73bfa9ef9 code=0x7ffc0000 [ 286.892400][T15744] loop2: detected capacity change from 0 to 512 [ 286.916694][T15744] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 286.974755][T15744] EXT4-fs (loop2): can't mount with journal_async_commit, fs mounted w/o journal [ 287.028979][ T7190] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.061817][T15739] lo speed is unknown, defaulting to 1000 [ 287.109063][ T7190] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.124053][T15758] loop3: detected capacity change from 0 to 512 [ 287.139031][T15758] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 287.159711][T15758] EXT4-fs (loop3): invalid journal inode [ 287.173250][ T7190] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.183808][T15758] EXT4-fs (loop3): can't get journal size [ 287.206959][T15758] EXT4-fs (loop3): 1 truncate cleaned up [ 287.218045][T15739] chnl_net:caif_netlink_parms(): no params data found [ 287.229072][T15758] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.248895][ T7190] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.317193][T15739] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.324333][T15739] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.336993][ T5941] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.348144][T15739] bridge_slave_0: entered allmulticast mode [ 287.354895][T15739] bridge_slave_0: entered promiscuous mode [ 287.377724][ T7190] bridge_slave_1: left allmulticast mode [ 287.383393][ T7190] bridge_slave_1: left promiscuous mode [ 287.389290][ T7190] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.400523][ T7190] bridge_slave_0: left allmulticast mode [ 287.406249][ T7190] bridge_slave_0: left promiscuous mode [ 287.411887][ T7190] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.479058][ T7190] bond0 (unregistering): (slave geneve1): Releasing backup interface [ 287.527323][ T7190] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 287.539364][ T7190] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 287.549791][ T7190] bond0 (unregistering): Released all slaves [ 287.560663][T15739] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.567788][T15739] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.576885][T15739] bridge_slave_1: entered allmulticast mode [ 287.583442][T15739] bridge_slave_1: entered promiscuous mode [ 287.608346][T15739] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 287.621671][T15739] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 287.644167][T15739] team0: Port device team_slave_0 added [ 287.653420][ T7190] hsr_slave_0: left promiscuous mode [ 287.661151][ T7190] hsr_slave_1: left promiscuous mode [ 287.667308][ T7190] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 287.674794][ T7190] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 287.684706][ T7190] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 287.692130][ T7190] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 287.829371][ T7190] veth1_macvtap: left promiscuous mode [ 287.835025][ T7190] veth0_macvtap: left promiscuous mode [ 287.840616][ T7190] veth1_vlan: left promiscuous mode [ 287.845906][ T7190] veth0_vlan: left promiscuous mode [ 287.952916][ T7190] team0 (unregistering): Port device team_slave_1 removed [ 287.964652][ T7190] team0 (unregistering): Port device team_slave_0 removed [ 288.014526][T15739] team0: Port device team_slave_1 added [ 288.051232][T15769] loop0: detected capacity change from 0 to 512 [ 288.060641][T15739] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 288.067646][T15739] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.093548][T15739] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 288.106948][T15769] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 288.118971][T15769] EXT4-fs (loop0): invalid journal inode [ 288.125954][T15769] EXT4-fs (loop0): can't get journal size [ 288.132396][T15769] EXT4-fs (loop0): 1 truncate cleaned up [ 288.139072][T15769] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.155341][T15739] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.162311][T15739] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.188306][T15739] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 288.230545][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.261098][T15739] hsr_slave_0: entered promiscuous mode [ 288.271020][T15739] hsr_slave_1: entered promiscuous mode [ 288.371657][T15775] loop0: detected capacity change from 0 to 512 [ 288.400069][T15777] loop1: detected capacity change from 0 to 2048 [ 288.414554][T15777] EXT4-fs: Ignoring removed bh option [ 288.420007][T15777] EXT4-fs: Ignoring removed nomblk_io_submit option [ 288.430682][T15775] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.434937][T15777] EXT4-fs: Ignoring removed nobh option [ 288.443580][T15775] ext4 filesystem being mounted at /381/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 288.467703][T15777] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.481887][T15775] netlink: 'syz.0.3458': attribute type 10 has an invalid length. [ 288.493889][T15777] EXT4-fs error (device loop1): __ext4_remount:6491: comm syz.1.3459: Abort forced by user [ 288.508398][T15777] EXT4-fs (loop1): Remounting filesystem read-only [ 288.517128][T15775] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #19: comm syz.0.3458: corrupted inode contents [ 288.531035][T15775] EXT4-fs error (device loop0): ext4_dirty_inode:6014: inode #19: comm syz.0.3458: mark_inode_dirty error [ 288.542709][T15775] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #19: comm syz.0.3458: corrupted inode contents [ 288.558392][T15775] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3007: inode #19: comm syz.0.3458: mark_inode_dirty error [ 288.573246][T15775] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3010: inode #19: comm syz.0.3458: mark inode dirty (error -117) [ 288.596788][T15775] EXT4-fs warning (device loop0): ext4_evict_inode:271: xattr delete (err -117) [ 288.621070][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.657136][T15739] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 288.657758][T15794] loop0: detected capacity change from 0 to 512 [ 288.673932][T15739] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 288.692217][T15739] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 288.704120][T15739] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 288.711864][T15794] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 288.735780][T15794] EXT4-fs (loop0): invalid journal inode [ 288.741463][T15794] EXT4-fs (loop0): can't get journal size [ 288.757149][T15794] EXT4-fs (loop0): 1 truncate cleaned up [ 288.787657][T15794] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.875813][T15786] loop3: detected capacity change from 0 to 2048 [ 288.899190][T15739] 8021q: adding VLAN 0 to HW filter on device bond0 [ 288.914141][T15739] 8021q: adding VLAN 0 to HW filter on device team0 [ 288.936775][ T7186] bridge0: port 1(bridge_slave_0) entered blocking state [ 288.943880][ T7186] bridge0: port 1(bridge_slave_0) entered forwarding state [ 288.953103][ T7186] bridge0: port 2(bridge_slave_1) entered blocking state [ 288.960210][ T7186] bridge0: port 2(bridge_slave_1) entered forwarding state [ 288.969459][ T8829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.976123][T15739] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 288.990249][T15786] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 289.032790][T15809] loop0: detected capacity change from 0 to 256 [ 289.138374][T15809] FAT-fs (loop0): bogus sectors per cluster 255 [ 289.144799][T15809] FAT-fs (loop0): Can't find a valid FAT filesystem [ 289.263454][T15739] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 289.288048][ T6291] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.721718][T15825] loop1: detected capacity change from 0 to 2048 [ 289.775032][T15825] EXT4-fs: Ignoring removed bh option [ 289.780441][T15825] EXT4-fs: Ignoring removed nomblk_io_submit option [ 289.865081][T15825] EXT4-fs: Ignoring removed nobh option [ 289.899002][T15739] veth0_vlan: entered promiscuous mode [ 289.942775][T15739] veth1_vlan: entered promiscuous mode [ 289.959907][T15739] veth0_macvtap: entered promiscuous mode [ 289.975170][T15825] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 289.988188][T15825] EXT4-fs error (device loop1): __ext4_remount:6491: comm syz.1.3470: Abort forced by user [ 289.991035][T15739] veth1_macvtap: entered promiscuous mode [ 290.004926][T15825] EXT4-fs (loop1): Remounting filesystem read-only [ 290.036073][T15838] loop2: detected capacity change from 0 to 256 [ 290.050105][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 290.060615][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.070437][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 290.078969][T15838] FAT-fs (loop2): Directory bread(block 64) failed [ 290.081036][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.097483][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 290.107938][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.107982][T15838] FAT-fs (loop2): Directory bread(block 65) failed [ 290.117975][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 290.134870][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.144688][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 290.146297][T15838] FAT-fs (loop2): Directory bread(block 66) failed [ 290.155144][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.171538][T15838] FAT-fs (loop2): Directory bread(block 67) failed [ 290.171566][T15838] FAT-fs (loop2): Directory bread(block 68) failed [ 290.171585][T15838] FAT-fs (loop2): Directory bread(block 69) failed [ 290.178072][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 290.178088][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.205767][T15838] FAT-fs (loop2): Directory bread(block 70) failed [ 290.212579][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 290.229596][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.232377][T15838] FAT-fs (loop2): Directory bread(block 71) failed [ 290.242434][T15739] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 290.254685][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 290.265182][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.275012][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 290.280625][T15838] FAT-fs (loop2): Directory bread(block 72) failed [ 290.285437][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.285449][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 290.312221][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.316483][T15838] FAT-fs (loop2): Directory bread(block 73) failed [ 290.322166][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 290.338951][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.348827][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 290.359256][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.369133][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 290.379559][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.387986][T15838] syz.2.3473: attempt to access beyond end of device [ 290.387986][T15838] loop2: rw=0, sector=1768, nr_sectors = 4 limit=256 [ 290.389492][T15739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 290.389505][T15739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.394467][T15739] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 290.435659][T15739] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.444416][T15739] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.453157][T15739] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.461940][T15739] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.490420][ T6291] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.511764][T15847] loop4: detected capacity change from 0 to 256 [ 290.520069][T15847] FAT-fs (loop4): bogus sectors per cluster 255 [ 290.526403][T15847] FAT-fs (loop4): Can't find a valid FAT filesystem [ 290.540815][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 290.829743][T15865] loop1: detected capacity change from 0 to 256 [ 290.855268][T15865] FAT-fs (loop1): bogus sectors per cluster 255 [ 290.861584][T15865] FAT-fs (loop1): Can't find a valid FAT filesystem [ 290.919245][T15869] loop4: detected capacity change from 0 to 2048 [ 290.936341][T15869] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 291.007618][T11793] kworker/u8:21: attempt to access beyond end of device [ 291.007618][T11793] loop2: rw=1, sector=1800, nr_sectors = 480 limit=256 [ 291.037313][T11793] kworker/u8:21: attempt to access beyond end of device [ 291.037313][T11793] loop2: rw=1, sector=2312, nr_sectors = 2344 limit=256 [ 291.054433][T15876] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 291.074746][T15876] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 291.087161][T15876] EXT4-fs (loop4): This should not happen!! Data will be lost [ 291.087161][T15876] [ 291.096901][T15876] EXT4-fs (loop4): Total free blocks count 0 [ 291.102939][T15876] EXT4-fs (loop4): Free/Dirty block details [ 291.108941][T15876] EXT4-fs (loop4): free_blocks=2415919104 [ 291.110348][T11793] kworker/u8:21: attempt to access beyond end of device [ 291.110348][T11793] loop2: rw=1, sector=4656, nr_sectors = 2224 limit=256 [ 291.114696][T15876] EXT4-fs (loop4): dirty_blocks=5152 [ 291.133936][T15876] EXT4-fs (loop4): Block reservation details [ 291.139980][T15876] EXT4-fs (loop4): i_reserved_data_blocks=322 [ 291.150306][T11793] kworker/u8:21: attempt to access beyond end of device [ 291.150306][T11793] loop2: rw=1, sector=6880, nr_sectors = 2280 limit=256 [ 291.150966][T15883] netlink: 'syz.0.3487': attribute type 1 has an invalid length. [ 291.171825][T15883] netlink: 'syz.0.3487': attribute type 2 has an invalid length. [ 291.178536][T15882] loop1: detected capacity change from 0 to 2048 [ 291.190910][T11793] kworker/u8:21: attempt to access beyond end of device [ 291.190910][T11793] loop2: rw=1, sector=9160, nr_sectors = 3496 limit=256 [ 291.194900][T15876] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 291.229899][T11793] kworker/u8:21: attempt to access beyond end of device [ 291.229899][T11793] loop2: rw=1, sector=12656, nr_sectors = 4472 limit=256 [ 291.249673][T15882] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 291.255679][T11793] kworker/u8:21: attempt to access beyond end of device [ 291.255679][T11793] loop2: rw=1, sector=17128, nr_sectors = 6896 limit=256 [ 291.287714][T11793] kworker/u8:21: attempt to access beyond end of device [ 291.287714][T11793] loop2: rw=1, sector=24024, nr_sectors = 5656 limit=256 [ 291.367935][T15889] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 291.404740][T15889] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 291.417086][T15889] EXT4-fs (loop1): This should not happen!! Data will be lost [ 291.417086][T15889] [ 291.426764][T15889] EXT4-fs (loop1): Total free blocks count 0 [ 291.432827][T15889] EXT4-fs (loop1): Free/Dirty block details [ 291.438768][T15889] EXT4-fs (loop1): free_blocks=2415919104 [ 291.444641][T15889] EXT4-fs (loop1): dirty_blocks=2016 [ 291.449935][T15889] EXT4-fs (loop1): Block reservation details [ 291.455981][T15889] EXT4-fs (loop1): i_reserved_data_blocks=126 [ 291.465656][T15889] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 291.479373][ T5941] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.512198][T15891] loop2: detected capacity change from 0 to 2048 [ 291.523473][ T29] kauditd_printk_skb: 64 callbacks suppressed [ 291.523486][ T29] audit: type=1326 audit(1725029012.883:21560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15892 comm="syz.3.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5a259ef9 code=0x7ffc0000 [ 291.555577][T15891] EXT4-fs: Ignoring removed bh option [ 291.561012][T15891] EXT4-fs: Ignoring removed nomblk_io_submit option [ 291.577815][T15891] EXT4-fs: Ignoring removed nobh option [ 291.592229][ T29] audit: type=1326 audit(1725029012.913:21561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15892 comm="syz.3.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f3e5a259ef9 code=0x7ffc0000 [ 291.615937][ T29] audit: type=1326 audit(1725029012.913:21562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15892 comm="syz.3.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5a259ef9 code=0x7ffc0000 [ 291.639542][ T29] audit: type=1326 audit(1725029012.913:21563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15892 comm="syz.3.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3e5a259ef9 code=0x7ffc0000 [ 291.663289][ T29] audit: type=1326 audit(1725029012.913:21564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15892 comm="syz.3.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5a259ef9 code=0x7ffc0000 [ 291.686923][ T29] audit: type=1326 audit(1725029012.913:21565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15892 comm="syz.3.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f3e5a259ef9 code=0x7ffc0000 [ 291.710614][ T29] audit: type=1326 audit(1725029012.913:21566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15892 comm="syz.3.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5a259ef9 code=0x7ffc0000 [ 291.734234][ T29] audit: type=1326 audit(1725029012.913:21567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15892 comm="syz.3.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5a259ef9 code=0x7ffc0000 [ 291.757832][ T29] audit: type=1326 audit(1725029012.913:21568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15892 comm="syz.3.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3e5a259ef9 code=0x7ffc0000 [ 291.779378][T15900] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3493'. [ 291.781686][ T29] audit: type=1326 audit(1725029012.913:21569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15892 comm="syz.3.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5a259ef9 code=0x7ffc0000 [ 291.817275][T15891] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 291.830497][T15889] ================================================================== [ 291.838590][T15889] BUG: KCSAN: data-race in __filemap_add_folio / filemap_write_and_wait_range [ 291.847465][T15889] [ 291.849787][T15889] read-write to 0xffff88811081c778 of 8 bytes by task 15882 on cpu 0: [ 291.857921][T15889] __filemap_add_folio+0x439/0x710 [ 291.863035][T15889] filemap_add_folio+0x9c/0x1b0 [ 291.867883][T15889] page_cache_ra_unbounded+0x148/0x2e0 [ 291.873366][T15889] page_cache_async_ra+0x40c/0x420 [ 291.878491][T15889] filemap_get_pages+0x398/0xfb0 [ 291.883455][T15889] filemap_splice_read+0x360/0x920 [ 291.888571][T15889] ext4_file_splice_read+0x95/0xc0 [ 291.893677][T15889] splice_direct_to_actor+0x26c/0x670 [ 291.899070][T15889] do_splice_direct+0xd7/0x150 [ 291.903848][T15889] do_sendfile+0x3ab/0x950 [ 291.908250][T15889] __x64_sys_sendfile64+0x110/0x150 [ 291.913445][T15889] x64_sys_call+0xed5/0x2d60 [ 291.918036][T15889] do_syscall_64+0xc9/0x1c0 [ 291.922543][T15889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.928438][T15889] [ 291.930746][T15889] read to 0xffff88811081c778 of 8 bytes by task 15889 on cpu 1: [ 291.938369][T15889] filemap_write_and_wait_range+0x58/0x1f0 [ 291.944178][T15889] kiocb_invalidate_pages+0x87/0x1e0 [ 291.949466][T15889] __iomap_dio_rw+0x585/0x1090 [ 291.954231][T15889] iomap_dio_rw+0x40/0x90 [ 291.958564][T15889] ext4_file_write_iter+0xaa4/0xe30 [ 291.963752][T15889] iter_file_splice_write+0x5e6/0x970 [ 291.969127][T15889] direct_splice_actor+0x16c/0x2c0 [ 291.974245][T15889] splice_direct_to_actor+0x305/0x670 [ 291.979645][T15889] do_splice_direct+0xd7/0x150 [ 291.984425][T15889] do_sendfile+0x3ab/0x950 [ 291.988828][T15889] __x64_sys_sendfile64+0x110/0x150 [ 291.994032][T15889] x64_sys_call+0xed5/0x2d60 [ 291.998616][T15889] do_syscall_64+0xc9/0x1c0 [ 292.003120][T15889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.009038][T15889] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 292.011347][T15889] value changed: 0x0000000000000a87 -> 0x0000000000000a88 [ 292.018462][T15889] [ 292.020772][T15889] Reported by Kernel Concurrency Sanitizer on: [ 292.026936][T15889] CPU: 1 UID: 0 PID: 15889 Comm: syz.1.3488 Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 292.037692][T15889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 292.047737][T15889] ================================================================== [ 292.098851][T15891] EXT4-fs error (device loop2): __ext4_remount:6491: comm syz.2.3485: Abort forced by user [ 292.131388][T15891] EXT4-fs (loop2): Remounting filesystem read-only [ 292.242842][T15891] bond0: (slave syz_tun): Releasing backup interface [ 292.331696][T15891] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.627109][ T50] bond0: (slave netdevsim1): Releasing backup interface [ 292.737521][ T50] bridge_slave_1: left allmulticast mode [ 292.743252][ T50] bridge_slave_1: left promiscuous mode [ 292.748915][ T50] bridge0: port 2(bridge_slave_1) entered disabled state [ 292.757848][ T50] bridge_slave_0: left allmulticast mode [ 292.763534][ T50] bridge_slave_0: left promiscuous mode [ 292.769222][ T50] bridge0: port 1(bridge_slave_0) entered disabled state [ 292.818571][ T50] bond0 (unregistering): (slave geneve1): Releasing backup interface [ 292.868587][ T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 292.878705][ T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 292.888659][ T50] bond0 (unregistering): (slave team0): Releasing backup interface [ 292.897261][ T50] bond0 (unregistering): Released all slaves [ 292.906088][ T50] bond1 (unregistering): Released all slaves [ 292.914313][ T50] bond2 (unregistering): Released all slaves [ 292.922762][ T50] bond3 (unregistering): Released all slaves [ 293.046869][ T50] hsr_slave_0: left promiscuous mode [ 293.052590][ T50] hsr_slave_1: left promiscuous mode [ 293.059405][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 293.066880][ T50] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 293.074484][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 293.081891][ T50] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 293.090763][ T50] veth1_macvtap: left promiscuous mode [ 293.096271][ T50] veth0_macvtap: left promiscuous mode [ 293.101898][ T50] veth1_vlan: left promiscuous mode [ 293.107264][ T50] veth0_vlan: left promiscuous mode [ 293.180845][ T50] team0 (unregistering): Port device team_slave_1 removed [ 293.191003][ T50] team0 (unregistering): Port device team_slave_0 removed [ 293.508440][ T50] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 293.518764][ T50] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.545092][ T3485] page_pool_release_retry() stalled pool shutdown: id 114, 1 inflight 60 sec [ 293.557311][ T50] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 293.567717][ T50] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.629072][ T50] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 293.639404][ T50] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.687321][ T50] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 293.697701][ T50] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.767820][ T50] bridge_slave_1: left allmulticast mode [ 293.773479][ T50] bridge_slave_1: left promiscuous mode [ 293.779146][ T50] bridge0: port 2(bridge_slave_1) entered disabled state [ 293.787513][ T50] bridge_slave_0: left allmulticast mode [ 293.793149][ T50] bridge_slave_0: left promiscuous mode [ 293.798878][ T50] bridge0: port 1(bridge_slave_0) entered disabled state [ 293.851623][ T50] bond0 (unregistering): (slave geneve1): Releasing backup interface [ 293.957828][ T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 293.968170][ T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 293.978189][ T50] bond0 (unregistering): (slave team0): Releasing backup interface [ 293.986673][ T50] bond0 (unregistering): Released all slaves [ 293.995189][ T50] bond1 (unregistering): Released all slaves [ 294.076097][ T50] macvlan0: left promiscuous mode [ 294.081512][ T50] batadv_slave_0: left promiscuous mode [ 294.089303][ T50] hsr_slave_0: left promiscuous mode [ 294.095974][ T50] hsr_slave_1: left promiscuous mode [ 294.101688][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 294.109117][ T50] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 294.116640][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 294.124054][ T50] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 294.133506][ T50] veth1_macvtap: left promiscuous mode [ 294.139041][ T50] veth0_macvtap: left promiscuous mode [ 294.144691][ T50] veth1_vlan: left promiscuous mode [ 294.149937][ T50] veth0_vlan: left promiscuous mode [ 294.223613][ T50] team0 (unregistering): Port device team_slave_1 removed [ 294.234178][ T50] team0 (unregistering): Port device team_slave_0 removed [ 294.270461][ T35] lo speed is unknown, defaulting to 1000 [ 295.702748][ T7190] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.748125][ T7190] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.806856][ T7190] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.867676][ T7190] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.947289][ T7190] bridge_slave_1: left allmulticast mode [ 295.953029][ T7190] bridge_slave_1: left promiscuous mode [ 295.958664][ T7190] bridge0: port 2(bridge_slave_1) entered disabled state [ 295.966784][ T7190] bridge_slave_0: left allmulticast mode [ 295.972472][ T7190] bridge_slave_0: left promiscuous mode [ 295.978233][ T7190] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.056999][ T7190] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 296.067347][ T7190] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 296.077609][ T7190] bond0 (unregistering): Released all slaves [ 296.187742][ T7190] hsr_slave_0: left promiscuous mode [ 296.193516][ T7190] hsr_slave_1: left promiscuous mode [ 296.199170][ T7190] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 296.206697][ T7190] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 296.214334][ T7190] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 296.221742][ T7190] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 296.230707][ T7190] veth1_macvtap: left promiscuous mode [ 296.236197][ T7190] veth0_macvtap: left promiscuous mode [ 296.241681][ T7190] veth1_vlan: left promiscuous mode [ 296.246919][ T7190] veth0_vlan: left promiscuous mode [ 296.323299][ T7190] team0 (unregistering): Port device team_slave_1 removed [ 296.333424][ T7190] team0 (unregistering): Port device team_slave_0 removed