7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) flistxattr(r0, &(0x7f0000000600)=""/163, 0xa3) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f00000005c0)=0x1) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0200278003000000000000000000000000000000000084b78df90627665549f14d0cd51e7ce6c11ba7229a2a8a9f4dc5d3c9c95dcddd3debb37b5bd32039adb1471855d094f0e251c4a2fb69189b6daafd10c15e9a676a46c13938c5fa2bcb6181116f1f6927f473e3bbeb350bfc4f95bfb25b75772c5004317ab1d5ace7f4eebbadd9b4c41808d81df0ba67aee23cac2e1b285c1a7e1948392617eee2d430797c59c5d21b261014f9e35888d39cb0ea7e376648a8d7e6946952150b5266419e8c2ce29cc76c7d84e147b8eef62ba346", @ANYRES32=0x0, @ANYBLOB="0c0099000008000045000000050013010100000005001301020000000a000600080211000001000009001300181bb0846c000000050029000a0000000600b5002e040000"], 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 735.896237][T24728] Memory cgroup stats for /syz2: [ 735.936604][T24728] anon 2187264 [ 735.936604][T24728] file 306319360 [ 735.936604][T24728] kernel_stack 376832 [ 735.936604][T24728] pagetables 2506752 [ 735.936604][T24728] percpu 0 [ 735.936604][T24728] sock 0 [ 735.936604][T24728] shmem 306319360 [ 735.936604][T24728] file_mapped 0 [ 735.936604][T24728] file_dirty 0 [ 735.936604][T24728] file_writeback 0 [ 735.936604][T24728] swapcached 0 [ 735.936604][T24728] inactive_anon 5451776 [ 735.936604][T24728] active_anon 303042560 [ 735.936604][T24728] inactive_file 0 [ 735.936604][T24728] active_file 0 [ 735.936604][T24728] unevictable 12288 [ 735.936604][T24728] slab_reclaimable 1250680 [ 735.936604][T24728] slab_unreclaimable 1457864 [ 735.936604][T24728] slab 2708544 [ 735.936604][T24728] workingset_refault_anon 0 [ 735.936604][T24728] workingset_refault_file 1 [ 735.936604][T24728] workingset_activate_anon 0 [ 735.936604][T24728] workingset_activate_file 0 [ 735.936604][T24728] workingset_restore_anon 0 [ 735.941888][T24940] loop5: detected capacity change from 0 to 131456 [ 736.031012][T24728] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=19782,uid=0 [ 736.053025][T24728] Memory cgroup out of memory: Killed process 19782 (syz-executor.2) total-vm:85216kB, anon-rss:420kB, file-rss:35764kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 736.058526][T24942] loop4: detected capacity change from 0 to 131456 05:39:47 executing program 2: r0 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000000000/0x13000)=nil, 0x4000) madvise(&(0x7f0000391000/0x1000)=nil, 0x1000, 0x9) madvise(&(0x7f00003d3000/0x3000)=nil, 0x3000, 0x17) remap_file_pages(&(0x7f000014c000/0xd000)=nil, 0xd000, 0x0, 0x2, 0x100000) r1 = shmget$private(0x0, 0x1000, 0x200, &(0x7f0000fff000/0x1000)=nil) shmat(r1, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffdfff) shmat(r1, &(0x7f0000091000/0x1000)=nil, 0x1000) mbind(&(0x7f00001d1000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x7, 0xc7c, 0x1) mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mlock(&(0x7f0000285000/0x3000)=nil, 0x3000) 05:39:47 executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0xb00000000065808, 0x0) memfd_secret(0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/class/drm', 0x210400, 0x1) r2 = openat$cgroup_ro(r1, &(0x7f0000000140)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRESOCT=r0, @ANYRESOCT, @ANYBLOB="d5b65f796ab1088db539226a6398697c45cbf253b9e63cba314e8000009b00000000000000000000000000000000800000"], 0x3af4701e) ioctl$FS_IOC_SETFLAGS(r0, 0x401c5820, &(0x7f0000000100)=0x8) fsetxattr(r0, &(0x7f0000000000)=@random={'security.', '\x00'}, 0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) [ 736.077959][ T25] oom_reaper: reaped process 19782 (syz-executor.2), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB [ 736.102442][T24940] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 736.121056][T24942] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] 05:39:47 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7040fbdbdf257700000008000300", @ANYRES32=0x0, @ANYBLOB="0500ee00810000000500ee00070000000800ef00000023400800ef00009c7dd90600000500ee0019d36dd6d3e91219aebbfa7a0000000502ee00040000000000"], 0x5c}}, 0xc088054) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='/dev/sg#\x00', 0x0, r2) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:39:47 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x281, 0x0, 0x101) [ 736.142298][T24940] System zones: 1-2, 19-19, 35-38, 46-46 [ 736.148623][T24942] System zones: 1-2, 19-19, 35-38, 46-46 [ 736.159207][T24940] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 736.169915][T24940] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2061/file0 supports timestamps until 2038 (0x7fffffff) [ 736.177783][T24942] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 736.195005][T24942] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2108/file0 supports timestamps until 2038 (0x7fffffff) 05:39:47 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ceea03000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:47 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x8, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000002980)={0x53, 0xfffffffffffffffd, 0x69, 0x0, @scatter={0x5, 0x0, &(0x7f0000002800)=[{&(0x7f00000005c0)=""/174, 0xae}, {&(0x7f0000000680)=""/251, 0xfb}, {&(0x7f0000000780)=""/4096, 0x1000}, {&(0x7f0000001780)=""/4096, 0x1000}, {&(0x7f0000002780)=""/67, 0x43}]}, &(0x7f0000002880)="83071e5e605352eb8e9e8eff387196917b5932111d5016fe6a7704d7222836318e28ebf43d87bc7f50f082df2d30cb9f009f8134c497b64465bcf8e17535cd89ba80ea92b35a75fb54bb3e0b910771587d811844946a777452b24d9145a9cc06e8fcb40c55dd25e8c3", &(0x7f0000002900)=""/56, 0x9, 0x10001, 0x1, &(0x7f0000002940)}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) lseek(r1, 0x58c2, 0x3) 05:39:47 executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0xb00000000065808, 0x0) memfd_secret(0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/class/drm', 0x210400, 0x1) r2 = openat$cgroup_ro(r1, &(0x7f0000000140)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRESOCT=r0, @ANYRESOCT, @ANYBLOB="d5b65f796ab1088db539226a6398697c45cbf253b9e63cba314e8000009b00000000000000000000000000000000800000"], 0x3af4701e) ioctl$FS_IOC_SETFLAGS(r0, 0x401c5820, &(0x7f0000000100)=0x8) fsetxattr(r0, &(0x7f0000000000)=@random={'security.', '\x00'}, 0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) 05:39:48 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x500, 0x0, 0x101) [ 736.325930][T25477] loop5: detected capacity change from 0 to 131456 [ 736.354892][T25477] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 05:39:48 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000cad0025ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:48 executing program 0: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce8303000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:48 executing program 2: r0 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000000000/0x13000)=nil, 0x4000) madvise(&(0x7f0000391000/0x1000)=nil, 0x1000, 0x9) madvise(&(0x7f00003d3000/0x3000)=nil, 0x3000, 0x17) remap_file_pages(&(0x7f000014c000/0xd000)=nil, 0xd000, 0x0, 0x2, 0x100000) r1 = shmget$private(0x0, 0x1000, 0x200, &(0x7f0000fff000/0x1000)=nil) shmat(r1, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffdfff) shmat(r1, &(0x7f0000091000/0x1000)=nil, 0x1000) mbind(&(0x7f00001d1000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x7, 0xc7c, 0x1) mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mlock(&(0x7f0000285000/0x3000)=nil, 0x3000) 05:39:48 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x600, 0x0, 0x101) 05:39:48 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025cef803000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:48 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x5, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x1, 0x1}, {0x2, 0x3, 0x400000006}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 736.365605][T25477] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2062/file0 supports timestamps until 2038 (0x7fffffff) [ 736.432613][T25686] loop0: detected capacity change from 0 to 131456 [ 736.454147][T25690] loop5: detected capacity change from 0 to 131456 [ 736.469751][T25692] loop4: detected capacity change from 0 to 131456 05:39:48 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x900, 0x0, 0x101) [ 736.480965][T25690] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 736.491572][T25690] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2063/file0 supports timestamps until 2038 (0x7fffffff) 05:39:48 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0204000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:48 executing program 2: syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x100) ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x80104592, 0x0) r0 = perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xee74d679fd12cda3, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000280)={0xe, 0x5ee}, 0x0) sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xfffffffc}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @empty}, 0x1c) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000340)=""/220) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1) mkdir(0x0, 0x10) shmat(0xffffffffffffffff, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffdfff) setrlimit(0x5, 0x0) sched_setattr(0x0, &(0x7f0000001400)={0x38, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1ff}, 0x0) clone(0xc0201300, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000001440)="d55485776b3b29cee92a3ce3688b71f2395582870deb039cf3dc18d474ba61af89f67ca9420d6ad9d40c2875731f1d6e9530baa6307c4fa42f2288987c00db576779fad7ac3361737174810b28a6beff35e553cffe8bff0f0000c52cd8b52e10fa3cf21c23274ede958772fd7070d57684be8f6735c4880295d36751ecdf5dba3c13ecd22cf97044702bae55eff403773967dd701c35c2c2e91c4d6fa7a43a2e2cc99aceacdf4633da3eb333ff8918574be966df982472ef1118b56e735e5c90d6972b1a5ab5c0facadfb8b7a3fc5e84ff92dbf7a816d7f3e5035e2c373f0a74d7af97f761a819e6c7cb563bc23f04979c7a935c60aeebea75f0a97709b29bcef71a1f71547b143272") 05:39:48 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="570000006ff9ff05812cc6ba936267c900000000000020880004000700010000000000800100000006000000000000004000000300030000000000000004030000000203000000060000f8910000000000"], 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 736.529921][T25692] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 736.540538][T25692] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2109/file0 supports timestamps until 2038 (0x7fffffff) [ 736.558475][T25686] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 05:39:48 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000cc20025ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:48 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xc00, 0x0, 0x101) [ 736.569118][T25686] ext4 filesystem being mounted at /root/syzkaller-testdir427880889/syzkaller.htR0Ze/2310/file0 supports timestamps until 2038 (0x7fffffff) 05:39:48 executing program 0: sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8004}, 0x6004c050) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x94, 0x0, 0x300, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x4d}}}}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x7}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x7f}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x3}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x80000000}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a0}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000048}, 0x40005) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x41, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000140)={{}, {}, [], {}, [], {0x8}, {0x8}}, 0x24, 0x0) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000100)=0xfffffffa) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$sg(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/diskstats\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0), 0x1001) tkill(0x0, 0x17) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000a80)=ANY=[@ANYBLOB="44c3f99867186073415a373f240000fb", @ANYRES16=r3, @ANYBLOB="250500000000000000001a0000000600210061000000080022800400005de05e21a3b81080cb04896375c9808eaacd500b6955ab47c6df3f43fbd72086d4f1f37a60b738a16d26d6906b57504dfee2c1d272b651edd61a0176f5daa081c230a4f9fcb05c189a280a219f33b01f85e3231920ab7360e639804f131082c78fbe84ae9e70b34ac8e81a190080aaeac6f2714ad383f66bfe166b83dd9a55d8d94bd14044d0ba88f76853625c8ffe0a8e585fb60f6548f89570fa124157921273c7fff9b1fbd6979bf39c25c14c85c6b3e3921e56115bbb952cdd846f9b33cb1a751b720a66c46e7c64500500000000000000d1ba8e124ab3dcbb05b17b97ec08fed00d69bae827f33ec934bed7ecd09ce40c4e106a22ff4b424c5e646cd5f8df1f9180e50d0443b0fde6f313d701b2b5d4d162d3ff4c4e43e6aed3e29ca03773db1c53257b663f2994427c1474a7af246570c6a4868ae5b18e7d2a70e4795d6a92cf2b2944e12a4548391f9de3c37f29248a2e35dfca2da0ecacf82b639e948db457445be75e98238c43ea87ed7509ea5eca8abec8fb96c4ce5df3f6c673623f57f300f74ba5e6800cf2e1d99dd48453d312b1b5262b0db901bc456be50d46ba2301aa66841e2bf7262abd9afd54aea3772d8c32cb387cbe03f80786e3d08b0048ee44cf42"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r3, 0x2, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void, @void}}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x40000) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000080)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\trust\xe3c*sgrVid:De', 0x0) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000006c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="7e0000008770aa4493c05f2ef6c96cdbaec5c6b60ac689c87ace632d000e24b22975f3f8c7072c797b4acdba3330d707d1f8c67f4ff6f84807677f1d8e7d715fdb57c915511f0acea859e69ac6b06d03d50924338157671525f86ef61d5fd90f70adf45e626aebc275948c28d44ca56502315230cffc61907640f7e067450300"/141, @ANYRES16=0x0, @ANYBLOB="00082dbd7000fcdbdf2505000000080032000900000005002e0000000000080039000800000008003a000300000008003c000700000005002d0000000000050033000000000005002d000100000008002b00030000000a0009000000000000000000"], 0x68}, 0x1, 0x0, 0x0, 0x94}, 0x20000040) 05:39:48 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xf00, 0x0, 0x101) [ 736.707563][T25992] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 736.718050][T25992] CPU: 0 PID: 25992 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 736.726464][T25992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 736.736539][T25992] Call Trace: [ 736.739815][T25992] dump_stack_lvl+0xd6/0x122 [ 736.744419][T25992] dump_stack+0x11/0x1b [ 736.748667][T25992] dump_header+0x98/0x410 [ 736.753063][T25992] oom_kill_process+0x18e/0x3f0 [ 736.757992][T25992] out_of_memory+0x5ed/0x890 [ 736.762675][T25992] ? mem_cgroup_iter+0x29b/0x370 [ 736.767619][T25992] mem_cgroup_oom+0x484/0x520 [ 736.772297][T25992] try_charge_memcg+0x736/0xa10 [ 736.777171][T25992] ? __this_cpu_preempt_check+0x18/0x20 [ 736.782724][T25992] ? __rcu_read_unlock+0x5c/0x290 [ 736.787750][T25992] ? security_netlbl_sid_to_secattr+0xb5/0x160 [ 736.793906][T25992] obj_cgroup_charge_pages+0xce/0x210 [ 736.799281][T25992] obj_cgroup_charge+0xe2/0x1b0 [ 736.804129][T25992] ? sk_prot_alloc+0x41/0x190 [ 736.808806][T25992] kmem_cache_alloc+0x96/0x320 [ 736.813615][T25992] sk_prot_alloc+0x41/0x190 [ 736.818125][T25992] sk_alloc+0x2e/0x220 [ 736.822241][T25992] inet6_create+0x2b2/0x730 [ 736.826833][T25992] __sock_create+0x2cc/0x4e0 [ 736.831478][T25992] sock_create_kern+0x34/0x40 [ 736.836204][T25992] inet_ctl_sock_create+0x53/0x100 [ 736.841345][T25992] igmp6_net_init+0x33/0x270 [ 736.845940][T25992] ops_init+0x1e7/0x230 [ 736.850100][T25992] setup_net+0x1fb/0x740 05:39:48 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x1200, 0x0, 0x101) [ 736.854354][T25992] copy_net_ns+0x2a9/0x450 [ 736.858780][T25992] create_new_namespaces+0x231/0x560 [ 736.864077][T25992] copy_namespaces+0x116/0x160 [ 736.868847][T25992] copy_process+0x14fc/0x2f30 [ 736.873525][T25992] kernel_clone+0x15c/0x6a0 [ 736.878030][T25992] __x64_sys_clone+0xc6/0xf0 [ 736.882678][T25992] do_syscall_64+0x44/0xa0 [ 736.887144][T25992] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 736.893040][T25992] RIP: 0033:0x7f2e21c2aae9 [ 736.897449][T25992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 736.917148][T25992] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 736.925556][T25992] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 736.933525][T25992] RDX: 0000000020000240 RSI: 0000000000000000 RDI: 00000000c0201300 [ 736.941492][T25992] RBP: 00007f2e21c84f25 R08: 0000000020001440 R09: 0000000000000000 [ 736.949460][T25992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 736.957560][T25992] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 736.965585][T25992] memory: usage 307200kB, limit 307200kB, failcnt 1339 [ 736.972585][T25992] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 736.979575][T25992] Memory cgroup stats for /syz2: [ 736.988333][T26314] loop4: detected capacity change from 0 to 131456 [ 737.004086][ C1] sd 0:0:1:0: tag#5574 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 737.007135][T26326] loop5: detected capacity change from 0 to 131456 [ 737.014202][ C1] sd 0:0:1:0: tag#5574 CDB: opcode=0xe5 (vendor) [ 737.014220][ C1] sd 0:0:1:0: tag#5574 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 737.014241][ C1] sd 0:0:1:0: tag#5574 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 737.014257][ C1] sd 0:0:1:0: tag#5574 CDB[20]: ba 05:39:48 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0604000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 737.023587][T26326] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 737.061462][T26326] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2064/file0 supports timestamps until 2038 (0x7fffffff) [ 737.079353][T26314] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 737.089944][T26314] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2110/file0 supports timestamps until 2038 (0x7fffffff) [ 737.091345][T25992] anon 2093056 05:39:48 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x2000, 0x0, 0x101) [ 737.091345][T25992] file 306561024 [ 737.091345][T25992] kernel_stack 376832 [ 737.091345][T25992] pagetables 2392064 [ 737.091345][T25992] percpu 0 [ 737.091345][T25992] sock 0 [ 737.091345][T25992] shmem 306561024 [ 737.091345][T25992] file_mapped 0 [ 737.091345][T25992] file_dirty 0 [ 737.091345][T25992] file_writeback 0 [ 737.091345][T25992] swapcached 0 [ 737.091345][T25992] inactive_anon 5361664 [ 737.091345][T25992] active_anon 303280128 [ 737.091345][T25992] inactive_file 0 [ 737.091345][T25992] active_file 0 [ 737.091345][T25992] unevictable 12288 05:39:48 executing program 0: sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8004}, 0x6004c050) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x94, 0x0, 0x300, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x4d}}}}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x7}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x7f}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x3}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x80000000}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a0}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000048}, 0x40005) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x41, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000140)={{}, {}, [], {}, [], {0x8}, {0x8}}, 0x24, 0x0) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000100)=0xfffffffa) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$sg(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/diskstats\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0), 0x1001) tkill(0x0, 0x17) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000a80)=ANY=[@ANYBLOB="44c3f99867186073415a373f240000fb", @ANYRES16=r3, @ANYBLOB="250500000000000000001a0000000600210061000000080022800400005de05e21a3b81080cb04896375c9808eaacd500b6955ab47c6df3f43fbd72086d4f1f37a60b738a16d26d6906b57504dfee2c1d272b651edd61a0176f5daa081c230a4f9fcb05c189a280a219f33b01f85e3231920ab7360e639804f131082c78fbe84ae9e70b34ac8e81a190080aaeac6f2714ad383f66bfe166b83dd9a55d8d94bd14044d0ba88f76853625c8ffe0a8e585fb60f6548f89570fa124157921273c7fff9b1fbd6979bf39c25c14c85c6b3e3921e56115bbb952cdd846f9b33cb1a751b720a66c46e7c64500500000000000000d1ba8e124ab3dcbb05b17b97ec08fed00d69bae827f33ec934bed7ecd09ce40c4e106a22ff4b424c5e646cd5f8df1f9180e50d0443b0fde6f313d701b2b5d4d162d3ff4c4e43e6aed3e29ca03773db1c53257b663f2994427c1474a7af246570c6a4868ae5b18e7d2a70e4795d6a92cf2b2944e12a4548391f9de3c37f29248a2e35dfca2da0ecacf82b639e948db457445be75e98238c43ea87ed7509ea5eca8abec8fb96c4ce5df3f6c673623f57f300f74ba5e6800cf2e1d99dd48453d312b1b5262b0db901bc456be50d46ba2301aa66841e2bf7262abd9afd54aea3772d8c32cb387cbe03f80786e3d08b0048ee44cf42"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r3, 0x2, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void, @void}}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x40000) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000080)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\trust\xe3c*sgrVid:De', 0x0) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000006c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="7e0000008770aa4493c05f2ef6c96cdbaec5c6b60ac689c87ace632d000e24b22975f3f8c7072c797b4acdba3330d707d1f8c67f4ff6f84807677f1d8e7d715fdb57c915511f0acea859e69ac6b06d03d50924338157671525f86ef61d5fd90f70adf45e626aebc275948c28d44ca56502315230cffc61907640f7e067450300"/141, @ANYRES16=0x0, @ANYBLOB="00082dbd7000fcdbdf2505000000080032000900000005002e0000000000080039000800000008003a000300000008003c000700000005002d0000000000050033000000000005002d000100000008002b00030000000a0009000000000000000000"], 0x68}, 0x1, 0x0, 0x0, 0x94}, 0x20000040) [ 737.091345][T25992] slab_reclaimable 1272112 [ 737.091345][T25992] slab_unreclaimable 1466808 [ 737.091345][T25992] slab 2738920 [ 737.091345][T25992] workingset_refault_anon 0 [ 737.091345][T25992] workingset_refault_file 1 [ 737.091345][T25992] workingset_activate_anon 0 [ 737.091345][T25992] workingset_activate_file 0 [ 737.091345][T25992] workingset_restore_anon 0 [ 737.193624][T25992] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=19776,uid=0 [ 737.209214][T25992] Memory cgroup out of memory: Killed process 19776 (syz-executor.2) total-vm:85216kB, anon-rss:420kB, file-rss:35764kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 737.211225][ C1] sd 0:0:1:0: tag#5576 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 737.236578][ C1] sd 0:0:1:0: tag#5576 CDB: opcode=0xe5 (vendor) [ 737.242939][ C1] sd 0:0:1:0: tag#5576 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c 05:39:48 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000cc30025ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:48 executing program 2: ioctl$FIOCLEX(0xffffffffffffffff, 0x5451) r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) r1 = socket$netlink(0x10, 0x3, 0x0) finit_module(0xffffffffffffffff, 0x0, 0x0) r2 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000780)) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x0, 0x0, 0x1f, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf1", 0x0, 0x0, 0x0, 0x0, 0x0}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0) sendmsg$NLBL_CIPSOV4_C_REMOVE(0xffffffffffffffff, 0x0, 0x40025) r3 = syz_open_dev$sg(&(0x7f0000000000), 0xffffffffffffb819, 0x400440) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000001200)={0x0, 0x0, {0x8, @struct={0x6, 0x4}, 0x0, 0x0, 0x200, 0x3f, 0xea8, 0x0, 0x0, @usage, 0x0, 0x0, [0x0, 0x0, 0x0, 0x6, 0xffff, 0x9]}, {0x0, @struct={0x80, 0x9}, 0x0, 0x0, 0x4, 0x1, 0x802, 0x0, 0x0, @struct, 0x0, 0x0, [0x7fffffff, 0x0, 0x0, 0x0, 0xa8, 0xb07]}, {0x0, @usage, 0x0, 0x0, 0x9, 0x9, 0x0, 0x0, 0x4, @struct, 0x8, 0x1, [0x0, 0x0, 0x0, 0x0, 0x391, 0x3]}, {0x166d, 0x1}}) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000980)) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190604000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) recvmmsg(0xffffffffffffffff, &(0x7f00000017c0)=[{{&(0x7f0000000080)=@ax25={{0x3, @null}, [@remote, @netrom, @bcast, @default, @netrom, @null, @null, @null]}, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000500)=""/242, 0xf2}, 0x401}, {{0x0, 0x0, &(0x7f0000000700)=[{0x0}, {&(0x7f0000000680)=""/117, 0x75}], 0x2, &(0x7f0000001780)=""/55, 0x37}, 0x4e}], 0x2, 0x0, &(0x7f0000001840)={0x77359400}) [ 737.252005][ C1] sd 0:0:1:0: tag#5576 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 737.261040][ C1] sd 0:0:1:0: tag#5576 CDB[20]: ba 05:39:48 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x3f00, 0x0, 0x101) 05:39:49 executing program 0: sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8004}, 0x6004c050) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x94, 0x0, 0x300, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x4d}}}}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x7}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x7f}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x3}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x80000000}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a0}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000048}, 0x40005) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x41, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000140)={{}, {}, [], {}, [], {0x8}, {0x8}}, 0x24, 0x0) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000100)=0xfffffffa) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$sg(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/diskstats\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0), 0x1001) tkill(0x0, 0x17) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000a80)=ANY=[@ANYBLOB="44c3f99867186073415a373f240000fb", @ANYRES16=r3, @ANYBLOB="250500000000000000001a0000000600210061000000080022800400005de05e21a3b81080cb04896375c9808eaacd500b6955ab47c6df3f43fbd72086d4f1f37a60b738a16d26d6906b57504dfee2c1d272b651edd61a0176f5daa081c230a4f9fcb05c189a280a219f33b01f85e3231920ab7360e639804f131082c78fbe84ae9e70b34ac8e81a190080aaeac6f2714ad383f66bfe166b83dd9a55d8d94bd14044d0ba88f76853625c8ffe0a8e585fb60f6548f89570fa124157921273c7fff9b1fbd6979bf39c25c14c85c6b3e3921e56115bbb952cdd846f9b33cb1a751b720a66c46e7c64500500000000000000d1ba8e124ab3dcbb05b17b97ec08fed00d69bae827f33ec934bed7ecd09ce40c4e106a22ff4b424c5e646cd5f8df1f9180e50d0443b0fde6f313d701b2b5d4d162d3ff4c4e43e6aed3e29ca03773db1c53257b663f2994427c1474a7af246570c6a4868ae5b18e7d2a70e4795d6a92cf2b2944e12a4548391f9de3c37f29248a2e35dfca2da0ecacf82b639e948db457445be75e98238c43ea87ed7509ea5eca8abec8fb96c4ce5df3f6c673623f57f300f74ba5e6800cf2e1d99dd48453d312b1b5262b0db901bc456be50d46ba2301aa66841e2bf7262abd9afd54aea3772d8c32cb387cbe03f80786e3d08b0048ee44cf42"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r3, 0x2, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void, @void}}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x40000) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000080)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\trust\xe3c*sgrVid:De', 0x0) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000006c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="7e0000008770aa4493c05f2ef6c96cdbaec5c6b60ac689c87ace632d000e24b22975f3f8c7072c797b4acdba3330d707d1f8c67f4ff6f84807677f1d8e7d715fdb57c915511f0acea859e69ac6b06d03d50924338157671525f86ef61d5fd90f70adf45e626aebc275948c28d44ca56502315230cffc61907640f7e067450300"/141, @ANYRES16=0x0, @ANYBLOB="00082dbd7000fcdbdf2505000000080032000900000005002e0000000000080039000800000008003a000300000008003c000700000005002d0000000000050033000000000005002d000100000008002b00030000000a0009000000000000000000"], 0x68}, 0x1, 0x0, 0x0, 0x94}, 0x20000040) [ 737.357280][T26732] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 737.358015][ C1] sd 0:0:1:0: tag#5578 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 737.367480][T26732] CPU: 0 PID: 26732 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 737.377281][ C1] sd 0:0:1:0: tag#5578 CDB: opcode=0xe5 (vendor) [ 737.385637][T26732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 737.385648][T26732] Call Trace: [ 737.385654][T26732] dump_stack_lvl+0xd6/0x122 [ 737.391994][ C1] sd 0:0:1:0: tag#5578 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 737.402040][T26732] dump_stack+0x11/0x1b [ 737.405325][ C1] sd 0:0:1:0: tag#5578 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 737.409876][T26732] dump_header+0x98/0x410 [ 737.409898][T26732] oom_kill_process+0x18e/0x3f0 [ 737.418898][ C1] sd 0:0:1:0: tag#5578 CDB[20]: ba [ 737.423026][T26732] out_of_memory+0x5ed/0x890 [ 737.450825][T26732] ? mem_cgroup_iter+0x29b/0x370 [ 737.455770][T26732] mem_cgroup_oom+0x484/0x520 [ 737.460505][T26732] try_charge_memcg+0x736/0xa10 [ 737.465400][T26732] ? __rcu_read_unlock+0x5c/0x290 [ 737.470497][T26732] charge_memcg+0x51/0x1a0 [ 737.475111][T26732] __mem_cgroup_charge+0x25/0xa0 [ 737.480091][T26732] wp_page_copy+0x2f0/0x11e0 [ 737.485725][T26732] do_wp_page+0x4fb/0xa80 [ 737.490055][T26732] ? __rcu_read_unlock+0x5c/0x290 [ 737.495091][T26732] handle_mm_fault+0x975/0x1590 [ 737.499946][T26732] do_user_addr_fault+0x609/0xbe0 05:39:49 executing program 0: sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8004}, 0x6004c050) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x94, 0x0, 0x300, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x4d}}}}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x7}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x7f}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x3}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x80000000}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a0}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000048}, 0x40005) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x41, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000140)={{}, {}, [], {}, [], {0x8}, {0x8}}, 0x24, 0x0) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000100)=0xfffffffa) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$sg(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/diskstats\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0), 0x1001) tkill(0x0, 0x17) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000a80)=ANY=[@ANYBLOB="44c3f99867186073415a373f240000fb", @ANYRES16=r3, @ANYBLOB="250500000000000000001a0000000600210061000000080022800400005de05e21a3b81080cb04896375c9808eaacd500b6955ab47c6df3f43fbd72086d4f1f37a60b738a16d26d6906b57504dfee2c1d272b651edd61a0176f5daa081c230a4f9fcb05c189a280a219f33b01f85e3231920ab7360e639804f131082c78fbe84ae9e70b34ac8e81a190080aaeac6f2714ad383f66bfe166b83dd9a55d8d94bd14044d0ba88f76853625c8ffe0a8e585fb60f6548f89570fa124157921273c7fff9b1fbd6979bf39c25c14c85c6b3e3921e56115bbb952cdd846f9b33cb1a751b720a66c46e7c64500500000000000000d1ba8e124ab3dcbb05b17b97ec08fed00d69bae827f33ec934bed7ecd09ce40c4e106a22ff4b424c5e646cd5f8df1f9180e50d0443b0fde6f313d701b2b5d4d162d3ff4c4e43e6aed3e29ca03773db1c53257b663f2994427c1474a7af246570c6a4868ae5b18e7d2a70e4795d6a92cf2b2944e12a4548391f9de3c37f29248a2e35dfca2da0ecacf82b639e948db457445be75e98238c43ea87ed7509ea5eca8abec8fb96c4ce5df3f6c673623f57f300f74ba5e6800cf2e1d99dd48453d312b1b5262b0db901bc456be50d46ba2301aa66841e2bf7262abd9afd54aea3772d8c32cb387cbe03f80786e3d08b0048ee44cf42"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r3, 0x2, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void, @void}}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x40000) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000080)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\trust\xe3c*sgrVid:De', 0x0) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000006c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="7e0000008770aa4493c05f2ef6c96cdbaec5c6b60ac689c87ace632d000e24b22975f3f8c7072c797b4acdba3330d707d1f8c67f4ff6f84807677f1d8e7d715fdb57c915511f0acea859e69ac6b06d03d50924338157671525f86ef61d5fd90f70adf45e626aebc275948c28d44ca56502315230cffc61907640f7e067450300"/141, @ANYRES16=0x0, @ANYBLOB="00082dbd7000fcdbdf2505000000080032000900000005002e0000000000080039000800000008003a000300000008003c000700000005002d0000000000050033000000000005002d000100000008002b00030000000a0009000000000000000000"], 0x68}, 0x1, 0x0, 0x0, 0x94}, 0x20000040) [ 737.504994][T26732] exc_page_fault+0x91/0x290 [ 737.509577][T26732] ? asm_exc_page_fault+0x8/0x30 [ 737.514552][T26732] asm_exc_page_fault+0x1e/0x30 [ 737.519456][T26732] RIP: 0033:0x7f2e21bd8d30 [ 737.523957][T26732] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6 [ 737.535558][ C1] sd 0:0:1:0: tag#5579 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s 05:39:49 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x5084, 0x0, 0x101) [ 737.544186][T26732] RSP: 002b:00007ffca696e1c0 EFLAGS: 00010246 [ 737.544203][T26732] RAX: 00000000fb5bc281 RBX: 00007f2e219a2008 RCX: 0000001b33120000 [ 737.544215][T26732] RDX: 0000001b3312003c RSI: ffffffff810594fe RDI: 0000000000000000 [ 737.554133][ C1] sd 0:0:1:0: tag#5579 CDB: opcode=0xe5 (vendor) [ 737.560163][T26732] RBP: 0000000000000001 R08: 00000000fb5bc281 R09: 0000001b3312001c [ 737.560177][T26732] R10: 0000000000000281 R11: 00000000fb5bc285 R12: 0000000000000007 [ 737.560188][T26732] R13: 00007f2e21d32000 R14: ffffffff810594fe R15: 00007f2e21d3dff0 [ 737.560201][T26732] ? fpregs_assert_state_consistent+0x7e/0x90 [ 737.568170][ C1] sd 0:0:1:0: tag#5579 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 737.576087][T26732] ? fpregs_assert_state_consistent+0x7e/0x90 [ 737.582412][ C1] sd 0:0:1:0: tag#5579 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 737.582429][ C1] sd 0:0:1:0: tag#5579 CDB[20]: ba [ 737.641612][T26732] memory: usage 307200kB, limit 307200kB, failcnt 1389 [ 737.648470][T26732] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 05:39:49 executing program 0: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f0000000280)=ANY=[@ANYRESHEX], 0x12) write$binfmt_misc(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="48bb"], 0x4) r1 = perf_event_open(&(0x7f0000000080)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) chmod(&(0x7f0000000040)='./bus\x00', 0x1) r2 = gettid() process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000140)=0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000680)={{{@in6=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={""/10, ""/2, @loopback}}, 0x0, @in=@dev}}, &(0x7f0000000180)=0xe8) r5 = gettid() process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f00000042c0)=[{{&(0x7f00000015c0)=@abs, 0x6e, &(0x7f0000000240), 0x0, &(0x7f0000001640)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}}, {{&(0x7f00000016c0)=@abs, 0x6e, &(0x7f0000002740)=[{&(0x7f0000001740)=""/4096, 0x1000}], 0x1, &(0x7f0000002780)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000002880)=@abs, 0x6e, &(0x7f0000002cc0)=[{&(0x7f0000002900)=""/9, 0x9}, {&(0x7f0000002940)=""/63, 0x3f}, {&(0x7f0000002980)=""/251, 0xfb}, {&(0x7f0000002a80)=""/211, 0xd3}, {&(0x7f0000002b80)=""/78, 0x4e}, {&(0x7f0000002c00)=""/21, 0x15}, {&(0x7f0000002c40)=""/112, 0x70}], 0x7, &(0x7f0000002d40)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000002d80), 0x6e, &(0x7f0000004040)=[{&(0x7f0000002e00)=""/4096, 0x1000}, {&(0x7f0000003e00)=""/214, 0xd6}, {&(0x7f0000003f00)=""/102, 0x66}, {&(0x7f0000003f80)=""/136, 0x88}], 0x4}}, {{0x0, 0x0, &(0x7f0000004200)=[{&(0x7f0000004080)=""/111, 0x6f}, {&(0x7f0000004100)=""/219, 0xdb}], 0x2, &(0x7f0000004240)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60}}], 0x5, 0x1, &(0x7f0000004400)={0x77359400}) newfstatat(0xffffffffffffff9c, &(0x7f0000004440)='./bus\x00', &(0x7f0000004480)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) sendmsg$netlink(r0, &(0x7f0000004540)={0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000100)={0x18, 0x1f, 0x202, 0x70bd29, 0x25dfdbfe, "", [@typed={0x8, 0x8c, 0x0, 0x0, @pid}]}, 0x18}, {&(0x7f00000002c0)={0x3c0, 0x33, 0x400, 0x70bd25, 0x25dfdbfc, "", [@generic="ffaa05d960a9b290ad28ee5da040bfaa4d563a85e6dde205360a316ea543909042e5c7a87fa05cc27ef662ec08a15a00d1be1a1b0cd900dcd4631266a059d6515c00c27db4337c353c01da18d0487832cd97e991283714affc861f07368c2cc6e391adae242aafa2121f985aa31fbdad3c05bbe5c580ad0b6d1280", @typed={0x4, 0x45}, @generic="59c7f8a1fa3dffcc9eecfebe40057dadabff7303dc32c70bcb9ac63914398ed60f3e99085cbd3a25803a4a72a4dfb3a9976155fa3d5b9e590b0be709fc945710170d03b4078da08ccaa0fa812a4c5c842255a9aaf5f800d8940e", @typed={0x8, 0x53, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x39}}, @nested={0x9a, 0x11, 0x0, 0x1, [@generic="fbc61c5ce0c04ab669e99d7e211a58969a60d153f6246e871d5469ac22d74d645f371053d6fdfe115de7218d5d4a75169eb051982341cded5b350f08d91d5f3c8c7be730c9f125821d3448b2bceb23b13080893ca069bd59412ef541e729ebbf3e9da537816876538c3489cfa426bca01d5c1888120cfde20dee2f4892f9e26abe1717b07c07cfa2f7ade7931758", @typed={0x8, 0x48, 0x0, 0x0, @uid=0xee00}]}, @nested={0x18f, 0x45, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @pid=r2}, @generic="687458935873bd93a048c74bbb48142832b8b19cbc5ed7349a784f4154fa834b642d1f11ccbcb83b790e0296c5c507ad6147df1254ea00365236290f30d25acc801292d52f68490dfd85c80c6cedf8941767d0cb54fa76812ebaf98f96df85ada104494f2f61cb3285c58ad64c5b934b2a9935b9256b9b7a31e22b8c0627c193741e2b66ae1dbb50ce5b4710", @generic="288927727775a7e82ca91c75dda504a26f5a80ad2cad7a55345313d659645a3eae69a38450fc0f79bd44f816c0cb3aa488e49744ba52d6f2c1ac8e56a8b82b6cea0348aa7b56c4a33d8876b1178fbad816b6b7b90458603370483e7825e924537163f77a36b8175a661142b1b0b8d4ed64f684e4fbf07c4fc71b7e5ccc1325ba016fbd14ddf8b864aa4b6728c19b5ad45f56b69f572ee4eb359f34e12dac09548eaa68d5ed6096bc5ef36f70968a5126661df0c35cd37c61cd2ab75b63557458fef3d4fc4d28a3a5aff658bdfec2c127929aac77f4eed940c0e595ed1fb527ad4f172d1420db627b537195de27e642fabc57451b8fd5bc"]}, @nested={0x98, 0x90, 0x0, 0x1, [@typed={0x8, 0x9, 0x0, 0x0, @u32=0x7ff}, @typed={0x8b, 0x15, 0x0, 0x0, @binary="615c5aba9ea79178227c7cec148e7ce7543358449a75a8da312d08d1f9b3c7f789d1d96077ec9d605927dc954b0f4bee3b3a21a210f6fd7d9ec0e2c6eacd21d25901f05d6ddf7aafcbaade72cfb0ae7bb44a1b5defd515ac8a18dbb89ac79a852bc231636453f53e1a8c40eab6540187a20b26bcf3751456502cc552bd0fdfe24b41a10d5b6adc"}]}, @typed={0x8, 0x64, 0x0, 0x0, @pid=r3}]}, 0x3c0}, {&(0x7f0000000780)={0x174, 0x41, 0x800, 0x70bd26, 0x25dfdbfe, "", [@typed={0x8, 0x3f, 0x0, 0x0, @uid}, @generic="2ba3ecedf05c0336577079d5f3bc92fe1b9b7beee52f3bf6e38be44530e5dfae61bfebb548d29d9f4a799765071ea7efc1e0475c4f21ecde6290e92c8fdf80287dddd4b6c7a6854a47a153efae8a26c602af02f3c07cf0251976144421a8bcbefcc606504f66bdbe87c1962467cbbe85d3a382", @typed={0x8, 0x5a, 0x0, 0x0, @uid=r4}, @generic="82ed5c1e83def2bafcae698676443260cf584c4549ae32a58da31029437c0a761437437eb2ea4bd490c6692dfc0e345ef5d849e255ff7b5ce8108a9284719dfd723ef2873f78fbb7f30d2db6ff707e8729600d249082ad207f3fd31a364010eaa377193efaad0f1a62834a6fc81d7951249e7699f29163d309b5f512540e4dc7932becdba21d74ee62700fd3edd90338430b2e89f5273e9cac23811348e37f15933853d825edb4940e7707f5ab664e00ff3ef3648000755e506320cf721feca1d91d5ebd4b8396916e96c8b11c248a4ba11599fd9e06fc0fbcba7ac2861ee5"]}, 0x174}, {&(0x7f0000000900)={0xe8, 0x1a, 0x300, 0x70bd26, 0x25dfdbfe, "", [@generic="923c55dfe272a2d5fee0c70eef009b7217d60bbe367ffbca901a55d5461cc2547e4f0b926de759a430222c64f3ef2d492b496e3933dc20c9c6845b7047a0ccbfe3d9aa22643f45d490097229654a1f3938829e0124eba3ccf0f60e996da1b5c47f0fcc6c33e183f7c177d06b986df450f0cdeeb9ba4c5618ec5f3c0ef5ababdc9983ac8d64d29dc9bc89aed6702c6c859b3dcba34a58fe446ef65e6e0f9460256b8d04f164cfede4e215f2fb6b6d932fc84ae6fd60b45f228bd529b07a06279d8ce1dcd29259e273a1013c51102b7556441152f351"]}, 0xe8}, {&(0x7f0000000200)={0x1c, 0x13, 0x10, 0x70bd27, 0x25dfdbff, "", [@nested={0xc, 0x6d, 0x0, 0x1, [@typed={0x8, 0x4b, 0x0, 0x0, @ipv4=@local}]}]}, 0x1c}, {&(0x7f0000000a00)={0xb08, 0x33, 0x1, 0x70bd27, 0x25dfdbfd, "", [@typed={0x4, 0x8b}, @nested={0x43f, 0x34, 0x0, 0x1, [@generic="fb961d6e784d6401a68e65c88fb621c08e63d92ac4964b6a71f0a0cb259afebb25dfbd8402de5dc89f60950fb1d41594d75b11b5e11429856588f9af14776a652810", @generic="982aa8b2c9690a04e009d171cc8ee3634dfab1cd14405ae2c969f8da3053e3c354b5387b23156d8013e84fcc9b2882e67d0e6321e90d32ab7e7ed2406325f80dc379850e1f9879978079c12b5775c424bdb57d56f74fa61f783de970fe2e966fedcce4223bbe7287e4905d7a050f50f1201a61814fbab9a614395268afcb013b5a4c5a34ef2ab1fa7316a2f12d6d07bbfd484cccff608341191d903b934c9012022ad76d", @generic="f3f63c62a027e8eee7db4b7682d1e32b4492bcdb52866c405634adcd2219a7975a7fdfe39d273f8742634f215c01155b3565485d166e464ccd9a942c317fe0a16697b2d5c6e3153c80cd6e781d74a7b1d10652659f6ac9f90e86444cb2ca7be9dc5da3b4d46144488d6d5faf0322100ad7c3c3e27c9431ce2938de0423f77a8b7a1b01ec96db543e878f45ac461591b6224593f81b38ce0906de3e85348d817a26fc6e4cc0fa1e714f26b0d9c11c154324731afd6eb9bc4862ed793f2c2c677b12a4147ab513488694b45cc343904b53d3ac501e616b69", @generic="0230537dbb274dd5dd833865107f605ee52283e56931d998fff87ec3bfc6e92f9e4a891e108cf9985e2fe32ee5c56f94b457c2f224742f0d6412e7fbf1cb6b9c391a1df294785002c219cf2dd413f9a2f2950328adcbadfe3218ec24e2c7723fcc2fb26d2442d7ed837dec5bfcb3e53671420eec4f4c9127233fc116c4f4783a94c599c299548b52e1914bce64029feefe18f1205faa1fa1a09e4bf2d0bc95f16f053d68eba0c0f884524655bff66474a24ff4c4c29f2679d626cc5460561de557e40cdb24438a38d96a542cedb01e2f63a40d2d3c95", @generic="965c2d66c2097ace62a32b2719232e458cc9fc9c1f965c9f47536c8749457c9cefaa08f70bdb4aecd7e659fdcc66bcfc1cb98aee4f5c4c3a241961af67a6cba81de75d5e1e43dae4f3411b5e00b2535a2b4ff488e3839facf542d8c42f053681ce2d", @generic="b33b79d6928065ab59c06bdf17f64ce2ec86fdbb6ad8ab3a8c89542ac99a2e106d45fd26842edaa83ec4a12345592b9ec4ba8b992f13f0665cf57ebe1038ec0eb6100edfb8a2c34243cd8ac466aa04accfc3b11697", @generic="e7482e3317b80fba364cbc203198b7b929ff843dc68a791220e513cb0652c4210508559ac08ca18c90f9a0d4cfd4652937d84e9c0ae190e0248c5d7458b38df649dd9e78d41d25fc36627b156f891719f3954536f8a076f4306829d284b335fedde711c120facbc5587460c33ecdf80265466833caff477e9a20f633ed78102011f9b517548894f42e9bd26eb19adcd6631417691805cfad44f3b4a610565f8374cc50c8e40c3debd1fdded822a954d7d419b036e2769958090fffbd66ded43858a9decd4a81d58ab8efb651382500f90f690d8d90d91a8e6f5368800b", @typed={0x14, 0x51, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x1c}}]}, @nested={0x16e, 0x8, 0x0, 0x1, [@typed={0xf9, 0x7a, 0x0, 0x0, @binary="3edfa962fd61eccb085d29e1bf49df6464b85c177162a951ec52ec14c6382b959b0e888541f5bd4087c3023cafc01e21f7515a1810b3cfd6091bb851f737f20819482b6ee946391fc4eb357b6c35ce3337bb94349028c85d0ce59f6d663b7054f6f661395716dff1303afac35588016d1f7b3b6d34872b566463f204030f11bb9b59ea6409444239b223923fe09bee30ce67c6ab74967ec8d927125657d2377083b1b9581ac5812bd34871453145aaf3995370085b3fd98174a2f6e7e51664aa3bf554c6985838d131d7f213cfb2e88ca6c4b887f4ebeef75e695347a99c6aee11079a690c1470e9a4b47a5747ed7d6fa41f808952"}, @generic="41fa51368870b3bc87f8670c3b61f646c447a7b56681c834d42b9890", @generic="5a4f66ed2487a229597f5dcb8e4715a6dd8643d92891f2918c46967ae1cbf697d2e1f452846164c5db1e7fbab77ba5cdcccfe97326cfef62775e86a156f35611a755ad05ed885d3640d1fa1ba2db", @typed={0x4, 0x54}]}, @nested={0x197, 0x4a, 0x0, 0x1, [@generic="c1665db69d080478f7623926693f70159fa8af69b3082464acfca3150c72f84250e4da0b08354e6ac27a791591478347a93583ff3eac58dfbca4d35a86581c94992ad45e2685bc34aa6b1a21ed2dffcca961c56a8ebef0badc219ffaba9b3b521df95700fced62de58634e18525bbaa292527af1415443bed0b66bc90d0854c296d9a8d9266fe01a928ad2793d97f450ad98fd6da7ae76ebd6c16405b31e6b8bb6db5b544dd8c7e1e5796762eba31578acf33f8378128fadb6ee328b793c6e61fea3b3d16977b20da54cded82f28c4aeab9cd8146964af98c474c0726c5e517ff3669f8c695240b94db134a36c8e2d6a", @generic="9f4f9ba0e1848df1b7243f308365898fb24be57bfe10da8b48ec21273242b89e4fbeb6512fe6e0a972462e2aa5910cde7d9ceac3b8983d246b72195898afb71f4b5ffe2cafa41a915806c1817e0bfebd846c5d28944df12cfeb0ebbc0e999c39e619c1dea699b3b05d5b9f50910c89fdb49b5d26b66551b71ec293c34ea874cc8e71809e1b367228cf4325a42ce7c49824e5daa8b4c72cf6444b81ab4aaa7bf00c8461"]}, @generic="4a6e6ee7647c4ae5f94e73", @nested={0xc, 0x83, 0x0, 0x1, [@typed={0x8, 0x32, 0x0, 0x0, @ipv4=@private=0xa010102}]}, @typed={0xfd, 0x1a, 0x0, 0x0, @binary="f5ea59da2a6f949eb4eb13911e0a73f2438e7bea2de46cf00d506fa4acabcf5954c3130c7b9939ab7cc2eb82350bf14a99cb30412c2d281b08d3831bd602655adc1413b0aa561d909443c392eff4022b2cc41fad18c88e6d81ff669d40d1fb3e11cb06f920038a9358c747f00a520324701fdcb8fd78ac9eff49c588eb5c4d9e29abaf1055f26cc608440a2adc7d75f753d6ee1e3ad509d2da199ccbb5f039bbf2b0bdbfc1d3b20966c491bbd514328380d4c4bfeb6196af88b917c76c4d616bc4d6d03eba65589a867c9d681645757ed9179140950fa1fb4cd0384a3a174829e7d9a4e9084f4f12c567ee3864a5b92a6074b2a53d38c59a09"}, @nested={0x291, 0xe, 0x0, 0x1, [@typed={0x8, 0x95, 0x0, 0x0, @fd=r1}, @typed={0x8, 0x74, 0x0, 0x0, @pid=r5}, @generic="c8da85bf2e5d43cebac394b37d02e1d1b5af8877e9ef004e6414bf7e7c9570fe2e7a05dcfd4aa88be2e7e10abb872e410f85b7644b4cb86486bd96593df447b3fee93f06fa12dc5f1fa240e59963949e329ff981713029976d9a030011a5a48acc49957b7b3109d42d544f46af33bc2593df7e278690e559ccbac7483a42462687ad15e01936d39757184e8505db365ea91651401064936ce70654", @generic="bb99b00c95a00d75f83c81f60fc7dc9b9bdf87018aeaa1d72aa2f6f67fc85dd64de10d8b57c936fd7bb4c3d8821ec2b5ea5f060017a56cfbae2e60452fa8b730dec5d6738413180c97a9f5f3f84888814f1590dc3a7a938d91a0836357fb0b611b7dec83bd08d3979327c8430e64ec7b5473480611aa4760213ea2d3e611fd0e8b3014f0c996a3a6fa1bd90b12b7dc80fa17295469b057334c2d2b7302daba8c464bfc8ad79bcfab91e055d3806de5b20f7ad31765079223cf97a278e102a61e9dc71c85f151d95d5137ae37d115c9454969c1dc4992123d2e32", @typed={0xf4, 0x8, 0x0, 0x0, @binary="fd2c85aa2f3b7cf96e4003c5c753237cf24b02e13c9b212ff5ab983e6feb5e790852d2ddba945863890972b5f5808502ca6c59faed3d65cb6b4ba7be2e2d2c94c2fb5dc54f5ba552c9aff52251f5a45242b1e03f8b566924597d642652291d59c32fe49b2b0448580cc662c5130cbcabd3593d4ccfbb13434242bf800c96f2991dd354d483dd9d36f810bee194aafb50253864af0ed0287b48db9136545a27a8bea4aad8adc2700e77550b485e85b37a620b6e8098d25a38e29884774d2737654c6eb663186ff6a73450f00798f5c2ef50813ba8c94ad2d2d33a4dd85559d69365d5f1895b362c5f0487f05276a4fcdb"}, @typed={0x14, 0x45, 0x0, 0x0, @ipv6=@mcast2}]}]}, 0xb08}], 0x6, &(0x7f0000004500)=[@cred={{0x1c, 0x1, 0x2, {r6, r7, 0xee01}}}], 0x20, 0x40}, 0x20000000) mmap$perf(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x0, 0x412, r0, 0x0) [ 737.655309][T26732] Memory cgroup stats for /syz2: [ 737.666815][T27049] loop5: detected capacity change from 0 to 131456 [ 737.680580][T27052] loop4: detected capacity change from 0 to 131456 05:39:49 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x8102, 0x0, 0x101) [ 737.712295][T27049] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 737.737390][T27052] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 737.757159][T27052] System zones: 1-2, 19-19, 35-38, 46-46 [ 737.757783][T26732] anon 2072576 [ 737.757783][T26732] file 306561024 [ 737.757783][T26732] kernel_stack 360448 [ 737.757783][T26732] pagetables 2383872 [ 737.757783][T26732] percpu 0 [ 737.757783][T26732] sock 0 [ 737.757783][T26732] shmem 306561024 [ 737.757783][T26732] file_mapped 0 [ 737.757783][T26732] file_dirty 0 [ 737.757783][T26732] file_writeback 0 [ 737.757783][T26732] swapcached 0 [ 737.757783][T26732] inactive_anon 5341184 [ 737.757783][T26732] active_anon 303280128 [ 737.757783][T26732] inactive_file 0 [ 737.757783][T26732] active_file 0 [ 737.757783][T26732] unevictable 12288 [ 737.757783][T26732] slab_reclaimable 1289480 [ 737.757783][T26732] slab_unreclaimable 1487880 [ 737.757783][T26732] slab 2777360 [ 737.757783][T26732] workingset_refault_anon 0 [ 737.757783][T26732] workingset_refault_file 1 [ 737.757783][T26732] workingset_activate_anon 0 [ 737.757783][T26732] workingset_activate_file 0 [ 737.757783][T26732] workingset_restore_anon 0 [ 737.762975][T27049] System zones: 1-2, 19-19, 35-38 [ 737.852386][T26732] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26603,uid=0 [ 737.857455][T27049] , 46-46 [ 737.858022][T27052] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 737.872678][T26732] Memory cgroup out of memory: Killed process 26603 (syz-executor.2) total-vm:85216kB, anon-rss:440kB, file-rss:35824kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 05:39:49 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x8200, 0x0, 0x101) [ 737.875696][T27052] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2111/file0 supports timestamps until 2038 (0x7fffffff) [ 738.087468][T27049] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 738.098120][T27049] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2065/file0 supports timestamps until 2038 (0x7fffffff) 05:39:49 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce1004000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:49 executing program 0: r0 = openat$incfs(0xffffffffffffffff, &(0x7f0000000780)='.log\x00', 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000080)=[{&(0x7f00000002c0)="eb3c8f000000732e66617400020101000240008080f801", 0x17}, {0x0, 0x56, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') chdir(&(0x7f00000001c0)='./file0\x00') r1 = creat(&(0x7f0000000140)='./bus\x00', 0x0) r2 = open(&(0x7f0000000080)='./bus\x00', 0x14d842, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e23, 0x5, @remote}, 0x1c) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000001) io_setup(0x202, &(0x7f00000003c0)=0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0}, './bus\x00'}) r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r7 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r6, r7) fsconfig$FSCONFIG_SET_PATH(r5, 0x3, &(0x7f0000000280)='+!\\+\x00', &(0x7f0000000300)='./bus\x00', r6) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) io_submit(r4, 0x4011, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x3a5, 0x2, 0x1, 0x0, r1, &(0x7f0000000000), 0x16006, 0x10574, 0x0, 0x400000e}]) 05:39:49 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x8450, 0x0, 0x101) 05:39:49 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000cc40025ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 738.195285][T27469] loop4: detected capacity change from 0 to 131456 [ 738.202575][T27470] loop0: detected capacity change from 0 to 16 [ 738.234623][T27469] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 738.244904][T27573] netlink: 25 bytes leftover after parsing attributes in process `syz-executor.2'. [ 738.268683][T27574] loop5: detected capacity change from 0 to 131456 [ 738.285458][T27469] System zones: 1-2, 19-19, 35-38, 46-46 [ 738.296757][T27470] syz-executor.0: attempt to access beyond end of device [ 738.296757][T27470] loop0: rw=2049, want=256, limit=16 [ 738.317739][T27469] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 738.328354][T27469] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2112/file0 supports timestamps until 2038 (0x7fffffff) [ 738.356404][T27574] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 738.377201][T27574] System zones: 1-2, 19-19, 35-38, 46-46 05:39:50 executing program 2: fchown(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x4e23, 0x8000, 0x4e24, 0xde5, 0x2, 0x80, 0xa0, 0x2b}, {0xffffffffffffffc1, 0x1, 0xff, 0x7ff, 0x3, 0x101, 0x6a2, 0x10000}, {0x9, 0x800, 0x9, 0x2}, 0xfffffffa, 0x0, 0x1, 0x0, 0x3, 0x1}, {{@in=@remote, 0x4d4, 0xff}, 0x2, @in6=@mcast1, 0x0, 0x4, 0x0, 0x8, 0xff, 0x40, 0xff}}, 0xe8) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = perf_event_open(&(0x7f00000003c0)={0x1, 0xffffffffffffffd1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x408}, 0x0, 0x400000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x38020}, 0xc, &(0x7f0000000440)={&(0x7f00000005c0)=ANY=[@ANYRES32, @ANYRESDEC, @ANYBLOB="003f00000c00ff", @ANYRESDEC=r0, @ANYRESDEC=r1, @ANYRESOCT=r0], 0x44}, 0x1, 0x0, 0x0, 0x24000885}, 0x24004080) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, 0x0, 0x20000004) sendmsg$DEVLINK_CMD_TRAP_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000880)=ANY=[@ANYBLOB='\x00\x00@\x00', @ANYRESOCT=r1, @ANYBLOB="000127bd7000fcdbdf253d000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c74696361737400"], 0x4c}, 0x1, 0x0, 0x0, 0x20040890}, 0x10) pwrite64(0xffffffffffffffff, &(0x7f0000000980)="99bc7b3f79a068623d96a74e9c8a0541a973b5bf9e0bf48cc4b0141aac8062dc9e69e12cf87351fff33885b96b8cbde9034a", 0x32, 0x8) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="b4000000", @ANYRES16=0x0, @ANYBLOB="020027bd7000ffdbdf2513000000080001007063690011000200303030303a30303a31302e300000000008000356126f9382000000000008000b00c400000006001100ff7f0000080001007063690011000200303030303a30303a31302e3000000000080003000200000008000b000400000006001100050000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000000000008000b0008000000060011"], 0xb4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000004) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x22, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}}) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f00000000c0)={0xa, 0x4e20, 0x80000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x8}, 0x1c, 0x0, 0x0, &(0x7f0000000940)=ANY=[@ANYRESOCT], 0x28}, 0x0) ioctl$FIONCLEX(0xffffffffffffffff, 0x5450) clone(0x204000, &(0x7f0000000740)="1133383464f76d652aaa0ca9643136c31e74837775945f1f6d57bbfd34a26445bf6fa918bb0f58404ca9b470ed0ae1c689aac06cd7", &(0x7f00000007c0), &(0x7f0000000800), &(0x7f0000000840)="45db8738464d1e05aa9ac7802921918c8888e76e9a165cfe45844af8c9a73dc4a1bba2e01627ba622d1b76cd684d78ea7229e652f66dd94b") 05:39:50 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xff01, 0x0, 0x101) 05:39:50 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000cc50025ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 738.397287][T27574] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 738.408043][T27574] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2066/file0 supports timestamps until 2038 (0x7fffffff) 05:39:50 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x40000, 0x0, 0x101) 05:39:50 executing program 0: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x8) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)) r2 = memfd_secret(0x80000) fallocate(r2, 0x0, 0x3c, 0x4) open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) r3 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r3, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r3, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) pwritev2(r3, &(0x7f0000000080), 0x19, 0x4200, 0x0, 0x3) fallocate(r0, 0x100000003, 0xb400, 0x80019c) [ 738.516113][T27779] loop4: detected capacity change from 0 to 131456 [ 738.539493][ C0] sd 0:0:1:0: tag#5600 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 738.549785][ C0] sd 0:0:1:0: tag#5600 CDB: opcode=0xe5 (vendor) [ 738.556129][ C0] sd 0:0:1:0: tag#5600 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c 05:39:50 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x800000, 0x0, 0x101) 05:39:50 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0005000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 738.565189][ C0] sd 0:0:1:0: tag#5600 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 738.574248][ C0] sd 0:0:1:0: tag#5600 CDB[20]: ba [ 738.583204][T27779] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 738.594013][T27779] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2113/file0 supports timestamps until 2038 (0x7fffffff) 05:39:50 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000cfe0025ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:50 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x1000000, 0x0, 0x101) [ 738.669177][ C0] sd 0:0:1:0: tag#5602 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 738.679550][ C0] sd 0:0:1:0: tag#5602 CDB: opcode=0xe5 (vendor) [ 738.686594][ C0] sd 0:0:1:0: tag#5602 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 738.695826][ C0] sd 0:0:1:0: tag#5602 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 738.705150][ C0] sd 0:0:1:0: tag#5602 CDB[20]: ba [ 738.718487][T27780] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 738.728688][T27780] CPU: 0 PID: 27780 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 738.737105][T27780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 738.747161][T27780] Call Trace: [ 738.750446][T27780] dump_stack_lvl+0xd6/0x122 [ 738.755048][T27780] dump_stack+0x11/0x1b [ 738.759207][T27780] dump_header+0x98/0x410 [ 738.763655][T27780] oom_kill_process+0x18e/0x3f0 05:39:50 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x1010000, 0x0, 0x101) [ 738.768570][T27780] out_of_memory+0x5ed/0x890 [ 738.773202][T27780] ? mem_cgroup_iter+0x29b/0x370 [ 738.778147][T27780] mem_cgroup_oom+0x484/0x520 [ 738.782838][T27780] try_charge_memcg+0x736/0xa10 [ 738.787740][T27780] ? __rcu_read_unlock+0x5c/0x290 [ 738.792777][T27780] obj_cgroup_charge_pages+0xce/0x210 [ 738.798165][T27780] obj_cgroup_charge+0xe2/0x1b0 [ 738.803023][T27780] kmem_cache_alloc_node+0xae/0x2d0 [ 738.808274][T27780] ? dup_task_struct+0x63/0x680 [ 738.813135][T27780] dup_task_struct+0x63/0x680 [ 738.817838][T27780] copy_process+0x3f4/0x2f30 [ 738.822430][T27780] ? strlcpy+0x65/0x80 [ 738.827695][T27780] ? perf_trace_run_bpf_submit+0x92/0x100 [ 738.833427][T27780] kernel_clone+0x15c/0x6a0 [ 738.837935][T27780] __x64_sys_clone+0xc6/0xf0 [ 738.842531][T27780] do_syscall_64+0x44/0xa0 [ 738.846950][T27780] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 738.852927][T27780] RIP: 0033:0x7f2e21c2bf11 05:39:50 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x2000000, 0x0, 0x101) [ 738.857343][T27780] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 738.876965][T27780] RSP: 002b:00007ffca696e178 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 738.885457][T27780] RAX: ffffffffffffffda RBX: 00007f2e1f95f700 RCX: 00007f2e21c2bf11 [ 738.893521][T27780] RDX: 00007f2e1f95f9d0 RSI: 00007f2e1f95f2f0 RDI: 00000000003d0f00 [ 738.901529][T27780] RBP: 00007ffca696e3b0 R08: 00007f2e1f95f700 R09: 00007f2e1f95f700 [ 738.909493][T27780] R10: 00007f2e1f95f9d0 R11: 0000000000000206 R12: 00007ffca696e22e [ 738.917625][T27780] R13: 00007ffca696e22f R14: 00007f2e1f95f300 R15: 0000000000022000 [ 738.925618][T27780] memory: usage 307200kB, limit 307200kB, failcnt 1421 [ 738.932491][T27780] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 738.939351][T27780] Memory cgroup stats for /syz2: [ 738.939679][T27780] anon 2093056 [ 738.939679][T27780] file 306561024 [ 738.939679][T27780] kernel_stack 393216 [ 738.939679][T27780] pagetables 2383872 [ 738.939679][T27780] percpu 0 [ 738.939679][T27780] sock 0 [ 738.939679][T27780] shmem 306561024 [ 738.939679][T27780] file_mapped 0 [ 738.939679][T27780] file_dirty 0 [ 738.939679][T27780] file_writeback 0 [ 738.939679][T27780] swapcached 0 [ 738.939679][T27780] inactive_anon 5357568 [ 738.939679][T27780] active_anon 303280128 [ 738.939679][T27780] inactive_file 0 [ 738.939679][T27780] active_file 0 [ 738.939679][T27780] unevictable 12288 [ 738.939679][T27780] slab_reclaimable 1267936 [ 738.939679][T27780] slab_unreclaimable 1460520 [ 738.939679][T27780] slab 2728456 [ 738.939679][T27780] workingset_refault_anon 0 [ 738.939679][T27780] workingset_refault_file 1 05:39:50 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x4000000, 0x0, 0x101) [ 738.939679][T27780] workingset_activate_anon 0 [ 738.939679][T27780] workingset_activate_file 0 [ 738.939679][T27780] workingset_restore_anon 0 [ 739.033756][T27780] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=27885,uid=0 [ 739.049186][T27780] Memory cgroup out of memory: Killed process 27885 (syz-executor.2) total-vm:85480kB, anon-rss:436kB, file-rss:35824kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 739.071368][ T25] oom_reaper: reaped process 27885 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 739.107829][T28306] loop5: detected capacity change from 0 to 131456 [ 739.109511][T28302] loop4: detected capacity change from 0 to 131456 05:39:50 executing program 2: fchown(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x4e23, 0x8000, 0x4e24, 0xde5, 0x2, 0x80, 0xa0, 0x2b}, {0xffffffffffffffc1, 0x1, 0xff, 0x7ff, 0x3, 0x101, 0x6a2, 0x10000}, {0x9, 0x800, 0x9, 0x2}, 0xfffffffa, 0x0, 0x1, 0x0, 0x3, 0x1}, {{@in=@remote, 0x4d4, 0xff}, 0x2, @in6=@mcast1, 0x0, 0x4, 0x0, 0x8, 0xff, 0x40, 0xff}}, 0xe8) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = perf_event_open(&(0x7f00000003c0)={0x1, 0xffffffffffffffd1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x408}, 0x0, 0x400000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x38020}, 0xc, &(0x7f0000000440)={&(0x7f00000005c0)=ANY=[@ANYRES32, @ANYRESDEC, @ANYBLOB="003f00000c00ff", @ANYRESDEC=r0, @ANYRESDEC=r1, @ANYRESOCT=r0], 0x44}, 0x1, 0x0, 0x0, 0x24000885}, 0x24004080) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, 0x0, 0x20000004) sendmsg$DEVLINK_CMD_TRAP_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000880)=ANY=[@ANYBLOB='\x00\x00@\x00', @ANYRESOCT=r1, @ANYBLOB="000127bd7000fcdbdf253d000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c74696361737400"], 0x4c}, 0x1, 0x0, 0x0, 0x20040890}, 0x10) pwrite64(0xffffffffffffffff, &(0x7f0000000980)="99bc7b3f79a068623d96a74e9c8a0541a973b5bf9e0bf48cc4b0141aac8062dc9e69e12cf87351fff33885b96b8cbde9034a", 0x32, 0x8) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="b4000000", @ANYRES16=0x0, @ANYBLOB="020027bd7000ffdbdf2513000000080001007063690011000200303030303a30303a31302e300000000008000356126f9382000000000008000b00c400000006001100ff7f0000080001007063690011000200303030303a30303a31302e3000000000080003000200000008000b000400000006001100050000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000000000008000b0008000000060011"], 0xb4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000004) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x22, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}}) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f00000000c0)={0xa, 0x4e20, 0x80000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x8}, 0x1c, 0x0, 0x0, &(0x7f0000000940)=ANY=[@ANYRESOCT], 0x28}, 0x0) ioctl$FIONCLEX(0xffffffffffffffff, 0x5450) clone(0x204000, &(0x7f0000000740)="1133383464f76d652aaa0ca9643136c31e74837775945f1f6d57bbfd34a26445bf6fa918bb0f58404ca9b470ed0ae1c689aac06cd7", &(0x7f00000007c0), &(0x7f0000000800), &(0x7f0000000840)="45db8738464d1e05aa9ac7802921918c8888e76e9a165cfe45844af8c9a73dc4a1bba2e01627ba622d1b76cd684d78ea7229e652f66dd94b") 05:39:50 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0006000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 739.128132][T28306] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 739.138741][T28306] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2067/file0 supports timestamps until 2038 (0x7fffffff) 05:39:50 executing program 0: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f00000000c0)=0x7ff, 0x4) sendmsg$netlink(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="7b8c302900"/16], 0x10}], 0x1, &(0x7f0000001300)=[@rights={{0x14, 0x1, 0x1, [r1]}}], 0x18, 0x40000}, 0x0) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r1, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000100)={0x1f0, 0x0, 0x10, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x12}, @NL80211_ATTR_IE={0xd9, 0x2a, [@fast_bss_trans={0x37, 0xd3, {0x3, 0x6, "221a817f28ae66fb965425a5077e9a71", "eac5d476fd920d9e1545735c2fcd476852da949cef177dfbc6098e1b00c1a183", "8896ed62cc7f4d69b6f8313605ade3767c84d6d69805a9b47e83a35dca2799ec", [{0x3, 0x27, "268f3419917429548fcdd93cefa2cfa438da158035b56a7b86a67a2f70475906caf61981631f4e"}, {0x4}, {0x2, 0x9, "073d4a76d7bda9428d"}, {0x4, 0x23, "bcd5ac3c89d79688eda2c1cd2e149d03933ef7e49d21b9ce14e92a888239a2227db65e"}, {0x1, 0xc, "f224c17bbd8ecd7324fa1380"}, {0x4, 0x16, "5a10e70579eefc6ab3ee8b8d6b538d4e4e7f06b75cae"}]}}]}, @NL80211_ATTR_IE={0xe3, 0x2a, [@preq={0x82, 0x30, @not_ext={{0x1, 0x0, 0x1}, 0x1f, 0x1f, 0x3, @device_a, 0x9, "", 0x3, 0x8000, 0x2, [{{0x0, 0x0, 0x1}, @device_b, 0x5}, {{0x1, 0x0, 0x1}, @device_b, 0x1f}]}}, @mesh_config={0x71, 0x7, {0x1, 0x0, 0x1, 0x1, 0x2, 0x3, 0x21}}, @random_vendor={0xdd, 0xa2, "54b49dfdba33e648f0275a5ffbbd2c71bd6ebde2469e84903fdd951cec38a49574599cc93bb564b3fceb37aebef54ee72ee74f2bfdacc9e51ad0961e823453760d68948af65560b7a4bf1f34e509bda84122db620b571248d243744e82704025adbf641c813b98a4460408011e8ccbd804956e9bac197ce0f156f1f873aa926c4efd0b9e951ba66f867b9727476c2ca0fe3d1f03b7674044dddf2bd598e3a7c80e04"}]}]}, 0x1f0}, 0x1, 0x0, 0x0, 0x20000011}, 0x80) 05:39:50 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x5000000, 0x0, 0x101) 05:39:50 executing program 2: fchown(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x4e23, 0x8000, 0x4e24, 0xde5, 0x2, 0x80, 0xa0, 0x2b}, {0xffffffffffffffc1, 0x1, 0xff, 0x7ff, 0x3, 0x101, 0x6a2, 0x10000}, {0x9, 0x800, 0x9, 0x2}, 0xfffffffa, 0x0, 0x1, 0x0, 0x3, 0x1}, {{@in=@remote, 0x4d4, 0xff}, 0x2, @in6=@mcast1, 0x0, 0x4, 0x0, 0x8, 0xff, 0x40, 0xff}}, 0xe8) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = perf_event_open(&(0x7f00000003c0)={0x1, 0xffffffffffffffd1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x408}, 0x0, 0x400000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x38020}, 0xc, &(0x7f0000000440)={&(0x7f00000005c0)=ANY=[@ANYRES32, @ANYRESDEC, @ANYBLOB="003f00000c00ff", @ANYRESDEC=r0, @ANYRESDEC=r1, @ANYRESOCT=r0], 0x44}, 0x1, 0x0, 0x0, 0x24000885}, 0x24004080) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, 0x0, 0x20000004) sendmsg$DEVLINK_CMD_TRAP_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000880)=ANY=[@ANYBLOB='\x00\x00@\x00', @ANYRESOCT=r1, @ANYBLOB="000127bd7000fcdbdf253d000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c74696361737400"], 0x4c}, 0x1, 0x0, 0x0, 0x20040890}, 0x10) pwrite64(0xffffffffffffffff, &(0x7f0000000980)="99bc7b3f79a068623d96a74e9c8a0541a973b5bf9e0bf48cc4b0141aac8062dc9e69e12cf87351fff33885b96b8cbde9034a", 0x32, 0x8) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="b4000000", @ANYRES16=0x0, @ANYBLOB="020027bd7000ffdbdf2513000000080001007063690011000200303030303a30303a31302e300000000008000356126f9382000000000008000b00c400000006001100ff7f0000080001007063690011000200303030303a30303a31302e3000000000080003000200000008000b000400000006001100050000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000000000008000b0008000000060011"], 0xb4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000004) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x22, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}}) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f00000000c0)={0xa, 0x4e20, 0x80000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x8}, 0x1c, 0x0, 0x0, &(0x7f0000000940)=ANY=[@ANYRESOCT], 0x28}, 0x0) ioctl$FIONCLEX(0xffffffffffffffff, 0x5450) clone(0x204000, &(0x7f0000000740)="1133383464f76d652aaa0ca9643136c31e74837775945f1f6d57bbfd34a26445bf6fa918bb0f58404ca9b470ed0ae1c689aac06cd7", &(0x7f00000007c0), &(0x7f0000000800), &(0x7f0000000840)="45db8738464d1e05aa9ac7802921918c8888e76e9a165cfe45844af8c9a73dc4a1bba2e01627ba622d1b76cd684d78ea7229e652f66dd94b") [ 739.178444][ C1] sd 0:0:1:0: tag#5607 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 739.188295][ C1] sd 0:0:1:0: tag#5607 CDB: opcode=0xe5 (vendor) [ 739.194623][ C1] sd 0:0:1:0: tag#5607 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 739.203675][ C1] sd 0:0:1:0: tag#5607 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 739.212840][ C1] sd 0:0:1:0: tag#5607 CDB[20]: ba [ 739.266512][T28302] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 739.277160][T28302] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2114/file0 supports timestamps until 2038 (0x7fffffff) [ 739.305482][T28568] loop5: detected capacity change from 0 to 131456 05:39:51 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x6000000, 0x0, 0x101) [ 739.364304][ T535] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 739.374290][ T535] CPU: 0 PID: 535 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 739.382599][ T535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 739.392660][ T535] Call Trace: [ 739.395955][ T535] dump_stack_lvl+0xd6/0x122 [ 739.400755][ T535] dump_stack+0x11/0x1b [ 739.404984][ T535] dump_header+0x98/0x410 [ 739.409435][ T535] oom_kill_process+0x18e/0x3f0 [ 739.414383][ T535] out_of_memory+0x5ed/0x890 [ 739.418973][ T535] ? mem_cgroup_iter+0x29b/0x370 [ 739.423908][ T535] mem_cgroup_oom+0x484/0x520 [ 739.428674][ T535] try_charge_memcg+0x736/0xa10 [ 739.433572][ T535] ? __rcu_read_unlock+0x5c/0x290 [ 739.438602][ T535] obj_cgroup_charge_pages+0xce/0x210 [ 739.443975][ T535] obj_cgroup_charge+0xe2/0x1b0 [ 739.448930][ T535] ? dup_mmap+0x40e/0xa60 [ 739.453313][ T535] kmem_cache_alloc+0x96/0x320 [ 739.458081][ T535] dup_mmap+0x40e/0xa60 05:39:51 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c020125ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:51 executing program 0: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x84}, {0x4}, {0x6, 0x0, 0x0, 0x7fff8001}]}) r1 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/power/sync_on_suspend', 0x0, 0x0) r2 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) ioctl$F2FS_IOC_DEFRAGMENT(r2, 0xc010f508, &(0x7f0000000180)={0x20, 0x1}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000080)='&\x00') ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)) close(r1) [ 739.462292][ T535] dup_mm+0x7c/0x210 [ 739.466176][ T535] copy_process+0x14aa/0x2f30 [ 739.470862][ T535] kernel_clone+0x15c/0x6a0 [ 739.475410][ T535] __x64_sys_clone+0xc6/0xf0 [ 739.480006][ T535] do_syscall_64+0x44/0xa0 [ 739.484429][ T535] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 739.490320][ T535] RIP: 0033:0x7f2e21c290db [ 739.494742][ T535] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00 [ 739.514500][ T535] RSP: 002b:00007ffca696e460 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 739.522916][ T535] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2e21c290db [ 739.530926][ T535] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 739.538908][ T535] RBP: 0000000000000000 R08: 0000000000000000 R09: 000055555675c400 [ 739.546949][ T535] R10: 000055555675c6d0 R11: 0000000000000246 R12: 0000000000000000 [ 739.555003][ T535] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffca696e540 [ 739.563062][ T535] memory: usage 307200kB, limit 307200kB, failcnt 1511 [ 739.570069][ T535] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 739.576926][ T535] Memory cgroup stats for /syz2: [ 739.584737][T28568] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 739.600317][T28568] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2068/file0 supports timestamps until 2038 (0x7fffffff) 05:39:51 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="150000000000000000000c0000001800018008000100", @ANYRES32=0x0, @ANYBLOB="0c00038008000200000000009fc9f279c25da1f89949742d4561535463ce96c9ba7d1b228847b5fd59bc7167e8274c7a2c3c721778f138f76e55efab4d3f7416b85a75e6b924cff1a1f676ed57944e14cde60a34ff0e72ba927efebd8c829c3eef8934626f7b1ad1264b"], 0x2c}}, 0x0) 05:39:51 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x8000000, 0x0, 0x101) 05:39:51 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0406000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:51 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000053f40)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000054140)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}], 0x1f, "ff192ee68c32f9"}) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r4, 0x1c8}], 0x1, &(0x7f00000000c0)={r5, r6+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 739.690457][T28930] loop4: detected capacity change from 0 to 131456 [ 739.705622][T28934] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 739.742417][T28930] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 739.754939][T28930] System zones: 1-2, 19-19, 35-38, 46-46 [ 739.762089][T28930] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 739.772680][T28930] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2115/file0 supports timestamps until 2038 (0x7fffffff) [ 739.790838][ T535] anon 2101248 [ 739.790838][ T535] file 306561024 [ 739.790838][ T535] kernel_stack 360448 [ 739.790838][ T535] pagetables 2412544 [ 739.790838][ T535] percpu 0 [ 739.790838][ T535] sock 0 [ 739.790838][ T535] shmem 306561024 [ 739.790838][ T535] file_mapped 0 [ 739.790838][ T535] file_dirty 0 [ 739.790838][ T535] file_writeback 0 [ 739.790838][ T535] swapcached 0 [ 739.790838][ T535] inactive_anon 5369856 [ 739.790838][ T535] active_anon 303280128 [ 739.790838][ T535] inactive_file 0 [ 739.790838][ T535] active_file 0 [ 739.790838][ T535] unevictable 12288 [ 739.790838][ T535] slab_reclaimable 1259816 [ 739.790838][ T535] slab_unreclaimable 1453792 [ 739.790838][ T535] slab 2713608 [ 739.790838][ T535] workingset_refault_anon 0 [ 739.790838][ T535] workingset_refault_file 1 [ 739.790838][ T535] workingset_activate_anon 0 [ 739.790838][ T535] workingset_activate_file 0 [ 739.790838][ T535] workingset_restore_anon 0 [ 739.879815][ T535] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=28511,uid=0 [ 739.895167][ T535] Memory cgroup out of memory: Killed process 28511 (syz-executor.2) total-vm:85216kB, anon-rss:436kB, file-rss:35844kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 739.916910][ T25] oom_reaper: reaped process 28511 (syz-executor.2), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 05:39:51 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c160125ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:51 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x9000000, 0x0, 0x101) 05:39:51 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x2c6}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) clock_gettime(0x7, &(0x7f00000005c0)) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 739.940105][T29135] loop5: detected capacity change from 0 to 131456 05:39:51 executing program 0: r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r1 = open$dir(&(0x7f0000000140)='.\x00', 0x0, 0x0) mkdir(&(0x7f0000000600)='./file1\x00', 0x0) renameat(r0, &(0x7f0000000200)='./file1\x00', r1, &(0x7f00000000c0)='./file0\x00') open(&(0x7f0000000100)='./file1\x00', 0x200, 0x1e) rmdir(&(0x7f0000000240)='./file0\x00') getdents64(r1, &(0x7f0000000400)=""/135, 0x87) chdir(&(0x7f00000001c0)='./file1\x00') [ 739.982232][T29135] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 739.999405][T29248] loop0: detected capacity change from 0 to 264192 [ 740.011516][T29250] loop4: detected capacity change from 0 to 131456 [ 740.028584][T29135] System zones: 1-2, 19-19, 35-38, 46-46 [ 740.035626][T29135] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 740.046253][T29135] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2069/file0 supports timestamps until 2038 (0x7fffffff) [ 740.081023][T29250] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 740.118000][T29250] System zones: 1-2, 19-19, 35-38, 46-46 [ 740.124157][T29250] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 740.134818][T29250] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2116/file0 supports timestamps until 2038 (0x7fffffff) [ 740.149464][ C1] sd 0:0:1:0: tag#5574 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 740.159321][ C1] sd 0:0:1:0: tag#5574 CDB: opcode=0xe5 (vendor) [ 740.165698][ C1] sd 0:0:1:0: tag#5574 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c 05:39:51 executing program 2: fchown(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x4e23, 0x8000, 0x4e24, 0xde5, 0x2, 0x80, 0xa0, 0x2b}, {0xffffffffffffffc1, 0x1, 0xff, 0x7ff, 0x3, 0x101, 0x6a2, 0x10000}, {0x9, 0x800, 0x9, 0x2}, 0xfffffffa, 0x0, 0x1, 0x0, 0x3, 0x1}, {{@in=@remote, 0x4d4, 0xff}, 0x2, @in6=@mcast1, 0x0, 0x4, 0x0, 0x8, 0xff, 0x40, 0xff}}, 0xe8) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = perf_event_open(&(0x7f00000003c0)={0x1, 0xffffffffffffffd1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x408}, 0x0, 0x400000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x38020}, 0xc, &(0x7f0000000440)={&(0x7f00000005c0)=ANY=[@ANYRES32, @ANYRESDEC, @ANYBLOB="003f00000c00ff", @ANYRESDEC=r0, @ANYRESDEC=r1, @ANYRESOCT=r0], 0x44}, 0x1, 0x0, 0x0, 0x24000885}, 0x24004080) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, 0x0, 0x20000004) sendmsg$DEVLINK_CMD_TRAP_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000880)=ANY=[@ANYBLOB='\x00\x00@\x00', @ANYRESOCT=r1, @ANYBLOB="000127bd7000fcdbdf253d000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c74696361737400"], 0x4c}, 0x1, 0x0, 0x0, 0x20040890}, 0x10) pwrite64(0xffffffffffffffff, &(0x7f0000000980)="99bc7b3f79a068623d96a74e9c8a0541a973b5bf9e0bf48cc4b0141aac8062dc9e69e12cf87351fff33885b96b8cbde9034a", 0x32, 0x8) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="b4000000", @ANYRES16=0x0, @ANYBLOB="020027bd7000ffdbdf2513000000080001007063690011000200303030303a30303a31302e300000000008000356126f9382000000000008000b00c400000006001100ff7f0000080001007063690011000200303030303a30303a31302e3000000000080003000200000008000b000400000006001100050000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000000000008000b0008000000060011"], 0xb4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000004) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x22, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}}) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f00000000c0)={0xa, 0x4e20, 0x80000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x8}, 0x1c, 0x0, 0x0, &(0x7f0000000940)=ANY=[@ANYRESOCT], 0x28}, 0x0) ioctl$FIONCLEX(0xffffffffffffffff, 0x5450) clone(0x204000, &(0x7f0000000740)="1133383464f76d652aaa0ca9643136c31e74837775945f1f6d57bbfd34a26445bf6fa918bb0f58404ca9b470ed0ae1c689aac06cd7", &(0x7f00000007c0), &(0x7f0000000800), &(0x7f0000000840)="45db8738464d1e05aa9ac7802921918c8888e76e9a165cfe45844af8c9a73dc4a1bba2e01627ba622d1b76cd684d78ea7229e652f66dd94b") 05:39:51 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) r7 = syz_open_dev$vcsu(&(0x7f00000022c0), 0x3ff, 0x8281) fcntl$lock(r7, 0x7, &(0x7f0000002300)={0x3, 0x2, 0x7ff, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:39:51 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xc000000, 0x0, 0x101) 05:39:51 executing program 0: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) creat(&(0x7f0000000140)='./bus\x00', 0x155) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)) r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) lseek(r2, 0x7ffffc, 0x0) write$binfmt_elf64(r2, &(0x7f0000001700)=ANY=[], 0xfd14) r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000640)={0x0, ""/256, 0x0, 0x0}) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x100, 0x0}) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r6, 0x5386, &(0x7f0000000080)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000066a40)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x80}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000067a40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}], 0x0, "71ed7109a012db"}) fallocate(r2, 0x100000003, 0x80bf11, 0x28120001) fallocate(r0, 0x100000003, 0x1080000, 0x0) 05:39:51 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c170125ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:51 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0007000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 740.174769][ C1] sd 0:0:1:0: tag#5574 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 740.183805][ C1] sd 0:0:1:0: tag#5574 CDB[20]: ba [ 740.216969][ T535] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0 [ 740.228833][ T535] CPU: 1 PID: 535 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 740.237111][ T535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 740.247155][ T535] Call Trace: [ 740.250431][ T535] dump_stack_lvl+0xd6/0x122 [ 740.255080][ T535] dump_stack+0x11/0x1b [ 740.259233][ T535] dump_header+0x98/0x410 [ 740.263638][ T535] oom_kill_process+0x18e/0x3f0 [ 740.268498][ T535] out_of_memory+0x5ed/0x890 [ 740.273087][ T535] ? mem_cgroup_iter+0x29b/0x370 [ 740.278106][ T535] mem_cgroup_oom+0x484/0x520 [ 740.282780][ T535] try_charge_memcg+0x736/0xa10 [ 740.287798][ T535] ? __rcu_read_unlock+0x5c/0x290 [ 740.292816][ T535] ? __rcu_read_unlock+0x5c/0x290 [ 740.297860][ T535] obj_cgroup_charge_pages+0xce/0x210 [ 740.303222][ T535] __memcg_kmem_charge_page+0x1e3/0x2d0 [ 740.308827][ T535] __alloc_pages+0x1b7/0x330 [ 740.313434][ T535] alloc_pages+0x382/0x3d0 [ 740.317861][ T535] get_zeroed_page+0x13/0x40 [ 740.322529][ T535] __pud_alloc+0x44/0x170 [ 740.326854][ T535] copy_page_range+0x74a/0x8f0 [ 740.331610][ T535] ? __rb_insert_augmented+0x7f/0x350 [ 740.337058][ T535] dup_mmap+0x6eb/0xa60 [ 740.341226][ T535] dup_mm+0x7c/0x210 [ 740.345113][ T535] copy_process+0x14aa/0x2f30 [ 740.349794][ T535] kernel_clone+0x15c/0x6a0 [ 740.354379][ T535] ? perf_trace_mmap_lock_released+0x1ff/0x230 [ 740.360535][ T535] __x64_sys_clone+0xc6/0xf0 [ 740.365114][ T535] do_syscall_64+0x44/0xa0 [ 740.369536][ T535] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 740.375494][ T535] RIP: 0033:0x7f2e21c290db [ 740.379903][ T535] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00 [ 740.399509][ T535] RSP: 002b:00007ffca696e460 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 740.407986][ T535] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2e21c290db [ 740.416001][ T535] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 740.423974][ T535] RBP: 0000000000000000 R08: 0000000000000000 R09: 000055555675c400 [ 740.431936][ T535] R10: 000055555675c6d0 R11: 0000000000000246 R12: 0000000000000000 [ 740.439986][ T535] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffca696e540 [ 740.447990][ T535] memory: usage 307200kB, limit 307200kB, failcnt 1610 [ 740.454851][ T535] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 740.461825][ T535] Memory cgroup stats for /syz2: [ 740.463611][ T535] anon 2101248 [ 740.463611][ T535] file 306561024 [ 740.463611][ T535] kernel_stack 360448 [ 740.463611][ T535] pagetables 2392064 [ 740.463611][ T535] percpu 0 [ 740.463611][ T535] sock 0 [ 740.463611][ T535] shmem 306561024 [ 740.463611][ T535] file_mapped 0 [ 740.463611][ T535] file_dirty 0 [ 740.463611][ T535] file_writeback 0 [ 740.463611][ T535] swapcached 0 [ 740.463611][ T535] inactive_anon 5369856 [ 740.463611][ T535] active_anon 303280128 [ 740.463611][ T535] inactive_file 0 [ 740.463611][ T535] active_file 0 [ 740.463611][ T535] unevictable 12288 [ 740.463611][ T535] slab_reclaimable 1272744 [ 740.463611][ T535] slab_unreclaimable 1464944 [ 740.463611][ T535] slab 2737688 [ 740.463611][ T535] workingset_refault_anon 0 [ 740.463611][ T535] workingset_refault_file 1 [ 740.463611][ T535] workingset_activate_anon 0 [ 740.463611][ T535] workingset_activate_file 0 [ 740.463611][ T535] workingset_restore_anon 0 [ 740.557719][ T535] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=29554,uid=0 05:39:52 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xf000000, 0x0, 0x101) 05:39:52 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000680), 0x2, 0x0) fallocate(r1, 0x8, 0xe9aa, 0x7) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r2 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000380)={{0x1, 0x1, 0x18, r1, @out_args}, './bus\x00'}) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r2, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x58, 0x0, 0x2, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000006c0)=ANY=[@ANYBLOB="7bb8bf14101ff7755620bd9732d69b56821a34f8782d4c3d5a170f16b339700b4f8c1d879e5d6d52656490e3709df687ef6c76ce3e2c30505067ae6da534858ab1ed11f8f9cec7feb2e2a92dfdb70055d4fd8c07afcabe378949f22e01c8f754c092d55d08cc6f749f0f5c234fd6aa4067efd8a5fc0767a0aad8d034b76b8652f2f63b7ec22e29f7eb5ce1fdc2b99d0456a3106713dba7a31168bb696e1abdd67862bc9034b62efdf0a4120b0957ca07639334453c8338459df81dc74cc04fc4367f460f49a9a2decb25df36280b54573e30fe1bc3ec70bedd94d99430d8b92882"]) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 740.573023][ T535] Memory cgroup out of memory: Killed process 29554 (syz-executor.2) total-vm:85216kB, anon-rss:436kB, file-rss:35828kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 740.591265][ T25] oom_reaper: reaped process 29554 (syz-executor.2), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 740.632520][T29817] loop4: detected capacity change from 0 to 131456 [ 740.645754][ C0] sd 0:0:1:0: tag#5582 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 740.655620][ C0] sd 0:0:1:0: tag#5582 CDB: opcode=0xe5 (vendor) [ 740.661984][ C0] sd 0:0:1:0: tag#5582 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 740.663912][T29799] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 05:39:52 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x10000000, 0x0, 0x101) [ 740.671111][ C0] sd 0:0:1:0: tag#5582 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 740.671130][ C0] sd 0:0:1:0: tag#5582 CDB[20]: ba [ 740.681007][T29799] CPU: 1 PID: 29799 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 740.703560][T29799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 740.703571][T29799] Call Trace: [ 740.703577][T29799] dump_stack_lvl+0xd6/0x122 [ 740.703599][T29799] dump_stack+0x11/0x1b [ 740.703688][T29799] dump_header+0x98/0x410 [ 740.703719][T29799] oom_kill_process+0x18e/0x3f0 [ 740.703735][T29799] out_of_memory+0x5ed/0x890 [ 740.703751][T29799] ? mem_cgroup_iter+0x29b/0x370 [ 740.703772][T29799] mem_cgroup_oom+0x484/0x520 [ 740.703794][T29799] try_charge_memcg+0x736/0xa10 [ 740.703872][T29799] ? __rcu_read_unlock+0x5c/0x290 [ 740.703891][T29799] charge_memcg+0x51/0x1a0 [ 740.703939][T29799] __mem_cgroup_charge+0x25/0xa0 [ 740.703978][T29799] wp_page_copy+0x2f0/0x11e0 [ 740.703998][T29799] ? shrink_zones+0x435/0x490 [ 740.704017][T29799] do_wp_page+0x4fb/0xa80 [ 740.704035][T29799] handle_mm_fault+0x975/0x1590 [ 740.704103][T29799] do_user_addr_fault+0x609/0xbe0 [ 740.704128][T29799] ? __this_cpu_preempt_check+0x18/0x20 [ 740.704202][T29799] exc_page_fault+0x91/0x290 [ 740.704222][T29799] ? asm_exc_page_fault+0x8/0x30 [ 740.704315][T29799] asm_exc_page_fault+0x1e/0x30 [ 740.704335][T29799] RIP: 0033:0x7f2e21bd996a [ 740.704349][T29799] Code: b4 65 13 00 48 89 05 a5 65 13 00 c7 05 8b 65 13 00 01 00 00 00 48 c7 05 78 da 09 01 00 00 00 00 c7 05 76 da 09 01 00 00 00 00 05 d4 1a 0a 01 00 00 00 00 c3 0f 1f 00 48 8d 7e 58 89 f1 48 8d [ 740.704367][T29799] RSP: 002b:00007ffca696e428 EFLAGS: 00010202 [ 740.704381][T29799] RAX: 000055555675c6c0 RBX: 0000000000000001 RCX: 00007f2e22c773c0 [ 740.704424][T29799] RDX: 0000000000000001 RSI: 00007f2e21d0fef0 RDI: 0000000000000001 [ 740.704435][T29799] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f2e21d0fef0 [ 740.704447][T29799] R10: 000055555675c400 R11: 0000000000000202 R12: 0000000000000000 [ 740.704480][T29799] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffca696e540 [ 740.704546][T29799] memory: usage 307032kB, limit 307200kB, failcnt 1666 [ 740.704559][T29799] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 740.704569][T29799] Memory cgroup stats for /syz2: [ 740.704681][T29839] loop5: detected capacity change from 0 to 131456 [ 740.722958][T29817] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 740.723055][T29817] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2117/file0 supports timestamps until 2038 (0x7fffffff) [ 740.724586][T29799] anon 2015232 [ 740.724586][T29799] file 306561024 [ 740.724586][T29799] kernel_stack 344064 [ 740.724586][T29799] pagetables 2363392 [ 740.724586][T29799] percpu 0 [ 740.724586][T29799] sock 0 [ 740.724586][T29799] shmem 306561024 [ 740.724586][T29799] file_mapped 0 [ 740.724586][T29799] file_dirty 0 [ 740.724586][T29799] file_writeback 0 [ 740.724586][T29799] swapcached 0 [ 740.724586][T29799] inactive_anon 5283840 [ 740.724586][T29799] active_anon 303280128 [ 740.724586][T29799] inactive_file 0 [ 740.724586][T29799] active_file 0 [ 740.724586][T29799] unevictable 12288 [ 740.724586][T29799] slab_reclaimable 1259816 [ 740.724586][T29799] slab_unreclaimable 1446136 [ 740.724586][T29799] slab 2705952 [ 740.724586][T29799] workingset_refault_anon 0 [ 740.724586][T29799] workingset_refault_file 1 [ 740.724586][T29799] workingset_activate_anon 0 [ 740.724586][T29799] workingset_activate_file 0 [ 740.724586][T29799] workingset_restore_anon 0 [ 740.724630][T29799] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=19767,uid=0 [ 740.724852][T29799] Memory cgroup out of memory: Killed process 19767 (syz-executor.2) total-vm:85216kB, anon-rss:420kB, file-rss:35764kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 740.743630][ C1] sd 0:0:1:0: tag#5588 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s 05:39:52 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c010225ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:52 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = openat$cgroup(r0, &(0x7f00000005c0)='syz0\x00', 0x200002, 0x0) fallocate(r3, 0x40, 0x4, 0x8) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xfffffffffffffdb4, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x48}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x969}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b, 0x1}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r4, 0x1c8}], 0x1, &(0x7f00000000c0)={r5, r6+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:39:52 executing program 0: r0 = fcntl$getown(0xffffffffffffffff, 0x9) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x802, 0x0) connect$inet6(r2, 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) creat(&(0x7f0000000340)='./file0\x00', 0x1) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x5) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0xe6, 0x2, @perf_config_ext, 0x0, 0x6bc3, 0x0, 0x0, 0xd, 0x0, 0xffff, 0x0, 0xef4d, 0x0, 0x9}, 0x0, 0x0, r1, 0x0) sendto$inet6(r2, &(0x7f0000000180)="f10ce3cef227f1d35a8f58f743d0e5e8b3b6327e7320b7e978146d4e1b3c91eba06cde128eaab09c72f6aa4c8593c1f888d2d1dff06f2ab95e24f734f7915c9df91eff7a8cc90b", 0x47, 0x8010, 0x0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0xa) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) accept4$inet6(0xffffffffffffffff, &(0x7f0000000480)={0xa, 0x0, 0x0, @private0}, 0x0, 0x0) sendmmsg(r2, &(0x7f0000002cc0), 0x1a3, 0xa10) setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, &(0x7f0000000100)=0x2, 0x4) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$FAT_IOCTL_GET_VOLUME_ID(r4, 0x80047213, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, 0x0) [ 740.967163][T29839] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 741.047688][ C1] sd 0:0:1:0: tag#5588 CDB: opcode=0xe5 (vendor) [ 741.062955][T29839] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2070/file0 supports timestamps until 2038 (0x7fffffff) [ 741.080254][ C1] sd 0:0:1:0: tag#5588 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 741.130746][ C1] sd 0:0:1:0: tag#5588 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 741.139786][ C1] sd 0:0:1:0: tag#5588 CDB[20]: ba [ 741.177790][T30185] loop4: detected capacity change from 0 to 131456 [ 741.195216][T30185] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 741.205878][T30185] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2118/file0 supports timestamps until 2038 (0x7fffffff) 05:39:53 executing program 2: setgroups(0x2f, &(0x7f0000000000)) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0xee00, 0x0, r1) fstat(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x2, &(0x7f0000000080)=[r1, r2]) 05:39:53 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x12000000, 0x0, 0x101) 05:39:53 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) io_uring_enter(r0, 0x6e2f, 0x399d, 0x0, &(0x7f00000005c0)={[0x8]}, 0x8) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:39:53 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0009000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:53 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c040225ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:53 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000100)={0x9, 0x8d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x148042, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000200)=0x0) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r2, r3) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x7, 0x3, 0x0, 0x4, 0x0, 0x8, 0x8080, 0xe, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xb72a, 0x2, @perf_bp={&(0x7f00000000c0)}, 0x4, 0x5, 0x8, 0x6, 0x3, 0x7, 0x4648, 0x0, 0x5, 0x0, 0x3}, r1, 0x9, r2, 0x3) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './bus\x00'}) r5 = openat(r4, &(0x7f0000000000)='./bus\x00', 0x40, 0xf3) sendfile(r0, r5, 0x0, 0x80000005) 05:39:53 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x4, &(0x7f0000000500)=0x0) r3 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0) r5 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r5, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r5, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) io_submit(0x0, 0x2, &(0x7f0000000380)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x7, r1, &(0x7f00000001c0)="77e1f77d492b7622c021d86561e6d8da6b5e8d0506ceb2034c521572cf162ea61fc5205bb1164994feb618807f3e1fef80ccefa26d0cb24e9ad270df709d72c893c9eefae998a204c40ed77c407a9bea1fceeb8b6254fb38be2b3a67566ad7fc49d27676a9a0452b9305259ee51f9531098429901fd99f9a3b40da6a0ad4be706c3649b52a6d74", 0x87, 0x7, 0x0, 0x3, r4}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x6, r5, &(0x7f0000000280)="2482440a84ec29dc9475a8aba9c88cad02a09658221397637ba4452f8d750d556a3b816ef849c235778b2fec6e2f95456e7584111e959f45000175a39c4aab974a94c821f03b4529bc81383cd79694ffe73fff878f2968d02e69fc913d00a899a7c98aafd69cbb32b6c80664cb4270b0a2c630b437a4bb26a8857e0e8a7e23ba469d4e868f3ea16277792d82f763747203a2487c83c17f8724e62c3016ed9f3c5336ba04b5b3f182747492351d69b817e8afd01ac74fa804fe9cc609633a94bd6d6a502673048fb9c3d71cf654bd60709cb7563c", 0xd4, 0x8, 0x0, 0x2}]) dup2(r3, r0) r6 = socket$netlink(0x10, 0x3, 0x0) writev(r6, &(0x7f0000000100)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff06000000010000004500000025000000040014c04800000007fd17e5ffff0606040000000000000000", 0x39}], 0x1) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) [ 741.620419][T30393] loop4: detected capacity change from 0 to 131456 [ 741.627840][T30395] loop5: detected capacity change from 0 to 131456 [ 741.658840][T30445] netlink: 21 bytes leftover after parsing attributes in process `syz-executor.0'. [ 741.668777][T30393] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 741.676685][T30393] System zones: 1-2, 19-19, 35-38, 46-46 [ 741.692733][T30395] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 741.703570][T30393] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 05:39:53 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x20000000, 0x0, 0x101) 05:39:53 executing program 1: creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)=0x10000000) r0 = creat(0x0, 0x100) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8, 0xf0043, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000880), 0x4}, 0x0, 0x3ff, 0x0, 0x7, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x2285, 0x0, 0x7, &(0x7f0000000800), 0x8) r1 = syz_open_dev$sg(&(0x7f0000000000), 0xffffffffffdffffe, 0x32800) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000900), 0x3, 0x103) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000780)={0x0, 0xfffffffffffffffe, 0x6f, 0x7, @buffer={0x0, 0x31, &(0x7f00000005c0)=""/49}, &(0x7f0000000600)="1ed99c8da7ea836a871bf5a31185b284396510453171746370646599f7a8bba4267d6caee264b0900b099595d6353925092b3bcdaa7c29d020ad54d5938669f5e4446b696412d0cad39be182a3a6ec091da370f8b372d2533565ba5ee0bdb888b4d2aae3f7502883cad48f5522336f", &(0x7f0000000680)=""/166, 0xf24, 0x4, 0x3, &(0x7f0000000740)}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x54, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x54}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r2, 0x1c8}], 0x1, &(0x7f00000000c0)={r3, r4+60000000}, 0x0, 0x0) splice(0xffffffffffffffff, &(0x7f0000000840)=0x5, 0xffffffffffffffff, &(0x7f00000008c0)=0x8001, 0xac80, 0x3) r5 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="570000006f02000600040400000003000000c1de9673ec96f80700070000000000000080010000000600000000000000400004030000000100"/79], 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:39:53 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000ce80225ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:53 executing program 2: setgroups(0x2f, &(0x7f0000000000)) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0xee00, 0x0, r1) fstat(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x2, &(0x7f0000000080)=[r1, r2]) [ 741.714150][T30393] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2119/file0 supports timestamps until 2038 (0x7fffffff) [ 741.730791][T30395] System zones: 1-2, 19-19, 35-38, 46-46 [ 741.737646][T30395] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 741.748229][T30395] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2071/file0 supports timestamps until 2038 (0x7fffffff) 05:39:53 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x3f000000, 0x0, 0x101) 05:39:53 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000a000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:53 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x2) setsockopt$inet6_int(r0, 0x29, 0x24, &(0x7f00000000c0)=0x5, 0x4) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000200), 0x8) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.io_merged\x00', 0x0, 0x0) sendmsg$inet6(r1, &(0x7f0000000400)={&(0x7f0000000100)={0xa, 0x4e20, 0x5, @loopback, 0xcc14}, 0x1c, &(0x7f0000001580)=[{&(0x7f00000004c0)="7b3fb7dfec059fc6cbe506b6af7a3d078f027240d56f8dcf5d549191277cb82751c31ba2673916359434ea62e947707349908eb06b2bd55ff73789cbc7ab99a934ffd840b5cff1829a86b41c655dc3d3e6227944a1a79d298475a8491b01f69e6dbca1d0b8be664ebd647194860d66cb25fb7ab1326b08ba7f3ccfb24a70f0dd85364dbfd70a77fa613b514a468b1ff72f5adeadbc3669277d8133beeab3fa13db356a104b80454c0aa87649c3b44f194a1e340daa6d90c9e574848693960b221a1b012c3110c7fb34a07bbb1092fde152739d6bf6c02b7088f02831decd9a9ae8ab46c30b64480623f3793eab00ee13e7e9870cb2dcf3daeb3f81136eae069e7c290c969b61279186de448b677120ebfa6c5e5d6b2aa8e157ebdd395af75e29028c29ef71810a84b5906e5706c00d2838245c48a5c88dd9050418447eed1cfb42da415e5c3f55531dbbfc5b6d30683f2a4d06afa7a92c924d2e21f630e88259606e80659d5a09b77f483ba3e69e852c5153a4a696efdcaac344b40d735c6083066be6ceefd86e5f86a1fec58099d9bc4d5e38cf99f3ab6f376ec7bdbcf8a000bbc7ed354983908519c01487e681ac75d7fb328bbebe512c80a05d3dad9b50daca3320b5bde9ea7569133d8695d218bbe99d0820ed0061baa13250cc9dfc7a5bc688b81b520bcc14ab84ce23c60aa28758d09c2577545f5e73b7b78899aa9b4041db8d91008728ca1241e3479b1b4ec2e3fed0db346b01f7ec1587f4a3f239803b491ebf53ebd57d197b9c788f9ccecd47378ee8a1da236df8e03b3f0d9581846f1ea4935757c0b8b97db09fc544861405796e5825a6cd4ceda346d749c007e37fe12df3b54670f77753e4d1706def115bd3af56d42b2a660b11d9621f9fc5d7f06df60bdfac2570dfaea69e54e3d0aa13951b52f9c4386696106cc57119430dbc259fed9f8b7545f5eb8a2c1a80cb8622340b8edce7ad14fbc20a3088dd1f193178cceb4a240c0f91f234e44a136675d645e45321c6a36ab239c687f685b09df2375de02b65fac2f5f37d9758bcf3a9b6a5357451bc334a96df43b9d6c11d7ebdc3e0e8a6bca16a07e9017a3ce8c4e55e76e838ff91510e3f97c877dda73d68dde42a01ecfb66369868d19786a0d48cf3d9b415807e5c5e6e41ad7a462937b7788dfb994ce9e14760711ee63ffba9696ef62b576f4b32abf73b911e4ecce3033e121009ba4d37542a312ead4969ac0150de3f981d5e27c7e3558d3fc8ce97f29e85c220d7dfafdff77a68e0232dc7fefb4cb69bd46d862a75f8f2258c71df138554f478924f185622936cdaf5d9596d5bc2d44797cb1dc27317e1ba159dd92cf5a39aa9e9e59e2c5c3766f0ce0e0a716dd51f62da26cfd05346ffa741ab966de1bd13d42c8f252a0cb0ff4721d042fdfc2a06f6d3d7d43130bcb0398ff8bcaf71a3da7ff8e1424c0aaa66293a8336f579f04f9fa7f8e9210a6526ae168dc38e187f2ba621e906bb217c1d5d49f5632606e60518024eb60769e9356e9401fc9b15abf407204d9308e33d657384e8b1908715b273eeac4854fe18fab791db3ceb44fb882cdf981545eddb832c399d8fc6020fee4574bc442469b226d29f83e9e74a6e9e9383f3dc41427fcd1cdc969bde2a2c6d64fbfb4ca7bf33b97575a5b1361da0e00df3942540a82698b86a1385e48cf3ad191e5f9b05f9686bb59afdbdd94f88b5898d07c3941658e8512805af34ffa4f96ed4134caa3e369a858f94e5fade63e1ff0fff96ae7efae4548b1156aa02fc0f0d9865f6bc3b7876706064ddfe229c17a581491cca1cbbe9cbba5b7fdfe37d32b666a5f63d0f14daef06599c676e45db99c4b4077a143f4a71c17c039ad3fdd34c6cc554b9f5e80414e3fa93555d63c6317efc10abfae7808e2a88abb2404b2046c3539729e726f63c35a2666e5368fd592f8f16503dff9237a055c09b612c3487bd30a654dcb55261d477066dab2d10da40daf2dd8d3b49ad72730fddc0ff831e11df514a83f0f91345134e136b25c6ba4edc42ad19de1af9711e0e1f2d48f7505826401d7c3a44e6844e16c4f79dfd686656b4c6372715b41f46fe0db78f20d3e8b5cea6eaa398b11fbff74db9c2c5d04e83f34424a716bdb35693e14695ffb56d952a0ca7702071c56a24dbfff674a25cb1bb1850a7536c4ab9d239c0f7e3af719f0c90e2fd75fe68938874827e261b9c05d252747504a9fd10ca093d8da8b5bf93845bc114e68b1c58eae458e7d1ffdc92ef606af42f25e425f8907f645a9a08532e4168ab211086e7371d561aca182806a0a2d34e4f30bf6b97e05ea308a45118b120b564ada9c464e4d91a8cd25671c4ecc8d1f9139c56379d0c53b1461329f6e25cc6c2a9deae6f0e2588b506a46ba5e73587e8637efcf6a4d6291e99b566963140c61396abd4ae0a531bb575d6e86e6b2df9ff677e83141518d3e5e27124ab7a1d785ef9b437092e497c5522a3c6c4f61125b7bf7448ba9d217a2727c1cb9b2bb277de1d8c63648db08127a2f34a93d6d3323f298a844b4fb1cfac109301f8b6b480bb5ded69089222c1758170b6343422e9cb4f9d0318c788197bedfb2ee8b010890efb943de30aa96d1e8db7b556420256a668729d7202ece168f46964d34f2ad9e0658f8ac2231a2c9709dce4251e4bfd5176db6c05c61b9a88d131be1e43b0b6ae3d558a5bd20525393ccc585993c65fffd56f26c7feb7d6edd93f1cc57ee1b0d50ef696ea8cfa701ae2c4103aa2dd434750d4665a224f70a9fbcaf802cecf5b7e2498216264f73e2677c8447de76f40594b360195496b80503c33078fc247e34b603bf58981c045e4c0234c17880859c20b6c2847e6ef4800743483180e79011fcb048896ce094741e1759e0d48449192d88fab7283baf97977fb198ab1520d7726aed89b0f464fcc1476e9b6beeedc96707d3467154ab1e148692584db1ec5817c6e5dfb66814adf4b3b7e212dd4b79fccaeebd0c4513e6cd4fb4de062e97376172ddcc14e01e3560a501b1feb9fd22c4db0495dfbe41210467b7bf1b600497250df6ef47a4999c0a36d379070b825bb573b6654651093ceeffc5fddb555da468bf2c710ac569fa7edb5d10c26e8d6dffbf21b8e7a0b5ecab5eb183e7b0a886458d7bc9d77786a3bc224d199a4a21daaafe404b842c39b47cbc9e1f69e9dd3ed02109ae56e63f753a6aef7f4579441f6e7b7729396d5728cf7e91a2e734fca02a0badc376d6fa44fa5dfd96a4d9662659ec7fa2c6cf728e0f6480ccf4e0f57273dac3db5c59f706e4f606984b8aa5175f5a9c2eeb4e32c323e392164d4374cd64ba88663b091a0d3850f2d1c9601d684f5c429fb1ce0a971a016d6aad4a5b3d42b2f1278814579e1601e8f23b494299c019c792b731eaef4e90c48d1d46c5b2f1ab6b8dc7fbc5a9481fdb0af139fcb981054f7367c93c486bcd256e7a1f9c62150951e71fed22e2185a552a2df0bfb42b92865cafd8dbe931151882037ffc93b6f86b43fa9a7a368a79a10368a795cfe40c4dd82b911013b6d804214495b505b003940d7be68fcd813242275bcfe9da95d28d8999d4551d192c27476d508694fec7ea1fe8e06ef55500723bd0bb7971ad60714fe87de18a01a9de2a73aa81587febf295f24ab1e9fa83bc6f33f8e68a35e3f42862046efada157ef2ccc9bf6b1b0eb3343aefac8ed558a50aa6c2dfa574373f06d52f992140708283c959721a1897e5bf70463218ae73e241fee66378b63d6a296337abef0dc79a94075c20b4f4bda378972c2ebc36ad3c207c0b002ccad4e1ecd27309ea2fda7818cced92147066e4f5db7c6720fc23bf483bc589993cf3b66e2c23c3f021cd386b58b5382127095eab3cce1e3c8e32c7174c0092c16ebb9e3b024bcb7eae4238bc737d3ebacddaeb857cb53d2a5a9a411b3cc6f17a896678da5e75236ecd47302d8ca9745289b243884ef3ced3e8663cf9a5eabe86541080d1c0aedd1a54069469fc8941beff292a58c77f119dbc4eb3787495853c46b02786c22bff2ea698a316490137b6ab3f924b0ea1899965b994b47c00d91dd68237eca182186bfd670b9c4fa372f9b121fab5ddcf74837f3e07375d3f8fcbf6983aac8ef2d4418d3f30e722f468e7538a18b6836a3e90e5146fe61eac63701f90dc8eb6c9ef429fc8c37963e0c864d7433b1cf5fc70323b22bc3178da45e160c2f696b3e6038132699e5c9296f2dc5c3e2b3e7283b1d9f21abf63a49b5f084aee9c15dd17ad5cdd42cfe45e11c3946cca396626d7e5038e794d39f66026bfc01d5e534eb90d98e78008bb2ad9390673eb5d88b781573bc912715e1e4c5dafe5001ef3612aecfff900f84069a27e758ebf648b6c3ae55793f51a0d01824925cb3cf155e9e792c875b060081e39ab354fdabd936d41e98060f8cffee632dbcd8928b93c1f63be92b59d00f21502a5c7e5c0a210cd10876d7c7fa2dc47b915206a2261e323bf59763d5d687ad1ee97ffa7f93e2cf730ecdec539ae74d0097e9edb47a28acae25508b664172cafde078e8ec2d5177e5358c4ab44d36a4c33864c9c165a004c8f2db0a2bda6859afae45e79567276ecf60eb20514ab9d32f60fb919b6578e762e72cfa19caec6cfc54043b5ee6733320bd3e3fa09633bff5e4e8e695eb71bd920b204ddf6920a178874a726a50339dfb5d9f9cc96c84480a46265fa2a4979bc8b718908f17dca13566d84a933ab4bb17f576b32c0184440fc73ed211cea76c727a983a9cca18d7a404d1700b6b26e1b1711ed62b6dbaccf0fa434abb8b51c1890a0a6d791164c985a85558fdcb1082fee47a708f286a6ecd38909e8669262cfaa3adb6400e9af5589780449948b3952455d05c4e0c5dd10672adeafdf8ff058f66f8367784ff77607c019de6d82b12c447bbac24b18933d78ebee10b6bf76a986bf462bb6d1130dbf3d476e96dc27dfb1129cfeb9f4f3c51ac6eae6a3f2f179b1378bf1360bce819bdd5333227cdae8b4bf67e40172cd6333355fd4826d2dfd214e63accd72d72cb7c315d1a46bad185962ed379a281ae45d69e57a2d4bc71fe3471c636ae36adb7380be941568bbfd6e6573a3c8651265625ea873454988636ecc34bdf2b476660490d0a76a83014eac2b27fcf6f697eda0f01d246f0a011718bff97d6b71f6760816281ff9317c9d6fcc79c958ef3488e5fa6a659ed012231cee30a80142e0595b4907b95cf20e9da4f1ced07e0dfb31aebf33413afa7510e50dc2c634e8e406bbac6aa96d72fd324276d08c2767262a51d559428799a224eae73157c34d3d95e340c1beb2d78c8720e42bc5de9318dc22dfa769d07a0fe729374fea5724d6e25d0a7ee424d0fa3256800cb59faadbd7f02aa89ae5ad47bd4dbd65cbfb3e129b7ab1b422a9a9eb7145e5f9a88027cf1ab2f46f3c2bb4b82c361a15aade1fc305d8abd33bfc9428cd2e954c210ef82650db3c9a74fba3eeea703e0700428f34d7a5a60496da788b843742c63e213ea3d4a492fa2f6e866c31f0b1092e8f010e20624826c23798d9b6f1128c9035aff2aae87e00526972edf81ef8d56b3712f28af67aa3ae00ea81918a7810f0b04583eccd487a2493c3b9364728ab9b71fb783b7ec5bfea03a9159c22d2608991d1b7e3baf048136e898b8de2f94e619263ff80afb75526039fc9906c91e033de7a2a012eed293841259726c20c583cbf8df8a24427194be509cc45343efc30b034453e0d2bba4e641539e0a1e9e775059720e39819f9162d96d99c390", 0x1000}, {&(0x7f0000000140)="48e7b9b8768d27ad2204362309c1", 0xe}, {&(0x7f0000000240)="3357e57fa62f6185384794ed308cf9fd1d4ddccb392873eee1dda04aa96722cdd79b23e3e7fccf1c69c9399d81218831ff2681d058a9703f875acd2aaff83b0f86b5b97ca64ae9b0b9eb594ede8a35699e56b8a57b2440dfeb8bd0e0d75e783a07b762ba71225cb25705c5d929cadd0597854e9aeede8f7995df05dbf3613a536ab987dadffd4b7a50265617f25929219e9193b9bea2ef404c", 0x99}, {&(0x7f0000000300)="c4fdbfb8857b009d3004154db16fb5a6cb29750d6ece57b1a1cf40625b2d67e9d39e176bec3854a3696862a5fc34c2880dcc63ababf9761877844366a2ab15306f53119944b00da77d517b151577c6772761eec3bb172b8e16c80bfdfcbc4736a5042fe12246eec491795426eb774566c61f033926f684dff643360183abda08ebd6ff476b421d83ba7c7683920645a1160362d08b579ece6d9557a3973ea510f941d4695ab7d29d1382440ef79cb92cc537fbb70131e5ff6f680535337d4cfba88c", 0xc2}, {&(0x7f00000014c0)="fbe176d93aee826cbd7524a3e84dfaa0156a2c61c0dd9aa0fe09a6492ef3d05312e0aee35b861731d953313fd5752590b502b77dd5e5b13e703266a9da493a03a5b61525e21b7cdcbc140d8cc857bee23303e1a3569c442c335e42fd7f9ba4351d3501eb82dde87b74d5e8f9dfa36fa9b90cdb45b3a49e3860a74c42c5ec1b2e63e5d21617bfd5bf65d93c3809702d187f5f1229b33913cef4a6", 0x9a}, {&(0x7f00000001c0)="872ebbc613a1e17602089702856639e3ebd2813434c158168bae9857970ae99217e2c44b39f573b594d3c5d7eecacbf7da439a4c15d828a0bdc9219d25e41866", 0x40}], 0x6, &(0x7f0000001600)=[@flowinfo={{0x14, 0x29, 0xb, 0x8}}, @rthdr_2292={{0x48, 0x29, 0x39, {0x62, 0x6, 0x2, 0x40, 0x0, [@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @private2, @dev={0xfe, 0x80, '\x00', 0x39}]}}}, @rthdrdstopts={{0x28, 0x29, 0x37, {0x32, 0x1, '\x00', [@enc_lim={0x4, 0x1, 0xbd}, @jumbo={0xc2, 0x4, 0x10000}]}}}], 0x88}, 0x10) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000000)={0x3a, 0x0, '\x00', [@pad1, @enc_lim]}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) 05:39:53 executing program 2: creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000640)={0x0, ""/256, 0x0, 0x0}) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x0, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x100, 0x0}) r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000040)=[{0x20}, {0x1ff}, {0x6}]}, 0x10) sendmmsg(0xffffffffffffffff, &(0x7f0000001bc0)=[{{0x0, 0x0, &(0x7f0000001980)=[{&(0x7f0000000740)="9635ed3b", 0x4}], 0x1}}], 0x1, 0x0) creat(&(0x7f0000000140)='./bus\x00', 0x110) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {}, {}, {}, {r0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r1}], 0x1, "2156816c73038c"}) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000009c0)=[{{&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0}}, {{&(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="3c0000000000d3561f7a0000000000007f000001ac1e000100000000070300ff000c1f25b0bb3e889d8451235453b95f000000000000000000c97c00000000000000000000000000000000000000000000000000000000000000004be43dcf5592e57037e457ce2807ada3c2a7f3e5b841754d7d65a9c6a39f862176b573e96050f0f05a7c0d363aba8767a42509b3003951e932d5da0a23b47d284c8f3df2f9f5fcfffac8c0bb3d05dd7c8e8a52cd8c17bd891b43e5f94471cd23"], 0x40}}], 0x2, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000080)) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100)=0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) r6 = syz_open_procfs$namespace(r5, &(0x7f0000000280)='ns/pid_for_children\x00') fallocate(r6, 0x55, 0x1ff, 0x6) clone(0x40000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 05:39:53 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7040fbdbdf257700000008000300", @ANYRES32=0x0, @ANYBLOB="0500ee00810000000500ee00070000000800ef00000000000800ef00020000000500ee00020000000500ee007a0000000500"/64], 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 741.848084][T30917] loop4: detected capacity change from 0 to 131456 05:39:53 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x50840000, 0x0, 0x101) [ 741.894371][T30989] loop5: detected capacity change from 0 to 131456 [ 741.912163][T30917] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] 05:39:53 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x814}, 0x404c000) r3 = syz_open_dev$sg(&(0x7f0000000640), 0x800, 0x400) clock_gettime(0x0, &(0x7f0000000100)) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) clock_nanosleep(0x0, 0x1, &(0x7f00000005c0)={0x0, 0x989680}, &(0x7f0000000600)) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 741.949665][T30989] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 741.959665][T30917] System zones: 1-2, 19-19, 35-38, 46-46 05:39:53 executing program 0: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)) r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) lseek(r2, 0x7ffffc, 0x0) write$binfmt_elf64(r2, &(0x7f0000001700)=ANY=[], 0xfd14) r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000140)='1', 0x1}], 0x1) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x100, 0x0}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000000640)={0x7fff, 0x8, 0x0, 'queue1\x00', 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000058c40)={0xffffffffffffffff, [{}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) r8 = accept$inet(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, &(0x7f0000000280)=0x10) ioctl$sock_SIOCGPGRP(r8, 0x8904, &(0x7f00000002c0)) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000240)={0x0, 0xdd4b, 0x1539, 0x4, 0x3, 0x3ff}) fallocate(r0, 0x100000003, 0x0, 0x28120001) r9 = syz_open_procfs(0x0, &(0x7f0000000080)='net/arp\x00') preadv(r9, &(0x7f0000000500)=[{&(0x7f0000000140)=""/144, 0x90}], 0x1, 0x182, 0x0) [ 742.000056][T30917] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 742.010706][T30917] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2120/file0 supports timestamps until 2038 (0x7fffffff) [ 742.038162][T30989] System zones: 1-2, 19-19, 35-38, 46-46 [ 742.066009][T30989] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2072/file0 supports timestamps until 2038 (0x7fffffff) [ 742.092265][ C0] sd 0:0:1:0: tag#5573 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 742.102150][ C0] sd 0:0:1:0: tag#5573 CDB: opcode=0xe5 (vendor) 05:39:53 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x81020000, 0x0, 0x101) [ 742.108499][ C0] sd 0:0:1:0: tag#5573 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 742.117536][ C0] sd 0:0:1:0: tag#5573 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 742.126556][ C0] sd 0:0:1:0: tag#5573 CDB[20]: ba [ 742.139106][T31325] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 0 (only 8 groups) [ 742.190767][T30969] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 742.200955][T30969] CPU: 0 PID: 30969 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 742.209363][T30969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 742.219422][T30969] Call Trace: [ 742.222696][T30969] dump_stack_lvl+0xd6/0x122 [ 742.227293][T30969] dump_stack+0x11/0x1b [ 742.231493][T30969] dump_header+0x98/0x410 [ 742.235819][T30969] oom_kill_process+0x18e/0x3f0 [ 742.240704][T30969] out_of_memory+0x5ed/0x890 [ 742.245287][T30969] ? mem_cgroup_iter+0x29b/0x370 [ 742.250269][T30969] mem_cgroup_oom+0x484/0x520 [ 742.254938][T30969] try_charge_memcg+0x736/0xa10 [ 742.259875][T30969] ? __rcu_read_unlock+0x5c/0x290 [ 742.264909][T30969] charge_memcg+0x51/0x1a0 [ 742.269349][T30969] __mem_cgroup_charge+0x25/0xa0 [ 742.274326][T30969] do_anonymous_page+0x1d6/0x8d0 [ 742.279320][T30969] handle_mm_fault+0x814/0x1590 [ 742.284403][T30969] do_user_addr_fault+0x609/0xbe0 [ 742.289485][T30969] exc_page_fault+0x91/0x290 [ 742.294115][T30969] ? asm_exc_page_fault+0x8/0x30 [ 742.299048][T30969] asm_exc_page_fault+0x1e/0x30 [ 742.303944][T30969] RIP: 0033:0x7f2e21bcbe49 [ 742.308388][T30969] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85 [ 742.328077][T30969] RSP: 002b:00007ffca696e270 EFLAGS: 00010246 05:39:54 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000b000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 742.334230][T30969] RAX: 0000000020059000 RBX: 00007f2e22142000 RCX: 0000000000000000 [ 742.342284][T30969] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055555675c2f0 [ 742.350246][T30969] RBP: 00007ffca696e368 R08: 0000000000000000 R09: 0000000000000000 [ 742.358276][T30969] R10: 0000000000000008 R11: 00000000fb5bc285 R12: 0000000000000000 [ 742.366240][T30969] R13: 0000000000000008 R14: 00007f2e21d3df60 R15: 00000000000b5236 [ 742.374276][T30969] memory: usage 307200kB, limit 307200kB, failcnt 1800 [ 742.381207][T30969] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 742.388135][T30969] Memory cgroup stats for /syz2: [ 742.425254][T30969] anon 2121728 [ 742.425254][T30969] file 306561024 [ 742.425254][T30969] kernel_stack 376832 [ 742.425254][T30969] pagetables 2379776 [ 742.425254][T30969] percpu 0 [ 742.425254][T30969] sock 0 [ 742.425254][T30969] shmem 306561024 [ 742.425254][T30969] file_mapped 0 [ 742.425254][T30969] file_dirty 0 [ 742.425254][T30969] file_writeback 0 [ 742.425254][T30969] swapcached 0 [ 742.425254][T30969] inactive_anon 5386240 [ 742.425254][T30969] active_anon 303280128 [ 742.425254][T30969] inactive_file 0 [ 742.425254][T30969] active_file 0 [ 742.425254][T30969] unevictable 12288 [ 742.425254][T30969] slab_reclaimable 1264736 [ 742.425254][T30969] slab_unreclaimable 1457424 [ 742.425254][T30969] slab 2722160 [ 742.425254][T30969] workingset_refault_anon 0 [ 742.425254][T30969] workingset_refault_file 1 [ 742.425254][T30969] workingset_activate_anon 0 [ 742.425254][T30969] workingset_activate_file 0 [ 742.425254][T30969] workingset_restore_anon 0 05:39:54 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000ce90225ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:54 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x82000000, 0x0, 0x101) 05:39:54 executing program 0: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)) r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) lseek(r2, 0x7ffffc, 0x0) write$binfmt_elf64(r2, &(0x7f0000001700)=ANY=[], 0xfd14) r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000140)='1', 0x1}], 0x1) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x100, 0x0}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000000640)={0x7fff, 0x8, 0x0, 'queue1\x00', 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000058c40)={0xffffffffffffffff, [{}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) r8 = accept$inet(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, &(0x7f0000000280)=0x10) ioctl$sock_SIOCGPGRP(r8, 0x8904, &(0x7f00000002c0)) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000240)={0x0, 0xdd4b, 0x1539, 0x4, 0x3, 0x3ff}) fallocate(r0, 0x100000003, 0x0, 0x28120001) r9 = syz_open_procfs(0x0, &(0x7f0000000080)='net/arp\x00') preadv(r9, &(0x7f0000000500)=[{&(0x7f0000000140)=""/144, 0x90}], 0x1, 0x182, 0x0) [ 742.519372][T30969] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=19449,uid=0 [ 742.534647][T30969] Memory cgroup out of memory: Killed process 19449 (syz-executor.2) total-vm:85216kB, anon-rss:420kB, file-rss:35764kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 742.563947][ T25] oom_reaper: reaped process 19449 (syz-executor.2), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB 05:39:54 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) write$binfmt_script(0xffffffffffffffff, &(0x7f0000003080)={'#! ', './file0', [{0x20, '-.%-)'}, {0x20, '.'}, {0x20, '/dev/sg#\x00'}], 0xa, "f92fb00821dc8955b8ed6c55a2ec186ea1ef075ebd3bd692a2a8ca22942c214814a38de5ba49302941af0819271c0298783244ee7055c176d7309652b63e4f666426863970c3fa91027cbacafd9b186fd2e52b4493d455d0b8851c2c7c59d235f8c9012bac980e8f8e8c660d7e5cb6c75c8091ff336b5bf0739d2fcdc88d2a46cd69d3798355cf92e1378baedfbd5007b600b2b6e2956b043af6ab68d87ce980082b20928ff782b782c1184ee68469b4d53ad32711487fa0b3176253b2dfca2dd362c2df7da1807ed89bea600cef9351ddbe6fdf4bbdcd1ba7cb44a324abc90e77c1df77c034fe1e3d6482badfd73fee7757599dafb4ff6d0265706dc0329b1192194b415ad8b53d837e8d89d049fca2ffc1b74b2a1a40db592c556f730678a6b825a48a410762b27a44203ef72edbcaa6c7184ec0e43649d4822da9659e01f9359234a63340b1f990fd040d10204d1a9345558b73b529b34b9cc7633dd6b393d6e472be9c2a85e386d8cc1d30ea595d16ec0558e650650a3c1397fd138f95d829e18789a55a1ece84a092e0cc695b4e3b30f1a15f1ebcd501b3d669cf749cc34a09ca978868025f0bec1b9092af11db81c9fe40563b235295b16b4c782d38e88387eab70a66536a49589d86f05d105f0d7daf08e555048b2e741ae5482b1bba2fa5c6bb58b157f49a9ae0245ad218ee74ad952b214bd57baac36e9f1c8e807c4d6b53aa2fe70d44e4a5f67eb601cf80b57f3e83031956432d16cb7c5f64b77552b1f5b6defc43de23b45a31d69b7a0d8153eb9a15d648216c4587a398f84268f59f66a7c28d84cb33cee4363e46506cc2548eeb4e8934d744e01e9e49ff964749434e7768fd0be2a1b7f1694f56455582dd4230f973bd288c50fb604a51336e00a4d2c0a1177aa6b9452dbe1916280d0a6dcff7de67d0f5ff1bf3491e1bcfc074c16a61655aafbf51bb7dd304e8e46fa9754d5e6cdd38bae5281997ea65e40aa482f5abd865cab2dffcbfe9a92ff4956815871e236556c607782566131ba3ddc8e0f6325db4e8e6c3ba22faa29933d2bbe25ca850c3b692ea4502b8a143532019953f2522a403573dc2115523864355b6219264f2ae87c15c47f9a95d802ea3e2775fbc2484972fdf1776d86cf3b59433c2904173ab17eba968577edda0aaf2ce60cbaccf14f48585ee00667ad7e7b9c04e3c165cc2fa8631a43ba569da58e3860d96e9c304c6b855d269eee746a19608018e7991a8d9650ff7266470c8fcfd7b276783385c26376dac8ff28e251cd93619f392a4d8604e28e7ee925c1b105d9f3e130338906061f3032904696c366206ca4cde178f0efb5b191fbaaab87cba531c33e989f1c1be92b246498244c3fbf6aadbdcfb3e6f07c676fad2793e071d76ef9f2c784134db679a58f1cf6f69df0eb98255501a8ae9999924f26e3f5c7ddb8679e4115323c27f05d69567b31fd5ea18d5956046f69809a80f8a825c6ec7dda1d99ccb4518d019facde9066edf3c2091804411290fc6a3fafdbf0487aee53afa7de9f3cb9fb286898cb251f58f1e9f648bedf8a4909e49f48e1cf5fb54342514f86bfd6a07df2c2722f2a6395a0d62c59099021a47f4ce204fc9529ebbf448fdb76c75d587fd196928fd00ead57d5166c17d5a807d927cf44f27ebd18e12799dc1b52029a3941d0d1e2dd8ac88d2b12e2a628d6c67a54111a1730300b37fa55441b4db2371afb24d826e10ef0eff98954d2d5d461a4d0f8d12919bb5b2c3a0c86a7df376e4294cf33414e9a14c128b46e77e93493734f75be3770d9e2fdea0791be7af00d9dba5166c29db52ae05f228e5e5c2490d09eb989dc0fa4cbdc458e0c3aefb2bf9d694c891b8b977f1d6dd64bffc02210c20483e60e104aa4ba81c17c3def9f90fd281c6f49f58375a69c797a3ceadaa5e89f888422df6a416a8b3df8aae91fbfccd615b4ab1a339500b56b778eb1a842b632626d08072d5dc3d85c281b51d9a49270c45f9bbbc0833efb6d93f2b188dc1306571e7059eaadca4de1c1390924f0603817d5bc9ffd28b4e60b5b31e781ab0d43859b38807318f0edf4717ed665325bc78aaff88b9a597bb8134cdd35db58881a6d9b1f3370dec892600198589837e87fa9e80a1b7b78fe9dd935b0f5553c40d103b85912ff9feec519e4a1f0ff4aa2a37205f4de4430136a8ed573377bdfb35f5c4d116e2570d012126126ed78308a0bb32e11f04bd48b46e33bcbfec6a33bf4d8e9b0af7c19568c67c90383d37fd73baa12f2f516e895a629f6c14f883e3a96ba5b863deb4b535f0417bb421d16cdd8fce1eaae0157a00c18975eaf58893057570e5cc0e11002dac2f5343313354445df410d7ee5211fdce050692de2d60ed210904fd436aed6ee933c332f7b74048baf22339fb2dc97c096a090b3522ee50f70f9951c45307b0625921b0887ff9dcfc5a4b59c1623ef2d370e11a08ae47f3ddc77352277499dfb938a143a8e4b2a2eacfd7b1dd0c8b3ef0e87d74050716fb7c49c56b7245c908869f497b38f8e7e21a2f695e3db7ccb01b7b00d78c779aeb3bd994634d97c3a78aeaa13356e96dae827733e205f056a5976e546fb5f1d1172ecdc37cd4b781e87dd9b0af35d19480b281a285ac43d320aeaefb2481756bf4ce9e193dce804c29d37e871c14d15f88bfd8ce93b68dbaa85dd5263dfd2edb58752c8f18f79ed9d2e084387016ee5e27ce07299e43ffe8dd926b2b56653d539d82bdd514813afb2e1492e3ff8cee00e2b315a85d359dd4b5058c0171dc554138d1fd2019dd11d67d5b93199b0631ef4fab41c03d8a155e5d67db453c35b3e32003cddabe2f9e9fc4b45525ffb452d55338d782305a5b644fb8f964b9d16a151813d2d5765cb9b0695a037810c30c0a9778d713c43dfe932abe3abdc296e8cd1f3ccdb77190cdc5acf83269672bb23412963b624d08e45345db58bdffe9df6a1488336a6aeff2797da5b1f3def33478cbb5ae6f7b3463a15f7cd9e80602fadea5bb3813d17eaa2f25bff9ce0a192b9fa3152eecfd81cfb7f5162bb1feda0f07544d91eeb1ebc38fdccf7044fdc105cf968a574b94d63f5348069c4424db4aadabb569122060d868ae5a22a3688d63b00e3fb2ed26830b945ecd81a6db8370976c876c788712ead2c4f6814123434932d107efa7012f57119706d17e0e239a3765bf900ece4e8a430a8cbb1f766f8af7401413a4c811409b6ec9bbe7042d153ff65c3dd5c69a47ca4e837c2b5b7111b2d00a370bd0a32636bad4640fae32b15c02a61228d81844aef684dfeb454290c5ca7a882778d3cfc0991cda4d721572a511d90a8d8ac2a1c40d7d7d9c66e49b8155e360e548777a3069652325f9e50930f4157a19e2c0fd6c28fec65521ffeaddf8d4259750884b5b4aa0c0d05b82b317db7ca9913a94447642e0b85f08e847be89cc8174f4a14169264a23dff9ef921cfd644ed4204c5828d021b64b7af66fca602d57eebe6334f9165d564725ddf8587fad58f0bba7d03468dc549dbbade3f9574456ff2f14cd93309a1cbf3e511ea1a8fd97089f9f082af21c3f4195fd82c1056ce82f51ce3668d576b71185b3c3287afeea2726020c6fb001acbb74f32df7f20b059b0a636ffccfdb84ed08b0b34a83cd2a51e9e17aa3914deeff16df22000743674fb3ee76a116d1c91c20f925b0c89755475616739375ee42d902c4eac6dee95c3ae7e526f07d06e2376dd1fab39527b8d6420228e48b6ddd33e905efa0a9cc293f57e054282a62bb88eb09cc091ac68b96271e4ef7537d0a27fb0db6c5ae16dff6991fe889529a9db848e7525b46bd37ec63e71bbf0fd83e02d32e675ed2abd4c90884edb7a5a90abc4e74d415869840296d689359b8102b6060507d9c6dad9955718b5fc64b948e5377cbb43746e93307eaf2a4a962a0de1a804421b52cff492bdedff251308f60641ddfaa2d776f7e098f2a36e5c3f819209ee864d1672deb10ab31976b3c31a8883ee48b9a7f5e848daef53634f3501ca83052e3845173752b8041f311aa62cbfd23b01788c09752369e3e32812ed2f13f8babf166c4db3b1d5897b2e25c30d647071703e0231cbe22d52fb07574f9323da87e83cabecd33897a6838e2b9f07c8b669a61f247bbf501579c8f4aad0a4d01ca7bce9684a2ee0469f6dee7132dca7c3c6eb3c89eb8a469b93ae3f507d037049de468a73fa6a38063de18852432fe38e7dc5e5c734dc5b68a06f015b56cfe2bbb3852cde9ab3091b2b8c4defa78e087e214685818173ed3eab602a1a604f3963bbf893e04c85d28a92c5ccaf38680d80912611e1a7ad36a783608c372e7dada5a8caa0a5bcf5e3c6cc3244d4219403efe9740e37fbf1da7b87b66004891cf633621dde3ded55eb4a27b8866ce0f105afa4ef38b81e97b14cb896be62de9a460faa5721df4a9c7a305d4a607f7e5e376f34fd36c64ae036120650662e309eb4a3a340ff6ec29b8c885442c7f50f9e73bee5bc80798e81e1c6bf40bca2fa7ef936b899a6935ae0ba8f0ce3ea51c76266efaf02b972dd9e9451bdd8a53d55607cd40273591b1fbf38b4fdf2b61fce907a4d59898fecff87ce5828bc3a3f20266e73dd77d07289c8c1d97de2e1b7870f4ea3588426c94754257af00b0175b04a0dc9498d9176ff80ed8f2d340553c43bd3c7d8d1bcffb3bb4c10fc4eb6ba332885306717133c9ee44dcee65edad6c7da3294f2ea130a39bf8cba5001ddc5d6e7aa08f7b33ae9018158f321841b294d6e4472eeb5924cc12dd49a64624eb07ad2a909f1b04208bcb155af3bdda9b758e4dc13fa4d2e98c73b257ce3cb96a001105825e57213a9950bfae92b8d043948b92292fc6cf8e5571b666bebc781fd06ca1178dd1df1a7a0d149f5e5e05b62dfba4124383115b0187e4a9e6224f6c770db6b219eb56f07269f741dccebfe784ac9d0ee4440858ae6f1dc8bbff549f5a2f27b023596356cb0381f74ebb6e7d946f8ecd819fc9c4c31e9ee4b92629dc25c671bf66041fc60e827aab4e8ee8c3452681dc4a476178cf1362c713d6c9472573485a21e5355a769ebb179f2749109ea16a703064cde4808fa4cee2df7ba3196ba95f62a2fb8bdcd32dab8469de17553ef55cb5f8d44cc5cfecff4534b9e7b6886c2006b8295dec293a867603111871888533a300391e9a5e358d91fb804d825069a84eeaaf2eb8ebb01f1bf289fb834050031a9f3ba0fab7f8782af9b818d463efc84b0da9ad64b32558e14623472fe0c69b66805d6103f621df29c94433a0d15b9fb8b5a00604c82be97e8d2a46515b83aa01ed57bb9e76ca17a7e330a2f06ff7d743f33af4816638a30de77fa599426a150cec61fb3fe920eceb5a859e258402fa571c08ff72cec68eb2f7cc45534b346cb0929b4d9ff8c79589d8e2be194df3c1047fd91273c39fb1a73e37c5312d181df2b9e40553f3843ea363cb3b120489a848ad6cf6800dac3cac11faf3130e56dee8a40e8f011e2bddab3481391cf51a8af58e0f4345d3a7dfd38589f52b73c4e9ad22872499a1ea4a4b616eb44af9dc8ca51434030cdf3b24f27fa9edcb2679b8d6f01a53cab1b7551f38cfe76afee1df7f4e4dccb910462a906cab4cefb9aa1eb3a43175bf41fdcc9e05312af4597166b66ba0e82d1850159c0465bac1ed929b448a9f2d7ab61ffa2537f82a5757dee2012228f10c5d255dd07827c52e8399269e1282906638ccf65f850750113a5af7e7ec06db0853897e4bf110b299ca96457d697709875778adb001644452"}, 0x101d) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) recvmmsg$unix(r1, &(0x7f0000002fc0)=[{{&(0x7f00000005c0), 0x6e, &(0x7f0000001840)=[{&(0x7f0000000640)}, {&(0x7f0000000680)=""/200, 0xc8}, {&(0x7f0000000780)=""/121, 0x79}, {&(0x7f0000000800)=""/39, 0x27}, {&(0x7f0000000840)=""/4096, 0x1000}], 0x5, &(0x7f00000018c0)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x148}}, {{0x0, 0x0, &(0x7f0000002e00)=[{&(0x7f0000001a40)=""/252, 0xfc}, {&(0x7f0000001b40)=""/55, 0x37}, {&(0x7f0000001b80)=""/119, 0x77}, {&(0x7f0000001c00)=""/13, 0xd}, {&(0x7f0000001c40)=""/156, 0x9c}, {&(0x7f0000001d00)=""/237, 0xed}, {&(0x7f0000001e00)=""/4096, 0x1000}], 0x7, &(0x7f0000002e80)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x130}}], 0x2, 0x2000, &(0x7f0000003040)={0x0, 0x3938700}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:39:54 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xf4ffffff, 0x0, 0x101) [ 742.595330][T31648] loop5: detected capacity change from 0 to 131456 [ 742.600434][ C0] sd 0:0:1:0: tag#5574 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 742.611766][ C0] sd 0:0:1:0: tag#5574 CDB: opcode=0xe5 (vendor) [ 742.618108][ C0] sd 0:0:1:0: tag#5574 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 742.627231][ C0] sd 0:0:1:0: tag#5574 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 742.636264][ C0] sd 0:0:1:0: tag#5574 CDB[20]: ba 05:39:54 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000000)=[{0x80, 0x6d}, {0x14, 0x0, 0x4, 0xb869}, {0x6, 0x0, 0x0, 0xffffffff}]}, 0x10) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x3, 0x8000}, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0) [ 742.651597][T31646] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 0 (only 8 groups) [ 742.666675][T31648] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2073/file0 supports timestamps until 2038 (0x7fffffff) [ 742.709298][T31750] loop4: detected capacity change from 0 to 131456 [ 742.725691][T31750] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2121/file0 supports timestamps until 2038 (0x7fffffff) [ 742.743505][T31778] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 742.753839][T31778] CPU: 0 PID: 31778 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 742.762353][T31778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 742.772490][T31778] Call Trace: [ 742.775764][T31778] dump_stack_lvl+0xd6/0x122 [ 742.780356][T31778] dump_stack+0x11/0x1b [ 742.784532][T31778] dump_header+0x98/0x410 [ 742.788860][T31778] oom_kill_process+0x18e/0x3f0 [ 742.793783][T31778] out_of_memory+0x5ed/0x890 [ 742.798374][T31778] ? mem_cgroup_iter+0x29b/0x370 [ 742.803363][T31778] mem_cgroup_oom+0x484/0x520 [ 742.808036][T31778] try_charge_memcg+0x736/0xa10 [ 742.812893][T31778] ? __rcu_read_unlock+0x5c/0x290 [ 742.818061][T31778] charge_memcg+0x51/0x1a0 [ 742.822598][T31778] __mem_cgroup_charge+0x25/0xa0 [ 742.827538][T31778] wp_page_copy+0x2f0/0x11e0 [ 742.832139][T31778] do_wp_page+0x4fb/0xa80 [ 742.836478][T31778] ? __rcu_read_unlock+0x5c/0x290 [ 742.841565][T31778] handle_mm_fault+0x975/0x1590 [ 742.846425][T31778] do_user_addr_fault+0x609/0xbe0 [ 742.851449][T31778] exc_page_fault+0x91/0x290 [ 742.856065][T31778] ? asm_exc_page_fault+0x8/0x30 [ 742.861010][T31778] asm_exc_page_fault+0x1e/0x30 [ 742.865855][T31778] RIP: 0033:0x7f2e21bd8d30 [ 742.870259][T31778] Code: 75 c8 48 89 d8 eb 0c 0f 1f 00 48 8b 78 f8 48 3b 38 74 21 48 89 c2 48 83 c0 08 49 39 c4 75 eb e9 ff fe ff ff 66 0f 1f 44 00 00 <47> 89 44 95 00 e9 b3 fe ff ff 49 39 d4 74 73 48 8d 72 10 4c 39 e6 [ 742.889932][T31778] RSP: 002b:00007ffca696e1c0 EFLAGS: 00010246 [ 742.895998][T31778] RAX: 0000000042e1f6c6 RBX: 00007f2e219a2008 RCX: 0000001b33120000 05:39:54 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xfbffffff, 0x0, 0x101) 05:39:54 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xfeffffff, 0x0, 0x101) 05:39:54 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000c000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:54 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 742.903962][T31778] RDX: 0000001b33120018 RSI: ffffffff8248bfac RDI: 0000000000000000 [ 742.912010][T31778] RBP: 0000000000000001 R08: 0000000042e1f6c6 R09: 0000001b3312001c [ 742.920006][T31778] R10: 00000000000016c6 R11: 0000000042e1f6ca R12: 0000000000000000 [ 742.927971][T31778] R13: 00007f2e21d32000 R14: ffffffff8248bfac R15: 00007f2e21d3dff0 [ 742.936005][T31778] ? __x64_sys_socket+0xc/0x50 [ 742.940830][T31778] ? __x64_sys_socket+0xc/0x50 [ 742.945708][T31778] memory: usage 307196kB, limit 307200kB, failcnt 1849 [ 742.952590][T31778] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 05:39:54 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f00000015c0)={0x0, r0, 0x1ff, 0xf3, 0x100000000, 0x2cb}) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [], 0x0, "2156816c73038c"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f00000005c0)={0x0, 0x0, "fa57f566941fc332d1e80f40e6da7e9bd61c8d4109c9e33eab5c06b109b3a954bb675d08c2d2b138ba7e550f2598e4dfbe5a82d7a02f54859425f57eeeea2810504428822859e5e02164c87c42ea03c09bf99c3ec434e07432a35591832b1d4aec1143fa80fa36af782cd2621ef76b8a36ba1e3f52de190e1e880b70b57f3f2319eccc0e0050abef58cb8a68b6e1bc7d83adbe617e6847855da237ee5ea6d1e0f0aa06412d20ada6b77635d2d5357f309b616f4507c49dadc72f06cb8bec79626e49da08c1005f89b8838246bea68d90d2559598e84a219b322b3217fabcb164b40e5316e47043fc6a618eea0c53376569fef4c625bee8824e9b8ccbcdb4cf11", "56dbba971f0fefcc1f238cad043032e60415a5df25bf91295db828e0d7573cfd320f2e34fbebf8a720836ee9debe5231da0e554382f27a9bb1552c3edc4073e0f4b908a09f9659d3d3f94570bf967a1f46992a9958cdaa73260ec359624a1b8ed20545cf191e140b05c898ce9109f5e5ee8c0d1406f851e736e1a99e77442f46e722c17e477658c2b726de853b26aa404a4ef3315b08b3d8b1fe213b7c485908a2c6bab4284a21518eed70f1359408b67e5c48c0f7bf7c453f005e2b2719eefaee92b0e5912556853472e01ec17fe8d2046f97fd7c224dd929a7b0badf80656b230c10df1bd3b194a8f62a022f470a8e78acda2e4717f7dadeafe717a63d9e5aa87e1eca12f9f765f1ef03610d36c3613aa93143fd4d740812a57ef70f89e6ea6e89bc13e52817340cd9736b7efac545c81bea1d30234dc644e311aeb9b625168e775a255d87bd5ace3239175fe693409d386a84bc7320bf0e6671ed6a168be0b4655c5c6a40ddea5a008d5e307fd85d979be8837a7525c514b972ed8af866fea7c13e46cf854d600dcec6885cd1c707e6167746136c6cd7b0a24feed67f4e2d68a333d353bfd02f1a9c02e1d775e597cdd6a62ee6cb9fb2d5ba0bbade47d703367892f7382491de63366ce862e1382e4cccabbf031930c63bb4b10437ad4cf7d3541b875648acb68f0b642d3d8d3ec6ea8c54963dbe0a9ff34fc70af3da4e4bbc985980e6bd4cc9af142e17b308ace4626d1bcc914100c3f0de6866d05610cc223b09bbfb81cfbbc6b9320eca641e7fd2b9ab5846115b2e2fc98ad7208d4edc29385ee68892b138d2981b7618b7aaec3b4c5fdd73f814882782024b4d630ae91c58cf8993ac3f3fe39a14751d9dfd90f55a45821bfb6a3ba383e164b56c7c0b6cc6d0e46f731c454982a250acdd29410cfd04c0384920ffb63a0ca2c9d0b2bcc0efb717dd6c403fd1f6130e85509f95c6923c8ba1fd33f63ddef6652cf304b79d12a6bf4dfbd6a57b6d899cc4d32cc690438d99ef8a0cc7bf0dd4e32d92281f510e4bf3365bdce8ed1a3aed2ae2ee9745c686768f0a205eb4b046e1769696e18da4407de05e0f998c6341fd9ffc90cca70459503f62028cca0d3f5531a2029b761352adf1e8c73535d1fd2ae6b929153cb93985dd495bf8637673128f30d0428ce398c72cf7a6042559ccba1f2b1cc7880467a6fe7f6c90e7baafc2b4b612536b5a1771d76b5e05782be4108110c444934d9bcdd608b452e4619223fe04876c19b26d2aaa3330771416ef605f7bb2452657e40107bd3961295b315b06d1f3b8b866226248f5a3ee32f0516c895d1050f42a74748afd2b4ea642e37e24103154fb23efa7cc7fe88ef7cb3c26e404509c538696203572c1eb5eed5b13942ad1d387ce895c1e3deb1996869630b5f5990f36c9545e60a3338d8a3c09106c790f573b789ada3660393bfab7921d565b2e64b733d327487f10e553971e1f4477ffc7443afc9175d14166c236f6a2376ad04f6821d356c722ae02e9e7d534d832b0fd6957418fcd89ffeb04c7a3b0a0cef6bacee079d68536979953ec64bf946d76d85fe1844e634b491ba416d263cb619a74c08726a9b3d72e4ee3e091b56692dce7809c08974fa5c37a0c17705d881d835a25c50bb33b06625f409fee0fedad57dc7e853e6c93b9f50bf945d14912b1bd2f051844965b5c7ecb71343b9ecf93472ca8c4b40720ca3d0ee9bab7001b22a026ae40a50aa337bb8b11d82ff293600fbd62236b069352b70a6e003d07f1be6cded08c8fc2a63e3da153a3285f0067b159ffeee032cba0e304849d4a8e600c0ed6e978043cd76a577719f01cbe115b12cb765ef321231f248b53dc34e2f3703d8f0bd2d4ec1c8198017396192334608a225db31509b1a30a9b1c24d4ff17c6c9f6c3f0cdd099eee8b49b4ba81a4736af835f0f5d593495d023fd95ea03bc243a1eddb832c4b066d71429e46b0305cefc1188133418917a0c631fe00b776e90a719a0b922e5e1aa9e26f17f29ff8d595f103dbe8d37abe10a87b90d590d3a0a74dfe0e62b3ceb004adcc6a9078600240428891c891b01b961f6f65644bcaf94d8da7a44918b0fd51d21707cdeb605a38ebad91b6a503ed3afd0a200388f6d45a63614462572c3ccb3e1669f5c44d8e4762445f3eed7b84a2d6f91a40fb1bc11b8a68473626b2ff6ef8946671b6f9f91600afad91fd1bbc0f84e42561700c361f765520d7e2993e40a8379aef0c80dc544c55e952ef22a079a2f8709c7cf18ce70c0ebb21275ade53095d726344179261e046f5eca0430d32ae26b2e69ff75759a67b73337a6d9457a23bb1bb42f7abbec7e59da4aa795f2cc994a1f87a36ed61d64325b69fb3a3f7cf64bf415e3aa1f8d1170e148ef6fe195a3ee9530cacd84132ef0b694126e427b5e741eccee7bb1e3d4c165348f87351ceff2980cd3e79b99c5afafc53df32f0845d7880bab4e8c7b587682dce031d3502938e0da66d388fdb380e5cfa656a033f0709010263cc52124bb53b2b82cb9d8ad2637e96ef696137b3d89894a3437159fa3cd42df45033e606a397a83356d05d943fe6837913fb80f4a9fe4c208774b09277249aa61d31f5989bd14127c4bef7883b7b5e18779a31552ed57d53167a8eed2af68c836ca286faecce4dd1590e9b43322b4954d88fd087c749aa16e874b43d387ed7a5a884111c5ab545ac5fed0ce00effda89fb84bf7502dc667282ef33f306443bc04f8f97b1848651a9f45db991a1ff42caa731651013eb2e2de579531ee97af77017d08723d4e10c8a73e6678f35e218813b5d0c08df329e5f65e4945d35e9c12a1e4ac21d8e4c856b7ff922826e3007a3cf6a51c119868bd8bd0f941a862df67bf33983a720d1d7a886127edfdca9d4a30b1a4010ae78f9eb976969e562ebdea93fbbf9d98c6a48a03962e0cf5e889f2741dddb9a4fcc48a58538e755521b56dda1ffa922ab5f02296b748ee0a5f01b7f0070934a0ae30d7de2f2d5517e0fc8ec6fd9ee80841c410205fd63a92e26125d9ee71ade3113714d40519301c4f915327ae92f7e19c45566266d68e9aeb88b0db51ee931f44d5e83ecf814a7cf1b80b6de47da98c7f20f16ec35d7a49f7335c8a74b8e42d2bbd1200cfdab3bf4e606e53c97885afcb42e3b6083a015f579625ec9be4bfa674f5e90d22622194a78d9c44ff332a9bd89bbfd7c3f794655b020ae9bf49df7d41df029634f6dd1c3bc7aa9ac90715fe5a88d89e2073e8d7d92cadecd36189f1071f8bbc04bf9b0bc9b818fc138666663f7716d4d56688376301a5852cc06f4d5e0398b90bdb05950194d87eef75543b80dcf65da87cc7552f8889f6d8d37a78fa5b47c3caa7b87e1a863e7c112bc58753675c91b7dd538d014ef225da79db71928bf94736fe7a07d5c1a629184fdce65e946c81dade5c2f85862293e0bddc97c55f4dcdae70fd01e495e983fbab7751335651342e48040131d33f8510f9d097e355515817b13029b1bf6a26b3e367b01209d3a2e9840dd574e4aef651d1f5f9496db16b024c0d894dd1f0ad2eadaa6bfacfbae7def06311924f2d5490f68457623fc4eeca0328f9a8170602e23a6127e25c7e4872ce10fd1168721db01b0854b13d672f3452617f87502d2af4469ed801d0c7ca227cb2fa2d52cbcdcdd4135990246d741e1a39e7d375a289324e985315b5bb974c3302e9957bd0cf230c87eda43e68c657ea252a359747bc8f1245889574e4a8eab7a4821c65b7f0211336ac16f220d3275633824aebe2eee47711a2161d8e8f7542f46291c736c407d1f4d8abe8edc01050337de4f361418d73e89188e8f505159c7a5d039b86f08d2f4b26810b3581618360e4fdc0993d23f901115cf375b02f5144128bd799599860c678e726ddd8bb1aa05c66c70c5d8848b2913ea0cf184290e7f811fdad429bc1cdee40e30e8a68296d54ca9dbd11d23982047753ae874c444c1f2d04a27abbc7688de4f45c4e22258e5f5e7fbc3b9636cad49794f36f6a36b2b916ac3dc90fb4ec13cdebddea2c44115a87ca96ca01f76fecf450fb316cb28095e9de5f62d211cbd933184bef8e2a503eb03f169ad6390be1767cdc883a40c2fe57e3831b1d19044ca82031e86886c36e3a3561ca76877a75232cc6f639af8e9783f0700fae54c470a6aed79a6b7bd7f6f66a45263a5b0d74b5a146953cd7a563066de9391508ebe2edcfabbfacce1a95e34117981c52b69e8dde9cec5eb5106133f0e573b6ff6a949c553babafa95919d43200b1a87546250d54a7b8b6184926e3895aec1a65e078f08c6e7d893f92cb8efb81a8ed1312004492173cd26d2a9f280922cd0aa2d1665ac9acc5397c6efddf982b555e22787b96b89746d330fa02440d750d0c8b2f14414800f5bb78bfff8b06596b77b920e7e388d2bcdb9056a3aab51e26c0864ed12bb93fc63494ac28adf0e0419d3439ae36b260bdbd9e2862a6225dc6b5de8dbc1eddac11db9cbf494f850d7861bcf2061c6feb54651b80f1c006032e9f89e10b9991a1e4117397610c2679a35d47a8d925614623cd6d646c72c7396932c149b1b31d679d806202dbfa4e2a794c5b908057d1789677515037fa9a3139ab52ffcc90aeb1c34392385b4c16decaebc8a281b12be4b0eea40ceae10af707839c4ef10dfa15b708ea962d1944cbe85f02f66860e6918419049d956614eb0ed83939940c791379bf3252285fc14746c60cb32d5acf7adb177d8ffad578f1c4b5259b60a174905360738d61ca506afe56bf1d6eb511614286a371d1fd3849f52d44a761caf1133be548e5204167c6f160438bc625d9408b0b80b4d92d4f6a9c0906c11ea3920182e34bfe86e1625ef3fc80b22451114c16478d55d5f58c4f1d2d4ed0bff1fa5a1798767508bb57d004260e75d65c95c20e97910981406c894cb52921dbf27150d44e1eab15ac88610fa23da2bf2e90a6a2dd42615abe7e69489250a738a188bae11c3bbf8b6c5c65a7c126c723f957a5eb73d129bb4bbd258c1eaf38483088c5502bc69a035426313162901103925490528fae4d9c9b037ee0f14ae5e4380ca63e52349980d77eac07618ed8c772a866712fd09486184535fe4631a05082957b29857097642dd52a9a39fc4aa9b5492c476ba99a70ea253c846336370dfb238eea82186e00cc7ee137084045ecf3e22ee6a910e70d2a6435d09332a9e590d19f7a08797e937158a5c9be818158d63ad8d4b3dd4e429357706a7f2c95f46c5207088f068ce0dc4ff7c7d74d35b448c4b736a8ee1920bdda7e918b75e0a18f9b5cf7a343b9b67121ae2680eed7578e522f0e7376805237094e16ee2ffac19cdaa1813e9d8bb0dfccf7cb058456c4a88cdd1ffc9c2d80916f8b0531a232"}) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008007622875340eb4c0bce472b13c5b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb89ff030000000000005ac289be0900"/74, @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="570000006f0200060004040400000300000000000000200000000007000000000000008001000000ff7f0000000000004000000000030000000000000004030000000000000600afd9ec6d2ba8800a0000000000000000"], 0x57) 05:39:54 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xff010000, 0x0, 0x101) 05:39:54 executing program 0: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)) r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) lseek(r2, 0x7ffffc, 0x0) write$binfmt_elf64(r2, &(0x7f0000001700)=ANY=[], 0xfd14) r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000140)='1', 0x1}], 0x1) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x100, 0x0}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000000640)={0x7fff, 0x8, 0x0, 'queue1\x00', 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000058c40)={0xffffffffffffffff, [{}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) r8 = accept$inet(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, &(0x7f0000000280)=0x10) ioctl$sock_SIOCGPGRP(r8, 0x8904, &(0x7f00000002c0)) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000240)={0x0, 0xdd4b, 0x1539, 0x4, 0x3, 0x3ff}) fallocate(r0, 0x100000003, 0x0, 0x28120001) r9 = syz_open_procfs(0x0, &(0x7f0000000080)='net/arp\x00') preadv(r9, &(0x7f0000000500)=[{&(0x7f0000000140)=""/144, 0x90}], 0x1, 0x182, 0x0) [ 742.959441][T31778] Memory cgroup stats for /syz2: [ 742.960875][T31778] anon 2093056 [ 742.960875][T31778] file 306561024 [ 742.960875][T31778] kernel_stack 360448 [ 742.960875][T31778] pagetables 2371584 [ 742.960875][T31778] percpu 0 [ 742.960875][T31778] sock 0 [ 742.960875][T31778] shmem 306561024 [ 742.960875][T31778] file_mapped 0 [ 742.960875][T31778] file_dirty 0 [ 742.960875][T31778] file_writeback 0 [ 742.960875][T31778] swapcached 0 [ 742.960875][T31778] inactive_anon 5361664 [ 742.960875][T31778] active_anon 303280128 05:39:54 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xffffff7f, 0x0, 0x101) [ 742.960875][T31778] inactive_file 0 [ 742.960875][T31778] active_file 0 [ 742.960875][T31778] unevictable 12288 [ 742.960875][T31778] slab_reclaimable 1286640 [ 742.960875][T31778] slab_unreclaimable 1485272 [ 742.960875][T31778] slab 2771912 [ 742.960875][T31778] workingset_refault_anon 0 [ 742.960875][T31778] workingset_refault_file 1 [ 742.960875][T31778] workingset_activate_anon 0 [ 742.960875][T31778] workingset_activate_file 0 [ 742.960875][T31778] workingset_restore_anon 0 05:39:54 executing program 0: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)) r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) lseek(r2, 0x7ffffc, 0x0) write$binfmt_elf64(r2, &(0x7f0000001700)=ANY=[], 0xfd14) r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000140)='1', 0x1}], 0x1) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x100, 0x0}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000000640)={0x7fff, 0x8, 0x0, 'queue1\x00', 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000058c40)={0xffffffffffffffff, [{}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) r8 = accept$inet(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, &(0x7f0000000280)=0x10) ioctl$sock_SIOCGPGRP(r8, 0x8904, &(0x7f00000002c0)) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000240)={0x0, 0xdd4b, 0x1539, 0x4, 0x3, 0x3ff}) fallocate(r0, 0x100000003, 0x0, 0x28120001) r9 = syz_open_procfs(0x0, &(0x7f0000000080)='net/arp\x00') preadv(r9, &(0x7f0000000500)=[{&(0x7f0000000140)=""/144, 0x90}], 0x1, 0x182, 0x0) 05:39:54 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xfffffff4, 0x0, 0x101) [ 743.054762][T31778] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=31748,uid=0 [ 743.070022][T31778] Memory cgroup out of memory: Killed process 31748 (syz-executor.2) total-vm:85348kB, anon-rss:460kB, file-rss:35824kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000 [ 743.088249][ T25] oom_reaper: reaped process 31748 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 05:39:54 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09009d7e8d0f5b8783cbdfd4173b057bd0276777571de605d347688b73a26c1115dcbdb72c420d7bea90d5125a72fd62b596fc4b97a1534bd3e9f1e90f9372813d2fe92419d64448bf1ba4769672", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0), r0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) signalfd4(0xffffffffffffffff, &(0x7f0000000640)={[0x6]}, 0x8, 0x80000) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 743.145918][ C0] sd 0:0:1:0: tag#5573 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 743.155768][ C0] sd 0:0:1:0: tag#5573 CDB: opcode=0xe5 (vendor) [ 743.162155][ C0] sd 0:0:1:0: tag#5573 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 743.171225][ C0] sd 0:0:1:0: tag#5573 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 743.180259][ C0] sd 0:0:1:0: tag#5573 CDB[20]: ba [ 743.188581][ T306] loop5: detected capacity change from 0 to 131456 05:39:54 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$nl_generic(0x10, 0x3, 0x10) fgetxattr(r0, &(0x7f0000000100)=@known='system.sockprotoname\x00', 0x0, 0x0) r1 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) r2 = syz_open_dev$vcsu(&(0x7f00000001c0), 0xf2b, 0x2) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000200)='+^\x00', &(0x7f0000000240)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) dup3(r0, r1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x5, &(0x7f0000000040)=[{0x7f, 0x4, 0xfe, 0x4}, {0x3, 0xfb, 0x4, 0x4ec2378d}, {0x3f, 0x0, 0x81, 0x3}, {0x2, 0x40, 0x1, 0x8}, {0x200, 0x1, 0x7, 0xe356}]}) 05:39:54 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xfffffffb, 0x0, 0x101) [ 743.196658][T32663] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 0 (only 8 groups) [ 743.226076][ T306] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2074/file0 supports timestamps until 2038 (0x7fffffff) [ 743.274957][ T354] loop4: detected capacity change from 0 to 131456 05:39:55 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000d000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:55 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xfffffffe, 0x0, 0x101) [ 743.361168][ T354] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2122/file0 supports timestamps until 2038 (0x7fffffff) [ 743.399961][ T23] audit: type=1326 audit(1635831595.080:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e21c2aae9 code=0x7ffc0000 [ 743.424362][ T23] audit: type=1326 audit(1635831595.100:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2e21c2aae9 code=0x7ffc0000 05:39:55 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c3a0325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 743.448365][ T23] audit: type=1326 audit(1635831595.100:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e21c2aae9 code=0x7ffc0000 [ 743.448461][ T23] audit: type=1326 audit(1635831595.100:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e21c2aae9 code=0x7ffc0000 [ 743.448559][ T23] audit: type=1326 audit(1635831595.100:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f2e21c2aae9 code=0x7ffc0000 [ 743.448583][ T23] audit: type=1326 audit(1635831595.100:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e21c2aae9 code=0x7ffc0000 [ 743.448604][ T23] audit: type=1326 audit(1635831595.100:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e21c2aae9 code=0x7ffc0000 [ 743.448625][ T23] audit: type=1326 audit(1635831595.100:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f2e21c2aae9 code=0x7ffc0000 05:39:55 executing program 0: r0 = getpgid(0x0) r1 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(0xffffffffffffffff, 0x0, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$sg(&(0x7f0000000100), 0x9, 0x10000) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x100) r4 = socket$inet(0x2, 0x3, 0x1) r5 = dup(r4) r6 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) sendmmsg$unix(r5, &(0x7f00000015c0)=[{{&(0x7f0000001280)=@abs, 0x6e, &(0x7f0000001440)=[{&(0x7f0000001300)='ru', 0x2}], 0x1, &(0x7f0000000240)=ANY=[@ANYRESHEX=r6, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="5412507dae"], 0x30}}], 0x1, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000780)) sched_setattr(r0, &(0x7f0000000140)={0x38, 0x1, 0x21, 0xb7, 0x0, 0x0, 0x4, 0x0, 0x3e0000, 0x8}, 0x0) writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000003190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) writev(r2, &(0x7f00000001c0)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06008603010000004500003825000000190004000400ad000200000000000006040000000000000000", 0x39}], 0x1) [ 743.448644][ T23] audit: type=1326 audit(1635831595.100:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e21c2aae9 code=0x7ffc0000 [ 743.497895][ T698] loop5: detected capacity change from 0 to 131456 [ 743.520384][ T23] audit: type=1326 audit(1635831595.100:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e21c2aae9 code=0x7ffc0000 05:39:55 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x4000000000000, 0x0, 0x101) [ 743.684103][ T698] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 743.706952][ T770] loop4: detected capacity change from 0 to 131456 [ 743.713913][ T698] System zones: 1-2, 19-19, 35-38, 46-46 05:39:55 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000e000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:55 executing program 2: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) socket$inet6(0xa, 0x6, 0xffeffffc) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000100)=0x2e4, 0x4) connect$inet6(r0, &(0x7f0000004540)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x2000000, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c910ccab00220bc31d41e44f96f67971b8ed8a3dc9eb4133a903d58da02dd1eca653150422bc91e9585fbf8", 0x57}, {&(0x7f00000011c0)="7cc3be44ec866303c11f9ec49c2fe80d4ccef580f3bf717b5e129f1dc7766fdf864b7bc35924f34bb5fd1dd89172a4b0db90eea51bdfec78bb53e8d41773cba7f1305a8a40b7368445a71ef7870273f1544930baf73a8bfa6ece09d54376b821b65fdf1e0704f1f3c5a823fa67f635159af010053f5b909f8e944c43d6fb1c4fca639b470d3e6ad140d0838958ecf0fc98a780205474fdeb93a97d27b4f3314a9585129aaec893d7fe36d87fd746841ac5c60b31e1732a1a3ca0afcc4068cdde63b142700c563c1ab59dc0b7200723bf21c694583ed8fed1b2bc5c204df3812c223ce0de2f40b69e7f4e8ba1c3ebc31de2f4190e3f1ceb", 0xf7}, {&(0x7f00000012c0), 0x80fe}, {&(0x7f0000000280)="0c22fcc306e8a4d628dc3f33cd1758b784d34ef62ecd943b96c5573b05e34886b55503a08eeac42aafc204e9fec654b4b0853f4c32d8d6f8968a96b81710a9ed49ae96ea22eb07accdc99ed31fb48b921b4c9af7278829eb32247169da3593e5e73371e82e3558cd87b9c876b91e091e933496ae3a6b5a00a79f50110980c83af2fd44e0f08908f806be4146080def894a3ac87c3d214e32b0e031c8873b6ed3cdb9c160ee236576cb5a749ee356d4f5df961b35ec3667bcfa641e2c812a5eefbd78546783b6bd280dc4ec1cd015bee7d07f0993d6", 0xd5}, {&(0x7f0000001440)="7b18908bcd34b2f4eef2193c5f89bb79551b5d7000ccc31628374b03e7f0b8bbfe45", 0x22}], 0x5, 0x0, 0x0, 0xffffffe0}}], 0x400000000000132, 0x4000000) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x2f, 0xec, 0xff, 0x1, 0x2, @mcast2, @mcast2, 0x80, 0x700, 0x7, 0x3}}) [ 743.724249][ T698] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2075/file0 supports timestamps until 2038 (0x7fffffff) [ 743.728785][ C1] sd 0:0:1:0: tag#5582 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 743.748329][ C1] sd 0:0:1:0: tag#5582 CDB: opcode=0xe5 (vendor) [ 743.754670][ C1] sd 0:0:1:0: tag#5582 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 743.763713][ C1] sd 0:0:1:0: tag#5582 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 743.772767][ C1] sd 0:0:1:0: tag#5582 CDB[20]: ba [ 743.801395][ T770] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 743.812691][ T770] System zones: 1-2, 19-19, 35-38, 46-46 [ 743.830134][ T770] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2123/file0 supports timestamps until 2038 (0x7fffffff) 05:39:55 executing program 2: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) socket$inet6(0xa, 0x6, 0xffeffffc) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000100)=0x2e4, 0x4) connect$inet6(r0, &(0x7f0000004540)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x2000000, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c910ccab00220bc31d41e44f96f67971b8ed8a3dc9eb4133a903d58da02dd1eca653150422bc91e9585fbf8", 0x57}, {&(0x7f00000011c0)="7cc3be44ec866303c11f9ec49c2fe80d4ccef580f3bf717b5e129f1dc7766fdf864b7bc35924f34bb5fd1dd89172a4b0db90eea51bdfec78bb53e8d41773cba7f1305a8a40b7368445a71ef7870273f1544930baf73a8bfa6ece09d54376b821b65fdf1e0704f1f3c5a823fa67f635159af010053f5b909f8e944c43d6fb1c4fca639b470d3e6ad140d0838958ecf0fc98a780205474fdeb93a97d27b4f3314a9585129aaec893d7fe36d87fd746841ac5c60b31e1732a1a3ca0afcc4068cdde63b142700c563c1ab59dc0b7200723bf21c694583ed8fed1b2bc5c204df3812c223ce0de2f40b69e7f4e8ba1c3ebc31de2f4190e3f1ceb", 0xf7}, {&(0x7f00000012c0), 0x80fe}, {&(0x7f0000000280)="0c22fcc306e8a4d628dc3f33cd1758b784d34ef62ecd943b96c5573b05e34886b55503a08eeac42aafc204e9fec654b4b0853f4c32d8d6f8968a96b81710a9ed49ae96ea22eb07accdc99ed31fb48b921b4c9af7278829eb32247169da3593e5e73371e82e3558cd87b9c876b91e091e933496ae3a6b5a00a79f50110980c83af2fd44e0f08908f806be4146080def894a3ac87c3d214e32b0e031c8873b6ed3cdb9c160ee236576cb5a749ee356d4f5df961b35ec3667bcfa641e2c812a5eefbd78546783b6bd280dc4ec1cd015bee7d07f0993d6", 0xd5}, {&(0x7f0000001440)="7b18908bcd34b2f4eef2193c5f89bb79551b5d7000ccc31628374b03e7f0b8bbfe45", 0x22}], 0x5, 0x0, 0x0, 0xffffffe0}}], 0x400000000000132, 0x4000000) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x2f, 0xec, 0xff, 0x1, 0x2, @mcast2, @mcast2, 0x80, 0x700, 0x7, 0x3}}) 05:39:55 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c3b0325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:55 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x80000000000000, 0x0, 0x101) [ 743.898684][ T979] loop5: detected capacity change from 0 to 131456 [ 743.937698][ T979] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] 05:39:55 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000c80)={0x3, &(0x7f0000000c40)=[{0x20, 0x0, 0x0, 0xfa0c}, {0x54}, {0x6}]}, 0x10) r3 = dup2(r1, r0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r3, @ANYBLOB="040000000000000f2e2f66696c653000"]) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r3, 0xc0189375, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) r7 = accept$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000340)=0x14) r8 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r8, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r8, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) sendmsg$unix(r1, &(0x7f0000000400)={&(0x7f0000000000)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000140)=[{&(0x7f00000001c0)="1e8c17d0864fe85e6895d7df05ed905a3e122c787b4eac59139fd7520b138de0674ea5e8eca6973f84c2d1e424e200ee5c9f664ea2964d79e312eed9435c3632e33d4035dee495927121d0d0dd8dc67fd7166004af95f9d958a00b5fad4373a99c1394a6ed17195fe87c10df43926fbd227548d3bd45bf08319071cd368b8f1432310ba55ae9b7d35235df34dee03b049335dd813678d34b1343bce7542bd4", 0x9f}, {&(0x7f0000000080)="0e965959d27d2f2974e0e0d9071c5c6e2e2cf7cd9f592d85d1e7b73ec85587ee766af1e3f0ef27da90dfe05c91f631ee65e863050febc4c7d3d11af7fbdf69f38ea307d1c62112092d4aeb0d8112c5b44de877afbdee397b4e893338a1d83a575c0f7a71bab17b5864e57121587154", 0x6f}], 0x2, &(0x7f0000000380)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff, r4]}}, @rights={{0x10}}, @rights={{0x24, 0x1, 0x1, [r0, r5, r6, r7, r8]}}], 0x70, 0x4008000}, 0x40580d4) sendto$inet(r0, &(0x7f0000000100)='J', 0x1, 0x4095, 0x0, 0x0) [ 743.965707][ T984] loop4: detected capacity change from 0 to 131456 [ 743.981397][ T979] System zones: 1-2, 19-19, 35-38, 46-46 [ 744.007233][ T979] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2076/file0 supports timestamps until 2038 (0x7fffffff) 05:39:55 executing program 2: r0 = signalfd(0xffffffffffffffff, &(0x7f0000000100)={[0x1f]}, 0x8) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = dup2(r1, r2) perf_event_open$cgroup(&(0x7f0000000080)={0x3, 0x80, 0x19, 0x5, 0x20, 0x0, 0x0, 0x0, 0x10, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001, 0x2, @perf_bp={&(0x7f0000000000), 0x6}, 0x4780a, 0x211, 0xfffffc01, 0x6, 0xa9, 0x9, 0x4, 0x0, 0x80000001, 0x0, 0x8}, r0, 0xc, r1, 0x8) r4 = syz_io_uring_setup(0x183, &(0x7f00000002c0), &(0x7f0000148000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) r7 = socket$inet(0x2, 0x4000000000000001, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000280)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r7, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @private}}, 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000480)={{0x1, 0x1, 0x18, r4, {0x2}}, './file0\x00'}) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f00000003c0)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) ppoll(&(0x7f0000000180)=[{r1}, {0xffffffffffffffff, 0x400}, {r0, 0x8200}], 0x3, &(0x7f0000000400), &(0x7f0000000440)={[0x9]}, 0x8) io_uring_enter(r4, 0x45f5, 0x0, 0xd7ffffff00000000, 0x0, 0x0) 05:39:55 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x100000000000000, 0x0, 0x101) 05:39:55 executing program 0: set_mempolicy(0x3, &(0x7f0000000040)=0x10001, 0x80) unshare(0x48040480) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r1, r2) setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000000)=0x1000, 0x4) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff06000000010000004500000025000000040014c04800000007fd17e5ffff0606040000000000000000", 0x39}], 0x1) 05:39:55 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000f000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 744.057447][ T984] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 744.085800][ T984] System zones: 1-2, 19-19, 35-38, 46-46 [ 744.097796][ T984] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2124/file0 supports timestamps until 2038 (0x7fffffff) 05:39:55 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x101000000000000, 0x0, 0x101) [ 744.177668][ T1194] netlink: 21 bytes leftover after parsing attributes in process `syz-executor.0'. [ 744.188150][ T1278] loop5: detected capacity change from 0 to 131456 05:39:55 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c3c0325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 744.245313][ T1278] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 744.291102][ T1278] System zones: 1-2, 19-19, 35-38, 46-46 [ 744.316875][ T1426] loop4: detected capacity change from 0 to 131456 05:39:56 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="00000000000000002e2f66696c650c14"]) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x800, 0x0, &(0x7f0000000540), 0x81, &(0x7f00000001c0)={[{@nomblk_io_submit}]}) 05:39:56 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x200000000000000, 0x0, 0x101) 05:39:56 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0410000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 744.365232][ T1278] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2077/file0 supports timestamps until 2038 (0x7fffffff) [ 744.387430][ T1426] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 744.395421][ T1426] System zones: 1-2, 19-19, 35-38, 46-46 [ 744.404299][ T1506] loop2: detected capacity change from 0 to 4 [ 744.438064][ T1426] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2125/file0 supports timestamps until 2038 (0x7fffffff) [ 744.452746][ T1506] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 05:39:56 executing program 0: unshare(0x4a060480) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x402, 0x0, &(0x7f00000003c0), 0x0, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x8) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000240)='./file0\x00', 0x7f, 0x4, &(0x7f0000000580)=[{&(0x7f0000000280)="eab6a60815125d73831e18212640b9a40fc39881525dd98e6cc556e8a19ba3d3c8c70edc43227a72e6e86b5893742c0383ce05f3fad3a8eb2b4c6e16649f3425eebdf2a2a0f5a6dc9b2fc24e2c500b9b911134d10b19a0ce1d8fdd08ed4e5c9a842cf136b75169b825fd9571d6338dbfc004348d08ea7a57b1702bfb503c76c9852d8414bf3ea683e49cae3edbddc779e1813ea0821e2b152d4ea245518361783eaf76d8d6c53b5af8b93f42454199cff432167b829c6af6e58b5b4e7d42437bb3e274296632d42e75f9dbee1b18b88ab8", 0xd1, 0x10001}, {&(0x7f0000000440)="027d1ae85790a1ac203cc4b44e1d57cfafbacb858afa791220a350332c3b4e7023f94ef6f738812be6c90f4bcf9ca365aaeaff0f33317a3614bae6cadd8037684f525fd9d2899e335184de4e36c1eca7311de1df4f5deb961982c01eac6e8b1e665899d1038769775a509faafb8a8afce960be420982ab1399044ea7abd61dd288f3029ac9aba62c888327dcabbe6ce8d2cbd5f2cca1bd01", 0x98, 0x6}, {&(0x7f0000000500)="85608af7e51b0666b5df63666e7147bff337b07e4c96ddfa413ff9eed287f1871e8e46e27c5fd442d240f4f0e1e436921f8ccca496", 0x35, 0x3}, {&(0x7f0000000540)}], 0x2092, &(0x7f0000000600)={[{@shortname_mixed}], [{@fowner_gt={'fowner>', 0xffffffffffffffff}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}]}) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x2e9, 0x1f4) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x9, 0x7, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {0x0, r5}, {}, {}, {r4}, {}, {}, {0x0, r5}, {}, {r4}, {0x0, r5}, {}, {}, {0x0, r5}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {r4}, {}, {}, {r4}, {}, {r3}, {}, {}, {0x0, r5}, {}, {}, {0x0, r5}, {}, {}, {0x0, r5}, {r4}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {r4}, {0x0, r5}, {r4}, {}, {}, {0x0, r5}, {0x0, r5}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {0x0, r5}, {}, {r4}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {0x0, r5}, {r3, r5}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {r3}, {r3}, {}, {}, {0x0, r5}, {0x0, r5}, {0x0, r5}, {0x0, r5}, {}, {}, {r3}, {r3}, {}, {}, {r3}, {0x0, r5}, {}, {}, {0x0, r5}, {0x0, r5}, {0x0, r5}, {r4, r5}, {}, {}, {}, {}, {}, {r3, r5}, {r4, r5}, {0x0, r5}, {}, {}, {r4}, {}, {}, {}, {}, {r4, r5}, {}, {0x0, r5}, {}, {0x0, r5}, {}, {}, {}, {r4}, {0x0, r5}, {r4}, {}, {}, {}, {}, {}, {r3, r5}, {r4, r5}, {}, {0x0, r5}, {}, {r4}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {r4}, {r3}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {r4}, {0x0, r5}, {}, {r4, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {r3}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {0x0, r5}, {}, {r4}, {}, {}, {}, {r3, r5}, {}, {}, {r4}, {r3, r5}, {}, {}, {}, {r4}, {r4}, {r3}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {r3, r5}], 0x0, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0xfffffffffffffffe, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}], 0x1, "2156816c73038c"}) ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x0, @l2tp={0x2, 0x0, @private}, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, @hci={0x1f, 0x0, 0x4}, 0xcd6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8914, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x04\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') 05:39:56 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x400000000000000, 0x0, 0x101) [ 744.487920][ T1573] loop5: detected capacity change from 0 to 131456 05:39:56 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}}, 0x0) sendmsg$NL80211_CMD_DISASSOCIATE(r1, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x3c, 0x0, 0x200, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x5}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x8000}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x80) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:39:56 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c3d0325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 744.568771][ T1573] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2078/file0 supports timestamps until 2038 (0x7fffffff) [ 744.585293][ T1612] loop0: detected capacity change from 0 to 2 05:39:56 executing program 2: set_mempolicy(0x3, &(0x7f0000000040)=0x1, 0x4) r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) set_mempolicy(0x4000, &(0x7f0000000200)=0x31b, 0x7) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='}%)[-\x00', &(0x7f00000001c0)='/-@\x00', 0x0) [ 744.624156][ C1] sd 0:0:1:0: tag#5592 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 744.634001][ C1] sd 0:0:1:0: tag#5592 CDB: opcode=0xe5 (vendor) [ 744.640342][ C1] sd 0:0:1:0: tag#5592 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 744.649370][ C1] sd 0:0:1:0: tag#5592 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 744.658399][ C1] sd 0:0:1:0: tag#5592 CDB[20]: ba [ 744.666267][ T1612] device lo entered promiscuous mode 05:39:56 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x500000000000000, 0x0, 0x101) 05:39:56 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce2010000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:56 executing program 2: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x24, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff5a2c}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x10) link(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300)='./file0\x00') ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000000a80)={0x6, [{}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0xcb, "bdd19aeb1d192b"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001a80)={{r1, 0x1, 0x4, 0x80000000, 0xa1, 0xfffffffffffffffb, 0x20, 0x0, 0x4, 0xffffffff, 0x101, 0x18e0baca, 0x7ff, 0x1, 0x81}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {0x0}], 0x1, "060cd6bed5f770"}) r5 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}], 0x0, "2156816c73038c"}) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_io_uring_setup(0x2b2d, &(0x7f0000000140), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000040)) io_uring_enter(r7, 0x450e, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [], 0x1, "060cd6bed5f770"}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$tmpfs(0x20100000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="85a096cf2913ab7f444126501bce2c32887d544f4e5bedc0b16f2909866c248990d7775a66ca01a359a3c1ec6fe6fd9ff5808b9638e024844cdc1ce13b0f2b2233137b35ea850a585f13e3b0afa4df1cc9743927304d304bbae5cd90c865266376e44f96ad4ba3a3c0b3bf13e7086b5dadbabc3526"]) setxattr$incfs_id(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)={'0000000000000000000000000000000', 0x32}, 0x20, 0x1) clone(0x52004400, &(0x7f0000000180)="08b5dfca315700ce487880a9c272d9875bb2e99ac5bc700ddda7c1a3b4e0010ed23c66d4d9", &(0x7f0000000280), 0x0, 0x0) r8 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) preadv(r8, &(0x7f0000000a00)=[{&(0x7f0000000500)=""/197, 0xc5}, {&(0x7f0000000600)=""/238, 0xee}, {&(0x7f0000000700)=""/187, 0xbb}, {&(0x7f00000007c0)=""/118, 0x76}, {&(0x7f0000000840)=""/136, 0x88}, {&(0x7f0000000900)=""/213, 0xd5}], 0x6, 0x9, 0x6b300) [ 744.852932][ T1942] loop4: detected capacity change from 0 to 131456 [ 744.887560][ T1942] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2126/file0 supports timestamps until 2038 (0x7fffffff) 05:39:56 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{}, {0x3}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe(&(0x7f0000000000)) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:39:56 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x600000000000000, 0x0, 0x101) [ 744.909245][ C0] sd 0:0:1:0: tag#5596 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 744.919118][ C0] sd 0:0:1:0: tag#5596 CDB: opcode=0xe5 (vendor) [ 744.925447][ C0] sd 0:0:1:0: tag#5596 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 744.934497][ C0] sd 0:0:1:0: tag#5596 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 744.943613][ C0] sd 0:0:1:0: tag#5596 CDB[20]: ba 05:39:56 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c520325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:56 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x800000000000000, 0x0, 0x101) [ 745.081073][ T2030] tmpfs: Unknown parameter ')DA&P,2}TON[o) l$wZfYo8$L;+"3{5 [ 745.081073][ T2030] X_㰯t9'0M0K͐e&cvOKk]5&' [ 745.113814][ T2237] loop5: detected capacity change from 0 to 131456 05:39:56 executing program 0: r0 = syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r3}}, 0x0) r4 = io_uring_setup(0x1de9, &(0x7f0000000000)={0x0, 0x9, 0x0, 0x2, 0x124, 0x0, r0}) io_uring_register$IORING_REGISTER_PROBE(r4, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00'/286], 0x22) io_uring_enter(r0, 0x2fb, 0x0, 0x0, 0x0, 0x0) 05:39:56 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x10200) clock_gettime(0x0, &(0x7f0000000100)) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) r3 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000001a00)={0x0, 0xfffffffffffffffc, 0x43, 0x4, @buffer={0x0, 0x3d, &(0x7f00000000c0)=""/61}, &(0x7f0000001840)="d323a5125824fa0f0bc798641a7fd579295c80edce15b8f55eca874ac29078e87ee2ecb00688d51a9f61d1b8f64a7625fe9b358e64a37b58b35ad718aeecddf265b3be", &(0x7f00000018c0)=""/230, 0x7, 0x10000, 0x0, &(0x7f00000019c0)}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000017c0)={0x53, 0xfffffffffffffffc, 0x6, 0x1, @scatter={0x3, 0x0, &(0x7f00000016c0)=[{&(0x7f00000005c0)=""/63, 0x3f}, {&(0x7f0000000600)=""/173, 0xad}, {&(0x7f00000006c0)=""/4096, 0x1000}]}, &(0x7f0000001700)="6921fa5e9fc0", &(0x7f0000001740)=""/23, 0x8001, 0x6b, 0x1, &(0x7f0000001780)}) 05:39:56 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x900000000000000, 0x0, 0x101) 05:39:56 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0011000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 745.142432][ T2237] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2079/file0 supports timestamps until 2038 (0x7fffffff) [ 745.154783][ T2319] loop4: detected capacity change from 0 to 131456 [ 745.198323][ T2030] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 745.210658][ T2030] CPU: 1 PID: 2030 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 745.218983][ T2030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 745.229170][ T2030] Call Trace: [ 745.232448][ T2030] dump_stack_lvl+0xd6/0x122 [ 745.237044][ T2030] dump_stack+0x11/0x1b [ 745.241202][ T2030] dump_header+0x98/0x410 [ 745.245528][ T2030] oom_kill_process+0x18e/0x3f0 [ 745.250377][ T2030] out_of_memory+0x5ed/0x890 [ 745.254965][ T2030] mem_cgroup_oom+0x484/0x520 [ 745.259642][ T2030] try_charge_memcg+0x736/0xa10 [ 745.264491][ T2030] ? __rcu_read_unlock+0x5c/0x290 [ 745.269513][ T2030] ? __rcu_read_unlock+0x5c/0x290 [ 745.274540][ T2030] obj_cgroup_charge_pages+0xce/0x210 [ 745.279914][ T2030] __memcg_kmem_charge_page+0x1e3/0x2d0 [ 745.285456][ T2030] __alloc_pages+0x1b7/0x330 [ 745.290067][ T2030] alloc_pages+0x382/0x3d0 [ 745.294494][ T2030] __pmd_alloc+0x47/0x330 [ 745.298831][ T2030] ? __pud_alloc+0x13b/0x170 [ 745.303441][ T2030] copy_page_range+0x6a5/0x8f0 [ 745.308223][ T2030] ? kcsan_setup_watchpoint+0x94/0x3f0 [ 745.313684][ T2030] dup_mmap+0x6eb/0xa60 [ 745.317835][ T2030] dup_mm+0x7c/0x210 [ 745.321728][ T2030] copy_process+0x14aa/0x2f30 [ 745.326405][ T2030] kernel_clone+0x15c/0x6a0 [ 745.330922][ T2030] __x64_sys_clone+0xc6/0xf0 [ 745.335514][ T2030] do_syscall_64+0x44/0xa0 [ 745.339932][ T2030] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 745.345824][ T2030] RIP: 0033:0x7f2e21c2aae9 [ 745.350233][ T2030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 745.369836][ T2030] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 745.378250][ T2030] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 745.386216][ T2030] RDX: 0000000020000280 RSI: 0000000020000180 RDI: 0000000052004400 [ 745.394188][ T2030] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 745.402155][ T2030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.410126][ T2030] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 745.418164][ T2030] memory: usage 307200kB, limit 307200kB, failcnt 1908 [ 745.425154][ T2030] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 745.432144][ T2030] Memory cgroup stats for /syz2: [ 745.457623][ T2319] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2127/file0 supports timestamps until 2038 (0x7fffffff) [ 745.484377][ T7171] loop5: detected capacity change from 0 to 131456 05:39:57 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r2, r1, &(0x7f00000005c0)=0x1, 0x101) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000600)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x8004) ppoll(&(0x7f0000000000)=[{r4, 0x1c8}], 0x1, &(0x7f00000000c0)={r5, r6+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 745.540150][ T2030] anon 2101248 [ 745.540150][ T2030] file 306561024 [ 745.540150][ T2030] kernel_stack 376832 [ 745.540150][ T2030] pagetables 2383872 [ 745.540150][ T2030] percpu 0 [ 745.540150][ T2030] sock 0 [ 745.540150][ T2030] shmem 306561024 [ 745.540150][ T2030] file_mapped 0 [ 745.540150][ T2030] file_dirty 0 [ 745.540150][ T2030] file_writeback 0 [ 745.540150][ T2030] swapcached 0 [ 745.540150][ T2030] inactive_anon 5369856 [ 745.540150][ T2030] active_anon 303280128 [ 745.540150][ T2030] inactive_file 0 [ 745.540150][ T2030] active_file 0 [ 745.540150][ T2030] unevictable 12288 [ 745.540150][ T2030] slab_reclaimable 1261440 [ 745.540150][ T2030] slab_unreclaimable 1461776 [ 745.540150][ T2030] slab 2723216 [ 745.540150][ T2030] workingset_refault_anon 0 [ 745.540150][ T2030] workingset_refault_file 1 [ 745.540150][ T2030] workingset_activate_anon 0 [ 745.540150][ T2030] workingset_activate_file 0 [ 745.540150][ T2030] workingset_restore_anon 0 [ 745.540460][ T7171] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] 05:39:57 executing program 0: rseq(&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x6}, 0x20, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000002880)=0x3f, 0x4) r1 = socket$inet(0x2, 0x6000000000000003, 0x6) sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x10) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x202, &(0x7f00000003c0)=0x0) io_submit(r3, 0x1801, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x3a5, 0x2, 0x1, 0x0, r2, &(0x7f0000000000), 0x16000}]) 05:39:57 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xc00000000000000, 0x0, 0x101) [ 745.629401][ T2030] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=19444,uid=0 [ 745.652625][ T2030] Memory cgroup out of memory: Killed process 19444 (syz-executor.2) total-vm:85216kB, anon-rss:420kB, file-rss:35764kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 745.671363][ T25] oom_reaper: reaped process 19444 (syz-executor.2), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB [ 745.697433][ T7171] System zones: 1-2, 19-19, 35-38, 46-46 [ 745.703646][ T7171] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2080/file0 supports timestamps until 2038 (0x7fffffff) [ 745.756516][ T2030] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 745.768709][ T2030] CPU: 0 PID: 2030 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 745.777037][ T2030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 745.787106][ T2030] Call Trace: [ 745.790379][ T2030] dump_stack_lvl+0xd6/0x122 [ 745.794986][ T2030] dump_stack+0x11/0x1b [ 745.799148][ T2030] dump_header+0x98/0x410 [ 745.803475][ T2030] oom_kill_process+0x18e/0x3f0 [ 745.808312][ T2030] out_of_memory+0x5ed/0x890 [ 745.812889][ T2030] ? mem_cgroup_iter+0x29b/0x370 [ 745.817812][ T2030] mem_cgroup_oom+0x484/0x520 [ 745.822471][ T2030] try_charge_memcg+0x736/0xa10 [ 745.827302][ T2030] ? __rcu_read_unlock+0x5c/0x290 [ 745.832308][ T2030] ? __rcu_read_unlock+0x5c/0x290 [ 745.837317][ T2030] obj_cgroup_charge_pages+0xce/0x210 [ 745.842672][ T2030] __memcg_kmem_charge_page+0x1e3/0x2d0 [ 745.848201][ T2030] __alloc_pages+0x1b7/0x330 [ 745.852779][ T2030] alloc_pages+0x382/0x3d0 [ 745.857179][ T2030] __pmd_alloc+0x47/0x330 [ 745.861496][ T2030] ? __pud_alloc+0x13b/0x170 [ 745.866076][ T2030] copy_page_range+0x6a5/0x8f0 [ 745.870838][ T2030] dup_mmap+0x6eb/0xa60 [ 745.874980][ T2030] dup_mm+0x7c/0x210 [ 745.878899][ T2030] copy_process+0x14aa/0x2f30 [ 745.883560][ T2030] kernel_clone+0x15c/0x6a0 [ 745.888045][ T2030] __x64_sys_clone+0xc6/0xf0 [ 745.892619][ T2030] do_syscall_64+0x44/0xa0 [ 745.897022][ T2030] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 745.902904][ T2030] RIP: 0033:0x7f2e21c2aae9 [ 745.907313][ T2030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 745.926903][ T2030] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 745.935317][ T2030] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 745.943276][ T2030] RDX: 0000000020000280 RSI: 0000000020000180 RDI: 0000000052004400 [ 745.951237][ T2030] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 745.959296][ T2030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.967353][ T2030] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 745.975923][ T2030] memory: usage 307200kB, limit 307200kB, failcnt 1952 [ 745.982936][ T2030] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 745.989856][ T2030] Memory cgroup stats for /syz2: [ 745.994000][ T2030] anon 1998848 [ 745.994000][ T2030] file 306561024 [ 745.994000][ T2030] kernel_stack 376832 [ 745.994000][ T2030] pagetables 2351104 [ 745.994000][ T2030] percpu 0 [ 745.994000][ T2030] sock 0 [ 745.994000][ T2030] shmem 306561024 [ 745.994000][ T2030] file_mapped 0 [ 745.994000][ T2030] file_dirty 0 [ 745.994000][ T2030] file_writeback 0 [ 745.994000][ T2030] swapcached 0 [ 745.994000][ T2030] inactive_anon 5267456 [ 745.994000][ T2030] active_anon 303280128 [ 745.994000][ T2030] inactive_file 0 [ 745.994000][ T2030] active_file 0 [ 745.994000][ T2030] unevictable 12288 [ 745.994000][ T2030] slab_reclaimable 1261440 [ 745.994000][ T2030] slab_unreclaimable 1456880 [ 745.994000][ T2030] slab 2718320 [ 745.994000][ T2030] workingset_refault_anon 0 [ 745.994000][ T2030] workingset_refault_file 1 [ 745.994000][ T2030] workingset_activate_anon 0 [ 745.994000][ T2030] workingset_activate_file 0 [ 745.994000][ T2030] workingset_restore_anon 0 [ 746.088130][ T2030] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=28287,uid=0 [ 746.103780][ T2030] Memory cgroup out of memory: Killed process 28287 (syz-executor.2) total-vm:85216kB, anon-rss:416kB, file-rss:35764kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 746.123474][ T25] oom_reaper: reaped process 28287 (syz-executor.2), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB 05:39:57 executing program 2: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x24, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff5a2c}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x10) link(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300)='./file0\x00') ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000000a80)={0x6, [{}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0xcb, "bdd19aeb1d192b"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001a80)={{r1, 0x1, 0x4, 0x80000000, 0xa1, 0xfffffffffffffffb, 0x20, 0x0, 0x4, 0xffffffff, 0x101, 0x18e0baca, 0x7ff, 0x1, 0x81}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {0x0}], 0x1, "060cd6bed5f770"}) r5 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}], 0x0, "2156816c73038c"}) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_io_uring_setup(0x2b2d, &(0x7f0000000140), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000040)) io_uring_enter(r7, 0x450e, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [], 0x1, "060cd6bed5f770"}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$tmpfs(0x20100000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="85a096cf2913ab7f444126501bce2c32887d544f4e5bedc0b16f2909866c248990d7775a66ca01a359a3c1ec6fe6fd9ff5808b9638e024844cdc1ce13b0f2b2233137b35ea850a585f13e3b0afa4df1cc9743927304d304bbae5cd90c865266376e44f96ad4ba3a3c0b3bf13e7086b5dadbabc3526"]) setxattr$incfs_id(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)={'0000000000000000000000000000000', 0x32}, 0x20, 0x1) clone(0x52004400, &(0x7f0000000180)="08b5dfca315700ce487880a9c272d9875bb2e99ac5bc700ddda7c1a3b4e0010ed23c66d4d9", &(0x7f0000000280), 0x0, 0x0) r8 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) preadv(r8, &(0x7f0000000a00)=[{&(0x7f0000000500)=""/197, 0xc5}, {&(0x7f0000000600)=""/238, 0xee}, {&(0x7f0000000700)=""/187, 0xbb}, {&(0x7f00000007c0)=""/118, 0x76}, {&(0x7f0000000840)=""/136, 0x88}, {&(0x7f0000000900)=""/213, 0xd5}], 0x6, 0x9, 0x6b300) [ 746.224719][ T2030] tmpfs: Unknown parameter ')DA&P,2}TON[o) l$wZfYo8$L;+"3{5 [ 746.224719][ T2030] X_㰯t9'0M0K͐e&cvOKk]5&' 05:39:57 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c530325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:57 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) syz_io_uring_setup(0x46ed, &(0x7f00000005c0)={0x0, 0xe9d0, 0x1, 0x1, 0xf4, 0x0, r0}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000640), &(0x7f0000000680)) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:39:57 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xf00000000000000, 0x0, 0x101) 05:39:57 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0012000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:57 executing program 0: rseq(&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x6}, 0x20, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000002880)=0x3f, 0x4) r1 = socket$inet(0x2, 0x6000000000000003, 0x6) sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x10) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x202, &(0x7f00000003c0)=0x0) io_submit(r3, 0x1801, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x3a5, 0x2, 0x1, 0x0, r2, &(0x7f0000000000), 0x16000}]) [ 746.299275][ T7802] loop4: detected capacity change from 0 to 131456 [ 746.313182][ T7806] loop5: detected capacity change from 0 to 131456 05:39:58 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x1000000000000000, 0x0, 0x101) [ 746.342813][ T7802] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 746.360137][ T7806] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 746.369678][ T7802] System zones: 1-2, 19-19, 35-38, 46-46 [ 746.378866][ C1] sd 0:0:1:0: tag#5627 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s 05:39:58 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000005c0)={{0x1, 0x1, 0x18, r1, {0x81}}, './bus\x00'}) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 746.380818][ T7802] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2128/file0 supports timestamps until 2038 (0x7fffffff) [ 746.388753][ C1] sd 0:0:1:0: tag#5627 CDB: opcode=0xe5 (vendor) [ 746.403049][ T7806] System zones: 1-2 [ 746.409329][ C1] sd 0:0:1:0: tag#5627 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 746.409351][ C1] sd 0:0:1:0: tag#5627 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 746.413155][ T7806] , 19-19 [ 746.422167][ C1] sd 0:0:1:0: tag#5627 CDB[20]: ba [ 746.431186][ T7806] , 35-38, 46-46 05:39:58 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x1200000000000000, 0x0, 0x101) [ 746.514455][ T7796] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 746.525209][ T7796] CPU: 1 PID: 7796 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 746.525304][ T7806] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2081/file0 supports timestamps until 2038 (0x7fffffff) [ 746.533530][ T7796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 746.557799][ T7796] Call Trace: [ 746.561076][ T7796] dump_stack_lvl+0xd6/0x122 [ 746.565669][ T7796] dump_stack+0x11/0x1b [ 746.569891][ T7796] dump_header+0x98/0x410 [ 746.574218][ T7796] oom_kill_process+0x18e/0x3f0 [ 746.579083][ T7796] out_of_memory+0x5ed/0x890 [ 746.583671][ T7796] ? mem_cgroup_iter+0x29b/0x370 [ 746.588679][ T7796] mem_cgroup_oom+0x484/0x520 [ 746.593356][ T7796] try_charge_memcg+0x736/0xa10 [ 746.598369][ T7796] ? __rcu_read_unlock+0x5c/0x290 [ 746.603403][ T7796] charge_memcg+0x51/0x1a0 [ 746.607812][ T7796] __mem_cgroup_charge+0x25/0xa0 [ 746.612736][ T7796] wp_page_copy+0x2f0/0x11e0 [ 746.617323][ T7796] ? shrink_zones+0x435/0x490 [ 746.622023][ T7796] ? delay_tsc+0x96/0xe0 [ 746.626260][ T7796] do_wp_page+0x4fb/0xa80 [ 746.630597][ T7796] handle_mm_fault+0x975/0x1590 [ 746.635502][ T7796] do_user_addr_fault+0x609/0xbe0 [ 746.640522][ T7796] ? __this_cpu_preempt_check+0x18/0x20 [ 746.646112][ T7796] exc_page_fault+0x91/0x290 [ 746.650695][ T7796] ? asm_exc_page_fault+0x8/0x30 [ 746.655630][ T7796] asm_exc_page_fault+0x1e/0x30 [ 746.660521][ T7796] RIP: 0033:0x7f2e21bc8675 05:39:58 executing program 0: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x24, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff5a2c}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x10) link(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300)='./file0\x00') ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000000a80)={0x6, [{}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0xcb, "bdd19aeb1d192b"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001a80)={{r1, 0x1, 0x4, 0x80000000, 0xa1, 0xfffffffffffffffb, 0x20, 0x0, 0x4, 0xffffffff, 0x101, 0x18e0baca, 0x7ff, 0x1, 0x81}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {0x0}], 0x1, "060cd6bed5f770"}) r5 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}], 0x0, "2156816c73038c"}) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_io_uring_setup(0x2b2d, &(0x7f0000000140), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000040)) io_uring_enter(r7, 0x450e, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [], 0x1, "060cd6bed5f770"}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$tmpfs(0x20100000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="85a096cf2913ab7f444126501bce2c32887d544f4e5bedc0b16f2909866c248990d7775a66ca01a359a3c1ec6fe6fd9ff5808b9638e024844cdc1ce13b0f2b2233137b35ea850a585f13e3b0afa4df1cc9743927304d304bbae5cd90c865266376e44f96ad4ba3a3c0b3bf13e7086b5dadbabc3526"]) setxattr$incfs_id(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)={'0000000000000000000000000000000', 0x32}, 0x20, 0x1) clone(0x52004400, &(0x7f0000000180)="08b5dfca315700ce487880a9c272d9875bb2e99ac5bc700ddda7c1a3b4e0010ed23c66d4d9", &(0x7f0000000280), 0x0, 0x0) r8 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) preadv(r8, &(0x7f0000000a00)=[{&(0x7f0000000500)=""/197, 0xc5}, {&(0x7f0000000600)=""/238, 0xee}, {&(0x7f0000000700)=""/187, 0xbb}, {&(0x7f00000007c0)=""/118, 0x76}, {&(0x7f0000000840)=""/136, 0x88}, {&(0x7f0000000900)=""/213, 0xd5}], 0x6, 0x9, 0x6b300) 05:39:58 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c5c0325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 746.665023][ T7796] Code: 0f 1f 44 00 00 48 8b 0d 59 ed 0a 01 48 8b 05 4a ed 0a 01 4c 8d 81 00 00 00 01 48 39 c8 72 13 4c 39 c0 73 0e 48 8d 50 04 89 38 <48> 89 15 2c ed 0a 01 c3 52 48 8d 35 2f b7 0b 00 48 89 c2 48 8d 3d [ 746.684623][ T7796] RSP: 002b:00007ffca696e218 EFLAGS: 00010283 [ 746.690757][ T7796] RAX: 0000001b33124a54 RBX: 00007f2e21d3df60 RCX: 0000001b33120000 [ 746.698720][ T7796] RDX: 0000001b33124a58 RSI: 0000000000000001 RDI: 000000000000000e [ 746.706683][ T7796] RBP: 0000000000000003 R08: 0000001b34120000 R09: 00007f2e21d58df0 [ 746.714673][ T7796] R10: 00007ffca696e380 R11: 0000000000000246 R12: 00007f2e21d3df60 [ 746.722717][ T7796] R13: 0000000000000000 R14: 00007f2e21d3df60 R15: 00000000000b6347 [ 746.730790][ T7796] memory: usage 307188kB, limit 307200kB, failcnt 2005 [ 746.737699][ T7796] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 746.744585][ T7796] Memory cgroup stats for /syz2: 05:39:58 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0014000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 746.759642][ T7796] anon 2105344 [ 746.759642][ T7796] file 306561024 [ 746.759642][ T7796] kernel_stack 360448 [ 746.759642][ T7796] pagetables 2359296 [ 746.759642][ T7796] percpu 0 [ 746.759642][ T7796] sock 0 [ 746.759642][ T7796] shmem 306561024 [ 746.759642][ T7796] file_mapped 0 [ 746.759642][ T7796] file_dirty 0 [ 746.759642][ T7796] file_writeback 0 [ 746.759642][ T7796] swapcached 0 [ 746.759642][ T7796] inactive_anon 5373952 [ 746.759642][ T7796] active_anon 303280128 [ 746.759642][ T7796] inactive_file 0 [ 746.759642][ T7796] active_file 0 [ 746.759642][ T7796] unevictable 12288 [ 746.759642][ T7796] slab_reclaimable 1276584 [ 746.759642][ T7796] slab_unreclaimable 1487400 [ 746.759642][ T7796] slab 2763984 [ 746.759642][ T7796] workingset_refault_anon 0 [ 746.759642][ T7796] workingset_refault_file 1 [ 746.759642][ T7796] workingset_activate_anon 0 [ 746.759642][ T7796] workingset_activate_file 0 [ 746.759642][ T7796] workingset_restore_anon 0 [ 746.854110][ T7796] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=28607,uid=0 [ 746.869575][ T7796] Memory cgroup out of memory: Killed process 28607 (syz-executor.2) total-vm:85216kB, anon-rss:404kB, file-rss:35764kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 746.888235][ T25] oom_reaper: reaped process 28607 (syz-executor.2), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB [ 746.889290][ C0] sd 0:0:1:0: tag#5579 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 746.909120][ C0] sd 0:0:1:0: tag#5579 CDB: opcode=0xe5 (vendor) [ 746.915448][ C0] sd 0:0:1:0: tag#5579 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 746.924513][ C0] sd 0:0:1:0: tag#5579 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 746.924669][ T7888] tmpfs: Unknown parameter ')DA&P,2}TON[o) l$wZfYo8$L;+"3{5 [ 746.924669][ T7888] X_㰯t9'0M0K͐e&cvOKk]5&' [ 746.933548][ C0] sd 0:0:1:0: tag#5579 CDB[20]: ba [ 747.020665][ T8324] loop4: detected capacity change from 0 to 131456 [ 747.036108][ T8333] loop5: detected capacity change from 0 to 131456 [ 747.101111][ T7796] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 747.111472][ T7796] CPU: 0 PID: 7796 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 747.119795][ T7796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 747.129860][ T7796] Call Trace: [ 747.133142][ T7796] dump_stack_lvl+0xd6/0x122 [ 747.137751][ T7796] dump_stack+0x11/0x1b [ 747.141904][ T7796] dump_header+0x98/0x410 [ 747.146233][ T7796] oom_kill_process+0x18e/0x3f0 [ 747.151151][ T7796] out_of_memory+0x5ed/0x890 [ 747.155741][ T7796] ? mem_cgroup_iter+0x29b/0x370 [ 747.160739][ T7796] mem_cgroup_oom+0x484/0x520 [ 747.165485][ T7796] try_charge_memcg+0x736/0xa10 [ 747.170432][ T7796] ? __rcu_read_unlock+0x5c/0x290 [ 747.175463][ T7796] charge_memcg+0x51/0x1a0 [ 747.179874][ T7796] __mem_cgroup_charge+0x25/0xa0 [ 747.184810][ T7796] wp_page_copy+0x2f0/0x11e0 [ 747.189456][ T7796] ? shrink_zones+0x435/0x490 [ 747.194178][ T7796] do_wp_page+0x4fb/0xa80 [ 747.198560][ T7796] handle_mm_fault+0x975/0x1590 [ 747.203430][ T7796] do_user_addr_fault+0x609/0xbe0 [ 747.208486][ T7796] exc_page_fault+0x91/0x290 [ 747.213136][ T7796] ? asm_exc_page_fault+0x8/0x30 [ 747.218084][ T7796] asm_exc_page_fault+0x1e/0x30 [ 747.222942][ T7796] RIP: 0033:0x7f2e21bdb0d3 [ 747.227352][ T7796] Code: a0 06 00 00 49 8d 85 10 03 00 00 49 89 85 10 05 00 00 48 8b 05 66 c3 09 01 c7 00 01 00 00 00 41 c7 85 1c 06 00 00 ff ff ff ff 05 63 03 0a 01 01 00 00 00 e8 2e 4e 05 00 48 85 c0 0f 84 55 01 [ 747.247017][ T7796] RSP: 002b:00007ffca696e1d0 EFLAGS: 00010246 [ 747.253120][ T7796] RAX: 00007f2e22c7c358 RBX: 0000000000021000 RCX: 00007f2e21c2abf7 [ 747.261080][ T7796] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f2e1f980700 [ 747.269046][ T7796] RBP: 00007ffca696e2a0 R08: 00000000ffffffff R09: 00007f2e1f980700 [ 747.277014][ T7796] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffca696e3b0 [ 747.284988][ T7796] R13: 00007f2e1f980700 R14: 0000000000000000 R15: 0000000000022000 [ 747.292986][ T7796] memory: usage 307200kB, limit 307200kB, failcnt 2071 [ 747.299848][ T7796] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 747.306723][ T7796] Memory cgroup stats for /syz2: [ 747.307586][ T8333] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2082/file0 supports timestamps until 2038 (0x7fffffff) [ 747.328344][ T8324] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2129/file0 supports timestamps until 2038 (0x7fffffff) [ 747.340610][ T7796] anon 2101248 [ 747.340610][ T7796] file 306561024 [ 747.340610][ T7796] kernel_stack 360448 [ 747.340610][ T7796] pagetables 2359296 [ 747.340610][ T7796] percpu 0 [ 747.340610][ T7796] sock 0 [ 747.340610][ T7796] shmem 306561024 [ 747.340610][ T7796] file_mapped 0 [ 747.340610][ T7796] file_dirty 0 [ 747.340610][ T7796] file_writeback 0 [ 747.340610][ T7796] swapcached 0 [ 747.340610][ T7796] inactive_anon 5369856 [ 747.340610][ T7796] active_anon 303280128 [ 747.340610][ T7796] inactive_file 0 [ 747.340610][ T7796] active_file 0 [ 747.340610][ T7796] unevictable 12288 [ 747.340610][ T7796] slab_reclaimable 1284552 [ 747.340610][ T7796] slab_unreclaimable 1490208 [ 747.340610][ T7796] slab 2774760 [ 747.340610][ T7796] workingset_refault_anon 0 [ 747.340610][ T7796] workingset_refault_file 1 [ 747.340610][ T7796] workingset_activate_anon 0 [ 747.340610][ T7796] workingset_activate_file 0 [ 747.340610][ T7796] workingset_restore_anon 0 [ 747.431410][ T7796] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=7796,uid=0 05:39:59 executing program 2: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x24, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff5a2c}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x10) link(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300)='./file0\x00') ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000000a80)={0x6, [{}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0xcb, "bdd19aeb1d192b"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001a80)={{r1, 0x1, 0x4, 0x80000000, 0xa1, 0xfffffffffffffffb, 0x20, 0x0, 0x4, 0xffffffff, 0x101, 0x18e0baca, 0x7ff, 0x1, 0x81}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {0x0}], 0x1, "060cd6bed5f770"}) r5 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}], 0x0, "2156816c73038c"}) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_io_uring_setup(0x2b2d, &(0x7f0000000140), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000040)) io_uring_enter(r7, 0x450e, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [], 0x1, "060cd6bed5f770"}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$tmpfs(0x20100000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="85a096cf2913ab7f444126501bce2c32887d544f4e5bedc0b16f2909866c248990d7775a66ca01a359a3c1ec6fe6fd9ff5808b9638e024844cdc1ce13b0f2b2233137b35ea850a585f13e3b0afa4df1cc9743927304d304bbae5cd90c865266376e44f96ad4ba3a3c0b3bf13e7086b5dadbabc3526"]) setxattr$incfs_id(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)={'0000000000000000000000000000000', 0x32}, 0x20, 0x1) clone(0x52004400, &(0x7f0000000180)="08b5dfca315700ce487880a9c272d9875bb2e99ac5bc700ddda7c1a3b4e0010ed23c66d4d9", &(0x7f0000000280), 0x0, 0x0) r8 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) preadv(r8, &(0x7f0000000a00)=[{&(0x7f0000000500)=""/197, 0xc5}, {&(0x7f0000000600)=""/238, 0xee}, {&(0x7f0000000700)=""/187, 0xbb}, {&(0x7f00000007c0)=""/118, 0x76}, {&(0x7f0000000840)=""/136, 0x88}, {&(0x7f0000000900)=""/213, 0xd5}], 0x6, 0x9, 0x6b300) 05:39:59 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x2000000000000000, 0x0, 0x101) 05:39:59 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0018000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:59 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000030008e307000010"]) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000740)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="050000000000000000000f0000000800030081c6c629585cd6dd8cb17dd0a3837589afe6c5c29d0bfe7b49658a2d", @ANYRES32=0x0, @ANYBLOB="28000e0080000000ffffffffffff0802110000000802110000000000000000000000000064000100080026006c09000008000c006400000008000d00000000000a0034000202020202020000080035000000000004000501"], 0x74}}, 0x0) sendmsg$NL80211_CMD_DEL_MPATH(r0, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x58, 0x0, 0x382d0dd73c5e8e16, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x58}, 0x1, 0x0, 0x0, 0x4894}, 0x80) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="570000006f02000600040400000003000000000000002000000000070000000449590ba2e4c2751b33000000008001000000060000000000000040000000000300000000000000040300e4ff0000000000000000020300"], 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:39:59 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c5d0325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 747.446712][ T7796] Memory cgroup out of memory: Killed process 7796 (syz-executor.2) total-vm:85348kB, anon-rss:456kB, file-rss:35888kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 747.464721][ T25] oom_reaper: reaped process 7796 (syz-executor.2), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB [ 747.526506][ C0] sd 0:0:1:0: tag#5592 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 747.529707][ T8546] loop5: detected capacity change from 0 to 131456 [ 747.536383][ C0] sd 0:0:1:0: tag#5592 CDB: opcode=0xe5 (vendor) [ 747.549226][ C0] sd 0:0:1:0: tag#5592 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 747.558265][ C0] sd 0:0:1:0: tag#5592 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 747.567303][ C0] sd 0:0:1:0: tag#5592 CDB[20]: ba 05:39:59 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x3f00000000000000, 0x0, 0x101) 05:39:59 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x32, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$inet(r7, &(0x7f0000000980)={&(0x7f00000005c0)={0x2, 0x4e21, @private=0xa010102}, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000600)="5df02ce7031874595053f7018b20b7aa46a6d63fc75d0a98d82f61a1d276e62e8420baef9a4de6a227bef901d17c962fc0b5cf123e25cabb4e1c3dd4ce28cbc85a431d66e0e34cc6bdb35baf78d3b769e473975606880adb90ee2328c2e76a85b37a3c8e74ec8ed00345d122e8673df8f9ffaf540497e9bda6f63fa1714ac9d4943f779deaf2df652ee5311159ad9a2ec10bc427f7e853637e342654f4", 0x9d}, {&(0x7f00000006c0)="179572b976d7060c801efcefa79a36e51d4794547f5b42e2624b7632f0a04e14cfb3e88998a36edcc7f9e5ff092b8aecdf2e205e0216cde5ff5ce8185a87a3fa04a091302dfb552b", 0x48}, {&(0x7f0000000740)="5b3b391d1e4ebedd118edb3fed5b6ed60a717f8b7a547d4715e88cdb5312efb0d6098898a595193a15d5790435a155142067460d89e2d5d111d49912909232463cc193bf8e784243c9eae09ae173688b034002c17a6be9a6e8", 0x59}], 0x3, &(0x7f0000000800)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x3f}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x35}}, @ip_retopts={{0x98, 0x0, 0x7, {[@timestamp_addr={0x44, 0xc, 0x5f, 0x1, 0x2, [{@rand_addr=0x64010100, 0x6}]}, @cipso={0x86, 0x15, 0x3, [{0x1, 0x3, '\x00'}, {0x1, 0xc, "071200c48251de59e644"}]}, @ssrr={0x89, 0x27, 0xc1, [@multicast1, @dev={0xac, 0x14, 0x14, 0x11}, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, @local, @multicast2]}, @noop, @timestamp_addr={0x44, 0x3c, 0x3f, 0x1, 0x7, [{@rand_addr=0x64010102, 0x20}, {@broadcast, 0x9}, {@dev={0xac, 0x14, 0x14, 0xa}, 0x7fffffff}, {@multicast1, 0xff}, {@dev={0xac, 0x14, 0x14, 0x2d}, 0x9}, {@multicast2, 0x7f}, {@remote, 0x10000}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x34}, @broadcast}}}], 0x148}, 0x24008004) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 747.575707][ T8546] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 747.593783][ T8546] System zones: 1-2, 19-19, 35-38, 46-46 [ 747.607914][ T8546] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2083/file0 supports timestamps until 2038 (0x7fffffff) 05:39:59 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0020000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:39:59 executing program 0: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x24, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff5a2c}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x10) link(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300)='./file0\x00') ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000000a80)={0x6, [{}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0xcb, "bdd19aeb1d192b"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001a80)={{r1, 0x1, 0x4, 0x80000000, 0xa1, 0xfffffffffffffffb, 0x20, 0x0, 0x4, 0xffffffff, 0x101, 0x18e0baca, 0x7ff, 0x1, 0x81}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {0x0}], 0x1, "060cd6bed5f770"}) r5 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}], 0x0, "2156816c73038c"}) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_io_uring_setup(0x2b2d, &(0x7f0000000140), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000040)) io_uring_enter(r7, 0x450e, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [], 0x1, "060cd6bed5f770"}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$tmpfs(0x20100000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="85a096cf2913ab7f444126501bce2c32887d544f4e5bedc0b16f2909866c248990d7775a66ca01a359a3c1ec6fe6fd9ff5808b9638e024844cdc1ce13b0f2b2233137b35ea850a585f13e3b0afa4df1cc9743927304d304bbae5cd90c865266376e44f96ad4ba3a3c0b3bf13e7086b5dadbabc3526"]) setxattr$incfs_id(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)={'0000000000000000000000000000000', 0x32}, 0x20, 0x1) clone(0x52004400, &(0x7f0000000180)="08b5dfca315700ce487880a9c272d9875bb2e99ac5bc700ddda7c1a3b4e0010ed23c66d4d9", &(0x7f0000000280), 0x0, 0x0) r8 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) preadv(r8, &(0x7f0000000a00)=[{&(0x7f0000000500)=""/197, 0xc5}, {&(0x7f0000000600)=""/238, 0xee}, {&(0x7f0000000700)=""/187, 0xbb}, {&(0x7f00000007c0)=""/118, 0x76}, {&(0x7f0000000840)=""/136, 0x88}, {&(0x7f0000000900)=""/213, 0xd5}], 0x6, 0x9, 0x6b300) 05:39:59 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8, 0x4010, 0xffffffffffffffff, 0x42f9f000) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="abc831", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020027bd7000fddbdf251100000008000300", @ANYRES32=0x0, @ANYBLOB="0c0099000020000045000000050013010800000008001301020000000a000600080211000001000009001300181bb0846c000000050029000a0000000600b5002e040000"], 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:39:59 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x5084000000000000, 0x0, 0x101) [ 747.699041][ C1] sd 0:0:1:0: tag#5609 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 747.708907][ C1] sd 0:0:1:0: tag#5609 CDB: opcode=0xe5 (vendor) [ 747.715259][ C1] sd 0:0:1:0: tag#5609 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 747.724326][ C1] sd 0:0:1:0: tag#5609 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 747.733372][ C1] sd 0:0:1:0: tag#5609 CDB[20]: ba 05:39:59 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f0000000740)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000600)={&(0x7f00000006c0)={0x54, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x1d}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x763}]}, 0x54}, 0x1, 0x0, 0x0, 0x20008000}, 0x24008010) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = open(&(0x7f0000000240)='./bus\x00', 0x248880, 0x1b0) sendmsg$NL80211_CMD_START_SCHED_SCAN(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRESOCT], 0x28}}, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r4, 0x1c8}], 0x1, &(0x7f00000000c0)={r5, r6+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 747.807811][ T8926] loop4: detected capacity change from 0 to 131456 [ 747.817603][ T8962] loop5: detected capacity change from 0 to 131456 [ 747.834933][ T8926] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 747.862221][ T8962] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 747.919279][ T8434] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 747.927696][ T8926] System zones: 1-2, 19-19, 35-38, 46-46 [ 747.929627][ T8434] CPU: 0 PID: 8434 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 747.935853][ T8926] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2130/file0 supports timestamps until 2038 (0x7fffffff) [ 747.943642][ T8434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 747.943655][ T8434] Call Trace: [ 747.943662][ T8434] dump_stack_lvl+0xd6/0x122 [ 747.975792][ T8434] dump_stack+0x11/0x1b [ 747.979948][ T8434] dump_header+0x98/0x410 [ 747.984281][ T8434] oom_kill_process+0x18e/0x3f0 [ 747.989156][ T8434] out_of_memory+0x5ed/0x890 [ 747.993742][ T8434] ? mem_cgroup_iter+0x29b/0x370 [ 747.998680][ T8434] mem_cgroup_oom+0x484/0x520 [ 748.003355][ T8434] try_charge_memcg+0x736/0xa10 [ 748.008290][ T8434] ? __rcu_read_unlock+0x5c/0x290 [ 748.013308][ T8434] charge_memcg+0x51/0x1a0 [ 748.017727][ T8434] __mem_cgroup_charge+0x25/0xa0 [ 748.022670][ T8434] wp_page_copy+0x2f0/0x11e0 [ 748.027257][ T8434] ? shrink_zones+0x435/0x490 [ 748.031945][ T8434] do_wp_page+0x4fb/0xa80 [ 748.036287][ T8434] handle_mm_fault+0x975/0x1590 [ 748.041243][ T8434] do_user_addr_fault+0x609/0xbe0 [ 748.046271][ T8434] exc_page_fault+0x91/0x290 [ 748.050863][ T8434] ? asm_exc_page_fault+0x8/0x30 [ 748.055800][ T8434] asm_exc_page_fault+0x1e/0x30 [ 748.060774][ T8434] RIP: 0033:0x7f2e21c25ef6 [ 748.065199][ T8434] Code: 82 63 01 00 00 48 89 d1 f3 a4 c3 80 fa 08 73 12 80 fa 04 73 1e 80 fa 01 77 26 72 05 0f b6 0e 88 0f c3 48 8b 4c 16 f8 48 8b 36 <48> 89 4c 17 f8 48 89 37 c3 8b 4c 16 fc 8b 36 89 4c 17 fc 89 37 c3 [ 748.084806][ T8434] RSP: 002b:00007ffca696e2a8 EFLAGS: 00010246 [ 748.090862][ T8434] RAX: 0000000020000040 RBX: 00007f2e21d3eb60 RCX: 0030656c69662f2e [ 748.098824][ T8434] RDX: 0000000000000008 RSI: 0030656c69662f2e RDI: 0000000020000040 [ 748.106845][ T8434] RBP: 00007ffca696e368 R08: 00007f2e22142000 R09: 0000000000000010 [ 748.114885][ T8434] R10: 00007ffca69c40b8 R11: 0000000000020b00 R12: 00000000000b683a [ 748.122893][ T8434] R13: 00000000000003e8 R14: 00007f2e21d3df60 R15: 00000000000b67e5 [ 748.131524][ T8434] memory: usage 307200kB, limit 307200kB, failcnt 2196 [ 748.138412][ T8434] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 748.145250][ T8434] Memory cgroup stats for /syz2: [ 748.145345][ T8962] System zones: 1-2, 19-19, 35-38, 46-46 [ 748.157385][ T8962] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2084/file0 supports timestamps until 2038 (0x7fffffff) [ 748.171986][ T8434] anon 2142208 [ 748.171986][ T8434] file 306561024 [ 748.171986][ T8434] kernel_stack 360448 [ 748.171986][ T8434] pagetables 2359296 [ 748.171986][ T8434] percpu 0 [ 748.171986][ T8434] sock 0 [ 748.171986][ T8434] shmem 306561024 [ 748.171986][ T8434] file_mapped 0 [ 748.171986][ T8434] file_dirty 0 [ 748.171986][ T8434] file_writeback 0 [ 748.171986][ T8434] swapcached 0 [ 748.171986][ T8434] inactive_anon 5410816 [ 748.171986][ T8434] active_anon 303280128 [ 748.171986][ T8434] inactive_file 0 [ 748.171986][ T8434] active_file 0 [ 748.171986][ T8434] unevictable 12288 [ 748.171986][ T8434] slab_reclaimable 1263384 [ 748.171986][ T8434] slab_unreclaimable 1469640 [ 748.171986][ T8434] slab 2733024 [ 748.171986][ T8434] workingset_refault_anon 0 [ 748.171986][ T8434] workingset_refault_file 1 [ 748.171986][ T8434] workingset_activate_anon 0 [ 748.171986][ T8434] workingset_activate_file 0 [ 748.171986][ T8434] workingset_restore_anon 0 [ 748.260952][ T8434] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=7794,uid=0 [ 748.276177][ T8434] Memory cgroup out of memory: Killed process 7794 (syz-executor.2) total-vm:85480kB, anon-rss:468kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 748.294487][ T25] oom_reaper: reaped process 7794 (syz-executor.2), now anon-rss:0kB, file-rss:34812kB, shmem-rss:0kB [ 748.329517][ T8447] tmpfs: Unknown parameter ')DA&P,2}TON[o) l$wZfYo8$L;+"3{5 [ 748.329517][ T8447] X_㰯t9'0M0K͐e&cvOKk]5&' [ 748.410332][ T8434] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 748.420581][ T8434] CPU: 0 PID: 8434 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 748.428911][ T8434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 748.438983][ T8434] Call Trace: [ 748.442253][ T8434] dump_stack_lvl+0xd6/0x122 [ 748.446980][ T8434] dump_stack+0x11/0x1b [ 748.451141][ T8434] dump_header+0x98/0x410 [ 748.455468][ T8434] oom_kill_process+0x18e/0x3f0 [ 748.460311][ T8434] out_of_memory+0x5ed/0x890 [ 748.464894][ T8434] ? mem_cgroup_iter+0x29b/0x370 [ 748.469827][ T8434] mem_cgroup_oom+0x484/0x520 [ 748.474560][ T8434] try_charge_memcg+0x736/0xa10 [ 748.479403][ T8434] ? __rcu_read_unlock+0x5c/0x290 [ 748.484430][ T8434] charge_memcg+0x51/0x1a0 [ 748.488885][ T8434] __mem_cgroup_charge+0x25/0xa0 [ 748.493826][ T8434] wp_page_copy+0x2f0/0x11e0 [ 748.498456][ T8434] ? shrink_zones+0x435/0x490 [ 748.503129][ T8434] do_wp_page+0x4fb/0xa80 [ 748.507521][ T8434] handle_mm_fault+0x975/0x1590 [ 748.512400][ T8434] do_user_addr_fault+0x609/0xbe0 [ 748.517466][ T8434] exc_page_fault+0x91/0x290 [ 748.522080][ T8434] ? asm_exc_page_fault+0x8/0x30 [ 748.527014][ T8434] asm_exc_page_fault+0x1e/0x30 [ 748.531858][ T8434] RIP: 0033:0x7f2e21bdb0d3 [ 748.536266][ T8434] Code: a0 06 00 00 49 8d 85 10 03 00 00 49 89 85 10 05 00 00 48 8b 05 66 c3 09 01 c7 00 01 00 00 00 41 c7 85 1c 06 00 00 ff ff ff ff 05 63 03 0a 01 01 00 00 00 e8 2e 4e 05 00 48 85 c0 0f 84 55 01 [ 748.555863][ T8434] RSP: 002b:00007ffca696e1d0 EFLAGS: 00010246 [ 748.561919][ T8434] RAX: 00007f2e22c7c358 RBX: 0000000000021000 RCX: 00007f2e21c2abf7 [ 748.569898][ T8434] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f2e1f980700 [ 748.577870][ T8434] RBP: 00007ffca696e2a0 R08: 00000000ffffffff R09: 00007f2e1f980700 [ 748.585831][ T8434] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffca696e3b0 [ 748.593804][ T8434] R13: 00007f2e1f980700 R14: 0000000000000000 R15: 0000000000022000 [ 748.601954][ T8434] memory: usage 307052kB, limit 307200kB, failcnt 2256 [ 748.608814][ T8434] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 748.615673][ T8434] Memory cgroup stats for /syz2: [ 748.616200][ T8434] anon 2088960 [ 748.616200][ T8434] file 306561024 [ 748.616200][ T8434] kernel_stack 360448 [ 748.616200][ T8434] pagetables 2244608 [ 748.616200][ T8434] percpu 0 [ 748.616200][ T8434] sock 0 [ 748.616200][ T8434] shmem 306561024 [ 748.616200][ T8434] file_mapped 0 [ 748.616200][ T8434] file_dirty 0 [ 748.616200][ T8434] file_writeback 0 [ 748.616200][ T8434] swapcached 0 [ 748.616200][ T8434] inactive_anon 5341184 [ 748.616200][ T8434] active_anon 303280128 [ 748.616200][ T8434] inactive_file 0 [ 748.616200][ T8434] active_file 0 [ 748.616200][ T8434] unevictable 12288 [ 748.616200][ T8434] slab_reclaimable 1277928 [ 748.616200][ T8434] slab_unreclaimable 1492080 [ 748.616200][ T8434] slab 2770008 [ 748.616200][ T8434] workingset_refault_anon 0 [ 748.616200][ T8434] workingset_refault_file 1 [ 748.616200][ T8434] workingset_activate_anon 0 [ 748.616200][ T8434] workingset_activate_file 0 [ 748.616200][ T8434] workingset_restore_anon 0 [ 748.710115][ T8434] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=8434,uid=0 [ 748.725372][ T8434] Memory cgroup out of memory: Killed process 8434 (syz-executor.2) total-vm:85348kB, anon-rss:456kB, file-rss:35884kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 748.743351][ T25] oom_reaper: reaped process 8434 (syz-executor.2), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB 05:40:00 executing program 2: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x24, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff5a2c}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x10) link(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300)='./file0\x00') ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000000a80)={0x6, [{}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0xcb, "bdd19aeb1d192b"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001a80)={{r1, 0x1, 0x4, 0x80000000, 0xa1, 0xfffffffffffffffb, 0x20, 0x0, 0x4, 0xffffffff, 0x101, 0x18e0baca, 0x7ff, 0x1, 0x81}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {0x0}], 0x1, "060cd6bed5f770"}) r5 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}], 0x0, "2156816c73038c"}) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_io_uring_setup(0x2b2d, &(0x7f0000000140), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000040)) io_uring_enter(r7, 0x450e, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [], 0x1, "060cd6bed5f770"}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$tmpfs(0x20100000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="85a096cf2913ab7f444126501bce2c32887d544f4e5bedc0b16f2909866c248990d7775a66ca01a359a3c1ec6fe6fd9ff5808b9638e024844cdc1ce13b0f2b2233137b35ea850a585f13e3b0afa4df1cc9743927304d304bbae5cd90c865266376e44f96ad4ba3a3c0b3bf13e7086b5dadbabc3526"]) setxattr$incfs_id(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)={'0000000000000000000000000000000', 0x32}, 0x20, 0x1) clone(0x52004400, &(0x7f0000000180)="08b5dfca315700ce487880a9c272d9875bb2e99ac5bc700ddda7c1a3b4e0010ed23c66d4d9", &(0x7f0000000280), 0x0, 0x0) r8 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) preadv(r8, &(0x7f0000000a00)=[{&(0x7f0000000500)=""/197, 0xc5}, {&(0x7f0000000600)=""/238, 0xee}, {&(0x7f0000000700)=""/187, 0xbb}, {&(0x7f00000007c0)=""/118, 0x76}, {&(0x7f0000000840)=""/136, 0x88}, {&(0x7f0000000900)=""/213, 0xd5}], 0x6, 0x9, 0x6b300) 05:40:00 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x8102000000000000, 0x0, 0x101) 05:40:00 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c6a0325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:00 executing program 0: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x24, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff5a2c}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x10) link(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300)='./file0\x00') ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000000a80)={0x6, [{}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0xcb, "bdd19aeb1d192b"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001a80)={{r1, 0x1, 0x4, 0x80000000, 0xa1, 0xfffffffffffffffb, 0x20, 0x0, 0x4, 0xffffffff, 0x101, 0x18e0baca, 0x7ff, 0x1, 0x81}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {0x0}], 0x1, "060cd6bed5f770"}) r5 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}], 0x0, "2156816c73038c"}) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_io_uring_setup(0x2b2d, &(0x7f0000000140), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000040)) io_uring_enter(r7, 0x450e, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [], 0x1, "060cd6bed5f770"}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$tmpfs(0x20100000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="85a096cf2913ab7f444126501bce2c32887d544f4e5bedc0b16f2909866c248990d7775a66ca01a359a3c1ec6fe6fd9ff5808b9638e024844cdc1ce13b0f2b2233137b35ea850a585f13e3b0afa4df1cc9743927304d304bbae5cd90c865266376e44f96ad4ba3a3c0b3bf13e7086b5dadbabc3526"]) setxattr$incfs_id(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)={'0000000000000000000000000000000', 0x32}, 0x20, 0x1) clone(0x52004400, &(0x7f0000000180)="08b5dfca315700ce487880a9c272d9875bb2e99ac5bc700ddda7c1a3b4e0010ed23c66d4d9", &(0x7f0000000280), 0x0, 0x0) r8 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) preadv(r8, &(0x7f0000000a00)=[{&(0x7f0000000500)=""/197, 0xc5}, {&(0x7f0000000600)=""/238, 0xee}, {&(0x7f0000000700)=""/187, 0xbb}, {&(0x7f00000007c0)=""/118, 0x76}, {&(0x7f0000000840)=""/136, 0x88}, {&(0x7f0000000900)=""/213, 0xd5}], 0x6, 0x9, 0x6b300) 05:40:00 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x2, 0x3, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x80000004, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:00 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce1020000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:00 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x8200000000000000, 0x0, 0x101) [ 748.850638][ T9368] loop5: detected capacity change from 0 to 131456 [ 748.861189][ T9480] loop4: detected capacity change from 0 to 131456 [ 748.871327][ C1] sd 0:0:1:0: tag#5584 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 748.881178][ C1] sd 0:0:1:0: tag#5584 CDB: opcode=0xe5 (vendor) [ 748.887527][ C1] sd 0:0:1:0: tag#5584 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c 05:40:00 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) read(0xffffffffffffffff, &(0x7f00000005c0)=""/42, 0x2a) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 748.896557][ C1] sd 0:0:1:0: tag#5584 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 748.905602][ C1] sd 0:0:1:0: tag#5584 CDB[20]: ba [ 748.916408][ C0] sd 0:0:1:0: tag#5586 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 748.926376][ C0] sd 0:0:1:0: tag#5586 CDB: opcode=0xe5 (vendor) [ 748.932731][ C0] sd 0:0:1:0: tag#5586 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 748.941762][ C0] sd 0:0:1:0: tag#5586 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d 05:40:00 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c720325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 748.950852][ C0] sd 0:0:1:0: tag#5586 CDB[20]: ba [ 748.959826][ T9368] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2085/file0 supports timestamps until 2038 (0x7fffffff) [ 748.981819][ T9480] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2131/file0 supports timestamps until 2038 (0x7fffffff) 05:40:00 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0022000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:00 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xf4ffffff00000000, 0x0, 0x101) 05:40:00 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000000600)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x54, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, r6}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000005c0)=ANY=[@ANYBLOB="110000000300100007b0fb63e7fcc53e051e7b08cd3a2f07000000"]) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 749.098834][ T9812] loop4: detected capacity change from 0 to 131456 [ 749.125530][ T9846] loop5: detected capacity change from 0 to 131456 [ 749.136262][ T9812] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2132/file0 supports timestamps until 2038 (0x7fffffff) [ 749.173528][ T9369] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 749.177819][ T9846] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2086/file0 supports timestamps until 2038 (0x7fffffff) [ 749.184053][ T9369] CPU: 0 PID: 9369 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 749.206405][ T9369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 749.216456][ T9369] Call Trace: [ 749.219730][ T9369] dump_stack_lvl+0xd6/0x122 [ 749.224326][ T9369] dump_stack+0x11/0x1b [ 749.228483][ T9369] dump_header+0x98/0x410 [ 749.232852][ T9369] oom_kill_process+0x18e/0x3f0 [ 749.237852][ T9369] out_of_memory+0x5ed/0x890 [ 749.242446][ T9369] ? mem_cgroup_iter+0x29b/0x370 [ 749.247411][ T9369] mem_cgroup_oom+0x484/0x520 [ 749.252149][ T9369] try_charge_memcg+0x736/0xa10 [ 749.257001][ T9369] ? __rcu_read_unlock+0x5c/0x290 [ 749.262035][ T9369] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 749.268285][ T9369] obj_cgroup_charge_pages+0xce/0x210 [ 749.273653][ T9369] obj_cgroup_charge+0xe2/0x1b0 [ 749.278564][ T9369] ? dup_mmap+0x40e/0xa60 [ 749.282976][ T9369] kmem_cache_alloc+0x96/0x320 [ 749.287737][ T9369] dup_mmap+0x40e/0xa60 [ 749.291957][ T9369] dup_mm+0x7c/0x210 [ 749.295904][ T9369] copy_process+0x14aa/0x2f30 [ 749.300582][ T9369] kernel_clone+0x15c/0x6a0 [ 749.305122][ T9369] __x64_sys_clone+0xc6/0xf0 [ 749.309707][ T9369] do_syscall_64+0x44/0xa0 [ 749.314122][ T9369] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 749.320012][ T9369] RIP: 0033:0x7f2e21c2aae9 [ 749.324425][ T9369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 749.344068][ T9369] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 749.352515][ T9369] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 749.360497][ T9369] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000 [ 749.368526][ T9369] RBP: 00007f2e21c84f25 R08: ffffffffffffffff R09: 0000000000000000 [ 749.376564][ T9369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 749.384615][ T9369] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 749.392700][ T9369] memory: usage 307200kB, limit 307200kB, failcnt 2339 [ 749.399669][ T9369] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 749.406600][ T9369] Memory cgroup stats for /syz2: [ 749.432667][ T9369] anon 2142208 [ 749.432667][ T9369] file 306561024 [ 749.432667][ T9369] kernel_stack 376832 [ 749.432667][ T9369] pagetables 2334720 [ 749.432667][ T9369] percpu 0 [ 749.432667][ T9369] sock 0 [ 749.432667][ T9369] shmem 306561024 [ 749.432667][ T9369] file_mapped 0 [ 749.432667][ T9369] file_dirty 0 [ 749.432667][ T9369] file_writeback 0 [ 749.432667][ T9369] swapcached 0 [ 749.432667][ T9369] inactive_anon 5410816 [ 749.432667][ T9369] active_anon 303280128 [ 749.432667][ T9369] inactive_file 0 [ 749.432667][ T9369] active_file 0 [ 749.432667][ T9369] unevictable 12288 [ 749.432667][ T9369] slab_reclaimable 1266072 [ 749.432667][ T9369] slab_unreclaimable 1476160 [ 749.432667][ T9369] slab 2742232 [ 749.432667][ T9369] workingset_refault_anon 0 [ 749.432667][ T9369] workingset_refault_file 1 [ 749.432667][ T9369] workingset_activate_anon 0 [ 749.432667][ T9369] workingset_activate_file 0 [ 749.432667][ T9369] workingset_restore_anon 0 [ 749.527208][ T9369] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=9218,uid=0 [ 749.542647][ T9369] Memory cgroup out of memory: Killed process 9218 (syz-executor.2) total-vm:85216kB, anon-rss:460kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 749.561080][ T25] oom_reaper: reaped process 9218 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 749.568195][ T9576] tmpfs: Unknown parameter ')DA&P,2}TON[o) l$wZfYo8$L;+"3{5 [ 749.568195][ T9576] X_㰯t9'0M0K͐e&cvOKk]5&' [ 749.693289][ T9364] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 749.703503][ T9364] CPU: 0 PID: 9364 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 749.711912][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 749.721981][ T9364] Call Trace: [ 749.725249][ T9364] dump_stack_lvl+0xd6/0x122 [ 749.729903][ T9364] dump_stack+0x11/0x1b [ 749.734064][ T9364] dump_header+0x98/0x410 [ 749.738385][ T9364] oom_kill_process+0x18e/0x3f0 [ 749.743280][ T9364] out_of_memory+0x5ed/0x890 [ 749.747865][ T9364] ? mem_cgroup_iter+0x29b/0x370 [ 749.752850][ T9364] mem_cgroup_oom+0x484/0x520 [ 749.757522][ T9364] try_charge_memcg+0x736/0xa10 [ 749.762381][ T9364] ? __rcu_read_unlock+0x5c/0x290 [ 749.767401][ T9364] charge_memcg+0x51/0x1a0 [ 749.771815][ T9364] __mem_cgroup_charge+0x25/0xa0 [ 749.776797][ T9364] wp_page_copy+0x2f0/0x11e0 [ 749.781388][ T9364] ? shrink_zones+0x435/0x490 [ 749.786102][ T9364] do_wp_page+0x4fb/0xa80 [ 749.790452][ T9364] handle_mm_fault+0x975/0x1590 [ 749.795738][ T9364] do_user_addr_fault+0x609/0xbe0 [ 749.800785][ T9364] ? __this_cpu_preempt_check+0x18/0x20 [ 749.806333][ T9364] exc_page_fault+0x91/0x290 [ 749.810969][ T9364] ? asm_exc_page_fault+0x8/0x30 [ 749.815969][ T9364] asm_exc_page_fault+0x1e/0x30 [ 749.820815][ T9364] RIP: 0033:0x7f2e21bd69bf [ 749.825280][ T9364] Code: 00 48 8b 6c 24 28 4c 69 a4 24 e0 00 00 00 e8 03 00 00 48 f7 f1 49 01 c4 4c 89 e2 eb 47 48 8d b4 24 f0 00 00 00 bf 01 00 00 00 cc 20 05 00 85 c0 0f 85 95 04 00 00 48 8b 84 24 f8 00 00 00 31 [ 749.844890][ T9364] RSP: 002b:00007ffca696e2b0 EFLAGS: 00010246 [ 749.850948][ T9364] RAX: 0000000000000000 RBX: 0000000000000032 RCX: ffffffffffffffbc [ 749.859013][ T9364] RDX: 0000000000000000 RSI: 00007ffca696e3a0 RDI: 0000000000000001 [ 749.866979][ T9364] RBP: 00007f2e21d3df6c R08: 0000000000000010 R09: 0000000000000000 [ 749.875005][ T9364] R10: 00007ffca696e380 R11: 0000000000000246 R12: 00000000000b7035 [ 749.882969][ T9364] R13: 00000000000003e8 R14: 00007f2e21d3df60 R15: 00000000000b6d1b [ 749.890996][ T9364] memory: usage 307200kB, limit 307200kB, failcnt 2419 [ 749.897845][ T9364] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 749.904685][ T9364] Memory cgroup stats for /syz2: [ 749.904833][ T9364] anon 2093056 [ 749.904833][ T9364] file 306561024 [ 749.904833][ T9364] kernel_stack 376832 [ 749.904833][ T9364] pagetables 2359296 [ 749.904833][ T9364] percpu 0 [ 749.904833][ T9364] sock 0 [ 749.904833][ T9364] shmem 306561024 [ 749.904833][ T9364] file_mapped 0 [ 749.904833][ T9364] file_dirty 0 [ 749.904833][ T9364] file_writeback 0 [ 749.904833][ T9364] swapcached 0 [ 749.904833][ T9364] inactive_anon 5357568 [ 749.904833][ T9364] active_anon 303280128 [ 749.904833][ T9364] inactive_file 0 [ 749.904833][ T9364] active_file 0 [ 749.904833][ T9364] unevictable 12288 [ 749.904833][ T9364] slab_reclaimable 1277928 [ 749.904833][ T9364] slab_unreclaimable 1488040 [ 749.904833][ T9364] slab 2765968 [ 749.904833][ T9364] workingset_refault_anon 0 [ 749.904833][ T9364] workingset_refault_file 1 [ 749.904833][ T9364] workingset_activate_anon 0 [ 749.904833][ T9364] workingset_activate_file 0 [ 749.904833][ T9364] workingset_restore_anon 0 [ 749.998703][ T9364] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=9364,uid=0 [ 750.013943][ T9364] Memory cgroup out of memory: Killed process 9364 (syz-executor.2) total-vm:85348kB, anon-rss:460kB, file-rss:35884kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 750.031896][ T25] oom_reaper: reaped process 9364 (syz-executor.2), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 05:40:02 executing program 2: lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) rmdir(&(0x7f0000000080)='./file0\x00') mkdir(&(0x7f00000001c0)='./file0/file0\x00', 0x0) set_mempolicy(0x2, &(0x7f0000000000)=0x5, 0x5) umount2(&(0x7f0000000040)='./file0/file0\x00', 0x8) lsetxattr$system_posix_acl(&(0x7f0000000280)='./file0/file0\x00', &(0x7f00000002c0)='system.posix_acl_default\x00', &(0x7f0000000580), 0x24, 0x0) 05:40:02 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xfbffffff00000000, 0x0, 0x101) 05:40:02 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c730325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:02 executing program 0: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x32, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$inet(r7, &(0x7f0000000980)={&(0x7f00000005c0)={0x2, 0x4e21, @private=0xa010102}, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000600)="5df02ce7031874595053f7018b20b7aa46a6d63fc75d0a98d82f61a1d276e62e8420baef9a4de6a227bef901d17c962fc0b5cf123e25cabb4e1c3dd4ce28cbc85a431d66e0e34cc6bdb35baf78d3b769e473975606880adb90ee2328c2e76a85b37a3c8e74ec8ed00345d122e8673df8f9ffaf540497e9bda6f63fa1714ac9d4943f779deaf2df652ee5311159ad9a2ec10bc427f7e853637e342654f4", 0x9d}, {&(0x7f00000006c0)="179572b976d7060c801efcefa79a36e51d4794547f5b42e2624b7632f0a04e14cfb3e88998a36edcc7f9e5ff092b8aecdf2e205e0216cde5ff5ce8185a87a3fa04a091302dfb552b", 0x48}, {&(0x7f0000000740)="5b3b391d1e4ebedd118edb3fed5b6ed60a717f8b7a547d4715e88cdb5312efb0d6098898a595193a15d5790435a155142067460d89e2d5d111d49912909232463cc193bf8e784243c9eae09ae173688b034002c17a6be9a6e8", 0x59}], 0x3, &(0x7f0000000800)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x3f}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x35}}, @ip_retopts={{0x98, 0x0, 0x7, {[@timestamp_addr={0x44, 0xc, 0x5f, 0x1, 0x2, [{@rand_addr=0x64010100, 0x6}]}, @cipso={0x86, 0x15, 0x3, [{0x1, 0x3, '\x00'}, {0x1, 0xc, "071200c48251de59e644"}]}, @ssrr={0x89, 0x27, 0xc1, [@multicast1, @dev={0xac, 0x14, 0x14, 0x11}, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, @local, @multicast2]}, @noop, @timestamp_addr={0x44, 0x3c, 0x3f, 0x1, 0x7, [{@rand_addr=0x64010102, 0x20}, {@broadcast, 0x9}, {@dev={0xac, 0x14, 0x14, 0xa}, 0x7fffffff}, {@multicast1, 0xff}, {@dev={0xac, 0x14, 0x14, 0x2d}, 0x9}, {@multicast2, 0x7f}, {@remote, 0x10000}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x34}, @broadcast}}}], 0x148}, 0x24008004) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:02 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000005c0)=ANY=[@ANYBLOB="2b72646d61202b706572665f0676656e70202b626c6b696f20"], 0x19) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a90468bb3d2241c2893be152f5c30a7324dae04686c21595a6e1a9368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=r2, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0200f1fddfdbdf25f2000000080003", @ANYRES32=0x0, @ANYBLOB="0c0099000008000045000000050013010100000005001301020000000a000600080211000001000009001300181bb0846c000000050029000a0000000600b5002e040000"], 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:02 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0025000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 750.339047][T10107] loop5: detected capacity change from 0 to 131456 [ 750.343266][T10110] loop4: detected capacity change from 0 to 131456 05:40:02 executing program 0: r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) r1 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) r2 = open$dir(&(0x7f0000000000)='./file1\x00', 0x400000, 0x40) kcmp(r0, 0x0, 0x0, r1, r2) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000003340)=[{0x0, 0x0, 0x1ff}, {&(0x7f00000048c0)="5d5c78bb9c68bd397f29a9b411aeeffd", 0x10, 0x6}], 0x8400, &(0x7f0000000100)=ANY=[@ANYBLOB="bdf4cfb2de74850591f7e28db546fb8fff5e25de6dd4c93e9f9e78a6ce975a22a61ab4f377c7251096084dfcaa6cc01905439c0eb47dfb9e7b28ce1d795bfe06b54a3b400e3f7092adc54ef4c5400c600273ba0ebd0edc7c3326fc12335708dcb979ff4e2244542700aaa5864073fafe99ecc230b6685a03c1cacb1b492bfab20303ab64d8f09743cb46192a3ca07b26c7166eff67106404863f6836d5b121b6a5bd800b344b71ac0a013dcb3485300d999417b544af55ef38114d14252284b0f1ff74fa3f6d83d3a5940206fea3668949ee7e0b4bafe07e9df4ca4132e14af10dba909213c593036557ae2e0826b88c2b0e80b26e16514f1073d7d2ebdc849cf043f9c2735cf93f249624f3602357a625def752e8"]) 05:40:02 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xfeffffff00000000, 0x0, 0x101) 05:40:02 executing program 2: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(&(0x7f0000000380)='./bus\x00', 0x118) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xfd14) fallocate(r1, 0x100000003, 0x0, 0xc7e2) 05:40:02 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0226000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:02 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000640)={0x68, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x47}}}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x4}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x68}, 0x1, 0x0, 0x0, 0x4040000}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000001e40)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020027bd7000fddbdf251100000008000300", @ANYRES32=0x0, @ANYBLOB="0c0099000008000045f74539b09a824d6d7f96e12c14000000050013010100000005001301020000000a0006000847050cdfe8cbba10b57e3fb768b1023d3fc035db4a9154110000010000040013000600c39335e7a8dae6166b9049a0d055f7b500af4aef0e3006a52e4a63c317ad06c0932879ca4577b56ab397a81b8157117e920f3c9b3d0653a7ae63d8e019c9ec9d1995436c1b27c003c20d1c01270ed7e24fd3ac410d295b44286bdf39be1816a0d077c02b0f21882214f62bd849b511314277e5f9cf3cb39c5afc0e9e5d1c66fe3fc6b9a5adaa8aa257bdc11dd7693319b85a3b131f342ef411ccddde3e47e70e21"], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x4) clone3(&(0x7f0000000900)={0x3000000, &(0x7f00000001c0)=0xffffffffffffffff, &(0x7f0000000480), &(0x7f00000006c0), {0x16}, &(0x7f0000000700)=""/167, 0xa7, &(0x7f00000007c0)=""/197, &(0x7f00000008c0)=[0x0, 0x0, 0xffffffffffffffff, 0x0], 0x4, {r1}}, 0x58) pwritev(r6, &(0x7f0000001cc0)=[{&(0x7f0000000980)="5eea448ddc82bc242bb1af4fa283f561e8b4bac2b7c3cf50c8eda9f14ecfcd56aeddc8a67ee998ad813a97dc9befa38649812c50ffc2bf4748299ec0655420c15a45de9fc584b9ee6f8c8b6d3fbd7b198d0f8a", 0x53}, {&(0x7f0000000a00)="d19c3cbed751659624d02d131aef4899a54d6f4ce8eb78e5b831d1a1cf170855133f485566d023634cc16712e6c8cf7ca2709073388a943eb424801d781567afc3a230e366354a142017fd8f4d0f18b9846a5b9124b912562737f6834456b55270d6e973120b875b1bde200ac80772e2376be04f944ad77b68947cbeb8d86659d78ffd273c07d8cb0faad4f9570f6a4a451794c092524e0306a1a3bc2ff2e187f8f764790fcf723cceae6d7737350b9d1b9d116f28f9368e1925db8487b99f505019ff9c798e706599d973c5f1862bb08f73f3b3804358577728753cb700efdd72255b65957129f7268fe27c16214dc717c484b109bbeebc169a4ec45ea24aa81f2b8b1251e1ca7616ff07ebcc273772e8dd3d868022b660cde9da95e48ade3ceead7efd8a3fa15f87fc591c550409a9c3895b9487d06db358117a780d21599386a03e3ebd6e020f939d2b5358fb531881e4380f5443ce70bb67f97d60fff6c59d2386c74724155004c96736f44db2958520d1214e053d9720eb0b2636349cd0f40e43c82555893caf483b43ca03326aad17b3ec13ed3746a1e252749a7f7d1857452718c00e1d56bcd656c1bfad96dbe8510a0bbf12c1174e7d7cd98d9e1e0d859f92abb43cd15cabe825c1d579177a83c3245dcc535de0c231671a6cec4b8b372632004b20a97a52a7bf253476016c2c5dd13b934780b03570be3d596f73fd1b4da8e835d240df10758493523a2406cd4adc3a61f464c0d7ffb3c2ad84eb06c3b1cbe778cff283b67cc6a23b627376e970e816da252e45e6d07d866d55c7c9f00cb3f955ed248d75b2565818d2a51382f62cc9abfd2c7d2821adb6b88e3825b4bda30f61b9d9f341e87a146da8999c130d6f6fb3bf0acd82d56b364efca2c6d4cd7637f171688a5888fef2ee05b03f4184817b52b9943d613065b35932b3f60cddfb1a215e02575d9f72a083b3390282b3d74bd2d365458eb3599a17750007b2d2c41d16466eddf66f8744e10081567965ef26f58cb739f127a7de9a3cd3ef0a80eb6064a51e6d8a962abf2ad73690a2cbe7c5539923af1bf663ee1715fdf96391d7e00b05834f5ea3e7f672640d8e9b2cbdd0e16b615a05ebf90c4cf28a7420cce656c8d159fe9a4ac4a449d9347b7ab6644c2ad02669ab2bb97ea32b40e69c45d57d87031c54d5c84d93a8ba1cde8d75bebcb444a93b28c477b5fa627bc53e0d087eaa7673427d300c7adeef012102f14423321719a7dc1b7d5e9e4ce48849920af9ae551f91cadbf2c13b57a6664f2f62fd075e25c09bd3010b14489937df7fc33fea55c828db8d83beafac4a34da44ed4f5df0cebdbf571dd2a07a79d626097a1e70e823690ff6e94ee8c90a852783f3122254dd8fc80296be787dd17564bc2d147c7fc867822c6a72e2cda68006bd6dff4e9cebc050dd0bc53fa8ef8dd6c9e4a8d471f0e08572b7239cadf1e64a6e9c97f3cc1dd2ccda7c74949072922e2dd8720db3c70c432baccf86646c0e384429b3aa26b21b300165319095646ba1acb7b06cd34a79106a50edf4a4976c436e8168c408b352c49305a6031bb8382c365ef38ff523b9b0ac57caef1f69480f1b486a720f374b4130f3bafec9f6c4d3ced8bcf2249acf24a3bdb9c012c3cef832a8e51fdd9b056248625f16032197720229b8eb2cec9a73f22c19deb95c1b2d0c496f3d16d3f14988433b4de8d1fef27d544e0837e30fa6396b8a7b39168ce495782ede7ab6a53f7b2c374b8a90de539ebbe4838ade3618c6f485c429bd12f9e63880ce10bc2a98e8e0c4a495c3b25e01d78f5d50f34960c27e8e7978ab7241ae15b77b39b77f94df0dce999cb4a3b80f8bb3dd61a91341541f5d7415e6ebf71d53cefec5edb833ea0a470b5953768e24a58e59c8933db25ac19008c726063789720a499082666f74596703f19efbfd1b4f8c6e485712f5ac89770b10a95364ea06405ef14f29a5aab9a4bc7a938914f672103ccb0ed19606d53c933244707b381a028c198e46fbdd2161e400f85f14cdaf2fe83b3170cdb0db0a1a32e1ae0d31bfddfc9467145feba7277b597e9b29368af3e5b05950215502212b4e0ad4f036a0866521debf2a23970ad760c2601fee8f2784fd0c8080313c688ff2f0e00eb59cc243a84b790919d208cd5e609d92bc2623d5973898b71ba68f70efca9ef74b5035802b0db2a07d941e08f24fd17bbbcc869f9ea3c6757d2ef598a322dc27ac21ad07bbf07215d81397db458a4aa82532d04dc72c70e59e5cec14b1da5a33fc23f32a4589e31abd200038f755fcd01c32467c3a7008d82698f615f4d7e96a99b242598b1a23ec72201d077ea3d7803d5c14f326fd925551793f082888cccd3eaa1c37eee73ed3fb3766d1f89ee61d32e887d6d7929eb14bcb15067c6c3cce953674379c8ef604d256df25d36b0ee46b254fd3204e18c1b7b59746e4a28eb671a0fd031dfc9b81141001eb2213dda3c8f293ab00f10363e8dd581c9a2eba92c7d4ae041f026fc8e291526bb08963e2376d87ee3043bf6b3632b0c229798ea9db2b6339a8888121fa57f47842eebd1b4c9a596c633ab4ec0c0810581f7f3367f3eaab015544e242a2b5797f2882757ae291a538e6f208380a5dd7c098588331e1a500e10af1c558c5620082d764385b0b8b80431e8ee9a5984c9978e36a96aae6d3ad7f33b904e7e5f53193c99890f8f54c90a4039e5c780bd09532ee699bf5d40b5ad9e1df317d5f9985995c9f17f073cc04e5ca2b9a99948b3f2df7fed6708f3d3117583d02130bb3ce07a4786a581d22a4bc8eae83a28d4a62f0ce26d0f8ebab84402349f3c27b5b7112da6eb6852982ddc812ef92a15651a3332f928e15becb7fac3947ece18449c25814fa438742f6bdea368fd01fa4edac854d5f9695a215691c5644a3aa135dae0a41c5a3c533cf111493f9aad7241c82428217def3bcd3007b4b2364d88317df701a7f9e22f71b6ea80dd5c5147e0a456b7008902b16a4d44d845ffc220a132a352135ea4057057b981aa2a8e1ff54d3f04d755c84ac400cac51d02f663ab7548cc8b5e552776c724c22fa2e8216db8dd4b5a6bf3c1aa3544c9475b4348ba3abdabd3912c028a558210651c4d0d94cad3673b6d3141467f6496ead4657ba95c43782f4cff3a2d5b96c88611629ab01c8c3df8ee2030a5f7b30d7b29bf6c3ab52e093a6a70d55009faa3eb59e453bbb649a9ba63cf53046b9cbb050c38ed9bc229bd216b0c0fd45a1563ed8f938ac9a4f3ec551c8d9beb62d59782c93a37683127ff05c4402baf2e8896a6e065a5faaa393acd07c146531d22f102e7abfe72508a4555fbaa7e64f7e016c4e864cb5db33799fd41265f6a51f8eab7d9ea8a5d176f5f5d4ebc8989d93049143cb3254bbd554afb0dfc56cba3e23209bc3a338f3cd16de0a91a91f06ac6fe605bd3c6e4a0f740cfb1cd93c226dc890053cd0378f5ab6572b20a1cdbfdc3a3e9daebe9162644432406af46629866312cbaa8933dace849bac12dea095ab14d85853dfa3540da8a1189eb6c65055ed258d49fc1edc94925b6f87d8509b047fce342aa7c658dd404a2e9c7c18afd980896f33fedec054c039b397afc2342b83f74aea581a19ea1a9aa98640fd2f5dfa9440ec04ec7ba1f4b72fa9e5fb6373bc08fccf21edd873e1a6c05430ad3e320bd35e3082b5d1bd7d016355a59743f9e41ea2d0d1108b593837e375787265fbb848592f0b9677344873e25c545cb390551d7b9c42955257c3558c698edd01b9ea4934eddf8f03c5171a527513947eced21dcb73e7c0bb364f2dbdfd4d7c1f81f8934bdd40534dba29f3ab1e13f4abcb7b9e5619badb7cfbcbbee8563746a20d609a3bbfb9d1bc98867a1d81c1f9e1c1a105baacaade06ca1bfaf830be1fac41fde508be8d96f8e1d55d876b1622399c78e7540f5fd7acb14a381baba17ca5e799f48368b54a72339a795defc52271d1dfd24e3f0c4a8bf7c8760dc7ab16b87d9a313ea2a4edde516d0e699c2816b79be55baa6a9705b53e80839a32b44577934a6fa4f392cc40b807884eceaa304ce970c172a46c3d196b58243d5885eb500eaa35e130a98e33262b4ee8a473be13bc3a904192dca5e6b6f9993bbb1a0b8a0d0982b11e12c6a7d1481f998e2380c68b2458508e4c89329671e79667db4467addf00978b5a0dc8608bafe764e49dfb20ed461a98931c87c759fe061114b9143976f83cfebf8c5172f19faab0eed4daa69ea3666d1474a711483659e2ee7c3805e23cc95ee59eab1ca9268ba14fc4cc1c2703a2452dd8a56cedd17960a73890022d7d232547ef3262087559bc796058df2636a342fa18afb766dbe35155eea8d5e4ab7cd872e61910937488eb6840c1cd56f2841e45f9fa86f386ad2063786ba4c172a5a788749a479aef0a73834f49f7627f994bbaeaaa80033524cae75a09cd72e0f470822d91daa50bbcec1aba17d406f51f394ac3784ec1d4d428a1a21b0e507b7c467e5746db6d294221b77e7f47160551d30ceb3988780974ca3c62b2d25f8389d2441d47b098d53c3bfe1e3d4bcb81d1689ce66600986f2460d74a99b4694776252f0a51d03a3c5a5b6dc8496957f2957f9311e315c87d09388ef08ec4f0d39145fd183abe2b9aab6c776c4a0a22aeb0b11ea1d4fb496724d91e6f45c4b073e1e3987b92cf6098ef8d5553030ca08397de00c4eafe21f1cc90031b6db97a61f65c14b7b13531835da54b36b04adb9f5827b679b1350b8ca5470a1482bfb35eb112b43edad0e37af1c3429c15e38b1582047e3426e480b59bacef2837e2ece5e74f962c1d45fa6025e9ec592be99fc12001bb0e255950b2d36803d338b1054597c4272914e55d2b71fd3e593e0069fbe5144c3395c75e075bf7662f11c9b6bbf9e4a04ca44011c6d71efa884b2394d127f6105e899fd5d52dc2274f2de880adb27bf6d00c924f8113971eeb07d345abd952cb15c14a6976f87567f8d652ec0911a7453ae32b35620c2db8557cb31d4162decf30aeaca5c10287b0de192a0bba390bbee60160aa31cc08761a8f330bca0c74002042eccd66a90446698c7a05dc81576a5237dc9ecba1bb65ddc10c5de1cf0bd0bbc9f96b8a664b21843b9286a4fd3ec562965a5b972ef50bd630aac256a3deea5aaac7a25ddb99fcd39f4361af3acaf3b1972f59d972140c48085e198f27e26745e38321deb27ad8952e0f951c9993e7d41fb8ced89e3ba8c5a18ea48a63ddbd22af076b0a4bd476aafdff730ea26d89e67b30b7697adf46b02673484f06b3cf4acda7763591be780455be038941aa23a1382fab91c2487c3f2334dda0e7fd3e6f1ece6724a9b53a39f9574ec2f157aa12f02e73ac97b0f3e63fed583edc1d927fc35c34a92c488f6b27db36a713a6fc16e04681e2fd00a5ee29e5abdc22d6f125e79acfce92a35310cef97b82f03b7f51f07d2827c217cc90d3e36c9a5b15694e68ff59a70430acf3a1b2dfef26cc230b7af59417f6ddb76c8f5e4137561bdf995de0c17f714d64519be11da33a3c597c2a0b6091ea30ecffe03fc6f98d3b8fdeafb820256a752f7a0282bf10eb3b9a187a14077e83feb088df09aeee43500c98092b447320a94f2a8455ed559c181b97f293825cce8e718c8e8814f61321a2afcafce652156a077e921259309f9ddfec8fc8089b1f7d17a4eef47f238afcb849fb88e17ef9c61bb5f0297974650e2653547bf9d821e80e793a635334d63d8b40d94f36cfa3fedf05aff5a851227c6a36bfd4220bc827", 0x1000}, {&(0x7f0000001a00)="bbad5e9d230585b6b51cafa5254fd2d6aa925e5719a6feb7361be366b08e5ae314a454d4bb50409c5af4209d290fa3e3c0ed7d42a0504c799d6165d4bd8528a7bef342cdf6fcd2b720b6969ea7bbd1969b187b421502e1fa08118e88e767f485a6ab29173a5d9c69f7720995319a7879e51b4850f88dc6ba4d84c2e1cf52f1865f638e1bbcf76311e59f6dcaa583", 0x8e}, {&(0x7f0000001ac0)="adac2c08b3a2f365c273682b8080d546ab90338673c65f94f15df6ca6110cfef374fc007d339de24d6586721b20fdcaca1811306e2c370b1a6ba15f81345b3841118b671d1d801c96180b9a28bbd4394b3dd512230d55bc08644ac98930b79ad71f6a2602307", 0x66}, {&(0x7f0000001b40)="b1afeaae0678f845af05f2c738de360ab3ca412b26999244ee08c1c53db46147def722647307b34b7a5b9689c4cc1e5bc598a1e987b232d696ac7ece416e10078cd0910f4e903bfeca9ad51f13a8ae478ead6428ac04dd6607e9c90ddd193802b4964495e5b641783b51343ae97bc9d6a331dbf736ed00289c65968c4e19911f342162c16e5ce580775db946f6c614f588f28dc2f4a3664e8a5b3fc77258a6fd964a8111124a5c9e04c70ba21183b5e433c0cc7d1b61f2e9", 0xb8}, {&(0x7f0000001c00)="039dd1bf26dc8ee2ca424f96e8c58a4fe582f2fe4a40ce969bb4929cbc8dbdad1f5cd8772f2ab9c680f34f62725468c30ada03463c812a09cd101230ea50f66dba2369dd1d54d21e2421948ea38517440fee0356e3cd1bb6694119d229e44ce5df5700e6d22a31e2e51a1b18b6ceebc10ac1c696df40a413d7559c8028b08881e9de40c5f67daea71a24ea0566", 0x8d}], 0x6, 0xc9, 0x9) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000005c0)=ANY=[@ANYBLOB="1100000a0300000007000000df1c2d4756ee0c69bc9cd23ca90ba149c14b0000ee0000000000fcffffff000000020031699c90f5c4b810fa3a91c409fdcdae4a36777a55e907d23b833db0d22096df70eb99253110c5cf2d052c6b945e11d6d7e7d5c13f6534e0a6c70c4b5a03533f23eeebb1306dd6d2"]) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x0, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x40, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 750.376128][T10107] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2087/file0 supports timestamps until 2038 (0x7fffffff) [ 750.404886][T10110] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2133/file0 supports timestamps until 2038 (0x7fffffff) 05:40:02 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c020425ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:02 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xff01000000000000, 0x0, 0x101) [ 750.536135][T10425] loop5: detected capacity change from 0 to 131456 05:40:02 executing program 2: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(&(0x7f0000000380)='./bus\x00', 0x118) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xfd14) fallocate(r1, 0x100000003, 0x0, 0xc7e2) [ 750.608125][T10425] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2088/file0 supports timestamps until 2038 (0x7fffffff) [ 750.611199][T10568] loop4: detected capacity change from 0 to 131456 05:40:02 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce002e000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:02 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xffffff7f00000000, 0x0, 0x101) 05:40:02 executing program 0: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0025000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 750.650785][T10568] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2134/file0 supports timestamps until 2038 (0x7fffffff) [ 750.689834][T10647] loop0: detected capacity change from 0 to 131456 05:40:02 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xffffffff00000000, 0x0, 0x101) [ 750.727122][T10774] loop5: detected capacity change from 0 to 131456 05:40:02 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c060425ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 750.769683][T10647] ext4 filesystem being mounted at /root/syzkaller-testdir427880889/syzkaller.htR0Ze/2343/file0 supports timestamps until 2038 (0x7fffffff) 05:40:02 executing program 2: ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'}) sendmsg$NL80211_CMD_SET_PMK(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x54, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x20, 0x2a}}}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "492a2156464971d3ec947b917365910f"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}]}, 0x54}, 0x1, 0x0, 0x0, 0x200000d4}, 0x4000084) ioctl$LOOP_SET_FD(r0, 0x4c00, r0) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r0) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r1, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x44010}, 0x24000840) sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x54, r1, 0x2, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x40}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x7fff}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x8000}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xffffffff}]}, 0x54}, 0x1, 0x0, 0x0, 0xc080}, 0x80) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000400)={0x0, r0, 0x4, 0x1, 0xe4, 0x2632}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000000440)={0x0, 0x0, "88c13833dd079ce569ea553cc5c03ade4cd9656287e5ea38162777f05d6a1595dea3724c2709a7e13687b30e87bc618a5a95ff90a62829c9c022fcc90f15291f08c97ccbd8ed0fc3f9f0dd779f59a31d2a85d5d34ff90fa779600e1ee9a8a114b86a87b48d322d9e82d5f7c1cb7a05fac23cf8ab896472717fc1c6d17869b54354aba0483688af13befb8b48b3b49e2d5ee05dd523ebfa597b477b785a97958703c26f3511e7737696f807071b1b82c5e1933c338efaf8bc4d497a310a55a5d7769bf29b06ec2bdd1a00ebb90044444245349c215a113e975b5eaf9b2f162ae8db36169bc9eeea8ce818783a7b962931d4205404c6f93f4a5da82f4af490723a", "cb69a2d07fdd4acb0cc10763ed5baed247e8538705249209ec516922f455a380d4dd4cbd40b2f4593277141bd44b9d6c09d6b06a274d76a73a211d6e88c4802a163b03d3c9fff2874ea100bf11dd03cab632a4832e5ee794bfd965e8734c14fa1003298195e1edc8403435590ce18026b6c5a8a1c4661277d3c094572b69dc9e4f624735ce61c531d1698fdf697d202299b39bf3ca45389043835e38abac4851b02836114d69eb882715675665a4caf1255a356a8a03256cc25dd89fb0a887574dc642e21353725b8a4cfff4edea234f4600e7d09ee751813be4d827d0f30a2ce5fba987397a927100dd75b16e18b0c75e063543156f22341ff1c55fe18f13d72a0538a4f2c27ca2cfbbab6e7c1aea2a055b9e8171ec11d3424e79710d6bcbbe5102906404085547925890ebba727fd48d098eaae0b3a345ce04619fcb5563cfeab7aea88247be70539a95d475834799bb791ed270dbcd28eba0380147d31536a8bdce89ec18b423597f1443344db27682f5ee6198bd59dd25ab49ca37af54cc4ec06c89d84b1a20fe8f221eb1c1696c45788c10f5f05d8f41e792afe833f9ebfb87c25eecbb23b0309d277b6231811ba1aa37de8bad770a71d0b77b0ed02c7f7f5787d3ed5ffae6373c62d261eca032e0b239b462d51943d4f4014349988a6c86cfb0fb8f99729935ef820585b051e04fd0f5020381f50bcc9772fcb43188e6d8467aabd90e7629503b748a4075cc466625fef5f13b3cadac246182e4170d8631f1877b9c71d7cbd38692bcb74208ed19624028bf63b7f176a98278c7f1891a9e7cf31a93f82bddc0642d9273ebaa6796e3f6f9062b770965e40dcffe81f712025d4a9eafbaa6d9eaf203265df6a55d1ffb44d4ae7f22a074c3a20899d8ce8654ceb32e138c168b543ac61e16d51c5da3ff2b94d64ff354421cfeabe332eb7fa8484b550fe777ab3042a6a48cecfdb01e9f0af0bdd34fe28995859bc8762b911fca2bcdc07976b83ea629c35c8ef7e24427f94c39ffd7cda7cb938e3c3d8bf09527e707152707ebac64d46bc069bb241f22c27b40c72ab61d93282eb2ce02020886e2436bef091d2034edd8a17e22ad400db104afff7a388729db2432c8cc1a0da90812486497c7f9ab194f6c0867548719c22563edf313afacad63b0c16fede8c2ea7aa252d5b8cfeb5bf19177b8e721d3c0098ab62d4bcf85c30f2286c3d56dcf87e9bb82cd46c5105289eae9acfc6da1debb8bc18ee9286464119229b5f760af5f49dc04c7b5f904ae5d7b18ad5c90e37993e2b6d2e48fb6d991747aa4061551a8addb95c047efd7f0732e2acba6f9c71bbb31dd10624c6944ee77a222a66dec29f70871f7a9629dd9bae87aedae870d2cc48a19579c6388716073b05a45a3b1b1d298541fd55dc9ea4550a5aad0682238dcf773b748d23f13bc9eba55b6abe181af3664785a53440f8a5f34e9a4ac40646ef0e3f97aedd7affba8cefda205c8e09e64a9e5b175eafc3c10d2faadcc465d6be862a76cbbfaef62e8f774ee24371451bfd586280231b2331402a1bebedec5eefb975da15042e80f22195d902e9b7e991700e07e8643100484eecd2afb6bc47925f82f7a6b279236a1f76fdeeef51c7a2d628c626fba201b549a17cf59a0d71fac93f53d5f7b7d764e04334bd984fe0d8c0e949348bd484d7d1fe13be90c4baed9529f252bfca7eff5253cce044365cb76d7b7fb55508fa1e51d0042a1b2c0d8772b126c6c04a67293b701427d3a3c4050a0a4acd62aa788368f0efd44ce4588228ca961f15c74cd783b255318b47748c46f1fe78a79e3a0a89c6a7356b6d13e83854601f0d9dfd7018bc5096fd80d25e7679c3821169b0c899fb142caff141a9d3b778d7d0979397a9bc290d4b44d7393ef4e54d08f66b0cca41c9310e6b25519e98ca4bc2b5f64011604aa44a12131dd05b57ed63d1a8a8e45c79e9edf9f2d98913967a7616742cc5109dbd3037e0dddbcbf29268477ff3e094cf6f7b01b7f6821753c0e1d1ed1ddc388ff91441b7a71814cc529ba6d0eed06ec541e998d88c3ba5963190ccd6ad441f44f0a71f50631a69965357e8691d8a222aa70e3fff08d05c0df5fb96221cb9a1460f101fb9ddc3ee00b711b61218a40139125f7cd1ff723853462b0bc1b02da95234fec7c211ee2d39839e2cfa3f844e11e1a346fa825d5d26b51ce675b43cb42d86080aedaaf7a2fa89fc994c852ef394d179b9c983e3e03ffc192770ebde4e454f37bd1ad6ebd11d457674ec9de256b2bb20d9145e64a372194e34c056a225bc8759196e9b99144dfe9cbb6be98ebbbb1eba90f1215d780a2558539c2588be8cd667e7d03d77e43af51a49e7815c7fed621316e667085297b2415e760f7b3f7702e0c02da55ef4a786dc05132d37f8247de57321712cf239c0711c98f284b971aef9d33a589a338e0a729115259a26bf0bbcfea1aff6120058cc7b42889478010a08c5d2d531a67309a80d4b6bbe3696e01c920a731d27b3f87ee91af25be8bec1523045a2d8bb6cef1abfe393be4167f309a9b5573bd07fe94e0d1c5c83413e5628000e680ddd027bce0704c78430de48a21582505c1e69bad463c277f5331b78753dbed38e3eada2a681aad9dcce129233803f339171f0230cc35c704047984df2a5555b40532c29a7784f5a1d596b27f47cf196f009334b9c9a3b7495ef52a89f8cef679b10fa1b9f192c3610acdb2cc7b991b3f4e0cc0b8cadd1913d757d38a6fa40255bfd9f90b8ac5b40413470757e1621bc4e19306a3cc255248d729c7e8ff88101cc74df9d9219b57d5efe935f98fcbcc37c20be0420e6cdea3627d3ff339dcc8d7bf8a468904c6f331d63e77c1bb0cc64ec956764db851b17944e2fbb21c4392297d97a5faf4fc7eb61212aa85a3abc71487efcfdabf16d27a303320f025a1ccfb0d223c7c1b72a967eadf83c861708deb41bc30e01e013ce78ca3ffe585bf3563e6cd57b70f67c76893e457ae5472d211be174d8ae6841d8832f031169f5921d50cb059e5006f2d0be52293b94fd37a2a8671839102d3c7c0e4aef7322d227f949ea932fe4d91f5a783ab0cc526900d357cb1d13431ff4fa7465ec12d9e2907d9502364280793bc3f7f030ae01bb48b4c8de06edd578f30d65fdcbc98edca1cac08c17cd2598bbd3e04891470f7129ee79d69a37f13e3f4e3bdbc50b37793a24a7a725c84e18681a5a2389e70629f4d4d003aae5c7164bda628466c84c39662b59841c3369eea2530fc8bc152e53356614d199fb6c48425ca4d2c0247b848356b4d6896f9ec116f75e620eeefdb40a02e1c12af033143fcf1e7fb7f0f268ec4a8527256b0b5d4bd1f51fba4c9062df007df25544648bf8d85f37ffa7ab2afa05ec78c09f88920bf019eb120ccb1f4cddfdc0b4439b6c638611ecb8413b9355357fbae2d63024f4b0acec838188b5227417b3a57793a751148d93a3260a114c9f02056db3a4fdf9c1b896f81fa3191621ff85354305dce98c0b804e234357169917e507be5614c31066c125b036806391c3f3c7a467511d41c332e130d3fee8b4ff73e239411d645feb16f89cc4d92d2f1573b2a2762fb9a59fd75c30d1564f50c27fa4539212569d1ed2f9d4de6de5a43489fe5905cf133fd5ac373c1dbf6501dae47f3c0521c5914b382269112847ff8762daaa565cab5d2f2251327cca31860b8639cb4ca2574d22f5fbc3b1cecdd8dfec8bf0f02674e01024cadc10c99576d9f841f4843c7759f979e059d267ac3274e9767c80e5b9bef35bfa2456d7eefdb02198860ac602d2341a194e684472195142b8e4b653e37d8aeceaebed8c0b60d0ed2f166e001dda42d30e887d3742588086de1c2be6c67cf0bbb86205352676fcf513855a08ad97ee34cbe3107b09cef0201e17eb9290d15b464448825e89bd7c6723ac8d86bb958c840f4399e4d230801c8735493617e8b5d729d27f5546b2315bb6331bb1e3b1a5c0856dfc2a0b083ec95d89dc951fcc9adaac88b17038b6305c5713f1c1a3037866f346ad379dded8752c707a447ff17d104369d24b5cffa6ad3b28c2ce670570b919576c719f0199a67bf0d1888cc9c189ce47fd27ea276cec2ff5ef927974a8dc39f93f463fba4873e3be3cc6891c3cc9ae5bee65be61090e49053da7ed1811023af7e860eac0cedb21cbaa3a852151fc0b1bb7548ef73076bdc4320225d88d35397b4ecc8c79633621939266e86d12427ab9b3673d3ec1412656ae37e6e06802c8738142132447a148bef1bd9ecf849685f77675b08979d3064e3cd0533dbdeed7dd0db4d2a16121deb743de9b49392faa0954e683e435fdd03c233307d07fbdf6cceb95774647669ecc10053def41f3f3c8c502b312fd3677b3ae9fa5869db09ae3191511fca9f800be651f1366465997c74595fc9d52caae6d9dde946b1865ad08330f7a6273694fb1488c7406ecdce9fabdbbd251713e0a1e033825abaccb6e9ca5e2cc2ea15b4535c502d24f20e00847b894580aaec7bfe8eff267c4546f22cf84366535d3e3a8af61e8f50c4a6244b7b219e6f656f8a66e7df187b8174dbfbcea852d5ee3cc77adeab6e2460d58114a44e4336661a53ab5c009b0e1e6f29c5d116fa9b21847cda74c67e6ea3c62371f5b604fc345d0374375049fc2d99de4ee4bf88f11cc22c7cca2204dde2aa8cac5590915b38e90384cc761a8ee1c37b82740a73f046b140a0c22f9bff89c28100c02120c744b6afbe8c4bdad1c240dd70443cec1b3430b4e53463f6100ccd2091d41a2c29e63dda48e4520a49ffa459d31bc17c67ca9e9fff793a5c75a4242381c6d89c1abce29ac6b633c3e19c7623ad614b8c4012adec7d6a32304b0764954101cde990c8b086f46f768065ab61426b58f4673207fcb382a2d6ff3d4e497c8f51ad1360bd31f1c7b6dc8ee65b553c9a139512b709cd2e987f6facb5931e585bcd4d4ac8a4b03c26740642b9b1237415090749e8bda5563778c4925fdab855e7ab2cfc0b2b0614d0b4f297ff7ec675a1f8046310eae67abe18e0a25e1ced4b99c32caefcf9879e709cec7f8db1354141981d58278f9b023daa3bfcecb2096e17b9e8dd60055817ab83409da280b54ab915e253644158419eda6538d21b2aa055d8a04583b9659598b33997d2effa4af06d2244423b04294f86cd069ddbfa45ef2183ffc0c6a8a16233a9b863708390f23a1e4d009025ce5bc60a11b701dcb3b0fe8d7dbb137a282767658a99261113c6d353edb42f49bc6d4560ade4ca44deb6c4b7be3c5fb2e28c608c1cb0c4a81a00bf48543a97512c064f7d1dfcb32af5e875d0bb2acbea6e0fcb01c966824a0823b9fa1035dd59049976a22b35c7b2a8f09f4e87f3d438a3e5379e41d7a5cde54d"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000001440)={0x0, ""/256, 0x0, 0x0}) [ 750.813700][T10774] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2089/file0 supports timestamps until 2038 (0x7fffffff) [ 750.837135][T10851] loop4: detected capacity change from 0 to 131456 ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000001640)={0x0, 0x0, "5bdbce402db384fee481338b7101af4069a3273f7019df88c245cd79ef2362656bf979841460926146e5e15fbab8177a7c7ba79f81fe7d7c2b3e89f5c5a15be761577cb9f99574467107486391cfa94126f28351135be591b740e45ba7a0dbd4f8de4df8edeaa8b2ecc8605c8b5d76976747a3e7e0007cd4f10a91a0bf50a9ac892418fa78411f89daffb15cc7bc01c0d4e82ae1d85b63101d3117e339125fba73d7d857340110cdd7b868d941fc4cd1cb178b09f1a28ad8e5644d730ff707d6960a1d01e506818fef87ba46bb36db8f21215c36fa3d723d8b3b2e46e77c2a9fb1e33d2587d54e7c96ae0dccd14ae6ef422c52b7668cdfa74d75e776835ec4c3", "53ecd8c410649919be23cfa524d3b0c37a6c2abeb004f951e87e09012e06df441f43d32ac96f3c03e65a91827e53b7933cb0c35c8be9e5567e4c3a45c8afbebd3fbcda260d182e7b3331c28d0df0d06e36a1d7f5799e89b2cba42e7229f670ab983367c027e9f9dfbfc0df72f7fe98342598326e61178160139622306592b13710092543b7d81b59186ec5ee85a6ce14397d7701e6317c62e5067f20724465da65ff265cf436ec8cdeed4bca60962688d6e4b1bd2347ffdfcf3ecc9573e3dede5f5cdf56ba21a2d292d4bddcd11b75c1e1b9a343e141d1131bd2d8e7a0383c221c7e4f78098eb7417ec40479dec9a6cbb3f542ff1a6705bed8cd9bb0683a4a500cb276c1bd00510e5e19af938c75adc7e7a274cc9849087e505d65a74af1b8feee8cec8408179404402cc165a8d119d107b6b69dab3ebc9ea117b6b555763dd0d553b360954ceb6271895e1aa8fbf9a34d1c109968ef5e8db9797adde9e9bf109be925d5dafbd21424cc546edbcd1daf1cb213ef826cb772cee22345def0771c49852a94b547f9e11bccad9dade13951b90e87a16ff661111fb9c9ad4fdc23880ecff2bd73ee79dff3b4afc04664c7b7eec1e4b713341a47347ec91fc23fe31e75c18d64a9eca75c6a2db563fcba86c6bf5fd9b448c5b34292e37e6a65f6336f3923d82c1ee0f32ddad7d499bc88631dfb78e25f953ba69b7b9124beecb6a1feffb5050fd7d2cfdeffd41a6d7c80c65441af3d4fa7214dc51e5520852a9693aeacee2303bb1f044e3a8739f5c86c4deff82cfe29104445dbebbd5660168c0e3e58dd0533335a4b8970ebfea5f781c8f53661325aae0b3362e6cf4d211e80434d9025e021fe02091db1891f9fb09aac397dc6a8d6dad34dba922ece8275bb113df3f0dddc5ebf709dcd5f64a1999584b4cd0de2b57d9a9d772d5512754c6c9e790e933594b99d719542e147d79e204a5929e5c46b5cfca045842226d9b6b71060eb55810ba10c13d90814f1c01d5b7308b6a730ee7c2b4dbbf28d5d1af6aef296d0e4a2908d631eccb058d10310340a6dedb124bf5e9b42d8345af746dd2263c81c21d4d69581c88588c65b8454123e77e2b1722957d6b19e1dcc6a8e505b5f25b02105f87049f3e099db32f1a09f577467503205458d331f21136fd92e048e6a6d47a408b8c786c3a0f0363429bd57c1339add1f9a381824560c9c67df41d1d5a8ad23ef5aff1a927b9563d997cb482bef05f1786a07805a7a1630699069989bc6694bb1ed6fd78de6549376538f8c19f3a98d891b1b5e11b58314ba17d6655907816d780269fc0e008b70ba714610eb951e2d9d84182a2b0fbdbe31c15e30e6434fba9e662f11c511d89102a6d4662c13fe440478587fe1bc2b59cfb19578bd8ee13be535750c68879f2a0bfb2fffaca558861286ef743d857a0521df34bc193cdf6f98add87b368de31a3daaa5d9518901d8e80ab0c8fc0351e51ec43831b33970151c15ff331cccd2306749d6211e858ad54ebd248b86c3184597e8d30f9097407d51e639bb0ef7f5ac2b62912189e24fa739435e630154c4af23ebcbbb577639aab4f26a1718f9717918e7a5951384e5fcca11a8c538e89b1a8d702a7af41a1308ad986f55bbe1b30cf9d6de5891c7c4925bf6324bc34b3db4a90262cde4f6f8ddc0e367a4cffdb3290b3be0cb9cbb3adb1b8336cce2de4ead8e3bb593a011753f2ca08e35dcb42e5c6fcb6e98adaceb259572b4e9a4f3e05b06bdb8115a1cf1dba3c4e8f64d4121cdf265354946ca7097b97fd2ed39be9a1577779aa80d40daed40aff884b71fcd52a4412a8de5fe004bcb954e1dff58b4bdd1f4ba06c4a60b0c79f51e8ad010f51203793840e85a695e924762ba25a92aec26153c6df203271a63b2dcf03cde951b56ccf340fd42bcffdbec2812ef68ee3c8a4dc55a3eabb7263cba0be4ebc8b049043629439e09e963018ba30934e464ffca7346cb46358ade6c1405895f141a8dbb2dc89fe1454c184e3acb8e77ce518c3afe6448c6d86bcd4a237cf6ebb48272de665a24017fd41877f9fb8cfbdb991a094d0db57449df2a361b9dc848784128445a83e083a503eeaa3320e8aff2e598ecd863095e17f79d12044a41d0f88657af9649d20503aa7af6bf22faabd055dbe4c9cb8f51c737e999227be1eec52e5586be87853e2c6e787158da239474ddfe14027210d035b99fb2fba6132fd8e9b663a55be719c2eb0f85d174ff47fc6ac4c398f2f5cec9964e940853cb42c4d435e85515e8134a893aa152261a76b7e3b6fb8a880c7cddb155acb3675f9fd3832ce62f2717e33f839f30ed8308e73daece0d3c67dc7c0e1f057800bec0d50614cb49a0956550d00bd89c91a08b4c7759b2768e3d583722c29dfe87f5da856d7b7ceecc20ee2b1680a410a9867e4ab063a55da922b29b3a29880ae21014856d54b202afe2203a5a46aa3bdfe0d6b0e392cf996fd478fa96aeb0861989dcca63ffde6ecb31f5d022aa5293454f0d8c0ead305a12632ec9fee06a5d5e64f1f75efa6117c595674b8ca3536dcfee5ec03c73bd903b512896b46b9a18008eb6d8c2d04cca829a20bdbc5b4e1266e44b070f33f0741bb7b6040a9d8fd36dc7c14068c95d2af8e138bf3f604fcd67f58d89dcda4bad82fe2328ee37c9e999d6de39430988f826186e0b7d287ceafad167b854905421a135ebbdee4cfd954e775419dc4fb148457c4f37e56db14ddbbbe46afff33ae1850e876878eb6e8a7881dc69e293b07e6acf3a9af4219e89279ae44274aa05cab4265e99e23cbd5f1c8d7247fbf967dc86ecc0bb849e2b13aeeb45f8e96d1e26487a2956c438b3be406840eacb714efd610eb6bd47aefdea52a801ab1bf03addd313f7ce3bf0f475103b3bc10e818b97b43664ad9d16586459ea5fcc917904ae247b09b12ab6da6f0b9836d70265b818131cd5ce9aa216ce39e83ea9be5bbd252e8bf838b45a6e525ca7b5438e66e386beedbcb9ae84944ff56773929644ae26f5883300f729fa724949e353b831610a35073c4f9667a922c4bd6a5216421d8a6b36e8a3c41dda78910e003fa20bf3fa7d894faea9fed1ce094ebe5183a113493a3b4b19cd3301b9a1a7fea83e34dc90f76d21d1f1b28cc0b192f8934d988e3b06764c184c49ce52f18639b7c5a09035f1cb0a9e1d826daae32575aff5c907a4436368ceda8a172cd26ec04c0db5b6bfbcadcbf9619dd4445ecbb5b7447de8dc3bb946d980e4ad85e02c2e6e2698de06fdc23f0e4ee0019efc8f86eb25b4de35b967d19fd725213a756e70cc21437bb39145b563f7d4f1b950e1481a69d1fe27ed8c176b7d4a292f5716b3a1a89dca8856235c1be207edb3a26a34c4f1bec1f5eaecb7ba9a19e2f3b3e75fd18df75b74bb5dd3bfa34b96ca61a80920c675c29d5b5d9ef0bb317fa9b07b962d22630ca0258cf4a5ff1230405ddc150f73927f0fb1338e594c39d13f96cb8f271ae1cc0b2b72fa8b7a1d0169ae2e30da838ae25e8e1a961009bb9c25978fcb3b9dd591b4537581ca40c834c923583f8e481ac2326add89f9ea1a17bc21373e52ffa6124c20939a4e3b8bd7f2e8b6d9bf4048973bce431643e4cf284cc63b34974bf5fc52ac76543afb1e6ed41fc56fa2182c62932c5b5b224b0b3f1e2c6ed782e58d9065227922563e0239cf25ba675a3a3f6ac32eba9c7a9baa93312290cc138cb8cf5f36a44a5e1a7a357bd858c1cf91e37a9d9b4ef1980cd67dfeefdd2c43457c55762b4f9a54d0f37e3cdd13b4f04a91a680f0c40ffd757dbaa162987f0b857e8dd6b9312c3893d1ffb992ee245488e0883a2c1ec4a9ff6d658ce81220a37656193efd6ded3cdee189c7a7095e266bc907c1935f72f2b474904bb29282e80ce4941766cb692d77b2dd60e302e2e27ebb60fceb3c1945e71b41c5d72397e1993b143fbcb98c33f7bbe9210be088c2f412f04c886cac68823d44799ae65f17f41cd88ea9ef1507f57190dadfbecf8230d93003c8f88ea083c971605b597d3443a961545e37f978a4b8b52343a21dcc4bec31d4c88b47fce1552f0c3ee606740ff0ff2671f9b4fd1770eff2fdd748109174940a197c7dca43c70016a706c7e76770e9775fdb5c3f780d75798e76c951f723b20eddfdef7179f12ef3aa4de0d533c54537c6a52806d266370a83abb3e9dd84a67b62d09ca983bc0157cf458fcdf25368de5d8839a6b0ed2107f71dd61162374c042ab4288856c1d43cae06dbeb1dc73dc31f671e163d4a3ff1f4bcb2495ece81f07505bb255ff75b8ddc792f05458b5c8589dfe11858175b9ea2ed330b74194ac6734a13d86cc9fb7fed9a07a3a3c01e1bbf82f7278584a6f3a7cac1e2a2d67a67a840ff1fc29296276aaafa6d57c18e83784ac2ce69b89294b89ae7c54f06dccb31e830e493bc75d75a81f51d735e39526762d98388b94817c217a546bca72ccd6a873d98cd3fbdb52d326e93058dc741806eb678e9b29c1fdb16a9e014ca0316d3bbfda74ab82ba2e865f8aedf8889d488ff542d74b3c154ad11a71a159e8973f16220c4b16698599a4fbf3fa1ade3dc1fac2fb624b937d9b0911420b06cf0042c4f20467d2eec11e523601b8eb8ad7753c508f87bd4fdb14f63f6267dc3482d882e659494f7eca18973c738c8eca43a21a13e4ff75eb0ed7b00ceb8e5cdc588a34d88e085bda444b0c290aa618d5748346087f2baf690a2894cc0736dab82b27a3275ab9b16cf59852ab3cdc737eee132126e77d1a0f37a294c8d7828b7be7abf9190aae9aa7d69b7507c810164459985be1b27a07cde80b7e343ea3063aac1be14cb5cc0cc32e2fd222f9a639535d6bd7f8f330a5e199c73fcb49e6d3590903a0e0f3a415a12f879594bec8a751e624dcc34a26000db6e450631449b105c515fd0fc3582a3bfff3ab485b70b14c4fb6da5603834a0589631e35f50b436b7fd589c77727e24cfdfe077797c919ae450df898e9953f3a87a87ae75583f40c68b75423682eaa9c7a7ff2f382aebc2fa0fd3b03538fbcb026f4d3d5da5bc6e67070bbe4ac10bf8b580330bcec00b4dac2311ddf339cea7c59b6187d4f3e1ae9182fc5ce8ddb38e323fa96537de3bab6ea1199949b2f6db07c3153873129c482763e6ee38cd6e2d2dcff45951d203853c475aa1a9e9c245492057eb5bf09a4c2ab9e3999688f09bfccc1bbf87e7ab4e7f6a44b53b50e067c0daadbf05d170defcde16bd9e52c5a18683476d6a0c60fcb908dafddd79f2d4efca93601e9af26741504a7eb1c75fd5d836f03b23a5a2d462c4b4395384efcbbb8217e0fb425e37e12e82ab3e2e77f25686c89f7665de7b78386b0f1461251a44aaf689588d4695b0b70cdc31d9517f9590df805c54e0c8154f8ac970ab"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000002640)={0x2, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0xe, "f7e2734d051396"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000003640)={0x0, 0x0, "ccf319cff2f75200e13d03adccf055e058b81fc67fffc443c9333e8840a3c0707cd210642437d72987b968846f744df4fe62b23d8fe02a1167788a38e9f97963f09020045ec83e5af4a229c94ff29dc8bcb042a7f8960d7da1e28a7029daf5929dae6d518bafce37498ca5eebcc07cf7920b8a12f5bfb19c0f3723192fda6aa39376545f8b054fe282c0431b2c7fe89719acb62dea602749d5d921a282512f82ab48f605c3b49f26f9f821c21bd9a5bae1f0240d4cb2b112911330a127c75321ffeb9e95748a40f6228b14f9e044acc60ab7fc81a666353c2546506e7b5b1a7961ca9f151844194436d15832ad8deee603b94bfd2f7f4534d1c225cc8d7ebe1c", "36d3a971e1f31feaf8729d7cafecec9ec9d2ab7a59eb6e16188dc6c5da5b5531736205b235085d069ed8f609c33fb1e42e915c35df311a72a0acf80d75861281d3694f0f5c1c7eca6b0e3fc29ade6d3b9c41a9cc7009d8ae462854f476a7bc23bf2a011d79fff9fbc4612598999aa0a1f92a46f0f58e8dc728d5172ffa88886fef87a8156b76dd36e9298ada7577eda94876e85d512eabfb529a19a833247961e74ca5d8b55995bda7c50f89356403085c825e2e12e80f08eaf73b6b5aa6324ec421745211fddf6bae6c86684445320b29cf859a02bf9a1da1ea3681cda77324b51dbc4a0728462940097d016de206b58cafa79e24100f15576ef9482130e73ab0b647c48da9bca88869d8a1bf8450ca1d7bb4c825308e60565f95be2a4a195d8812fbdb624285a35d8744beb328a7f8f08ec4b5083ff1bdac6ca292e9bb21253233a5f3cba5f8db4bb3584a4730a9115071a1d97079d621bbcd3bf58f8ef83d2d9394aaaeae0d857b377e344d2fc783a3beef44e6ac3e813c672295146bab05c531026f77aff611379d230b2d5c3bc6fecfb2b97de300151fe2a3edcb0597f20810b44351f358754b4438e264e466215a7d5a227a98e406e781bba126e4d154930c5195779e8dfdc5aa7333fd6631444384d210614920f89a89d62afcba9a91972f1f681dc202b64920d2cd9a795da00f15440520e149e8ac923800adb6d90c78414ece971c31d1303114b3291254f48662685a56a1da5ed04fbcf9a0ab23e63ea8bbaaeab14487409a0c5cc8e2469a03ee473800a892f31fb9a1be1f7dc8bc1034a708ebd998236a395a8996a3061f54b178d9c48ecac468c97274ae8a51dfe5f9e283cd9064ce93584aeae27b2cc110d80eed951cc4261242fd5990a2613ae6a871254d44b2dc593271e6d4c650d9962166e1a0922197bd2faa99923fde0f304edf0fd6fbad6b235ea53dcc38403433b2dc254d29a29e9e9f39af8a2108264c5b9ad3217394a8680d19543bc785cb7ed9fc47230466b6d3ddda6ebc86d520ccec993d873f7f0a2224644ca1e964e2077f8c7096c9bd545063c805f214db44edb4edf95fb69ff1aebb1b6e64b0be358fd76f61b7a7251bc86c9c6f5a5b601915fbb57957350c89ca56b7003fd2b64db5c442bd6a85cee671761cd9043c07fbb7bf394f6047d2d3fc9dbb0fa12632546bb8d3cb18fbeff09263817cb97dddb7d59c7606828036522e416b32f8ff556f5a9ac108b35bf0ba2e29177435fbd8b5d30cb4702f1bc022ad5700b081379a51c8ab5d79643e015e49fcc45ba1f6ec820d3b143186986d6c4b157af1c93c512e80d1284f89ac1c68395e5434ccc4766ec7c75c8ad35aaf1dd51cd486de51a4abe53b9f817f5ff4d0108aa22ec0e7cc4afc804974f61a169d53f6e908cbf74cd4f07fa5162087549fedc5112f5139db6df2bcc2de64ee3e099988462dea593535c247d7689244bd86726a5c425236045241e16ce7ff45a5ebc63ba09ad58ba0a39de80c17c3782da712a181b3bbd9644d7cd42c60806c3b18064344b65361dd1611fcc55a31a9307e65359e68c57a33ab96ba876be84acc1f21a616aa8e0d7264193df7cca75ddf06a2ea3a0cdd1be593171645acb9f7e330553b85e0577b96dba41b44b419c10ee0dc4f15202e49f3ab866fb44953fd626b98a3855afea71641348615d9bf515cd636be8a297c1b1b36276254f6dfed7bb0c1834936b0f8858647d6b4f2a79881c15fd37565293f8b8b535660edc5323c4e02827077f510c1636c6262e90618b2d3cdfe8f7b47a9067c23cf8f7c12cdf377fe9203de68926d0f1fcfe11008068ddca8d237d14ef27f81905c1bf9db26ec25938cbe980ad701832c3e2890ec66fb78c8a0a95c20abab6c8f3725935642824fcb77ed229d1fbb6bcd0945c2293ec18b7bcf4936cb2fa6cacbfef62510d09bdf3a81a4021984afc282061b3e120d65958bbe157106ee27885fcfb74e02b4e6a95d5aeb79df94689b585ad4af3288de55a771158a1c5e774e9bdd6aa4fcec940b7e975eb647619e5f63593acd4442edf4cf191f3ed8db5eebdeab8c985af6a48b17a1f08328d18a76d0e96b0751cfa7aadad8f87e3188ae5992fb47e40d68bb2e186083f79dc3915436b1cfc52bc791854ac7dd116ee193cf9e8194e9817485fde948f059b799d7864e4c1e18282e362cd652c7cfa2df0035d77c5ab56bb72463f97d591622f39e64bd30de9a59d0f7fdaf36bb7f7fd722fd0475b31faa03044f6eb2a875536d809beb354e461aaae26f14dda73e5c798cad2790e7a9b167475a14c2fc348f00646812a3668869ce570e4996c3f7381dd6f1a4efee1b83b7f92bd12c58eafca692c5706be67bc62f5bf94ade0ea75243e1e56f84ba541c6da0e598eb2869ebf975884a61389c4e2c6af9411c0024307a0d351aeac4221711620e9be6c4ae4c4b407829d57734f539fc467652adce9f0d65a18c169624ff3500fce560b850f9c7645274d6b060a51c49977d2e81b240916f17c3eafa23c38e332929cf22dbb88423c755b35a543bde4abbbc73716c74d3d0ffe9a342fe05a4dff7b01f8877c82865470b8b6e024dec7984366ee28256ae7ef1ba1e1da4cd951ef97f1faeb18f413a8e60675eba385dd6d24dfd2df01e59eaa36b7ab260140e22e00217bb10d0c988ac7d08a0f0af3e44f02d4b934a270e82f5c52d9c42af56f3eb9a082ececf39a10230cd7fdb827e30c2cc7b887996a81321fc96fe3cbd497e27703801abc60daeaeeeb447e393ddf91cb4e222f39892c441874087496de90ba47ae51f19a9e03d903b3529d7307ca7eecdb057ca9c73d39f47e12379e8dbe25aa061cb8c6207a8bdfc61c5c8adde8aa86efbead5af71150030df7bac4c3a28c72fdce5c813dff0d271feb73f66b0830242490efab717700172e24cb54adf69615dacf7993dff49a1e954ab94cead4eb9d0a99dba007682f843526f7c6b081b92e4ba657f46e703b5a28ae4496b5e1b69c15d301d922310d90ff550e02ebd5ac01a3e56e58af6e039ef8993da8f4a3bf832c9e75eefd1fe6028d7be0ba7d4a23d6d8761b63dc5734026a3c8f512a753a2225687aea5f137a578e3ec2ade86ce9e7474f0dbe61644ff574bdc19e7a0b9930417775d2553bbd63ed65ef84bdb380ddeb017b1f3fdfad6e4eec9f017c4f7553b3edc57377fd2e17f2a51ac8f29a8781a259b53712e39430b2d5ceaa944d42d38ae091ecf44ed1841b6b6e1354dc323939664d5cf24f95f62687bc9d8b73469e42f01164220140abd3521ce50c8bf1ee807f75a46f78f9ad6ea1641ee4726dfb30a7b96a7a2a0d6b77f79abc9cfaa341989f9978164c9f7cef3b31598b4a098c0656ca610b5ffc69f9dada7d79f874439e338e9a1b6eb658d6a498bbf797917348baacbb85af5c9dc3287987e6f42eb17bb41af8754190aeb97da0bf72058d8ac4f09b764bcb72d5e4347958b31a1d3c1d10717f0df80980cd79d2587b5591b9ca1650e35d1b9af7909abf0270980bcabc0274727ae0039dfdfc60e3790cb665871fb3ec076f2bf04803078470ab0925d690dab91d88203aeff05d32bbfeb74f3a29f31fb845035da0a6a1a34286b44663a5acf2c7ef3dccd889a49be2e6a7705b589fc68936680a0e9b2e8b3e45caf4e0349aaf77fb15040e60c514bf7b68ccf3fd294ce1997d67bf964ff1cd1a2c6417f97de9e505f9c387c4726895377182f035ea9089765f9d64a9f004fc07ccf75a62e8086018770c557dc14575ba1ca8e48def00012b75d48d91f946b29dad6c32b25e8ca02fcdf1e88c65646cd281295b5754125094d5c5d5b14451412b23d9211cf4f9f68715ab8428db3f3a69b6230f2ee9a3a00b88f8d5db7cce3e2757359f287ef05160aa9380de43b3b6201b385921f1719250e29109dea6ee2d9cd38edba27390333b61863cc7643209bacd3e8e418b29dc97efae69b2ae459f95d5fe9e47e86484084a881b62351baedbb6f5cdd977f23e85432b22b81e525f73c48281c677df9626a4a6e69d9c9adaa3997ed2b5b802ac961307b91929c7bf470d0b16a9343c3075da204d8e40e43f0ffdb754a9e67228b68a153ee5e7d744c760aae93d92ecd02f7c762521378b7842a60ff77bc70a09a0c45a6e6262ddc17798ad185a224e890ac8e485e1a0edc91098ee13fc1cd8a6bd9b35e98338f25f001429b8f4cf7a6ef001c501071adf9b4ab73a3ffb8e0059e2e10f766ea65527bead54569dc9050256645fad7e977455cf9aaff04be404afbe0e7dcc0a563ab7d4e196fc741a66b3230fac0eaa8e18f3ab27a88f7728cf5bb61155caa610175c16e6ea4effc08911d618ad184c0b199b215f9014ff3b45701effdb22da74b5b3baa66308424be2e232133117939b976f05d95ba235b28f3ec226ecb9fe220d35e3c9701fad6ec58accc0f308165bd5b66696473519c8ec8143d37ad6ff31836af356515d01acbe51667362aed381dacdec37bc0388f41c1348397b0143bc65c143378644822b3f051eb4d2bb338722592a348c9a31a713d7f662888ad5e36df7e584b0e791d5f1dea081130a6bebce39c083046fa38558f0be9d766ef11c16d7683211ad17f3ee28c0ff468d47a42c0f346791d245adca30883ae1e196b54a02033bdd525ec884346dafe6fa216eb30d490e3cee40867b0b98f8d56d530bcf44278458c584712f466151958ea5d55a711239f61938a36094aadefe88951a3940f266fec893ff8ca62ab280b9668e2ad5cee30f84f9b3ee43c4c32d1fbe81c9344294b4fe15d5f5caa05853b41e302bb8032257c1aad73b6d6a7b3ab5a65bfb7b9c65348f2d7e4cf4cbcbeedd0c1ad06f11e9142ad503eb33a481a62acd35d14e827ec9828b589a42c7ef2008adde97196ab21a4bfc84c7d518266dfbe4fb366956355b35ce7de799b226b016cbba227de59ce95ace040eb868c5bff8f23330959a6b7c32028065786d24b297a68c94597d68298d64220d9eed2b5da8e0156593a7d18fec048426c4f96cc0d382748e6aaaf15fd97f277f31cfa3897a2323cdc32162c721adcae56b1d5df9ec7822971a0b61b4444394cb123770d80424fafd192e669093d24da5c6f90a7c6d10096008eb92673aac989f3aa4987e9b0fa1360fc755df73af5067115360d1d79dd775745beb242c26e521abdbf61309c4258c32aefd61578223f91186178386b0cff72ccb2c8a23ba62ee6be4a6feb951c1ce9b0574f15676c7e61d56e59949c65494d727ee110f450a975c79b4991e2aab147ae2dac1c7aac21f94a61b2e7447caa1acff9d7a650ebb0f2b6d2cfdbf485f2515d436e9eb077c65652bcb74937acd011cdd567ef5362ea3adb1e83606541c4dd78103acbbb8a3372c53cfd"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000004640)={0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000004840)={0x0, 0x0, "1eafc13226a1b7334c8f4b60330dd0cda9b92a009c2be7f0e04342ffa1a6c000a38ce24d36d2bacf8b4a0a8ad463b92fd7174b8df2ea69e6ca506a9fae2c893e074a02890fa10e983b9f51e133719092e755055477ca79d7e0509eb0a551baae073f557cb8f88e77becdc36d53ad547a4cd68b75e4663179d4a9c6c9ee62f8a0fe0c0c4d033363e02242c97d35bafcaf75c0a09ca28be370ef861ceeee2b009f6d1f631d95c0b938b96e90a5dc0617b8cd1e0d3e4eb25b889ab4fa94070884f42b1bbbb8c567bc4d5236a4a3f7ab22e43f798b350e97e51f0c8b696e5be195ef582eba0289686e7f9c267d4fb0c8f28c8bb2b53779ce8776775aa730e45c0aab", "e351dd49212f0ac3d6a686167aab2be8e87a0c4b66484a263dd72729cb05405c5c3c795dfe1d525e1fadf75795e042546477a77270ebcf8f43d68587313d575a9b3dc37c5050d38e8e7a0a9b1ae5ce1c02200f2fc8beae4a1b6b261cda1ad0060068d8c6ef35d78a94b71666f1bb24b933f40f3e4c29019031c06d6b14dc7c73cdcda7912150e922e9087f7a5a193678184c75ff16a9c57d70ac1b79471e6155bcb88b3b3bbf04ed886c50006ef901bbc867e233371ac962e14f51cdb2025f01b8f096618935b62fa6b50052e6a7135f3762df37b624f8868f54e962f4b41a6d10285ff4298eab3be134b23452a6a16566d29b3543e68c79df39eba31110eb17f6fc564798b142153163562146a8de046f093adacc69eb23f55d695a8f99259757ef414a4023d6651d4d3a2358f6e496bb72145ebf5b43fdce8b6737dfd0aff2dd54179c3340d993125faf469e111e52deabe1db8753dd37a8555deab9c9a60042a4d7437c570a0f7d283bf4c69344d1a32b50c8a63377d62c3a7717097d9d71f005aedfc997348b64957a9d422b280a66b7378e5c71bb89d11592be82a41bbf87b95a0e3bb6fba6b1e13cae609d24b5cd8732631c8c5eb593d927fe07ae4e7e74c1f55af105dd37b58ea3cb1a888dd4e61f22103533fc7f1e08aea151f3b460636bc6c059f8ed76bb4a5199d7b555b6109c0bd0e3afab992a0c3551a17109befb278bd4efb2763155e650a3712f1d2a66a957dfe14dabd61d3ae84a4d616496cad6c5872c030d8f1ba07f4d9908245ba6efd56157cb8d45c0fee2297c86b1e71f24e094fae5d992ae977ef4c39286e66cabdc8e148ee709776f695abc918001a3bcf5030a9216b4de2e6cd896e5b18f7b4ef03e8cc67e47e6a55206fa06f0a10d1c884ee5f991978424910df74cd102e898781eca99267761ea1cabda9a86c348293487de30ff4903dcb1aca350c01edf97e923cde9001611d8fd17c831a3241ea54d2198f316f26da94018b92c67827383ff4183f2950ef722f9b7a797fc5ba28eb143601e55e6889e8308ba876bcdacd86bdc6a1f765e22d7c398b7390b116f9bd8478fe89d33067a0da44aa32cd225de5bc3eeb9145781a6b403a6d031d51afc0ae114977d528c1e8dcef261c19cf9aa0e7bac25899de305027402b476358306e3ffef02076f7a723334d01dec18b9bb5a247b865fb9cc993a8f04aeaa7de2c2f2753f57a3196ccd91af039b96f00bde96c16cf6b50c124789fc71bb7d097fbc993061632c9b9421c9abfdde9dac13227a48aa29f76022ec5b71dda63eae56ff35ab5fa32d39d71130babdf9ed646e2a04bcdbbc68a89f61c66b754a5103c2b7da667ad7f97e3f4dccc3ab0c02474f6e6df45410ca422ce5c14a96579d58882162c9d9b77efaa372c03ce3d0a26213da1c0db41ba826fb1a5c06add646f38707e7a69365c5283f5f852435dbefd898a2fef4d3ed9e300d2e7814529922a0941a384dc8cbf0c9e62472ce8c34a417f53c0c401411179b5b3bbfdec1a6c12507c06b68749a9c45e7349eda2a576b87d18fd6c7af9b9c317bafc4d4a6d9dce740458f4ad6f2b8b49f1d3dabbf21d910263aa2d3c2eb2ec1535418de11683260c7d166c3c57a86d1ac92952204951724f8551df1fcefa8ec99774b4531afc5bdd0f4b6752e84bca6f7a1e01e03648dab5a338d493a46ada4a8406cec4b3efb9020632d0f4ef17046d70c395c5027d9cd51b2f5672df81edf239254c6ca9bad0f64d8bd53eee6a74f66bef2b896685a86f000402d62ff2fdfe5c01d9bd76993eb8c4761fb3db465ab03adc7ff566ef4268a712bb490937bd7003c774d55d9000d7de6c396e8eae00cda4d473240ba1c9524935cbb405ddae8ecdfdc1a66888f47a5a67f6d5f6af79f39de437a652d746efe729dd587eaf8bf1cabcd55133569db22a9d666af4ccea3ab88540f78d2ac02c59b087d03ea49395b5320e37bf0f7f40c311bb76b3f3ebbdfe1230b3fd3042b0bd54d12e94e1769d6ae0697d77bcb9b2adb540df4045e235fccac1b621dc77f782b1831fb8d3d88403130e4cdade16f6d4da8cda0dd60197239f06f87e22e076fb7259a0604fe838e6008aa18ce305889ebe357ca5994b301ed3d52a56847c132de21677de546c93bc22fd05fd517b08625ac9fd18f3906f1157adb94c4ce021591033cb7a55c040dc9183d4aa871b7de65d7a68b8912bb25cd00225a58214f7bebdb18a6b32d0df19b97dd89de12a4b6875d3673be587e5aac1bbfea09eba221c1b334890791f3ba95e4f150ac20fb76e518303a4d13371fa2cf0331020d027d219eaa534e7ddbd2239da6a89a73401dfde8d149f3b4305ecd22ac172007ec30197230c882da99f69ebfe4b201f80ceb773dc1ad8594fe9e748931ef42029c2a01a304a89135dad323a152f53f0407c50875ef23b441dca57dddef06a7bd08aa10216ab9cf9eb46e8b1801d8ba42f5d8d57bea148cd5aa1523830d402ff228ada7dce04773462d2a4c326e016b2518b5e9534feb398b3d6b1ce13334ec8071e3136ee6e67e34e1475d02c6199055ee6543a1522e28ec3311472669642375c36ad4cc059eaa68364e7994cabd08688528383fc9fe4e0294cbe4542d46e36403a4f7b5c035a29e3d3e7847f2297ef477ea82bdf1e9efb294a081953b5f44d3ab6ca199a9c4b624137496ef25dc310f8ae941b88694345a57291955de61c42f97d479b9282e23dca00f3ae88934a767ac93b087d19abf221477391925112670f67f884cc4aca545b1a96bca9c66581d2546016752507735e06327331924a141caa3ce8578da6dee9d30c56159e0fe9bca39c6c78caaf78a7e95919658d5dce54ecb25e864392bf5ab591cbb5a880cca1d0402b4d1e4a596a5fad767958cc9ea9e43ce1b4fdd28c2cc6f9b01aee0155ceebe8ce10fc44697a71b37cd8aa84897c4a68bdda7562cab7a9419f23f37947cffae4e2b975f325e6a238bcc393304c99a6349a0bcaf44183e56fbb4b3025d94ea285096864f6ea88f53b953dcb7f7800908eebf759746f4c05eb8bfdfe3d1fcb11044472432d6724ae175b84a7dfe818b76c4595e39c1414bf3c0f7dfbc7368e61f32af2ce786a2364c2bfad3921f4a896e47e510d82bb2dcaa5c2b69d13221e6db98b98711bfdd6453796efb9e745a9a46e4abbba0ce53070400cedbb498e25ec78c9fce6c8e9d4d6a5372797ae7ebcbe4acf68f0f8491801d5475495acde9d1c508e795eace2a941fe24daa9c8ba8f51ea7065d621a806ac99c295cd490d1b0a6b9bd3e041f0568494d8b07559e1d06fee0f69bde63fb05323439a544eb3e709a2176f2332bd7c19e1726336e2abc2aa68b2e720aa56088b656facda4581d7e83b7998bf63b82835a372ee8a083cf78fe97367d058450efed55806d6c0ce6e54daa40ee9d847a05078421230359946685dd49e6cf9b0cc0c375407652e583a9c4b58d57ad3c550c2f47ed3dc321770dddd4f2e5cf85c4e0ae941e23518697350b2c39ceff8bc0525e3f988aaea5dd8e8875417d3d36d352fa439e4b2caeff43dbfe6b3feffa257c215adf30a0e330b7d881b5cef2482fad8853dca621e2947f7c6b7d904f319909b93679876fcac3695a11cd933b2f7fd4ffe97eb403b9b1eff685f957d497fbe392fdb64efe165b757e2b3298acf2bc362eaba66b06f06857cdc56ca09368e19097c98c0e822a3a09968286b01d29d730dd5971ae3f3947c02d5a5c1318a14b5b601eeb86978ff6604c9e0776b4b807f21e5be60efefd718e04e0a7fac49d2b6b27bae029b504d08c712a51971b49fe0e1ef9c359b7805843b4b174a8192d05304b8fae737b1b7fe7f364713d9cc57aac08e4fbf09b570c9f5d745b41547815179a0270d51ad190a023cba1d014f34b1e0b1d1f7c5baa57edd2d09a7353af81b4c7b38e1c49ad3a7508355da4013046183c193a9ba309c94fe988ad9c55947f7cd982266ec66b6b03c6617b56bc010e4365e5a04bb990b19f011399df521994d34d6de51d285e54f7d3a1409a25279fffe460d96ae6e17423011dfa9f274a402789a0242053f2bc4d03c3557c2524e8fee50c12e7dc6cfbff127d18707f47bdf7132a040d3ae82f656733b8be2d990b15f7897ac017693f9d1a0add0b96ba20513faa633cad1b046f6efb7b865dbfa25ea060602515f3756aaee81c85c3f20a9c25442c328473abfecee3247f4e7ab6bb86465d53cb989a039e8df067781e48d4e336cc9c746ad00a3793f160c6a467026d1a6fdde200b7dd4a64b93f548ff853a22d4023d5f011dccb1bb6690e607045290729e001cc57fe2a968c0ae0563d76602a57fdbd1a17a724db6d7d2219752e10f8a577f45ea07630ff2f7be17c546c83fe6f4ef0961e3a144391d616266b8f17ecb811cc27a230f63ee030954aa4c05ac390794e16984ca4b6ecede856f8c87a65474503e87138b88154a4adbe2da2345f9482b29fd55611df1053a0fe1bbde191de07c7ebd725eb618a8c56287d9d12aed779d672debdc84ca28afe52f04efce616692d1673d135db9c0eee3f503a282d6fe34f4ffc0bed34983aaf9a23e8f697f36c6ccc34d8592bf73d2199d516da72cdf5e2c2f9e7a2a503a5207f11672fca45cb99e5f9d5eade8eb6fdf2108fbc4d4424e2b28d28089bfbd589539d174d6686f8a42d33c68e40c4d0961491bcd4d77aa5fc81b34b639cd328d05b02455a5c1bf255c9ba741b7f1dc2f53730103081cec04984fec342d1cf446f2d9a5f8aa37acbf94784f10aaeb6e48697da3242a50801bf069caa6553e3e260dc63e0d9945f3483186681d45253418267d2d14aa1d30eb16eec379934d710a6bb029387d4aa4e13643fd76aaabf636d35d2692ac6af07651be3abc72cfcb0b4f52861feeb18bd5a4a95dfdbc3ebcad53e7979ee2107695ce96376948a57c132d73d35473b144b4f4b4e0e8805a517826d923613faa42d549b329c0c11ea24d62caecd9f5432e45e215f13f280b1995f40d050119206f2e69d5567d06664ec75a051b1ef1d725918571d3b102521bec794f0c35b7a980b6c4f2c02a9b3c0124a4dd01702322b463d978451d854034b47182fe67b27f88f5d25d3f1080ddfe3675d399d2b9f5fb0c100624828fc1024d368813d8ccbc64fbc0a24500dc117c545f6dc033a6c8509ce1705c640f15ec4389e52c40b30921c4f9abf8b5d42cf755af895e3caf019c86c51e51c36c9b0b88dfa288591f7239be5329e531afb81d589d8c4ea55e3d87b2e074cd9eaa85c92fb58b683258f6566d4f2973a96c7b1d320cd06f4df36670a52cd221bf8e82e0480607a7294dbbdc7eb24a260ee995946169e2a73c8f1026c192bc11dfe979e414d53cac07b76ce08573cdf28"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000005840)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000005a40)={0x400, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0x6, "08b96d83c26f37"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000006a40)={0x0, 0x0, "3dcfa190c3c97ac53fc97131fe4186fabaf1cfe9ba9855f7d8df0def0f1f2d05d7099907c2252961c28933271ed58ff809933e524299ff8cbef3e6d117ddf97ce1d9e33a73ecf79fa7110ce91fdecf2592540f17e28cb776dc5f784099010bab6a53768a3a6930e89638be2c01be41ff92ffbf070d4e4f5849608e6f581bb2fd1c57cd35e9bc84da4ea1606d2d0a7294721d39d210ee2f4d3e9513e130a212e271f6f892b71c17331c77e7eafa9e1c9448a4defab1562d9201628754845e97dedfb409bdb63d6d40f0fed655679165965170d61f2585e6886bf61cd27e08fc823798b71fb5026a80061a683ea5c168f5792be6ca7ccca97d9d6987728e26bfb0", "ca371c2ad4e285e777a4437e6682f70fdcded50dcaf248ccd4132d0970976036db98075d4c42a7dfd44e9600dee85dcd3fabc7f87eac3c588f3b49c8954edb4f6e1f8d711840f7fe35815b24b121df8f97e1c42f20b405dd7582a93d33736a988a4fae15fd3f450723a5048ed0415abbffa601f170839b6ea985bb8afc04c44c23a8ad3c360c83f879e5ae80822688742e1777255dcbba4dc61941e69d4fff9c6bb20711b4a9c8fd9f729f118744a8205659e26f4171f52957c172865faac30b7a329d8e3e15f8fa3370721729265308a0c1f120df4b44e4f25525a845aed401319f9083aa1ef3413252993fdf4107b55d0744fc72a2b312a02c94ebbb42e97916288188f9e94ed0a55246fe810e76014422b6f418f29b17f5d5edc251a02eb9e23a79729e2bf02d7df42566af8cf68d3463f6f5e79c323e88b1a4abfca1b14ea04864357c411b739496d3a9ad1601a4abb343a5dd0e429d955dac5f6181c37053615b896ee92636dcb608a3f72542545322a5a5eedc4c351742d20a66d9da617d24d062b4fab6c38c7f14b3949042178fbda73afa2af2541057de2a615b0ac2e81b0f17cd6ed8a36da5e96779f15f167ff86a7dee13210996a07e4b7cdaba325bc089cb067930222b160271185e69cb19c982f6d89ea368534e236f3380f489f25c46cb6e81acb211fcc7b91a62e7a7121fcfddc13f31d572d4657bb1d63a996c7a1f7718e9899e0d3f4829335f21e32a6c5613895c71a35503ea24dd351733b7828ff6e517c9f17f873b8414c1764edf672001dd9447c3ab85f0a89e4744164336cd76fc020471e34919992428887bca6cf1e2d2e6c88d01ba568479d602cbdcc8dd188863f6ba42d9dc13e159909f4f286e257bb7b5fb4a09c0783b575b1eed5b80f1e895bb2183ad42b0f2c3a61a0c451c4f0ff05245fed647aa0270e0b1361c2ebf7af12828d56c7c904c41eba2a3ac4a2fcbd24c4e2516e31cdae48ae9662d0d67bc341b44ae9a2f4e8cd696b9d95cb1fa4ea1e8daa7e6a1ff75dcab8c73c605b8035b971c4d01cfa596bbf422a16982a39728cf73cc53e364081aff5259193183868a3dd14712e6edc05af691f34ee960e90d12e15f7fc5a8d3f76b9c15c8fb94288256a413c71b134b313eb7f4a8a26f4229fcbb46a4308132e9c3a7ee70ebcb1fd1d6791545c5d0eaa6fca11d88324019b014a49e7734d5dc0ea19ea44bf4eacb21b66ee048b9d792efd747ed93bcf60a247aec902f9b2eb3101372dac89a0c516ce433ef70706f0531e58f81e351678d1bd444d328583f52a3114662717a99902b64e6dcd27ff5c003158b6479c20ccdbd8fbe8682cbde110fb13e03ff35b818f20928042ebadb411d39dd0b0cd3fb440969328780a49527673714dea9bf65f505657459bc993590b8f33a4a1a0000e3f5b0a8742c2c3001a07edd3db0804f1270cb3c18b5ba5d5667307f4ac3972096a894d372c65d62c87b8d51527d19f0d91a2f3df862f1dd073cc3856598bed333cbeaaaf336364f933fbb30143a7410f0eedc0eb70e5e4be41990d6c7bd4ead0b51a6484e7bc177a6243f691c3cff4a2aa34e22e3e7a06835fdf1cb0bfa5f7e473dc40b72ca6d970daa228fc97d89a10ed415fa73cbb3b0f0295ef2dafbca78a1982f90b8e0180eb74a4829c54f5a4d69918db78eedc27d67da1fdcb254544d7f59b965a13257f8cbc3cff25342914a6fc377d1976296ac37a1af01667125b070ceed5431c5a7f5339c3b26398cfdbc91002beddfca319758ce814459fbf8ce56474a634ba1679ca6706a2a5779da7bf20b1d8614f0bc7872ec42228988df4c225ebef152fcd29541e05197ac572b5454b1ec426ea114ea395e3566ad03786892c1f4d724996267b9b3c9364b6a50c12fcbe838acc2dccd0a88625c9a96de0b39c062a8619a736765e36ce9f0f841d5384823ee5a346882d19cb633b8069de9573c84aea1a9907460a0990793078f87009de1d8d28dddb8c84b6117386ceccbcb0a8f5b9fa44ce699b3d14d62c6c6ea49771244d67eb002b4b4ec65b1f88f73fd7e362b2fc2c29f8c0879c427a73f1f6e35c799ad5a0aeae8a20abd8510399c6eeaaf0701339049bc4a1489c9017e761c5501dcc4a135ad27182cbd0a8af48bd76544ff153809843b6a14e4b6d39489faba2d2736ca96289fbcfccea41a86a73882caa308dfcfcd87232a4621be40f83e2b87c3200cd713b37bbd5da380536f5ebde474c313363c51707213106c696d6df7364e93becff21fadee14514c6b33b7df735c64d8f3dd6d8965a00c1ae5f07b05fc7a5e1bf7c9cf9562b6ad8718d87dcc1b95b4b89730fd5eee08b0d2f67703877a7c11938697b12326ff9f52dbc353eb48d50e09dc71f7847c7552ac7cddbaa818476afdef30ff2a89990bb173d13cefbf60c097f55627f41d08a2b142b9174ca01a13d02bf79d7dd385be8725865d324139631bf117940b31d43a0fb2477083e423d2b5e380731b3dee849479200f4be5babcddb0ecf76f41f20c64d75d1d641cd2ecd8b6705f5b46c7380a2013e2b320ce598ec361eb6fae4f103664f56bb05461059e8c066f372491b8476fb1c72c7fb988c7020ab0eea1f7e9a13de46f8aaac33ef5aa8f0ad3b5cb0f083bc0b4b85b81effa5a756389d8468d2bc85e3fd465884d215065c9b0abef28ec67084f3af64e7730b139a9202d0f0ed8dc6d896a0f8a36c9a2d08e33c59c0b293a8839f85e9e1673fa404a7b5a7169f0140a8e3b24f498ebd7e7f959e0160c30b8b59d1c517ae2dd6454146c1379914c86ac195fdd1a942819c7f3dd28d60e409a9af69bfa42c3a3448b983685668d4e0f26243e0a14c740d3ba63f6226a4027da7e5200df83c81f9b7d344468a0b44b7fc2972190bb396ce065a0e3d5f3ea9bd8d5dc54904c95ae774278d81f6e6e772a8f49aa4cce296378ab04f62c335f49d2d2e01bb7559496e8495183c0ee9236bd8c06c808445bbd742923ddabab81de2d1449b489c0fc4879e6fa1fb86b9fa392357ae2df914c8622fa325f587c6013d300e009786e671cefd889f3f7ccad69e4a634d7fd165b4e4464b5677dd19061483b2a6eded29d6d05f4410047d5097596a8807047f25de56619ee388fabbed524cbea029888cc8bc845705ff9ed31f22134ba9a97af95daa633ea7722c101aa24047935f592d22c581725e1e5d9a805b79e2171180bd54a3af5afbe3525b9681162126c14191da3b1ca3edf6c7516bd0495266b484981b7509ba7bdde7351281cbbb2578151532ec3075abeec78a42c55f0217c6ea31cc1a614c04c5eddf594fd87c18ae4b0e91a7b0db636cb674212914356c53f8a0a78175b658f7245830c56cdd8ec83c5210ba96c9865cfb810593b4a7966877699b3b8d84140e6f076bfb675e99bb039200fe80e69e0ae69b2c4093eb1346b7e0df4235e0fae85af141d1aabd2b39085de5d59f553565e6773cd46b8c5d5321dc848fd10c7f6cc56de44354b60dbf136edb75bc9a3c67e1dd7863364a0508ae6aa1df192f51b4e21d998fa716eb1e90ee0471350531787319ade17ae6e88c02c5b74fce64aeb7df102e38ef09780102e7fcf8a857009309f15cd739f9e3661ac04f58aab241ff578a5cf73a2b178e52a27e50b6507bb3770c0d8d4361b8f7116796cf5b6e58294fab83fc74b8c1cbf3246604d3f4b46b3eb2c04ba21c6cc9eabf0bcd5de04d9a00b8f1d90e344364907aaa6f64ba0cd2f269002cfeeee69a8bc3201714a4f6e58ba54e92e189e0ab21d2410f631b160ae5568a04e001f3569da9d98bbec0496140eb28597e95a698aff14f63d75e2d09d17e5d1a92074dbf8ec4352877cd2ff02df45a0e2906d4f962e65412ef72f80626bf9707ab02d406d3ebd10b18d28fb42df30aa87146e18bff20399f67b86ece8fc8bbe3f2e486bc8445d24abc9b7d1e91893e219421c4d5b5d9960683de791c08667998b0e60de726d14e5e978be00b5ef753a985da237bf2d38cd3afa0a1e0c266bc7032e3c49287b04ce19f5dc297c381ae5dc4d6c11214342d1841b97cb5b3dff6fdde9bca428947c8155fcfe816b6c543d67cc8edae6bc4fa28713bd704eb6c994b3b74e8c80cabefa419d087e41814fadbe81456fbafbebf509cb083be6fde7a9d950950dadcedecb25b67e0f3ea4e96628108a04e652f418a67222cffe572044c9eeaf9af395782c52a204541620243c9e820cf7a119f8edbf20e2a2b7133881ea5cf7f4c52fe21e196f381671d82bb0e5634bde798d4ea51e1b6ed764f5a33ae93848d997cde626f806290b9cfc1aa56912e2d9f1a6a2b719ff1f15395ce6d99bdf174e6b23a697713033b4e79fcb9de5ece952155f246faf8c3e3d1d8d75a99e39ae2c1d694b29602f165940e5bf653972e0255708c2181e6d0d645b171632934ad62c3d7db83eb8ce0715bd5e208d607469cdd3a7630707c6062f218139c7dd0503ef86ebb1d94eac32b2e9f4863c36642f33b7a7b0ca5f485940ee025923e3da11b6863368e1acef4d9d369e3caef5656c5440f42f2c0b71fd31fb6aa9a388eedc28b0d70fcaf7aa4cc2db8d75b1280e24f8a19e3b6e77f270347ba723f32a8debb4b4d31b69370f8e3a5c0bfc679a8866aa11ea40d850cad0e66bd97979b00599b5b81626099123b182e6177a3b2444a1d3d9acc3249cdad7c72382cec4c5deeddac634f92933ecfe22f57ffcc969082eae7dd064d58fa0b0951fe110464d132c5691d26fd6fdd888811c4e37fcbd0c516d1e210341a5e61cfe56cba3fe9482dda86ab52c6ee1d53ff67ceef93074b098328ad7de217ca060c79c24f7ac9cc153dc3ae88d4d80c5c7bc1e97bbd2257f3dc21dbfb8ebd459cb3fd954bc896b73ae57aebb75c9bf3c72d67909e7357150eb33fac805ecfd43bba9da360e1a97b20a95e8bd75852809f2689d50a7107016c9c2e5ff7997ddb41b9a79a4212868779ba4c360987c0c8071b2b5ca54e27570fda5afa0c92434404b743843b4d6b72f961478f0b6668fceda0e8b5440a18a3b097f07ad2fcc7cb4f3afda075c4429d3de956851d815c7a12fede847be6d46d2d68ef4be21b849168eb5352e01e62560fcf4dd5fef7e45c7b6216e4a92f5a999f1a6e3df778ef16bb0ed76c088213506e6e93b0548fb48cff1b9fa70700d11765bcf4f0c6c466d01eb785363c7950f8cff0356306f4f51af54486767c2dc988514683b5f573dd9bf02e44993405a0bd3ab5b2c68e8191beab20b2498baf5fb4b99055f71d49336cda1cded8f3c7a80487c29b0b307bebb04597807fac46f8f017fde3d4cc47c4c2f3914e9d6178516740650ad96d8c8431067058fffe1588d97ab524c732af8c465c060b40fee38bc862783d91881751482dd811374"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000007a40)={{0x0, 0x40, 0x5, 0x6, 0x7681, 0xfffffffffffffff7, 0x0, 0x1cda827b, 0x4, 0x6, 0x5, 0x6, 0x4, 0x1, 0xfffffffffffffffa}, 0x20, [0x0, 0x0, 0x0, 0x0]}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000007b00)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f00000719c0)={0x3, [{r2}, {0x0, r3}, {0x0, r4}, {r5}, {r6}, {}, {r7}, {}, {r8, r9}, {}, {r10, r11}, {}, {r12, r13}], 0xff, "db04de5dfe119a"}) 05:40:02 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0xffffffffffffffff, 0x0, 0x101) [ 750.856643][T10851] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2135/file0 supports timestamps until 2038 (0x7fffffff) 05:40:02 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) creat(0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x10) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:02 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7040fbdbdf2577000000080003002e6e24ba47199e92e58e342bb795c4d3dfd2eb09e9269e291553b36866f0397448135eae03eaaa8197ac7943feb478", @ANYRES32=0x0, @ANYBLOB="0500ee00810000000500ee00070000000800ef00000000000800ef00020000000500ee00020000000500ee007a0000000500ee00040000000800ef0005000000"], 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) ioctl$int_in(r6, 0x5421, &(0x7f0000000680)) 05:40:02 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x2, 0x101) 05:40:02 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0131000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:02 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000005a700)={0x0, ""/256, 0x0, 0x0}) fcntl$lock(r1, 0x24, &(0x7f0000000040)={0x0, 0x2, 0x0, 0x1}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000001c0), 0x9}, 0x0, 0x0, 0x9, 0x7, 0x7fffffff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0}, {}, {}, {0x0}, {}, {0x0}, {}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0}, {}, {}, {0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0}, {0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0}, {0x0}, {}, {}, {0x0}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0}, {}, {}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0}, {0x0}, {}, {}, {0x0}, {0x0}, {}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0}, {}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0}, {0x0}, {}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {0x0}, {0x0}, {}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0}, {}, {}, {}, {}, {}, {0x0}, {0x0}, {}, {0x0}, {0x0}, {0x0}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}], 0x0, "8c00008ec3732f"}) ftruncate(0xffffffffffffffff, 0xff) r186 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xa) ioctl$SG_IO(r186, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x9, 0x7, 0x7fffffff, 0x100, 0x2, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000051b80)={r113, r152, "ef70e0e6a88b38e598666eae1dd80e16716b80ba1e00a402701b94ca1a99aa0b01fc06f967f21af4279219bb00d38357c74140069704ab490bf68afeb52d6bac55975c7a9830c73700b362dd3773a4d421fd3a141f7f7a6f15dcc6c61fe7721b924e1bae296e6ff7dc5c2249edadfef8510343b0c8fd902fb9134ee857f2f8eb324b3d7a3ad101d32db02a3a6a3b2d037430fdb4fd27990048039956a2a8342d55c5cbf488511a723e1924a8e76174e45a9aa80981f6d32fb688e2b996883283b3730aa8ac6ea295b00fa001e46023990f45fe5322a74c914fcd2eddb9eb805bad9e561e9e41c2efebb7bd93b08c6e8c3f11d1c0cd373e2c82bbe3fa334ff559", "964d64f667b03b6f217e4aa06f3f9610266bf72e3bcc510b6b4ad1d9fe314054c1d207d422f6c26c8dadefc47eac3f72818848465759a419441b43a54c07455442fcb1ee589fa696354e0261b7e7d9101f998ef8d01613ef26a322ee75e1dcabc9644499a9730665b957f6945273122deb6d4bc810e2e2235a562c1c6c9ab730c4a268672225ca23003726183030f57a5508fc61eac8f652fb04f1bfa8a70a519ef34dd0b023db896bc4bebcb509944a2246306c9c4a659f37e37da7dae0b40010df9521b21ab43aca94ec75ad6e33e6be7fa7e13a503c31960d7e33944423d7465119b6289851ed8eac63f130153c92e8926e9dde97a23dcea15cddfb5fad0dbcacb6c2513c41f546c9cead8b1b9be0b8cd9771b627a8bdb8b2d5ead848ca0a3e65b1b8fd7182f233d62fad59ffb4eb1af604f5fb90054d41cd7307740b6f7a6337f656b3819a742b028ae6881eac27a1f451d83266ee6ab2cf7abc5028c8bfb9abd174913785c10dffb13960e16296caca084609c507d07f520201954e7a0c94de8740f0a3fc9e242ed984e4addbbec7c94eb27219afc9d82da3d26dc78d701285d034619d2bd3896ea9c5e1a6e21e711d6ebce68de9a2a85337d94f0425427490b52848f96dae8ce5e276f9dd2364c90d70c5dbc5699c91bd8cd7a7f8abae2090817b0feb7b779bd13b82a8c441d8d46deb1aff2c32a89036e19046f5e1301a3aade1dcf7bc4b252f1640379607b78fb27fe679da1efb8bcefb5260fe26448c26702c22c5c7a9a118d56ef91e471e2ce6b24308cba05fac1e568b5bf856d28a5bb9f3e0b24d98fdcd3b004786dd2f489a7523d96e6495a87bf7e426d85d437406eab8886ed510e9fc6fe9fce738ee2bb0d90c40e243f00cdfd9af6aa1352369d29e2b3dcc31957e6f1780add4c1fc95dd24df9a94bc41b967d4268b29021dbb78b8a65119b0e418da8f5bba46d8ac09a17ea04b748d5177ac5c1fa7bd51ab83b5b71730ecf2a3f99fe78a4d623110afc058c60a2b1dc805b9014e10b10de807327493eaa5e86ad4b8d5bd089c7201b61df16c43053d767c8d91e329b216e0cc213e9c3edab59d6d4ef3969ada4003774aa64a2c4197f32fa3d7f021eb97189625d332012e14e98f7743a8c194e4e5c43408ab7d5ff65db71f4c69b21df58d70459cdbdb5ab82f0b0f1086a0978a3e65f9f9978b83f01b3a59ab365ff4939adbfe5dc75f1b63ab5e76288300c2b915100b78a0df302b8dc2bee74832c7f17754dc69d67ec2d476c73b8c32af1f8c501a6dc79abb43197262f1778b8c1d4f24338b33d7603509e844444e5d443851a3110c50ea0c408362b39297df8382069157da160fd8d1369a5128e6bd0009541c758bfcc0dd38bd72f6fba07cd9c86ec6ee3700486907c941f7df3de6fbeb6fd5b255e4e7ac9a6fc197778a4384950c8587865153096ed9c7e4255372890cd187fd3ade2429287c5ef0a428429abf1db4932d72ef4399f024d81119d0ce4550602607ebaef76bcaa6a61c4feaa06d42057646af1796f8d6922ff2a1f42ef4f5c9fa5c609b070d024865eca0577c82c8a47813dad58f47ce154b509ae3cd66ab224c5be5d6a17e16ef795ac989812706453c81389a66a6dacda5972ce06679e51d5d071f71a21f2281941ec6e82a05f217abd360a84d08db17409df1be116a4c97bea8af0c46c5cab1633c297435a27bc5aafcc5d959e1506d5f237b93c6bc71314130e757f11bc242792ad8515e362dbdee13b63a8d0ecd3be10d7c4e519ac404a413169bdc264883a8cb05c910fd092a4d6afc36005c7e889c27d2458a5c41162705279dc896c050744144fa2fdbb7543db5520e111ccb75fdd82f75a5ccd0cc75ecf47d1a6061f5ddda5f2981dc2d58939a9ad554e0d59f5e7cd95787136ef92268b2f31cd46e5220c0d5cba645d4c2eb39f89e76bdab6f9758833b32bc853fee1f5d0617273afeb92341bccf647e4248208ee704b568a666bc028a1e660dcb79442cb5f95d0491edf201defd5c075663fae2fbcb5a4e2e90a5a4677fb5445810a46beb2b3d241671ebd451b3a50428961c6f0f27a97029288cbf2a36efb88cd0229da409856f122b466bad5ab833c50eaa07651ac691897e065c8870eb86472ab6ad727da681302d5999086ba0bff790d7ea77d0e50e8cc8f7284a0161a11b379e55087684bf321a340656c790ee99f13d14006eff3111785aff450384f72ce03a762f46ce8ec1719e55083e1493bf0376345e84e4a159d51bc05b15f1b1dfae7782476fc4a16d16e9bf5eed9499f58074bbbb62f59b537873335fd778cdd2fcc95d22c6f21b9c14c09b1efb4f71196d600fa0a0074b130fd2f410011fc5a44933cf8552cf5c0fc3b6a7a3f7616b8411295bc3aed0f033848fe62fd2f32602b2c396e909cea3b31b31fc21e94859bd6beb7afa33fa5370670ccea2b75fc851847bf2118e3e98e983f11640513d34f40d09bd034be45215aa5727d22740d691cc2e1ca9853c4726a745ee878d6202321a8b5efa7a59bec1ce1e18aa73b7387ea03fe4303d9a9772c8f16b5eed7c264c17fc77aeeac6f11f5596c7cd1239c22fcad894061b3041aa3c51ab5d7b3141e6409674033d140970cfedeca6a3021837d21a111184cc674a24dbe4d0581f1bff4aaaad82a4ee4c3d94e92e49bb2eaac0fba812845222460f95bc6d633a8fcc0a874ed86e3e91681974443640ebcc1be60561dd2a0102fd28ee6efc75ec2f78583fe4082466276eba8b9c0d2eb7655a8eecc41c78971d2310f45a5b8d74a7b5113bab620ca6b43d3b0c9e6c2edd6f8848ddc9f291216df80c93a9c89d0636a210721262f6c7f6e4ffa6867b34a75f09ae3839bfb76150763f07ab36242e2f963a8caf2ae804d36ad8cb4cac6e3cd1ba13d685778a389f6f2fada36fcb4f77e0ce9a104e0cdaadc3bffe871ba24da509f76eb4a1813459d91c66c144228645ffd1dad23eaeccacbabfb199d91b4802786b9dee08f2a9bf4436c968f6574763faa80fbd91e1f7935830424d26e531fa3a529e9fb22407632167719b3ff6daa9c89bfd10a880838334be69940271e732bbac44fd7d1f3ccd53dab7ca4c74547e8b1f5c3abf620ea35bd243aec912669e0e26d0c22c78e8079585a34bfbfac2505bda03a77f7e6e32709b8427b932054179b1db98cd28fec25152fba8bd687d4f88f5a8ec6a92996d8107df87b9cabdccdbec434198b5c52305a7b64d29729513e31ad794fc6d885183facfeeda0918553148fd229833b6a887850ac76d96b7968f26ff5180aa848b10d73b7c45272b17c964498d21dc4a739746b014c86de0829916002cb8ed65866f83748d936b635cd7ccfff67bc3eb14d361059f20667d4b3493f6fce9834b67801255e112690f7fe19be7f3eece7c8e052021aeac13625846514e154e9debf88377fd3968512f9cd992749216c3b1c42e700f15f17da32819fc43b901bb33463d22c7a471f0766db65e396e4b442e76ed80ae277f2231829e58d07e44d0673545296ed295b7296d105682152bd2a1b4420658f18bf4c2d24c0000b3070cba67dcc69631e8a93499358e5786166b9496956f76dbfda6f936251ad04c66fedc34dd9144c37ce1d8f0a2cfdef30c938aab6177552a7c4fb0cd676cf35f2e3fe8f3e3932477f64b053fde6ceff1e2a2187c98a480041a4c5dcd283b77ac83e9d32e733ecd2b496fcde931d14fc0e31a3ddcc6762eaab2c29afa96637b2ade809655ed9eaeb10e5d38385f0b196e862223bb972eb5c5ac62e1ef4e7cab3600c87c404d03a83d50fab86b4fb506f09782f7c415e938425cef972e6eb364b241e3706b84df0ae9303a7f1b94b6eb4cabab7a787d068abefbb8537115c51cca4f42d786a630cdd40db11d6bd53cf883a24c34889cb7c4aec86f60f2090e662b96ae55d673ac9a5a6372267e7e91fe7ed244d90d419490e3a53d27bfb892c816e9240ef069d91e3fed6444085cf5dcfdc54f0671b981dc3fbe3f3134caa5775e727ac6fb47e59f0e5d8291297f4205c1882d013946df3be2df739a8e35875859847b0f9984772b39cfd81838ba6b7d0f61490cd8d6298cf69ede82b00408654c2d6b6bc0d7956509b4ca17cc429485135d94281edbf8661b47c5f4c75e5e5c9a180aae3392d3aafbecd87aaa549709cd134a3b1487fd1870ab317c528250e2bfddfd0966488977ccadc04b6efb6eaae0762cf843cc897f2a4fae86b3af8bb2d5d0f713fb8bd2e79d270a38350cfdb90a99ccd0dca7c8de7ae7700964bd245246208d44b7ff9af12d00f80c39857da17dee4773844783c18cd8069b3f7ac24bff39068a1630093801d31cabdd1ef100135b179bfc7017019d621fe7e3612d7321cd2c844c9b285372f7e8ac428a4dbba330132f0902a0d72a031f54de2a80f50dcd4295de00dd10248b130ccf1c8c0e6fc51812a509fa5329dfc80e3e538bb8e30d3e7de9691aed08d876ce2580e3fc72e0b817cd382cbfe15964987e3936f4b45346880cb1006f5c674c04d2344d503f3c308746d712d7c4474aa6a2e5cc448db6e679ae52542961e0781aad24d210c5d91ad9cfdd7734298e48bae2d1769889610d82e5e27b3b8e8888e6e6bfc8f939f7f3b2aa29409794ff08fa86b2b834b9d2150c1ee050052e74a0dc591ac414e9c8175259a138dc4e1c97277bede930e2605fb2f864516cf1c7582230f6660ef6aab47e071dbac733ba278ec0a33abc5056329e412c3eec0f4e7f8abc1f59b0156d01b5210360d71be257dab651f178515286eaa2b59cfb3b9d299dd36f28fec851a750d67290c0b662b3d3c562e4a3f793d4097c7e273a418e24d16a3330887d3214b0376a465aab4709aa99caf8426feda7b45eb2d73b1d63eb8d17c13ef87ce25580cfebede24ed001da39598ca7d4bb4cca0cbe034ca69c6083600e62dba6d6c2bf4fd7de4bc74063291eb68a1e3e3145dbb0654281e8f4a615fd76578af61e892b5ddd499682537c5045441b621143a527447dd43c846d7ab24f1ebb8647040d29931bf8c1b15ff1f35ea9fc83f1e6d17d9ae319048a0e680622e997caa70e58a37f81e47cbca04d0cd2bba93bdeedbdaf09da0457ef3ef35d9abe5c44561c270f46090ab9d47f58e447e072a0d0a3b2b9b5bbf58ed713ef915f34f26f6798c50b31257628d44239691895ba2838cedcbd80e0aa9294d20d91f2b762f8fe0e2fd07a947fc59c6075073297a75255aab7604c5fbeb85194f44c35e7859b72831cb0b6fe8a023e3cb8c9b898b64bc5bf773380acfb126e62ddd1f7c667fb6cedcdf1d306122d2b6fab9ed7ebc646e9e554ac286ac4e6233e0f88aa02b3fcfff7481213dd2523da4d8c254e336b0bdd3ca695dd5d4da5fdcf584f849295"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r186, 0x81f8943c, &(0x7f0000052b80)={0x0, ""/256, 0x0, 0x0}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x9, 0x7, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000052d80)={0x2, [{0x0, r22}, {0x0, r130}, {r48}, {r175}, {0x0, r108}, {r34}, {r105}, {0x0, r11}, {0x0, r182}, {0x0, r95}, {r25}, {0x0, r82}, {r157}, {0x0, r163}, {}, {}, {}, {0x0, r75}, {0x0, r86}, {r92, r116}, {r16}, {0x0, r158}, {}, {r77, r137}, {r152}, {}, {}, {0x0, r38}, {r129}, {r133, r42}, {0x0, r166}, {}, {r49}, {}, {0x0, r24}, {r120}, {r160, r12}, {r92}, {0x0, r13}, {r143}, {r36, r127}, {r96}, {}, {0x0, r63}, {}, {0x0, r106}, {r28}, {r71, r60}, {r99, r55}, {0x0, r59}, {}, {}, {}, {}, {r117}, {}, {r98, r2}, {r169}, {}, {0x0, r8}, {}, {r185}, {r151, r30}, {0x0, r31}, {r33}, {0x0, r165}, {0x0, r19}, {}, {r68}, {}, {r175}, {0x0, r184}, {0x0, r165}, {0x0, r52}, {r115}, {r134, r183}, {r173, r40}, {0x0, r26}, {r146}, {r39, r112}, {}, {}, {}, {0x0, r144}, {}, {0x0, r167}, {r67}, {0x0, r42}, {r132}, {0x0, r93}, {r136, r43}, {}, {r174}, {0x0, r145}, {}, {0x0, r121}, {r14, r4}, {}, {}, {}, {r180, r104}, {r81}, {}, {}, {r142, r17}, {r20}, {r103, r37}, {r153}, {}, {r174}, {0x0, r50}, {r90, r86}, {0x0, r42}, {}, {r64, r154}, {}, {r94}, {r49, r91}, {r18}, {r156}, {}, {}, {r114, r7}, {0x0, r40}, {}, {0x0, r79}, {}, {r54, r128}, {}, {}, {r10}, {}, {r41}, {r21}, {0x0, r95}, {r139}, {r47, r106}, {}, {}, {r35, r4}, {r71}, {0x0, r102}, {r162, r9}, {}, {0x0, r45}, {r155}, {r123}, {r15, r91}, {r142}, {r64}, {r172, r166}, {}, {r87}, {r23, r43}, {0x0, r167}, {0x0, r124}, {r69}, {}, {0x0, r110}, {0x0, r89}, {r141}, {r29}, {0x0, r118}, {}, {r100, r127}, {}, {0x0, r159}, {r161, r70}, {r153}, {0x0, r102}, {r164}, {r92, r135}, {}, {}, {r65, r83}, {0x0, r32}, {r57, r101}, {}, {r122}, {r105, r145}, {0x0, r144}, {0x0, r108}, {r62}, {0x0, r119}, {}, {}, {r149}, {r15, r140}, {}, {r94, r3}, {r5}, {r172, r178}, {r47, r58}, {0x0, r168}, {0x0, r112}, {r73, r75}, {}, {}, {}, {}, {}, {r85}, {0x0, r179}, {r88}, {r27, r179}, {r51}, {r177}, {r64}, {r176, r50}, {0x0, r74}, {r76, r59}, {}, {0x0, r78}, {0x0, r80}, {r111}, {r174, r107}, {0x0, r61}, {0x0, r82}, {0x0, r147}, {r66}, {}, {}, {0x0, r12}, {r109}, {0x0, r189}, {}, {r97}, {r34, r181}, {}, {r84}, {0x0, r32}, {r44}, {0x0, r31}, {0x0, r150}, {0x0, r53}, {r133}, {r97, r148}, {r46, r170}, {}, {r138, r131}, {r143}, {0x0, r163}, {r125}, {}, {r180}, {0x0, r126}, {}, {r171}, {r56, r8}, {r134, r72}, {r6}, {r29}, {}, {}, {r187, r188}], 0x80, "0bc0a15a111742"}) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9f, 0x27, 0x80, 0x9, 0x0, 0x0, 0x0, 0xc, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x2, @perf_config_ext={0xee36, 0xec}, 0x400, 0x7, 0x9, 0x1, 0x8ff, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000}, 0x0, 0xe, 0xffffffffffffffff, 0xa) syz_open_dev$tty20(0xc, 0x4, 0x1) 05:40:02 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c100425ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 751.041553][T11067] loop5: detected capacity change from 0 to 131456 [ 751.041638][ C1] sd 0:0:1:0: tag#5569 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 751.057985][ C1] sd 0:0:1:0: tag#5569 CDB: opcode=0xe5 (vendor) [ 751.064329][ C1] sd 0:0:1:0: tag#5569 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 751.070659][T11067] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2090/file0 supports timestamps until 2038 (0x7fffffff) 05:40:02 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0032000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 751.073394][ C1] sd 0:0:1:0: tag#5569 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 751.073412][ C1] sd 0:0:1:0: tag#5569 CDB[20]: ba [ 751.079187][T11074] loop4: detected capacity change from 0 to 131456 05:40:02 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x4, 0x101) 05:40:02 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) r6 = socket(0x8, 0x5, 0xfffff801) write$binfmt_aout(r6, &(0x7f00000005c0)={{0x10b, 0x4, 0x97, 0x7f, 0x38f, 0x7, 0x4d, 0x1}, "22bc1cddc23a63472175e2134d1ce543861b167246ff7bd0e1e26d3578f2653dd1e81eb06737fbc0f1007c8c05cfb2f29a051bb8f2a194f69e488c4c7c50bcfcc406f80becf96232ec74cefb393bce87ea1a5b2432e42dc3d06e4e5b03a617aa7a29eb6ba66e268d6b831dca803452c7609f3d9eb9f63e7c5389f6f3204745d400132d8d347defa93f58e802376ed52151b070d61b2474c5028d6cfaebf8c5a1042e90452a6e3cc9c3317e02dd2990ba7913dc4a35ce87fd61d1d91aa0969d46", ['\x00', '\x00', '\x00', '\x00']}, 0x4e0) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x600a81) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:02 executing program 0: r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0xa000) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001440)='/sys/power/pm_debug_messages', 0x0, 0x0) fcntl$lock(r2, 0x40d, &(0x7f0000000000)) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="610000000200000001040000b8631cb9c0cdf7034c4ba1d70682cb8b6d03e5b325f2dcea1bb15e40dedb3e3e70c18dd887fa524168f394ffe5e6ad4948bddd218e1564be3efa99835b2c0a277f4efd76a7489625bd3a772f4d0db7fe41b69959cd8ddd2affeeaacbbb2541"]) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0xe5, 0x1f, @buffer={0x0, 0x6d, &(0x7f0000000040)=""/109}, &(0x7f00000000c0)="b9d87b21a39b897fe812583d768c9d5a8c9555f47730578291ff5d58b866a26f63eb99877528efe5a9f2b690ebf603a23b1d27e29124b070f327c05679280b332f858c7784b2a6e7463f93397508ed54391db9ea2c132e83c663cd3d63e8558bcfd2979ad444701d06c01a0e0be5863c79b460fa637ff8d277b590dc244167349c1b6bb48f0452f374d0323bde8333ca014a1214e940cea1a1387d20d9071574118494d8ae22c246445391c50f41d6af45e760158f38c1602b4381edaecbce146e8fd8b9b364f18b2df9b844b125dc044f707cee3e1eeae26f7c5b4b5223d4d103ee4e0a00", &(0x7f0000000440)=""/4096, 0x5, 0x20, 0x2, &(0x7f00000001c0)}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) unshare(0x22060400) r3 = gettid() ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505331, &(0x7f0000000200)={{}, {0xe}}) dup2(0xffffffffffffffff, 0xffffffffffffffff) clone(0x6cbaa500, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f0000058980)={0x8, [], 0x6, "3edd2ad5fd4fcc"}) fsetxattr(0xffffffffffffffff, &(0x7f0000000340)=@known='trusted.overlay.nlink\x00', 0x0, 0x0, 0x3) perf_event_open(0x0, r3, 0x0, 0xffffffffffffffff, 0x0) wait4(0x0, 0x0, 0x80000002, 0x0) [ 751.211718][T11377] loop5: detected capacity change from 0 to 131456 [ 751.265691][ C0] sd 0:0:1:0: tag#5596 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 751.271237][T11074] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2136/file0 supports timestamps until 2038 (0x7fffffff) [ 751.275595][ C0] sd 0:0:1:0: tag#5596 CDB: opcode=0xe5 (vendor) [ 751.296127][ C0] sd 0:0:1:0: tag#5596 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 751.305187][ C0] sd 0:0:1:0: tag#5596 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d 05:40:03 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x5, 0x101) [ 751.314316][ C0] sd 0:0:1:0: tag#5596 CDB[20]: ba [ 751.334469][T11377] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2091/file0 supports timestamps until 2038 (0x7fffffff) 05:40:03 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x6, 0x101) [ 751.860745][T11061] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 751.871040][T11061] CPU: 0 PID: 11061 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 751.879462][T11061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 751.889517][T11061] Call Trace: [ 751.892866][T11061] dump_stack_lvl+0xd6/0x122 [ 751.897466][T11061] dump_stack+0x11/0x1b [ 751.901625][T11061] dump_header+0x98/0x410 [ 751.905957][T11061] oom_kill_process+0x18e/0x3f0 [ 751.910814][T11061] out_of_memory+0x5ed/0x890 [ 751.915482][T11061] ? mem_cgroup_iter+0x29b/0x370 [ 751.920424][T11061] mem_cgroup_oom+0x484/0x520 [ 751.925144][T11061] try_charge_memcg+0x736/0xa10 [ 751.930006][T11061] ? __rcu_read_unlock+0x5c/0x290 [ 751.935031][T11061] charge_memcg+0x51/0x1a0 [ 751.939525][T11061] __mem_cgroup_charge+0x25/0xa0 [ 751.944466][T11061] __filemap_add_folio+0x3a8/0x4d0 [ 751.949575][T11061] ? workingset_activation+0x2b0/0x2b0 [ 751.955039][T11061] filemap_add_folio+0x6b/0x150 [ 751.959927][T11061] add_to_page_cache_lru+0x4e/0x70 [ 751.965051][T11061] filemap_read+0x80e/0x1720 [ 751.969644][T11061] ? save_fpregs_to_fpstate+0xf5/0x140 [ 751.975111][T11061] generic_file_read_iter+0x75/0x2c0 [ 751.980464][T11061] ext4_file_read_iter+0x1db/0x290 [ 751.985640][T11061] vfs_read+0x66c/0x750 [ 751.989826][T11061] ksys_read+0xd9/0x190 [ 751.993998][T11061] __x64_sys_read+0x3e/0x50 [ 751.998513][T11061] do_syscall_64+0x44/0xa0 [ 752.002971][T11061] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 752.008868][T11061] RIP: 0033:0x7f2e21c2aae9 [ 752.013401][T11061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 752.033063][T11061] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 752.041502][T11061] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 752.049480][T11061] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 752.057458][T11061] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 752.065436][T11061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 752.073410][T11061] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 752.081532][T11061] memory: usage 307200kB, limit 307200kB, failcnt 4900 [ 752.088540][T11061] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 752.095560][T11061] Memory cgroup stats for /syz2: [ 752.096244][T11061] anon 2215936 [ 752.096244][T11061] file 306601984 [ 752.096244][T11061] kernel_stack 376832 [ 752.096244][T11061] pagetables 2244608 [ 752.096244][T11061] percpu 0 [ 752.096244][T11061] sock 0 [ 752.096244][T11061] shmem 306561024 [ 752.096244][T11061] file_mapped 0 [ 752.096244][T11061] file_dirty 0 [ 752.096244][T11061] file_writeback 0 [ 752.096244][T11061] swapcached 0 [ 752.096244][T11061] inactive_anon 5484544 [ 752.096244][T11061] active_anon 303280128 [ 752.096244][T11061] inactive_file 0 [ 752.096244][T11061] active_file 0 [ 752.096244][T11061] unevictable 12288 [ 752.096244][T11061] slab_reclaimable 1269576 [ 752.096244][T11061] slab_unreclaimable 1465104 [ 752.096244][T11061] slab 2734680 [ 752.096244][T11061] workingset_refault_anon 0 [ 752.096244][T11061] workingset_refault_file 2566 [ 752.096244][T11061] workingset_activate_anon 0 [ 752.096244][T11061] workingset_activate_file 0 [ 752.096244][T11061] workingset_restore_anon 0 [ 752.190357][T11061] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=10101,uid=0 [ 752.205679][T11061] Memory cgroup out of memory: Killed process 10101 (syz-executor.2) total-vm:85348kB, anon-rss:464kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 752.223795][ T25] oom_reaper: reaped process 10101 (syz-executor.2), now anon-rss:0kB, file-rss:34812kB, shmem-rss:0kB 05:40:03 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) creat(0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x10) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:03 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000525ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:04 executing program 0: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004cb00)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x3, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {r1}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {r2}], 0x1, "060cd6bed5f770"}) r5 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}], 0x0, "2156816c73038c"}) r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) ioctl$SG_IO(r7, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) syz_io_uring_setup(0x0, &(0x7f0000000140), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000040)) io_uring_enter(0xffffffffffffffff, 0x450e, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(0xffffffffffffffff, 0x8010661b, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000440)) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$tmpfs(0x20100000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) setxattr$incfs_id(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x0) clone(0x52004400, &(0x7f00000002c0)="08b5dfca315700ce487880a9c272d9875bb2e99ac5bc700ddda7c1a3b4e0010ed23c66d4d9c037642aad59aae4982cb5758b921895616d29c83841052633ffc0e2fae6c48b63933e66b08bd0", &(0x7f0000000280), &(0x7f0000000240), 0x0) 05:40:04 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0132000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:04 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x8, 0x101) [ 752.312494][T11898] loop4: detected capacity change from 0 to 131456 [ 752.332189][T11904] loop5: detected capacity change from 0 to 131456 [ 752.342323][ C0] sd 0:0:1:0: tag#5574 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 752.352171][ C0] sd 0:0:1:0: tag#5574 CDB: opcode=0xe5 (vendor) [ 752.358508][ C0] sd 0:0:1:0: tag#5574 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 752.367582][ C0] sd 0:0:1:0: tag#5574 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 752.376602][ C0] sd 0:0:1:0: tag#5574 CDB[20]: ba 05:40:04 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x9, 0x101) [ 752.463406][T11898] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e01c, mo2=0006] [ 752.472153][T11904] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2092/file0 supports timestamps until 2038 (0x7fffffff) [ 752.508021][T11898] System zones: 1-2, 19-19, 35-38, 46-46 [ 752.514189][T11898] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2137/file0 supports timestamps until 2038 (0x7fffffff) 05:40:04 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0133000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:04 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xc, 0x101) [ 752.645590][T12115] loop5: detected capacity change from 0 to 131456 [ 752.670269][T12115] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2093/file0 supports timestamps until 2038 (0x7fffffff) 05:40:04 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000625ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 752.768471][T11902] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 752.778683][T11902] CPU: 0 PID: 11902 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 752.787211][T11902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 752.797287][T11902] Call Trace: [ 752.800577][T11902] dump_stack_lvl+0xd6/0x122 [ 752.805178][T11902] dump_stack+0x11/0x1b [ 752.809358][T11902] dump_header+0x98/0x410 [ 752.813675][T11902] oom_kill_process+0x18e/0x3f0 [ 752.818511][T11902] out_of_memory+0x5ed/0x890 [ 752.823114][T11902] ? mem_cgroup_iter+0x29b/0x370 [ 752.828093][T11902] mem_cgroup_oom+0x484/0x520 [ 752.832961][T11902] try_charge_memcg+0x736/0xa10 [ 752.837797][T11902] ? __rcu_read_unlock+0x5c/0x290 [ 752.842804][T11902] charge_memcg+0x51/0x1a0 [ 752.847265][T11902] __mem_cgroup_charge+0x25/0xa0 [ 752.852192][T11902] __filemap_add_folio+0x3a8/0x4d0 [ 752.857340][T11902] ? workingset_activation+0x2b0/0x2b0 [ 752.862915][T11902] filemap_add_folio+0x6b/0x150 [ 752.867746][T11902] add_to_page_cache_lru+0x4e/0x70 [ 752.872893][T11902] filemap_read+0x80e/0x1720 [ 752.877547][T11902] generic_file_read_iter+0x75/0x2c0 [ 752.882836][T11902] ext4_file_read_iter+0x1db/0x290 [ 752.888045][T11902] vfs_read+0x66c/0x750 [ 752.892247][T11902] ksys_read+0xd9/0x190 [ 752.896395][T11902] __x64_sys_read+0x3e/0x50 [ 752.900883][T11902] do_syscall_64+0x44/0xa0 [ 752.905285][T11902] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 752.911162][T11902] RIP: 0033:0x7f2e21c2aae9 [ 752.915559][T11902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 752.935145][T11902] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 752.943538][T11902] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 752.951499][T11902] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 752.959449][T11902] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 05:40:04 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0134000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:04 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xf, 0x101) [ 752.967406][T11902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 752.975359][T11902] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 752.983525][T11902] memory: usage 307200kB, limit 307200kB, failcnt 7201 [ 752.990397][T11902] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 752.997398][T11902] Memory cgroup stats for /syz2: [ 753.000174][T12221] loop4: detected capacity change from 0 to 131456 [ 753.008274][T12222] loop5: detected capacity change from 0 to 131456 [ 753.046499][T12222] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2094/file0 supports timestamps until 2038 (0x7fffffff) [ 753.067177][T12221] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2138/file0 supports timestamps until 2038 (0x7fffffff) [ 753.097253][T11902] anon 2408448 [ 753.097253][T11902] file 306618368 [ 753.097253][T11902] kernel_stack 344064 [ 753.097253][T11902] pagetables 2129920 [ 753.097253][T11902] percpu 0 [ 753.097253][T11902] sock 0 [ 753.097253][T11902] shmem 306561024 [ 753.097253][T11902] file_mapped 0 [ 753.097253][T11902] file_dirty 0 [ 753.097253][T11902] file_writeback 0 [ 753.097253][T11902] swapcached 0 [ 753.097253][T11902] inactive_anon 5677056 [ 753.097253][T11902] active_anon 303280128 [ 753.097253][T11902] inactive_file 0 [ 753.097253][T11902] active_file 0 [ 753.097253][T11902] unevictable 12288 [ 753.097253][T11902] slab_reclaimable 1266688 [ 753.097253][T11902] slab_unreclaimable 1429072 [ 753.097253][T11902] slab 2695760 [ 753.097253][T11902] workingset_refault_anon 0 [ 753.097253][T11902] workingset_refault_file 5000 [ 753.097253][T11902] workingset_activate_anon 0 [ 753.097253][T11902] workingset_activate_file 14 [ 753.097253][T11902] workingset_restore_anon 0 05:40:04 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c040625ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 753.186912][T11902] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=11901,uid=0 [ 753.202242][T11902] Memory cgroup out of memory: Killed process 11901 (syz-executor.2) total-vm:85348kB, anon-rss:568kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 753.221243][ T25] oom_reaper: reaped process 11901 (syz-executor.2), now anon-rss:0kB, file-rss:34492kB, shmem-rss:0kB [ 753.276057][T12430] loop4: detected capacity change from 0 to 131456 [ 753.307889][T12430] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2139/file0 supports timestamps until 2038 (0x7fffffff) 05:40:05 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) creat(0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x10) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:05 executing program 0: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x0, &(0x7f00000000c0)}) socket$netlink(0x10, 0x3, 0x0) ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f0000000080)) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x3, r0, 0x800}) 05:40:05 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x10, 0x101) 05:40:05 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0135000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:05 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000725ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 753.426542][T12435] loop4: detected capacity change from 0 to 131456 [ 753.434822][T12440] loop5: detected capacity change from 0 to 131456 [ 753.451326][T12435] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 753.466156][T12435] System zones: 1-2, 19-19, 35-38, 46-46 05:40:05 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x12, 0x101) [ 753.478144][T12435] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2140/file0 supports timestamps until 2038 (0x7fffffff) [ 753.510192][T12440] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] 05:40:05 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, 0x0, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x3}, @NL80211_ATTR_MAC={0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x404c800}, 0x61d88452f015d821) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r1, r2) syz_genetlink_get_family_id$SEG6(&(0x7f0000000180), r1) sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001400)={&(0x7f0000000380)={0x1044, 0x0, 0x400, 0x8, 0x25dfdbfd, {}, [@ETHTOOL_A_WOL_MODES={0x10, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_WOL_MODES={0x1020, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1f}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x200}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x1004, 0x5, "3a3ce0a2763c14cf7695d559745c4b7f6aafee387af242c849d069c2d8d72db966ac0ecb33ee77d32f16f06d13cb9479110f4798b9d25c774cf4fa1563d437c1c0c79e89ca5a9f546fe1272f0c762c85466e03e322e6ffb4fdfa6485fa0959b5a5da287e3e3c310f33673f6c8b3969d4ff34f42d3a3c6e720cd3d34ae0cf954bed37054fbc49c7beaa84b95ad9cc95196bc17aaa1f068d2c2bbab7e114793c4524c059c09d1dd7ab56d88b420c80cb352279148109a652d1326405fbaae685b353b05acf114da4b1cab3fe53bb0cd6f1b06b7cd717888b5c050235b241c2cfc80038a2d16191aca638c61a0daeb07982a6bedf74c723027edc4080d1fe4166010b0767a4b4cd392db6cd57e81e590258ebc1f94f167fbe6a147575736e61ff4923cb257c0fa1f4ba6850fbd48ea96fb85c2c97d61282ac8172a0e4e69f401aa820d3455dd95403381cd9c6a1303ce86aac162d8d499a09b16acd0d238703339f98955397bb7d5d68ba0c89dbd26d1e5ca366337c50b91b42133029571751cb45b360aa35322aee30709d64ef538e6313f6f74ea2f9c36487f9db653bd6f0148bd458bb56c03dbec850982457f9e4ec8cbc7fb93dae18e4d6794e57ccd449e26fded73d4a10793c9d4248219440249f2f8e1e04bf133db3c1b6761f59a3370254d15ce9e180ac18737f1c0fc6dda5ef8a439e409d136025eed8dfd1cce6944eff6565656ae11ee083c87e183ee3029edcf12ac5182c4d9b2673b29644778ef154405239b7128ed865dcbc0d26cadf7e2fd172292637ac31a9e6763dad45b72dcf758f7964a8dc5fd257722063f4cb8f6c1531ebf9d87ca8d2f81503a11ae35122a68db9a3c95d6a80463f278280d3829e4e86cdcd89fd46a73823cf62b2ff268508b132676ac88c4a59039e3d22accbdc55faf863088ea13a256bb3c8c48b4f23db948019fd9917d368200b72b103765afad83bde3dc0f2bbc3b41e1f60539a9266e5fdf879e028183eb9bae3053d1ee1a4d30577877eeb487115920163d6708c67936dc108dbfb5e466fd0f92639516d164b0609e70ed9432d37fd233f19eb134a9d5fdebaea0b7cc76322de4db1c971797ae66e1033ef13e7cd7ac22468b6f18d4cfad765d0ff65d9720652514d80a2c0bc2a503f9debde68116e4fe99aa87f6873448ab8e353696f0183eb5ebe3ad48d54044187ab5a3c12d7431fa45acd9b737dd59fc612a95ea04ffd21fa1d3c3de3a0dccf2388c87ef6bbb395e3801ca6697403dc6f7eb7aff834f85d0c21b883b2a08844ea164afeeb3dea3d7e3d55ebb09a57d2b80bc6be14ec0ce305acf5fb3a0822c9b4074a81a176449375e5a30ef04d6ff75c9a28acc84d8ff18c7faf3df89a614eb194223c486811d234d183d1424e0837a276af5be6d505e68fc7e96784b53667846d62f43aababa6ea3ac425c5d2a1c646a6d729dc528ef7082ca6a79204da0df79fc185ca1f30f6272f21a749b6c5f6e74cd1325b0862bbe7c4984510910c0e141892b5dcf9ccaa8953a251feaa9dabfd57116afa77d84cf5d824eb1da81157ebded22b4841cd6a80acbe9f39f2bee560682e23bb2b1527224237bfc6399502ed61391d11369475b0ec727c901c57ef5dfceea43a04e27d7562afee18929b3a88a0279d2535e13d1539f02d132c04302149e9a1700ca0de090ea96b1c9b94304e60debfd3178d27c757cf9b89f3aceb271e8791c1c8f8c466f783f195bd1bf9f4a34261cf97af42f1b304b7ef2b01cc163ddf7b3fe6a5347fffaed8cc3ab210c644b0d5c6999eca71dfeac4fc04ce34009c41cb15451d5caa6195bffe01b0de8638619adefa71ef4aa2bf0d8d90fc54ed1fb7ff3f850236334611c57a4f2e4c75d2954247ed0ac691575100d97e5214e90f76d825acf3f2e3dac0b99d05b385b9d69b3fa1f79b1766e0eb6e887c86cb41f65a9a8f6a1f1a1b491e37192060ce194f7b15f135ed3a90d934c40bc010fad3ecc712901789e5c3308f3239ba6d978c48da56b5a953cc171de118625c1d531edc0a969ea9203ffb500e7e82176d8cdb7b86fc78b32b4539d7a91de8f23a5a43f8be7e0ed13888450494b33c66c2d074ef9c7d4d745ddc45839ded6698998a77ac523a95c7f4bc63a937b6577770ebe3603ccab92a242471d4eb5e73240c6a1c8d02c4c1d37da37666db25cc1ece823b4a1ee24159d992424d70850c6df80d79afe529e76eebfe6ef9e0b7a7efdeaee9105c006750583707b61853148386d0c2252e7c184dd49a8d7abfd5b60fe5d6824c04b183d053de2da800868b3fccf92b910078912fefa3440c887e72638a7d6b037c25b9bf61474a3df167edde17481beb81d71e54f0d4fe291e445517cf251365a2a30c5cc2123966818eddd7656aef9eb2d5ce8ef648a43b09ffc073b40931f00853d86c13a0ecbaef477141fdcdf5099f41278edb4e8771966f567df427bc7c15d0b5a346e875b78024d0935520cc6294d7822ff1d33ef472b68001d3222b9f4a776f77050af654d64be25ca89135cd01acd65a092e321b4008f907555bcafa4cd6dc4ffb45fa46026419780af5a1c3dcdfaa3a1e408ac63f05432767edb0bb10b4c197b0dcb273b1cfe3a8bbf5ecc98c9ce70d84d736b58fe48ec6944d1473faf515b6174679783ebcda8444e672c41719f6a12dfd3fc367fe873c1e53328d2bdf72031f39460319150e6fb8789d2302bbabbcf6948d5c026cb61b2b8c1bb12dc9c4281a812c5029f7c3a82cb9358a3dc74fff4ea5edfa1f1f93905d1f418add54cd69a55c2890a9927b473ff6008c8a97bef7862eea0af10968d110171d711e917615c96b27bc35a1306778c714838fa6e73e880a1904eabadf3d2ae269a7b84a81d5fc09f11f0dd4139e54f1ff3535e92090b7005a04d2596250e9830dbbc97a60029f4305dc3828fb3362985389785ba715d840498ff93ecadc497ee53d412954081663c328b3a59edcb1de9a02f5a67cb6541485e92a094753949f56289346c60c31f6ac221403099b31b0db1738bbc9935a8ead549d0bdaa8077f3190a65973cf346f4aaf48736c8049970218b7134e5e018d3326bbc004ec1da289fa236a0b03f3fd4ba5af17f03deceeb1492d451799c2a7fcec25df07a97eaf05393bc198a3dd7b4dee80aa5e608a88b042036e84bc0dea69b00e1cf606c5abf97cb144571f3ed16cdc72dfe87f1a2c029f483de567e9c89445018bb9008c8c2db6269c02a951c2709b92c79145a819801b7c86d8771da044fa1ecd48c8a786e107890e553331a4bb4a4c439b601ede8dacfdf1093b5027b49b4b8ea6ef5b1e1569592dfeeefe4df8c9b4c9d220fc15e07915c35845db555835df33a671ffdc7ee479651d81c04a695c340d65f0e4c96c58d46aa0d03a6411ec2a0d0a5ef6fcab28ee140bc5d855d4afb9b784e59ea9430d705193910fbe3589b48c9bd36ef95313cc78aaff3bb300e5f69e69c0e2096b16960b7790da2ab3db8a3ede848a0162ab3f43fc2edf3c1f3ba8ff644b8ff1731d533262c5a01d3eb5ed08e67db3bd16dc227672a3f654ee82c61c8baf7f63cefc375c004eb4cc2d6f4928fb140b35dd2f680d65ffe91618be3dc434e5b9c1166a7e769b514f3ebc8fba2657ee65eaa45d7049f07ed34631ee8d9a1587bea7126b9f4805db621cafac54b415ab773b50ac3d7306d2a777e4ea3d7cf61eb76fa1a40f416b87f81752e2849407fc0265bd99c39698544ecc75650af3d2fb62fe12b4cd99f5d5821b4e3bb6975d4f73f18535d2346c40133f404a1425416cf749862383962ae30621e4cdee8393cd6484e68436c45aaaf5d3e7e92e52684db208fb49b9492efe13c19d2bee3ef2fd5f3832fe5c5c17a986874cc7de94d9103565199a6709d656bc8c90bd4683a86ccbc1821a76c6029635ebcc872959892f14b6d5cdef70d47430297aa943ca09a951095df2664360f44b0072dd863965e702bd7f0a757fa628a6e5023e9d446db294bffb522c161979cc9d2c3c391986e177162da7ccf406fe683cf73f0a84a1db32b724c4aff76744accef8218c3c332fd879da98e922dbef9b3bbde576f67c82aae526c84011ebbc4968b2e4aa15d9b01682813a209b0db6f593c7943352bb798243059cc222cd27793d659b7f51f77b2d019e8226dc70bc68c7db8cd9ba159c8b0db2df5182842830ffeb9997c0a48fe344fdfc488f0a35ff4e09c61dd5c3682a31ec74aed7cbee497d1dd238542ed6c7cb900668fd2c510e987377d4e8f3cf0ce08d07af72cfafab913c4a74cb6847150ecff26c095812556b748113c42df72868c9a1459a701027310e7148ad8aebb3bc1ff3fdddd43a1effdbfd1b65bef0e96468bf4d71ae8564c620aa3e018ffca408dc4e848edbba970b521a452096399f8df24f1e3e97fc5256bfbd5c9633213e01b35b21b0451c10da3d414987503f65b5a943a54f22c506b3fafaa9aadc3644c14fa43fdc633afb05f76d0b02043f9bbae0f1831019e1fd2781552e49da792194afa5e4c7fe2f4328eab94f95fd6eb67daddbf62daf17344cb11809cfd9cd0c2cb1c221bc097d3f82e16f2d9fbda6f5a0dec192e0e4580275b313b9efd125663de5b90ea4ad4d0998b8d46995a3a2c74c00623bd53d3f914ee2889d1655eb199204119dd955d6d0905f2acd0798cccbfc9206b6c6b44ee53c54a3d47c12e0ff23b183eb739984d1c55cfdb03aaae923e5bb7b5014875ac26bc6b991f475f35602ffd0c824c86b12f583672de66e5abe26235215862510a563937b74ce4fabf0745ae2c0f3b2c825cd000388653f842a9cf31a9f81a4911c83b7c47aaf6f53fce4bf1fc34c77c8aa08f2973f165d71f53f137cba595630d82842318791e47c55c862ace6890f821ef4678cd9d0240d3145595f9c4c0cabfe3b4a76f683c5d5e8911697fed11d4a53f131270f865183b233f5f2d40c7953e6f2678c85064fd32977dafe5da097daecca09e766746953696cd9a7dcdbcb268b6f3338256111d1a366ce273fac91a6076cdbbb43b2b3e1f8cc725594220286d5bc29f6eb72977c11c8f8da95c0fcb39cef02717998e43c11eb98605bb662e201ee989451de1171b5b3ec24787c6695f335e29ba285c481d3e30aae4398d374fc4e3ff732962d83698d198f5c6e987a7c1ae5a740a2c57813b9169f7d3003dafa343e49b01251f3414a8ff1f873bcc390f880d229399f59b864a30d9171d2dc8fcbb23099ce130179d28e970a9613ed3b2a4288511dcb8309481880eb7d8561d9ddb1c3220cf1630ee5a17b0fe2681c853c7d93fe47c22a8a92d4bce6219623fe4debdad1ebbc954402d734cf37477559de60738e8a46ea8e09695e0f778194016d1f373041ee8ae81811bd6fda0b0e4f752883ce22d0c84f5141c555eec3c6f2b885e48a1c7fbf0daa8e93129d9f4109b62c5695a8188d1def8a8bbb7a19ff285003bc614abe4b79f7a5a60508046b7abac3022af581d9beb61628fab6bcf7e4d5be7fb1f870de13d7f5a788986ea4055b790dffcb62f87ffb93cf5510bc7eb6d1beb9235282c49cc53d011316b4d4a05631ef835afc74d8fdc5e0067fce7e2e57b212c79e2cf55bb7356c3259dde4d21233e0160729d1289c25a31e2fa7b951cfa6b656a1c8bbf7642bd9739e46ab2fd9e0392962911cff02ff41fcb37385a03c00f8426e9abe0e4ab298085dea412bf0e52af12f5cb1d4587e928d26671f9d9b0fe70472069bb3f0b64fe81ef99f8869faf908554e20cf4177ae0a7b85094a99ec1e0694"}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x1044}, 0x1, 0x0, 0x0, 0x90}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x5, &(0x7f0000000080)={&(0x7f0000000200)=@newsa={0x13c, 0x10, 0x1, 0x0, 0x0, {{@in=@empty, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in=@remote, 0x0, 0x33}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth_trunc={0x4c, 0x14, {{'sha1\x00'}}}]}, 0x13c}}, 0x0) 05:40:05 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000925ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 753.527152][T12440] System zones: 1-2, 19-19, 35-38, 46-46 [ 753.561342][T12440] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2095/file0 supports timestamps until 2038 (0x7fffffff) 05:40:05 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x82, 0x101) [ 753.626699][T12754] loop4: detected capacity change from 0 to 131456 05:40:05 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce033c000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:05 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) rmdir(&(0x7f00000001c0)='./file0\x00') [ 753.680168][T12754] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 753.698430][T12754] System zones: 1-2, 19-19, 35-38, 46-46 [ 753.707588][T12754] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2141/file0 supports timestamps until 2038 (0x7fffffff) 05:40:05 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x281, 0x101) [ 753.754656][T12951] loop5: detected capacity change from 0 to 131456 [ 753.801738][T12951] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 753.827204][T12951] System zones: 1-2, 19-19, 35-38, 46-46 [ 753.837790][T12951] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2096/file0 supports timestamps until 2038 (0x7fffffff) [ 754.272224][T12551] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 754.282441][T12551] CPU: 0 PID: 12551 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 754.290852][T12551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 754.301339][T12551] Call Trace: [ 754.304623][T12551] dump_stack_lvl+0xd6/0x122 [ 754.309217][T12551] dump_stack+0x11/0x1b [ 754.313386][T12551] dump_header+0x98/0x410 [ 754.317722][T12551] oom_kill_process+0x18e/0x3f0 [ 754.322573][T12551] out_of_memory+0x5ed/0x890 [ 754.327166][T12551] ? mem_cgroup_iter+0x29b/0x370 [ 754.332144][T12551] mem_cgroup_oom+0x484/0x520 [ 754.336848][T12551] try_charge_memcg+0x736/0xa10 [ 754.341698][T12551] ? __rcu_read_unlock+0x5c/0x290 [ 754.346720][T12551] charge_memcg+0x51/0x1a0 [ 754.351133][T12551] __mem_cgroup_charge+0x25/0xa0 [ 754.356065][T12551] __filemap_add_folio+0x3a8/0x4d0 [ 754.361171][T12551] ? workingset_activation+0x2b0/0x2b0 [ 754.366635][T12551] filemap_add_folio+0x6b/0x150 [ 754.371566][T12551] add_to_page_cache_lru+0x4e/0x70 [ 754.376684][T12551] filemap_read+0x80e/0x1720 [ 754.381299][T12551] generic_file_read_iter+0x75/0x2c0 [ 754.386588][T12551] ext4_file_read_iter+0x1db/0x290 [ 754.391764][T12551] vfs_read+0x66c/0x750 [ 754.395919][T12551] ksys_read+0xd9/0x190 [ 754.400072][T12551] __x64_sys_read+0x3e/0x50 [ 754.404597][T12551] do_syscall_64+0x44/0xa0 [ 754.409088][T12551] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 754.415004][T12551] RIP: 0033:0x7f2e21c2aae9 [ 754.419438][T12551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 754.439122][T12551] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 754.447597][T12551] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 754.455577][T12551] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 754.463926][T12551] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 754.471925][T12551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.479897][T12551] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 754.487938][T12551] memory: usage 307200kB, limit 307200kB, failcnt 9622 [ 754.494785][T12551] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 754.501730][T12551] Memory cgroup stats for /syz2: [ 754.536088][T12551] anon 2408448 [ 754.536088][T12551] file 306618368 [ 754.536088][T12551] kernel_stack 311296 [ 754.536088][T12551] pagetables 2129920 [ 754.536088][T12551] percpu 0 [ 754.536088][T12551] sock 0 [ 754.536088][T12551] shmem 306561024 [ 754.536088][T12551] file_mapped 0 [ 754.536088][T12551] file_dirty 0 [ 754.536088][T12551] file_writeback 0 [ 754.536088][T12551] swapcached 0 [ 754.536088][T12551] inactive_anon 5677056 [ 754.536088][T12551] active_anon 303280128 [ 754.536088][T12551] inactive_file 0 [ 754.536088][T12551] active_file 0 [ 754.536088][T12551] unevictable 12288 [ 754.536088][T12551] slab_reclaimable 1266688 [ 754.536088][T12551] slab_unreclaimable 1429072 [ 754.536088][T12551] slab 2695760 [ 754.536088][T12551] workingset_refault_anon 0 [ 754.536088][T12551] workingset_refault_file 7453 [ 754.536088][T12551] workingset_activate_anon 0 [ 754.536088][T12551] workingset_activate_file 15 [ 754.536088][T12551] workingset_restore_anon 0 05:40:06 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x500, 0x101) 05:40:06 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000a25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:06 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) creat(0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x10) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:06 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) rmdir(&(0x7f00000001c0)='./file0\x00') 05:40:06 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce033d000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 754.630305][T12551] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=12549,uid=0 [ 754.645586][T12551] Memory cgroup out of memory: Killed process 12551 (syz-executor.2) total-vm:85348kB, anon-rss:616kB, file-rss:35864kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 754.664725][ T25] oom_reaper: reaped process 12551 (syz-executor.2), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 05:40:06 executing program 1: ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005b680)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0x4, "c9fa216b59ae5f"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004df40)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r0}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}], 0x6, "f8baf61a749ccb"}) r3 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)=0x8) r4 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab48709fef8082e5f3e443dd374bc2eb1fa748cff5c9f518b99b243c0800000091d98bc6a1299d99c75b571827dff5c7f227ae370987df921b3283327789bedf736d03f53d5bf4299870", @ANYRES32=0x0], 0x28}}, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r4, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r6, 0x1c8}], 0x1, &(0x7f00000000c0)={r7, r8+60000000}, 0x0, 0x0) r9 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r9, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="000003000000000000000000e6742d1410f91dbca7a4ab081e720b9049fb0128ee5d57219f581bacc3537c9a362fb69b21a864b857"]) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:06 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) rmdir(&(0x7f00000001c0)='./file0\x00') [ 754.734003][T13168] loop5: detected capacity change from 0 to 131456 [ 754.748357][T13200] loop4: detected capacity change from 0 to 131456 [ 754.768555][T13200] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2142/file0 supports timestamps until 2038 (0x7fffffff) 05:40:06 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(&(0x7f00000005c0)={0x3, 0x80, 0x3, 0x9, 0x80, 0x3, 0x0, 0x9, 0x65044, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x6, 0x4, @perf_config_ext={0x8000, 0x8}, 0x1042, 0x2, 0xf7, 0x0, 0x5, 0x5, 0x3, 0x0, 0x18000, 0x0, 0x3}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x1) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:06 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x600, 0x101) [ 754.786137][T13168] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2097/file0 supports timestamps until 2038 (0x7fffffff) 05:40:06 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000b25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:06 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce003f000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 754.896507][T13513] loop4: detected capacity change from 0 to 131456 05:40:06 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) rmdir(&(0x7f00000001c0)='./file0\x00') 05:40:06 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x900, 0x101) 05:40:06 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7040fbdbe106000000000000000069d361a15fe5116cbecb9aa5321d039fe7fc6567655ccb7c3f3714ae910f72e4b6f2883ecd9c4fb6e6bb59143543e567be1abffe668d9407f27718fdfddd051385f5df6cbd269060e6ebf2aacbc0a220f49f7ce33cc1f61c6e117bd4299b5c1a2b807f922383cfde99b33231ee3c255cd12b38ffbc5493145193c4f360c3d6f5acbb020009459aae077a31834bfaf67730d41b187cd8f0256a509712e60bff3eee105946b4ef00e0308fb237bf2de400440d27d166635f343c480ceccc5556d657bd2142358960c6e072dc4a6fb7531c303e2cfd0d81f773", @ANYRES32=0x0, @ANYBLOB="0500ee00810000000500ee00070000000800ef00000000000800ef00020000000500ee00020000000500ee007a0000000500ee00040000000800ef0005000000"], 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 754.939875][T13560] loop5: detected capacity change from 0 to 131456 [ 754.998208][T13513] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2143/file0 supports timestamps until 2038 (0x7fffffff) [ 755.024996][T13560] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2098/file0 supports timestamps until 2038 (0x7fffffff) [ 755.354846][T13310] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 755.365120][T13310] CPU: 0 PID: 13310 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 755.373542][T13310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 755.383619][T13310] Call Trace: [ 755.386895][T13310] dump_stack_lvl+0xd6/0x122 [ 755.391573][T13310] dump_stack+0x11/0x1b [ 755.395780][T13310] dump_header+0x98/0x410 [ 755.400175][T13310] oom_kill_process+0x18e/0x3f0 [ 755.405038][T13310] out_of_memory+0x5ed/0x890 [ 755.409631][T13310] ? mem_cgroup_iter+0x29b/0x370 [ 755.414671][T13310] mem_cgroup_oom+0x484/0x520 [ 755.419357][T13310] try_charge_memcg+0x736/0xa10 [ 755.424213][T13310] ? __rcu_read_unlock+0x5c/0x290 [ 755.429307][T13310] charge_memcg+0x51/0x1a0 [ 755.433752][T13310] __mem_cgroup_charge+0x25/0xa0 [ 755.438694][T13310] __filemap_add_folio+0x3a8/0x4d0 [ 755.443804][T13310] ? workingset_activation+0x2b0/0x2b0 [ 755.449432][T13310] filemap_add_folio+0x6b/0x150 [ 755.454324][T13310] add_to_page_cache_lru+0x4e/0x70 [ 755.459447][T13310] filemap_read+0x80e/0x1720 [ 755.464046][T13310] generic_file_read_iter+0x75/0x2c0 [ 755.469361][T13310] ext4_file_read_iter+0x1db/0x290 [ 755.474534][T13310] vfs_read+0x66c/0x750 [ 755.478735][T13310] ksys_read+0xd9/0x190 [ 755.482891][T13310] __x64_sys_read+0x3e/0x50 [ 755.487460][T13310] do_syscall_64+0x44/0xa0 [ 755.492076][T13310] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 755.498409][T13310] RIP: 0033:0x7f2e21c2aae9 [ 755.502847][T13310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 755.522527][T13310] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 755.531033][T13310] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 755.539021][T13310] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 755.547016][T13310] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 755.555066][T13310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.563051][T13310] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 755.571086][T13310] memory: usage 307200kB, limit 307200kB, failcnt 12296 [ 755.578034][T13310] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 755.585343][T13310] Memory cgroup stats for /syz2: [ 755.586412][T13310] anon 2408448 [ 755.586412][T13310] file 306618368 [ 755.586412][T13310] kernel_stack 344064 [ 755.586412][T13310] pagetables 2129920 [ 755.586412][T13310] percpu 0 [ 755.586412][T13310] sock 0 [ 755.586412][T13310] shmem 306561024 [ 755.586412][T13310] file_mapped 0 [ 755.586412][T13310] file_dirty 0 [ 755.586412][T13310] file_writeback 0 [ 755.586412][T13310] swapcached 0 [ 755.586412][T13310] inactive_anon 5677056 [ 755.586412][T13310] active_anon 303280128 [ 755.586412][T13310] inactive_file 0 [ 755.586412][T13310] active_file 0 [ 755.586412][T13310] unevictable 12288 [ 755.586412][T13310] slab_reclaimable 1266688 [ 755.586412][T13310] slab_unreclaimable 1429072 [ 755.586412][T13310] slab 2695760 [ 755.586412][T13310] workingset_refault_anon 0 [ 755.586412][T13310] workingset_refault_file 10585 [ 755.586412][T13310] workingset_activate_anon 0 [ 755.586412][T13310] workingset_activate_file 59 [ 755.586412][T13310] workingset_restore_anon 0 [ 755.680949][T13310] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13174,uid=0 [ 755.696602][T13310] Memory cgroup out of memory: Killed process 13310 (syz-executor.2) total-vm:85348kB, anon-rss:616kB, file-rss:35864kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 755.715092][ T25] oom_reaper: reaped process 13310 (syz-executor.2), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 05:40:07 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) creat(0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x10) 05:40:07 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xc00, 0x101) 05:40:07 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:07 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000c25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:07 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0040000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:07 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) [ 755.895182][T13806] loop4: detected capacity change from 0 to 131456 [ 755.918356][T13842] loop5: detected capacity change from 0 to 131456 05:40:07 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xf00, 0x101) [ 755.951118][T13806] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e01c, mo2=0006] [ 755.979672][T13842] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e01c, mo2=0006] [ 755.999849][T13842] System zones: 1-2, 19-19, 35-38, 46-46 [ 756.020566][T13842] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2099/file0 supports timestamps until 2038 (0x7fffffff) [ 756.037246][T13806] System zones: 1-2, 19-19, 35-38, 46-46 05:40:07 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) [ 756.052167][T13806] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2144/file0 supports timestamps until 2038 (0x7fffffff) 05:40:07 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) 05:40:07 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x1200, 0x101) 05:40:07 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000d25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:07 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0048000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 756.232289][T14124] loop4: detected capacity change from 0 to 131456 [ 756.235907][T14125] loop5: detected capacity change from 0 to 131456 [ 756.255588][T14124] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e01c, mo2=0006] [ 756.272692][T14125] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e01c, mo2=0006] [ 756.285476][T14125] System zones: 1-2, 19-19, 35-38, 46-46 [ 756.286281][T14124] System zones: 1-2, 19-19, 35-38, 46-46 [ 756.299940][T14125] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2100/file0 supports timestamps until 2038 (0x7fffffff) [ 756.314884][T14124] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2145/file0 supports timestamps until 2038 (0x7fffffff) 05:40:08 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) creat(0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x10) 05:40:08 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:08 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x2000, 0x101) 05:40:08 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000e25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:08 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce024a000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:08 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x3f00, 0x101) [ 756.771381][T14134] loop5: detected capacity change from 0 to 131456 [ 756.772042][T14135] loop4: detected capacity change from 0 to 131456 [ 756.802362][T14135] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2146/file0 supports timestamps until 2038 (0x7fffffff) 05:40:08 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:08 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000f25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 756.860434][T14134] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2101/file0 supports timestamps until 2038 (0x7fffffff) 05:40:08 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce004c000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:08 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:08 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x5084, 0x101) [ 756.930305][T14323] loop4: detected capacity change from 0 to 131456 [ 756.987431][T14323] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2147/file0 supports timestamps until 2038 (0x7fffffff) 05:40:08 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 757.041283][T14353] loop5: detected capacity change from 0 to 131456 [ 757.112176][T14353] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2102/file0 supports timestamps until 2038 (0x7fffffff) [ 757.166144][T14147] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 757.176387][T14147] CPU: 0 PID: 14147 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 757.184837][T14147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 757.194889][T14147] Call Trace: [ 757.198172][T14147] dump_stack_lvl+0xd6/0x122 [ 757.202802][T14147] dump_stack+0x11/0x1b [ 757.206975][T14147] dump_header+0x98/0x410 [ 757.211311][T14147] oom_kill_process+0x18e/0x3f0 [ 757.216230][T14147] out_of_memory+0x5ed/0x890 [ 757.220880][T14147] ? mem_cgroup_iter+0x29b/0x370 [ 757.225831][T14147] mem_cgroup_oom+0x484/0x520 [ 757.230515][T14147] try_charge_memcg+0x736/0xa10 [ 757.235366][T14147] ? __rcu_read_unlock+0x5c/0x290 [ 757.240409][T14147] charge_memcg+0x51/0x1a0 [ 757.244831][T14147] __mem_cgroup_charge+0x25/0xa0 [ 757.249771][T14147] __filemap_add_folio+0x3a8/0x4d0 [ 757.254946][T14147] ? workingset_activation+0x2b0/0x2b0 [ 757.260522][T14147] filemap_add_folio+0x6b/0x150 [ 757.265404][T14147] add_to_page_cache_lru+0x4e/0x70 [ 757.270539][T14147] filemap_read+0x80e/0x1720 [ 757.275143][T14147] generic_file_read_iter+0x75/0x2c0 [ 757.280424][T14147] ext4_file_read_iter+0x1db/0x290 [ 757.285542][T14147] vfs_read+0x66c/0x750 [ 757.289721][T14147] ksys_read+0xd9/0x190 [ 757.293868][T14147] __x64_sys_read+0x3e/0x50 [ 757.298366][T14147] do_syscall_64+0x44/0xa0 [ 757.302785][T14147] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 757.308714][T14147] RIP: 0033:0x7f2e21c2aae9 [ 757.313122][T14147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 757.332881][T14147] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 757.341391][T14147] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 757.349389][T14147] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 757.357350][T14147] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 757.365471][T14147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 757.373429][T14147] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 757.381520][T14147] memory: usage 307200kB, limit 307200kB, failcnt 16724 [ 757.388468][T14147] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 757.395408][T14147] Memory cgroup stats for /syz2: [ 757.395812][T14147] anon 2408448 [ 757.395812][T14147] file 306618368 [ 757.395812][T14147] kernel_stack 344064 [ 757.395812][T14147] pagetables 2129920 [ 757.395812][T14147] percpu 0 [ 757.395812][T14147] sock 0 [ 757.395812][T14147] shmem 306561024 [ 757.395812][T14147] file_mapped 0 [ 757.395812][T14147] file_dirty 0 [ 757.395812][T14147] file_writeback 0 [ 757.395812][T14147] swapcached 0 [ 757.395812][T14147] inactive_anon 5677056 [ 757.395812][T14147] active_anon 303280128 [ 757.395812][T14147] inactive_file 0 [ 757.395812][T14147] active_file 0 [ 757.395812][T14147] unevictable 12288 [ 757.395812][T14147] slab_reclaimable 1266688 [ 757.395812][T14147] slab_unreclaimable 1429072 [ 757.395812][T14147] slab 2695760 [ 757.395812][T14147] workingset_refault_anon 0 [ 757.395812][T14147] workingset_refault_file 15423 [ 757.395812][T14147] workingset_activate_anon 0 [ 757.395812][T14147] workingset_activate_file 103 [ 757.395812][T14147] workingset_restore_anon 0 [ 757.490296][T14147] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14137,uid=0 05:40:09 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) creat(0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x10) 05:40:09 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:09 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x8102, 0x101) 05:40:09 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c041025ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:09 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) r2 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r4, 0x1c8}], 0x1, &(0x7f00000000c0)={r5, r6+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f00000598c0)={0x1, [], 0xfa, "1f032ae6552381"}) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3000006, 0x110, r0, 0x146fe000) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:09 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0352000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 757.505603][T14147] Memory cgroup out of memory: Killed process 14137 (syz-executor.2) total-vm:85348kB, anon-rss:568kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 757.524226][ T25] oom_reaper: reaped process 14137 (syz-executor.2), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB [ 757.561730][T14463] loop4: detected capacity change from 0 to 131456 [ 757.575391][T14466] loop5: detected capacity change from 0 to 131456 [ 757.597329][T14463] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] 05:40:09 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:09 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRESOCT=r1, @ANYRES64, @ANYRES32=0x0], 0x28}, 0x1, 0x0, 0x0, 0x20044010}, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r4, 0x1c8}], 0x1, &(0x7f00000000c0)={r5, r6+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 757.609421][T14463] System zones: 1-2, 19-19, 35-38, 46-46 [ 757.619725][T14466] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 757.648468][T14463] EXT4-fs mount: 59 callbacks suppressed 05:40:09 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x8200, 0x101) 05:40:09 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 757.648481][T14463] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 757.664782][T14463] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2148/file0 supports timestamps until 2038 (0x7fffffff) [ 757.679589][T14466] System zones: 1-2, 19-19, 35-38, 46-46 [ 757.690169][T14466] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 05:40:09 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:09 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c201025ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 757.700743][T14466] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2103/file0 supports timestamps until 2038 (0x7fffffff) [ 757.820587][T14886] loop4: detected capacity change from 0 to 131456 [ 757.844470][T14886] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 757.857132][T14886] System zones: 1-2, 19-19, 35-38, 46-46 [ 757.863160][T14886] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 757.873893][T14886] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2149/file0 supports timestamps until 2038 (0x7fffffff) [ 758.034156][T14656] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 758.044410][T14656] CPU: 1 PID: 14656 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 758.052822][T14656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 758.062956][T14656] Call Trace: [ 758.066226][T14656] dump_stack_lvl+0xd6/0x122 [ 758.070874][T14656] dump_stack+0x11/0x1b [ 758.075034][T14656] dump_header+0x98/0x410 [ 758.079435][T14656] oom_kill_process+0x18e/0x3f0 [ 758.084359][T14656] out_of_memory+0x5ed/0x890 [ 758.088982][T14656] ? mem_cgroup_iter+0x29b/0x370 [ 758.093947][T14656] mem_cgroup_oom+0x484/0x520 [ 758.098720][T14656] try_charge_memcg+0x736/0xa10 [ 758.103591][T14656] ? __rcu_read_unlock+0x5c/0x290 [ 758.108610][T14656] charge_memcg+0x51/0x1a0 [ 758.113025][T14656] __mem_cgroup_charge+0x25/0xa0 [ 758.118012][T14656] __filemap_add_folio+0x3a8/0x4d0 [ 758.123120][T14656] ? workingset_activation+0x2b0/0x2b0 [ 758.128574][T14656] filemap_add_folio+0x6b/0x150 [ 758.133614][T14656] add_to_page_cache_lru+0x4e/0x70 [ 758.138800][T14656] filemap_read+0x80e/0x1720 [ 758.143439][T14656] generic_file_read_iter+0x75/0x2c0 [ 758.148773][T14656] ext4_file_read_iter+0x1db/0x290 [ 758.153892][T14656] vfs_read+0x66c/0x750 [ 758.158053][T14656] ksys_read+0xd9/0x190 [ 758.162213][T14656] __x64_sys_read+0x3e/0x50 [ 758.166722][T14656] do_syscall_64+0x44/0xa0 [ 758.171183][T14656] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 758.177146][T14656] RIP: 0033:0x7f2e21c2aae9 [ 758.181593][T14656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 758.201800][T14656] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 758.210289][T14656] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 758.218279][T14656] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 758.226314][T14656] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 758.234278][T14656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 758.242315][T14656] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 758.250370][T14656] memory: usage 307200kB, limit 307200kB, failcnt 19044 [ 758.257309][T14656] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 758.264191][T14656] Memory cgroup stats for /syz2: [ 758.264699][T14656] anon 2408448 [ 758.264699][T14656] file 306618368 [ 758.264699][T14656] kernel_stack 344064 [ 758.264699][T14656] pagetables 2129920 [ 758.264699][T14656] percpu 0 [ 758.264699][T14656] sock 0 [ 758.264699][T14656] shmem 306561024 [ 758.264699][T14656] file_mapped 0 [ 758.264699][T14656] file_dirty 0 [ 758.264699][T14656] file_writeback 0 [ 758.264699][T14656] swapcached 0 [ 758.264699][T14656] inactive_anon 5677056 [ 758.264699][T14656] active_anon 303280128 [ 758.264699][T14656] inactive_file 57344 [ 758.264699][T14656] active_file 0 [ 758.264699][T14656] unevictable 12288 [ 758.264699][T14656] slab_reclaimable 1266688 [ 758.264699][T14656] slab_unreclaimable 1429072 [ 758.264699][T14656] slab 2695760 [ 758.264699][T14656] workingset_refault_anon 0 [ 758.264699][T14656] workingset_refault_file 17798 [ 758.264699][T14656] workingset_activate_anon 0 [ 758.264699][T14656] workingset_activate_file 103 [ 758.264699][T14656] workingset_restore_anon 0 [ 758.359556][T14656] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14631,uid=0 05:40:10 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x8450, 0x101) 05:40:10 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="5c080000a9ae65d4ec845291fe6e83ff810bab0e6f1e96bf81b29e278fa9233d9f4761c0669f20445b239cb45d3129af24d7093bb7796fedede85b7aee655e2570ba41a702178156fd528d7e9e8499beab3766a06b314c3528a2eabba53d0ecc10c00078e67e67c9135c4febb1e133f492dd9333b5ff03104aa9b129f980d4d08a561f43c8b7f5850de752acf35d26e1069192afebde2e4d3b0d0007194360997969d36f74de1ec7864f69436954b9d5490dfaa7fd3d2fbaddb886a2f3025af7e2509668239b1ceb4ffd21cdad62afa3e6393836dd29", @ANYRES16=0x0, @ANYBLOB="000027bd7040fbdbdf257700000008000300", @ANYRES32=0x0, @ANYBLOB="0500ee00810000000500ee00070000000800ef00000000000800ef00020000000500ee00020000000500ee007a0000000500ee00040000000800ef0005000000"], 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:10 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) creat(0x0, 0x0) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:10 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:10 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0353000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:10 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001125ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 758.374878][T14656] Memory cgroup out of memory: Killed process 14631 (syz-executor.2) total-vm:85348kB, anon-rss:568kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 758.393708][ T25] oom_reaper: reaped process 14631 (syz-executor.2), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB 05:40:10 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f00000002c0), 0x2, 0x0) unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) [ 758.436673][T14896] loop4: detected capacity change from 0 to 131456 [ 758.436710][T14897] loop5: detected capacity change from 0 to 131456 05:40:10 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f00000002c0), 0x2, 0x0) unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) [ 758.483713][T14897] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 758.494552][T14897] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2104/file0 supports timestamps until 2038 (0x7fffffff) [ 758.510136][T14896] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 758.520809][T14896] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2150/file0 supports timestamps until 2038 (0x7fffffff) 05:40:10 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) openat(r0, &(0x7f00000005c0)='./bus\x00', 0x981, 0x40) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x6}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x7}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x9}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:10 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xff01, 0x101) 05:40:10 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f00000002c0), 0x2, 0x0) unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:10 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001225ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:10 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0054000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:10 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 758.685832][T15257] loop4: detected capacity change from 0 to 131456 [ 758.703129][T15286] loop5: detected capacity change from 0 to 131456 [ 758.735340][T15257] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 758.746043][T15257] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2151/file0 supports timestamps until 2038 (0x7fffffff) [ 758.769602][T15286] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 758.780190][T15286] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2105/file0 supports timestamps until 2038 (0x7fffffff) [ 759.075345][T14948] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 759.085612][T14948] CPU: 0 PID: 14948 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 759.094572][T14948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 759.104621][T14948] Call Trace: [ 759.107897][T14948] dump_stack_lvl+0xd6/0x122 [ 759.112506][T14948] dump_stack+0x11/0x1b [ 759.116659][T14948] dump_header+0x98/0x410 [ 759.121072][T14948] oom_kill_process+0x18e/0x3f0 [ 759.125998][T14948] out_of_memory+0x5ed/0x890 [ 759.130596][T14948] ? mem_cgroup_iter+0x29b/0x370 [ 759.135534][T14948] mem_cgroup_oom+0x484/0x520 [ 759.140212][T14948] try_charge_memcg+0x736/0xa10 [ 759.145054][T14948] ? __rcu_read_unlock+0x5c/0x290 [ 759.150082][T14948] charge_memcg+0x51/0x1a0 [ 759.154528][T14948] __mem_cgroup_charge+0x25/0xa0 [ 759.159619][T14948] __filemap_add_folio+0x3a8/0x4d0 [ 759.164728][T14948] ? workingset_activation+0x2b0/0x2b0 [ 759.170201][T14948] filemap_add_folio+0x6b/0x150 [ 759.175046][T14948] add_to_page_cache_lru+0x4e/0x70 [ 759.180165][T14948] filemap_read+0x80e/0x1720 [ 759.184788][T14948] generic_file_read_iter+0x75/0x2c0 [ 759.190069][T14948] ext4_file_read_iter+0x1db/0x290 [ 759.195219][T14948] vfs_read+0x66c/0x750 [ 759.199513][T14948] ksys_read+0xd9/0x190 [ 759.203700][T14948] __x64_sys_read+0x3e/0x50 [ 759.208197][T14948] do_syscall_64+0x44/0xa0 [ 759.212609][T14948] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 759.218563][T14948] RIP: 0033:0x7f2e21c2aae9 [ 759.223023][T14948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 759.242710][T14948] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 759.251117][T14948] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 759.259084][T14948] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 759.267053][T14948] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 759.275048][T14948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 759.283115][T14948] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 759.291141][T14948] memory: usage 307200kB, limit 307200kB, failcnt 21621 [ 759.298137][T14948] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 759.304980][T14948] Memory cgroup stats for /syz2: [ 759.305710][T14948] anon 2408448 [ 759.305710][T14948] file 306618368 [ 759.305710][T14948] kernel_stack 344064 [ 759.305710][T14948] pagetables 2129920 [ 759.305710][T14948] percpu 0 [ 759.305710][T14948] sock 0 [ 759.305710][T14948] shmem 306561024 [ 759.305710][T14948] file_mapped 0 [ 759.305710][T14948] file_dirty 0 [ 759.305710][T14948] file_writeback 0 [ 759.305710][T14948] swapcached 0 [ 759.305710][T14948] inactive_anon 5677056 [ 759.305710][T14948] active_anon 303280128 [ 759.305710][T14948] inactive_file 0 [ 759.305710][T14948] active_file 0 [ 759.305710][T14948] unevictable 12288 [ 759.305710][T14948] slab_reclaimable 1266688 [ 759.305710][T14948] slab_unreclaimable 1428808 [ 759.305710][T14948] slab 2695496 [ 759.305710][T14948] workingset_refault_anon 0 [ 759.305710][T14948] workingset_refault_file 20888 [ 759.305710][T14948] workingset_activate_anon 0 [ 759.305710][T14948] workingset_activate_file 166 [ 759.305710][T14948] workingset_restore_anon 0 [ 759.400800][T14948] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14947,uid=0 05:40:11 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:11 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(r0, &(0x7f0000000540)={0x57, 0x6f, 0x5, {0x6, [{0x4, 0x0, 0x3}, {0x40, 0x0, 0x4}, {0x2, 0x1, 0x6}, {0x4, 0x0, 0x3}, {0x4, 0x3, 0x8}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:11 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:11 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:11 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x40000, 0x101) 05:40:11 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0154000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 759.416100][T14948] Memory cgroup out of memory: Killed process 14948 (syz-executor.2) total-vm:85348kB, anon-rss:616kB, file-rss:35840kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 759.434647][ T25] oom_reaper: reaped process 14948 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 05:40:11 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 759.475422][T15330] loop4: detected capacity change from 0 to 131456 [ 759.480033][T15332] loop5: detected capacity change from 0 to 131456 [ 759.501808][T15332] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e01c, mo2=0006] [ 759.513264][T15332] System zones: 1-2, 19-19, 35-38, 46-46 05:40:11 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x800000, 0x101) [ 759.519858][T15332] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 759.530482][T15332] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2106/file0 supports timestamps until 2038 (0x7fffffff) [ 759.533647][T15330] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e01c, mo2=0006] [ 759.559899][T15330] System zones: 1-2, 19-19, 35-38, 46-46 05:40:11 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0155000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:11 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9a0e3f2964efc3360504f045cbb3d2241c2893be152f5c30a7324dae0078b368fbb894bf2b5584fd3026b5ac289be09f36764ca43422f1d1436d311daff9527347b4f51b57fe6cfa2a900000080000000003085fa296cd94caab5a618d6930fdb0e715ad985a198d48fea68475cf554eb1dd96d874be12188f800df46ad519fe579727803d0610dfbba0bebfc72e711c48e9162e7eefb7282e7dd1d257e4ac9676e16f0e303cef818165b804d76f32a1ed15c02236282ecf544cc6be03f0cdac271737800ab7170ba57e3df70a781e1572a27a453f0d5e26c033830cf2c8940359fddbfd387d8b108efa9557174bf88023c09b54bed74", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000980)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7040fb08000000000000000003003c5cb2eee766c3d1185ece306bafe60dc315c70378074218d829d37d79a11d1cddc8fb8f118fca72a134c155f89910ccdce7d220f237678492bd1ce8a6e4b938be418943596f37127c037f5fd0bd7bdab433f24945e79be42d25d05e33e497a5bbf952c7f5b3209b56edc5d3cb64ec57c2aad1d8b17cafe1757a1e985e1195e2022478273ba99cb2d04e8cce5bd35254dc0ff211def6cb7e780d4f6ecc8ff7074c821e18369fd86b9d7b", @ANYRES32=0x0, @ANYBLOB="0500ee00810000000500ee00070000000800ef00000000000800ef00020000000500ee00020000000500ee007a0000000500ee00040000000800ef0005000000"], 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="6000000023037e1f66dbc373b057fd279a2ca18dce0298c095c73943590b009e4cbacfcc40832692588a8f6f33c396b222d16a65ebc3d411e939c955add1b501b56ac52873e8d821c01e51e4ae02ce9a1957c83eae000000005c2f2d05bdcff94ebe14da075bd752625eebbbe3eb334b3ffae31643781975969bab2610fc82e03ecea080ad825734457fbb9f3d0e0a511b897ee63827d3474b4fc4a68865dfdbf3c9453d13d9e729101c0d7c3f66afed7e84bdd577f6277646ffc7ccb385f44734bd37d4e429a2e191625ce8a03406155daa5d997b2667b7fcf4b8038159b0d85b2749255690a21380d9f2ae0b", @ANYRES16=0x0, @ANYBLOB="020027bd7000fddbec251100000008001000", @ANYRES32=0x0, @ANYBLOB="0c009900000800bf76347032d92700450000000500131e01000000050013010200000017000600080211000001000009001300181bb0846c000000050029000a0000000600b5002e040000"], 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000680)=0x0) perf_event_open(&(0x7f0000000600)={0x0, 0x80, 0x0, 0x1f, 0x20, 0x9, 0x0, 0x5, 0x21000, 0x5, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f00000005c0), 0x3}, 0x8, 0xfffffffffffffff7, 0x10001, 0x6, 0x0, 0x1, 0xffff, 0x0, 0x8, 0x0, 0x2}, r6, 0x6, 0xffffffffffffffff, 0x8) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="570000006f020006000404000000020000000000d4000020000000000700000000000000000400000009000000000000004000000000030000000000000004030000000100000000000000200300000006000000000000"], 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 759.566315][T15330] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 759.576958][T15330] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2152/file0 supports timestamps until 2038 (0x7fffffff) 05:40:11 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:11 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x1000000, 0x101) [ 759.677202][T15650] loop5: detected capacity change from 0 to 131456 [ 759.692351][T15650] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e01c, mo2=0006] [ 759.743326][T15650] System zones: 1-2, 19-19, 35-38, 46-46 [ 759.782990][T15650] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 759.793657][T15650] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2107/file0 supports timestamps until 2038 (0x7fffffff) [ 759.902759][T15434] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 759.913102][T15434] CPU: 1 PID: 15434 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 759.921534][T15434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 759.931587][T15434] Call Trace: [ 759.934857][T15434] dump_stack_lvl+0xd6/0x122 [ 759.939462][T15434] dump_stack+0x11/0x1b [ 759.943623][T15434] dump_header+0x98/0x410 [ 759.947959][T15434] oom_kill_process+0x18e/0x3f0 [ 759.952808][T15434] out_of_memory+0x5ed/0x890 [ 759.957391][T15434] ? mem_cgroup_iter+0x29b/0x370 [ 759.962358][T15434] mem_cgroup_oom+0x484/0x520 [ 759.967069][T15434] try_charge_memcg+0x736/0xa10 [ 759.971975][T15434] ? __rcu_read_unlock+0x5c/0x290 [ 759.977022][T15434] charge_memcg+0x51/0x1a0 [ 759.981453][T15434] __mem_cgroup_charge+0x25/0xa0 [ 759.986397][T15434] do_anonymous_page+0x1d6/0x8d0 [ 759.991372][T15434] handle_mm_fault+0x814/0x1590 [ 759.996233][T15434] do_user_addr_fault+0x609/0xbe0 [ 760.001381][T15434] ? debug_smp_processor_id+0x18/0x20 [ 760.006758][T15434] exc_page_fault+0x91/0x290 [ 760.011374][T15434] asm_exc_page_fault+0x1e/0x30 [ 760.016224][T15434] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x40 [ 760.022829][T15434] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 0f 1f 80 00 00 00 00 0f 01 cb 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 01 ca c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 83 f8 [ 760.042447][T15434] RSP: 0018:ffffc900021cfad0 EFLAGS: 00050206 [ 760.048565][T15434] RAX: ffff8881057a0a58 RBX: 0000000020074180 RCX: 0000000000000180 [ 760.056532][T15434] RDX: 0000000000001000 RSI: ffff888158defe80 RDI: 0000000020074000 [ 760.064525][T15434] RBP: 0000000020073180 R08: 0000000000000000 R09: 0001ffffffffffff [ 760.072508][T15434] R10: 0001888158deffff R11: ffff8881057a0000 R12: ffff888158def000 [ 760.080698][T15434] R13: 0000000000073000 R14: 0000000000001000 R15: 00007ffffffff000 [ 760.088766][T15434] copy_page_to_iter+0x2d9/0x950 [ 760.093708][T15434] filemap_read+0x140b/0x1720 [ 760.098815][T15434] ? rb_insert_color+0x2fa/0x310 [ 760.103771][T15434] generic_file_read_iter+0x75/0x2c0 [ 760.109051][T15434] ext4_file_read_iter+0x1db/0x290 [ 760.114189][T15434] vfs_read+0x66c/0x750 [ 760.118346][T15434] ksys_read+0xd9/0x190 [ 760.122491][T15434] __x64_sys_read+0x3e/0x50 [ 760.126983][T15434] do_syscall_64+0x44/0xa0 [ 760.131423][T15434] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 760.137314][T15434] RIP: 0033:0x7f2e21c2aae9 [ 760.141719][T15434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 760.161335][T15434] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 760.169740][T15434] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 760.177711][T15434] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 760.185677][T15434] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 760.193717][T15434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 760.201681][T15434] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 760.209703][T15434] memory: usage 307200kB, limit 307200kB, failcnt 24028 [ 760.216632][T15434] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 760.223543][T15434] Memory cgroup stats for /syz2: [ 760.223891][T15434] anon 2412544 [ 760.223891][T15434] file 306614272 [ 760.223891][T15434] kernel_stack 344064 [ 760.223891][T15434] pagetables 2129920 [ 760.223891][T15434] percpu 0 [ 760.223891][T15434] sock 0 [ 760.223891][T15434] shmem 306561024 [ 760.223891][T15434] file_mapped 0 [ 760.223891][T15434] file_dirty 0 [ 760.223891][T15434] file_writeback 0 [ 760.223891][T15434] swapcached 0 [ 760.223891][T15434] inactive_anon 5677056 [ 760.223891][T15434] active_anon 303280128 [ 760.223891][T15434] inactive_file 0 [ 760.223891][T15434] active_file 0 [ 760.223891][T15434] unevictable 12288 [ 760.223891][T15434] slab_reclaimable 1266688 [ 760.223891][T15434] slab_unreclaimable 1428808 [ 760.223891][T15434] slab 2695496 [ 760.223891][T15434] workingset_refault_anon 0 [ 760.223891][T15434] workingset_refault_file 23327 [ 760.223891][T15434] workingset_activate_anon 0 [ 760.223891][T15434] workingset_activate_file 180 [ 760.223891][T15434] workingset_restore_anon 0 [ 760.318344][T15434] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15382,uid=0 [ 760.333603][T15434] Memory cgroup out of memory: Killed process 15382 (syz-executor.2) total-vm:85348kB, anon-rss:568kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 05:40:12 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:12 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x1010000, 0x101) 05:40:12 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce015a000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:12 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) r2 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) fallocate(r2, 0x30, 0x8, 0x100) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0xec, 0x0, 0x4, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_LINK={0xd8, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10001}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffe00}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x38}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x40088c4}, 0x20004081) ppoll(&(0x7f0000000000)=[{r4, 0x1c8}], 0x1, &(0x7f00000000c0)={r5, r6+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:12 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:12 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001425ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 760.352214][ T25] oom_reaper: reaped process 15382 (syz-executor.2), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB [ 760.396880][T15859] loop5: detected capacity change from 0 to 131456 [ 760.406814][T15862] loop4: detected capacity change from 0 to 131456 05:40:12 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 760.442844][T15859] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 760.453501][T15859] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2108/file0 supports timestamps until 2038 (0x7fffffff) 05:40:12 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) ioctl$SCSI_IOCTL_GET_IDLUN(r3, 0x5382, &(0x7f00000005c0)) 05:40:12 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x2000000, 0x101) 05:40:12 executing program 0: mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 760.514619][T15862] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 760.525217][T15862] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2153/file0 supports timestamps until 2038 (0x7fffffff) 05:40:12 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001525ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:12 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce015b000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 760.645479][T16264] loop4: detected capacity change from 0 to 131456 [ 760.661817][T16284] loop5: detected capacity change from 0 to 131456 [ 760.672782][T16284] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 760.683509][T16284] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2109/file0 supports timestamps until 2038 (0x7fffffff) [ 760.712230][T16264] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 760.722842][T16264] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2154/file0 supports timestamps until 2038 (0x7fffffff) [ 760.975830][T15865] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 760.986041][T15865] CPU: 0 PID: 15865 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 760.994454][T15865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 761.004652][T15865] Call Trace: [ 761.007926][T15865] dump_stack_lvl+0xd6/0x122 [ 761.012595][T15865] dump_stack+0x11/0x1b [ 761.016759][T15865] dump_header+0x98/0x410 [ 761.021093][T15865] oom_kill_process+0x18e/0x3f0 [ 761.025946][T15865] out_of_memory+0x5ed/0x890 [ 761.030534][T15865] ? mem_cgroup_iter+0x29b/0x370 [ 761.035479][T15865] mem_cgroup_oom+0x484/0x520 [ 761.040158][T15865] try_charge_memcg+0x736/0xa10 [ 761.045054][T15865] ? __rcu_read_unlock+0x5c/0x290 [ 761.050079][T15865] charge_memcg+0x51/0x1a0 [ 761.054499][T15865] __mem_cgroup_charge+0x25/0xa0 [ 761.059440][T15865] __filemap_add_folio+0x3a8/0x4d0 [ 761.064566][T15865] ? workingset_activation+0x2b0/0x2b0 [ 761.070022][T15865] filemap_add_folio+0x6b/0x150 [ 761.074904][T15865] add_to_page_cache_lru+0x4e/0x70 [ 761.080012][T15865] filemap_read+0x80e/0x1720 [ 761.084751][T15865] ? rb_insert_color+0x2fa/0x310 [ 761.089698][T15865] generic_file_read_iter+0x75/0x2c0 [ 761.095011][T15865] ext4_file_read_iter+0x1db/0x290 [ 761.100122][T15865] vfs_read+0x66c/0x750 [ 761.104277][T15865] ksys_read+0xd9/0x190 [ 761.108427][T15865] __x64_sys_read+0x3e/0x50 [ 761.112944][T15865] do_syscall_64+0x44/0xa0 [ 761.117365][T15865] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 761.123345][T15865] RIP: 0033:0x7f2e21c2aae9 [ 761.127828][T15865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 761.147514][T15865] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 761.155925][T15865] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 761.163894][T15865] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 761.171928][T15865] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 761.180071][T15865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 761.188068][T15865] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 761.196096][T15865] memory: usage 307200kB, limit 307200kB, failcnt 26619 [ 761.203076][T15865] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 761.209936][T15865] Memory cgroup stats for /syz2: [ 761.210131][T15865] anon 2408448 [ 761.210131][T15865] file 306618368 [ 761.210131][T15865] kernel_stack 344064 [ 761.210131][T15865] pagetables 2129920 [ 761.210131][T15865] percpu 0 [ 761.210131][T15865] sock 0 [ 761.210131][T15865] shmem 306561024 [ 761.210131][T15865] file_mapped 0 [ 761.210131][T15865] file_dirty 0 [ 761.210131][T15865] file_writeback 0 [ 761.210131][T15865] swapcached 0 [ 761.210131][T15865] inactive_anon 5677056 [ 761.210131][T15865] active_anon 303280128 [ 761.210131][T15865] inactive_file 0 [ 761.210131][T15865] active_file 0 [ 761.210131][T15865] unevictable 12288 [ 761.210131][T15865] slab_reclaimable 1266688 [ 761.210131][T15865] slab_unreclaimable 1428808 [ 761.210131][T15865] slab 2695496 [ 761.210131][T15865] workingset_refault_anon 0 [ 761.210131][T15865] workingset_refault_file 26579 [ 761.210131][T15865] workingset_activate_anon 0 [ 761.210131][T15865] workingset_activate_file 213 [ 761.210131][T15865] workingset_restore_anon 0 [ 761.304817][T15865] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15864,uid=0 [ 761.320219][T15865] Memory cgroup out of memory: Killed process 15865 (syz-executor.2) total-vm:85348kB, anon-rss:616kB, file-rss:35840kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 761.338737][ T25] oom_reaper: reaped process 15865 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 05:40:13 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:13 executing program 0: mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:13 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x4000000, 0x101) 05:40:13 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0060000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:13 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001625ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 761.460715][T16292] loop5: detected capacity change from 0 to 131456 [ 761.475392][T16296] loop4: detected capacity change from 0 to 131456 [ 761.499389][T16292] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] 05:40:13 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x5000000, 0x101) 05:40:13 executing program 0: mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 761.522918][T16292] System zones: 1-2, 19-19, 35-38, 46-46 [ 761.532286][T16296] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 761.569427][T16292] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 761.580066][T16292] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2110/file0 supports timestamps until 2038 (0x7fffffff) [ 761.617444][T16296] System zones: 1-2, 19-19, 35-38, 46-46 05:40:13 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x6000000, 0x101) 05:40:13 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0068000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:13 executing program 0: mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 761.663660][T16296] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 761.674444][T16296] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2155/file0 supports timestamps until 2038 (0x7fffffff) 05:40:13 executing program 0: mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:13 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x8000000, 0x101) [ 761.743820][T16580] loop5: detected capacity change from 0 to 131456 [ 761.822784][T16580] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 761.873766][T16580] System zones: 1-2, 19-19, 35-38, 46-46 [ 761.907965][T16580] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 761.918564][T16580] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2111/file0 supports timestamps until 2038 (0x7fffffff) [ 762.161900][T16288] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 762.172134][T16288] CPU: 1 PID: 16288 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 762.180558][T16288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 762.190619][T16288] Call Trace: [ 762.193902][T16288] dump_stack_lvl+0xd6/0x122 [ 762.198504][T16288] dump_stack+0x11/0x1b [ 762.202665][T16288] dump_header+0x98/0x410 [ 762.206996][T16288] oom_kill_process+0x18e/0x3f0 [ 762.211848][T16288] out_of_memory+0x5ed/0x890 [ 762.216459][T16288] ? mem_cgroup_iter+0x29b/0x370 [ 762.221464][T16288] mem_cgroup_oom+0x484/0x520 [ 762.226211][T16288] try_charge_memcg+0x736/0xa10 [ 762.231112][T16288] ? __rcu_read_unlock+0x5c/0x290 [ 762.236171][T16288] charge_memcg+0x51/0x1a0 [ 762.240614][T16288] __mem_cgroup_charge+0x25/0xa0 [ 762.245546][T16288] __filemap_add_folio+0x3a8/0x4d0 [ 762.250689][T16288] ? workingset_activation+0x2b0/0x2b0 [ 762.256181][T16288] filemap_add_folio+0x6b/0x150 [ 762.261071][T16288] add_to_page_cache_lru+0x4e/0x70 [ 762.266236][T16288] filemap_read+0x80e/0x1720 [ 762.270820][T16288] ? rb_insert_color+0x2fa/0x310 [ 762.275813][T16288] generic_file_read_iter+0x75/0x2c0 [ 762.281107][T16288] ext4_file_read_iter+0x1db/0x290 [ 762.286217][T16288] vfs_read+0x66c/0x750 [ 762.290365][T16288] ksys_read+0xd9/0x190 [ 762.294523][T16288] __x64_sys_read+0x3e/0x50 [ 762.299024][T16288] do_syscall_64+0x44/0xa0 [ 762.303509][T16288] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 762.309436][T16288] RIP: 0033:0x7f2e21c2aae9 [ 762.313848][T16288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 762.333609][T16288] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 762.342024][T16288] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 762.349995][T16288] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 762.357989][T16288] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 762.366024][T16288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 762.373992][T16288] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 762.382064][T16288] memory: usage 307200kB, limit 307200kB, failcnt 28850 [ 762.389004][T16288] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 762.395838][T16288] Memory cgroup stats for /syz2: [ 762.397948][T16288] anon 2408448 [ 762.397948][T16288] file 306618368 [ 762.397948][T16288] kernel_stack 311296 [ 762.397948][T16288] pagetables 2129920 [ 762.397948][T16288] percpu 0 [ 762.397948][T16288] sock 0 [ 762.397948][T16288] shmem 306561024 [ 762.397948][T16288] file_mapped 0 [ 762.397948][T16288] file_dirty 0 [ 762.397948][T16288] file_writeback 0 [ 762.397948][T16288] swapcached 0 [ 762.397948][T16288] inactive_anon 5677056 [ 762.397948][T16288] active_anon 303280128 [ 762.397948][T16288] inactive_file 57344 [ 762.397948][T16288] active_file 0 [ 762.397948][T16288] unevictable 12288 [ 762.397948][T16288] slab_reclaimable 1266688 [ 762.397948][T16288] slab_unreclaimable 1428808 [ 762.397948][T16288] slab 2695496 [ 762.397948][T16288] workingset_refault_anon 0 [ 762.397948][T16288] workingset_refault_file 29215 [ 762.397948][T16288] workingset_activate_anon 0 [ 762.397948][T16288] workingset_activate_file 254 [ 762.397948][T16288] workingset_restore_anon 0 [ 762.492645][T16288] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16287,uid=0 05:40:14 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:14 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x9000000, 0x101) 05:40:14 executing program 0: mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:14 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c011625ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:14 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce006c000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 762.507974][T16288] Memory cgroup out of memory: Killed process 16288 (syz-executor.2) total-vm:85348kB, anon-rss:616kB, file-rss:35840kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 762.526829][ T25] oom_reaper: reaped process 16288 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 05:40:14 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 762.570078][T16724] loop4: detected capacity change from 0 to 131456 [ 762.579758][T16727] loop5: detected capacity change from 0 to 131456 05:40:14 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xc000000, 0x101) [ 762.634492][T16724] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 762.645152][T16724] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2156/file0 supports timestamps until 2038 (0x7fffffff) [ 762.660235][T16727] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 05:40:14 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:14 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xf000000, 0x101) [ 762.671099][T16727] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2112/file0 supports timestamps until 2038 (0x7fffffff) 05:40:14 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:14 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001725ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:14 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0070000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 762.856595][T16745] loop4: detected capacity change from 0 to 131456 [ 762.872875][T16747] loop5: detected capacity change from 0 to 131456 [ 762.894165][T16747] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 762.904774][T16747] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2113/file0 supports timestamps until 2038 (0x7fffffff) [ 762.930626][T16745] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 762.941226][T16745] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2157/file0 supports timestamps until 2038 (0x7fffffff) 05:40:15 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:15 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x10000000, 0x101) 05:40:15 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:15 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0074000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:15 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c011725ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 763.486274][T16756] loop5: detected capacity change from 0 to 131456 [ 763.486421][T16757] loop4: detected capacity change from 0 to 131456 05:40:15 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:15 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x12000000, 0x101) [ 763.527591][T16756] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e01c, mo2=0006] [ 763.563366][T16757] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e01c, mo2=0006] [ 763.564900][T16756] System zones: 1-2, 19-19, 35-38, 46-46 [ 763.587547][T16756] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 763.598155][T16756] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2114/file0 supports timestamps until 2038 (0x7fffffff) [ 763.644614][T16757] System zones: 1-2, 19-19, 35-38, 46-46 05:40:15 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:15 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x20000000, 0x101) 05:40:15 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce007a000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 763.685821][T16757] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 763.696417][T16757] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2158/file0 supports timestamps until 2038 (0x7fffffff) 05:40:15 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x3f000000, 0x101) 05:40:15 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 763.759636][T16772] loop5: detected capacity change from 0 to 131456 [ 763.838957][T16772] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e01c, mo2=0006] [ 763.846872][T16772] System zones: 1-2, 19-19, 35-38, 46-46 [ 763.882809][T16772] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 763.893424][T16772] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2115/file0 supports timestamps until 2038 (0x7fffffff) [ 764.149810][T16763] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 764.160023][T16763] CPU: 0 PID: 16763 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 764.168439][T16763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 764.178524][T16763] Call Trace: [ 764.181835][T16763] dump_stack_lvl+0xd6/0x122 [ 764.186478][T16763] dump_stack+0x11/0x1b [ 764.190729][T16763] dump_header+0x98/0x410 [ 764.195073][T16763] oom_kill_process+0x18e/0x3f0 [ 764.199924][T16763] out_of_memory+0x5ed/0x890 [ 764.204579][T16763] ? mem_cgroup_iter+0x29b/0x370 [ 764.209522][T16763] mem_cgroup_oom+0x484/0x520 [ 764.214284][T16763] try_charge_memcg+0x736/0xa10 [ 764.219137][T16763] ? __rcu_read_unlock+0x5c/0x290 [ 764.224160][T16763] charge_memcg+0x51/0x1a0 [ 764.228576][T16763] __mem_cgroup_charge+0x25/0xa0 [ 764.233505][T16763] __filemap_add_folio+0x3a8/0x4d0 [ 764.238681][T16763] ? workingset_activation+0x2b0/0x2b0 [ 764.244279][T16763] filemap_add_folio+0x6b/0x150 [ 764.249177][T16763] add_to_page_cache_lru+0x4e/0x70 [ 764.254289][T16763] filemap_read+0x80e/0x1720 [ 764.258900][T16763] generic_file_read_iter+0x75/0x2c0 [ 764.264242][T16763] ext4_file_read_iter+0x1db/0x290 [ 764.269502][T16763] vfs_read+0x66c/0x750 [ 764.273723][T16763] ksys_read+0xd9/0x190 [ 764.277865][T16763] __x64_sys_read+0x3e/0x50 [ 764.282424][T16763] do_syscall_64+0x44/0xa0 [ 764.286921][T16763] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 764.292911][T16763] RIP: 0033:0x7f2e21c2aae9 [ 764.297317][T16763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 764.316928][T16763] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 764.325405][T16763] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 764.333539][T16763] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 764.341500][T16763] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 764.349557][T16763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 764.357677][T16763] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 764.365722][T16763] memory: usage 307200kB, limit 307200kB, failcnt 33488 [ 764.372723][T16763] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 764.379575][T16763] Memory cgroup stats for /syz2: [ 764.381515][T16763] anon 2408448 [ 764.381515][T16763] file 306618368 [ 764.381515][T16763] kernel_stack 344064 [ 764.381515][T16763] pagetables 2129920 [ 764.381515][T16763] percpu 0 [ 764.381515][T16763] sock 0 [ 764.381515][T16763] shmem 306561024 [ 764.381515][T16763] file_mapped 0 [ 764.381515][T16763] file_dirty 0 [ 764.381515][T16763] file_writeback 0 [ 764.381515][T16763] swapcached 0 [ 764.381515][T16763] inactive_anon 5677056 [ 764.381515][T16763] active_anon 303280128 [ 764.381515][T16763] inactive_file 0 [ 764.381515][T16763] active_file 0 [ 764.381515][T16763] unevictable 12288 [ 764.381515][T16763] slab_reclaimable 1266688 [ 764.381515][T16763] slab_unreclaimable 1428808 [ 764.381515][T16763] slab 2695496 [ 764.381515][T16763] workingset_refault_anon 0 [ 764.381515][T16763] workingset_refault_file 34033 [ 764.381515][T16763] workingset_activate_anon 0 [ 764.381515][T16763] workingset_activate_file 295 [ 764.381515][T16763] workingset_restore_anon 0 [ 764.475846][T16763] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16758,uid=0 05:40:16 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) read(0xffffffffffffffff, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:16 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x2, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xd}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000007c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000047cc0)={0x400, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}], 0x8, "a4e6f6b0230b3a"}) r8 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="570000006f020006000404000000030000000000000020200424ac1f0daa8f0000000080010000000600000000000000400000000003000000000000000403000000010002000000000002030000000600000000000000"], 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:16 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:16 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001825ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:16 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x50840000, 0x101) 05:40:16 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0383000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 764.491161][T16763] Memory cgroup out of memory: Killed process 16758 (syz-executor.2) total-vm:85348kB, anon-rss:568kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 764.509865][ T25] oom_reaper: reaped process 16758 (syz-executor.2), now anon-rss:0kB, file-rss:34492kB, shmem-rss:0kB 05:40:16 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:16 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x81020000, 0x101) 05:40:16 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) read(0xffffffffffffffff, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) [ 764.561739][T16785] loop4: detected capacity change from 0 to 131456 [ 764.574792][T16787] loop5: detected capacity change from 0 to 131456 05:40:16 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x3}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) dup2(0xffffffffffffffff, 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x30, 0x0, 0x71c, 0x70bd27, 0x25dfdbfb, {{}, {}, {0x14, 0x18, {0x5b, @bearer=@l2={'ib', 0x3a, 'bond0\x00'}}}}, ["", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4010000}, 0x4081) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:16 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x82000000, 0x101) 05:40:16 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce02a4000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:16 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(0x0, 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:16 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001925ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 764.618541][T16785] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 764.629212][T16785] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2159/file0 supports timestamps until 2038 (0x7fffffff) [ 764.643876][T16787] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 764.654433][T16787] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2116/file0 supports timestamps until 2038 (0x7fffffff) 05:40:16 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) read(0xffffffffffffffff, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:16 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(0x0, 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:16 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:16 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xf4ffffff, 0x101) 05:40:16 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100600005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020027bd7000fddbdf251100000008000300", @ANYRES32=0x0, @ANYBLOB="0c0099000008000045000000050013010100000005001301020000000a010600080211000001000009001340181bb0846c000000050029000a0000000600b5002e0400005f4c6390648ea34f593ac6"], 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0), 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) clock_gettime(0x0, &(0x7f0000000980)={0x0, 0x0}) ppoll(&(0x7f0000000940)=[{0xffffffffffffffff, 0x80}, {r4, 0x100}, {r1, 0x4}, {0xffffffffffffffff, 0x200}, {0xffffffffffffffff, 0x15148}, {0xffffffffffffffff, 0x4442}, {0xffffffffffffffff, 0x1000}, {r2, 0x1002}], 0x8, &(0x7f00000009c0)={r5, r6+60000000}, &(0x7f0000000a00)={[0xffffffffffffffc0]}, 0x8) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:16 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(0x0, 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 764.746008][T17010] loop4: detected capacity change from 0 to 131456 [ 764.749813][T17011] loop5: detected capacity change from 0 to 131456 05:40:16 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:16 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xfbffffff, 0x101) [ 764.792810][T17010] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 764.803417][T17010] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2160/file0 supports timestamps until 2038 (0x7fffffff) [ 764.823068][T17011] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 764.833677][T17011] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2117/file0 supports timestamps until 2038 (0x7fffffff) 05:40:16 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(0x0, 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:16 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce02a5000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:16 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xfeffffff, 0x101) 05:40:16 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001a25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:16 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:16 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$incfs(r0, &(0x7f00000005c0)='.log\x00', 0x1, 0x60) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000600)={{0x1, 0x1, 0x18, r0}, './bus/file0\x00'}) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000640)={0x7c, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x23, 0x13, [{0x30, 0x1}, {0x16}, {0x16, 0x1}, {0x6594a6960fd35484}, {0x5}, {0x12, 0x1}, {0x6, 0x1}, {0x3}, {0x16}, {0x1, 0x1}, {0x2}, {0x2}, {0x6c, 0x1}, {0x6c}, {0x16, 0x1}, {0x36}, {0x2, 0x1}, {0x12, 0x1}, {0x60}, {0xc, 0x1}, {0x3}, {0x60}, {0x36}, {0x3, 0x1}, {0x24, 0x1}, {0xb, 0x1}, {0x60}, {0x48}, {0x3}, {0x36}, {0x18}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r4, 0x1c8}], 0x1, &(0x7f00000000c0)={r5, r6+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:16 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(0x0, 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:16 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xff010000, 0x101) 05:40:16 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:16 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xffffff7f, 0x101) 05:40:16 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce01a8000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 765.006144][T17139] loop5: detected capacity change from 0 to 131456 [ 765.030702][T17139] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 765.041318][T17139] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2118/file0 supports timestamps until 2038 (0x7fffffff) 05:40:16 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(0x0, 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:16 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) ftruncate(0xffffffffffffffff, 0xffffffff) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c3894bf2b5584fd3066b5ac289be0900"/74, @ANYRES16=0x0, @ANYBLOB="ab54aca8e1400000802370", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="00000004", @ANYRES16=0x0, @ANYBLOB="020027bd7000fddbdf251100000008000300", @ANYRES32=0x0, @ANYBLOB="0c0099000008000045000000050013010100000005001301020000000a000600080211000001000009001300181bb0846c000000050029000a0000000600b5002e040000"], 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000540)=[{r3, 0x1c8}, {0xffffffffffffffff, 0x2000}, {0xffffffffffffffff, 0x80}], 0x2, &(0x7f00000000c0)={0x0, 0x989680}, 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000000000ffffffff000000"]) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000005c0)=ANY=[@ANYBLOB="570000006f020006000404004510000003000000000000002000000000070000000000000080010000000600000000000000400000000003000000000000000403000000010000000000000002030000000600000000000000"], 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:16 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xfffffff4, 0x101) [ 765.099014][T17194] loop4: detected capacity change from 0 to 131456 [ 765.128683][T17253] loop5: detected capacity change from 0 to 131456 [ 765.167469][T17194] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 765.178246][T17194] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2161/file0 supports timestamps until 2038 (0x7fffffff) [ 765.200843][T17253] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 05:40:16 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 765.211468][T17253] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2119/file0 supports timestamps until 2038 (0x7fffffff) 05:40:17 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:17 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce02aa000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:17 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001b25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:17 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7040fb41b805dbdf257700000008000300", @ANYRES32=0x0, @ANYBLOB="0500ee00810000000500ee00070000000800ef00000000000800ef00020000000500ee00020000000500ee007a0000000500ee00040000000800ef0005000000"], 0x5c}}, 0xc088054) ppoll(&(0x7f0000000000)=[{r2, 0x1c8}], 0x1, &(0x7f00000000c0)={r3, r4+60000000}, 0x0, 0x0) r5 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="570000006f0200060004040000000300000000000000200000000007000000000000008001000000060000000000000040000000000300000000000000040300000001000000000000000203000000060000000000000090a53e401a69f2ffd593995d07ad4041d65dd9b08603c08bac8dc909946d827fd36e11a1acd229786061b3d5e5291d79ed84fb78c9a2ae69c57f5c817896d9cd282a95e90df8596e51"], 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:17 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xfffffffb, 0x101) [ 765.372099][T17371] loop5: detected capacity change from 0 to 131456 [ 765.416214][T17426] loop4: detected capacity change from 0 to 131456 [ 765.432973][T17426] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 765.441230][T17371] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 765.457161][T17426] System zones: 1-2, 19-19, 35-38, 46-46 [ 765.462987][T17371] System zones: 1-2, 19-19, 35-38, 46-46 [ 765.471245][T17426] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 765.482032][T17426] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2162/file0 supports timestamps until 2038 (0x7fffffff) [ 765.486154][T17182] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 765.506462][T17182] CPU: 1 PID: 17182 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 765.514874][T17182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 765.517477][T17371] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 765.525009][T17182] Call Trace: [ 765.525018][T17182] dump_stack_lvl+0xd6/0x122 [ 765.535569][T17371] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2120/file0 supports timestamps until 2038 (0x7fffffff) [ 765.538757][T17182] dump_stack+0x11/0x1b [ 765.561692][T17182] dump_header+0x98/0x410 [ 765.566031][T17182] oom_kill_process+0x18e/0x3f0 [ 765.570886][T17182] out_of_memory+0x5ed/0x890 [ 765.575482][T17182] ? mem_cgroup_iter+0x29b/0x370 [ 765.580477][T17182] mem_cgroup_oom+0x484/0x520 [ 765.585172][T17182] try_charge_memcg+0x736/0xa10 [ 765.590090][T17182] ? __rcu_read_unlock+0x5c/0x290 [ 765.595172][T17182] charge_memcg+0x51/0x1a0 [ 765.599584][T17182] __mem_cgroup_charge+0x25/0xa0 [ 765.604514][T17182] __filemap_add_folio+0x3a8/0x4d0 [ 765.609622][T17182] ? workingset_activation+0x2b0/0x2b0 [ 765.615098][T17182] filemap_add_folio+0x6b/0x150 [ 765.619946][T17182] add_to_page_cache_lru+0x4e/0x70 [ 765.625067][T17182] filemap_read+0x80e/0x1720 [ 765.629742][T17182] generic_file_read_iter+0x75/0x2c0 [ 765.635021][T17182] ext4_file_read_iter+0x1db/0x290 [ 765.640133][T17182] vfs_read+0x66c/0x750 [ 765.644286][T17182] ksys_read+0xd9/0x190 [ 765.648596][T17182] __x64_sys_read+0x3e/0x50 [ 765.653090][T17182] do_syscall_64+0x44/0xa0 [ 765.657503][T17182] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 765.663504][T17182] RIP: 0033:0x7f2e21c2aae9 [ 765.667914][T17182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 765.687515][T17182] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 765.695992][T17182] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 765.703955][T17182] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 765.712018][T17182] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 765.719981][T17182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 765.728010][T17182] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 765.736008][T17182] memory: usage 307200kB, limit 307200kB, failcnt 35589 [ 765.742951][T17182] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 765.749803][T17182] Memory cgroup stats for /syz2: [ 765.750564][T17182] anon 2400256 [ 765.750564][T17182] file 306626560 [ 765.750564][T17182] kernel_stack 344064 [ 765.750564][T17182] pagetables 2129920 [ 765.750564][T17182] percpu 0 [ 765.750564][T17182] sock 0 [ 765.750564][T17182] shmem 306561024 [ 765.750564][T17182] file_mapped 0 [ 765.750564][T17182] file_dirty 0 [ 765.750564][T17182] file_writeback 0 [ 765.750564][T17182] swapcached 0 [ 765.750564][T17182] inactive_anon 5668864 [ 765.750564][T17182] active_anon 303280128 [ 765.750564][T17182] inactive_file 57344 [ 765.750564][T17182] active_file 0 [ 765.750564][T17182] unevictable 12288 [ 765.750564][T17182] slab_reclaimable 1266688 [ 765.750564][T17182] slab_unreclaimable 1428808 [ 765.750564][T17182] slab 2695496 [ 765.750564][T17182] workingset_refault_anon 0 [ 765.750564][T17182] workingset_refault_file 36326 [ 765.750564][T17182] workingset_activate_anon 0 [ 765.750564][T17182] workingset_activate_file 319 [ 765.750564][T17182] workingset_restore_anon 0 [ 765.845288][T17182] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=17171,uid=0 05:40:17 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:17 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:17 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xfffffffe, 0x101) 05:40:17 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f00000005c0)=0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:17 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce02ab000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:17 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001c25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 765.860602][T17182] Memory cgroup out of memory: Killed process 17171 (syz-executor.2) total-vm:85348kB, anon-rss:568kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 765.879313][ T25] oom_reaper: reaped process 17171 (syz-executor.2), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB 05:40:17 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, 0x0, 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:17 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x4000000000000, 0x101) [ 765.927638][T17492] loop5: detected capacity change from 0 to 131456 [ 765.948541][T17494] loop4: detected capacity change from 0 to 131456 [ 765.957830][T17492] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] 05:40:17 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = open(&(0x7f00000005c0)='./file0\x00', 0x119020, 0x40) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r2 = creat(0x0, 0x0) r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendfile(r2, r3, &(0x7f0000000600)=0x4, 0x2) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYRESHEX=r0, @ANYRESHEX=r2, @ANYRESOCT=r2, @ANYRES16=r1, @ANYRES16, @ANYRES32=r1, @ANYRES32=r1], 0x28}, 0x1, 0x0, 0x0, 0x9000}, 0x0) r5 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000800)=ANY=[@ANYBLOB="5c0000e80f1b00", @ANYRES16=0x0, @ANYBLOB="00ff00000000080003000000000000000000", @ANYRES32=0x0, @ANYBLOB="0500ee00810000000500ee00070000000800ef00000000000800ef00020000000500ee00020000000500ee007a0000000500ee00040000000800ef0005000000"], 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r2, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000640)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020027bd7000fddbdf251100000008000300", @ANYRES32=0x0, @ANYBLOB="0c0099000008000045000000050013010100000005001301020000000a000600080211000001000009001300181bb0846c000000050029000a0000000600b5002e040000cebbd380a719ed480a48c8127e84ddda87bca458a876f227cd82ab4af543d3b3eb61530563bc176e46a84c64aeb09d2c527aecda44ab1ab35f1dcee6bd32f212b315a1613b760f1eaf96463d5d57c3ee2d3cc9dec953e43b6423394944812ba0022eb878757112f2c7b5a29ab7e653a1baf94bf0970add207086aa2aac22ca759fd2486e897a02d2f6a55ea16d8b9b6d879643dea3e9453a7e048c761e68d5fab5ff2a11e8898b71c32cde1983ee41ebca15e3d84bdf2777db37b941f80f9affb5104e47c7b8aa82a78099e98435359ad7dd162dbb7c5705c67cf38b9662bad17a3ece964f26c88a10a8fb9abd2d1e22489fa17d1615ea6fae804eff21488c8b8b78e474a08a8c7fca26c087ed6a9be42e0e8ac1243655bdc95d78f4345cf44918c54d64628ecfc1abd42bbfca993fc2eb90a348d929ae4498ffe17b11e270d9a560bd83d4414b06"], 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r5, 0x1c8}], 0x1, &(0x7f00000000c0)={r6, r7+60000000}, 0x0, 0x0) r8 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 765.989866][T17494] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 766.002995][T17492] System zones: 1-2, 19-19, 35-38, 46-46 [ 766.021209][T17494] System zones: 1-2, 19-19, 35-38, 46-46 [ 766.027648][T17492] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 05:40:17 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, 0x0, 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:17 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001d25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:17 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x80000000000000, 0x101) [ 766.027988][T17494] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 766.038234][T17492] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2121/file0 supports timestamps until 2038 (0x7fffffff) [ 766.048844][T17494] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2163/file0 supports timestamps until 2038 (0x7fffffff) [ 766.169377][T17870] loop4: detected capacity change from 0 to 131456 [ 766.201512][T17870] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 766.226459][T17870] System zones: 1-2, 19-19, 35-38, 46-46 [ 766.242441][T17870] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 766.253046][T17870] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2164/file0 supports timestamps until 2038 (0x7fffffff) [ 766.493696][T17490] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 766.503999][T17490] CPU: 0 PID: 17490 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 766.512426][T17490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 766.522552][T17490] Call Trace: [ 766.525872][T17490] dump_stack_lvl+0xd6/0x122 [ 766.530487][T17490] dump_stack+0x11/0x1b [ 766.534640][T17490] dump_header+0x98/0x410 [ 766.538995][T17490] oom_kill_process+0x18e/0x3f0 [ 766.543846][T17490] out_of_memory+0x5ed/0x890 [ 766.548430][T17490] ? mem_cgroup_iter+0x29b/0x370 [ 766.553430][T17490] mem_cgroup_oom+0x484/0x520 [ 766.558210][T17490] try_charge_memcg+0x736/0xa10 [ 766.563060][T17490] ? __rcu_read_unlock+0x5c/0x290 [ 766.568096][T17490] charge_memcg+0x51/0x1a0 [ 766.572579][T17490] __mem_cgroup_charge+0x25/0xa0 [ 766.577513][T17490] __filemap_add_folio+0x3a8/0x4d0 [ 766.582616][T17490] ? workingset_activation+0x2b0/0x2b0 [ 766.588069][T17490] filemap_add_folio+0x6b/0x150 [ 766.592959][T17490] add_to_page_cache_lru+0x4e/0x70 [ 766.598075][T17490] filemap_read+0x80e/0x1720 [ 766.602734][T17490] ? rb_insert_color+0x2fa/0x310 [ 766.607675][T17490] generic_file_read_iter+0x75/0x2c0 [ 766.612955][T17490] ext4_file_read_iter+0x1db/0x290 [ 766.618130][T17490] vfs_read+0x66c/0x750 [ 766.622275][T17490] ksys_read+0xd9/0x190 [ 766.626498][T17490] __x64_sys_read+0x3e/0x50 [ 766.631020][T17490] do_syscall_64+0x44/0xa0 [ 766.635433][T17490] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 766.641337][T17490] RIP: 0033:0x7f2e21c2aae9 [ 766.645743][T17490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 766.665350][T17490] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 766.673777][T17490] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 766.681743][T17490] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 766.689703][T17490] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 766.697664][T17490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 766.705625][T17490] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 766.713654][T17490] memory: usage 307200kB, limit 307200kB, failcnt 38050 [ 766.720592][T17490] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 766.727439][T17490] Memory cgroup stats for /syz2: [ 766.729634][T17490] anon 2408448 [ 766.729634][T17490] file 306618368 [ 766.729634][T17490] kernel_stack 344064 [ 766.729634][T17490] pagetables 2129920 [ 766.729634][T17490] percpu 0 [ 766.729634][T17490] sock 0 [ 766.729634][T17490] shmem 306561024 [ 766.729634][T17490] file_mapped 0 [ 766.729634][T17490] file_dirty 0 [ 766.729634][T17490] file_writeback 0 [ 766.729634][T17490] swapcached 0 [ 766.729634][T17490] inactive_anon 5677056 [ 766.729634][T17490] active_anon 303280128 [ 766.729634][T17490] inactive_file 0 [ 766.729634][T17490] active_file 0 [ 766.729634][T17490] unevictable 12288 [ 766.729634][T17490] slab_reclaimable 1266688 [ 766.729634][T17490] slab_unreclaimable 1428808 [ 766.729634][T17490] slab 2695496 [ 766.729634][T17490] workingset_refault_anon 0 [ 766.729634][T17490] workingset_refault_file 39261 [ 766.729634][T17490] workingset_activate_anon 0 [ 766.729634][T17490] workingset_activate_file 376 [ 766.729634][T17490] workingset_restore_anon 0 [ 766.824379][T17490] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=17485,uid=0 05:40:18 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:18 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce00ac000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:18 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, 0x0, 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:18 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="eb4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000640)={0x0}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000840)={{r6, 0x1, 0x0, 0x80000001, 0x4, 0xfffffffffffffc01, 0x6, 0x400, 0x9, 0x4, 0x40, 0x959, 0x3, 0x7ff, 0x101}, 0x8, [0x0]}) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000005c0)=ANY=[@ANYBLOB="570000006f02000600040400000003000000000000002000000000070000259a14144376458b21c550955425000000000080010000000600000000000000400000000003000000000000000403000000010000000000000002030000000600000000000000"], 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:18 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x100000000000000, 0x101) 05:40:18 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001e25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 766.839694][T17490] Memory cgroup out of memory: Killed process 17485 (syz-executor.2) total-vm:85348kB, anon-rss:568kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 766.858238][ T25] oom_reaper: reaped process 17485 (syz-executor.2), now anon-rss:0kB, file-rss:34492kB, shmem-rss:0kB [ 766.900141][T17926] loop4: detected capacity change from 0 to 131456 [ 766.906060][T17930] loop5: detected capacity change from 0 to 131456 [ 766.927007][T17926] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 766.933751][T17930] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 05:40:18 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(0x0, 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:18 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) openat(r0, &(0x7f00000005c0)='.\x00', 0x210441, 0x50) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 766.937749][T17926] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2165/file0 supports timestamps until 2038 (0x7fffffff) [ 766.948222][T17930] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2122/file0 supports timestamps until 2038 (0x7fffffff) 05:40:18 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(0x0, 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:18 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x101000000000000, 0x101) 05:40:18 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce00ad000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:18 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c001f25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 767.099171][T18229] loop5: detected capacity change from 0 to 131456 [ 767.168408][T18229] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 767.179116][T18229] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2123/file0 supports timestamps until 2038 (0x7fffffff) [ 767.276328][T18352] loop4: detected capacity change from 0 to 131456 [ 767.298826][T18352] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 767.309441][T18352] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2166/file0 supports timestamps until 2038 (0x7fffffff) [ 767.561652][T18004] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 767.571945][T18004] CPU: 1 PID: 18004 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 767.580410][T18004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 767.590472][T18004] Call Trace: [ 767.593755][T18004] dump_stack_lvl+0xd6/0x122 [ 767.598394][T18004] dump_stack+0x11/0x1b [ 767.602549][T18004] dump_header+0x98/0x410 [ 767.606887][T18004] oom_kill_process+0x18e/0x3f0 [ 767.612160][T18004] out_of_memory+0x5ed/0x890 [ 767.616815][T18004] ? mem_cgroup_iter+0x29b/0x370 [ 767.621836][T18004] mem_cgroup_oom+0x484/0x520 [ 767.626565][T18004] try_charge_memcg+0x736/0xa10 [ 767.631412][T18004] ? __rcu_read_unlock+0x5c/0x290 [ 767.636438][T18004] charge_memcg+0x51/0x1a0 [ 767.640845][T18004] __mem_cgroup_charge+0x25/0xa0 [ 767.645796][T18004] __filemap_add_folio+0x3a8/0x4d0 [ 767.650911][T18004] ? workingset_activation+0x2b0/0x2b0 [ 767.656435][T18004] filemap_add_folio+0x6b/0x150 [ 767.661359][T18004] add_to_page_cache_lru+0x4e/0x70 [ 767.666465][T18004] filemap_read+0x80e/0x1720 [ 767.671071][T18004] generic_file_read_iter+0x75/0x2c0 [ 767.676414][T18004] ext4_file_read_iter+0x1db/0x290 [ 767.681584][T18004] vfs_read+0x66c/0x750 [ 767.685733][T18004] ksys_read+0xd9/0x190 [ 767.689899][T18004] __x64_sys_read+0x3e/0x50 [ 767.694391][T18004] do_syscall_64+0x44/0xa0 [ 767.698804][T18004] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 767.704701][T18004] RIP: 0033:0x7f2e21c2aae9 [ 767.709110][T18004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 767.728721][T18004] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 767.737184][T18004] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 767.745150][T18004] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 767.753180][T18004] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 767.761148][T18004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 767.769177][T18004] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 767.777190][T18004] memory: usage 307200kB, limit 307200kB, failcnt 40759 [ 767.784116][T18004] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 767.791226][T18004] Memory cgroup stats for /syz2: [ 767.792669][T18004] anon 2408448 [ 767.792669][T18004] file 306618368 [ 767.792669][T18004] kernel_stack 311296 [ 767.792669][T18004] pagetables 2129920 [ 767.792669][T18004] percpu 0 [ 767.792669][T18004] sock 0 [ 767.792669][T18004] shmem 306561024 [ 767.792669][T18004] file_mapped 0 [ 767.792669][T18004] file_dirty 0 [ 767.792669][T18004] file_writeback 0 [ 767.792669][T18004] swapcached 0 [ 767.792669][T18004] inactive_anon 5677056 [ 767.792669][T18004] active_anon 303280128 [ 767.792669][T18004] inactive_file 0 [ 767.792669][T18004] active_file 0 [ 767.792669][T18004] unevictable 12288 [ 767.792669][T18004] slab_reclaimable 1266688 [ 767.792669][T18004] slab_unreclaimable 1428808 [ 767.792669][T18004] slab 2695496 [ 767.792669][T18004] workingset_refault_anon 0 [ 767.792669][T18004] workingset_refault_file 42318 [ 767.792669][T18004] workingset_activate_anon 0 [ 767.792669][T18004] workingset_activate_file 432 [ 767.792669][T18004] workingset_restore_anon 0 [ 767.887359][T18004] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=18002,uid=0 05:40:19 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:19 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(0x0, 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:19 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x200000000000000, 0x101) 05:40:19 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000008c0)={'gretap0\x00', &(0x7f0000000800)={'syztnl2\x00', 0x0, 0x40, 0x7800, 0x4, 0xff, {{0x1e, 0x4, 0x2, 0x3a, 0x78, 0x65, 0x0, 0xba, 0x4, 0x0, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x1b, 0xfc, [@local, @remote, @private=0xa010100, @broadcast, @loopback, @dev={0xac, 0x14, 0x14, 0x14}]}, @cipso={0x86, 0x32, 0x3, [{0x5, 0x6, "ebbe1586"}, {0x0, 0xb, "3acbb3c839102a3510"}, {0x7, 0x11, "142d6a83764aa260cc909608af48e1"}, {0x5, 0xa, "d290652d32c90dae"}]}, @lsrr={0x83, 0x17, 0xab, [@empty, @rand_addr=0x64010100, @empty, @local, @empty]}]}}}}}) sendmsg$ETHTOOL_MSG_DEBUG_GET(r1, &(0x7f0000000a40)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000900)={0x100, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x100}, 0x1, 0x0, 0x0, 0x488a4}, 0x404c011) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:19 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce00c2000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:19 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002025ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 767.902664][T18004] Memory cgroup out of memory: Killed process 18004 (syz-executor.2) total-vm:85348kB, anon-rss:616kB, file-rss:35840kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 767.921391][ T25] oom_reaper: reaped process 18004 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 05:40:19 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 767.967150][T18361] loop5: detected capacity change from 0 to 131456 [ 767.967339][T18362] loop4: detected capacity change from 0 to 131456 05:40:19 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x400000000000000, 0x101) 05:40:19 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 768.011913][T18362] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 768.020936][T18361] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] 05:40:19 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:19 executing program 1: r0 = creat(&(0x7f0000000900)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000006c0), 0xa}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000700)) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) sendmsg$TIPC_CMD_SHOW_STATS(r1, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x1c, 0x0, 0x800, 0x70bd27, 0x25dfdbfe, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) [ 768.065092][T18362] System zones: 1-2, 19-19, 35-38, 46-46 [ 768.066589][T18361] System zones: 1-2, 19-19, 35-38, 46-46 [ 768.071680][T18362] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 768.087264][T18362] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2167/file0 supports timestamps until 2038 (0x7fffffff) [ 768.099399][T18361] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 768.112115][T18361] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2124/file0 supports timestamps until 2038 (0x7fffffff) 05:40:19 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x500000000000000, 0x101) [ 768.478023][T18434] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 768.488237][T18434] CPU: 1 PID: 18434 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 768.496731][T18434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 768.506800][T18434] Call Trace: [ 768.510165][T18434] dump_stack_lvl+0xd6/0x122 [ 768.514765][T18434] dump_stack+0x11/0x1b [ 768.519406][T18434] dump_header+0x98/0x410 [ 768.523798][T18434] oom_kill_process+0x18e/0x3f0 [ 768.528679][T18434] out_of_memory+0x5ed/0x890 [ 768.533353][T18434] ? mem_cgroup_iter+0x29b/0x370 [ 768.538330][T18434] mem_cgroup_oom+0x484/0x520 [ 768.543020][T18434] try_charge_memcg+0x736/0xa10 [ 768.547868][T18434] ? __rcu_read_unlock+0x5c/0x290 [ 768.552923][T18434] charge_memcg+0x51/0x1a0 [ 768.557334][T18434] __mem_cgroup_charge+0x25/0xa0 [ 768.562268][T18434] __filemap_add_folio+0x3a8/0x4d0 [ 768.567465][T18434] ? workingset_activation+0x2b0/0x2b0 [ 768.572926][T18434] filemap_add_folio+0x6b/0x150 [ 768.577785][T18434] add_to_page_cache_lru+0x4e/0x70 [ 768.582906][T18434] filemap_read+0x80e/0x1720 [ 768.587511][T18434] generic_file_read_iter+0x75/0x2c0 [ 768.592792][T18434] ext4_file_read_iter+0x1db/0x290 [ 768.597903][T18434] vfs_read+0x66c/0x750 [ 768.602054][T18434] ksys_read+0xd9/0x190 [ 768.606207][T18434] __x64_sys_read+0x3e/0x50 [ 768.610707][T18434] do_syscall_64+0x44/0xa0 [ 768.615116][T18434] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 768.621039][T18434] RIP: 0033:0x7f2e21c2aae9 [ 768.625537][T18434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 768.645142][T18434] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 768.653552][T18434] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 768.661607][T18434] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 768.669570][T18434] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 768.677532][T18434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 768.685508][T18434] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 768.693511][T18434] memory: usage 307200kB, limit 307200kB, failcnt 43089 [ 768.700450][T18434] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 768.707402][T18434] Memory cgroup stats for /syz2: [ 768.707650][T18434] anon 2408448 [ 768.707650][T18434] file 306618368 [ 768.707650][T18434] kernel_stack 344064 [ 768.707650][T18434] pagetables 2129920 [ 768.707650][T18434] percpu 0 [ 768.707650][T18434] sock 0 [ 768.707650][T18434] shmem 306561024 [ 768.707650][T18434] file_mapped 0 [ 768.707650][T18434] file_dirty 0 [ 768.707650][T18434] file_writeback 0 [ 768.707650][T18434] swapcached 0 [ 768.707650][T18434] inactive_anon 5677056 [ 768.707650][T18434] active_anon 303280128 [ 768.707650][T18434] inactive_file 0 [ 768.707650][T18434] active_file 0 [ 768.707650][T18434] unevictable 12288 [ 768.707650][T18434] slab_reclaimable 1266688 [ 768.707650][T18434] slab_unreclaimable 1428808 [ 768.707650][T18434] slab 2695496 [ 768.707650][T18434] workingset_refault_anon 0 [ 768.707650][T18434] workingset_refault_file 44696 [ 768.707650][T18434] workingset_activate_anon 0 [ 768.707650][T18434] workingset_activate_file 432 [ 768.707650][T18434] workingset_restore_anon 0 [ 768.802006][T18434] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=18422,uid=0 05:40:20 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:20 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, 0x0, 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:20 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c102025ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:20 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="000000bc253c685e446e3a9b1d93343ea94e0f676ed4ffc10fefbbea115585aa4afc34a0697b780f860e0f96a527d0018c20954358b9f16a43fb78b8975bd3150f756d5436fc7df6d565d5ad249aaa490a24a48867c7b973994d1325631fe3a7596bc1791425efdb9c9f357c6bcb6903fd47f6e0020a84488086f81fd0d436ff211c88e198ade8367e14045f7cc26e4fccc2c7374866cda83f0a00be03f56483fbfd7faa12", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x5c, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x81}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7a}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}]}, 0x5c}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:20 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce00c3000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:20 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x600000000000000, 0x101) [ 768.817344][T18434] Memory cgroup out of memory: Killed process 18422 (syz-executor.2) total-vm:85348kB, anon-rss:568kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 768.836091][ T25] oom_reaper: reaped process 18422 (syz-executor.2), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB 05:40:20 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, 0x0, 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 768.884378][T18904] loop5: detected capacity change from 0 to 131456 [ 768.893599][T18896] loop4: detected capacity change from 0 to 131456 [ 768.923258][T18904] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 05:40:20 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = creat(0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x20, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12d", 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be09", @ANYRES16=0x0, @ANYBLOB="ab4870", @ANYRES32=0x0], 0x28}}, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f00000005c0)={0x24, 0x0, 0x0, 0x4070bd27, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x2}]}, 0x24}}, 0xc088054) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, 0x0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x45}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x18}, {0x1b}, {0x30, 0x1}, {0x4, 0x1}, {0x6c}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x42e}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4) ppoll(&(0x7f0000000000)=[{r3, 0x1c8}], 0x1, &(0x7f00000000c0)={r4, r5+60000000}, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000180), 0xfff, 0x200) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000001c0)={0x0, 0x3, 0x7}) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000540)={0x57, 0x6f, 0x2, {0x6, [{0x4, 0x4, 0x3}, {0x20, 0x0, 0x7}, {0x80, 0x1, 0x6}, {0x40, 0x0, 0x3}, {0x4, 0x3, 0x1}, {0x2, 0x3, 0x6}]}}, 0x57) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000001) 05:40:20 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x800000000000000, 0x101) [ 768.933911][T18904] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2125/file0 supports timestamps until 2038 (0x7fffffff) [ 768.950602][T18896] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 768.961184][T18896] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2168/file0 supports timestamps until 2038 (0x7fffffff) 05:40:20 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, 0x0, 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:20 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce00c4000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:20 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(0x0, 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 769.109179][T19335] loop5: detected capacity change from 0 to 131456 [ 769.147969][T19335] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 769.158648][T19335] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2126/file0 supports timestamps until 2038 (0x7fffffff) [ 769.251227][T18897] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 769.261439][T18897] CPU: 0 PID: 18897 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 769.269907][T18897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 769.279952][T18897] Call Trace: [ 769.283224][T18897] dump_stack_lvl+0xd6/0x122 [ 769.287995][T18897] dump_stack+0x11/0x1b [ 769.292213][T18897] dump_header+0x98/0x410 [ 769.296561][T18897] oom_kill_process+0x18e/0x3f0 [ 769.301416][T18897] out_of_memory+0x5ed/0x890 [ 769.306006][T18897] ? mem_cgroup_iter+0x29b/0x370 [ 769.311007][T18897] mem_cgroup_oom+0x484/0x520 [ 769.315856][T18897] try_charge_memcg+0x736/0xa10 [ 769.320707][T18897] ? __rcu_read_unlock+0x5c/0x290 [ 769.325874][T18897] charge_memcg+0x51/0x1a0 [ 769.330286][T18897] __mem_cgroup_charge+0x25/0xa0 [ 769.335277][T18897] __filemap_add_folio+0x3a8/0x4d0 [ 769.340400][T18897] ? workingset_activation+0x2b0/0x2b0 [ 769.345858][T18897] filemap_add_folio+0x6b/0x150 [ 769.350707][T18897] add_to_page_cache_lru+0x4e/0x70 [ 769.355902][T18897] filemap_read+0x80e/0x1720 [ 769.360490][T18897] ? rb_insert_color+0x2fa/0x310 [ 769.365551][T18897] generic_file_read_iter+0x75/0x2c0 [ 769.370866][T18897] ext4_file_read_iter+0x1db/0x290 [ 769.376017][T18897] vfs_read+0x66c/0x750 [ 769.380206][T18897] ksys_read+0xd9/0x190 [ 769.384366][T18897] __x64_sys_read+0x3e/0x50 [ 769.389370][T18897] do_syscall_64+0x44/0xa0 [ 769.393789][T18897] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 769.399689][T18897] RIP: 0033:0x7f2e21c2aae9 [ 769.404169][T18897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 769.423766][T18897] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 769.432188][T18897] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 769.440150][T18897] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 769.448203][T18897] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 769.456171][T18897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 769.464146][T18897] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 769.472391][T18897] memory: usage 307200kB, limit 307200kB, failcnt 44995 [ 769.479328][T18897] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 769.486229][T18897] Memory cgroup stats for /syz2: [ 769.488823][T18897] anon 2408448 [ 769.488823][T18897] file 306618368 [ 769.488823][T18897] kernel_stack 344064 [ 769.488823][T18897] pagetables 2129920 [ 769.488823][T18897] percpu 0 [ 769.488823][T18897] sock 0 [ 769.488823][T18897] shmem 306561024 [ 769.488823][T18897] file_mapped 0 [ 769.488823][T18897] file_dirty 0 [ 769.488823][T18897] file_writeback 0 [ 769.488823][T18897] swapcached 0 [ 769.488823][T18897] inactive_anon 5677056 [ 769.488823][T18897] active_anon 303280128 [ 769.488823][T18897] inactive_file 0 [ 769.488823][T18897] active_file 0 [ 769.488823][T18897] unevictable 12288 [ 769.488823][T18897] slab_reclaimable 1266688 [ 769.488823][T18897] slab_unreclaimable 1428808 [ 769.488823][T18897] slab 2695496 [ 769.488823][T18897] workingset_refault_anon 0 [ 769.488823][T18897] workingset_refault_file 46383 [ 769.488823][T18897] workingset_activate_anon 0 [ 769.488823][T18897] workingset_activate_file 445 [ 769.488823][T18897] workingset_restore_anon 0 [ 769.583267][T18897] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=18891,uid=0 05:40:21 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:21 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002125ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:21 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:21 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x900000000000000, 0x101) 05:40:21 executing program 1: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:21 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce02ca000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 769.598608][T18897] Memory cgroup out of memory: Killed process 18891 (syz-executor.2) total-vm:85348kB, anon-rss:568kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 769.617303][ T25] oom_reaper: reaped process 18891 (syz-executor.2), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB 05:40:21 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xc00000000000000, 0x101) [ 769.667420][T19338] loop4: detected capacity change from 0 to 131456 [ 769.675385][T19344] loop5: detected capacity change from 0 to 131456 05:40:21 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) [ 769.717980][T19338] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 769.752234][T19344] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 769.754725][T19338] System zones: 1-2, 19-19, 35-38, 46-46 [ 769.769133][T19344] System zones: 1-2, 19-19, 35-38, 46-46 [ 769.784245][T19344] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 769.786366][T19338] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 769.794877][T19344] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2127/file0 supports timestamps until 2038 (0x7fffffff) 05:40:21 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xf00000000000000, 0x101) [ 769.805426][T19338] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2169/file0 supports timestamps until 2038 (0x7fffffff) 05:40:21 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:21 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002225ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:21 executing program 1: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) [ 769.965565][T19756] loop4: detected capacity change from 0 to 131456 [ 770.005648][T19756] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 770.037332][T19756] System zones: 1-2, 19-19, 35-38, 46-46 [ 770.059084][T19756] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 770.069725][T19756] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2170/file0 supports timestamps until 2038 (0x7fffffff) [ 770.421658][T19449] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 770.431870][T19449] CPU: 1 PID: 19449 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 770.440292][T19449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 770.450340][T19449] Call Trace: [ 770.453609][T19449] dump_stack_lvl+0xd6/0x122 [ 770.458254][T19449] dump_stack+0x11/0x1b [ 770.462417][T19449] dump_header+0x98/0x410 [ 770.466767][T19449] oom_kill_process+0x18e/0x3f0 [ 770.471688][T19449] out_of_memory+0x5ed/0x890 [ 770.476400][T19449] ? mem_cgroup_iter+0x29b/0x370 [ 770.481382][T19449] mem_cgroup_oom+0x484/0x520 [ 770.486054][T19449] try_charge_memcg+0x736/0xa10 [ 770.490941][T19449] ? __rcu_read_unlock+0x5c/0x290 [ 770.495992][T19449] charge_memcg+0x51/0x1a0 [ 770.500537][T19449] __mem_cgroup_charge+0x25/0xa0 [ 770.505553][T19449] __filemap_add_folio+0x3a8/0x4d0 [ 770.510666][T19449] ? workingset_activation+0x2b0/0x2b0 [ 770.516154][T19449] filemap_add_folio+0x6b/0x150 [ 770.520996][T19449] add_to_page_cache_lru+0x4e/0x70 [ 770.526171][T19449] filemap_read+0x80e/0x1720 [ 770.530758][T19449] ? rb_insert_color+0x2fa/0x310 [ 770.535769][T19449] generic_file_read_iter+0x75/0x2c0 [ 770.541049][T19449] ext4_file_read_iter+0x1db/0x290 [ 770.546205][T19449] vfs_read+0x66c/0x750 [ 770.550483][T19449] ksys_read+0xd9/0x190 [ 770.554639][T19449] __x64_sys_read+0x3e/0x50 [ 770.559136][T19449] do_syscall_64+0x44/0xa0 [ 770.563587][T19449] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 770.569477][T19449] RIP: 0033:0x7f2e21c2aae9 [ 770.573886][T19449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 770.593485][T19449] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 770.601952][T19449] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 770.610033][T19449] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 770.618022][T19449] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 770.626062][T19449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 770.634034][T19449] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 770.642216][T19449] memory: usage 307200kB, limit 307200kB, failcnt 47590 [ 770.649168][T19449] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 770.656000][T19449] Memory cgroup stats for /syz2: [ 770.656273][T19449] anon 2387968 [ 770.656273][T19449] file 306618368 [ 770.656273][T19449] kernel_stack 311296 [ 770.656273][T19449] pagetables 2129920 [ 770.656273][T19449] percpu 0 [ 770.656273][T19449] sock 0 [ 770.656273][T19449] shmem 306561024 [ 770.656273][T19449] file_mapped 0 [ 770.656273][T19449] file_dirty 0 [ 770.656273][T19449] file_writeback 0 [ 770.656273][T19449] swapcached 0 [ 770.656273][T19449] inactive_anon 5656576 [ 770.656273][T19449] active_anon 303280128 [ 770.656273][T19449] inactive_file 0 [ 770.656273][T19449] active_file 0 [ 770.656273][T19449] unevictable 12288 [ 770.656273][T19449] slab_reclaimable 1266688 [ 770.656273][T19449] slab_unreclaimable 1433608 [ 770.656273][T19449] slab 2700296 [ 770.656273][T19449] workingset_refault_anon 0 [ 770.656273][T19449] workingset_refault_file 49312 [ 770.656273][T19449] workingset_activate_anon 0 [ 770.656273][T19449] workingset_activate_file 458 [ 770.656273][T19449] workingset_restore_anon 0 [ 770.751833][T19449] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=19384,uid=0 05:40:22 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) chown(0x0, 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:22 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x1000000000000000, 0x101) 05:40:22 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, 0x0, 0x0) 05:40:22 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce02cb000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:22 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:22 executing program 1: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) [ 770.767144][T19449] Memory cgroup out of memory: Killed process 19449 (syz-executor.2) total-vm:85480kB, anon-rss:620kB, file-rss:35840kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 770.785768][ T25] oom_reaper: reaped process 19449 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 770.831229][T19889] loop4: detected capacity change from 0 to 131456 [ 770.841957][T19892] loop5: detected capacity change from 0 to 131456 [ 770.858086][T19889] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 05:40:22 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, 0x0, 0x0) [ 770.868707][T19889] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2171/file0 supports timestamps until 2038 (0x7fffffff) 05:40:22 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x1200000000000000, 0x101) [ 770.908421][T19892] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 770.919042][T19892] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2128/file0 supports timestamps until 2038 (0x7fffffff) 05:40:22 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) chown(0x0, 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:22 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, 0x0, 0x0) 05:40:22 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x2000000000000000, 0x101) 05:40:22 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce02cc000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:22 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) (fail_nth: 1) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 771.117601][T20257] loop5: detected capacity change from 0 to 131456 [ 771.146981][T20298] FAULT_INJECTION: forcing a failure. [ 771.146981][T20298] name failslab, interval 1, probability 0, space 0, times 0 05:40:22 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) chown(0x0, 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:22 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000700)={'filter\x00', 0x4}, 0x68) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="8400000019001fb2b9409b0d1b809ac00a80a578020000020004000023", 0x1d, 0x0, 0x0, 0x0) r1 = socket(0x8000000010, 0x2, 0x0) write(r1, &(0x7f0000000100)="fc00000015000705ab092509b868070002ab087a02000000b8480793210001c0f00205840500000103b2000000039815fa2c53c28648000000b9d95662537a00bc000c00f0036cdf0db400600033d44000040060b16a5bab0ac6a395a9fe1a482c0a36317012dafd5a32e273fc83bc571dab82d710f74cec18444ef90d475ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a463ae4f5df77bc4cfd623bec2a0f0d1bcae5f5502943283f4bf102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd0733802e07840c485f78fa1c9457f2013cd1890058a10000c880ac800049f0d4796f0000080548deac279cc4", 0xfc) io_uring_enter(0xffffffffffffffff, 0x62a3, 0xf23d, 0x2, &(0x7f0000000040)={[0x7]}, 0x8) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e23, 0x3, @mcast1}, 0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="9000000019001f15b9409b0d1b849ac002", 0x11, 0x0, 0x0, 0x0) setsockopt$inet_group_source_req(r1, 0x0, 0x2e, &(0x7f0000000300)={0xce5, {{0x2, 0x4e20, @broadcast}}, {{0x2, 0x4e20, @local}}}, 0x108) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r2, r3) read$snapshot(r2, &(0x7f0000000200)=""/197, 0xc5) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="1180000021", 0x5, 0x0, 0x0, 0x0) r4 = socket$inet6(0x10, 0x2, 0x0) sendto$inet6(r4, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) 05:40:22 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r1, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) [ 771.159656][T20298] CPU: 1 PID: 20298 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 771.168189][T20298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 771.178295][T20298] Call Trace: [ 771.181571][T20298] dump_stack_lvl+0xd6/0x122 [ 771.186273][T20298] dump_stack+0x11/0x1b [ 771.190471][T20298] should_fail+0x23c/0x250 [ 771.194926][T20298] ? getname_flags+0x84/0x3f0 [ 771.199698][T20298] __should_failslab+0x81/0x90 [ 771.204543][T20298] should_failslab+0x5/0x20 [ 771.209115][T20298] kmem_cache_alloc+0x4f/0x320 [ 771.213952][T20298] getname_flags+0x84/0x3f0 [ 771.218536][T20298] __x64_sys_mkdir+0x31/0x50 [ 771.223125][T20298] do_syscall_64+0x44/0xa0 [ 771.227573][T20298] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 771.233559][T20298] RIP: 0033:0x7feecb647ae9 [ 771.237990][T20298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 771.257594][T20298] RSP: 002b:00007feec93be188 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 05:40:22 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002425ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:22 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x3f00000000000000, 0x101) [ 771.266167][T20298] RAX: ffffffffffffffda RBX: 00007feecb75af60 RCX: 00007feecb647ae9 [ 771.274150][T20298] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100 [ 771.282201][T20298] RBP: 00007feec93be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 771.290179][T20298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 771.298033][T20257] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 771.298145][T20298] R13: 00007ffc06039f3f R14: 00007feec93be300 R15: 0000000000022000 [ 771.315564][T20337] netlink: 228 bytes leftover after parsing attributes in process `syz-executor.1'. [ 771.316706][T20257] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2129/file0 supports timestamps until 2038 (0x7fffffff) [ 771.363529][T20337] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=28705 sclass=netlink_route_socket pid=20337 comm=syz-executor.1 [ 771.386334][T20414] loop4: detected capacity change from 0 to 131456 05:40:23 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce02cd000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:23 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x5084000000000000, 0x101) [ 771.409964][T20414] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 771.445002][T20414] System zones: 1-2, 19-19, 35-38, 46-46 [ 771.469114][T20414] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 771.479740][T20414] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2172/file0 supports timestamps until 2038 (0x7fffffff) 05:40:23 executing program 1: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000002c0)="eb3c8fbe92565556a69b000000732e6661740002010100", 0x17}, {0x0, 0x0, 0x80}], 0x0, &(0x7f0000000000)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 05:40:23 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x8102000000000000, 0x101) [ 771.504948][T20566] loop5: detected capacity change from 0 to 131456 [ 771.561526][T20661] FAT-fs (loop1): bogus number of reserved sectors [ 771.568091][T20661] FAT-fs (loop1): Can't find a valid FAT filesystem [ 771.576714][T20566] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 771.591460][T20566] System zones: 1-2, 19-19, 35-38, 46-46 05:40:23 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) (fail_nth: 2) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 771.605085][T20566] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 771.615670][T20566] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2130/file0 supports timestamps until 2038 (0x7fffffff) [ 771.658118][T20768] FAULT_INJECTION: forcing a failure. [ 771.658118][T20768] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 771.671302][T20768] CPU: 0 PID: 20768 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 771.679789][T20768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 771.689858][T20768] Call Trace: [ 771.693135][T20768] dump_stack_lvl+0xd6/0x122 [ 771.697745][T20768] dump_stack+0x11/0x1b [ 771.701899][T20768] should_fail+0x23c/0x250 [ 771.706321][T20768] should_fail_usercopy+0x16/0x20 [ 771.711346][T20768] strncpy_from_user+0x21/0x250 [ 771.716275][T20768] getname_flags+0xb8/0x3f0 [ 771.720779][T20768] __x64_sys_mkdir+0x31/0x50 [ 771.725380][T20768] do_syscall_64+0x44/0xa0 [ 771.729794][T20768] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 771.735748][T20768] RIP: 0033:0x7feecb647ae9 05:40:23 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x8200000000000000, 0x101) 05:40:23 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002525ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:23 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce02ce000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 771.740194][T20768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 771.759806][T20768] RSP: 002b:00007feec93be188 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 771.768212][T20768] RAX: ffffffffffffffda RBX: 00007feecb75af60 RCX: 00007feecb647ae9 [ 771.776240][T20768] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100 [ 771.784216][T20768] RBP: 00007feec93be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 771.792279][T20768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 771.800333][T20768] R13: 00007ffc06039f3f R14: 00007feec93be300 R15: 0000000000022000 05:40:23 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x7f, 0x5, 0x0, 0x0, 0x0, 0x1, 0x8446, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x15}, 0x804, 0x0, 0xc8, 0x0, 0x0, 0x81, 0x0, 0x0, 0x8182}, 0x0, 0x2, 0xffffffffffffffff, 0x8) ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1}) ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, &(0x7f0000000700)=ANY=[@ANYBLOB="03a1a70391c583215a5a3b7dfabca29f8d55951f2e47263787dd4628d0ba93c783a2af6685af4fa302092d80fb5c4b0647f25b98be86f50869d4dcc994c1be6ba32bed0ac363fee3cf23010b015ae6c0a21c3494a65f7ef322146d993c8deeb8db27e70251574260b7033f2235a852cd0f232d1681a7063defbd0ed7348377abf92256100409d779a4895af0098344b019869857ee1107fd0e4e55c3c7373913f239e24b889dc072a710c21446deb713de02886f9a6f048bdbe48e5b70336bef306b52d5b67799b527f5f33fa293e23be78fd0e70b91eb5f9757e93a82693d3ed495953415748ce2f52c7512afd0a15d9e0975c14fd6ac84850b38e74578da2f229cc3e4573f6ab85614ce958687b0efb31b2ce23fd4a0df1bd070abda466cf85b3be769cc86ca1f29bb8ca9f03aa71544bc759d97a34c5c3e78cc31c6c0e036e22214b4a2e5ce8cc96b6d032848da0485130c66221ab033fa5f4d21bebbeb23a0136790c816871de8b3d062c15f2c94fec3a2fbaf726d46e79c765ed0e224e7ea92d9d354a0a4a8130eb2b32421c9752bc0ac92e3ca2a0837b93e9c7049eaaf773e215a7a81eaf131f19ed46d28716f46cba5fe0100049f9684c101b258a234ee1e3549543dcb098de1fe7135146f007770898126000cdd20de1fd74e8160512d4a01d1cfb9eabc0008e406f63605c4c585f251d97e3022cc5412d7bf7819eabb0addfaea505de3c7eb10b1c96d933d2f9a41072036ca1ada46a199fd287040108761a1c96eca2703bf640eacbe6c0df43a883b54a0991a3230a4b326422062797015eef451a48ac5ed4ff67b0aec520cf9037b19632162002b00a30f80fb40c5c0d8a520d9289f7453d4eba33ee4a9ca2999a53e96efc9d4c9a120af55ee6ac47fdf11274841f6381d40b1f53cc259c76e1d97063d793cb90d88699ee5998ab5774e4c74654af7965f9899725552009eef50b5f9d443abd0b0bb6242f30b33b75bb46bfae593d50a64cadba31b255e0f64c28c6f591f83c5d12a17facf078338ab2b69a739c6e72fcc9cef4f910282f155164a1ed8bf87a46e4bbd41b21a4ef30f3facf7c649d1c02d39aa0967a5"]) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)) preadv(r0, &(0x7f0000002c40)=[{0x0}], 0x1, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000540)={0x2, 0x0, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0) bind$inet(r1, &(0x7f000099e000)={0x2, 0x4e20, @local}, 0x10) ioctl$int_in(r1, 0x5452, &(0x7f00000000c0)=0x7) r2 = fork() prlimit64(r2, 0x6, 0x0, 0x0) pipe(&(0x7f0000000680)) wait4(r2, &(0x7f0000000580), 0x80000000, &(0x7f00000005c0)) socket$inet(0x2, 0x2, 0x0) ioctl$sock_FIOSETOWN(r1, 0x8901, &(0x7f0000000500)=r2) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 771.864603][T21031] loop4: detected capacity change from 0 to 131456 [ 771.874028][T21034] loop5: detected capacity change from 0 to 131456 [ 771.895634][T21034] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 771.906456][T21031] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 771.927076][T21034] System zones: 1-2, 19-19, 35-38, 46-46 [ 771.934073][T21031] System zones: 1-2, 19-19, 35-38, 46-46 [ 771.941447][T21034] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 771.952084][T21034] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2131/file0 supports timestamps until 2038 (0x7fffffff) [ 771.966874][T21031] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 771.977592][T21031] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2173/file0 supports timestamps until 2038 (0x7fffffff) [ 772.120076][T20335] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 772.130334][T20335] CPU: 0 PID: 20335 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 772.138783][T20335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 772.148943][T20335] Call Trace: [ 772.152305][T20335] dump_stack_lvl+0xd6/0x122 [ 772.156906][T20335] dump_stack+0x11/0x1b [ 772.161083][T20335] dump_header+0x98/0x410 [ 772.165442][T20335] oom_kill_process+0x18e/0x3f0 [ 772.170328][T20335] out_of_memory+0x5ed/0x890 [ 772.174938][T20335] ? mem_cgroup_iter+0x29b/0x370 [ 772.180137][T20335] mem_cgroup_oom+0x484/0x520 [ 772.184824][T20335] try_charge_memcg+0x736/0xa10 [ 772.189710][T20335] ? __rcu_read_unlock+0x5c/0x290 [ 772.194745][T20335] charge_memcg+0x51/0x1a0 [ 772.199176][T20335] __mem_cgroup_charge+0x25/0xa0 [ 772.204109][T20335] __filemap_add_folio+0x3a8/0x4d0 [ 772.209214][T20335] ? workingset_activation+0x2b0/0x2b0 [ 772.214679][T20335] filemap_add_folio+0x6b/0x150 [ 772.219799][T20335] add_to_page_cache_lru+0x4e/0x70 [ 772.224965][T20335] filemap_read+0x80e/0x1720 [ 772.229591][T20335] generic_file_read_iter+0x75/0x2c0 [ 772.234879][T20335] ext4_file_read_iter+0x1db/0x290 [ 772.239998][T20335] vfs_read+0x66c/0x750 [ 772.244152][T20335] ksys_read+0xd9/0x190 [ 772.248301][T20335] __x64_sys_read+0x3e/0x50 [ 772.252799][T20335] do_syscall_64+0x44/0xa0 [ 772.257205][T20335] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 772.263184][T20335] RIP: 0033:0x7f2e21c2aae9 [ 772.267596][T20335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 772.287545][T20335] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 772.296140][T20335] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 772.304132][T20335] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 772.312103][T20335] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 772.320069][T20335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 772.328039][T20335] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 772.336084][T20335] memory: usage 307200kB, limit 307200kB, failcnt 50123 [ 772.343088][T20335] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 772.349950][T20335] Memory cgroup stats for /syz2: [ 772.351588][T20335] anon 2412544 [ 772.351588][T20335] file 306618368 [ 772.351588][T20335] kernel_stack 311296 [ 772.351588][T20335] pagetables 2129920 [ 772.351588][T20335] percpu 0 [ 772.351588][T20335] sock 0 [ 772.351588][T20335] shmem 306561024 [ 772.351588][T20335] file_mapped 0 [ 772.351588][T20335] file_dirty 0 [ 772.351588][T20335] file_writeback 0 [ 772.351588][T20335] swapcached 0 [ 772.351588][T20335] inactive_anon 5681152 [ 772.351588][T20335] active_anon 303280128 [ 772.351588][T20335] inactive_file 0 [ 772.351588][T20335] active_file 0 [ 772.351588][T20335] unevictable 12288 [ 772.351588][T20335] slab_reclaimable 1265520 [ 772.351588][T20335] slab_unreclaimable 1428336 [ 772.351588][T20335] slab 2693856 [ 772.351588][T20335] workingset_refault_anon 0 [ 772.351588][T20335] workingset_refault_file 52053 [ 772.351588][T20335] workingset_activate_anon 0 [ 772.351588][T20335] workingset_activate_file 458 [ 772.351588][T20335] workingset_restore_anon 0 [ 772.446030][T20335] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=20332,uid=0 05:40:24 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r1, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:24 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:24 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xf4ffffff00000000, 0x101) 05:40:24 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce03ea000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:24 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002625ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:24 executing program 1: perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [{0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {0x0}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000000640)={0x4, [{r62, r70}, {0x0, r154}, {r219, r192}, {r271, r123}, {r59, r95}, {r112, r82}, {r252, r105}, {r45, r189}, {r103, r115}, {r243, r174}, {r252, r141}, {r215, r184}, {r292, r118}, {r65, r246}, {r137, r95}, {r54, r257}, {r39, r187}, {r179, r136}, {r87, r298}, {r281, r75}, {r175, r141}, {r49, r190}, {r108, r196}, {r131, r272}, {r16, r249}, {r216, r170}, {r185}, {r52, r79}, {r177, r220}, {r224, r38}, {r166, r172}, {r74, r15}, {r157}, {r60, r293}, {r168, r93}, {r148, r24}, {r0, r107}, {r275, r20}, {r135, r57}, {r22}, {r31, r122}, {r65, r141}, {r206, r268}, {r51, r172}, {r218, r125}, {r236, r146}, {r283, r86}, {r104, r159}, {r54, r282}, {r36, r293}, {0x0, r125}, {r49, r23}, {r280, r163}, {0x0, r276}, {r155, r282}, {0x0, r1}, {r6}, {r72}, {r296, r91}, {}, {r148, r278}, {r151, r232}, {r110, r97}, {r71, r295}, {r51, r66}, {r285}, {r59, r256}, {r180}, {}, {r175, r9}, {r41, r248}, {r131, r109}, {0x0, r122}, {r69, r208}, {r215, r118}, {r218, r128}, {r44, r207}, {r277, r48}, {}, {r106}, {r63, r55}, {r193, r145}, {r22, r25}, {r10, r207}, {r131}, {r264, r238}, {r240}, {r14, r165}, {r244, r26}, {r281, r194}, {r203, r245}, {r3, r150}, {r203, r172}, {r183, r132}, {r116, r223}, {r267, r197}, {r240, r186}, {r218, r146}, {0x0, r122}, {0x0, r227}, {0x0, r100}, {r27, r86}, {r179, r291}, {r126, r138}, {r120, r5}, {0x0, r293}, {r120, r270}, {r140, r123}, {r4, r158}, {r140, r227}, {r226, r82}, {r193, r230}, {r199, r98}, {r58, r273}, {r185, r13}, {r267, r147}, {r124, r189}, {r290, r287}, {r292, r237}, {0x0, r1}, {r221}, {r164, r35}, {r110, r207}, {r205, r227}, {0x0, r7}, {r72, r130}, {r231, r40}, {r80, r194}, {r191, r102}, {r219, r232}, {r142, r190}, {r153, r200}, {r99, r181}, {r206, r211}, {0x0, r129}, {r239, r48}, {r247, r198}, {r87, r159}, {r78, r101}, {r80, r139}, {r219, r156}, {r239, r204}, {r85, r117}, {r229}, {r274, r119}, {r201, r207}, {r162, r11}, {r94}, {r22}, {r269, r235}, {0x0, r202}, {r83, r284}, {r258, r75}, {r116, r225}, {r127, r86}, {r114, r172}, {r12, r25}, {r114}, {r250, r101}, {r292, r86}, {r289, r265}, {0x0, r100}, {r234, r261}, {r121, r210}, {r83, r17}, {r29, r64}, {r137, r228}, {}, {}, {r43, r70}, {r180, r149}, {r171, r40}, {r140, r109}, {r266}, {r37, r214}, {r8, r77}, {r296, r35}, {r294}, {0x0, r178}, {r219, r18}, {r19, r122}, {r34, r7}, {r54, r84}, {r133, r56}, {r112, r156}, {r254, r255}, {r213, r297}, {r231, r81}, {0x0, r73}, {r96}, {r195, r61}, {0x0, r272}, {r60, r42}, {r90, r154}, {0x0, r263}, {r266, r143}, {r260, r48}, {r279, r68}, {}, {r94, r50}, {0x0, r66}, {r285, r150}, {r161}, {0x0, r176}, {r222, r287}, {r175, r152}, {r112, r47}, {r169, r253}, {r67, r233}, {r269, r53}, {r89, r82}, {r191, r102}, {r264, r118}, {r76, r123}, {r144, r21}, {r247, r118}, {r281, r122}, {r182, r167}, {r229, r5}, {r49, r56}, {r76, r105}, {r74, r88}, {r173, r111}, {r164, r97}, {r157, r212}, {r153}, {r209}, {r92, r33}, {r103, r93}, {r209}, {r87, r297}, {r239, r208}, {r160, r91}, {r37, r259}, {r193}, {r241, r32}, {r63, r217}, {r281, r251}, {r267, r152}, {0x0, r211}, {r99, r129}, {r34, r257}, {r258, r134}, {r188, r270}, {r203, r286}, {r29, r149}, {r90}, {r94, r102}, {r124, r149}, {r16, r28}, {r188, r2}, {r108, r30}, {r92, r288}, {r269, r210}, {r54, r113}], 0xff, "f0694d3752eaac"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r155}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r46}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r300}], 0x0, "2156816c73038c"}) r303 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r303, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r304 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x4, 0xffffffffffffffff, 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) ftruncate(r304, 0x10001) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', 0x0, 0x24, 0x0) rmdir(&(0x7f00000001c0)='./file0\x00') ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000055c80)={0x3, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r262}, {}, {}, {r302}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r299}, {}, {}, {}, {}, {}, {r213}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r242}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r301}], 0x0, "1f4b5e509c82d4"}) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000300)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) lstat(&(0x7f0000000080)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)) [ 772.461345][T20335] Memory cgroup out of memory: Killed process 20335 (syz-executor.2) total-vm:85348kB, anon-rss:692kB, file-rss:35836kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 772.479855][ T25] oom_reaper: reaped process 20335 (syz-executor.2), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB [ 772.520154][T21190] loop4: detected capacity change from 0 to 131456 [ 772.527682][T21189] loop5: detected capacity change from 0 to 131456 [ 772.537904][ C1] sd 0:0:1:0: tag#5601 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 772.547765][ C1] sd 0:0:1:0: tag#5601 CDB: opcode=0xe5 (vendor) [ 772.554110][ C1] sd 0:0:1:0: tag#5601 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c 05:40:24 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x2) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:24 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xfbffffff00000000, 0x101) [ 772.556505][T21190] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 772.563290][ C1] sd 0:0:1:0: tag#5601 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 772.563309][ C1] sd 0:0:1:0: tag#5601 CDB[20]: ba [ 772.573861][T21190] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2174/file0 supports timestamps until 2038 (0x7fffffff) [ 772.621467][T21189] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 772.632045][T21189] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2132/file0 supports timestamps until 2038 (0x7fffffff) 05:40:24 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x1000000) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:24 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xfeffffff00000000, 0x101) 05:40:24 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce01f6000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:24 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x2000000) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 772.779870][T21714] loop5: detected capacity change from 0 to 131456 [ 772.823393][T21714] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 772.834116][T21714] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2133/file0 supports timestamps until 2038 (0x7fffffff) [ 772.985937][T21272] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 772.996151][T21272] CPU: 0 PID: 21272 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 773.004647][T21272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 773.014700][T21272] Call Trace: [ 773.017974][T21272] dump_stack_lvl+0xd6/0x122 [ 773.022589][T21272] dump_stack+0x11/0x1b [ 773.026740][T21272] dump_header+0x98/0x410 [ 773.031082][T21272] oom_kill_process+0x18e/0x3f0 [ 773.036011][T21272] out_of_memory+0x5ed/0x890 [ 773.040635][T21272] ? mem_cgroup_iter+0x29b/0x370 [ 773.045642][T21272] mem_cgroup_oom+0x484/0x520 [ 773.050391][T21272] try_charge_memcg+0x736/0xa10 [ 773.055244][T21272] ? __rcu_read_unlock+0x5c/0x290 [ 773.060373][T21272] charge_memcg+0x51/0x1a0 [ 773.064786][T21272] __mem_cgroup_charge+0x25/0xa0 [ 773.069796][T21272] __filemap_add_folio+0x3a8/0x4d0 [ 773.074911][T21272] ? workingset_activation+0x2b0/0x2b0 [ 773.080421][T21272] filemap_add_folio+0x6b/0x150 [ 773.085357][T21272] add_to_page_cache_lru+0x4e/0x70 [ 773.090483][T21272] filemap_read+0x80e/0x1720 [ 773.095074][T21272] ? rb_insert_color+0x2fa/0x310 [ 773.100481][T21272] generic_file_read_iter+0x75/0x2c0 [ 773.105861][T21272] ext4_file_read_iter+0x1db/0x290 [ 773.110992][T21272] vfs_read+0x66c/0x750 [ 773.115218][T21272] ksys_read+0xd9/0x190 [ 773.119371][T21272] __x64_sys_read+0x3e/0x50 [ 773.123873][T21272] do_syscall_64+0x44/0xa0 [ 773.128346][T21272] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 773.134240][T21272] RIP: 0033:0x7f2e21c2aae9 [ 773.138658][T21272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 773.158256][T21272] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 773.166679][T21272] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 773.174648][T21272] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 773.182628][T21272] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 773.190665][T21272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 773.198657][T21272] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 773.206783][T21272] memory: usage 307200kB, limit 307200kB, failcnt 52294 [ 773.213738][T21272] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 773.220607][T21272] Memory cgroup stats for /syz2: [ 773.220789][T21272] anon 2412544 [ 773.220789][T21272] file 306618368 [ 773.220789][T21272] kernel_stack 344064 [ 773.220789][T21272] pagetables 2129920 [ 773.220789][T21272] percpu 0 [ 773.220789][T21272] sock 0 [ 773.220789][T21272] shmem 306561024 [ 773.220789][T21272] file_mapped 0 [ 773.220789][T21272] file_dirty 0 [ 773.220789][T21272] file_writeback 0 [ 773.220789][T21272] swapcached 0 [ 773.220789][T21272] inactive_anon 5681152 [ 773.220789][T21272] active_anon 303280128 [ 773.220789][T21272] inactive_file 0 [ 773.220789][T21272] active_file 0 [ 773.220789][T21272] unevictable 12288 [ 773.220789][T21272] slab_reclaimable 1265520 [ 773.220789][T21272] slab_unreclaimable 1428336 [ 773.220789][T21272] slab 2693856 [ 773.220789][T21272] workingset_refault_anon 0 [ 773.220789][T21272] workingset_refault_file 54030 [ 773.220789][T21272] workingset_activate_anon 0 [ 773.220789][T21272] workingset_activate_file 458 [ 773.220789][T21272] workingset_restore_anon 0 [ 773.315579][T21272] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21271,uid=0 05:40:25 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r1, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:25 executing program 1: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r1, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:25 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002725ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:25 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0xfeffffff) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:25 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xff01000000000000, 0x101) 05:40:25 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce03f8000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 773.330875][T21272] Memory cgroup out of memory: Killed process 21271 (syz-executor.2) total-vm:85348kB, anon-rss:644kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 773.349510][ T25] oom_reaper: reaped process 21271 (syz-executor.2), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB [ 773.392274][T21932] loop5: detected capacity change from 0 to 131456 [ 773.396029][T21934] loop4: detected capacity change from 0 to 131456 [ 773.420105][T21932] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 773.428727][T21934] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] 05:40:25 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0xfffffffe) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:25 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xffffff7f00000000, 0x101) [ 773.464933][T21932] System zones: 1-2, 19-19, 35-38, 46-46 [ 773.467803][T21934] System zones: 1-2, 19-19, 35-38, 46-46 [ 773.471460][T21932] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 773.486963][T21932] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2134/file0 supports timestamps until 2038 (0x7fffffff) [ 773.501974][T21934] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 773.512622][T21934] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2175/file0 supports timestamps until 2038 (0x7fffffff) 05:40:25 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002825ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:25 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0fff000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:25 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x100000000000000) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:25 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xffffffff00000000, 0x101) [ 773.645549][T22450] loop4: detected capacity change from 0 to 131456 [ 773.663809][T22487] loop5: detected capacity change from 0 to 131456 [ 773.690666][T22450] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 773.715427][T22487] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 773.747103][T22450] System zones: 1-2, 19-19, 35-38, 46-46 [ 773.755660][T22487] System zones: 1-2, 19-19, 35-38, 46-46 [ 773.765824][T22450] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 773.776451][T22450] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2176/file0 supports timestamps until 2038 (0x7fffffff) [ 773.792071][T22487] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 773.802642][T22487] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2135/file0 supports timestamps until 2038 (0x7fffffff) [ 774.018258][T22133] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 774.028551][T22133] CPU: 1 PID: 22133 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 774.037108][T22133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 774.047156][T22133] Call Trace: [ 774.050431][T22133] dump_stack_lvl+0xd6/0x122 [ 774.055030][T22133] dump_stack+0x11/0x1b [ 774.059238][T22133] dump_header+0x98/0x410 [ 774.063682][T22133] oom_kill_process+0x18e/0x3f0 [ 774.068593][T22133] out_of_memory+0x5ed/0x890 [ 774.073185][T22133] ? mem_cgroup_iter+0x29b/0x370 [ 774.078213][T22133] mem_cgroup_oom+0x484/0x520 [ 774.082889][T22133] try_charge_memcg+0x736/0xa10 [ 774.087742][T22133] ? __rcu_read_unlock+0x5c/0x290 [ 774.092773][T22133] charge_memcg+0x51/0x1a0 [ 774.097188][T22133] __mem_cgroup_charge+0x25/0xa0 [ 774.102120][T22133] __filemap_add_folio+0x3a8/0x4d0 [ 774.107286][T22133] ? workingset_activation+0x2b0/0x2b0 [ 774.112743][T22133] filemap_add_folio+0x6b/0x150 [ 774.117587][T22133] add_to_page_cache_lru+0x4e/0x70 [ 774.122740][T22133] filemap_read+0x80e/0x1720 [ 774.127328][T22133] generic_file_read_iter+0x75/0x2c0 [ 774.132644][T22133] ext4_file_read_iter+0x1db/0x290 [ 774.137773][T22133] vfs_read+0x66c/0x750 [ 774.141959][T22133] ksys_read+0xd9/0x190 [ 774.146110][T22133] __x64_sys_read+0x3e/0x50 [ 774.150604][T22133] do_syscall_64+0x44/0xa0 [ 774.155026][T22133] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 774.160937][T22133] RIP: 0033:0x7f2e21c2aae9 [ 774.165375][T22133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 774.185426][T22133] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 774.193841][T22133] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 774.201890][T22133] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 774.209892][T22133] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 774.217867][T22133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 774.225960][T22133] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 774.234049][T22133] memory: usage 307200kB, limit 307200kB, failcnt 54555 [ 774.241163][T22133] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 774.248018][T22133] Memory cgroup stats for /syz2: [ 774.248609][T22133] anon 2412544 [ 774.248609][T22133] file 306618368 [ 774.248609][T22133] kernel_stack 344064 [ 774.248609][T22133] pagetables 2129920 [ 774.248609][T22133] percpu 0 [ 774.248609][T22133] sock 0 [ 774.248609][T22133] shmem 306561024 [ 774.248609][T22133] file_mapped 0 [ 774.248609][T22133] file_dirty 0 [ 774.248609][T22133] file_writeback 0 [ 774.248609][T22133] swapcached 0 [ 774.248609][T22133] inactive_anon 5681152 [ 774.248609][T22133] active_anon 303280128 [ 774.248609][T22133] inactive_file 57344 [ 774.248609][T22133] active_file 0 [ 774.248609][T22133] unevictable 12288 [ 774.248609][T22133] slab_reclaimable 1265520 [ 774.248609][T22133] slab_unreclaimable 1428336 [ 774.248609][T22133] slab 2693856 [ 774.248609][T22133] workingset_refault_anon 0 [ 774.248609][T22133] workingset_refault_file 56103 [ 774.248609][T22133] workingset_activate_anon 0 [ 774.248609][T22133] workingset_activate_file 458 [ 774.248609][T22133] workingset_restore_anon 0 [ 774.343673][T22133] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21933,uid=0 05:40:26 executing program 1: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r1, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:26 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x200000000000000) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:26 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0xffffffffffffffff, 0x101) 05:40:26 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce00000010000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:26 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, 0xffffffffffffffff, 0x406000) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r1, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:26 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002925ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 774.359053][T22133] Memory cgroup out of memory: Killed process 22133 (syz-executor.2) total-vm:85348kB, anon-rss:692kB, file-rss:35836kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 774.378059][ T25] oom_reaper: reaped process 22133 (syz-executor.2), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB [ 774.422908][T22669] loop4: detected capacity change from 0 to 131456 [ 774.432611][T22682] loop5: detected capacity change from 0 to 131456 [ 774.460985][T22682] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 05:40:26 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x10) 05:40:26 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002a25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 774.462971][T22669] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 774.471598][T22682] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2136/file0 supports timestamps until 2038 (0x7fffffff) [ 774.482109][T22669] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2177/file0 supports timestamps until 2038 (0x7fffffff) 05:40:26 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0xfeffffff00000000) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:26 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x102) 05:40:26 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce00000011000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:26 executing program 1: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r1, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) [ 774.571048][T23022] loop4: detected capacity change from 0 to 131456 [ 774.596365][T23022] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2178/file0 supports timestamps until 2038 (0x7fffffff) 05:40:26 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002b25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:26 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0xffffffff00000000) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 774.655508][T23199] loop5: detected capacity change from 0 to 131456 05:40:26 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x106) [ 774.719594][T23199] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2137/file0 supports timestamps until 2038 (0x7fffffff) [ 774.751364][T23336] loop4: detected capacity change from 0 to 131456 05:40:26 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce00000012000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 774.802589][T23336] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2179/file0 supports timestamps until 2038 (0x7fffffff) [ 774.886024][T23572] loop5: detected capacity change from 0 to 131456 [ 774.938401][T23572] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2138/file0 supports timestamps until 2038 (0x7fffffff) [ 775.129597][T22814] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 775.139899][T22814] CPU: 0 PID: 22814 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 775.148309][T22814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 775.158362][T22814] Call Trace: [ 775.161690][T22814] dump_stack_lvl+0xd6/0x122 [ 775.166295][T22814] dump_stack+0x11/0x1b [ 775.170449][T22814] dump_header+0x98/0x410 [ 775.174784][T22814] oom_kill_process+0x18e/0x3f0 [ 775.179650][T22814] out_of_memory+0x5ed/0x890 [ 775.184288][T22814] ? mem_cgroup_iter+0x29b/0x370 [ 775.189230][T22814] mem_cgroup_oom+0x484/0x520 [ 775.193939][T22814] try_charge_memcg+0x736/0xa10 [ 775.198788][T22814] ? __rcu_read_unlock+0x5c/0x290 [ 775.203877][T22814] charge_memcg+0x51/0x1a0 [ 775.208295][T22814] __mem_cgroup_charge+0x25/0xa0 [ 775.213230][T22814] __filemap_add_folio+0x3a8/0x4d0 [ 775.218400][T22814] ? workingset_activation+0x2b0/0x2b0 [ 775.223853][T22814] filemap_add_folio+0x6b/0x150 [ 775.228745][T22814] add_to_page_cache_lru+0x4e/0x70 [ 775.233881][T22814] filemap_read+0x80e/0x1720 [ 775.238525][T22814] generic_file_read_iter+0x75/0x2c0 [ 775.243804][T22814] ext4_file_read_iter+0x1db/0x290 [ 775.248921][T22814] vfs_read+0x66c/0x750 [ 775.253138][T22814] ksys_read+0xd9/0x190 [ 775.257287][T22814] __x64_sys_read+0x3e/0x50 [ 775.261794][T22814] do_syscall_64+0x44/0xa0 [ 775.266232][T22814] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 775.272294][T22814] RIP: 0033:0x7f2e21c2aae9 [ 775.276707][T22814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 775.296372][T22814] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 775.304785][T22814] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 775.312752][T22814] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000005 [ 775.320718][T22814] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 775.328679][T22814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 775.336645][T22814] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 775.344659][T22814] memory: usage 307200kB, limit 307200kB, failcnt 57024 [ 775.351628][T22814] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 775.358491][T22814] Memory cgroup stats for /syz2: [ 775.358744][T22814] anon 2412544 [ 775.358744][T22814] file 306618368 [ 775.358744][T22814] kernel_stack 311296 [ 775.358744][T22814] pagetables 2129920 [ 775.358744][T22814] percpu 0 [ 775.358744][T22814] sock 0 [ 775.358744][T22814] shmem 306561024 [ 775.358744][T22814] file_mapped 0 [ 775.358744][T22814] file_dirty 0 [ 775.358744][T22814] file_writeback 0 [ 775.358744][T22814] swapcached 0 [ 775.358744][T22814] inactive_anon 5681152 [ 775.358744][T22814] active_anon 303280128 [ 775.358744][T22814] inactive_file 0 [ 775.358744][T22814] active_file 0 [ 775.358744][T22814] unevictable 12288 [ 775.358744][T22814] slab_reclaimable 1265520 [ 775.358744][T22814] slab_unreclaimable 1428072 [ 775.358744][T22814] slab 2693592 [ 775.358744][T22814] workingset_refault_anon 0 [ 775.358744][T22814] workingset_refault_file 58639 [ 775.358744][T22814] workingset_activate_anon 0 [ 775.358744][T22814] workingset_activate_file 458 [ 775.358744][T22814] workingset_restore_anon 0 [ 775.453026][T22814] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22649,uid=0 05:40:27 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, 0xffffffffffffffff, 0x406000) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r1, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:27 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280)='virtiofs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mount(&(0x7f0000000480)=@sg0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000019680)='erofs\x00', 0x10, &(0x7f00000196c0)='\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000440)='./file0\x00', 0x100) recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000140)=""/170, 0xaa}, {&(0x7f0000000200)=""/55, 0x37}, {&(0x7f0000000380)=""/88, 0x58}, {&(0x7f0000019580)=""/232, 0xe8}, {&(0x7f0000000580)=""/102400, 0x19000}], 0x5}, 0x41) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:27 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x107) 05:40:27 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002c25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:27 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat2(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0xa8242}, 0x18) r1 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) write(r1, &(0x7f0000000200)="464fb94059e594f82f78692961bf169727797769c97c21fb0466b42315fc1eaf9d42e07093322bdf2a14c0bdee6b3b860f8c6ffbbae171b1800745b6b0cd476c8bf724fa8ce01469223b3949f8ab1d410849ebe3a9d35027e17984c42ee263fb988d742e42c0aac9cafe31d71f75d09df493f8fa70710d38b81f8c0b949ef3681691a742091b3dbdcb6c827b0d47b5b52de7489fe93310ef1fe9ca29dbbe177d56b3aa9982b20df1eb", 0xa9) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r2, r3) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x7, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x8, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xc5b, 0x2, @perf_config_ext={0x8f6, 0x7f}, 0x40084, 0x6, 0x400, 0x2, 0x7e, 0x80000001, 0x9, 0x0, 0x401, 0x0, 0x37}, 0x0, 0xa, r2, 0x9) pread64(r0, &(0x7f0000000080)=""/97, 0x61, 0x680a64f8) 05:40:27 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce00000020000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 775.468376][T22814] Memory cgroup out of memory: Killed process 22814 (syz-executor.2) total-vm:85348kB, anon-rss:692kB, file-rss:35836kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 775.486873][ T25] oom_reaper: reaped process 22814 (syz-executor.2), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB [ 775.522772][T23594] loop4: detected capacity change from 0 to 131456 [ 775.532863][T23600] loop5: detected capacity change from 0 to 131456 [ 775.559820][T23600] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] 05:40:27 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x108) [ 775.570350][T23594] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 775.599830][T23594] System zones: 1-2, 19-19, 35-38, 46-46 [ 775.606922][T23600] System zones: 1-2, 19-19, 35-38, 46-46 [ 775.630505][T23594] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2180/file0 supports timestamps until 2038 (0x7fffffff) 05:40:27 executing program 1: modify_ldt$write(0x1, &(0x7f0000000040)={0x200}, 0x10) fork() r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) sched_getattr(r0, &(0x7f0000000000)={0x38}, 0x38, 0x0) [ 775.645165][T23600] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2139/file0 supports timestamps until 2038 (0x7fffffff) [ 775.670465][T23603] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 775.680723][T23603] CPU: 0 PID: 23603 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 775.689135][T23603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 775.699184][T23603] Call Trace: [ 775.702457][T23603] dump_stack_lvl+0xd6/0x122 [ 775.707226][T23603] dump_stack+0x11/0x1b [ 775.711403][T23603] dump_header+0x98/0x410 [ 775.715741][T23603] oom_kill_process+0x18e/0x3f0 [ 775.720589][T23603] out_of_memory+0x5ed/0x890 [ 775.725188][T23603] ? mem_cgroup_iter+0x29b/0x370 [ 775.730174][T23603] mem_cgroup_oom+0x484/0x520 [ 775.734851][T23603] try_charge_memcg+0x736/0xa10 [ 775.739697][T23603] ? __vma_adjust+0x18ac/0x1a70 [ 775.744612][T23603] ? __rcu_read_unlock+0x5c/0x290 [ 775.749730][T23603] obj_cgroup_charge_pages+0xce/0x210 [ 775.755095][T23603] obj_cgroup_charge+0xe2/0x1b0 [ 775.759941][T23603] ? vm_area_dup+0x44/0x130 [ 775.764439][T23603] kmem_cache_alloc+0x96/0x320 [ 775.769268][T23603] vm_area_dup+0x44/0x130 [ 775.773625][T23603] ? __rcu_read_unlock+0x5c/0x290 [ 775.778670][T23603] ? avc_has_perm_noaudit+0x1c0/0x270 [ 775.784108][T23603] ? __this_cpu_preempt_check+0x18/0x20 [ 775.789654][T23603] __split_vma+0x82/0x320 [ 775.794036][T23603] split_vma+0x57/0x70 [ 775.798096][T23603] mprotect_fixup+0x45a/0x570 [ 775.802782][T23603] do_mprotect_pkey+0x516/0x6c0 [ 775.807652][T23603] __x64_sys_mprotect+0x44/0x50 [ 775.812554][T23603] do_syscall_64+0x44/0xa0 [ 775.816966][T23603] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 775.822854][T23603] RIP: 0033:0x7f2e21c2abf7 [ 775.827257][T23603] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 05:40:27 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = openat$cgroup_subtree(r2, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) r4 = getpid() r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r6) r7 = gettid() process_vm_writev(r7, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f000000a200)=[{{&(0x7f0000000380)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000400)="fa8d85e80d982464644c0392a3aa51eda97176a4820f54088c55db2ba1bce1726f863a16794e6e8a673fed1cf51964f9977391a54d076a33d8ce0def1172aad335ac1f0a31d93d0b8ef1118192cf3661f492f09a38dbe1b5a2b20e17bebe4b1997125da6ec49ef2ed02c6ffa778338a55c3033d6c85dd7230a581e8a9de7bf0c8c40be378623d55873a9060eb9d05a6672f0977a02cd8bec740fa4e540131aafac5e74567e9716b76005b2b93b04f8384746c070590086cdcdfec6292c4b6fc12749cef0e1ddd8463db25ec49300079ee6737ce943433f82fa02be3f1c594c71bf6ee372bdf94024c8b8781a89e1972a18f222365504ed5e7c5ec1e8a57caf09745d7f0ef7bfe418eaaf9ab9ca18f0009a3d40e3cd88da295c52342ee6f8b01a1fe1daa86e20370c5b2ad75dfcd14cbc20626f9d524073ad174594c2a851ddc9b92874c30a277014b90558d87930b50b0287119fa1784dfe83651aa2d35728a41b37c942a3c77091eac84cc68db6740e5182962a3cb8fa18f3f26bcc678c45edb65085ca62e85eb08971d022906bc0f21d96a6347b11b6349a9f2a19c563f42e9de9d7ef971caa01f979b7ae5cb853fa1dd0efc1d1d46a7d4754fc6773b2097759566ff2512054a9802641d00466c57d9f47c8c8f511b35ca92d3c8766a7a4527e0ad581ba3854234e6ba48bad9d2cc9abec8ae96c75564696853f0a8d22edddf345dd88ff1387398c9d2d23163bb314ac730fff3569a419e3211c34a1cb6354957f0e7d879d922797b35094dbce4f2504894a85c8c4a777d66b3933ebdc4f52c050247ad15757e92e6979d85afaa15ab35d4393752f0e824cd34480424659af9988701e37c5ddb24b87f8be4d2545d21591dc4b52f7d0fce7c5f4ed836e28e4958c990f79aa436257e10f60e6cb85dd6047f6d2d1cc1b367f9760e1943a3ff69f3da1d80db81c4525ab21bde8fcc5e8c08e8310cb78d24cb40890756ca7d2ea0c7b77db0ac0023aa9b64e73ebab5766a78c2d385029445f029eb0deb7c37251be5d7e4eebca6a2605b03bf557c10e16431585d84f4624c932f251e49fc84dd92820420980832db74b483f7a0e865b3523b3b5368985e1543753c7596f86fcda5d7b64f0dd0eafe2cb41e6b035a9694ac8126951c1c6208d2956f26ded283f0f93e7fc077f09e96f2f4f86c21583076844e387797fbeb5d348f0511f550a0415b7336c3b535a48f832e78d0f993247f4ecd96b3da712ee3a057fb6deb7fe4064b3f03a4a6c8a032b27be23f1becf2b48470429ec50ed575aa8eca4b8b2c4953e05d50b01f942e0d53cd76fda124a45417eb0dc42505bb7a0aa404df41510a0e0208ad127d73c0abc1500cf1d2ce1b5236da3a6b39405d9f62d1583b60030990eb72d578f20aed9cdd0d2c0404a78b690e86591fa5fa2fe04c630c901584bf0ab001a051cf4f9471e42eaa1ad9df2c26ba917e214ddea00740b48b0b22c18fdb48c93a50757dd2f617a7823cbc034039c2226435902906b580f08c84d57d9fbe8549d93238915e96ff9cee2a00b1af2ebfc1ed1687dd64f7ff56f5913e50260faad226c868d06f842717513685a081eb188c632a2a4f7732b1a4f1c2edafc86dd73fa56f2db3a3a86ed561492ad062344eefd75020e1301da9660f20fce0e22eb996b7ffb43a7d786c321c5ffb2531e489c4969813008c42da88057b2206cf9dfc9eecf14072e0d0227a3ff9a195ae2b572fcd5241ea739f1820aee528c55c54baf07b3205dd76730d83d756a82850df955adff295b3be5586531b4557a896f55ce893d9fb27ce724b0e7eeb1fd1e34b03a842ad195c746fb26d2600e546fddcfe620f2ecd4e025aa2b5abc9b5e847fa541b9cbf6309c3d31002b56db8f3385c2f9a1742f246db771094bfd200e65f03ffeda75e269aede1c624ab3816958f41a0b3f2751ecaa8d9ac834ea689a403783ae6358f50c6e5b2f9538cf83ee57e37c2cedb710b153da3f6d01ff51d844464eefdd4c17b8fcc763dde0c301baec16b62cea05f50bf783312a1c230792d57766cf21e4febaf97b1f7615401a09b669d67b0984bcdb7900f7143590f0e46761e6b8342c7727f6681382de81b6995abf96a5ac4741ae22d361b0a6fbac22b79e0c4fd9f3030db4320f1c7cf5282e17c413ce61aef96b3c112130d40cc79fc0caed06abcb8efb6a1d9165fedc03c19dfe543b0bab020d9f845cfbf5f08cef0a934b738cd387f1add653c0af10bcccf79236d29849eba409690d04c06ba15445c36e278b9bd4d222727ea2d24c566bfe11f05903f76adcb0cd210703f751742cc39d31ed53053ced1f98e278e7178198f5c416546bb0d33cd0d6a7b90490b7f2f405a27046baa11dace947354e572ad42d9bec8200d62da26bc032bf81ce1cacd712d4fd5382cb5a7778a18330090af2d024883ba77104b23bec95897e9b222867f29caeab28b44fa41b4731646aed6b44d5e00f2708b1617d556996702ebdbc9ead931baf5655b0fc69c2a3b5c9bb44a33777ced537abe43af531e27ba87c4d5f615c38e2df022f69baa187862c34999f94dcd5bfd3bc086c44356599f65ea4537151102fc9aa47910666e9487ce1b455435226ac315e59deaf9035199241daf1e8e3d2c1a4278962ce3fb916e62ac39b91f7642b4e51b947226591834a74a0af4b7484d48c3123acf3f467114cc052fbaabe24da28e561984bf39e13469b003d367de14a9b4c106ed001fe9594c33db4eda617a06a27588eb53444555cbd1a132b75626569840cbfcd0ae540ea2710c7e351fb4f3f2d58f53fad8beccb4942767e88e131b4e05fe1d024650d6df306a494df54be5d7b8e8e111c46823daf33ba34b22d26e00478c55a362c982a1bd372cb989910bb4ed8e12686e6aa489f32ab72585ccc90302704b10b72fc855ee523db6ae0f4be5802277ef031786b94957f58c9084de7ca241cee22b61b32501d3af81e9852ddeb7da841ad61966b3480c1a41d4629bae69069fb2b865e48a906edc04992cc2ce038aa92a34b81b6a7f5b1a13dc3f226b86e4bad21419445e873f4ea571f86e22bb680a8e9e4f40056549d6e3692acccd6bcb558fa035adf3e2e360fcec6cceea5b61e73916d9fe9d987abdc7941eb728d99d73188819bc15ace0b6c2e6dcc411a512dc6d10236b516ebaef9d1a4018b2d4df1d8b795a26d633e068cd3f39204f0b135898929f5c45fe70b4704260e5f7a2877d6476a9ead11ddcfa6b6b20354837039f819b7fbb4d7f2e646c9ec1cdb15c55182aab7efb43b6f5734ad00cdd1426b13993b890d1fadc6d7c08a1608a80dfd1e6eaf559c65d6d96a6067f110fe494779858593e5d9eeeecbce13cdeea88de8e76ae4632b52b0d7b73973f27ed59e21869adda72eda9509684af82b71ce5c4af34c1a2a78b54f47898d77fc96af2f25b38012ba37f3e93be445fb87e9312abcbde6923261d6b5ac97f095e3c30a25b46b458e13969cb92f1619e1906bf37808855e2da854caad7519a341a4903d2bd5bc3cc20bcc0f61091a7ff103f9fe65c745212ee24ef70712956d1eabcce7edc598e477cadb3d6da074846e1d8fdf155f8236881ebdb80214d5b15ea49135b809deac1b9dc75bc7240845081c1c8860423d44de5aa223c59fd63742182c49340b05ff0e968238f7b1eee016deb5ae30243c38fe48f70125515ab614497484369c0e3ab531924c99910d1c8d8ed115770fa2b0b21dbe00ad60ba646723883d806f0f6e518fabca855c4a10954082affca3d2920cd92c8dbfb9e5d22aeceacad183c9e37e93950d4bcf9f5396c4e461d34b14d5372eec8810243303de4e64d5aed2fe6a48289d96567751b437be9da99b8eaf97ccec5c40a3a7ef60abadbc4c2c239a29a9ae5efbbf5f16566734ca48ab7682dd7e5751b48256f4719f78e625b4e56f2f0622e3a54ba481ccffca77a2a3a31d92e8d2aa196ba3b0434b3b0c359634d213a42708973faef04ef34a161ecf8f3a662eb65f212ad39137b2d55e37da8d090e46140fb90e7498a7dc43a4599725e3bc94b003e677fd3ec1d4a9e3a65f66aec662f30c56e930995fdd23a9eeadae7256a554dea3296937c4cf91e25485b107bb68add295f393a7845083ff9e02d2f2ba254044e63add90f7116311c51a103c0d1c1af9da53967a70e93395f7c7eff278391bf96ce7b5300644a6c22ea84dd099691c07db77dcf247d1cdf6f2bd963de3cd747b4e6e0eb0c4a7b5943cca21298c3efac6f24a0bf1e88c1d7c19971f6fb5532264ad4249ec8d52fee3f96e5ef69597b64a3af0679ceff888a910e271cc016167f89951e39516afc3d49d570fe9aba67f6e644882bd92d4b62e843d1b92ffbbf8f1b60c585132f2838741f48bccfd72fac5c12b4453823bacd4c3fe1faf37f1950c17cca3e1b653a92b921e2f0a5b8770ee7086eb81acdf6388f905e29d36e51fac0f6bbee2f7036e5961f88b5b8df36cafa6c832ae40e0ec194297c3f5e5160ad19735c9caea9d7ccd34aa07d10050a8793b9829bda7d6c61141ea57483b55131c1e2bae4d8fb95db8cb93d62aa8aacb6892fdf5d2bd9515bc3a3d4afd82b6271db43c31405a6b5a0a7762cd048e73793e00aab81e46042a6491df9db336666b8785ab2fde1bd476e84d9d6003ee48e82faf7de29d8252375fb64482342dc3843e5a5f246a7a3d5d5d58e3e1dc142afffe4e11a298ccd54d6d6f2c07a6b59702bf120b38e2694091035ba7d8443cae19f3b11523aeb966bdcc33b877694b54c3af481720b6f3fa21d288a96e4eb55ad53a58bc4e6fe180cb4ccf353bc2f32d32895a14362fcde7eb981e2dd7f5415dedb7ebbd5c0dd5421a8d28f132f28943528eda7a596960163e24f3d0a0d23cfa26c4df0bcd70a72e41d5645a8ec466b1548ef039d7eb9150ba6c71a7981daa2f626a054fc50d2ab2624c657a052ccffc896e92fb35b9a24f776a41eb4406653088bd1048e3b591de6af80c49558729cfb76079dd3ab030a915f07fa11caacf515f45da1c259fc74f696daf3c8fd83c0a41551665ade8e12915650703151b9d4aca5fb537526b3b4734501bee20c4a988a54d6c5cc26740826a8a38915594e5af5ef4091dfc206e86bcaa9a7b178d985e12c736fb02b101b749b63a91af0c00019efe9fafb40faf7ba432b4fa756fb01d526e8c3c51641fa45568a3de1ee768729b96d2dcd1c904831670d63ac0d7b1394fa4c3440f8e0059ca5c81b4be2f64830913ba1fcddca50dea0222137fd8c3d2073d9083ec84c45059d4f49464e94bd69fc515dcbb83caf5d8b3725344ce02cadc71d5c331bc11990bc444f1d593203cac3037c4aa769a8e68ba0104e12a1d700120f2d913cd520dab9fa3141b56d8d248f3f8a29be286f6bb57dad6ea5800e36d7e71896ab45925073500866638830872d4520b376b7df7e54fa2520097d2c5677f9be777acd69551abb3e9f2af3723c7a6f7247b086c6ae7fb6ad5458cfa5136e3a039fb18f5e56f0947fa7f06d5808dc244189884033916fffbbcc6ddcf853ff95dc31a2f4d0dd9fc1596d68a99af1ba17f2fd41e3a6d11c595aa85d47f6b31aea10bbf3a0995867218ae7ffc85cb2d01bae6f3c8f4bd26fd14f81d09842732512bdad5c0d7c7df72ab91623432990c5ff9def3ce058f9c280a305658167d5ff9d94b0b886bb68ef7e04a49862cf081c72f32d107fe2b2634b577e35ed673cb86aa912e0b8cd9b25b8aa2d71d244334e12bc04abafb94e310f931d881072c60382ccf8d2c32", 0x1000}, {&(0x7f0000000280)="ff73f49587624d73ce36969467bb716daf06b236340c7705d087c5d9baf561263ae75966c75b8277c77f9c088a", 0x2d}, {&(0x7f0000001400)="f508711b7fef83418432d5abb2825a679d877f15de5a971100c6d9c3675f521e45d7d2bc1017d5a427f20179ae189e1e0210d863279ae5f530af2e5676815df5ea365a80133ffc87fe419714a1a4f84a57eb3e6b83dd603bcb9e2b2ec1c53f20ee303b175a989364fcbc97f47f3d74608ec4041e0a2225d201dfea843c7bf9946d200012518408999b4b4313725bf840072917bfcab21432d5aa14100c82276432a121fbbf7c94450c3fc0d161c887a8e974a647e2e08686a5786dd41876dbd56f097a9bef2b80c56418440f0a5469d8a45d1a2458a6f17514e85358220bf4d5814441f65f63d4233700f3a72e737fb65e8599d273e13caeca7afd5f6822af632b1b1176d6c97b7451da4cef1636e03173115e4aedc7e27ce31f145ba26ed9353e88df80f84bd9099a6a7b32e96f9453a4ac1055c483eb28af5f5d7f719368417003a8ab288f1980dca85c05ecc82d11dfdce692a3dbe6f4ac7a4a037f88a0621f9c7739bcb9c00174c7b6211330ce871a6d371198e75ad77c94419b2d963c701d54a1d3a34a1c82951c0e389116780f2a43aa9ac26d2688c870697d8084208eea8cfd962bfc60b53d94e51ea592f53f13b19da7c6ed7d4e2cff07b58e87c69ca0077d2b6e1532b2617b38459bf8e98666d13eac34fc8b7aa457e64a9ea77d7408fab631a2b89fcbc12070bf0eb002d51fcbca6ee6e12b04550808f2d254a8352d42e370463f67e63ff9858a381b7e3905023936b90baaa7349b954883fa46d9634c9366774e000f4c714c469c059bd9a8321d66e245bea74030ffe2ed5adc445957e344623b89bcb074391774d3baa229c9697006ab06e1ff78b1e7477b27221a50f86582271c6b268125fc85daf03ee99fb1559454cbc0c74e8a1e80654f145fed2947296e8c82ca7e0eefb3ccb43f80f6b8c96e883f4d32c47385b9ef0b624585c4bedabef524ca5f850b2278ce777929f880738b382c5369c3a7e3e5b3e3704fc8f83f59517a0bc4f387f302e85460a525884e94e734924b0075c1948c57a767e390303c9527c5e76a59a597e7849d1fba80e3b6ea7576d6307c423514347641c689ea7b27384316d969bb5afc91a9d489c650ccc50d5eadcd9e0114f0ed437f9d29623ad10fbf79aa9f9cedd2ea377e70eb0c69c314f7a0c96e5190db1d1dea287dcab768f5a733d82d566d113bc9f32a56269ee95337add4a23a2437e6be3b3f403a811f58bc4c68c71d28ad9b34799ae52d64a3008a3addc86b5f102ec6c81fa9a16d5d652b4380738d14b8f4c06f43eecb15963be227fd80831b0d244229a1e15887091bf68fca5f4ee701ea3e2c176799c0b2a19e14630494c3dbee13f163b53a348dacf30a8ad6d8b26dce51a76061e09a31ce0f4c5f211d307205a90279c9d36a177d51a183928b39a3b69b5201a6fd57c45e982f65ebdec525d2109bb6e57d436c280a5cf4d60f387528e613e88c7768c954374bcb67f081f69d9827fff8db837f268897f26896ea9a57bf812bd225eeb57567a6c349471961dae5edaf13a3ac3485356760d81f5465fbe8e7590f5ff6bbbefdaf25ab81fea23e7ead6370958d84284cbd380dbdb85d3ce9f871f94be42954f45194ebc1640110e7c7df11332d73ef71d7817ace0739b961e32f01ef60159d962a266ece6a58124ba3b4a52954d146b01c3e72533ebe37eeac9aa78c5f690994a77611db760a1b3b36929a8eb52cd923c411e9df8401c48dc547f70906f555fa7e280a3b27c6ccbc7bef8acf6c1dfb4c1e3c13eed16ff3fc62cbe75212b84a42c4273d82969ce93c5f10dc64f27b8ebe1d3a8864ad3d9ffb081c2971b570c091cd03d8bbc21ce577af0b27e5c8e2d4182bd3be6ad9d65643beaf4d8cc3b71172880cb4fd234242bea3115c0ebb157a5dd20068e12e9dfefa9f6e92ca8e21aa5b66e4a30d3489dc3cae71448a862effd4d719e1057e8f4c130873b43d5a9be3d61a5b3921aea6a1bc8721d4341cf4e9ce9ff131d8934f398e57b2eb7af7426a903b46d30aa92456a38a61fab95856bdd16f577cdbe0a6220576fada4413a808f485be78968a257d722eecd429acb72556fc6e943a88113e94d61cbffe32b5b613008c7c49efb3c78dac6fe865666c20987bf1b61ff41c873b0069ba9f65a700224a9ec02ffcf6b21d9d44246f5c2eaed90c2475248381db1553c7a99d17941aa32122cf4c3f9b51905fbd575efe6263ca1ca3dc8a28916d8cd710ebc21796f221784df0eeddde8058bc8883b8a44108b2f61b97eda0d9dd94c0490eb3d31aadaac3bdde2e0701ae9ab085ebd636b62b06503cf3db835c6fef243ae8ac54db664a9f3e0a62fc1c287312004f37bc81237ac882f224bc056622e85947c2e9925b8f91e9384b3a6e35273e6b5697af7c77d2f013652770a50d3dfd99c0f07516546cf71ad97a7e1e24cf68e69068c93cf4c52c927c31f4c70e75e32837b95201ac76ebe830f93c99f80573e850ec7222278e957a5a8482a814abbdae5f497a04034abee9c0207807672af0a5930f70ac581c61bcf2feee33e55eb745d183d866c356501effec2e9ebd12a7ed565fc9f0b7deb50a01534d042816d756c75d53535de1f226df0350f54de87b61df57df12e3105e8c3bc25ed1dbe324a4da9671ee83cdd9339d2e898a153ca59dae012f62d8cbe54c218b6ba6fdb7b6d9f6a046f648f90a28f7b6f768d31efb4c20b18f29f3911e5ea9e339535fe623608d13efcef3ac877c7f1566ffc40934456803d864f02d8ffaca67e93868d496d035e5b859d8ddb6932199b04ce2bbae4124471f74eb2b85d820580aca312c421d24eb03ac120e2165b42ad895849697b85c54ad3bcf4b681cc1c448752850b85e63482fddb262d4688504a8d84c9e0cb768b79f37d572a23bc4a0c79a0cde25caeaa7b779a0dddbda527d246ba5134a8b6f7d3bfebcc0c4e55888fe6c32932e67ec88158004b76b3153f1061591d586bfbc2eca73ecd8d3a846d41fd7304d52360145ffdf352dae1ebc37b910ee7827481337c41fc790f24f5820b0649f69034f3ac5954906f9edb4986126bc375c750d37f502aac1649ce6b2204765f5ab2fe70e3848814a6cde0f4d86c2b9ac1b6ea7183154f880e9c71f6a20ef4393855242f83c1d860eb3eb6d28d26897d3185a81a76b9be460281aaa6fa4f5203c06f697ed782285bf8b6a8f3b1c74323e442d9255e16c2627db91138a712f3eb76cf0df7b45e709cb6134a067fb327d9d66bb0ff612c5a7afa2753a8ff6aab5164938cda8ddcef3a4cc8d7bb543bfeb6975c5b532b3e3ac3fcc70570b474432e1893c8244c27ee774a7a9f5de9421f772a57b7f545eaa3c0e9932c6b6d6991bc04f84e5093732cdbeabc194c9bedb870221f3e64671f157fb96e9a01daa6a9e6fa5bef8cceb9d887618aff23c87be6d7647575aae03b64c28bb04ef08e6654fd30eb33c6b8b495f8bb48a7cea0315954e710d0e3fed4b2b91a9f91ad1ab579d9cd0bf493d8920d7c65a1d644df4aa058039220044289ef551f4000df99479664f89f25122ee62e4dd6b511160670dc93e385317487da11617dde913737470d31962a4bba544af60d3ae581029f070f447ebb159e253a9d7375b5cff0851349b523336f1f4af6c9e85663697d440428c71c58a5c14c851b91e2aa5aed3c00df118ac93e9a0355ff6ba60322581e4dcc9c9794198d7f2fe4e33ddc46ab9270a4a472b04dec7833c5c9ee302b7cb5eaee6b9cd06ec9da86f084060e686359159e86627ebdd8dfdeb9135d7703c1d42160fb2ba312d7608ea5a493bfd077a3af3f001a5ae44e2c384ba0494ed58e00efbf72459ce6f6a35ff35385f5dd1500adb46e2a0a80e543fcd805840c8b5518bbc4616c419d38102a9e768b8aa7684fe594a6f84885cc6d972a5ef3fa9996e1f51b0c2c4972a46259823487a510431a8cc03746d20614f90ffec82f5ec379a352e1cef8809bdecf93d304a9acdc230193404799a2eaa95ffdab88b22c884d171e807b4adb5de5d9093cdc79f10a53cca607f93685c78d5364d114489bae0cb48f24c36453ee8ca0c5c86d14c74bc96b1229435b958bcddbefbc9b0677d2c66eca5a8b0033afaf18d2aebff141e92ae7514c42ff29aafc96b9b13d5cddc9cc9f47dc25d2bdd1e9070aa2a5ea52e7c836274f899ee3c75f0f5f05f01f230dc9c9c3166967c2503a38dff9254365aa32e7a2abb46a83ed7a69d02bde1f9f3268f2b92de67d686ee804597c91742e0e660bb2a2cebd4bde6bf1e8a1f0017aae6fd426cd091c7de36607c269b60f42fb17fd46e24be760102b6908524d7d3f63c07473d1a74817c5f4f9abb90967c0fbee2f2d2cbedafd147470dd1038a67ff1bb7db1eb43d9b9b72d234f52cad8c2fc2194ad73891a7fed8ccbf74713818b1710c49939fb7e67fa4f6774c64ef2e9d2d553b1b0bafda00e42c796d2f35295c9ead07a56a80e7123b10879632250c66857d9b88f8dbe7f52fa95d2bb05236abf2d2f001868aba4fae771b25ba3d7a7cb05cd7e6956ff0147d54f067648b91caaf60602b3e72db871467ee43233cc65cea04a7e679919b5bed86dfea9e7656ee2601dd60e3884d94dc7f15a6431ec88029b7e813f80553b314ec6bd7cca0887ffe2876cbdce61c0233eea978d35afd1e2520f1336d75400bc0fae4372a2f4d4c10c07acc937e8de56c37b5c5bd8334a44646e38d20bb1c8fd09e1d1b14d15e31614a9f38e88f06825349f0f439bb35dd831a10258e38c5f8614c44d9e46b56259ee16afb99fc28d244fd64e3bdec891ce319d94c070dd748cf35f563cf5adc65376283570b94b998eddd69a9b7ca03ec8db7e10b1f04af91a83aea402154ee9037f666a33ca591c552c03d2af24f62dbe7bc337094eee63324e5c52c6a44f85b47f84f241cdbaed9df8ab17738b1004e616083f461f7cb9865d263b8f38ab9f2c3d7aa4f977ccc964c7ab1cbeab295e89c9b16a290d623fd5e471b297b10fb644a1d34ab7123e372448596963672ce0403619d6f65cb2392f228de087ac58bdabbc15257caea9b44af4ef9778b618af07b8aea36133bbc658c0a3a72a7b7775b3472d8c1f4f6420b101535e63257b244911d74cb24bd4cec4171d310f550661bdac686e0b75516fc58de72df39d89b08a473508eba10fe2b88d48288bb90e3c5242a56f4c1898937986af185f94c6a9b4829354f45ba6600dffaaf6d341ec91ea369d69549ba9f2263dc2f16edad84b0aa82ce9e34e4a369911135af620b00d4e83150d2287b6e8b299b32291c98e125b082145bd3f7dc920558f7e0ac620d9ffc6806ed75480a06a8ec6995dd00f13f6f5e5fa22b7e71fc3faaa6611d205e87bb8d9d9c2c4b25d174796dd667f58dabc12104ca1a623861c634ecfb22c83c7e65638ddbe1405237fae16c0244412275df62a8cbe9654588ca8e3898ede250b0f258ebcebf60d099e5a2b07d916f37a0131c86d1c748aa56f77bed0287bbd7b06c08e851b241c080dbeaeaa76bf36f8b3cccfaf356f861d7f63d159d0f8725abc91e3fe30c47f66a633d9a400cf0342a0c07b776afde195ad6b5860657587dcce5e8621ddf4b3cb949d0efe92869fc4c38b38e64ce0eb3016ea8b6148244d22391147d679b5db6e867f6f5f29bec27e3edc17e58dfffc43ec11eff0284f8fd188834da1fef8c8fca706f02afabb04f9b56dd7325f124d9b240932c8aeacb912936d6029c47bc43c4bc7dd598b180fb4644eefd328b137e4ab639a6d71a5f50d4a4114520a5c8", 0x1000}, {&(0x7f0000002400)="77ac25ac22169edfe858eed2acd8b80a5d9a5f8dfe33e64d89b13f48b6fb92027c59224b83cbed4c08fb7ba5e25d2ee000cc2b8e8cd481be48c8f7f4aabaefdb8d12237455c0da120a774d1dd6d3b3a8baf3656df6cd2b4c8e23c5ddf13c1025f0b4a1ff9977a036b454521fc9ac82749eb042f7834b699ce4c8ac6df2e929700c9cb95d099c0fe959b486db2c387e2b1de1e53a8e85d713bf9446b9e50b0cdfe188efec1d4c7697e1a237789a893ebdea7eb0827eb24c0e43b540e169375ca8b2a4f94eef934642bd831fd9558d6fc51fdd37cd74cef3042c73bde091463d8e70aa1a386f7b3bab04743681", 0xec}], 0x4, 0x0, 0x0, 0x48840}}, {{0xfffffffffffffffc, 0x0, &(0x7f0000002700)=[{&(0x7f0000002500)="1917825b4170e3585988b9c11306e5d6cd36dcb280a473f378607e3da345ac2bdcbdbab23b3ca8de7642a90a867be9a527c6cbb3d2a84ed734201b3896a3c213e3592d0b8124c88834ebb1d3253d9fe5598e700dce9414bc37a6906cac8df5590d2a2379079e5e88a2834f4a", 0x6c}, {&(0x7f0000002580)="8313b3ef629125241b41b12f245f8522b690f41749e0a55d0e237434b90918d1ab", 0x21}, {&(0x7f00000025c0)="ac136915c54cd8aa1ac1a30db2ea3e1abc0149f47f977612c91595d7c5af7f6e04ec7b582a8aa0b7a8bf54c5ba651efac30d122eb8fb51ccbb792ea4db626b160ed73fb50805a1cac107a7939142cb9392b5e544842c5e0b930d4f296c109437d38dcbcbe3c925cb9541a6f6eda025723760c6e5ebe8bb6e150e3431d75ba6a74ccbb173930309d75518f07a0bc7f1108ff314d1fede44f1a8747a", 0x9b}, {&(0x7f0000002680)="99017e6eb911418ff63eef4f74791b303a45156a0b4e26f29371efdca7e8e2b9ac9545f8f9d0ed3457024fb20e968eb8056628182c2f744935da76b9363f34a2c326b57c83f880d3254e3d9672f49c28f5111e4392f250aace86b1e2a84e1aab3aaf06256eb7818279340fcc138f1fc83c9b4e", 0x73}], 0x4, &(0x7f0000002740)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00, 0xffffffffffffffff}}}, @rights={{0x24, 0x1, 0x1, [r1, 0xffffffffffffffff, r0, r2, 0xffffffffffffffff]}}], 0x48, 0x4000}}, {{0x0, 0x48, &(0x7f0000002980)=[{&(0x7f00000027c0)="ff19a53693a27c533126a7d5aa1118261637c8bcaf1bd1657550cdd214214b9cb6e2bc9ac540f0a439b26139a6939558603d935f962438058c9f5992692e0ce4b9fffab7979985517787bddd0c5397933512f10804dc0b38a22946f15b38f554e439f55ad9c655531fce250e5bd0234aeb6c061ab423120774a3bf247b4082b2fa0104c6f10ddd69437e582ab017e0", 0x8f}, {&(0x7f0000002880)="403376b9e2fdc134a7fb854dcbb85921ab530e50f35d3dd1abbd788854061e866e749239e63558761d1091749fb1716a90cf19b7c9ca8ade2b1d2d69a91ad7b15562e827a115f6b568ae051105dd14ec17da90892d85730f5ae4a597652720b1268e82f61d6ae55ef55501017233d5f816f70dd908b45c189e5dc5e27fac22326f67d4e5aa3fa631a0bfbbf3b8682d72f73a1b0852283cfe670e7d5af0c82a289eab98290ce2b3712e2e42787acc4d5b16184fd54e0e213febc66d084bab70c0762aa923dbb4c46968840d8b8292993827f72dd4687af3d71adaa3cfdce0f60d6c2330b1cad59106dc83eb67ed2c6b7a", 0xf0}], 0x2, &(0x7f00000029c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18, 0x20000000}}, {{&(0x7f0000002a00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002b00)=[{&(0x7f0000002a80)="40c89bfe597d87b41dbc58f574bcb52d9ca32251cf5eb9f6c41d749b9f859bb6835c6dc7087a697a2dd73ca27b1a9d87ce5b68ac77c999bd0733ff84462148a606c0ab1f6ffc79d78b8c0bb24d21bc0328e1f7c69f12c176822c88840298503f949826457d007ec66633d5f291f6e25559", 0x71}], 0x1, &(0x7f0000008100)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [r3, 0xffffffffffffffff, r1, r1, r3]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r2, r2]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @rights={{0x2c, 0x1, 0x1, [r1, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1, r2, r1]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee01}}}], 0xf8, 0x810}}, {{&(0x7f0000008200)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000008380)=[{&(0x7f0000008280)="dbae1107ad9b1c9c8f23787bbcdb880851fcea2fe95a3bfab692c592f608d6582c43c6a1891b9b59dd894e726b0b088dc3109b260128d0fe9b03d542585373f030a1bd64f7acedb22416dc307995590cfc08d0f5d2d0c89ad0079883ac6f24ca462a3d3030bc5f651a3fc5b8780c982370fd86379bafbc479a9aa9d534391d4585e011f6fbe4e7044a57857560029fbb0c5f39511431ba485217c0cb1ef7e5710701d93fe6599a76c241c784930e44583a70edcbb142590aca6cf0b429e936e7bf3a87d468", 0xc5}], 0x1, &(0x7f0000002b40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000010000000100000051f2275b4d0a1390ed3a50d5a4825dbfb286dedcb0bb170b7fc30b1d7c78f881ff96a8eb465b499d3464b529da04eb42ae348cd634e78d9978af7fe8c4bf26be03c466887f52682d6d79f980e864c05702be20272928681d912c1fa84b05f260c26aa4e73998a8960916062d7f8bd293444b8cf4e1c8d3029902f2b3bd4b774718c36b85f3243b6a7a6d007ad0dfcd42bcb22079ae2c9eff72ff618b4b40e3354c74c307199745cb4cf19f32a344760564cd6ce42cbfee173a2521af03a98755aea4b42c0c70bfd5308ae2ea8e84a3cbe00d4e82d9ab0a18b54f6f4c6cb11cff162c9784df5dffad444bb2f0c27995eb6dba7cd05736764a7295c3", @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xc0, 0x80}}, {{&(0x7f00000089c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000009a40)=[{&(0x7f0000008a40)="aa16b7b2c38179271586825e04d9c76344d4122dc7e711c76ce54e95177575b4d8783c1f3e0155e989282516ba67463a05b80d94a18c24ca18af5b8625b630e36b11bab70aad36af053c95181447ad7b8519544bd5605b49b6a869ecd9537222234e0f57fdcd692bc8107945d3cf0af769fe805a57056e3e2704b54433dc72950345a1cdc5083157e398c233804287450df0fd8b958dca42f621d0b3fa9059a662526e803d131d4e91fd0185b27a02de83e11e4c6f82f8c9c0361b9b7abc253a5337ec7621cd5ae55538ab013140947a627194091184da267c5d88795b201c2f9f0563da68ad4280b256ba78763de52044973807edded8ade27c28a24fe8b3b42837b5f4c136018b8cc25983c288c89eaca53ff12284d782c188169c3279a10da5d67e51e163f383b858a0f430852937730ced2a2f1ae3abc626632ac7ceb21dfea7b4cd447a6e469cd1e90c3df1c1835be5d654d14666ffa6b81fe75191a3f6b0299a0c9bca3ce89b25c9d0dfd40e94f9f190b6c14fbc56a44a0b7db9914ac698da5d6ff0f7108a6546f2e933ec3d603898f29d0536a596804528a3699c37ab88fd199bc91eb041bae9c01012894890c9e582606e2e0a217d8296f39c433ed2eeb8f14b00c0a2f97fbfd840afad808179340af84f236c984a4cbbee8b646341769772fcdcafb523302327bebb356cfb82e89879f27a0222aeeaa2bb0d1c4165da5bda02c44915d8742eb29cb22e4d15d5d37f0fada6e520a5f157bbc38b3684bfee86be9784d2d4d0a1c6e797b6642098ba6a5ebd02a3b2e6a791b9e95383946782fe6c317ea85d85c2be64be67197f0090fed0ef4618af0409bd696f22626c9913989ad64b6e7b86281723c119f5e7cac25761f3ad91a9cee9bbe1465489e70d3610ceb81638457fca61c6e4ffcb507fa56ffffb15c12939c1cd18a064cfa872f250fc4a3be5abd2165e3cea1718bdc5dc48effc246766ea24d5996384ab6cdfd93c802dd859d331f6c76ac2a73aa8d16e1249506efecafe34030b1d224284c61b02cf00817a50300c7f3c3112a9703273220789a7f1ac4501d6224f14dccf4ef169d68c10c9941faf6f553610fac446f9a84985bd12d60e90c92d59d869a04dc24aa1dd088c3a5950f388fb580599f653f7984371ab4f32581b2108b3e50325fc94d30b00825508a12008f6cf73c72b9f89eb4a092b8adaae640e4c711c42b6b585bf06f1d2a4725d8d7ff238c00f11d804ba1fadcd30049cc5499c62279bbe491438c5e73149016fdeec676f8cfdf3fa6040e89bc2fe6be3f42894961dcaf73372b47a6a5b5efa23ce0a0a61e72b8e48472143b03b8b64f1fdafce8e0dc8e660e9e4b9390d028cb4f5b46d7219a55e708ffecfe92ffd1e3d7480fb0d6dd2832fde034061f86410f01e37f85b837a1cb8b80806a617fb9559b0e9d869be326d4c0feb2539e8ac950511e8ab97a5a5b5d152d80497314616b6a30c9974e3e87c3844a90a28b69295e6d079dad959e2d458bb99c449a0d686143f7fec5f997b306850d347f995dc735a16d65774af68ecbe75874e0e223040ab5c2e2437354e2305a24e3460e1a0b88d4b173c9987f21636c53366eb117796c919510a28bc80fd98979b3ff2829dd1ca845c000083bf5528a7d23b699917f19328c73fea03f37ff16692be91f948c12a47b290ae161e5bf50362fa92195f68b78d3e2d6ccd803e26e31d6cb12cc1b47c14bfc9c476d88b3ec2dc914ae2dbeb47953b09f65926db6e3f4815072faec87f035880c75dec78f22eda18028a3226de08bf9bc703f56d6cb50244eb52ea11f3959a00f126840eb63b0c108ca0d3d06a9e756d5704857ef2517fb05d6a633dde2066b3d31db5578f81951808f2b4c799f2ee9c1d5d1ffdd728bb1b3f99d1e30650719196d0ccef5370d97b39a5dadd497d65eb3343fd5a5594029717a242e0b001923f1efc7c47cc4f270b4736f03082baa5f0a53ad5b560d7a23bf2256ac8895215a90fc1b2d4f430db0dea41b5f6ecec8d10e504a8bceafbb2d2bebfa2b9119c1e97b2b22f9209ddb19bea1bd4f626389324adf0cdd4e0b40a54cd368bbdf5368076ed7bdf5942e102ca39e1315e79c6b122f05f34219f7788c4c294e44ac933fcab96f34c203caf27e3d7069b91bca897ef9e915420eba6a84473608456f4e9122082f2923eb48ef8b37f77b7dc0ea364290eb90de5f89af5451d8f2c87c51f0be786fc62f50ef02169e05b89a0b15e1b7420a6a0e43592c2f6106d03a5e6d0ea491f977ad8b5df2e62323a2e2a94ef29da50c83e18ff3f951264e63adfef3229fd90d8f9cfac2e9899c85eb8f884bc9a07230778b48c75594fc2daccd701fc957e49870e2d70fa9cecdcc9ac7f08083e74438bf21b24c877d4a2c7b40f0dc34302c04ef16631714ac1f5efff4e153fc156cd01d534345811127d8ad461423d742dac9f06049a141bf56544cd55d64740a9326e7977f1de21f44dd7b3fbe3d6c6b1a5b0b45dc972b2f15eda8577739173e7af89733e87ce6db9dd1fc7c5d86f394506bcec4a234da13a5ed3c83ce432167fee0330b821d1faaadf412c33f1ce6c289fe7454ba7d52c3f28f97a731d01290241add8d134560529988e2308a30adfe3d10d1f93130fabc4814393e1aea56bb24d1505e78db82319b41d4b22c02eef1a00d5d7f4540c4f22b237b6a57e64a080021557eb212cdff6042c9b9718ea6f6e25d85e0836218d624277a166c9ef98b2dc6985e6552c15db85adadb2d0799ad5440f7b458bfd44b17a7da5fe8c73ae7746bea847fa3308626337cfaf4fa87fdf524949a2835c6358496ebb571ce72e1967825466db3d4f0e1bd00d57a7ebf0506be5426da7ccec0c3602ce9fe871e7acb64d6c9e587c4471b00193971492292699de1c7d1b386a58d4b116eefd6c94e636d491cdfe2da16e71e990be7264a904fbcd5c739a249c348c10a0a5f9a2f05d87d408e5c23099efd40c4444a71aacbff68ecd14805c39dc303320e0b13bfa7d74262d0a39bc541f25069a88cac0c6eea5df53b975866ba2916bf959c52558fdd40ebbd08f49526db1dfbe7cc5894c277d640b65db4295bf518dcc4df6345e9015c5bd939bf8189ecf451c8836b439b84a57413ac5848f4715b4d841a1fa53eb9e82287a842110a897b45c9431b5703e503f8d557593cdd1c01b30546beaafa2e7cbfdd517dcab26321545bc53b26577a176afc56177292cd7c8501560e65f34db5d0166361fa08fd3eb12db622b73a7faa7b49d0fa33d3a60b050a9d7d5e9f6276f1251d52d4ae7e2a912582b719941863cd82be11a2307b33f3f6605b30ddc7274444d52bb19e90c3f0c847cc054950d3c31d1577521f8ca5a84b8d61a015b4969cc54e2ee1516fcf8f9f950ea80003a61705157dbf6b2f2ee427ebbe040b4f1d698758b70304be4bd9fea27324df7e41a5962a5bb897a672c52db7def8c8dd4553640bbe06c2e4e75966f57d517309d3458d1a346bd9ae26326ca2ea26786cd4f3fcff3e89e446460d79970911554c176777c86d443c3e04e5adbf9d1367254a72aae815489d1fd5cb3493edb58d57b45d434f6a53eed9dd47b0facec6542e1265c05f27652afd9857a208efbbba34356a38c647ad11b0c78ea9e4e10a3b966a3eeafd11805a071305f9f5156b53c3f701196ad398693559e012f3f598b01c3daa3b46831283fd8c196e651f60378c1b5e2ec1a3ec74fecdadef4f5646c0ae379da8a4d9ce6d2f95ef1984a00409b3965e7e88d4c46eac812e6f666e5d0b6d4cb2e6f7ff94a689c82acb5e264e43b824e4a339928a4bd5c8463998c188fd5cbedff1c933eab5d87ab71faf52aae821ca16ab69df5bd9c626e5647ab51538c57cb3e928df766e3a07cecf18bf4900c662109b4565e8b2fb05eba9dbec88fea627c4606c6d941f5a29eca206546f8b3d7600c05f11713db5fc9a9a97d9d6b6d9a38d86f2c0f440e33b95db2c4e5a4b0992261228981be6763b2c61c1be2e759266cd128ad752368d0690d1b54bf4ff3f8f3f863429fe9c6bca284cb8a01f89c083d452973595fb8a99b5a55e1a5d12c7773a0042b915d000728d6f7ccb12adfd6c21b180cbbcd9b3afeb64120680c67b29817ea2d8bd646824a07c86e33f6680a4cb7bc15d8342994da6a1267002656f3adf61089a301fea7dbe9b268f04057afc79c9ceeb212b0fc6908df59e0ae9c11fcbf5791b53775b70b634815f786f8ece8f64da5b30cb9945b68a6312c528dedc71d966d84a958d1e3faa7d2cba982e3fe96952587aa70ec4f48e2cf0bc07304bcdfebc24f53a821f57a480ff1d4cd090da0c8e65d466151f539017e95ce09a1f30a7cb6eaa926725a848b552b6c72ffd8f2540a27c523c83b4b37ad3036a8d09de858fcf13803b62a4407ed8b32a39a22a17ab7cc70e7226febc2a6e2d673e1dc713ccfb247fc8d25aa074146e7b253d378927a7e403785814965f288556d367a4f8093ddd6da13249d0552c321720aa047e802322b4876e2ea591e237036d81ce264f59b6b8ac7950aaa6bf301ea3196615e42b2e2d9bf3ec13ba86c69020c92b4b6dbb602fe8bdb5efe44c6eb9115ec870df3788831d3a9a4ae485692c05dd4d1839aec9dd4cc7a51ce8b02e227581c379d8fb8ec45db7e98dd0cb6062cd02d3130bdc94407f450e8d4fa5ee08c6104d9722a6dadda5493f07072be74f06e73c43dbda3faa8d0a73ce452d12125d4df8597741ccd49a25e4b1080e638d293098d48b39657758182d809ff3c1a992516a3af313ee6daa2814ba94de63f0904a7289292cba8cfb0cc186860115071acba4c9e4c13c07ab6ead76fede6f681d5b4f5021339e6a4ea4c9d6447d9e27bda07a2fcf5b645a6432140f2c4a1b71a6503048a87ecf8e7eafaae745b17bf78731e4656be5454152622eaeb4f3d1f785dd29b8df0a0b2e90295358eecd24c3fc528abc071a8523dfc421d7e67502d9d2a2cd7b498cabe0a7bda7112e23ebf9d0c1490e75bce1532af368cb9ceb259d6d44f2dc14090b69421c43001cd4d0eb6f36cca20e3cf7a4070fd2f42b5a8fbf289215b6b2861e264e6b8db0568f9b661d965c069f0c95d8e04384d6e10a45f0fedf275f31b1d759e2d9d061ddb2a681bd12a9eb3cf5d0644c4c964a715c0b01f56040265fe84e707cf1dc95a9b21b34817a46f0ef0d82cf9c5eacd97fe2e1bf164b7360288f53932d53a762c9a5a58f65ac708002ad95caee035834b957d82b219c25f9fed2dbafcd188282e7df745513c077ebc57f8d31b56d5bd5456328ba054e55b15080651e23ad1292c3137f0724cd664160b31d7376b4bfa2817414082ba14a83f9d488265619a476f4288c2383e7115dae6c31235ed65349035527598b9ef798683c759ddc7b9e0f8accf9c8b6d35ae6f73226a75d2e300d86e374f1a49a722a5d7e5cd061ccffc7308a03a11df102f4fe3b093b50e8a66235cfab91435aae85a568e9d29095607d971f3cbb72b248f05ab0763501dc57a12d4e2563848035a5c7c1365fb94ad9e5e06f64c122330772cd2ab5f3b9abf8d3c190f1222bcdce22cb2ea81fda001cf20681f53efd1ea4eaa1f563fdc91204af612d22cec00e810bc97814edd31b83f8387b017a8c9bd7290ded4085c7d1c317514bc0049f9649a118700c884e76e3e1e66a6a3385ba083a829c88107cd1240161227b8c52742d8784ff2d6c28308b04202fabd1a8a5d119ef6e3eec687a28c0b11f9a3273c42fc9dc6dfabfd309bd98fa7f4cae8b70045", 0x1000}], 0x1, &(0x7f0000009bc0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="00000050635b50c894a0002a00000400000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32, @ANYBLOB="20000000000000000100000001000000", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYRES32], 0x68}}, {{&(0x7f0000009c40)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f000000a100)=[{&(0x7f0000009cc0)="908fe9dfa7788263191eb494922d9f7b0fb541712db8b5e729c704088d4dd3a582c4321ac33e72bd2d0a49afd436556cb92617f22f27c47a06d96e39a91790a484bc2e03faa5351048c49727253af37e4279b6b398cb6149d5b34270ab440eac12d70054da11a0aa3083bdb834a4c76ef919b058036656417715501757af3bd3294bcf2e3974d02045dd893a93839740e221799342f917a0b2fa7e067576016055debe7da9a3ebc9f1621e399c4514b656beb63af461fce33d8dcd323ea2d828c15693ea789cb5c4a3e25d3b25710892600ece08870021601330e4593381606971225c3ada56211e", 0xe8}, {&(0x7f0000009dc0)="5e70b0196ce11962e60ffc764f1a448f89d94a813af2edca5b581942122dd4219310af30e5ec62da820ef7009b342ddccfbb49857a022bb9b5ae171c875f775db6a5af13718fda4381c969d3ba404ab6ea776ce9951f927edcb94dc309b78fbe65e6e6d9db6fafcda257b4286be949801b3717c8da4eb3a6c4fdb99072b6c9385992648f45d4a8a0c5281fc5581cdeded51891473a720eff73502fae025fad3c964126cca36ba25cd7f1c26e759f9f841cecee85a4ea35772ddc04acab917250aa5797b727f16b90798d36466c0911cb", 0xd0}, {&(0x7f0000009ec0)="0491cd1fe146ec7cd0a6ebdc3a6e883f3d622b48cf7ef4e705955280423364ecd19637098fde0ddf30e7c2de5aa4c5874aa2cfcf8ec7a8a8325940b4e8fd845a08a0044f608ae1fd5371ef3202fa0fb16a150da59ffeed3cf9488191a22eb86ccb47f5723d6c5e7e4358f523a2a8ec74b76f15778836ec44b51523a68511e9f80f7b3f4ba16043e8687e61a58e1830d010093742b03ad07c2c154d030b4cc681ce696b598f741ada1842899edd1348d792d88f9025d47cb3a0ba3abbd1c5a66509120907c364049bdcf263668eb30c6efe00608a012f9a15aab5dbcde6e6add2ca506099a6567c27d2b63a36", 0xec}, {&(0x7f0000009fc0)="df6cc81da1e90ff93d4d825fd3e2fbef6644c9fef2c06a8b2ee177f0c6cafffd955bfeab7e77e4ac42bd48bb3cf3911ec41266adfb7709f3c4084b72dcbad6b7fc2db4b7b09cd1d72580e2e241e4d01ac7e7a0808d4d", 0x56}, {&(0x7f000000a040)="7123bb5eee854398115e5eba8955ebdde191ffbd65419ce8d92c6ba090179ba3019c2bdfccc79fc1ff2c55c47ac46d7fdf5789d97cd6294dde289172b1638c0e621b2ff404f5c20265f195a231b15cb93782c2f12e6762b20a02f7029e0953128f59e96e971cfbf767bbcc45dc9e6c1b754c6f666d985cce5194044946d3eb983bff3297727775bad799ec4c888cced7551c3c", 0x93}], 0x5, &(0x7f000000a180)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r1, r0]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0xee00, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r6}}}, @cred={{0x1c, 0x1, 0x2, {r7, 0xffffffffffffffff, 0xee01}}}], 0x80, 0x44000}}], 0x7, 0x10800) mount(&(0x7f0000000140)=@sr0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='fusectl\x00', 0x2000, &(0x7f0000000200)='cgroup2\x00') [ 775.847138][T23603] RSP: 002b:00007ffca696e1c8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 775.855540][T23603] RAX: ffffffffffffffda RBX: 0000000000021000 RCX: 00007f2e21c2abf7 [ 775.863571][T23603] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f2e1f961000 [ 775.871537][T23603] RBP: 00007ffca696e2a0 R08: 00000000ffffffff R09: 00007f2e1f980700 [ 775.879591][T23603] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffca696e3b0 [ 775.887674][T23603] R13: 00007f2e1f980700 R14: 0000000000000000 R15: 0000000000022000 05:40:27 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000000fe000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:27 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002d25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:27 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x110) [ 775.895714][T23603] memory: usage 307200kB, limit 307200kB, failcnt 57186 [ 775.902665][T23603] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 775.909554][T23603] Memory cgroup stats for /syz2: [ 775.958895][T24191] loop5: detected capacity change from 0 to 131456 [ 775.965728][T23603] anon 2248704 [ 775.965728][T23603] file 306659328 [ 775.965728][T23603] kernel_stack 327680 [ 775.965728][T23603] pagetables 2129920 [ 775.965728][T23603] percpu 0 [ 775.965728][T23603] sock 0 [ 775.965728][T23603] shmem 306561024 [ 775.965728][T23603] file_mapped 0 [ 775.965728][T23603] file_dirty 0 [ 775.965728][T23603] file_writeback 0 [ 775.965728][T23603] swapcached 0 [ 775.965728][T23603] inactive_anon 5517312 [ 775.965728][T23603] active_anon 303280128 [ 775.965728][T23603] inactive_file 98304 [ 775.965728][T23603] active_file 0 [ 775.965728][T23603] unevictable 12288 [ 775.965728][T23603] slab_reclaimable 1265520 [ 775.965728][T23603] slab_unreclaimable 1423272 [ 775.965728][T23603] slab 2688792 [ 775.965728][T23603] workingset_refault_anon 0 [ 775.965728][T23603] workingset_refault_file 58777 [ 775.965728][T23603] workingset_activate_anon 0 [ 775.965728][T23603] workingset_activate_file 458 [ 775.965728][T23603] workingset_restore_anon 0 [ 775.973337][T24193] loop4: detected capacity change from 0 to 131456 [ 776.060798][T23603] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23603,uid=0 [ 776.082743][T23603] Memory cgroup out of memory: Killed process 23603 (syz-executor.2) total-vm:85348kB, anon-rss:644kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 05:40:27 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee9, 0x100010, r0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, 0xffffffffffffffff, 0x406000) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r1, 0x2008001) r2 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r2, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:27 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x3ffb) 05:40:27 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') inotify_add_watch(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x22000c02) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 776.107503][T24193] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 776.117727][T24191] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] 05:40:27 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/vlan/vlan0\x00') preadv(r0, &(0x7f0000002400)=[{&(0x7f0000000100)=""/27, 0x1b}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000140)=""/90, 0x5a}, {&(0x7f00000001c0)=""/189, 0xbd}, {&(0x7f0000001340)=""/179, 0xb3}, {&(0x7f0000000280)=""/63, 0x3f}, {&(0x7f0000001400)=""/4096, 0x1000}], 0x7, 0x7fffffff, 0x101) ioctl$TCSETA(r0, 0x5406, &(0x7f00000000c0)={0x5, 0x50b0, 0xbea, 0x3ff, 0x11, "441b77c9bdafa20e"}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x3, &(0x7f0000000000)=[{0x2}, {0x15}, {0x6, 0x0, 0x0, 0x7ffffdbf}]}) creat(&(0x7f0000000080)='./file0\x00', 0x0) [ 776.150280][T24193] System zones: 1-2, 19-19, 35-38, 46-46 [ 776.150539][T24191] System zones: 1-2, 19-19, 35-38, 46-46 [ 776.162916][T24191] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2140/file0 supports timestamps until 2038 (0x7fffffff) 05:40:27 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0xfb3f) [ 776.192400][T24193] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2181/file0 supports timestamps until 2038 (0x7fffffff) 05:40:27 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0002000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 776.256712][T24330] ================================================================== [ 776.264806][T24330] BUG: KCSAN: data-race in drain_all_stock / try_charge_memcg [ 776.272260][T24330] [ 776.274577][T24330] write to 0xffff888237c22fe8 of 8 bytes by task 24335 on cpu 0: [ 776.282283][T24330] try_charge_memcg+0x846/0xa10 [ 776.287136][T24330] obj_cgroup_charge_pages+0xce/0x210 [ 776.292503][T24330] obj_cgroup_charge+0xe2/0x1b0 [ 776.297350][T24330] kmem_cache_alloc_node+0xae/0x2d0 [ 776.302545][T24330] dup_task_struct+0x63/0x680 05:40:27 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000140)='./file0\x00', 0x30) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:28 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002e25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 776.307218][T24330] copy_process+0x3f4/0x2f30 [ 776.311798][T24330] kernel_clone+0x15c/0x6a0 [ 776.316297][T24330] __x64_sys_clone+0xc6/0xf0 [ 776.320886][T24330] do_syscall_64+0x44/0xa0 [ 776.325301][T24330] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 776.331199][T24330] [ 776.333513][T24330] read to 0xffff888237c22fe8 of 8 bytes by task 24330 on cpu 1: [ 776.341135][T24330] drain_all_stock+0xbc/0x4b0 [ 776.345796][T24330] try_charge_memcg+0x6bc/0xa10 [ 776.350630][T24330] charge_memcg+0x51/0x1a0 [ 776.355028][T24330] __mem_cgroup_charge+0x25/0xa0 [ 776.359949][T24330] __filemap_add_folio+0x3a8/0x4d0 [ 776.365041][T24330] filemap_add_folio+0x6b/0x150 [ 776.369872][T24330] add_to_page_cache_lru+0x4e/0x70 [ 776.374969][T24330] page_cache_ra_unbounded+0x274/0x430 [ 776.380418][T24330] ondemand_readahead+0x4f8/0x700 [ 776.385431][T24330] page_cache_sync_ra+0xaf/0xe0 [ 776.390266][T24330] filemap_read+0x3d8/0x1720 [ 776.394842][T24330] generic_file_read_iter+0x75/0x2c0 [ 776.400280][T24330] ext4_file_read_iter+0x1db/0x290 [ 776.405374][T24330] vfs_read+0x66c/0x750 [ 776.409511][T24330] ksys_read+0xd9/0x190 [ 776.413651][T24330] __x64_sys_read+0x3e/0x50 [ 776.418133][T24330] do_syscall_64+0x44/0xa0 [ 776.422533][T24330] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 776.428414][T24330] [ 776.430725][T24330] value changed: 0x0000000000000000 -> 0xffff88813155c000 [ 776.437809][T24330] [ 776.440112][T24330] Reported by Kernel Concurrency Sanitizer on: [ 776.446362][T24330] CPU: 1 PID: 24330 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 05:40:28 executing program 1: clone(0x49300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x2c, 0x0, 0x0) 05:40:28 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0xffffffff000) [ 776.454755][T24330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 776.464790][T24330] ================================================================== [ 776.526820][T24741] loop5: detected capacity change from 0 to 131456 05:40:28 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0003000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:28 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000100)=0x0) fcntl$setownex(r0, 0xf, &(0x7f0000000140)={0x1, r2}) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x40) fallocate(r0, 0x0, 0x0, 0x101) r3 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x69) r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) preadv(r6, &(0x7f0000000640)=[{&(0x7f0000000200)=""/38, 0x26}, {&(0x7f00000005c0)=""/71, 0x47}], 0x2, 0xffffffff, 0x4) r7 = socket$inet6_udp(0xa, 0x2, 0x0) sendfile(r6, r7, &(0x7f0000000680)=0x7, 0x401) dup2(r4, r5) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x8, 0x1) symlinkat(&(0x7f0000000180)='./file1\x00', r4, &(0x7f00000001c0)='./file0\x00') ioctl$PTP_SYS_OFFSET(r3, 0x43403d05, &(0x7f0000000280)={0x3}) [ 776.572158][T24741] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2141/file0 supports timestamps until 2038 (0x7fffffff) [ 776.645699][T24851] loop4: detected capacity change from 0 to 131456 [ 776.673113][T24851] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2182/file0 supports timestamps until 2038 (0x7fffffff) [ 776.676365][T24859] loop5: detected capacity change from 0 to 131456 [ 776.751666][T24859] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2142/file0 supports timestamps until 2038 (0x7fffffff) [ 776.760594][T24330] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 776.776257][T24330] CPU: 0 PID: 24330 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 776.784686][T24330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 776.794756][T24330] Call Trace: [ 776.798048][T24330] dump_stack_lvl+0xd6/0x122 [ 776.802664][T24330] dump_stack+0x11/0x1b [ 776.806816][T24330] dump_header+0x98/0x410 [ 776.811149][T24330] oom_kill_process+0x18e/0x3f0 [ 776.816079][T24330] out_of_memory+0x5ed/0x890 [ 776.820701][T24330] ? mem_cgroup_iter+0x29b/0x370 [ 776.825703][T24330] mem_cgroup_oom+0x484/0x520 [ 776.830416][T24330] try_charge_memcg+0x736/0xa10 [ 776.835258][T24330] ? __rcu_read_unlock+0x5c/0x290 [ 776.840369][T24330] charge_memcg+0x51/0x1a0 [ 776.844836][T24330] __mem_cgroup_charge+0x25/0xa0 [ 776.849769][T24330] __filemap_add_folio+0x3a8/0x4d0 [ 776.854878][T24330] ? workingset_activation+0x2b0/0x2b0 [ 776.860336][T24330] filemap_add_folio+0x6b/0x150 [ 776.865181][T24330] add_to_page_cache_lru+0x4e/0x70 [ 776.870385][T24330] filemap_read+0x80e/0x1720 [ 776.875075][T24330] generic_file_read_iter+0x75/0x2c0 [ 776.880353][T24330] ext4_file_read_iter+0x1db/0x290 [ 776.885502][T24330] vfs_read+0x66c/0x750 [ 776.889652][T24330] ksys_read+0xd9/0x190 [ 776.893799][T24330] __x64_sys_read+0x3e/0x50 [ 776.898292][T24330] do_syscall_64+0x44/0xa0 [ 776.902738][T24330] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 776.908643][T24330] RIP: 0033:0x7f2e21c2aae9 [ 776.913140][T24330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 776.932747][T24330] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 776.941153][T24330] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 776.949114][T24330] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000005 [ 776.957073][T24330] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 776.965190][T24330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 776.973413][T24330] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 776.981404][T24330] memory: usage 307200kB, limit 307200kB, failcnt 59132 [ 776.988382][T24330] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 776.995495][T24330] Memory cgroup stats for /syz2: [ 776.996748][T24330] anon 2412544 [ 776.996748][T24330] file 306618368 [ 776.996748][T24330] kernel_stack 327680 [ 776.996748][T24330] pagetables 2129920 [ 776.996748][T24330] percpu 0 [ 776.996748][T24330] sock 0 [ 776.996748][T24330] shmem 306561024 [ 776.996748][T24330] file_mapped 0 [ 776.996748][T24330] file_dirty 0 [ 776.996748][T24330] file_writeback 0 [ 776.996748][T24330] swapcached 0 [ 776.996748][T24330] inactive_anon 5681152 [ 776.996748][T24330] active_anon 303280128 [ 776.996748][T24330] inactive_file 0 [ 776.996748][T24330] active_file 0 [ 776.996748][T24330] unevictable 12288 [ 776.996748][T24330] slab_reclaimable 1265320 [ 776.996748][T24330] slab_unreclaimable 1427872 [ 776.996748][T24330] slab 2693192 [ 776.996748][T24330] workingset_refault_anon 0 [ 776.996748][T24330] workingset_refault_file 60801 [ 776.996748][T24330] workingset_activate_anon 0 [ 776.996748][T24330] workingset_activate_file 458 [ 776.996748][T24330] workingset_restore_anon 0 05:40:28 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:28 executing program 1: perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffff7fffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005b300)={0x0, [{}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}], 0x0, "7e6ef4474e165c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}], 0x1, "2156816c73038c"}) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r7, &(0x7f0000000140)=ANY=[], 0xfef0) perf_event_open(&(0x7f0000000080)={0x4, 0x80, 0x3f, 0x7, 0x2, 0x9d, 0x0, 0xd5, 0x800, 0x5, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000040)}, 0x20, 0x1f, 0x4, 0x8, 0x5, 0x1ff, 0x0, 0x0, 0x1, 0x0, 0x1}, 0x0, 0x0, r7, 0x1) syz_open_dev$sg(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x40808000, 0x0, 0x0, 0x0, 0x0) 05:40:28 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c002f25ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:28 executing program 3: epoll_wait(0xffffffffffffffff, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0xa, 0xb0d) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder-control\x00', 0x0, 0x0) fallocate(r1, 0x6a, 0x8, 0x4) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) clock_gettime(0x0, &(0x7f0000005200)={0x0, 0x0}) recvmmsg$unix(r2, &(0x7f0000005000)=[{{&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000000540)=[{&(0x7f0000000300)=""/102, 0x66}, {&(0x7f0000000200)=""/48, 0x30}, {&(0x7f0000000380)=""/167, 0xa7}, {&(0x7f0000000440)=""/204, 0xcc}], 0x4, &(0x7f0000000580)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x178}}, {{&(0x7f0000000700)=@abs, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000000780)}, {&(0x7f00000007c0)=""/226, 0xe2}, {&(0x7f00000008c0)=""/160, 0xa0}, {&(0x7f0000000980)=""/97, 0x61}], 0x4, &(0x7f0000000a40)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}}, {{&(0x7f0000000a80)=@abs, 0x6e, &(0x7f0000000c00)=[{&(0x7f0000000b00)=""/198, 0xc6}], 0x1, &(0x7f0000000c40)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x88}}, {{&(0x7f0000000d00), 0x6e, &(0x7f0000001dc0)=[{&(0x7f0000000d80)=""/23, 0x17}, {&(0x7f0000000dc0)=""/4096, 0x1000}], 0x2, &(0x7f0000001e00)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xb8}}, {{&(0x7f0000001ec0), 0x6e, &(0x7f0000004100)=[{&(0x7f0000001f40)=""/21, 0x15}, {&(0x7f0000001f80)=""/4096, 0x1000}, {&(0x7f0000002f80)=""/231, 0xe7}, {&(0x7f0000003080)=""/75, 0x4b}, {&(0x7f0000003100)=""/4096, 0x1000}], 0x5, &(0x7f0000004180)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x158}}, {{&(0x7f0000004300)=@abs, 0x6e, &(0x7f0000004600)=[{&(0x7f0000004380)=""/20, 0x14}, {&(0x7f00000043c0)=""/114, 0x72}, {&(0x7f0000004440)=""/170, 0xaa}, {&(0x7f0000004500)=""/250, 0xfa}], 0x4}}, {{0x0, 0x0, &(0x7f0000004900)=[{&(0x7f0000004640)=""/32, 0x20}, {&(0x7f0000004680)=""/63, 0x3f}, {&(0x7f00000046c0)=""/216, 0xd8}, {&(0x7f00000047c0)=""/170, 0xaa}, {&(0x7f0000004880)=""/123, 0x7b}], 0x5, &(0x7f0000004980)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xb8}}, {{&(0x7f0000004a40), 0x6e, &(0x7f0000004f00)=[{&(0x7f0000004ac0)=""/88, 0x58}, {&(0x7f0000004b40)=""/165, 0xa5}, {&(0x7f0000004c00)=""/97, 0x61}, {&(0x7f0000004c80)=""/14, 0xe}, {&(0x7f0000004cc0)=""/43, 0x2b}, {&(0x7f0000004d00)=""/167, 0xa7}, {&(0x7f0000004dc0)=""/26, 0x1a}, {&(0x7f0000004e00)=""/204, 0xcc}], 0x8, &(0x7f0000004f80)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}}], 0x8, 0x1, &(0x7f0000005240)={r3, r4+10000000}) r6 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0xee00, 0x0, r7) recvmmsg$unix(r0, &(0x7f0000005740)=[{{0x0, 0x0, &(0x7f00000052c0)=[{&(0x7f0000005280)=""/14, 0xe}], 0x1, &(0x7f0000005300)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa8}}, {{&(0x7f00000053c0), 0x6e, &(0x7f0000005680)=[{&(0x7f0000005440)=""/87, 0x57}, {&(0x7f00000054c0)=""/173, 0xad}, {&(0x7f0000005580)=""/232, 0xe8}], 0x3, &(0x7f00000056c0)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x80}}], 0x2, 0x40000140, &(0x7f00000057c0)={0x77359400}) r9 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0xee00, 0x0, r10) getresgid(&(0x7f0000005800)=0x0, &(0x7f0000005840), &(0x7f0000005880)) lsetxattr$system_posix_acl(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000058c0)={{}, {0x1, 0x3}, [{0x2, 0x7, 0xffffffffffffffff}, {0x2, 0x3, r5}], {0x4, 0x6}, [{0x8, 0x4, r7}, {0x8, 0x1, r8}, {}, {0x8, 0x2, r10}, {0x8, 0x4, r11}, {}], {0x10, 0x2}}, 0x64, 0x1) write$cgroup_type(r2, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x101) ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000000140)={{r2}, {@void, @max}}) 05:40:28 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='dax\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x100, 0x174) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:28 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0004000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 777.091103][T24330] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24327,uid=0 [ 777.106441][T24330] Memory cgroup out of memory: Killed process 24330 (syz-executor.2) total-vm:85348kB, anon-rss:692kB, file-rss:35836kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 777.125326][ T25] oom_reaper: reaped process 24330 (syz-executor.2), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB 05:40:28 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x404400, 0x1) fallocate(r0, 0x0, 0x0, 0x101) [ 777.185758][T24960] loop4: detected capacity change from 0 to 131456 [ 777.186695][T24999] loop5: detected capacity change from 0 to 131456 [ 777.200716][ C1] sd 0:0:1:0: tag#5622 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 777.210555][ C1] sd 0:0:1:0: tag#5622 CDB: opcode=0xe5 (vendor) [ 777.216892][ C1] sd 0:0:1:0: tag#5622 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 777.225951][ C1] sd 0:0:1:0: tag#5622 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 777.234996][ C1] sd 0:0:1:0: tag#5622 CDB[20]: ba [ 777.242487][T24999] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2143/file0 supports timestamps until 2038 (0x7fffffff) 05:40:29 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) mount$bind(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0xb7a2b8673cfa3c8b, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:29 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0005000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:29 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x1) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3f}}, './file0\x00'}) write$binfmt_script(r1, &(0x7f0000000100)={'#! ', './file0', [{0x20, ','}, {}, {0x20, '['}, {0x20, '^'}], 0xa, "14d2433b6444ffb5d6be8bc4cfc3e6e03c3670ef1820536e39c2fb0daf82aa6c645f06230acfa49dbc42f2f528b664efcbc20ca7de74a69029d1cf1c2b3c353ed99d941110a43011e58d7ae3fe69cce44608"}, 0x64) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r2, r3) write$cgroup_type(r2, &(0x7f0000000180), 0x9) fallocate(r0, 0x0, 0x0, 0x101) 05:40:29 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x378) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x84140, 0x21) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) acct(&(0x7f0000000140)='./file0\x00') openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 777.398095][T24960] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2183/file0 supports timestamps until 2038 (0x7fffffff) [ 777.427302][T25434] loop5: detected capacity change from 0 to 131456 [ 777.436513][T25434] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 777.447085][T25434] System zones: 1-2, 19-19, 35-38, 46-46 05:40:29 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0006000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 777.484697][T25434] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2144/file0 supports timestamps until 2038 (0x7fffffff) [ 777.575363][T25700] loop5: detected capacity change from 0 to 131456 [ 777.617162][T25700] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 777.625148][T25700] System zones: 1-2, 19-19, 35-38, 46-46 [ 777.647428][T25700] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2145/file0 supports timestamps until 2038 (0x7fffffff) [ 777.793577][T25012] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 777.803847][T25012] CPU: 0 PID: 25012 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 777.812265][T25012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 777.822685][T25012] Call Trace: [ 777.825960][T25012] dump_stack_lvl+0xd6/0x122 [ 777.830638][T25012] dump_stack+0x11/0x1b [ 777.834865][T25012] dump_header+0x98/0x410 [ 777.839192][T25012] oom_kill_process+0x18e/0x3f0 [ 777.844085][T25012] out_of_memory+0x5ed/0x890 [ 777.848749][T25012] ? mem_cgroup_iter+0x29b/0x370 [ 777.853773][T25012] mem_cgroup_oom+0x484/0x520 [ 777.858533][T25012] try_charge_memcg+0x736/0xa10 [ 777.863412][T25012] ? __rcu_read_unlock+0x5c/0x290 [ 777.868432][T25012] charge_memcg+0x51/0x1a0 [ 777.872853][T25012] __mem_cgroup_charge+0x25/0xa0 [ 777.877850][T25012] __filemap_add_folio+0x3a8/0x4d0 [ 777.883052][T25012] ? workingset_activation+0x2b0/0x2b0 [ 777.888514][T25012] filemap_add_folio+0x6b/0x150 [ 777.893354][T25012] add_to_page_cache_lru+0x4e/0x70 [ 777.898510][T25012] filemap_read+0x80e/0x1720 [ 777.903192][T25012] generic_file_read_iter+0x75/0x2c0 [ 777.908476][T25012] ext4_file_read_iter+0x1db/0x290 [ 777.913662][T25012] vfs_read+0x66c/0x750 [ 777.917901][T25012] ksys_read+0xd9/0x190 [ 777.922050][T25012] __x64_sys_read+0x3e/0x50 [ 777.926552][T25012] do_syscall_64+0x44/0xa0 [ 777.930995][T25012] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 777.936883][T25012] RIP: 0033:0x7f2e21c2aae9 [ 777.941343][T25012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 777.960938][T25012] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 777.969348][T25012] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 777.977310][T25012] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 777.985346][T25012] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 777.993409][T25012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 778.001382][T25012] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 778.009507][T25012] memory: usage 307200kB, limit 307200kB, failcnt 61595 [ 778.016433][T25012] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 778.023383][T25012] Memory cgroup stats for /syz2: [ 778.023634][T25012] anon 2408448 [ 778.023634][T25012] file 306618368 [ 778.023634][T25012] kernel_stack 344064 [ 778.023634][T25012] pagetables 2129920 [ 778.023634][T25012] percpu 0 [ 778.023634][T25012] sock 0 [ 778.023634][T25012] shmem 306561024 [ 778.023634][T25012] file_mapped 0 [ 778.023634][T25012] file_dirty 0 [ 778.023634][T25012] file_writeback 0 [ 778.023634][T25012] swapcached 0 [ 778.023634][T25012] inactive_anon 5677056 [ 778.023634][T25012] active_anon 303280128 [ 778.023634][T25012] inactive_file 0 [ 778.023634][T25012] active_file 0 [ 778.023634][T25012] unevictable 12288 [ 778.023634][T25012] slab_reclaimable 1266688 [ 778.023634][T25012] slab_unreclaimable 1428808 [ 778.023634][T25012] slab 2695496 [ 778.023634][T25012] workingset_refault_anon 0 [ 778.023634][T25012] workingset_refault_file 63671 [ 778.023634][T25012] workingset_activate_anon 0 [ 778.023634][T25012] workingset_activate_file 486 [ 778.023634][T25012] workingset_restore_anon 0 [ 778.118060][T25012] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25000,uid=0 05:40:29 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:29 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c003025ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:29 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x20) write$P9_RRENAME(r1, &(0x7f00000000c0)={0x7, 0x15, 0xfffe}, 0x7) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x199) write$cgroup_type(r2, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x101) 05:40:29 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r2, &(0x7f00000002c0), 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000280)={[{0x2d, 'rdma'}, {0x0, 'net'}, {0x2b, 'net_cls'}, {0x2d, 'freezer'}, {0x2d, 'cpuset'}, {0x2b, 'memory'}, {0x2b, 'rdma'}]}, 0x33) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) setxattr$trusted_overlay_opaque(&(0x7f0000000300)='./file0\x00', &(0x7f0000000480), &(0x7f00000004c0), 0x2, 0x2) sendto$unix(r3, &(0x7f0000000380)="26cd61c84eec959d1973a7196d767542f6962137b367e93354fa56de594fc8a805ed7d67ffbb8f15d10b084abe59b8ccb75138797693124e1153401a374cb46b61af6b0861ec37e7948a9e135ba4c4d462145e683aae085796cd33d85ca107db6cec0304b1259dc812a2bf6bc983240f309be11de064ef", 0x77, 0x4000890, &(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) utimensat(r4, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:29 executing program 1: syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff) r0 = socket$inet6(0x10, 0x4, 0x0) set_mempolicy(0x8003, &(0x7f0000000000)=0x401, 0x2) sendmsg(r0, &(0x7f0000000040)={0x0, 0x3, &(0x7f00000002c0)=[{&(0x7f0000000100)="5500000018007fd500fe01b2a4a280930a06000000a843089100fe8008000800080010000f0000002d000f009b2c136ef75afb83de448daa72540d8102d2c55327c43ab82286ef1fdd20652383656d4d24", 0x51}, {&(0x7f0000000080)="02044911", 0x4}], 0x2}, 0x0) 05:40:29 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0007000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 778.133549][T25012] Memory cgroup out of memory: Killed process 25012 (syz-executor.2) total-vm:85348kB, anon-rss:616kB, file-rss:35840kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 778.152372][ T25] oom_reaper: reaped process 25012 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 778.198872][T25708] loop5: detected capacity change from 0 to 131456 [ 778.209318][T25713] loop4: detected capacity change from 0 to 131456 [ 778.233998][T25708] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] 05:40:29 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x10) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:29 executing program 3: r0 = creat(&(0x7f0000000000)='./file1\x00', 0x9e8d51399160de0e) creat(&(0x7f0000000080)='./file0/file0\x00', 0x8) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = dup2(r1, r2) bind$unix(r1, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r4, &(0x7f0000000240), 0xfb3f) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file1\x00'}) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000180), &(0x7f0000000200)=0xc) fallocate(r0, 0x0, 0x0, 0x101) [ 778.245033][T25713] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c018, mo2=0006] [ 778.253911][T25708] System zones: 1-2, 19-19, 35-38, 46-46 [ 778.264786][T25708] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2146/file0 supports timestamps until 2038 (0x7fffffff) [ 778.275520][T25713] System zones: 1-2, 19-19, 35-38, 46-46 05:40:30 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0008000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 778.294048][T25713] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2184/file0 supports timestamps until 2038 (0x7fffffff) 05:40:30 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c003125ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:30 executing program 1: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:30 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) timerfd_create(0x7, 0x800) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x101) [ 778.355665][T26179] loop5: detected capacity change from 0 to 131456 [ 778.378591][T26179] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2147/file0 supports timestamps until 2038 (0x7fffffff) [ 778.458329][T26235] loop4: detected capacity change from 0 to 131456 [ 778.504778][T26235] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2185/file0 supports timestamps until 2038 (0x7fffffff) [ 778.784049][T25965] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 778.794264][T25965] CPU: 1 PID: 25965 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 778.802671][T25965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 778.812715][T25965] Call Trace: [ 778.815979][T25965] dump_stack_lvl+0xd6/0x122 [ 778.820620][T25965] dump_stack+0x11/0x1b [ 778.824775][T25965] dump_header+0x98/0x410 [ 778.829152][T25965] oom_kill_process+0x18e/0x3f0 [ 778.833994][T25965] out_of_memory+0x5ed/0x890 [ 778.838577][T25965] ? mem_cgroup_iter+0x29b/0x370 [ 778.843514][T25965] mem_cgroup_oom+0x484/0x520 [ 778.848244][T25965] try_charge_memcg+0x736/0xa10 [ 778.853206][T25965] ? __rcu_read_unlock+0x5c/0x290 [ 778.858310][T25965] charge_memcg+0x51/0x1a0 [ 778.862749][T25965] __mem_cgroup_charge+0x25/0xa0 [ 778.867810][T25965] __filemap_add_folio+0x3a8/0x4d0 [ 778.872915][T25965] ? workingset_activation+0x2b0/0x2b0 [ 778.878372][T25965] filemap_add_folio+0x6b/0x150 [ 778.883212][T25965] add_to_page_cache_lru+0x4e/0x70 [ 778.888324][T25965] filemap_read+0x80e/0x1720 [ 778.892911][T25965] generic_file_read_iter+0x75/0x2c0 [ 778.898265][T25965] ext4_file_read_iter+0x1db/0x290 [ 778.903373][T25965] vfs_read+0x66c/0x750 [ 778.907552][T25965] ksys_read+0xd9/0x190 [ 778.911694][T25965] __x64_sys_read+0x3e/0x50 [ 778.916260][T25965] do_syscall_64+0x44/0xa0 [ 778.920709][T25965] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 778.926616][T25965] RIP: 0033:0x7f2e21c2aae9 [ 778.931285][T25965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 778.950888][T25965] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 778.959331][T25965] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 778.967324][T25965] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 778.975288][T25965] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 778.983267][T25965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 778.991295][T25965] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 778.999403][T25965] memory: usage 307200kB, limit 307200kB, failcnt 63960 [ 779.006339][T25965] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 779.013195][T25965] Memory cgroup stats for /syz2: [ 779.013398][T25965] anon 2408448 [ 779.013398][T25965] file 306618368 [ 779.013398][T25965] kernel_stack 344064 [ 779.013398][T25965] pagetables 2129920 [ 779.013398][T25965] percpu 0 [ 779.013398][T25965] sock 0 [ 779.013398][T25965] shmem 306561024 [ 779.013398][T25965] file_mapped 0 [ 779.013398][T25965] file_dirty 0 [ 779.013398][T25965] file_writeback 0 [ 779.013398][T25965] swapcached 0 [ 779.013398][T25965] inactive_anon 5677056 [ 779.013398][T25965] active_anon 303280128 [ 779.013398][T25965] inactive_file 0 [ 779.013398][T25965] active_file 0 [ 779.013398][T25965] unevictable 12288 [ 779.013398][T25965] slab_reclaimable 1266688 [ 779.013398][T25965] slab_unreclaimable 1428808 [ 779.013398][T25965] slab 2695496 [ 779.013398][T25965] workingset_refault_anon 0 [ 779.013398][T25965] workingset_refault_file 66107 [ 779.013398][T25965] workingset_activate_anon 0 [ 779.013398][T25965] workingset_activate_file 499 [ 779.013398][T25965] workingset_restore_anon 0 [ 779.108300][T25965] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25711,uid=0 05:40:30 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:30 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) link(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00') r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:30 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) creat(&(0x7f0000000080)='./file0\x00', 0x100) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x101) getsockopt$inet6_tcp_int(r1, 0x6, 0x8, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 05:40:30 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0009000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:30 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c003225ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:30 executing program 1: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) [ 779.123628][T25965] Memory cgroup out of memory: Killed process 25965 (syz-executor.2) total-vm:85348kB, anon-rss:616kB, file-rss:35840kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 779.141939][ T25] oom_reaper: reaped process 25965 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 779.186592][T26448] loop4: detected capacity change from 0 to 131456 [ 779.199098][T26451] loop5: detected capacity change from 0 to 131456 05:40:30 executing program 3: creat(&(0x7f0000000000)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r1 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000080)='\x00', &(0x7f00000001c0)='}%)[-\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) flock(r1, 0xd) write$cgroup_type(r0, &(0x7f0000000240), 0xfb3f) [ 779.222985][T26448] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2186/file0 supports timestamps until 2038 (0x7fffffff) [ 779.247161][T26451] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2148/file0 supports timestamps until 2038 (0x7fffffff) 05:40:31 executing program 1: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:31 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c003325ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:31 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000a000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:31 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x800, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 779.375936][T26829] loop4: detected capacity change from 0 to 131456 [ 779.401688][T26829] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 779.421315][T26924] loop5: detected capacity change from 0 to 131456 05:40:31 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = dup2(r2, r3) unlinkat(r4, &(0x7f00000000c0)='./file0\x00', 0x0) [ 779.457455][T26829] System zones: 1-2, 19-19, 35-38, 46-46 [ 779.463634][T26829] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2187/file0 supports timestamps until 2038 (0x7fffffff) [ 779.499031][T26924] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 779.540377][T26924] System zones: 1-2, 19-19, 35-38, 46-46 [ 779.557179][T26924] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2149/file0 supports timestamps until 2038 (0x7fffffff) [ 779.804876][T26450] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 779.815101][T26450] CPU: 0 PID: 26450 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 779.823603][T26450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 779.833648][T26450] Call Trace: [ 779.836913][T26450] dump_stack_lvl+0xd6/0x122 [ 779.841535][T26450] dump_stack+0x11/0x1b [ 779.845769][T26450] dump_header+0x98/0x410 [ 779.850100][T26450] oom_kill_process+0x18e/0x3f0 [ 779.854956][T26450] out_of_memory+0x5ed/0x890 [ 779.859606][T26450] ? mem_cgroup_iter+0x29b/0x370 [ 779.864584][T26450] mem_cgroup_oom+0x484/0x520 [ 779.869260][T26450] try_charge_memcg+0x736/0xa10 [ 779.874229][T26450] ? __rcu_read_unlock+0x5c/0x290 [ 779.879249][T26450] charge_memcg+0x51/0x1a0 [ 779.883662][T26450] __mem_cgroup_charge+0x25/0xa0 [ 779.888662][T26450] __filemap_add_folio+0x3a8/0x4d0 [ 779.893768][T26450] ? workingset_activation+0x2b0/0x2b0 [ 779.899289][T26450] filemap_add_folio+0x6b/0x150 [ 779.904251][T26450] add_to_page_cache_lru+0x4e/0x70 [ 779.909368][T26450] filemap_read+0x80e/0x1720 [ 779.913994][T26450] ? rb_insert_color+0x2fa/0x310 [ 779.919007][T26450] generic_file_read_iter+0x75/0x2c0 [ 779.924288][T26450] ext4_file_read_iter+0x1db/0x290 [ 779.929402][T26450] vfs_read+0x66c/0x750 [ 779.933552][T26450] ksys_read+0xd9/0x190 [ 779.937699][T26450] __x64_sys_read+0x3e/0x50 [ 779.942202][T26450] do_syscall_64+0x44/0xa0 [ 779.946684][T26450] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 779.952625][T26450] RIP: 0033:0x7f2e21c2aae9 [ 779.957033][T26450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 779.977001][T26450] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 779.985462][T26450] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 779.993519][T26450] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 780.001566][T26450] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 780.009530][T26450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 780.017494][T26450] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 780.025527][T26450] memory: usage 307200kB, limit 307200kB, failcnt 66467 [ 780.032484][T26450] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 780.039379][T26450] Memory cgroup stats for /syz2: [ 780.039712][T26450] anon 2408448 [ 780.039712][T26450] file 306618368 [ 780.039712][T26450] kernel_stack 311296 [ 780.039712][T26450] pagetables 2129920 [ 780.039712][T26450] percpu 0 [ 780.039712][T26450] sock 0 [ 780.039712][T26450] shmem 306561024 [ 780.039712][T26450] file_mapped 0 [ 780.039712][T26450] file_dirty 0 [ 780.039712][T26450] file_writeback 0 [ 780.039712][T26450] swapcached 0 [ 780.039712][T26450] inactive_anon 5677056 [ 780.039712][T26450] active_anon 303280128 [ 780.039712][T26450] inactive_file 0 [ 780.039712][T26450] active_file 0 [ 780.039712][T26450] unevictable 12288 [ 780.039712][T26450] slab_reclaimable 1266688 [ 780.039712][T26450] slab_unreclaimable 1428808 [ 780.039712][T26450] slab 2695496 [ 780.039712][T26450] workingset_refault_anon 0 [ 780.039712][T26450] workingset_refault_file 69175 [ 780.039712][T26450] workingset_activate_anon 0 [ 780.039712][T26450] workingset_activate_file 550 [ 780.039712][T26450] workingset_restore_anon 0 [ 780.134154][T26450] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26444,uid=0 05:40:31 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:31 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000280)={0x0, ""/256, 0x0, 0x0}) r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x9, 0x7, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r4, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r4, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x400001, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001480)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {0x0, r7}, {}, {}, {r6}, {}, {}, {0x0, r7}, {}, {r6}, {0x0, r7}, {}, {}, {0x0, r7}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {r6}, {}, {}, {r6}, {}, {r5}, {}, {}, {0x0, r7}, {}, {}, {0x0, r7}, {}, {}, {0x0, r7}, {r6}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {r6}, {0x0, r7}, {r6}, {}, {}, {0x0, r7}, {0x0, r7}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {0x0, r7}, {}, {r6}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {0x0, r7}, {r5, r7}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {r5}, {r5}, {}, {}, {0x0, r7}, {0x0, r7}, {0x0, r7}, {0x0, r7}, {}, {}, {r5}, {r5}, {}, {}, {r5}, {0x0, r7}, {}, {}, {0x0, r7}, {0x0, r7}, {0x0, r7}, {r6, r7}, {}, {}, {}, {}, {}, {r5, r7}, {r6, r7}, {0x0, r7}, {}, {}, {r6}, {}, {}, {}, {}, {r6, r7}, {}, {0x0, r7}, {}, {0x0, r7}, {}, {}, {}, {r6}, {0x0, r7}, {r6}, {}, {}, {}, {}, {}, {r5, r7}, {r6, r7}, {}, {0x0, r7}, {}, {r6}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {r6}, {r5}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {r6}, {0x0, r7}, {}, {r6, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {r5}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {0x0, r7}, {}, {r6}, {}, {}, {}, {r5, r7}, {}, {}, {r6}, {r5, r7}, {}, {}, {}, {r6}, {r6}, {r5}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {r5, r7}], 0x0, "2156816c73038c"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000000480)={r2, r5, "d95a9ef48bc8b93ffbf37f3ab0c81870dc1e8296e8fe10138ed8d1f8d7577087b4212fdae5fef73f61d4a894794024348edbabe9e6d39da7b33301c889e3b6d9814bd68b12bd6190e2e8aed9004db578c5ab369d58e17f98aeab9d8125c407bad6cd2e6310b99c431d8924ebe268f5af091454d9e67457bbfac23339bb86301fb94f0c15f183789a08df2e45cdcc40f11579b0b110ff4ee9fabbfd633419c73dbd9f271fd2fb2b3fe28e210cea50298405d75fda96c1c8c4c85099792a745028116f636a0d3c27975673d4c34757215d898a571c124bd14d60dff0877614b185b7a42e51dc48e82b0df35b9fda5766c28eee345c091538b6ca687d3f0ac2bb34", "bb2e66bd7885bd90ceb2bc10263df6c9e5bd41d478043e5440cf059b7799d24dc25db15c5295e11ad72deb444ceb14825799158b29a1cdbab94c4cec81ef80149f72a7c4c6002b2af721bd850b9c170b7bb90889f5dc7fdee37bc55ee561daee872ae09609da1e7d9cbf66aabbd37399cb6d35e8a30d4fcf7b77269315cbcb7c41e76c93e4027bae336abf75c5e4d4a086f8ad226ca79c695fc60b17eaf768fc5c3e0bf3a11a9544c168c33f48a961d3f8a0a9afbc2c29b5dd420ba92d68becf77bbb1735df70d074bc6eee3057fc8d7ea0df0b629250376c0799dbb73676cf7a879208e6695ea9321996f4007fd3114404f7d949088d35208317e93de364436c40281c49950e8985633ebf9ef8e154bd3d0a51be381bc45f30484f892329c27de5f19da36b43c8a74f80e10a998bd5529ae153c282ff83fb9add5762811fc0b6091ec87f1fd6595aa1954cd2e12d23f5d44dd242bd7748cc32e4b465e663b0b9644734884e95bba8eac93363a04e471d7863af324e1ab1754f330ed5edc024e7eca64744a77b5e348bb9c5b22f077b4631584134618034337172099f610ba60b2435a3e0455567569ad7b84dc962d05543dbda3a24cb71669866f7e1516d7c5e3b13ceccd455115984538bab241bc97b6eb136c6e1f2b46c3d2f70d9d548bddc86d858bbf095349448cb98ed1ed171d08a7c80a8821924ec83b60adfea62450e63c7bbc761faadf3d595a0398b5951ecc85cb458ce9e961c3cb83130b5ff27f5910f73d715755808d4b25e2821c89b83a2930663b15a4c30188a994c74dc60e32729640491b8a9819111398041745581476c9a2515a7ba59f6dd5885862a58d6dc40255aae868423e803f7283552f20c8d818ec4cc33d9c8a94470bcf0d52a6ce88e38d8906fb834540377cd8735e5ae894558e1618326e3095a81e4aa30417270ad94b147242fb64f49d2c360d1c361abacd501a843439f12f0b61e5b785b52f34d4c67dc1c954d6cf302b5289afa3321899dff91c15cc8cbfd94d867ebefe7f227ef86fe9cd5fb08248bcf171f412d67690f2335b72b30f4fa4a38539e9735b139b69241e6654b68b7aa9565f791cf08fec37e9a0d587224802876b56850cda7ef9283d9af13528b1af8993d336dc8d4ac6216375ce16f92a079949ee1431325ab797fb25a8c65d70c9b192f962075eaf0627c91d6d93c998a4f2ce484d0a5a953a63f339f3d1d88a67c4176dae785e13dfe5d6662e5b46c378d1a41f7d0d80e2b34ea0894db29499a4f1a38d637b55e4c50bbc8245b4311bb6608dd57ebfecd51b468b7baddc888462d7301ce2625c042f052288ff052ab03afb927118b27a8d035239763fc2e584654666c9285c3b6a28f8a729d81d4706bc8f0754d72e6d978de457af005d88291afb3dfd3322130335c510732d0576d11b3ecdacd2a75530b4944889d1dc608ad3813ab33f3eb119b73db6db35cfdb26098fbf2e255dce2d7cb97c3ab56dcd5a02b5c928ee3bf8edeb674868e1b40820bf4cdd1fb1ff4a13d5862ab7be12a2b2b8d886610c1dd9fa6540b98e747001be1ec758b6494843d96b7d4773fdaaec249b3ca864671a9025dbc74cdc9bb79d5b9e72230aed07885651513d2ce6bba76ca5fbee2ed8b837b048ee64454c4f3b3e2e6c3f6a9b95eeeb240f26471a5ec645b3bb78d32d9336b6776da106214c495e0dbb39d6aa4f265e5ad9ee8acb3d866923be51c292e18b93794f157613c9572d903554b870f7e51ff8b2fea3ad1e5e7f83950366afbfc2c325a3fc8a1e30f33148659f42155b2ced4f4a38526f92f913fe524ce9e3ec622380cf197cc3c20c6cecb938bf686f7385df34fe7f2f0b9e0c515b186fd25875670c76d59106422ca6a7893488266d5e77e55a5116c7923650dcb0bed2318775da0509e19d6acd6247563e1270d568307464895e1fe22afc7c677427d2d33ad82f10541d1cfa1ff2efab06932e714298894e18613d12c4684ce5314559e77b524f77b4c60b42e0e5ae05efea025f0a12ef4743140d0baac004f0c065a171fa44f513ed2c94dae4f66a378204c6dd872870196ba794d8f9d7b0222428e74e0963064431401ce61201fe3ac8ddcecf12c33fe219d86328a762fb1e34c2b734c5dbaa2ab5344357de3914e0106a82269c94dd09b11fa966a6b55508798281a5715f5cf272d337589a42340f91c3659c5d796575ba46583fa84771b25282611ba4da9c7e875ed79d77125b9b59b0ef9d3fef034c6425d5ef8f6c47a2e58767aa3a71943df5ce7e1b3e63528faa5d907a86b82a6f4e92b37acb5836c890f251af8781e7b21a6594eebe51060b27a34c2fa16754e98d8ed28ac87af5a4752e816a6a2f83f0968142f11be42798c350f659318e27d5a26b851ee5929e878c51f71f3805772f00d1887d0d68decb4877aee9b5d3b0725b612a3ec60892a7e0e76be06ead03386647434b75557623452e16efd75fb457815d27d88e7ea7fa28f6b68606c20b2d465e25b263e690675d9e5e4c22b100b951fc4fa21e23edcf58e398155d520c4babb840f6b004c210424f2cd1cccfba35e0fd9e74de0366f26053554628f1f2b58a30592196d6d7a7060af25900c3d24e7d2a0cf6fbf795f19fc060af600215a748ee4306e2c1b4ad41289cc2d727c0de75483e10155162a4db93407cdcaa39fa88ca5575863844ef014f5bc0220c611cb19995a08ccaa262249675a5a50974cbbe1e9515b76e217fd8fe55efc8e115de42ac48d4286bc1d85795817ecf0c9431b740d653812ce9dd99fc275f50ad69018e20b4b37a89cf52f31a4be9c1e5e4048f775b4931b5b4983b0e59ae78f7fb1b99a35a07b4c23aa8689f15914126d6691e8da007be3d8497e42b56c199f50a4f42536acf7268d651cdff0f589117c4eee6e5d63399885b70d31ec1203dce6b77f240903ace6127e7392a9d3534d213eb76fde4b076dd3e2ed02f23670a67d30c8dee59018492f40b69be3eb735aaee8883c082ea3010d8a65c21e7fc433e0cc7c7f255eabb38c92d2fc3cd0e22331a32b2aca0d8534960f36841309ef6411ff340e00afebcf8eb9772636bff9abe8be87b88370db2e865fc121434b595a856d9f0940e2581ff11070640a88f605c1e0badc0c786387bfb6b36e7100836f97ce2c36abaa2abb7f57acfeaabaee1385f8366220e72048095f7f54049ed5116ce7193620223c4275a29c7bd78c3ddfce8929ddc9575ecdc5bfdf95ff8471f69fb79d5a3ab859a5dc410e8db4a8ec611250b21cbd1783850341ec87ce8c52c41891f4f10249d3b2b303b583fff2fcd4106d1bf368c068f44846d1550197594e92995499ed5722f1dd7662587b6292a1695196bb3a0bde715fa52aac80b616835643f84d263a00e1ddf3089f436444e5089b87f08e806ef7d480b7c5b9499dedd69fa2f50217edbb93cc146bd87588fe9f6aa249902a0d4949ff1a165bc6bc36d0d0813877e320448d905bc73c394b7ab4f9ec8349af0e635ac532fa3027fb6213b9353ebd1dcd89a20d6ff7664ecb36ff304ad19e040dbf0a7f6ca2aabcebb4355101dfbc39b3ca7e2b98e6ae5eef6c6e18d902977b992e6a632281cac41a4f3da2a3ee5b1bee1aeb5b2937bddc854b49ab3b9acf62cb1843a5e0d103b9b3b3012b42bd57f4b0207a327391365aaaa10461997ab5a5553efc46b4ab1ed7827c95da075193e40c8caeced0d2be25b9b6b534822e9a594b0b3b4bb927b48501f3565d76dd5831326bd66c751ba219c782d244b255b05fc296a8eb34f4b147412bac77cf81042b767166482351a91c96cf2c8dff81301975b1ae80cf16a2592bf62f584987d9a8633c9a009b0e01df116b2f591c99572ae42ddee3526a47007d2c47217901d1e5628b062db16fdb125b3d053ed40f3c32426388e88182f155a2ed26234e5b7179d39c6871959352a468d462cd09955087583a2a3f5cdc21f7a974c9fd2219e4ef8b8a4edac73d0ab0d9ec3fe88eb056ce93adc19eb9aa38414c1d0965e1d734fa2e4a7fe0a49b9be1dd39ab479d73a4884cb97ff99688200b7c07881da7b99cf1e7cad198c28c274cb74105bfa7d0b8f2a1d23c7e54d067302c497e428ebce6e40f174c49d97dc090e62454087a33f4dbb645adb2e433a7f4dde024d745b49f9402859a5e6f34e7be2b6198b86b28416d2fbec847ad34f8f26b29587117dcd8630b533810d93a7944fa8547c6038393b829b2d1c4ad1bb4186277af279632c3580cc220d782a5de8bf575c7cf21f79230ed471bbdf37aa978f021ccb833e61729fde62fad5469f87a443247d86cde858ec31d8b8287f15a0eeb39a4f3f5817880dbe5da760689057d725e7eb6706bc8f352e64f71d4f7650622ed9575173bce245845ab31962fe903783b5d54377fdb42a928b9dc834f4877a6029abd2759ad5852bae518d044d71f77da2061203f353620422e041a8d50419be4f3b9ae02ec970d9d2d65b612bcec7b65f4a9ed5e2fb20c42bd3d2add278453f75f96c5c228a4fc307821442a9e4295d251ce41fb69f4c30ecc5f098e1c6a2ab13b901a0f0c5df9ce8da91a6b5aa2a9206deaafa236136e46aef1389dcf8b3840e2cea35bc4c613f02f46e04f258bab34bc617d568295eea5bd65dc33ed2fb791ed8750261308b2539f4f1f9c8730381cbfbc3973ff9cdb9c76feb3f6b32470739a91504686f8bb6d2e168099c07b6a0a82b18d4cac6cbeaad93ce04d9982a9c98fe7c852513b8e591400e1a009b033382c7974537e0087e12e3cb497758be0ae6e9bbfb8f9aedf11aa5f7fd5e3a15c18cfa44277d105928cfa31e4f24c808441d7427b052ec0c07f2cf531254e3a2ddbdd726a04d18034df3be70fee53f90984cbd68112485dfc7c2351c8b6cf04ce0f3eed0a6a5a656e7c2a0ea974260a5a2dfff987eefd41bfa4979eeb30cac3bb3070d360c301be30364ce27981ab76fc2772ec978696452aba90786f093eb5af9c595cf298377b0bc1b3037a8834036bd01bf2161cea951b89041c9ac3f20881405a58bfa19342c78a9b4c74188ef269909dc79911d70ae003bd50393d3bbdb9b8399e14e40ea0ab8d31cb3234b222e3192228f450a4b93edf825bd2bed98ef86198a1df6a933e72aa17077b9b2909e20fe0606f8b7d7bf6a78e72a6bd01b9ce3876db7a3537cccc6a943250d9e4ceeb010cb525caf8bceb7cf300cafa7fbedf030857be43f881a71ff0f1ec962b7117c340e4be382929d5e000c206e8f1cc2456d903465c64f186b658b6a1113e750758bc5636b7c2ad204384fa438093add47a8f2038bd252d93edb8a21c4b7266b8aeea2ed65d5a0f4b6d9bf2f5366e26dce0c1504ac7389287e7e7bb55968d82ad0f231f2f1b4d33bb83e2f73e08dad9d5c"}) write$cgroup_type(r1, &(0x7f0000000240), 0xfb3f) fallocate(r0, 0x0, 0x0, 0x101) 05:40:31 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c003425ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:31 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x4b8080, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:31 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000b000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:31 executing program 1: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce0009000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 780.149420][T26450] Memory cgroup out of memory: Killed process 26450 (syz-executor.2) total-vm:85348kB, anon-rss:616kB, file-rss:35840kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 780.168969][ T25] oom_reaper: reaped process 26450 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 780.208232][T27181] loop4: detected capacity change from 0 to 131456 [ 780.221383][T27186] loop5: detected capacity change from 0 to 131456 [ 780.222365][T27190] loop1: detected capacity change from 0 to 131456 [ 780.240230][T27186] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 780.248815][T27181] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 780.261478][T27190] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000c01c, mo2=0006] [ 780.268972][T27186] System zones: 1-2, 19-19, 35-38, 46-46 [ 780.275235][T27190] System zones: 1-2, 19-19, 35-38, 46-46 [ 780.277177][T27181] System zones: 1-2, 19-19, 35-38, 46-46 [ 780.287188][T27186] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2150/file0 supports timestamps until 2038 (0x7fffffff) [ 780.293407][T27190] ext4 filesystem being mounted at /root/syzkaller-testdir777756967/syzkaller.UdRgPX/2438/file0 supports timestamps until 2038 (0x7fffffff) [ 780.316314][T27181] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2188/file0 supports timestamps until 2038 (0x7fffffff) 05:40:32 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)={0x24, 0x66, 0x601, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @nested={0x10, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x28}], 0x1}, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r1, r2) getsockopt$IP_VS_SO_GET_VERSION(r1, 0x0, 0x480, &(0x7f0000000040), &(0x7f0000000080)=0x40) 05:40:32 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="f5", 0x1) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080)=0x200000) creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000200), 0x3, 0x800) write$cgroup_type(r2, &(0x7f0000000240), 0x9) r3 = fcntl$dupfd(r0, 0x406, 0xffffffffffffffff) fallocate(r3, 0x2, 0x5, 0x100000001) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f00000001c0)='{-+D[\x92),\x00', &(0x7f0000000600)="0452423a7b7c47dd4930355f316ce449c186808392903838d6f3852842fc5775690b06517d07ba039efe77e8133b7db830fa308d47e4539584de6656960e2fe08163f61c3d36cc4851cfb0b389acb0b84b95e469113894ba945ee770546fd1df09493e86a5bf87377de1a82df5d2f397a3ed94d321e2c59d96523688bf8c66218cc6cbdf5cb7ed4c99b66557af4df3028ac7e06080cf556353809251531586e2271c764961166b14e2e2e907b3b3a77aebbd49e7a453ae8de8c043c765c49fae62e08389e1928093427d5548963240292449bd740dd47dd407f00505178f5dd05999789128", 0xe5) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x8880, 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f00000003c0)='/\x00', &(0x7f0000000500)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00', 0x0) 05:40:32 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') accept4$unix(0xffffffffffffffff, &(0x7f0000000140)=@abs, &(0x7f00000001c0)=0x6e, 0x800) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:32 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000c000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:32 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c003525ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 780.436111][T27567] loop5: detected capacity change from 0 to 131456 [ 780.446188][T27559] loop4: detected capacity change from 0 to 131456 [ 780.465387][T27567] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2151/file0 supports timestamps until 2038 (0x7fffffff) 05:40:32 executing program 1: r0 = socket(0x2, 0x803, 0x9) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000440)={'ip6gre0\x00', &(0x7f00000003c0)={'ip6tnl0\x00', 0x0, 0x27, 0x3f, 0x7, 0x1f, 0xc, @ipv4={'\x00', '\xff\xff', @loopback}, @private0={0xfc, 0x0, '\x00', 0x1}, 0xf800, 0x80, 0x8, 0x100}}) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={0x0, @l2tp={0x2, 0x0, @loopback}, @l2tp={0x2, 0x0, @local}, @can={0x1d, r1}, 0xff, 0x0, 0x0, 0x0, 0xfffc}) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r2, r3) sendmsg$nl_generic(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0x200, 0x34, 0x2, 0x70bd2c, 0x25dfdbfb, {0x1}, [@nested={0x14e, 0x3a, 0x0, 0x1, [@generic="bcb83c46623e4b7ab87cb3918a46638def579e6f6a623a8ba31e1120fc7aeb0395d7db668ecfb4b3c615db8e04afa0e1ec01ffc11e8701db83adde33f65c78fde15dd482e3a2a75d848d3934dcda1db09f87e56fec7357336775d46cc1855b6499fa9e6df9315cb8c8840246b27762a8bc08349cc39bab00a97f7d4f7fb8b8", @generic="70a08791be9f2958ee8629057e64d2266bc3c12808f6bc0f8359a23ee96b6ec646c042a47479bbef1af1539c428478d7e73fb9401560a48f3c193637702b9b0574eb73301324e41a30ba5424ba05c87daf172c7cd515", @typed={0x8, 0x2d, 0x0, 0x0, @uid}, @generic="4f2fbe1984b065074922fd71015a4fc23dcd16227382618296f656ca0f90ec97da1a44e8307f753c4d05b846d0302b1b8e0a911f53a3f7de43eef0204da8e982af22aa2fae1134df85fe", @generic="c578f579ea6d5928f729449e03933cda61056ebe12ddf38c3e17bb", @typed={0x8, 0x69, 0x0, 0x0, @ipv4=@multicast1}]}, @generic="3d85a085792f4f0960eae8bfe3b11ac7597d5024868a091c48644b5ec0f9020c270d886132e4970e6a16afe8bd03ff83a435c904ad933c182c95e71e37057aaad04fce5b9046a2368e903716d0173c16f6e3a8288a82310b34e3d2f3a56ae61a06172fea767e60fc8548b9470aa4b8e95e0fb429c275fd79417e6d9186b6cfa0a745b57703dc8c8c5037835cf5a85c56f28e0047bf75e4dbe1e3c6"]}, 0x200}, 0x1, 0x0, 0x0, 0x2}, 0x4081) [ 780.480335][T27559] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2189/file0 supports timestamps until 2038 (0x7fffffff) [ 780.808279][T27204] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 780.818473][T27204] CPU: 0 PID: 27204 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 780.826949][T27204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 780.836992][T27204] Call Trace: [ 780.840263][T27204] dump_stack_lvl+0xd6/0x122 [ 780.844956][T27204] dump_stack+0x11/0x1b [ 780.849138][T27204] dump_header+0x98/0x410 [ 780.853466][T27204] oom_kill_process+0x18e/0x3f0 [ 780.858383][T27204] out_of_memory+0x5ed/0x890 [ 780.862961][T27204] ? mem_cgroup_iter+0x29b/0x370 [ 780.867904][T27204] mem_cgroup_oom+0x484/0x520 [ 780.872702][T27204] try_charge_memcg+0x736/0xa10 [ 780.877644][T27204] ? __rcu_read_unlock+0x5c/0x290 [ 780.882664][T27204] charge_memcg+0x51/0x1a0 [ 780.887073][T27204] __mem_cgroup_charge+0x25/0xa0 [ 780.892006][T27204] __filemap_add_folio+0x3a8/0x4d0 [ 780.897111][T27204] ? workingset_activation+0x2b0/0x2b0 [ 780.902605][T27204] filemap_add_folio+0x6b/0x150 [ 780.907448][T27204] add_to_page_cache_lru+0x4e/0x70 [ 780.912558][T27204] filemap_read+0x80e/0x1720 [ 780.917197][T27204] generic_file_read_iter+0x75/0x2c0 [ 780.922524][T27204] ext4_file_read_iter+0x1db/0x290 [ 780.927632][T27204] vfs_read+0x66c/0x750 [ 780.931796][T27204] ksys_read+0xd9/0x190 [ 780.935939][T27204] __x64_sys_read+0x3e/0x50 [ 780.940438][T27204] do_syscall_64+0x44/0xa0 [ 780.945021][T27204] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 780.950928][T27204] RIP: 0033:0x7f2e21c2aae9 [ 780.955333][T27204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 780.974930][T27204] RSP: 002b:00007f2e1f9a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 780.983387][T27204] RAX: ffffffffffffffda RBX: 00007f2e21d3df60 RCX: 00007f2e21c2aae9 [ 780.991532][T27204] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000006 [ 780.999537][T27204] RBP: 00007f2e21c84f25 R08: 0000000000000000 R09: 0000000000000000 [ 781.007515][T27204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 781.015483][T27204] R13: 00007ffca696e22f R14: 00007f2e1f9a1300 R15: 0000000000022000 [ 781.023594][T27204] memory: usage 307200kB, limit 307200kB, failcnt 68177 [ 781.030544][T27204] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 781.037416][T27204] Memory cgroup stats for /syz2: [ 781.047291][T27204] anon 2387968 [ 781.047291][T27204] file 306638848 [ 781.047291][T27204] kernel_stack 344064 [ 781.047291][T27204] pagetables 2129920 [ 781.047291][T27204] percpu 0 [ 781.047291][T27204] sock 0 [ 781.047291][T27204] shmem 306561024 [ 781.047291][T27204] file_mapped 0 [ 781.047291][T27204] file_dirty 0 [ 781.047291][T27204] file_writeback 0 [ 781.047291][T27204] swapcached 0 [ 781.047291][T27204] inactive_anon 5652480 [ 781.047291][T27204] active_anon 303280128 [ 781.047291][T27204] inactive_file 0 [ 781.047291][T27204] active_file 0 [ 781.047291][T27204] unevictable 12288 [ 781.047291][T27204] slab_reclaimable 1266688 [ 781.047291][T27204] slab_unreclaimable 1428808 [ 781.047291][T27204] slab 2695496 [ 781.047291][T27204] workingset_refault_anon 0 [ 781.047291][T27204] workingset_refault_file 71193 [ 781.047291][T27204] workingset_activate_anon 0 [ 781.047291][T27204] workingset_activate_file 577 [ 781.047291][T27204] workingset_restore_anon 0 [ 781.141768][T27204] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=27189,uid=0 [ 781.157103][T27204] Memory cgroup out of memory: Killed process 27189 (syz-executor.2) total-vm:85348kB, anon-rss:568kB, file-rss:35500kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 781.175702][ T25] oom_reaper: reaped process 27189 (syz-executor.2), now anon-rss:0kB, file-rss:34492kB, shmem-rss:0kB 05:40:33 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:33 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) umount2(&(0x7f0000000140)='./file0\x00', 0xe) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(&(0x7f0000000180)=@nullb, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='ecryptfs\x00', 0x1000, &(0x7f0000000280)='cgroup.subtree_control\x00') r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) symlink(&(0x7f0000000300)='./file0\x00', &(0x7f0000000380)='./file0\x00') openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:33 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000d000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:33 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001680)=[{&(0x7f0000000080)=""/48, 0xfffffffffffffd8a}, {&(0x7f0000000180)=""/85, 0x55}, {&(0x7f00000000c0)=""/6, 0x6}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)}, {&(0x7f0000001280)=""/132, 0x84}, {&(0x7f0000001340)=""/159, 0x9f}, {&(0x7f0000001400)=""/131, 0x83}, {&(0x7f00000014c0)=""/172, 0xac}, {&(0x7f0000001580)=""/27, 0x1b}], 0xa, 0x20, 0x4) mknod(&(0x7f0000000000)='./file0\x00', 0x1120, 0x0) open(&(0x7f0000000040)='./file1\x00', 0x185002, 0x82) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000100)='./file0\x00', 0xff00, 0x0) creat(&(0x7f0000000140)='./file0\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000001240)={0x0, r0, 0x8, 0x7fffffff, 0x4, 0x6}) 05:40:33 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c003625ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 781.398090][T27819] loop5: detected capacity change from 0 to 131456 [ 781.423631][T27923] loop4: detected capacity change from 0 to 131456 05:40:33 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000140)='./file0\x00', 0x0) 05:40:33 executing program 1: prctl$PR_SET_FPEMU(0xa, 0x0) prctl$PR_SET_FPEMU(0xa, 0x2) prctl$PR_SET_FPEMU(0xa, 0x1) prctl$PR_SET_FPEMU(0xa, 0x0) prctl$PR_SET_FPEMU(0xa, 0x1) prctl$PR_SET_FPEMU(0xa, 0x2) prctl$PR_SET_FPEMU(0xa, 0x2) prctl$PR_SET_FPEMU(0xa, 0x2) prctl$PR_SET_FPEMU(0xa, 0x2) prctl$PR_SET_FPEMU(0xa, 0x0) prctl$PR_SET_FPEMU(0xa, 0x1) prctl$PR_SET_FPEMU(0xa, 0x2) prctl$PR_SET_FPEMU(0xa, 0x2) prctl$PR_SET_FPEMU(0xa, 0x1) prctl$PR_SET_FPEMU(0xa, 0x0) prctl$PR_SET_FPEMU(0xa, 0x2) prctl$PR_SET_FPEMU(0xa, 0x0) prctl$PR_SET_FPEMU(0xa, 0x3) prctl$PR_SET_FPEMU(0xa, 0x1) prctl$PR_SET_FPEMU(0xa, 0x1) [ 781.464380][T27819] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 781.491067][T27923] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 781.525186][T27819] System zones: 1-2, 19-19, 35-38, 46-46 [ 781.534949][T27923] System zones: 1-2, 19-19, 35-38, 46-46 [ 781.557452][T27923] ext4 filesystem being mounted at /root/syzkaller-testdir237630786/syzkaller.oB18Ed/2190/file0 supports timestamps until 2038 (0x7fffffff) 05:40:33 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000580)='.-@&:(*\x00', &(0x7f00000005c0)="e5", 0x1) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000180)='}%)[-\x00', &(0x7f0000000700)='\x00\x00}\x95\xecP0\rL\xf4\xc6\x97\xf7\xfe\xfe\xbe\n\x7f\x8e\xb6\xdaZ=U\x06G\x11\xd6\x18\x9e14W\x01\xc9{\xca\xccJ\xc5;\x8e\x8f,g\xab\n\xdf\xf9\xc1\xe3\xc5\xde\xd8\xd7\x85i\xc7(0\xb9\x87v\xe5Z\xc9\x7f\xfbKf\x9d[a?C\xcf\x04|\x80\x19Px;\xbeM>=\xa1\xd1\xaa\x05\\\xb60\xcbt\xaf\xc5\xb1\xf0\xe7\x84\xfcc\x1eU\xaf$$\x0e\x00\xa9\xb0\x98\xdbq2\xc1\xf5\xf9i~rv\xa6\xf5zd\xf0\x91v))o\x0fgJ|\xe0\x15\x98\x7fQ%\x16\x00\x8e;', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000280)='binfmt_misc\x00', &(0x7f0000000300)='%S*[\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000480)='.-@&:(*\x00', &(0x7f00000004c0)='\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000340)='^\x00', &(0x7f0000000380)='9', 0x1) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000001c0)={0x400, 0x1, 0x1}) symlinkat(&(0x7f0000000140)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00') mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:33 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="300000000104010100000000001000000000000005000100010000000a00020000000000010000000800034000000000"], 0x30}}, 0x0) 05:40:33 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$OSF_MSG_ADD(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000380)={0x268, 0x0, 0x5, 0x101, 0x0, 0x0, {0x5, 0x0, 0xa}, [{{0x254, 0x1, {{0x2, 0x400}, 0x81, 0x2, 0x80, 0xd, 0x1f, 'syz1\x00', "17b15f52eff8e014c15fa9a1b9b5128339db56fc8f6097205a0b59d6d06e5bf3", "987f4db44f59662af6252eaa1af64a13abc3106d1537ceaf52ce2ed889f25fb6", [{0x7fff, 0xff, {0x3, 0x3}}, {0x20, 0x0, {0x3, 0x20f9}}, {0x40, 0x7, {0x3, 0x5}}, {0x8000, 0xa00, {0x0, 0x4}}, {0x552b, 0x1ff, {0x3, 0xcce}}, {0x0, 0x7ff, {0x2, 0x200}}, {0xff, 0x5, {0x3, 0x3}}, {0xf513, 0x5, {0x2, 0x7}}, {0x8, 0x1, {0x1, 0x2}}, {0xfff, 0x8, {0x2, 0xffffffff}}, {0x68, 0x40, {0x1, 0x7}}, {0x5, 0x80, {0x3, 0x1}}, {0x6, 0x2, {0x3, 0x20}}, {0x8000, 0x9, {0x3, 0x6}}, {0x8000, 0x4, {0x2, 0x5}}, {0x8, 0x4, {0x0, 0x1}}, {0x1, 0x9, {0x2, 0x6}}, {0x2, 0x3043, {0x1}}, {0x3f, 0x100, {0x0, 0x5}}, {0x7, 0x101, {0x1, 0x8}}, {0xfff, 0x8000, {0x3, 0x9}}, {0x6, 0x0, {0x1, 0x616}}, {0xff81, 0xff, {0x1, 0x800}}, {0xb9, 0x0, {0x0, 0x4}}, {0x7, 0x5465, {0x2, 0x5}}, {0x13d, 0x0, {0x1, 0x8b}}, {0x6, 0x81, {0x0, 0x401}}, {0x6, 0x0, {0x3, 0x115}}, {0x9, 0x4000, {0x2, 0x3}}, {0x4, 0xfffb, {0x3, 0x8}}, {0xb0d5, 0x7, {0x1, 0x5}}, {0x5, 0x2e, {0x3, 0x517f}}, {0x1ff, 0xe0fe, {0x3, 0x14}}, {0x12, 0x0, {0x0, 0x2}}, {0x768d, 0x7f, {0x3, 0x3}}, {0x80, 0x635, {0x946cea2760c31c82, 0xffffff15}}, {0x2, 0x101, {0x0, 0x4}}, {0x2, 0x0, {0x1, 0x9}}, {0x100, 0x8, {0x3, 0x3}}, {0x7, 0x20, {0x3, 0x1}}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0x2040800}, 0x12) creat(&(0x7f0000000300)='./file0\x00', 0x9f) dup2(r2, r3) mknodat$null(r2, &(0x7f0000000140)='./file0\x00', 0x80, 0x103) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) [ 781.572323][T27819] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2152/file0 supports timestamps until 2038 (0x7fffffff) 05:40:33 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = dup2(r0, r1) sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x4}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x55}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r3, r4) ioctl$PTP_PIN_GETFUNC2(r4, 0xc0603d0f, &(0x7f0000000400)={'\x00', 0xed, 0x2, 0xee0a}) sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, 0x0, 0x10, 0x70bd25, 0x25dfdbfb, {{}, {}, {0x8, 0x11, 0x401}}, ["", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x44}, 0x5a3ec8d25019155b) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount$cgroup(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="7d61eda14059a0cc5a7ff6f093ee8f975e653dfe2c6e6165020000d8af"]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000380)={0x0, 0x0}, &(0x7f00000003c0)=0xc) ioctl$FITRIM(r2, 0xc0185879, &(0x7f0000000500)={0x10001, 0x4}) setxattr$system_posix_acl(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000340)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010002000000000002000200", @ANYRES32=0xee01, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="c0874834abb3", @ANYRES32=r5, @ANYBLOB="04000a000000000008000600", @ANYRES32, @ANYBLOB="10000500000000002000060000000000"], 0x44, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r7 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r6, r7) execveat(r6, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)=[&(0x7f0000000580)='{}/}\x00', &(0x7f00000005c0)='setgroups\x00', &(0x7f0000000600)='bb\x00', &(0x7f0000000640)='\x00', &(0x7f0000000680)='\x00', &(0x7f00000006c0)='\x00', &(0x7f0000000700)='*-{+{\x00', &(0x7f0000000740)='\x00'], &(0x7f00000009c0)=[&(0x7f00000007c0)='bb\x00', &(0x7f0000000800)='setgroups\x00', &(0x7f0000000840)='\x00', &(0x7f0000000880)='-\x86\'*\x00', &(0x7f00000008c0)='system.posix_acl_access\x00', &(0x7f0000000900)='.-#\x00', &(0x7f0000000940)='system.posix_acl_access\x00', &(0x7f0000000980)='\x00'], 0x400) 05:40:33 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000e000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) [ 781.659939][T28339] cgroup: Unknown subsys name '}a@YZ^e' [ 781.739351][T28545] loop5: detected capacity change from 0 to 131456 [ 781.755169][T28545] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 781.767205][T28545] System zones: 1-2, 19-19, 35-38, 46-46 [ 781.773305][T28545] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2153/file0 supports timestamps until 2038 (0x7fffffff) 05:40:33 executing program 2: r0 = fsopen(&(0x7f0000000040)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='+^\x00', &(0x7f0000000940)='zdlent\x00\xdd\xcb\xa1\x1d2\x93\'\x947\x9a\x10\x84~\xde\xe1\xae\xd8\x99\v4\x1b\x91N\xbc\x18\xe4$k\x06z\x95\xb6\"\xd3\xd3\xb7l,`Y73\xbe\x03\x91\xedZ\xd1\xc4\xe8\xbf\xdc\xcf\xd8\x8a\xb1\x80\xe3\xe1l\x1f0\x1e{\x9f\xd5\xcdg\xcf\x9c\'\xeb\x06uP(\';a\xed\xbf9\x03\xc1\xe5\xb2\xa4u\x1f\x12\xe9\x16\x97Qv\x9ac\xad\x86`\xcdm%]\x97m\xf1\x84\xc5)G\xb7\x17\x01\x8a0\x81z\x1e\xe5\x13\x842?\x97BYF6\xd0\x9d\x19\x8ff\xf6\xa5c x\x0e\xd6\xbc\xbe\x136l6j8\xf0\xcc\xfa\rq\xf0d\r\xe3\x14/O\xf0\xa7@\x97A\xd7\\\x85_H3\xe3\x1f;:(u\xd4\x10=E\xff\xf9\x9e\x90\x00S\x17\xf8\xb0\xd7&\xe0\xcd\xcd\xd2]\xb9\x1a\x8a\x1a5<\xc6\xe6\xd3\xf0oR\xa7=\x10s/]\xa0\a\x8b{\xc6fx[\xa4fV\x83^%\xfd', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000400)='binfmt_misc\x00', &(0x7f0000000440)='\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='%[*\'-).-[,\x00', &(0x7f0000000840)='\x00 \x00\x00\x10U\xc0\xef8)\xda\xa5\xde\x8dG\a\xbbE\x17\xe5\x93\xa0\xac\xe2+d\xb8\xcb?\xa7\x8a\xd2\x9f\x89\x14\r3\x85\x91\x94\xc4\xe7\x7f2\xb7\xd1Bh\x1emd\xcfp\x01\xe1Hcw4\xe8x\xac\x11\xa2\xe9\x02\n\xe93\xf0,\xc7\xe0q\xe9H~\x9d\x88U\xc4\xdd-\x1f\x94\x97v\x80\xb2\x88j\xda\xd9\x1c)>\x95\x00d\xc6\xc5\x87ws\xcd\xbc\xfc\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r1, 0x406000) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) chown(0x0, 0x0, 0x0) ftruncate(r2, 0x2008001) r3 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 05:40:33 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c003725ce0000000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:33 executing program 1: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000100)="5500000018007fd500fe01b2a4a280930a06000000a843089100fe8004000800080010000f0000002d000f009b2c136ef75afb83de448daa72540d8102d2c55327c43ab82286ef1fdd20652383656d4d24", 0x51}, {&(0x7f0000000080)="02044911", 0x4}], 0x2}, 0x0) 05:40:33 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) mount(&(0x7f0000000140)=@filename='./file0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='udf\x00', 0x6fe2b5c61fe719c5, &(0x7f0000000200)='cgroup.subtree_control\x00') unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) 05:40:33 executing program 5: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000025ce000f000f000000010000000000000000000000002000000020000220000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000100000001000000000000000b00000080", 0xff71, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000013800)) 05:40:34 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000400), 0x2, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r1, &(0x7f00000002c0), 0x2, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='setgroups\x00') r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup2(r2, r3) write$cgroup_subtree(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="2b70696473202b6e65745f636c73202b696f2008000000665f203b626c6b696f202b6d656d6f7279202d626c6b696f200d1bf416b6bf5732be3d162255ae620bd4ff04df9212264d5a49fba4a0ad018fe91637d8276520a6c9"], 0x3c) open(&(0x7f0000000280)='./file0\x00', 0x40000, 0x1e5) mount$bind(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x81022, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) lstat(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$tmpfs(0x0, &(0x7f0000000500)='./file1\x00', &(0x7f0000000540), 0x800, &(0x7f0000000880)={[{@huge_always}, {@nr_blocks}, {@mode={'mode', 0x3d, 0x1}}, {@huge_within_size}, {@nr_blocks={'nr_blocks', 0x3d, [0x78, 0x39, 0x67, 0x30]}}, {@mode={'mode', 0x3d, 0x3}}, {@huge_never}], [{@subj_type}, {@fsmagic={'fsmagic', 0x3d, 0xfffffffffffffffd}}, {@fowner_lt={'fowner<', r5}}, {@dont_appraise}, {@fowner_eq={'fowner', 0x3d, 0xee01}}, {@smackfshat={'smackfshat', 0x3d, 'cgroup.subtree_control\x00'}}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}]}) fsetxattr$trusted_overlay_upper(r4, &(0x7f0000000200), &(0x7f0000000440)={0x0, 0xfb, 0xaf, 0x2, 0x80, "59e2eac6aa788ae6c254365ef774051b", "15e36d1bb37b49e3f5b7e3e8259296122098131b8975a81d523d3ea058901c580f54927e8aa0a589b0a243dc8f1f4051665738fd1e429d14f07079d45944f5cba76f36638b8ba5e89ced6a1e667de3b0ffd39f7303e3d73ac68ce73d69d61d023a6925aadd169487c92affe3dbd4934f16d76b92b53a8d5c76284eeac333e6d7a77fca8e732fa81a37fc4b9ba7b5d71046d2807d734bae1c7f56"}, 0xaf, 0x3) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) chdir(&(0x7f0000000300)='./file0\x00') [ 782.276872][T28551] netlink: 'syz-executor.1': attribute type 15 has an invalid length. [ 782.282314][T28552] loop5: detected capacity change from 0 to 131456 [ 782.289832][T28555] loop4: detected capacity change from 0 to 131456 [ 782.314699][T28552] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 782.348261][ T23] kauditd_printk_skb: 38 callbacks suppressed [ 782.348273][ T23] audit: type=1400 audit(1635831634.030:794): avc: denied { remount } for pid=28661 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 782.348685][T28552] System zones: 05:40:34 executing program 1: syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200", 0x12}], 0x0, &(0x7f0000000b80)=ANY=[@ANYRES16=0x0, @ANYRES16=0x0]) open(0x0, 0x0, 0x60) open(&(0x7f0000000100)='./bus\x00', 0x1a181, 0x20) chdir(&(0x7f0000000000)='./file1\x00') r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="2321202e2f627573200000000000000000002025207d7d565ff6bbcf82b791"], 0x1f) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001cc0)={{{@in6=@rand_addr=' \x01\x00', @in=@rand_addr=0x64010100, 0x4e22, 0x1000, 0x4e24, 0x6, 0xa, 0x0, 0x80, 0x1d, 0x0, 0xee00}, {0x137, 0x4, 0xffffffffffffff02, 0x0, 0x800, 0x9, 0x100}, {0x8, 0x10000000000, 0x0, 0x8}, 0x800, 0x6e6bb2, 0x0, 0x1, 0x0, 0x3}, {{@in6=@private0, 0x4d4, 0x3c}, 0x2, @in6=@empty, 0x3504, 0x0, 0x0, 0x20, 0x9}}, 0xe8) ftruncate(r0, 0x800) lseek(r0, 0x0, 0x2) r1 = open(&(0x7f0000000000)='./bus\x00', 0x86000, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) chdir(0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000049cc0)={0x6, [], 0x7, "45146335e226df"}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f0000000080), 0xffffffffffff0000, 0x0) sendfile(r0, r1, 0x0, 0x8400fffffffa) [ 782.354412][ T23] audit: type=1400 audit(1635831634.030:795): avc: denied { setattr } for pid=28661 comm="syz-executor.0" name="PACKET" dev="sockfs" ino=125744 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 782.358045][T28555] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0006] [ 782.374920][T28552] 1-2, 19-19, 35-38, 46-46 [ 782.417110][T28552] ext4 filesystem being mounted at /root/syzkaller-testdir254099381/syzkaller.vJDvG0/2154/file0 supports timestamps until 2038 (0x7fffffff) [ 782.433689][T28555] System zones: 1-2, 19-19, 35-38, 46-46 [ 782.433889][T28668] loop1: detected capacity change from 0 to 87 05:40:34 executing program 4: time(&(0x7f0000000180)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4030014, 0x3,