last executing test programs: 2.22602045s ago: executing program 4 (id=263): bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@stripe={'stripe', 0x3d, 0x1}}, {@noauto_da_alloc}, {@noblock_validity}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@i_version}]}, 0xfc, 0x550, &(0x7f0000000340)="$eJzs3d9rW1UcAPDvTdv91nUwBvoghT24MZeurT8m+DAfRYcDfZ+hvSujyTKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH3yJ3PSmy9akzdpszcznA7c9556bnnty7vf03JyEBDC0JrIfhYjXIuLbJOJwW9lo5IUTa8etProxm21JNBqf/ZVEku9rHZ/kvw/mmZMR8dvXEacKG+utLa8slMrldDHPT9YrVydryyunL1dK8+l8emV6ZubsOzPT77/3bt/aevLCPz98eu+js98cX/3+lwdH7iRxLg7lZe3t2IGb7ZmJmMifk7E499SBU32obJAku30CbMtIHudjkY0Bh2Mkj3rg/++riGgAQyoR/zCkWvOA1r19n+6DXxoPP1y7AdrY/tG110ZiX/Pe6MBq8sSdUXa/O96H+rM6fv3z7p1si/69DgGwpZu3IuLM6OjG8S/Jx7/tO9PDMU/XYfyDF+deNv95q9P8p7A+/4kO85+DHWJ3O7aO/8KDPlTTVTb/+6Dj/Hd90Wp8JM+90pzzjSWXLpfTbGx7NSJOxNjeLL/Zes7Z1fuNbmXt879sy+pvzQXz83gwuvfJx8yV6qWdtLndw1sRr3ec/ybr/Z906P/s+bjQYx3H0rtvdCvbuv3PV+PniDc79v/jFa1k8/XJyeb1MNm6Kjb6+/ax37vVv9vtz/r/wObtH0/a12trz17HT/v+TbuVbff635N83kzvyfddL9Xri1MRe5JPNu6ffvzYVr51fNb+E8c3H/86Xf/7I+KLHtt/++jtrocOQv/PPVP/P3vi/sdf/tit/t76/+1m6kS+p5fxr9cT3MlzBwAAAAAAAIOmEBGHIikU19OFQrG49v6Oo3GgUK7W6qcuVZeuzEXzs7LjMVZorXQfbns/xFT+fthWfvqp/ExEHImI70b2N/PF2Wp5brcbDwAAAAAAAAAAAAAAAAAAAAPiYMS+Tp//z/wxsttnBzx3vvIbhlf3+M9L+vFNT8BA8v8fhpf4h+El/mF4iX8YXuIfhpf4h+El/mF4iX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqwvnz2dbY/XRjdksP3dteWmheu30XFpbKFaWZouz1cWrxflqdb6cFmerla3+XrlavTo1HUvXJ+tprT5ZW165WKkuXalfvFwpzacX07EX0ioAAAAAAAAAAAAAAAAAAAB4udSWVxZK5XK6KCGxrcToYJyGRJ8Tuz0yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBj/wUAAP//bt441A==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ioprio_set$uid(0x3, 0x0, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d) sendfile(r1, r0, 0x0, 0x7ffff000) 1.47761946s ago: executing program 4 (id=284): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) r2 = socket$packet(0x11, 0x3, 0x300) bind$packet(r2, &(0x7f0000000040)={0x11, 0x19, 0x0, 0x1, 0x1, 0x6, @broadcast}, 0x14) 1.344013402s ago: executing program 0 (id=295): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) ioctl$TIOCSSOFTCAR(r0, 0x5453, 0x0) 1.343863342s ago: executing program 4 (id=296): mkdir(&(0x7f0000000400)='./file0\x00', 0x101) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r0, 0x0, 0x30, 0x1, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40) 1.343671552s ago: executing program 0 (id=297): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', 0x0}) prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00') r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r2}, 0x10) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r0, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 1.319412592s ago: executing program 0 (id=300): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x189) syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000280)='./file1\x00', 0x4800, &(0x7f0000000600)=ANY=[@ANYBLOB="26f3a023f330bb11210654972e79d584aff7978ea30bcec608b02ac6ec0bec23cb0063b37b5812025f224ad642479501f4b0bfb0664ffbaff50b1e4c9846f64f8830dac33540902585bdfd2d41a8cc0a258558225a41956f76626145ad500208ecb705681602e911ccfff73e6950dd759dbba19f7d6135a2e2a68336fe3da7d3a70db1a6fcd8ea941a64003ffee05fe1e95d62d32e17de9d8bad6a", @ANYBLOB="8115b31ac017b6cdeb8b0783b9ac10488a21fbb431c7c96077030ce111291daf11ef066561eb808b2d98e0187310c3a0f88c5fab75c5aa5d5b5f4871a26dcdca350457908629912d333f6235655df3b0432258471914ea09958e5cb85ae3c748b950fa9558", @ANYRESOCT, @ANYRES8, @ANYRESOCT, @ANYRESHEX, @ANYRES16, @ANYRES8], 0xf9, 0x11ff, &(0x7f0000000f00)="$eJzs3E+LHEUYB+A348bdbNw/aowmBy3w4qnJ7sGTIItsQHZAiVkhEYSO26vDtjPD9LAwIkZPXv0cnr0JfoO9+Bm87cVjDmJLurMmEyeRHLIDyfMcpl+q6kd1wTDQQ1Ufv/fT1wf7Vbafj6Nz5kx0hhHpTooUnTjx5k57vXFzZ6vb3b6W0tWt6xvvppRW3/rts28XI+L8p7+s/roYR+ufH/+5+cfRxaNLx39f/6pXpV6V+oNxytOtwWCc3yqLtNerDrKUPi6LvCpSr18Vo6n+/XIwHE5S3t9bWR6OiqpKeX+SDopJGg/SeDRJ+Zd5r5+yLEsry8Ejnf3/Ibs/36nrOqKuz8aLUdd1fS6W43y8FCuxGt9HxMvxSrwaF+K1uBivxxtxqRl1GrcPAAAAAAAAAAAAAAAAAAAAz4/Hnf9fi3Xn/wEAAAAAAAAAAAAAAAAAAOAUfHLj5s5Wt7t9LaWliPLHw93D3fba9m/tRy/KKOJKrMVf0Zz+b7X11Q+721dSYz1+KG/fy98+3H2hzd/9uJvfaF4ncC+/0PSd5DfafJrOL8byg/NvxlpcmD3/5sz8Urzz9gP5LNbi9y9iEGXsNXPfz3+3kdIHH3Ufyl9uxgEAAMCzIEv/mvn8nmWP6m/zT/D/wEPP1wtxeWG+ayeimnxzkHfKYtQU5Umx9J8WxWOKxemWzlOaqxNzX6niWS3OxXTLvH+ZOA33vwbzvhMAAAAAAAAAAACexFPeV7gQM3aWvT+fpQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAAAD///7lyMc=") socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10) sendmsg$unix(r2, 0x0, 0x0) recvmmsg(r3, &(0x7f0000001140), 0x700, 0x2, 0x0) write$binfmt_format(r1, &(0x7f0000000000)='1\x00', 0x2400) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x187842, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r6, 0xc028660f, &(0x7f0000000240)={0x3920e, r0, 0x3, 0x1, 0x5}) 1.203850924s ago: executing program 4 (id=308): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x1008}, 0x18) sync() 1.203331234s ago: executing program 2 (id=310): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x12, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @cgroup_sock_addr=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r5, @ANYRES32=r4, @ANYBLOB='&'], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r5}, &(0x7f00000003c0), &(0x7f0000000080)=r1}, 0x20) recvmsg$unix(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000004000)=""/4071, 0xfe7}, {&(0x7f0000000300)=""/78, 0x4e}], 0x2}, 0x40020000) sendmsg$inet(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000d00)="dfbbc728e801c3cc0a54630dbe1c8a0904960f98e68961cb6b9a3c32d4d2d7c476819f9b9b815eba43e318e6fa807ad1a3f048a7239c74e33cd51492f1290fefa777dfbebb9b26869ad32f104fc4b857ed0607a28b6672c259d39ca73d5b8c419244182b4322f786812dd2d73c48b2b6a0faa0b5f477c9f6b31ca470b16273d1b54357635bd527c7c8b4577d330a1b2e4d55749e1ff2f97636231f038eb88fc3de9648d5fb8a9b98cd46aeb44740f65e408a7d23f36f2e7ddd1d22f4f77defbff9ac6690d5bb19154f2eae60dcf3fa023284a5271014edf23bc02d0315f4bc372ed26345ad432f4365", 0xe9}, {&(0x7f0000000280)="39d8cd36ba397f9731acb2f36b8f29", 0xf}, {&(0x7f0000000e00)="5a4ce644230e1c53939feb4bd877536a852a278f35c5724cfb6752df1b96d04654f267dc103459187c8a0bd6f6226020d75760558d290c4336ddeae48fee6cb6e6d3f33aac887bf581eaf6ecc026240f512a5cd8eb7e04a6d02b080b88064aaac4e562bf670731d60806c3ddb013cbb84795760e36eabd57e5c4379933ba34d67bf7900a0c9fd444a6ff0402837fa0f885a66f38a236119ac1c1c6df", 0x9c}, {&(0x7f0000000840)="05ce83d64cf8bec0aed03484cd410c5fae8dcc8a7366681fdd56", 0x1a}, {&(0x7f0000000ec0)="4e044cf84412afd3f21fe2687827fc567e4759045b717532d8f7a4608a08e2d16a20dc03aee67db2380c870f2cdf9e6058fad01540ef02463f6ed77a5d45b37b15dfd9965ee88ca8e2d6d47758ba0463357a5d562258db1c529c06b21cff8c8a19ffa1029f94fea4e0d628073c435df4b21a6394551dcac3007945c91bcf300b08dcdd430320d25e1ec7f88a4f71ec7c15f83c6e66e12ce8e84568a6ac468d6403aa8910f830e62400d37fc872da806b194723d5b4c87b72574e9092a174a0000f85e6a27dbe1616aad16b", 0xcb}, {&(0x7f0000000fc0)="a84f802e3baea81fe8d8b22f3c4828e3d4199474a8b0e72c1e4ff65dd137215b95f6f002da", 0x25}, {&(0x7f0000002d00)="842432712a0720747e67ecf02010a39fa98a1663d8fa94a38a4cffafe50c5088e697ab5e2b43a0c730aaccd610b5cc9634cccb2752bd394f9e2af731fc3bf25057fe80866203bd64e7b25fd81f854a1c3bf972132a8c622f5d20cff59f720acbd64503f536d727582cf74c161b0541ad285720c86b2e3aebf6f29b04d218a3ccf1ea16fa77048af7c80f20cb83f02d09aebd740c8135281b42b4ab7abd5952f64f74aa7dbb011568e29497bb4d254ff70498fb45979266db56150f3b20c01ce973207b2fc4ba9b02e98d77c71ba58ca7b1660d1cac4a972270a6bdfade13a440b614a2f8fc0c373eece421829b5a95612e25bd331ecf953fb983f9db44050acdfa03a16229671efc3aad9eb7bf7bf0e5205b2d393407b8334037af81672e478e5c016fdb9b722d4fd761c8f63ff019ef5c2b3eaa632ec62067282f7346485702a7cf8d8dee32704f69a3f97a074834b11005ceb50a2f45c9c395402c6392ecb33b194f3fd5f5da667b5565e2a472642aad3ebe2af28d556fb13152be8b4ede385188e229aa3d985bc7f9a182828550b0530117f698d75d84c7dd4f0fceca309ce0281abac0fc4b08f4d9139307653c28cbc7cd65811f3790c538b6f0966a78ecfeb7b5fbd221ac657c58b4a43ac4a0f2127b5cbf8db86db6667ee39591dfa506ed7a81dc4db8537400b3a9decd3d326b38406414e478222f7a5b4b02ae8442dbcad5d203c182d340c9c97b2ac16906dd4dc3767ce39580651f1061673332d33e75b3fca1d935163e1ae3b56d987dd918f978139883ebf25b8b8509e8df18a2492ba553217f7dc23bc918105c92963fb5d3dff0e922e422722a3c00b604e537b9d54377f8bd2aa4c331af85603c0732963d527d28396a9965b27a044aeff5fb4bc1599dea6e925485197e08637357e512051cb035e6e48c3786bf2a9dbe75d5a8aed38779f9553b443726b66e9418e76b95533b4547222ba828c4ceb3051131126ecebc043da9776487124ed2f6d718a0441e7f21290d0da258185d87bdde9092dd2975d3c417af35c5864a6685bfe953c36187031275d39628ab2e67381f3482e0e3bd1f15fae004c411169928fe7c4774c61a6995275e2a55d8059beade5279fec9f33a367e9869f397d87d0dc0d985a582d0a9ec715886e4d8de93813cbd8f2d9b700fa5bb29de40ac08a542757ad06fe9d872f115bc7bbfc2f455619c633ab875421a5041e15d1fc9f4c031f5ca5714037cab00765ee5fbe031ec8f83958e97ad2e199b67ba70c67b71443a09e45777ff03011835b3bcae49f14facca5a8ce293a99e675634f6da803a31e5f226e6ae7d8992a93e1ffeda7752190181cc2385e592113b2289a7fd8da673266a3cdf502cf9ae9193182995dad0da21d40f692926482a5ec268d49bf99ae00c0d8ee494f41f0dab229c771315961831b55bca7cde1c47ff5d7dc76f3b3f35cd7448ff49ad483f3f4d8ba63d7b02ac04a0eb7aff29c1ed8b418ddb820a7c3f608bd065f55b8880f3a335fee8d62d6a5cb2c6c6ff265f1d613fe5593a8db6abd1b3a8f5cf91b05588c8eaa43a8bafb629855044a541ec9af4c45586453aedb5be687ab1fd2ff125b0d1a7016e813028f20534400b11a456e116b478c8b04eca6a689c8e06aa45b2048dc245f6d063515cdc5210fcca21837eda707cd5bea583e5eb7f2e6cd27ccc838ac95e32db363e161dacfc2a257646bc4e0250ae60d88f2133170976020ecc7cd4873b2102d8966821b6fd38ed176741e61832a79e3d443106e71486d95c2e0febf9ee93c5975855e2b63db81b6e1963e666d39dc9842a311821f11db823636a2b05a68c3eef4547fe86b7ce06b185e8b6b112b88b4df8831c412f997e4aebfa98e3e5f3e091391df11dad8e6a2f4d97a3d9fa85323db32946068928862a719335d50e0569f5eecb053588d88db1c55068ccafb65025d7b5a5ccc50ac0aa82c153eeab5e4ad6d79411e2787af06a28a4483b9a9846fe3de8cc8ad9c3dbbb90c83a9d9850a644cf0728f7c92a77baeb6d2e6c03f2fe75a6c7d6adc2f9d53c12983a562f3fc914071f492538a3afedcd0d64e8e927269c6833e075c1ffa6d176bc1b33fe31e04c6713b6c2aeb6a41ca93336444eb79346129f4d782dfd3cef2f9df5a3c77b98ede90f8c93c9a83077c38543e1d46ecef77d4b7cc864bb41ad185882e5414bf0e385abfd3ca7d6b0ca5e85f3d2033433b115af83ded7e4c7b5431801df47ec89656fcc93866a56e1a8a9ae626d7fde8ec09d47acd5b1a2ae78da6f341aec101b4a6f698510836845ce2ace11fc454a449ec26213047f3621ccf013db0f092ab8fd2978a020cbeeccad36c44e2f71b6db8a37626476d7d303715dccd9472371c6b05bf0ae938a0022f81dd0ad93d82607521583af1ec75bdacd42b358d3a68ea1b59f2b171b5303e66f31d6eec19c6a2c7fd27099fa226795d49d9eb565566a584e8e6d672180d2a3fdb38d7194fbaf80aab7cfb045c959fc572036f67c3b1e1be4a3eff25d74f71ebf6d0a0d717886211cd3d48fbaff9c24fcfb4e4ea213b0a40c0e9af778f28931886a665bd394a1238004b9c306b2aae47c46330d2ff4050cc91a36668117c5fb2ef72a313386e52ace9775b4a80c43b310b894a851014575e6167ffee98dcd10c7dbc1d607b8b594467b888b762e3b8ba93855d3b788833989e5c1e9cbd385e8a7b5a6c4eec79577b08146b9d0b94a39b8a8cea83323524715a8287f12054202500801a5d4cc55af79daa1f738bb112a938b52a5bc98411bf51d1bb838f7540ca01daa7f078af7b3796a45f8dc2514ae693085c59a20e6410313e452127513d2bd78e6da50fe9c6896365bf840e45b8e34c5ed2a09e5a2f44fb1dfc779704113e7c44fa2f96e3994c1ab7a9db45749343158a8603db0419a293c1cfac75dae89f20a5f3638ca3a4c0d40ef0fb877995aa7448699590574ee8a94ba7c71bd57c68db07d785ce6874c1e6967af937e53b42acbeccdf9af1fd313dd24087d503cbb7695fc757cc0cf3cf331924862a4ce7b29205ea71752a99919f178c4324cde06ea2f2b28d7ebbb354e39699fc1af9a3b2cc0b6860bdb51fbe77d14cc24279af3e3660a3b2712b112e55d54fd31b4b3baddbf3d1c91e4e79f1ee260b17aa001df54619d4feb06dce0dd583120386f1820fcb3f9b9893143f4ddf20b65c4cbf1c1e42d7fb43650fb717866775a29e678842f89522dfdc1c44dc386e5ee82400654ab057381032fecf50ad261fe8ed44b0e559a1c22498810ef33ecc395f0b73eb965074769fca8ddc06d99d6171d2ff2832791c0c58ca22288db7aa710908b1b960d34b61a9508851fa55a440045cbb9aee7c3a7f9b37b016cef0e5bc5248b9d132134d95d457fd13ca6e86cde081a7539b6c5e49e892d65db4a8d280a3becd656e58f7b313bb876299dd3b57f77dc315b4c1e3c5a1ddcf78550859feab686aac93256f2ea0df10520925c31bcd967daabab770e5c3d6c889829655b3e8afec57b959e9544d547782d1ba66dd6e0b62caa18aa3554d86e3f66c69e42fcf3be57bfd6a378e7811ea9f47523acdc1e0e05a969b2d5b3d888981119a1e689606ce9c88d312e26fa52713d28657e1da9946b9ae0feab2f19454be213258b9af5e2e1eb2b001a23ad403c8a5a78e5a0ba0465a7eaeacde189e3eae0d351ebe88c3101b0fc0d6b10c4290bb9bf3673e8f4eb19505bfb5fbf0038fdd4d18521be7087dea1723666a168ed0fc31869ab101d6ebfce6bca94170e8719fa78c2e3343cb7a3674416fb1d69c379721c399de182d5477e9b6c29d436b0a600be5850273ccea2be0cca969941a52816eeb73432680a3bd4941e24eb9a2cc419fdb665af0c16235140a7ed8b1d0ca87bc9bbaebee35979ee9bf345ac977ee0921f936b9f23bebc17d944d30c4094a48e9f2f3e03ac8df9847f8d2a83c2d31990728af0d003b902e81074eefcc6899b7d6f6d9e173e1426c688ca4dc00ae1f290208816f9beab74c0fc7d4d9635f625293a4545c40a0d03de9f25baa455f035197c65dea96cacc64ad4699f0331855462474bab15cf05b5313a4e3b69d28876cf40a524f629fb40c455ce7c63efec2e07a73283af93bb95343c8f59af2979dc43b0dbfe9bc85c2725d6b33391bfeb4786934eda00642f3bcbf904dc88bf8c4c54edc3492d6c9d6b55b35286bfddbbd04c5a025896f2f57c8982b3c44914431117244a7d59bd061d5d096e7b6a6a6b686a026a956eca8250d916254677b882e8f309f2c6e9aab9b05f7d172581650da87e66d412e27c551a0935169ef0e93819f4133e1af48a56562bdb72773775c7f3aceca347c938de64ad601ed12b694e21c4e2caab2916038fbc651d0f2308830f0d368d5ff6afeb558c6a31d12505745decc77c42398262cdda82180c3cc3fee4ab3d2941fcb8715530fdaa1d778cc9966d042dd50c81b8cd4363687535bc43c69f34bec2ce8a949520c300fd96a83bcf412c33cd799274a7c13456b306f0660336bc957cb8a02e03110fa394bc74a9cc1ad87f37663166df37d96515a0b1cb450c8a60ac3e1985edc750121186f8da90a1d27bc0c81dd096efc0e9542c3724062980cf5a9bc77dd489279e8589f18465e12de59fd1256de994f01142af3b32f5042da6d348bef1374ccba7ec5b320c0e66d7b6fb4eb01f1326d3ccafe095114e08ac487183fec52beb49ff5d116439e1f163525354df5b2fa5554eaaee3812caeb8091898e8390f12bb0abcaa7a1e9152fa1a22d83b56c022ed13e3e12baa903fc1c0680eec77be64d67ac9cce0fdd8e57352dfa45b6ba5a66a5", 0xd63}], 0x7}, 0x0) 1.097395335s ago: executing program 2 (id=312): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x218, 0xc9, 0xf1, 0xffff}, {0x9, 0x8e, 0x4, 0x936}, {0x1, 0x2, 0x3, 0x67d}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socket$nl_audit(0x10, 0x3, 0x9) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000380)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000002, 0x6031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) munlock(&(0x7f0000e4a000/0x1000)=nil, 0x1000) socket$unix(0x1, 0x1, 0x0) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) 1.060356196s ago: executing program 3 (id=314): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000440)={0x1, &(0x7f0000000380)=[{0x9, 0x80, 0x6, 0xfdb}]}) 1.007918306s ago: executing program 3 (id=316): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000940), r1) sendmsg$IEEE802154_ASSOCIATE_REQ(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x1c, r2, 0x201, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0x18}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004010}, 0x80) 1.006979676s ago: executing program 3 (id=319): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000000)=@sg0, 0x0, 0x0) 974.720067ms ago: executing program 3 (id=321): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010008, &(0x7f00000003c0), 0xff, 0x531, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5") 907.775178ms ago: executing program 2 (id=323): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000002c0)={[{@inlinecrypt}, {@errors_remount}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@errors_remount}, {@data_err_ignore}, {@jqfmt_vfsv1}, {@nodelalloc}, {@grpquota}, {@noload}, {@nouid32}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) faccessat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2) 907.497827ms ago: executing program 4 (id=325): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) times(0x0) r1 = socket(0x1e, 0x1, 0x0) connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) write$binfmt_misc(r1, &(0x7f0000000400), 0x2000011a) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000e80)=""/4096, 0x1000}], 0x1, 0x0, 0x18}, 0x7}], 0x1, 0x40000001, 0x0) 730.73868ms ago: executing program 4 (id=327): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000080000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r2}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000a40)='GPL\x00') r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r3) 452.004084ms ago: executing program 1 (id=333): mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9) mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil) 451.831954ms ago: executing program 1 (id=334): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r0}, 0x18) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000005f80)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x58, 0x2, [@TCA_FLOW_ACT={0x54, 0x9, 0x0, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x20000001, 0x4, 0x2}, 0x1, r4}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}, @TCA_RATE={0x5, 0x5, {0xff, 0x5}}]}, 0x90}}, 0x0) 451.708004ms ago: executing program 0 (id=335): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) personality(0x10) 418.675284ms ago: executing program 1 (id=336): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@errors_continue}, {@lazytime}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") 376.629025ms ago: executing program 1 (id=337): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, &(0x7f0000000240)=@pppol2tp={0x18, 0x1, {0x0, r5, {0x2, 0x4e23, @loopback}, 0xfffe, 0x3, 0x1, 0x4}}, 0x26) writev(r5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08") r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45) r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x4a) pwrite64(r7, &(0x7f0000000140)='2', 0xfdef, 0xfecc) ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000140)) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@newtfilter={0x3c, 0x28, 0xd27, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r4}, [@filter_kind_options=@f_flow={{0x9}, {0x4}}, @TCA_RATE={0x6, 0x5, {0xb8, 0x1}}]}, 0x3c}}, 0x0) 323.946206ms ago: executing program 0 (id=338): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) fchown(0xffffffffffffffff, 0x0, 0x0) 308.702866ms ago: executing program 0 (id=339): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe2}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000005c0)='lp\x00', 0x3) sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000180)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6fc40b5d175e86ac0b7a9fd7f1748af98902340eb3de6f89a6272ddc63ce532e270bc6cba3d229a96e108026bf64d48efc0435d52b40c578d3deb33677cf2ec5fadf9a784f2b2bdc8d978e9e1a788494631d094", 0xe3}, {&(0x7f0000000740)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cbf8fbaaec9647b07d0a4965f0f1e39afd84e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee425367bc33b71054226beb00b9ee6ae29f0b07bc6fe7981126ca804c1f64e6c19ba36b2778c5f4a1c58625fe19516af43ad50629f689703d478abe7df2280d459b1651686a53ca52dce9570444c153f9c2903ae4c868074e89477bf6ed2ab648b0498ac8c0f90b60b01f880c3acedd4a54014844ed9a26675199d5ff9b391c1dec077b5099cf9aecd1a9d94e235a7b129564e93cd73f6e4ed85bbf5b8193811d78883260630f2fd1c357747636890f515ab0a1e61b618cb3af02418ec4b122bbe4e8412f068a8e402b83f543c6ed9d2fe910a7e9c68fe3b57d3e47ed6278966089feadc5c13d1af0b586370e6744620d7487bf2c4", 0x142}, {&(0x7f0000000f00)}, {&(0x7f0000000480)="4068745fc217775e9fca3477d3c929c1231d710ed7bb68bf2f127cb83703392703f5", 0x22}], 0x4}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000900)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff6bb306c7f77c8a00000000000000d037280699ca67e7143e46e026", 0x44}, {&(0x7f0000002700)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d767701", 0x1f}], 0x2}}], 0x2, 0x0) 289.864056ms ago: executing program 1 (id=340): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEAUTHENTICATE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="c50f00000000000000001100000008000300", @ANYRES32=0x0, @ANYBLOB="08002a008421"], 0x24}, 0x1, 0x0, 0x0, 0x1010}, 0x0) 224.023047ms ago: executing program 1 (id=341): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f0000002140)=@newtaction={0x18, 0x31, 0x829, 0x70bd2c, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}}, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) socket(0xa, 0x3, 0x3a) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000000380)=0x2000000, 0x300) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) preadv(r2, &(0x7f0000001080), 0x0, 0x100000, 0xfffffffa) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r2, 0x0) getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2) 199.937117ms ago: executing program 3 (id=342): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000300)='kfree\x00', r0}, 0x18) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) 137.158298ms ago: executing program 2 (id=343): bpf$ENABLE_STATS(0x20, 0x0, 0x0) socket$netlink(0x10, 0x3, 0xf) r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) write$binfmt_script(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e) 44.607989ms ago: executing program 2 (id=344): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x5}, 0x18) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) close_range(r0, 0xffffffffffffffff, 0x0) 43.786549ms ago: executing program 3 (id=345): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xb, 0x6}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x655c, 0x2, 0x1ffffffe, 0x9, 0x800}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0) 0s ago: executing program 2 (id=346): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000880)='ns\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) fchdir(r0) syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0) kernel console output (not intermixed with test programs): 48b305e5 [ 25.224069][ T292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 25.239473][ T292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 25.247577][ T292] Call Trace: [ 25.250887][ T292] device_add_disk+0x2a/0x40 [ 25.255481][ T292] loop_add+0x5bd/0x7b0 [ 25.259710][ T292] loop_control_ioctl+0x369/0x550 [ 25.264750][ T292] ? loop_remove+0xb0/0xb0 [ 25.269219][ T292] ? __fget_files+0x2c4/0x320 [ 25.273901][ T292] ? security_file_ioctl+0x84/0xa0 [ 25.280573][ T292] ? loop_remove+0xb0/0xb0 [ 25.285053][ T292] __se_sys_ioctl+0x121/0x1a0 [ 25.289845][ T292] __x64_sys_ioctl+0x7b/0x90 [ 25.294455][ T292] do_syscall_64+0x31/0x40 [ 25.299159][ T292] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.305066][ T292] RIP: 0033:0x7f8fdb592969 [ 25.309526][ T292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 25.329185][ T292] RSP: 002b:00007f8fd9bfb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 25.337722][ T292] RAX: ffffffffffffffda RBX: 00007f8fdb7b9fa0 RCX: 00007f8fdb592969 [ 25.345721][ T292] RDX: 0000000000100002 RSI: 0000000000004c80 RDI: 000000000000000c [ 25.353753][ T292] RBP: 00007f8fdb614ab1 R08: 0000000000000000 R09: 0000000000000000 [ 25.362258][ T292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 25.370404][ T292] R13: 0000000000000000 R14: 00007f8fdb7b9fa0 R15: 00007fffb1f395d8 [ 25.378622][ T292] ---[ end trace b5f5bb3d4f4b78a3 ]--- [ 25.384287][ T292] sysfs: cannot create duplicate filename '/dev/block/7:2' [ 25.391564][ T292] CPU: 0 PID: 292 Comm: syz.0.1 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 25.402503][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 25.412549][ T292] Call Trace: [ 25.415835][ T292] __dump_stack+0x21/0x24 [ 25.420190][ T292] dump_stack_lvl+0x169/0x1d8 [ 25.424860][ T292] ? show_regs_print_info+0x18/0x18 [ 25.430076][ T292] ? kmem_cache_alloc_trace+0x184/0x2e0 [ 25.435611][ T292] ? sysfs_warn_dup+0x51/0xa0 [ 25.440277][ T292] dump_stack+0x15/0x1c [ 25.444420][ T292] sysfs_warn_dup+0x8e/0xa0 [ 25.448916][ T292] sysfs_do_create_link_sd+0xc9/0x110 [ 25.454283][ T292] sysfs_create_link+0x68/0x80 [ 25.459137][ T292] device_create_sys_dev_entry+0x113/0x170 [ 25.464932][ T292] ? device_add_attrs+0x430/0x430 [ 25.470054][ T292] ? device_create_file+0x10e/0x1c0 [ 25.475262][ T292] device_add+0x830/0xbf0 [ 25.479583][ T292] __device_add_disk+0x6eb/0x1020 [ 25.484600][ T292] device_add_disk+0x2a/0x40 [ 25.489181][ T292] loop_add+0x5bd/0x7b0 [ 25.493331][ T292] loop_control_ioctl+0x369/0x550 [ 25.498345][ T292] ? loop_remove+0xb0/0xb0 [ 25.502940][ T292] ? __fget_files+0x2c4/0x320 [ 25.507634][ T292] ? security_file_ioctl+0x84/0xa0 [ 25.512745][ T292] ? loop_remove+0xb0/0xb0 [ 25.517155][ T292] __se_sys_ioctl+0x121/0x1a0 [ 25.521825][ T292] __x64_sys_ioctl+0x7b/0x90 [ 25.526406][ T292] do_syscall_64+0x31/0x40 [ 25.530868][ T292] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.536803][ T292] RIP: 0033:0x7f8fdb592969 [ 25.541228][ T292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 25.560840][ T292] RSP: 002b:00007f8fd9bfb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 25.569263][ T292] RAX: ffffffffffffffda RBX: 00007f8fdb7b9fa0 RCX: 00007f8fdb592969 [ 25.577229][ T292] RDX: 0000000000100002 RSI: 0000000000004c80 RDI: 000000000000000c [ 25.585192][ T292] RBP: 00007f8fdb614ab1 R08: 0000000000000000 R09: 0000000000000000 [ 25.593241][ T292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 25.601221][ T292] R13: 0000000000000000 R14: 00007f8fdb7b9fa0 R15: 00007fffb1f395d8 [ 25.611464][ T292] kobject_add_internal failed for queue (error: -2 parent: loop1048578) [ 25.620210][ T292] ------------[ cut here ]------------ [ 25.625677][ T292] WARNING: CPU: 1 PID: 292 at fs/sysfs/file.c:328 sysfs_create_files+0x1f4/0x310 [ 25.635238][ T292] Modules linked in: [ 25.639197][ T292] CPU: 1 PID: 292 Comm: syz.0.1 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 25.650324][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 25.660468][ T292] RIP: 0010:sysfs_create_files+0x1f4/0x310 [ 25.666301][ T292] Code: ff ff 48 89 fb 48 89 c7 e8 89 fa d7 ff 48 89 df e9 58 ff ff ff e8 1c 14 9e ff 4c 89 f0 45 31 f6 e9 d4 00 00 00 e8 0c 14 9e ff <0f> 0b 41 be ea ff ff ff eb 15 85 c0 4c 89 e3 0f 84 b0 00 00 00 e8 [ 25.686297][ T292] RSP: 0018:ffffc900079a7ba0 EFLAGS: 00010246 [ 25.692383][ T292] RAX: ffffffff81c579ae RBX: dffffc0000000000 RCX: 0000000000080000 [ 25.700422][ T292] RDX: ffffc9000192c000 RSI: 000000000007ffff RDI: 0000000000080000 [ 25.708442][ T292] RBP: ffffc900079a7c78 R08: dffffc0000000000 R09: ffffed10215c8470 [ 25.716633][ T292] R10: ffffed10215c8470 R11: 1ffff110215c846f R12: ffffffff8654dba0 [ 25.724784][ T292] R13: ffff88812a58b068 R14: ffff88812a58b098 R15: ffffffff851f6920 [ 25.732903][ T292] FS: 00007f8fd9bfb6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 25.741875][ T292] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 25.748539][ T292] CR2: 00007ffd440e8fc8 CR3: 000000010f461000 CR4: 00000000003506a0 [ 25.756857][ T292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 25.764839][ T292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 25.772871][ T292] Call Trace: [ 25.776223][ T292] ? sysfs_create_file_ns+0x1a0/0x1a0 [ 25.781585][ T292] ? __kasan_check_write+0x14/0x20 [ 25.786983][ T292] ? kobject_get+0xd3/0x120 [ 25.791630][ T292] __device_add_disk+0xb9f/0x1020 [ 25.796696][ T292] device_add_disk+0x2a/0x40 [ 25.801305][ T292] loop_add+0x5bd/0x7b0 [ 25.805461][ T292] loop_control_ioctl+0x369/0x550 [ 25.810528][ T292] ? loop_remove+0xb0/0xb0 [ 25.814971][ T292] ? __fget_files+0x2c4/0x320 [ 25.819808][ T292] ? security_file_ioctl+0x84/0xa0 [ 25.824938][ T292] ? loop_remove+0xb0/0xb0 [ 25.829404][ T292] __se_sys_ioctl+0x121/0x1a0 [ 25.834083][ T292] __x64_sys_ioctl+0x7b/0x90 [ 25.838808][ T292] do_syscall_64+0x31/0x40 [ 25.843234][ T292] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.849343][ T292] RIP: 0033:0x7f8fdb592969 [ 25.853848][ T292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 25.873704][ T292] RSP: 002b:00007f8fd9bfb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 25.882276][ T292] RAX: ffffffffffffffda RBX: 00007f8fdb7b9fa0 RCX: 00007f8fdb592969 [ 25.890654][ T292] RDX: 0000000000100002 RSI: 0000000000004c80 RDI: 000000000000000c [ 25.898775][ T292] RBP: 00007f8fdb614ab1 R08: 0000000000000000 R09: 0000000000000000 [ 25.906904][ T292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 25.914891][ T292] R13: 0000000000000000 R14: 00007f8fdb7b9fa0 R15: 00007fffb1f395d8 [ 25.923374][ T292] ---[ end trace b5f5bb3d4f4b78a4 ]--- [ 25.928898][ T292] ------------[ cut here ]------------ [ 25.934356][ T292] kernfs: can not remove 'events', no directory [ 25.940838][ T292] WARNING: CPU: 0 PID: 292 at fs/kernfs/dir.c:1588 kernfs_remove_by_name_ns+0x103/0x160 [ 25.950684][ T292] Modules linked in: [ 25.954667][ T292] CPU: 0 PID: 292 Comm: syz.0.1 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 25.965782][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 25.975976][ T292] RIP: 0010:kernfs_remove_by_name_ns+0x103/0x160 [ 25.982326][ T292] Code: 06 4c 89 f7 e8 4e ef ff ff 4c 89 f7 e8 b6 af ff ff 45 31 f6 eb 29 e8 6c 72 9e ff 48 c7 c7 00 c8 0a 85 4c 89 f6 e8 6d 95 a6 02 <0f> 0b 41 be fe ff ff ff eb 13 e8 4e 72 9e ff 41 be fe ff ff ff 48 [ 26.002511][ T292] RSP: 0018:ffffc900079a7b68 EFLAGS: 00010246 [ 26.008715][ T292] RAX: 95d67a5236310a00 RBX: 0000000000000000 RCX: 0000000000080000 [ 26.016783][ T292] RDX: ffffc9000192c000 RSI: 000000000007ffff RDI: 0000000000080000 [ 26.024852][ T292] RBP: ffffc900079a7b90 R08: dffffc0000000000 R09: fffff52000f34e9d [ 26.032851][ T292] R10: fffff52000f34e9d R11: 1ffff92000f34e9c R12: 0000000000000000 [ 26.040851][ T292] R13: dffffc0000000000 R14: ffffffff851f6900 R15: 0000000000000000 [ 26.048866][ T292] FS: 00007f8fd9bfb6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 26.057846][ T292] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.064419][ T292] CR2: 0000001b2c90aff8 CR3: 000000010f461000 CR4: 00000000003506b0 [ 26.072420][ T292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 26.081294][ T292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 26.089546][ T292] Call Trace: [ 26.092890][ T292] sysfs_create_files+0x293/0x310 [ 26.098045][ T292] ? sysfs_create_file_ns+0x1a0/0x1a0 [ 26.103447][ T292] ? __kasan_check_write+0x14/0x20 [ 26.108623][ T292] ? kobject_get+0xd3/0x120 [ 26.113155][ T292] __device_add_disk+0xb9f/0x1020 [ 26.118229][ T292] device_add_disk+0x2a/0x40 [ 26.122825][ T292] loop_add+0x5bd/0x7b0 [ 26.127252][ T292] loop_control_ioctl+0x369/0x550 [ 26.132285][ T292] ? loop_remove+0xb0/0xb0 [ 26.136865][ T292] ? __fget_files+0x2c4/0x320 [ 26.141808][ T292] ? security_file_ioctl+0x84/0xa0 [ 26.146997][ T292] ? loop_remove+0xb0/0xb0 [ 26.151470][ T292] __se_sys_ioctl+0x121/0x1a0 [ 26.156390][ T292] __x64_sys_ioctl+0x7b/0x90 [ 26.160981][ T292] do_syscall_64+0x31/0x40 [ 26.165494][ T292] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.171510][ T292] RIP: 0033:0x7f8fdb592969 [ 26.175933][ T292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 26.195739][ T292] RSP: 002b:00007f8fd9bfb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 26.204276][ T292] RAX: ffffffffffffffda RBX: 00007f8fdb7b9fa0 RCX: 00007f8fdb592969 [ 26.212300][ T292] RDX: 0000000000100002 RSI: 0000000000004c80 RDI: 000000000000000c [ 26.220315][ T292] RBP: 00007f8fdb614ab1 R08: 0000000000000000 R09: 0000000000000000 [ 26.228411][ T292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 26.236810][ T292] R13: 0000000000000000 R14: 00007f8fdb7b9fa0 R15: 00007fffb1f395d8 [ 26.244783][ T292] ---[ end trace b5f5bb3d4f4b78a5 ]--- [ 26.250278][ T292] loop1048578: failed to create sysfs files for events [ 26.529805][ T24] kauditd_printk_skb: 51 callbacks suppressed [ 26.529818][ T24] audit: type=1400 audit(1746502760.980:141): avc: denied { create } for pid=333 comm="syz.0.9" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 26.568272][ T24] audit: type=1400 audit(1746502761.020:142): avc: denied { write } for pid=333 comm="syz.0.9" name="001" dev="devtmpfs" ino=183 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 26.593860][ T24] audit: type=1400 audit(1746502761.040:143): avc: denied { create } for pid=333 comm="syz.0.9" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 26.613374][ T24] audit: type=1400 audit(1746502761.040:144): avc: denied { setopt } for pid=333 comm="syz.0.9" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 26.691203][ T336] erofs: (device loop4): mounted with root inode @ nid 36. [ 26.818886][ T343] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3'. [ 27.024016][ T5] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 27.206898][ T24] audit: type=1400 audit(1746502761.610:145): avc: denied { read write } for pid=330 comm="syz.4.7" name="fuse" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 27.353618][ T24] audit: type=1400 audit(1746502761.610:146): avc: denied { open } for pid=330 comm="syz.4.7" path="/dev/fuse" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 27.473046][ T24] audit: type=1400 audit(1746502761.920:147): avc: denied { unmount } for pid=272 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 27.589035][ T356] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue [ 27.602674][ T356] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 27.613211][ T24] audit: type=1326 audit(1746502762.060:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=360 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 27.636327][ T5] usb 2-1: unable to get BOS descriptor or descriptor too short [ 27.645356][ T24] audit: type=1326 audit(1746502762.090:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=360 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 27.670260][ T24] audit: type=1326 audit(1746502762.090:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=360 comm="syz.3.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 27.697193][ T356] EXT4-fs error (device loop4) in ext4_do_update_inode:5303: error 27 [ 27.709203][ T349] F2FS-fs (loop0): Found nat_bits in checkpoint [ 27.710811][ T356] EXT4-fs error (device loop4): ext4_dirty_inode:6110: inode #2: comm syz.4.13: mark_inode_dirty error [ 27.726556][ T5] usb 2-1: config 1 has an invalid interface number: 121 but max is 0 [ 27.726569][ T5] usb 2-1: config 1 has no interface number 0 [ 27.741677][ T356] EXT4-fs error (device loop4) in ext4_do_update_inode:5303: error 27 [ 27.756329][ T273] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 27.757159][ T356] EXT4-fs error (device loop4) in ext4_do_update_inode:5303: error 27 [ 27.772697][ T356] EXT4-fs error (device loop4): ext4_dirty_inode:6110: inode #2: comm syz.4.13: mark_inode_dirty error [ 27.784124][ T356] EXT4-fs error (device loop4) in ext4_do_update_inode:5303: error 27 [ 27.792757][ T356] EXT4-fs error (device loop4): __ext4_ext_dirty:182: inode #2: comm syz.4.13: mark_inode_dirty error [ 27.804190][ T356] EXT4-fs error (device loop4) in ext4_do_update_inode:5303: error 27 [ 27.812768][ T356] EXT4-fs error (device loop4): ext4_dirty_inode:6110: inode #2: comm syz.4.13: mark_inode_dirty error [ 27.824160][ T349] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 27.886239][ T5] usb 2-1: New USB device found, idVendor=0582, idProduct=0007, bcdDevice=3e.97 [ 27.905635][ T5] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 27.914101][ T5] usb 2-1: Product: syz [ 27.926155][ T5] usb 2-1: Manufacturer: syz [ 27.936188][ T5] usb 2-1: SerialNumber: syz [ 27.949734][ T371] F2FS-fs (loop3): Found nat_bits in checkpoint [ 27.976822][ T5] hub 2-1:1.121: bad descriptor, ignoring hub [ 27.982968][ T5] hub: probe of 2-1:1.121 failed with error -5 [ 28.064927][ T349] input: syz1 as /devices/virtual/input/input4 [ 28.071432][ T371] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 28.116474][ T349] attempt to access beyond end of device [ 28.116474][ T349] loop0: rw=2049, want=81920, limit=40427 [ 28.136211][ T349] attempt to access beyond end of device [ 28.136211][ T349] loop0: rw=2049, want=53248, limit=40427 [ 28.451750][ T273] usb 3-1: unable to get BOS descriptor or descriptor too short [ 28.495030][ T349] attempt to access beyond end of device [ 28.495030][ T349] loop0: rw=2049, want=58624, limit=40427 [ 28.514004][ T387] attempt to access beyond end of device [ 28.514004][ T387] loop0: rw=0, want=77896, limit=40427 [ 28.516611][ T371] input: syz1 as /devices/virtual/input/input5 [ 28.536212][ T273] usb 3-1: config 1 has an invalid interface number: 121 but max is 0 [ 28.544402][ T273] usb 3-1: config 1 has no interface number 0 [ 28.562136][ T371] attempt to access beyond end of device [ 28.562136][ T371] loop3: rw=2049, want=79696, limit=40427 [ 28.586267][ T5] usb 2-1: USB disconnect, device number 2 [ 28.597266][ T371] attempt to access beyond end of device [ 28.597266][ T371] loop3: rw=0, want=77896, limit=40427 [ 28.611338][ T369] attempt to access beyond end of device [ 28.611338][ T369] loop3: rw=524288, want=77888, limit=40427 [ 28.623333][ T369] attempt to access beyond end of device [ 28.623333][ T369] loop3: rw=0, want=77832, limit=40427 [ 28.634862][ T369] attempt to access beyond end of device [ 28.634862][ T369] loop3: rw=0, want=77832, limit=40427 [ 28.646789][ T369] attempt to access beyond end of device [ 28.646789][ T369] loop3: rw=0, want=77832, limit=40427 [ 28.716419][ T273] usb 3-1: New USB device found, idVendor=0582, idProduct=0007, bcdDevice=3e.97 [ 28.725793][ T273] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 28.734731][ T273] usb 3-1: Product: syz [ 28.739123][ T273] usb 3-1: Manufacturer: syz [ 28.743730][ T273] usb 3-1: SerialNumber: syz [ 28.786735][ T273] hub 3-1:1.121: bad descriptor, ignoring hub [ 28.792957][ T273] hub: probe of 3-1:1.121 failed with error -5 [ 29.446736][ T395] erofs: (device loop0): mounted with root inode @ nid 36. [ 29.636260][ T273] usb 3-1: USB disconnect, device number 2 [ 30.430106][ T405] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 30.438632][ T407] EXT4-fs (loop4): 1 orphan inode deleted [ 30.445737][ T407] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 30.462345][ T407] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 30.472957][ T405] EXT4-fs (loop3): 1 truncate cleaned up [ 30.478721][ T405] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 30.518698][ T412] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue [ 30.544348][ T412] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 30.589817][ T412] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 30.606812][ T412] EXT4-fs error (device loop0): ext4_dirty_inode:6110: inode #2: comm syz.0.24: mark_inode_dirty error [ 30.631232][ T424] ------------[ cut here ]------------ [ 30.639539][ T424] WARNING: CPU: 1 PID: 424 at fs/sysfs/group.c:116 internal_create_group+0xe4/0xcf0 [ 30.651183][ T412] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 30.661160][ T412] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #2: comm syz.0.24: mark_inode_dirty error [ 30.672648][ T424] Modules linked in: [ 30.676802][ T424] CPU: 1 PID: 424 Comm: syz.2.25 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 30.688116][ T424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 30.701526][ T424] RIP: 0010:internal_create_group+0xe4/0xcf0 [ 30.707796][ T424] Code: 00 74 08 48 89 df e8 db c4 d7 ff 48 8b 03 83 7c 24 1c 00 74 22 48 85 c0 0f 84 ef 0b 00 00 e8 23 de 9d ff eb 20 e8 1c de 9d ff <0f> 0b 41 be ea ff ff ff e9 40 0b 00 00 48 85 c0 0f 84 dd 0b 00 00 [ 30.728097][ T424] RSP: 0018:ffffc90000e37140 EFLAGS: 00010287 [ 30.734266][ T424] RAX: ffffffff81c5ba8c RBX: ffff88812a58b098 RCX: 0000000000080000 [ 30.742583][ T424] RDX: ffffc90001d2d000 RSI: 000000000000581c RDI: 000000000000581d [ 30.751290][ T424] RBP: ffffc90000e37248 R08: dffffc0000000000 R09: ffffed10215c8466 [ 30.760885][ T424] R10: ffffed10215c8466 R11: 1ffff110215c8465 R12: 1ffff920001c6e38 [ 30.769131][ T424] R13: dffffc0000000000 R14: ffffffff866337c0 R15: 1ffff110254b1613 [ 30.777363][ T424] FS: 00007f0794ca86c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 30.788129][ T424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 30.794739][ T424] CR2: 00007ffd440e8fc8 CR3: 00000001110d8000 CR4: 00000000003506a0 [ 30.803014][ T424] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 30.811191][ T424] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 30.819473][ T424] Call Trace: [ 30.822784][ T424] ? rt_mutex_setprio+0xb40/0xb40 [ 30.828088][ T424] ? sysfs_create_group+0x30/0x30 [ 30.833167][ T424] ? __kasan_check_write+0x14/0x20 [ 30.838772][ T424] sysfs_create_group+0x1f/0x30 [ 30.844725][ T424] loop_configure+0xc2f/0x1260 [ 30.849825][ T424] lo_ioctl+0x76d/0x1a80 [ 30.854093][ T424] ? sched_group_set_shares+0x4c0/0x4c0 [ 30.859976][ T424] ? lo_release+0x1f0/0x1f0 [ 30.864506][ T424] ? yield_to_task_fair+0x150/0x150 [ 30.870083][ T424] ? __this_cpu_preempt_check+0x13/0x20 [ 30.875842][ T424] ? tracing_record_taskinfo+0x7c/0x220 [ 30.883313][ T424] ? probe_sched_wakeup+0x64/0x80 [ 30.888596][ T424] ? ttwu_do_wakeup+0x39e/0x3c0 [ 30.893500][ T424] ? ttwu_do_activate+0x1e2/0x2b0 [ 30.898827][ T424] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 30.904697][ T424] ? try_to_wake_up+0x616/0xd70 [ 30.909911][ T424] ? __kasan_check_write+0x14/0x20 [ 30.915105][ T424] ? __kasan_check_write+0x14/0x20 [ 30.922010][ T424] ? wake_up_q+0x12c/0x1e0 [ 30.926907][ T424] ? __mutex_unlock_slowpath+0x1f2/0x2f0 [ 30.932562][ T424] ? __kasan_check_write+0x14/0x20 [ 30.946343][ T424] ? mutex_unlock+0x40/0x40 [ 30.950937][ T424] ? __kasan_check_write+0x14/0x20 [ 30.956053][ T424] ? _raw_spin_lock+0x8e/0xe0 [ 30.971282][ T424] ? _raw_spin_trylock_bh+0x130/0x130 [ 30.981382][ T424] ? __kasan_check_write+0x14/0x20 [ 30.986792][ T424] ? __kasan_check_write+0x14/0x20 [ 30.991976][ T424] ? disk_unblock_events+0x51/0x60 [ 30.997373][ T424] ? 0xffffffffa00282f4 [ 31.001550][ T424] ? is_bpf_text_address+0x177/0x190 [ 31.008353][ T424] ? __kernel_text_address+0xa0/0x100 [ 31.013744][ T424] ? unwind_get_return_address+0x4d/0x90 [ 31.019717][ T424] ? stack_trace_save+0xe0/0xe0 [ 31.024590][ T424] ? arch_stack_walk+0xee/0x140 [ 31.029898][ T424] ? memcpy+0x56/0x70 [ 31.033982][ T424] ? avc_has_extended_perms+0x7f0/0xc30 [ 31.040063][ T424] ? avc_ss_reset+0x280/0x280 [ 31.044770][ T424] ? kasan_set_track+0x5b/0x70 [ 31.051400][ T424] ? __kasan_slab_free+0x11/0x20 [ 31.056588][ T424] ? slab_free_freelist_hook+0xc5/0x190 [ 31.062247][ T424] ? kmem_cache_free+0x100/0x2d0 [ 31.067510][ T424] ? putname+0xfe/0x150 [ 31.071687][ T424] ? do_sys_openat2+0x207/0x6d0 [ 31.076905][ T424] ? blkdev_common_ioctl+0xf90/0x1a80 [ 31.082297][ T424] ? blkdev_bszset+0x1e0/0x1e0 [ 31.087437][ T424] ? do_vfs_ioctl+0x766/0x1510 [ 31.092228][ T424] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 31.103939][ T424] ? has_cap_mac_admin+0x330/0x330 [ 31.116173][ T424] ? __kasan_slab_free+0x11/0x20 [ 31.124927][ T424] ? slab_free_freelist_hook+0xc5/0x190 [ 31.130849][ T424] ? putname+0xfe/0x150 [ 31.135121][ T424] ? kmem_cache_free+0x100/0x2d0 [ 31.140614][ T424] ? selinux_file_ioctl+0x377/0x480 [ 31.145886][ T424] ? lo_release+0x1f0/0x1f0 [ 31.151027][ T424] blkdev_ioctl+0x2d2/0x5b0 [ 31.155558][ T424] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 31.161647][ T424] ? __fget_files+0x2c4/0x320 [ 31.166536][ T424] block_ioctl+0xae/0x100 [ 31.170878][ T424] ? blkdev_iopoll+0x100/0x100 [ 31.175725][ T424] __se_sys_ioctl+0x121/0x1a0 [ 31.180620][ T424] __x64_sys_ioctl+0x7b/0x90 [ 31.185230][ T424] do_syscall_64+0x31/0x40 [ 31.189898][ T424] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 31.195804][ T424] RIP: 0033:0x7f079663f56b [ 31.200754][ T424] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 31.220612][ T424] RSP: 002b:00007f0794ca7dc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 31.229182][ T424] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f079663f56b [ 31.237436][ T424] RDX: 000000000000000a RSI: 0000000000004c00 RDI: 000000000000000b [ 31.245427][ T424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000434 [ 31.253616][ T424] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a [ 31.261807][ T424] R13: 00007f0794ca7ef0 R14: 00007f0794ca7eb0 R15: 00007f078c888000 [ 31.269906][ T424] ---[ end trace b5f5bb3d4f4b78a6 ]--- [ 31.381979][ T424] EXT4-fs (loop1048578): encrypted files will use data=ordered instead of data journaling mode [ 31.392799][ T427] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 31.408126][ T424] EXT4-fs (loop1048578): 1 truncate cleaned up [ 31.414324][ T424] EXT4-fs (loop1048578): mounted filesystem without journal. Opts: ,errors=continue [ 31.415659][ T427] EXT4-fs (loop3): 1 truncate cleaned up [ 31.429877][ T427] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 31.456542][ T434] device syzkaller0 entered promiscuous mode [ 31.466619][ T437] ====================================================== [ 31.466619][ T437] WARNING: the mand mount option is being deprecated and [ 31.466619][ T437] will be removed in v5.15! [ 31.466619][ T437] ====================================================== [ 31.525290][ T437] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c118, mo2=0002] [ 31.539661][ T437] System zones: 0-2, 18-18, 34-34 [ 31.551728][ T437] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.27: bg 0: block 248: padding at end of block bitmap is not set [ 31.567053][ T437] __quota_error: 73 callbacks suppressed [ 31.567064][ T437] Quota error (device loop4): write_blk: dquota write failed [ 31.581106][ T437] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 31.591157][ T437] EXT4-fs error (device loop4): ext4_acquire_dquot:6226: comm syz.4.27: Failed to acquire dquot type 1 [ 31.603310][ T437] EXT4-fs (loop4): 1 truncate cleaned up [ 31.609039][ T437] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,noload,debug,,errors=continue [ 31.620015][ T437] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.662918][ T449] erofs: (device loop3): mounted with root inode @ nid 36. [ 33.247346][ T467] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue [ 33.276612][ T472] ------------[ cut here ]------------ [ 33.282177][ T472] WARNING: CPU: 0 PID: 472 at fs/sysfs/group.c:116 internal_create_group+0xe4/0xcf0 [ 33.293607][ T467] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 33.324237][ T472] Modules linked in: [ 33.334491][ T472] CPU: 0 PID: 472 Comm: syz.2.36 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 33.355838][ T472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 33.366201][ T472] RIP: 0010:internal_create_group+0xe4/0xcf0 [ 33.372291][ T472] Code: 00 74 08 48 89 df e8 db c4 d7 ff 48 8b 03 83 7c 24 1c 00 74 22 48 85 c0 0f 84 ef 0b 00 00 e8 23 de 9d ff eb 20 e8 1c de 9d ff <0f> 0b 41 be ea ff ff ff e9 40 0b 00 00 48 85 c0 0f 84 dd 0b 00 00 [ 33.392484][ T472] RSP: 0018:ffffc90000ea7140 EFLAGS: 00010283 [ 33.398736][ T472] RAX: ffffffff81c5ba8c RBX: ffff88812a58b098 RCX: 0000000000080000 [ 33.406882][ T472] RDX: ffffc90001d2d000 RSI: 00000000000056db RDI: 00000000000056dc [ 33.414863][ T472] RBP: ffffc90000ea7248 R08: dffffc0000000000 R09: ffffed10215c8466 [ 33.423285][ T472] R10: ffffed10215c8466 R11: 1ffff110215c8465 R12: 1ffff920001d4e38 [ 33.431491][ T472] R13: dffffc0000000000 R14: ffffffff866337c0 R15: 1ffff110254b1613 [ 33.439643][ T472] FS: 00007f0794ca86c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 33.448786][ T472] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 33.455375][ T472] CR2: 00007fc3bed50fdc CR3: 00000001106d3000 CR4: 00000000003506a0 [ 33.463610][ T472] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 33.471779][ T472] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 33.480027][ T472] Call Trace: [ 33.483499][ T472] ? rt_mutex_setprio+0xb40/0xb40 [ 33.488638][ T472] ? sysfs_create_group+0x30/0x30 [ 33.493714][ T472] ? __kasan_check_write+0x14/0x20 [ 33.499167][ T472] sysfs_create_group+0x1f/0x30 [ 33.504028][ T472] loop_configure+0xc2f/0x1260 [ 33.508827][ T472] lo_ioctl+0x76d/0x1a80 [ 33.513085][ T472] ? lo_release+0x1f0/0x1f0 [ 33.517635][ T472] ? 0xffffffffa0010dec [ 33.521883][ T472] ? is_bpf_text_address+0x177/0x190 [ 33.527189][ T472] ? __kernel_text_address+0xa0/0x100 [ 33.532563][ T472] ? unwind_get_return_address+0x4d/0x90 [ 33.538222][ T472] ? stack_trace_save+0xe0/0xe0 [ 33.543078][ T472] ? arch_stack_walk+0xee/0x140 [ 33.547951][ T472] ? __kasan_check_write+0x14/0x20 [ 33.553071][ T472] ? kobject_get_unless_zero+0x15e/0x1e0 [ 33.558723][ T472] ? __kobject_del+0x2f0/0x2f0 [ 33.563503][ T472] ? __kasan_check_write+0x14/0x20 [ 33.568683][ T472] ? mutex_lock+0x8c/0xe0 [ 33.573021][ T472] ? mutex_trylock+0xa0/0xa0 [ 33.577662][ T472] ? bdev_check_media_change+0x350/0x350 [ 33.583329][ T472] ? __kasan_check_write+0x14/0x20 [ 33.588475][ T472] ? bdev_check_media_change+0x350/0x350 [ 33.594215][ T472] ? __kasan_check_write+0x14/0x20 [ 33.599369][ T472] ? _raw_spin_lock+0x8e/0xe0 [ 33.604050][ T472] ? _raw_spin_trylock_bh+0x130/0x130 [ 33.609441][ T472] ? __kasan_check_write+0x14/0x20 [ 33.614582][ T472] ? __kasan_check_write+0x14/0x20 [ 33.619712][ T472] ? __kasan_check_write+0x14/0x20 [ 33.624830][ T472] ? disk_unblock_events+0x51/0x60 [ 33.629968][ T472] ? 0xffffffffa0010dec [ 33.634130][ T472] ? is_bpf_text_address+0x177/0x190 [ 33.639473][ T472] ? __kernel_text_address+0xa0/0x100 [ 33.644851][ T472] ? unwind_get_return_address+0x4d/0x90 [ 33.650514][ T472] ? stack_trace_save+0xe0/0xe0 [ 33.655374][ T472] ? arch_stack_walk+0xee/0x140 [ 33.660385][ T472] ? memcpy+0x56/0x70 [ 33.664387][ T472] ? avc_has_extended_perms+0x7f0/0xc30 [ 33.670041][ T472] ? avc_ss_reset+0x280/0x280 [ 33.674744][ T472] ? kasan_set_track+0x5b/0x70 [ 33.679542][ T472] ? __kasan_slab_free+0x11/0x20 [ 33.684477][ T472] ? slab_free_freelist_hook+0xc5/0x190 [ 33.690059][ T472] ? kmem_cache_free+0x100/0x2d0 [ 33.695009][ T472] ? putname+0xfe/0x150 [ 33.699192][ T472] ? do_sys_openat2+0x207/0x6d0 [ 33.704055][ T472] ? blkdev_common_ioctl+0xf90/0x1a80 [ 33.709446][ T472] ? blkdev_bszset+0x1e0/0x1e0 [ 33.709845][ T24] audit: type=1400 audit(1746502768.160:224): avc: denied { remove_name } for pid=77 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 33.714206][ T472] ? do_vfs_ioctl+0x766/0x1510 [ 33.714220][ T472] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 33.714241][ T472] ? has_cap_mac_admin+0x330/0x330 [ 33.737642][ T24] audit: type=1400 audit(1746502768.190:225): avc: denied { rename } for pid=77 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 33.741370][ T472] ? __kasan_slab_free+0x11/0x20 [ 33.747262][ T24] audit: type=1400 audit(1746502768.190:226): avc: denied { create } for pid=77 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 33.752180][ T472] ? slab_free_freelist_hook+0xc5/0x190 [ 33.805016][ T472] ? putname+0xfe/0x150 [ 33.809206][ T472] ? kmem_cache_free+0x100/0x2d0 [ 33.814150][ T472] ? selinux_file_ioctl+0x377/0x480 [ 33.819407][ T472] ? lo_release+0x1f0/0x1f0 [ 33.823907][ T472] blkdev_ioctl+0x2d2/0x5b0 [ 33.828440][ T472] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 33.833903][ T472] ? __fget_files+0x2c4/0x320 [ 33.838793][ T472] block_ioctl+0xae/0x100 [ 33.843133][ T472] ? blkdev_iopoll+0x100/0x100 [ 33.847943][ T472] __se_sys_ioctl+0x121/0x1a0 [ 33.852717][ T472] __x64_sys_ioctl+0x7b/0x90 [ 33.857530][ T472] do_syscall_64+0x31/0x40 [ 33.861973][ T472] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 33.867948][ T472] RIP: 0033:0x7f079663f56b [ 33.872380][ T472] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 33.892227][ T472] RSP: 002b:00007f0794ca7dc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 33.900938][ T472] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f079663f56b [ 33.908977][ T472] RDX: 000000000000000a RSI: 0000000000004c00 RDI: 000000000000000b [ 33.917647][ T472] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000434 [ 33.925627][ T472] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a [ 33.933740][ T472] R13: 00007f0794ca7ef0 R14: 00007f0794ca7eb0 R15: 00007f078c888000 [ 33.941740][ T472] ---[ end trace b5f5bb3d4f4b78a7 ]--- [ 33.988497][ T467] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 33.997035][ T467] EXT4-fs error (device loop0): ext4_dirty_inode:6110: inode #2: comm syz.0.34: mark_inode_dirty error [ 34.008821][ T467] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 34.018976][ T467] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 34.027613][ T467] EXT4-fs error (device loop0): ext4_dirty_inode:6110: inode #2: comm syz.0.34: mark_inode_dirty error [ 34.039196][ T467] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 34.048004][ T467] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #2: comm syz.0.34: mark_inode_dirty error [ 34.059486][ T467] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 34.068181][ T467] EXT4-fs error (device loop0): ext4_dirty_inode:6110: inode #2: comm syz.0.34: mark_inode_dirty error [ 34.138796][ T472] EXT4-fs (loop1048578): encrypted files will use data=ordered instead of data journaling mode [ 34.156867][ T472] EXT4-fs (loop1048578): 1 truncate cleaned up [ 34.163347][ T472] EXT4-fs (loop1048578): mounted filesystem without journal. Opts: ,errors=continue [ 34.227750][ T469] F2FS-fs (loop4): invalid crc value [ 34.269774][ T469] F2FS-fs (loop4): Found nat_bits in checkpoint [ 34.309507][ T489] EXT4-fs (loop3): Ignoring removed orlov option [ 34.333387][ T469] F2FS-fs (loop4): recover fsync data on readonly fs [ 34.346678][ T469] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 34.352047][ T489] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,quota,noauto_da_alloc,debug_want_extra_isize=0x0000000000000080,lazytime,noauto_da_alloc,stripe=0x0000000000000005,orlov,,errors=continue [ 34.513134][ T499] ------------[ cut here ]------------ [ 34.518730][ T499] WARNING: CPU: 0 PID: 499 at fs/sysfs/group.c:116 internal_create_group+0xe4/0xcf0 [ 34.528315][ T499] Modules linked in: [ 34.532306][ T499] CPU: 0 PID: 499 Comm: syz.2.41 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 35.093925][ T499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 35.114344][ T499] RIP: 0010:internal_create_group+0xe4/0xcf0 [ 35.126219][ T499] Code: 00 74 08 48 89 df e8 db c4 d7 ff 48 8b 03 83 7c 24 1c 00 74 22 48 85 c0 0f 84 ef 0b 00 00 e8 23 de 9d ff eb 20 e8 1c de 9d ff <0f> 0b 41 be ea ff ff ff e9 40 0b 00 00 48 85 c0 0f 84 dd 0b 00 00 [ 35.146336][ T499] RSP: 0018:ffffc90000e97140 EFLAGS: 00010287 [ 35.157942][ T499] RAX: ffffffff81c5ba8c RBX: ffff88812a58b098 RCX: 0000000000080000 [ 35.166420][ T499] RDX: ffffc90001d2d000 RSI: 0000000000005752 RDI: 0000000000005753 [ 35.174738][ T499] RBP: ffffc90000e97248 R08: dffffc0000000000 R09: ffffed10215c8466 [ 35.183316][ T499] R10: ffffed10215c8466 R11: 1ffff110215c8465 R12: 1ffff920001d2e38 [ 35.191452][ T499] R13: dffffc0000000000 R14: ffffffff866337c0 R15: 1ffff110254b1613 [ 35.445328][ T503] netlink: 20 bytes leftover after parsing attributes in process `syz.4.35'. [ 35.459741][ T499] FS: 00007f0794ca86c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 35.469128][ T499] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 35.483287][ T499] CR2: 00007f8fd17f9000 CR3: 0000000111cb1000 CR4: 00000000003506a0 [ 35.491954][ T499] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 35.500242][ T499] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 35.509186][ T499] Call Trace: [ 35.512544][ T499] ? rt_mutex_setprio+0xb40/0xb40 [ 35.518365][ T499] ? sysfs_create_group+0x30/0x30 [ 35.523564][ T499] ? __kasan_check_write+0x14/0x20 [ 35.528907][ T499] sysfs_create_group+0x1f/0x30 [ 35.533934][ T499] loop_configure+0xc2f/0x1260 [ 35.538920][ T499] lo_ioctl+0x76d/0x1a80 [ 35.543223][ T499] ? lo_release+0x1f0/0x1f0 [ 35.548034][ T499] ? 0xffffffffa0010728 [ 35.552298][ T499] ? is_bpf_text_address+0x177/0x190 [ 35.558057][ T499] ? __kernel_text_address+0xa0/0x100 [ 35.563653][ T499] ? unwind_get_return_address+0x4d/0x90 [ 35.569380][ T499] ? stack_trace_save+0xe0/0xe0 [ 35.574272][ T499] ? arch_stack_walk+0xee/0x140 [ 35.579170][ T499] ? __kasan_check_write+0x14/0x20 [ 35.584297][ T499] ? kobject_get_unless_zero+0x15e/0x1e0 [ 35.589979][ T499] ? __kobject_del+0x2f0/0x2f0 [ 35.594758][ T499] ? __kasan_check_write+0x14/0x20 [ 35.599918][ T499] ? mutex_lock+0x8c/0xe0 [ 35.604246][ T499] ? mutex_trylock+0xa0/0xa0 [ 35.609116][ T499] ? bdev_check_media_change+0x350/0x350 [ 35.614775][ T499] ? __kasan_check_write+0x14/0x20 [ 35.620267][ T499] ? bdev_check_media_change+0x350/0x350 [ 35.625919][ T499] ? __kasan_check_write+0x14/0x20 [ 35.632019][ T499] ? _raw_spin_lock+0x8e/0xe0 [ 35.636886][ T499] ? _raw_spin_trylock_bh+0x130/0x130 [ 35.642360][ T499] ? __kasan_check_write+0x14/0x20 [ 35.647733][ T499] ? __kasan_check_write+0x14/0x20 [ 35.652955][ T499] ? __kasan_check_write+0x14/0x20 [ 35.658239][ T499] ? disk_unblock_events+0x51/0x60 [ 35.663632][ T499] ? 0xffffffffa0010728 [ 35.668204][ T499] ? is_bpf_text_address+0x177/0x190 [ 35.673521][ T499] ? __kernel_text_address+0xa0/0x100 [ 35.679195][ T499] ? unwind_get_return_address+0x4d/0x90 [ 35.684835][ T499] ? stack_trace_save+0xe0/0xe0 [ 35.689724][ T499] ? arch_stack_walk+0xee/0x140 [ 35.694598][ T499] ? memcpy+0x56/0x70 [ 35.698620][ T499] ? avc_has_extended_perms+0x7f0/0xc30 [ 35.704186][ T499] ? avc_ss_reset+0x280/0x280 [ 35.708893][ T499] ? kasan_set_track+0x5b/0x70 [ 35.713662][ T499] ? __kasan_slab_free+0x11/0x20 [ 35.718633][ T499] ? slab_free_freelist_hook+0xc5/0x190 [ 35.724208][ T499] ? kmem_cache_free+0x100/0x2d0 [ 35.729172][ T499] ? putname+0xfe/0x150 [ 35.733363][ T499] ? do_sys_openat2+0x207/0x6d0 [ 35.738241][ T499] ? blkdev_common_ioctl+0xf90/0x1a80 [ 35.743616][ T499] ? blkdev_bszset+0x1e0/0x1e0 [ 35.748404][ T499] ? do_vfs_ioctl+0x766/0x1510 [ 35.753163][ T499] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 35.758816][ T499] ? has_cap_mac_admin+0x330/0x330 [ 35.763969][ T499] ? __kasan_slab_free+0x11/0x20 [ 35.768953][ T499] ? slab_free_freelist_hook+0xc5/0x190 [ 35.774519][ T499] ? putname+0xfe/0x150 [ 35.778727][ T499] ? kmem_cache_free+0x100/0x2d0 [ 35.783706][ T499] ? selinux_file_ioctl+0x377/0x480 [ 35.788948][ T499] ? lo_release+0x1f0/0x1f0 [ 35.793464][ T499] blkdev_ioctl+0x2d2/0x5b0 [ 35.797994][ T499] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 35.803633][ T499] ? __fget_files+0x2c4/0x320 [ 35.808347][ T499] block_ioctl+0xae/0x100 [ 35.812695][ T499] ? blkdev_iopoll+0x100/0x100 [ 35.817483][ T499] __se_sys_ioctl+0x121/0x1a0 [ 35.822168][ T499] __x64_sys_ioctl+0x7b/0x90 [ 35.826806][ T499] do_syscall_64+0x31/0x40 [ 35.831255][ T499] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 35.837805][ T499] RIP: 0033:0x7f079663f56b [ 35.842542][ T499] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 35.862787][ T499] RSP: 002b:00007f0794ca7dc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 35.871344][ T499] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f079663f56b [ 35.879506][ T499] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 35.887715][ T499] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000477 [ 35.895753][ T499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 35.903770][ T499] R13: 00007f0794ca7ef0 R14: 00007f0794ca7eb0 R15: 00007f078c888000 [ 35.911790][ T499] ---[ end trace b5f5bb3d4f4b78a8 ]--- [ 36.292232][ T499] EXT4-fs error (device loop1048578): ext4_get_branch:178: inode #13: block 33619980: comm syz.2.41: invalid block [ 36.306032][ T499] EXT4-fs error (device loop1048578): ext4_validate_block_bitmap:438: comm syz.2.41: bg 0: block 392: padding at end of block bitmap is not set [ 36.322636][ T499] EXT4-fs error (device loop1048578) in ext4_mb_clear_bb:5645: Corrupt filesystem [ 36.687620][ T499] EXT4-fs error (device loop1048578): ext4_clear_blocks:880: inode #13: comm syz.2.41: attempt to clear invalid blocks 983260 len 1 [ 36.710032][ T501] EXT4-fs (loop0): Test dummy encryption mode enabled [ 37.286987][ T501] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5 [ 37.286987][ T501] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 37.286987][ T501] [ 37.392556][ T24] audit: type=1400 audit(1746502771.830:227): avc: denied { mount } for pid=515 comm="syz.3.42" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 37.474643][ T499] EXT4-fs error (device loop1048578): ext4_free_branches:1026: inode #13: comm syz.2.41: invalid indirect mapped block 2683928664 (level 0) [ 37.476102][ C1] sched: RT throttling activated [ 37.494383][ T501] EXT4-fs (loop0): dax option not supported [ 37.502385][ T499] EXT4-fs error (device loop1048578): __ext4_get_inode_loc:4437: comm syz.2.41: Invalid inode table block 0 in block_group 0 [ 37.532564][ T499] EXT4-fs error (device loop1048578) in ext4_reserve_inode_write:5900: Corrupt filesystem [ 37.964510][ T499] EXT4-fs error (device loop1048578) in ext4_orphan_del:3292: Corrupt filesystem [ 38.008275][ T499] EXT4-fs error (device loop1048578): __ext4_get_inode_loc:4437: comm syz.2.41: Invalid inode table block 0 in block_group 0 [ 38.036603][ T521] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c118, mo2=0002] [ 38.053768][ T521] System zones: 0-2, 18-18, 34-34 [ 38.174590][ T521] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.45: bg 0: block 248: padding at end of block bitmap is not set [ 38.189107][ T521] Quota error (device loop1): write_blk: dquota write failed [ 38.196881][ T521] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 38.208087][ T521] EXT4-fs error (device loop1): ext4_acquire_dquot:6226: comm syz.1.45: Failed to acquire dquot type 1 [ 38.215989][ T499] EXT4-fs error (device loop1048578) in ext4_reserve_inode_write:5900: Corrupt filesystem [ 38.221572][ T24] audit: type=1400 audit(1746502772.660:228): avc: denied { unmount } for pid=269 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 38.261874][ T521] EXT4-fs (loop1): 1 truncate cleaned up [ 38.346469][ T499] EXT4-fs error (device loop1048578): ext4_truncate:4389: inode #13: comm syz.2.41: mark_inode_dirty error [ 38.376994][ T521] EXT4-fs (loop1): mounted filesystem without journal. Opts: discard,noload,debug,,errors=continue [ 38.446671][ T521] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 38.466327][ T499] EXT4-fs error (device loop1048578) in ext4_orphan_cleanup:3108: Corrupt filesystem [ 38.477107][ T499] EXT4-fs (loop1048578): 1 truncate cleaned up [ 38.483361][ T499] EXT4-fs (loop1048578): mounted filesystem without journal. Opts: noblock_validity,resuid=0x000000000000ee00,,errors=continue [ 38.749791][ T538] ------------[ cut here ]------------ [ 38.755465][ T538] WARNING: CPU: 1 PID: 538 at fs/sysfs/group.c:116 internal_create_group+0xe4/0xcf0 [ 38.765290][ T538] Modules linked in: [ 38.769320][ T538] CPU: 1 PID: 538 Comm: syz.2.48 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 38.781497][ T538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 38.791784][ T538] RIP: 0010:internal_create_group+0xe4/0xcf0 [ 38.797908][ T538] Code: 00 74 08 48 89 df e8 db c4 d7 ff 48 8b 03 83 7c 24 1c 00 74 22 48 85 c0 0f 84 ef 0b 00 00 e8 23 de 9d ff eb 20 e8 1c de 9d ff <0f> 0b 41 be ea ff ff ff e9 40 0b 00 00 48 85 c0 0f 84 dd 0b 00 00 [ 38.817663][ T538] RSP: 0018:ffffc90000ee7140 EFLAGS: 00010287 [ 38.823806][ T538] RAX: ffffffff81c5ba8c RBX: ffff88812a58b098 RCX: 0000000000080000 [ 38.831982][ T538] RDX: ffffc90001d2d000 RSI: 0000000000005ed3 RDI: 0000000000005ed4 [ 38.840115][ T538] RBP: ffffc90000ee7248 R08: dffffc0000000000 R09: ffffed10215c8466 [ 38.848298][ T538] R10: ffffed10215c8466 R11: 1ffff110215c8465 R12: 1ffff920001dce38 [ 38.856368][ T538] R13: dffffc0000000000 R14: ffffffff866337c0 R15: 1ffff110254b1613 [ 38.864430][ T538] FS: 00007f0794ca86c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 38.873476][ T538] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.880220][ T538] CR2: 00007ff30bb2bfd2 CR3: 0000000111390000 CR4: 00000000003506b0 [ 38.888301][ T538] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 38.896354][ T538] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 38.904412][ T538] Call Trace: [ 38.908699][ T538] ? rt_mutex_setprio+0xb40/0xb40 [ 38.913760][ T538] ? sysfs_create_group+0x30/0x30 [ 38.919143][ T538] ? __kasan_check_write+0x14/0x20 [ 38.924273][ T538] sysfs_create_group+0x1f/0x30 [ 38.929599][ T538] loop_configure+0xc2f/0x1260 [ 38.934386][ T538] lo_ioctl+0x76d/0x1a80 [ 38.938908][ T538] ? lo_release+0x1f0/0x1f0 [ 38.943480][ T538] ? is_bpf_text_address+0x177/0x190 [ 38.949023][ T538] ? __kernel_text_address+0xa0/0x100 [ 38.954629][ T538] ? unwind_get_return_address+0x4d/0x90 [ 38.960346][ T538] ? stack_trace_save+0xe0/0xe0 [ 38.965281][ T538] ? arch_stack_walk+0xee/0x140 [ 38.970233][ T538] ? __kasan_check_write+0x14/0x20 [ 38.975392][ T538] ? kobject_get_unless_zero+0x15e/0x1e0 [ 38.981198][ T538] ? __kobject_del+0x2f0/0x2f0 [ 38.985982][ T538] ? __kasan_check_write+0x14/0x20 [ 38.991370][ T538] ? mutex_lock+0x8c/0xe0 [ 38.995705][ T538] ? mutex_trylock+0xa0/0xa0 [ 39.000335][ T538] ? bdev_check_media_change+0x350/0x350 [ 39.005982][ T538] ? __kasan_check_write+0x14/0x20 [ 39.011119][ T538] ? bdev_check_media_change+0x350/0x350 [ 39.016804][ T538] ? __kasan_check_write+0x14/0x20 [ 39.021908][ T538] ? _raw_spin_lock+0x8e/0xe0 [ 39.026615][ T538] ? _raw_spin_trylock_bh+0x130/0x130 [ 39.032001][ T538] ? __kasan_check_write+0x14/0x20 [ 39.037518][ T538] ? __kasan_check_write+0x14/0x20 [ 39.042635][ T538] ? __kasan_check_write+0x14/0x20 [ 39.047787][ T538] ? disk_unblock_events+0x51/0x60 [ 39.052918][ T538] ? is_bpf_text_address+0x177/0x190 [ 39.058321][ T538] ? __kernel_text_address+0xa0/0x100 [ 39.063719][ T538] ? unwind_get_return_address+0x4d/0x90 [ 39.069564][ T538] ? stack_trace_save+0xe0/0xe0 [ 39.074436][ T538] ? arch_stack_walk+0xee/0x140 [ 39.079331][ T538] ? memcpy+0x56/0x70 [ 39.083349][ T538] ? avc_has_extended_perms+0x7f0/0xc30 [ 39.088917][ T538] ? avc_ss_reset+0x280/0x280 [ 39.093603][ T538] ? kasan_set_track+0x5b/0x70 [ 39.098421][ T538] ? __kasan_slab_free+0x11/0x20 [ 39.103395][ T538] ? slab_free_freelist_hook+0xc5/0x190 [ 39.109002][ T538] ? kmem_cache_free+0x100/0x2d0 [ 39.113955][ T538] ? putname+0xfe/0x150 [ 39.118166][ T538] ? do_sys_openat2+0x207/0x6d0 [ 39.123036][ T538] ? blkdev_common_ioctl+0xf90/0x1a80 [ 39.128795][ T538] ? blkdev_bszset+0x1e0/0x1e0 [ 39.133595][ T538] ? do_vfs_ioctl+0x766/0x1510 [ 39.138402][ T538] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 39.144049][ T538] ? has_cap_mac_admin+0x330/0x330 [ 39.149214][ T538] ? __kasan_slab_free+0x11/0x20 [ 39.154160][ T538] ? slab_free_freelist_hook+0xc5/0x190 [ 39.159731][ T538] ? putname+0xfe/0x150 [ 39.163930][ T538] ? kmem_cache_free+0x100/0x2d0 [ 39.168903][ T538] ? selinux_file_ioctl+0x377/0x480 [ 39.174113][ T538] ? lo_release+0x1f0/0x1f0 [ 39.178680][ T538] blkdev_ioctl+0x2d2/0x5b0 [ 39.183221][ T538] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 39.188729][ T538] ? __fget_files+0x2c4/0x320 [ 39.193461][ T538] block_ioctl+0xae/0x100 [ 39.197828][ T538] ? blkdev_iopoll+0x100/0x100 [ 39.202592][ T538] __se_sys_ioctl+0x121/0x1a0 [ 39.207294][ T538] __x64_sys_ioctl+0x7b/0x90 [ 39.211899][ T538] do_syscall_64+0x31/0x40 [ 39.216386][ T538] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 39.222293][ T538] RIP: 0033:0x7f079663f56b [ 39.226747][ T538] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 39.246493][ T538] RSP: 002b:00007f0794ca7dc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 39.254897][ T538] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f079663f56b [ 39.262938][ T538] RDX: 0000000000000003 RSI: 0000000000004c00 RDI: 0000000000000004 [ 39.270957][ T538] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000050c [ 39.279057][ T538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 39.287079][ T538] R13: 00007f0794ca7ef0 R14: 00007f0794ca7eb0 R15: 00007f078c888000 [ 39.295071][ T538] ---[ end trace b5f5bb3d4f4b78a9 ]--- [ 39.468731][ T538] EXT4-fs (loop1048578): 1 orphan inode deleted [ 39.475060][ T538] EXT4-fs (loop1048578): mounted filesystem without journal. Opts: ,errors=continue [ 39.484606][ T538] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 39.573237][ T550] fuse: Bad value for 'fd' [ 39.619038][ T541] erofs: (device loop3): mounted with root inode @ nid 36. [ 39.858691][ T24] audit: type=1326 audit(1746502774.290:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=537 comm="syz.2.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f079663f969 code=0x7ffc0000 [ 39.882243][ T24] audit: type=1326 audit(1746502774.290:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=537 comm="syz.2.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f079663f969 code=0x7ffc0000 [ 39.905474][ T24] audit: type=1326 audit(1746502774.290:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=537 comm="syz.2.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f079663f969 code=0x7ffc0000 [ 39.951936][ T24] audit: type=1326 audit(1746502774.290:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=537 comm="syz.2.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f079663f969 code=0x7ffc0000 [ 39.977560][ T24] audit: type=1326 audit(1746502774.300:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=537 comm="syz.2.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f079663f969 code=0x7ffc0000 [ 39.978954][ T548] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue [ 40.000774][ T24] audit: type=1326 audit(1746502774.320:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=537 comm="syz.2.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f079663f969 code=0x7ffc0000 [ 40.037647][ T553] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 40.086243][ T548] ext4 filesystem being mounted at /10/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 40.094915][ T553] EXT4-fs (loop1): 1 truncate cleaned up [ 40.115777][ T553] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 40.125272][ T548] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 40.134233][ T548] EXT4-fs error (device loop0): ext4_dirty_inode:6110: inode #2: comm syz.0.50: mark_inode_dirty error [ 40.147534][ T548] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 40.159135][ T548] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 40.167654][ T548] EXT4-fs error (device loop0): ext4_dirty_inode:6110: inode #2: comm syz.0.50: mark_inode_dirty error [ 40.183331][ T548] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 40.198788][ T548] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #2: comm syz.0.50: mark_inode_dirty error [ 40.261859][ T548] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 40.366236][ T548] EXT4-fs error (device loop0): ext4_dirty_inode:6110: inode #2: comm syz.0.50: mark_inode_dirty error [ 40.773631][ T575] fuse: Bad value for 'fd' [ 41.116472][ T577] erofs: (device loop3): mounted with root inode @ nid 36. [ 41.580401][ T582] erofs: (device loop1): mounted with root inode @ nid 36. [ 41.837422][ T589] EXT4-fs (loop4): Test dummy encryption mode enabled [ 41.846213][ T589] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5 [ 41.846213][ T589] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 41.846213][ T589] [ 41.865181][ T589] EXT4-fs (loop4): dax option not supported [ 41.906163][ T54] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 41.915246][ T591] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue [ 41.928996][ T591] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 42.000473][ T591] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 42.010836][ T591] EXT4-fs error (device loop0): ext4_dirty_inode:6110: inode #2: comm syz.0.60: mark_inode_dirty error [ 42.022363][ T591] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 42.030950][ T591] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #2: comm syz.0.60: mark_inode_dirty error [ 42.266232][ T54] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 42.275282][ T54] usb 3-1: config 1 has no interface number 1 [ 42.281443][ T54] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4 [ 42.319865][ T603] EXT4-fs (loop3): 1 orphan inode deleted [ 42.325766][ T603] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 42.335073][ T603] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 42.412921][ T24] kauditd_printk_skb: 46 callbacks suppressed [ 42.412935][ T24] audit: type=1326 audit(1746502776.860:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=602 comm="syz.3.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 42.442785][ T605] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c118, mo2=0002] [ 42.451264][ T605] System zones: 0-2, 18-18, 34-34 [ 42.456264][ T54] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 42.457684][ T605] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.62: bg 0: block 248: padding at end of block bitmap is not set [ 42.465442][ T54] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 42.465453][ T54] usb 3-1: Product: syz [ 42.465462][ T54] usb 3-1: Manufacturer: syz [ 42.465472][ T54] usb 3-1: SerialNumber: syz [ 42.501756][ T605] Quota error (device loop0): write_blk: dquota write failed [ 42.509325][ T605] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 42.519328][ T605] EXT4-fs error (device loop0): ext4_acquire_dquot:6226: comm syz.0.62: Failed to acquire dquot type 1 [ 42.531007][ T605] EXT4-fs (loop0): 1 truncate cleaned up [ 42.536722][ T605] EXT4-fs (loop0): mounted filesystem without journal. Opts: discard,noload,debug,,errors=continue [ 42.540734][ T24] audit: type=1326 audit(1746502776.860:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=602 comm="syz.3.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 42.547578][ T605] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 42.581857][ T24] audit: type=1326 audit(1746502776.860:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=602 comm="syz.3.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 42.605355][ T24] audit: type=1326 audit(1746502776.860:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=602 comm="syz.3.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 42.628717][ T24] audit: type=1326 audit(1746502776.870:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=602 comm="syz.3.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 42.652050][ T24] audit: type=1326 audit(1746502776.870:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=602 comm="syz.3.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 42.675382][ T24] audit: type=1326 audit(1746502776.870:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=602 comm="syz.3.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 42.698749][ T24] audit: type=1326 audit(1746502776.870:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=602 comm="syz.3.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 42.846440][ T54] usb 3-1: 2:1 : unsupported format bits 0x8000000000000000 [ 42.878061][ T54] usb 3-1: USB disconnect, device number 3 [ 43.089168][ T619] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 43.127156][ T619] EXT4-fs (loop1): 1 truncate cleaned up [ 43.132990][ T619] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 43.199990][ T614] F2FS-fs (loop3): invalid crc value [ 43.207361][ T614] F2FS-fs (loop3): Found nat_bits in checkpoint [ 43.208124][ T327] udevd[327]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 43.270251][ T614] F2FS-fs (loop3): recover fsync data on readonly fs [ 43.277379][ T614] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 43.467189][ T629] EXT4-fs (loop0): Test dummy encryption mode enabled [ 43.474060][ T629] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5 [ 43.474060][ T629] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 43.474060][ T629] [ 43.491767][ T629] EXT4-fs (loop0): dax option not supported [ 43.651296][ T637] netlink: 48 bytes leftover after parsing attributes in process `syz.1.70'. [ 43.729335][ T638] netlink: 20 bytes leftover after parsing attributes in process `syz.3.64'. [ 45.016604][ T299] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 45.025735][ T646] EXT4-fs (loop4): Test dummy encryption mode enabled [ 45.032735][ T646] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5 [ 45.032735][ T646] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 45.032735][ T646] [ 45.050478][ T646] EXT4-fs (loop4): dax option not supported [ 45.068000][ T644] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue [ 45.081685][ T644] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 45.129223][ T649] ------------[ cut here ]------------ [ 45.134795][ T649] WARNING: CPU: 1 PID: 649 at fs/sysfs/group.c:116 internal_create_group+0xe4/0xcf0 [ 45.144505][ T649] Modules linked in: [ 45.148523][ T649] CPU: 1 PID: 649 Comm: syz.2.74 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 45.159744][ T649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 45.170077][ T649] RIP: 0010:internal_create_group+0xe4/0xcf0 [ 45.176377][ T649] Code: 00 74 08 48 89 df e8 db c4 d7 ff 48 8b 03 83 7c 24 1c 00 74 22 48 85 c0 0f 84 ef 0b 00 00 e8 23 de 9d ff eb 20 e8 1c de 9d ff <0f> 0b 41 be ea ff ff ff e9 40 0b 00 00 48 85 c0 0f 84 dd 0b 00 00 [ 45.196312][ T649] RSP: 0018:ffffc90000ec7140 EFLAGS: 00010283 [ 45.202398][ T649] RAX: ffffffff81c5ba8c RBX: ffff88812a58b098 RCX: 0000000000080000 [ 45.210414][ T649] RDX: ffffc90001d2d000 RSI: 0000000000005806 RDI: 0000000000005807 [ 45.218468][ T649] RBP: ffffc90000ec7248 R08: dffffc0000000000 R09: ffffed10215c8466 [ 45.226641][ T649] R10: ffffed10215c8466 R11: 1ffff110215c8465 R12: 1ffff920001d8e38 [ 45.234706][ T649] R13: dffffc0000000000 R14: ffffffff866337c0 R15: 1ffff110254b1613 [ 45.242798][ T649] FS: 00007f0794ca86c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 45.251822][ T649] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.259995][ T649] CR2: 00007ff313f28f98 CR3: 000000011a65c000 CR4: 00000000003506a0 [ 45.268614][ T649] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.330548][ T649] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.339146][ T649] Call Trace: [ 45.343038][ T649] ? rt_mutex_setprio+0xb40/0xb40 [ 45.349005][ T649] ? sysfs_create_group+0x30/0x30 [ 45.354604][ T649] ? __kasan_check_write+0x14/0x20 [ 45.360471][ T649] sysfs_create_group+0x1f/0x30 [ 45.367834][ T649] loop_configure+0xc2f/0x1260 [ 45.372856][ T649] lo_ioctl+0x76d/0x1a80 [ 45.377712][ T649] ? __this_cpu_preempt_check+0x13/0x20 [ 45.383564][ T649] ? _raw_spin_unlock_irq+0x4e/0x70 [ 45.389270][ T649] ? lo_release+0x1f0/0x1f0 [ 45.394026][ T649] ? __switch_to_asm+0x34/0x60 [ 45.399030][ T649] ? __schedule+0xb4f/0x1310 [ 45.404138][ T649] ? __kasan_check_write+0x14/0x20 [ 45.410016][ T649] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 45.415674][ T649] ? _raw_spin_lock+0xe0/0xe0 [ 45.420483][ T649] ? _raw_spin_lock+0x8e/0xe0 [ 45.425244][ T649] ? unwind_get_return_address+0x4d/0x90 [ 45.431049][ T649] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 45.437144][ T649] ? try_to_wake_up+0x616/0xd70 [ 45.442134][ T649] ? __kasan_check_write+0x14/0x20 [ 45.447367][ T649] ? __kasan_check_write+0x14/0x20 [ 45.452545][ T649] ? wake_up_q+0x12c/0x1e0 [ 45.457111][ T649] ? __mutex_unlock_slowpath+0x1f2/0x2f0 [ 45.462781][ T649] ? mutex_unlock+0x40/0x40 [ 45.467363][ T649] ? __kasan_check_write+0x14/0x20 [ 45.472522][ T649] ? _raw_spin_lock+0x8e/0xe0 [ 45.477506][ T649] ? _raw_spin_trylock_bh+0x130/0x130 [ 45.484804][ T649] ? __kasan_check_write+0x14/0x20 [ 45.490300][ T649] ? __kasan_check_write+0x14/0x20 [ 45.495616][ T649] ? disk_unblock_events+0x51/0x60 [ 45.500826][ T649] ? 0xffffffffa0028a54 [ 45.505032][ T649] ? is_bpf_text_address+0x177/0x190 [ 45.510495][ T649] ? __kernel_text_address+0xa0/0x100 [ 45.515939][ T649] ? unwind_get_return_address+0x4d/0x90 [ 45.521788][ T649] ? stack_trace_save+0xe0/0xe0 [ 45.526815][ T649] ? arch_stack_walk+0xee/0x140 [ 45.531709][ T649] ? memcpy+0x56/0x70 [ 45.535765][ T649] ? avc_has_extended_perms+0x7f0/0xc30 [ 45.541423][ T649] ? avc_ss_reset+0x280/0x280 [ 45.546286][ T649] ? kasan_set_track+0x5b/0x70 [ 45.551105][ T649] ? __kasan_slab_free+0x11/0x20 [ 45.556067][ T649] ? slab_free_freelist_hook+0xc5/0x190 [ 45.561691][ T649] ? kmem_cache_free+0x100/0x2d0 [ 45.566745][ T649] ? putname+0xfe/0x150 [ 45.570957][ T649] ? do_sys_openat2+0x207/0x6d0 [ 45.575896][ T649] ? blkdev_common_ioctl+0xf90/0x1a80 [ 45.581352][ T649] ? blkdev_bszset+0x1e0/0x1e0 [ 45.586268][ T649] ? do_vfs_ioctl+0x766/0x1510 [ 45.591072][ T649] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 45.596758][ T649] ? has_cap_mac_admin+0x330/0x330 [ 45.601943][ T649] ? __kasan_slab_free+0x11/0x20 [ 45.607083][ T649] ? slab_free_freelist_hook+0xc5/0x190 [ 45.612704][ T649] ? putname+0xfe/0x150 [ 45.616925][ T649] ? kmem_cache_free+0x100/0x2d0 [ 45.621907][ T649] ? selinux_file_ioctl+0x377/0x480 [ 45.627264][ T649] ? lo_release+0x1f0/0x1f0 [ 45.631837][ T649] blkdev_ioctl+0x2d2/0x5b0 [ 45.636400][ T649] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 45.641899][ T649] ? __fget_files+0x2c4/0x320 [ 45.646790][ T649] block_ioctl+0xae/0x100 [ 45.651159][ T649] ? blkdev_iopoll+0x100/0x100 [ 45.656068][ T649] __se_sys_ioctl+0x121/0x1a0 [ 45.661082][ T649] __x64_sys_ioctl+0x7b/0x90 [ 45.665712][ T649] do_syscall_64+0x31/0x40 [ 45.670328][ T649] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 45.676330][ T649] RIP: 0033:0x7f079663f56b [ 45.680807][ T649] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 45.700594][ T649] RSP: 002b:00007f0794ca7dc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 45.709246][ T649] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f079663f56b [ 45.717454][ T649] RDX: 000000000000000a RSI: 0000000000004c00 RDI: 000000000000000b [ 45.725506][ T649] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000434 [ 45.733710][ T649] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a [ 45.741847][ T649] R13: 00007f0794ca7ef0 R14: 00007f0794ca7eb0 R15: 00007f078c888000 [ 45.750053][ T649] ---[ end trace b5f5bb3d4f4b78aa ]--- [ 45.756732][ T299] usb 2-1: New USB device found, idVendor=08fd, idProduct=0002, bcdDevice=ca.fd [ 45.766704][ T299] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 45.774783][ T299] usb 2-1: Product: syz [ 45.779346][ T299] usb 2-1: Manufacturer: syz [ 45.788114][ T299] usb 2-1: SerialNumber: syz [ 45.793987][ T299] usb 2-1: config 0 descriptor?? [ 45.799897][ T644] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 45.808735][ T644] EXT4-fs error (device loop0): ext4_dirty_inode:6110: inode #2: comm syz.0.73: mark_inode_dirty error [ 45.820364][ T644] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27 [ 45.828832][ T644] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #2: comm syz.0.73: mark_inode_dirty error [ 45.829053][ T649] EXT4-fs (loop1048578): encrypted files will use data=ordered instead of data journaling mode [ 45.881237][ T649] EXT4-fs (loop1048578): 1 truncate cleaned up [ 45.890733][ T649] EXT4-fs (loop1048578): mounted filesystem without journal. Opts: ,errors=continue [ 46.060293][ T299] usb 2-1: USB disconnect, device number 3 [ 46.110419][ T669] ------------[ cut here ]------------ [ 46.115936][ T669] WARNING: CPU: 0 PID: 669 at fs/sysfs/group.c:116 internal_create_group+0xe4/0xcf0 [ 46.135766][ T669] Modules linked in: [ 46.146777][ T669] CPU: 0 PID: 669 Comm: syz.2.77 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 46.164639][ T669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 46.175283][ T669] RIP: 0010:internal_create_group+0xe4/0xcf0 [ 46.181472][ T669] Code: 00 74 08 48 89 df e8 db c4 d7 ff 48 8b 03 83 7c 24 1c 00 74 22 48 85 c0 0f 84 ef 0b 00 00 e8 23 de 9d ff eb 20 e8 1c de 9d ff <0f> 0b 41 be ea ff ff ff e9 40 0b 00 00 48 85 c0 0f 84 dd 0b 00 00 [ 46.201890][ T669] RSP: 0018:ffffc90000e37140 EFLAGS: 00010287 [ 46.208155][ T669] RAX: ffffffff81c5ba8c RBX: ffff88812a58b098 RCX: 0000000000080000 [ 46.216276][ T669] RDX: ffffc90001d2d000 RSI: 00000000000011f8 RDI: 00000000000011f9 [ 46.224346][ T669] RBP: ffffc90000e37248 R08: dffffc0000000000 R09: ffffed10215c8466 [ 46.232478][ T669] R10: ffffed10215c8466 R11: 1ffff110215c8465 R12: 1ffff920001c6e38 [ 46.240601][ T669] R13: dffffc0000000000 R14: ffffffff866337c0 R15: 1ffff110254b1613 [ 46.248738][ T669] FS: 00007f0794ca86c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 46.257707][ T669] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.264334][ T669] CR2: 000055555b5e14a8 CR3: 000000011b0dd000 CR4: 00000000003506a0 [ 46.272651][ T669] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 46.280656][ T669] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 46.288676][ T669] Call Trace: [ 46.291983][ T669] ? rt_mutex_setprio+0xb40/0xb40 [ 46.297054][ T669] ? sysfs_create_group+0x30/0x30 [ 46.302093][ T669] ? __kasan_check_write+0x14/0x20 [ 46.307232][ T669] sysfs_create_group+0x1f/0x30 [ 46.312115][ T669] loop_configure+0xc2f/0x1260 [ 46.316912][ T669] lo_ioctl+0x76d/0x1a80 [ 46.321278][ T669] ? lo_release+0x1f0/0x1f0 [ 46.325791][ T669] ? is_bpf_text_address+0x177/0x190 [ 46.331220][ T669] ? __kernel_text_address+0xa0/0x100 [ 46.336632][ T669] ? unwind_get_return_address+0x4d/0x90 [ 46.342254][ T669] ? stack_trace_save+0xe0/0xe0 [ 46.347215][ T669] ? arch_stack_walk+0xee/0x140 [ 46.352096][ T669] ? __kasan_check_write+0x14/0x20 [ 46.357242][ T669] ? kobject_get_unless_zero+0x15e/0x1e0 [ 46.362884][ T669] ? __kobject_del+0x2f0/0x2f0 [ 46.367679][ T669] ? __kasan_check_write+0x14/0x20 [ 46.372803][ T669] ? mutex_lock+0x8c/0xe0 [ 46.377201][ T669] ? mutex_trylock+0xa0/0xa0 [ 46.381812][ T669] ? bdev_check_media_change+0x350/0x350 [ 46.387505][ T669] ? __kasan_check_write+0x14/0x20 [ 46.392630][ T669] ? bdev_check_media_change+0x350/0x350 [ 46.398320][ T669] ? __kasan_check_write+0x14/0x20 [ 46.403447][ T669] ? _raw_spin_lock+0x8e/0xe0 [ 46.408179][ T669] ? _raw_spin_trylock_bh+0x130/0x130 [ 46.413572][ T669] ? __kasan_check_write+0x14/0x20 [ 46.418739][ T669] ? __kasan_check_write+0x14/0x20 [ 46.423860][ T669] ? __kasan_check_write+0x14/0x20 [ 46.428998][ T669] ? disk_unblock_events+0x51/0x60 [ 46.434124][ T669] ? is_bpf_text_address+0x177/0x190 [ 46.439440][ T669] ? __kernel_text_address+0xa0/0x100 [ 46.444986][ T669] ? unwind_get_return_address+0x4d/0x90 [ 46.450674][ T669] ? stack_trace_save+0xe0/0xe0 [ 46.455535][ T669] ? arch_stack_walk+0xee/0x140 [ 46.460443][ T669] ? memcpy+0x56/0x70 [ 46.464441][ T669] ? avc_has_extended_perms+0x7f0/0xc30 [ 46.470036][ T669] ? avc_ss_reset+0x280/0x280 [ 46.474920][ T669] ? kasan_set_track+0x5b/0x70 [ 46.479779][ T669] ? __kasan_slab_free+0x11/0x20 [ 46.484719][ T669] ? slab_free_freelist_hook+0xc5/0x190 [ 46.490292][ T669] ? kmem_cache_free+0x100/0x2d0 [ 46.495242][ T669] ? putname+0xfe/0x150 [ 46.499423][ T669] ? do_sys_openat2+0x207/0x6d0 [ 46.504286][ T669] ? blkdev_common_ioctl+0xf90/0x1a80 [ 46.509698][ T669] ? blkdev_bszset+0x1e0/0x1e0 [ 46.514465][ T669] ? do_vfs_ioctl+0x766/0x1510 [ 46.519257][ T669] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 46.524899][ T669] ? has_cap_mac_admin+0x330/0x330 [ 46.530053][ T669] ? __kasan_slab_free+0x11/0x20 [ 46.535001][ T669] ? slab_free_freelist_hook+0xc5/0x190 [ 46.540585][ T669] ? putname+0xfe/0x150 [ 46.544742][ T669] ? kmem_cache_free+0x100/0x2d0 [ 46.549707][ T669] ? selinux_file_ioctl+0x377/0x480 [ 46.554938][ T669] ? lo_release+0x1f0/0x1f0 [ 46.559473][ T669] blkdev_ioctl+0x2d2/0x5b0 [ 46.564015][ T669] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 46.569514][ T669] ? __fget_files+0x2c4/0x320 [ 46.574215][ T669] block_ioctl+0xae/0x100 [ 46.578578][ T669] ? blkdev_iopoll+0x100/0x100 [ 46.583352][ T669] __se_sys_ioctl+0x121/0x1a0 [ 46.588354][ T669] __x64_sys_ioctl+0x7b/0x90 [ 46.593262][ T669] do_syscall_64+0x31/0x40 [ 46.597752][ T669] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.603645][ T669] RIP: 0033:0x7f079663f56b [ 46.608103][ T669] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 46.627861][ T669] RSP: 002b:00007f0794ca7dc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 46.636299][ T669] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f079663f56b [ 46.644271][ T669] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 46.652383][ T669] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000000001d9 [ 46.660405][ T669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 46.668441][ T669] R13: 00007f0794ca7ef0 R14: 00007f0794ca7eb0 R15: 00007f078c888000 [ 46.676440][ T669] ---[ end trace b5f5bb3d4f4b78ab ]--- [ 46.843062][ T671] EXT4-fs (loop3): Test dummy encryption mode enabled [ 46.852615][ T674] process 'syz.0.79' launched './file0' with NULL argv: empty string added [ 46.856350][ T669] erofs: (device loop1048578): mounted with root inode @ nid 36. [ 46.861450][ T671] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5 [ 46.861450][ T671] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 46.861450][ T671] [ 46.886982][ T671] EXT4-fs (loop3): dax option not supported [ 47.178211][ T688] fuse: Bad value for 'fd' [ 48.061480][ T24] kauditd_printk_skb: 46 callbacks suppressed [ 48.061494][ T24] audit: type=1400 audit(1746502782.510:335): avc: denied { write } for pid=689 comm="syz.0.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 48.157290][ T697] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 48.581452][ T701] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 48.632759][ T701] EXT4-fs (loop4): 1 truncate cleaned up [ 48.642870][ T703] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 33619980: comm syz.0.85: invalid block [ 48.645846][ T706] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 48.664937][ T701] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 48.667383][ T706] EXT4-fs (loop3): 1 truncate cleaned up [ 48.680119][ T706] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 48.691478][ T703] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.85: bg 0: block 392: padding at end of block bitmap is not set [ 48.727073][ T703] EXT4-fs error (device loop0) in ext4_mb_clear_bb:5645: Corrupt filesystem [ 48.737446][ T703] EXT4-fs error (device loop0): ext4_clear_blocks:880: inode #13: comm syz.0.85: attempt to clear invalid blocks 983260 len 1 [ 48.759916][ T703] EXT4-fs error (device loop0): ext4_free_branches:1026: inode #13: comm syz.0.85: invalid indirect mapped block 2683928664 (level 0) [ 48.802629][ T703] EXT4-fs error (device loop0): __ext4_get_inode_loc:4437: comm syz.0.85: Invalid inode table block 0 in block_group 0 [ 48.821318][ T703] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5900: Corrupt filesystem [ 48.836925][ T703] EXT4-fs error (device loop0) in ext4_orphan_del:3292: Corrupt filesystem [ 48.850058][ T703] EXT4-fs error (device loop0): __ext4_get_inode_loc:4437: comm syz.0.85: Invalid inode table block 0 in block_group 0 [ 48.901806][ T703] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5900: Corrupt filesystem [ 48.913133][ T703] EXT4-fs error (device loop0): ext4_truncate:4389: inode #13: comm syz.0.85: mark_inode_dirty error [ 48.926635][ T703] EXT4-fs error (device loop0) in ext4_orphan_cleanup:3108: Corrupt filesystem [ 48.961725][ T703] EXT4-fs (loop0): 1 truncate cleaned up [ 48.967760][ T703] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,resuid=0x000000000000ee00,,errors=continue [ 49.140218][ T724] ------------[ cut here ]------------ [ 49.152290][ T724] WARNING: CPU: 1 PID: 724 at fs/sysfs/group.c:116 internal_create_group+0xe4/0xcf0 [ 49.162273][ T724] Modules linked in: [ 49.166274][ T724] CPU: 1 PID: 724 Comm: syz.2.90 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 49.177555][ T724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 49.187765][ T724] RIP: 0010:internal_create_group+0xe4/0xcf0 [ 49.193761][ T724] Code: 00 74 08 48 89 df e8 db c4 d7 ff 48 8b 03 83 7c 24 1c 00 74 22 48 85 c0 0f 84 ef 0b 00 00 e8 23 de 9d ff eb 20 e8 1c de 9d ff <0f> 0b 41 be ea ff ff ff e9 40 0b 00 00 48 85 c0 0f 84 dd 0b 00 00 [ 49.215945][ T724] RSP: 0018:ffffc90000de7140 EFLAGS: 00010283 [ 49.223131][ T724] RAX: ffffffff81c5ba8c RBX: ffff88812a58b098 RCX: 0000000000080000 [ 49.231577][ T724] RDX: ffffc90001d2d000 RSI: 0000000000005a15 RDI: 0000000000005a16 [ 49.239664][ T724] RBP: ffffc90000de7248 R08: dffffc0000000000 R09: ffffed10215c8466 [ 49.247745][ T724] R10: ffffed10215c8466 R11: 1ffff110215c8465 R12: 1ffff920001bce38 [ 49.255740][ T724] R13: dffffc0000000000 R14: ffffffff866337c0 R15: 1ffff110254b1613 [ 49.264085][ T724] FS: 00007f0794ca86c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 49.273093][ T724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.280096][ T724] CR2: 00007ffd440e8fc8 CR3: 0000000118e3a000 CR4: 00000000003526a0 [ 49.288316][ T724] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 49.296409][ T724] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 49.305587][ T724] Call Trace: [ 49.309038][ T724] ? rt_mutex_setprio+0xb40/0xb40 [ 49.314085][ T724] ? sysfs_create_group+0x30/0x30 [ 49.319243][ T724] ? __kasan_check_write+0x14/0x20 [ 49.324374][ T724] sysfs_create_group+0x1f/0x30 [ 49.329282][ T724] loop_configure+0xc2f/0x1260 [ 49.334114][ T724] lo_ioctl+0x76d/0x1a80 [ 49.338410][ T724] ? lo_release+0x1f0/0x1f0 [ 49.342956][ T724] ? is_bpf_text_address+0x177/0x190 [ 49.348287][ T724] ? __kernel_text_address+0xa0/0x100 [ 49.353742][ T724] ? unwind_get_return_address+0x4d/0x90 [ 49.359432][ T724] ? stack_trace_save+0xe0/0xe0 [ 49.364335][ T724] ? arch_stack_walk+0xee/0x140 [ 49.369245][ T724] ? __kasan_check_write+0x14/0x20 [ 49.374369][ T724] ? kobject_get_unless_zero+0x15e/0x1e0 [ 49.380095][ T724] ? __kobject_del+0x2f0/0x2f0 [ 49.384904][ T724] ? __kasan_check_write+0x14/0x20 [ 49.390071][ T724] ? mutex_lock+0x8c/0xe0 [ 49.394405][ T724] ? mutex_trylock+0xa0/0xa0 [ 49.399070][ T724] ? bdev_check_media_change+0x350/0x350 [ 49.404823][ T724] ? __kasan_check_write+0x14/0x20 [ 49.410076][ T724] ? bdev_check_media_change+0x350/0x350 [ 49.415718][ T724] ? __kasan_check_write+0x14/0x20 [ 49.420859][ T724] ? _raw_spin_lock+0x8e/0xe0 [ 49.425536][ T724] ? _raw_spin_trylock_bh+0x130/0x130 [ 49.430932][ T724] ? __kasan_check_write+0x14/0x20 [ 49.436057][ T724] ? __kasan_check_write+0x14/0x20 [ 49.441210][ T724] ? __kasan_check_write+0x14/0x20 [ 49.446357][ T724] ? disk_unblock_events+0x51/0x60 [ 49.451455][ T724] ? is_bpf_text_address+0x177/0x190 [ 49.456851][ T724] ? __kernel_text_address+0xa0/0x100 [ 49.462285][ T724] ? unwind_get_return_address+0x4d/0x90 [ 49.467972][ T724] ? stack_trace_save+0xe0/0xe0 [ 49.472821][ T724] ? arch_stack_walk+0xee/0x140 [ 49.477912][ T724] ? memcpy+0x56/0x70 [ 49.481944][ T724] ? avc_has_extended_perms+0x7f0/0xc30 [ 49.487519][ T724] ? avc_ss_reset+0x280/0x280 [ 49.492192][ T724] ? kasan_set_track+0x5b/0x70 [ 49.497192][ T724] ? __kasan_slab_free+0x11/0x20 [ 49.502145][ T724] ? slab_free_freelist_hook+0xc5/0x190 [ 49.507991][ T724] ? kmem_cache_free+0x100/0x2d0 [ 49.512920][ T724] ? putname+0xfe/0x150 [ 49.517124][ T724] ? do_sys_openat2+0x207/0x6d0 [ 49.522000][ T724] ? blkdev_common_ioctl+0xf90/0x1a80 [ 49.527393][ T724] ? blkdev_bszset+0x1e0/0x1e0 [ 49.532150][ T724] ? do_vfs_ioctl+0x766/0x1510 [ 49.536965][ T724] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 49.542602][ T724] ? has_cap_mac_admin+0x330/0x330 [ 49.547731][ T724] ? __kasan_slab_free+0x11/0x20 [ 49.552672][ T724] ? slab_free_freelist_hook+0xc5/0x190 [ 49.558252][ T724] ? putname+0xfe/0x150 [ 49.562403][ T724] ? kmem_cache_free+0x100/0x2d0 [ 49.567381][ T724] ? selinux_file_ioctl+0x377/0x480 [ 49.572582][ T724] ? lo_release+0x1f0/0x1f0 [ 49.577100][ T724] blkdev_ioctl+0x2d2/0x5b0 [ 49.581629][ T724] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 49.587125][ T724] ? __fget_files+0x2c4/0x320 [ 49.591847][ T724] block_ioctl+0xae/0x100 [ 49.596206][ T724] ? blkdev_iopoll+0x100/0x100 [ 49.600978][ T724] __se_sys_ioctl+0x121/0x1a0 [ 49.605637][ T724] __x64_sys_ioctl+0x7b/0x90 [ 49.610247][ T724] do_syscall_64+0x31/0x40 [ 49.614669][ T724] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 49.620586][ T724] RIP: 0033:0x7f079663f56b [ 49.625032][ T724] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 49.644678][ T724] RSP: 002b:00007f0794ca7dc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 49.653136][ T724] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f079663f56b [ 49.661144][ T724] RDX: 0000000000000003 RSI: 0000000000004c00 RDI: 0000000000000004 [ 49.669146][ T724] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000552 [ 49.677139][ T724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 49.685111][ T724] R13: 00007f0794ca7ef0 R14: 00007f0794ca7eb0 R15: 00007f078c888000 [ 49.693110][ T724] ---[ end trace b5f5bb3d4f4b78ac ]--- [ 49.756050][ T24] audit: type=1326 audit(1746502784.200:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=731 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 49.791321][ T24] audit: type=1326 audit(1746502784.210:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=731 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 49.816605][ T24] audit: type=1326 audit(1746502784.210:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=731 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 49.941592][ T728] cgroup: fork rejected by pids controller in /syz1 [ 49.979677][ T724] EXT4-fs (loop1048578): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue [ 50.167575][ T724] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 50.223781][ T737] EXT4-fs (loop4): Test dummy encryption mode enabled [ 50.230717][ T737] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5 [ 50.230717][ T737] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 50.230717][ T737] [ 50.248718][ T737] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 50.325509][ T24] audit: type=1326 audit(1746502784.210:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=731 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 50.347842][ T737] EXT4-fs (loop4): 1 truncate cleaned up [ 50.355269][ T737] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,noauto_da_alloc,noacl,discard,max_batch_time=0x0000000000000008,nolazytime,bsddf,max_batch_time=0x0000000000000995,sb=0x0000000000000010,,errors=continue [ 50.416570][ T24] audit: type=1326 audit(1746502784.210:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=731 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 50.570313][ T24] audit: type=1326 audit(1746502784.210:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=731 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 50.601731][ T24] audit: type=1326 audit(1746502784.210:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=731 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff3158e1969 code=0x7ffc0000 [ 50.620824][ T724] EXT4-fs error (device loop1048578) in ext4_do_update_inode:5303: error 27 [ 50.729100][ T724] EXT4-fs error (device loop1048578): ext4_dirty_inode:6110: inode #2: comm syz.2.90: mark_inode_dirty error [ 50.767658][ T724] EXT4-fs error (device loop1048578) in ext4_do_update_inode:5303: error 27 [ 50.867008][ T847] EXT4-fs error (device loop1048578) in ext4_do_update_inode:5303: error 27 [ 50.903367][ T847] EXT4-fs error (device loop1048578): ext4_dirty_inode:6110: inode #2: comm syz.2.90: mark_inode_dirty error [ 50.925254][ T847] EXT4-fs error (device loop1048578) in ext4_do_update_inode:5303: error 27 [ 50.936435][ T847] EXT4-fs error (device loop1048578): __ext4_ext_dirty:182: inode #2: comm syz.2.90: mark_inode_dirty error [ 50.949211][ T847] EXT4-fs error (device loop1048578) in ext4_do_update_inode:5303: error 27 [ 50.970949][ T847] EXT4-fs error (device loop1048578): ext4_dirty_inode:6110: inode #2: comm syz.2.90: mark_inode_dirty error [ 51.773172][ T862] FAULT_INJECTION: forcing a failure. [ 51.773172][ T862] name failslab, interval 1, probability 0, space 0, times 1 [ 51.785957][ T862] CPU: 1 PID: 862 Comm: syz.4.99 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 51.797166][ T862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 51.807234][ T862] Call Trace: [ 51.810566][ T862] __dump_stack+0x21/0x24 [ 51.814927][ T862] dump_stack_lvl+0x169/0x1d8 [ 51.819606][ T862] ? show_regs_print_info+0x18/0x18 [ 51.824805][ T862] dump_stack+0x15/0x1c [ 51.828965][ T862] should_fail+0x3c1/0x510 [ 51.833382][ T862] ? shmem_alloc_inode+0x1a/0x30 [ 51.838327][ T862] __should_failslab+0xa4/0xe0 [ 51.843199][ T862] should_failslab+0x9/0x20 [ 51.847706][ T862] kmem_cache_alloc+0x3d/0x2e0 [ 51.852474][ T862] ? preempt_schedule_common+0xbe/0xf0 [ 51.857956][ T862] ? shmem_match+0x160/0x160 [ 51.862548][ T862] shmem_alloc_inode+0x1a/0x30 [ 51.867313][ T862] new_inode_pseudo+0x62/0x210 [ 51.872080][ T862] new_inode+0x28/0x1e0 [ 51.876240][ T862] shmem_get_inode+0x34a/0x9d0 [ 51.881005][ T862] ? _raw_spin_unlock+0x60/0x70 [ 51.885853][ T862] __shmem_file_setup+0x113/0x2b0 [ 51.890875][ T862] shmem_file_setup+0x2f/0x40 [ 51.895577][ T862] __se_sys_memfd_create+0x1e6/0x3a0 [ 51.900886][ T862] __x64_sys_memfd_create+0x5b/0x70 [ 51.906098][ T862] do_syscall_64+0x31/0x40 [ 51.910524][ T862] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 51.916417][ T862] RIP: 0033:0x7f075a067969 [ 51.920841][ T862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.940464][ T862] RSP: 002b:00007f075868de18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 51.948896][ T862] RAX: ffffffffffffffda RBX: 000000000000045d RCX: 00007f075a067969 [ 51.956878][ T862] RDX: 00007f075868def0 RSI: 0000000000000000 RDI: 00007f075a0ea444 [ 51.965023][ T862] RBP: 0000200000000b40 R08: 00007f075868dbb7 R09: 00007f075868de40 [ 51.973010][ T862] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000180 [ 51.980994][ T862] R13: 00007f075868def0 R14: 00007f075868deb0 R15: 0000200000000640 [ 53.022177][ T869] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.102: bg 0: block 392: padding at end of block bitmap is not set [ 53.127082][ T878] EXT4-fs (loop3): Test dummy encryption mode enabled [ 53.220322][ T878] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5 [ 53.220322][ T878] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 53.220322][ T878] [ 53.416934][ T878] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 53.656935][ T878] EXT4-fs (loop3): 1 truncate cleaned up [ 53.662693][ T878] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,noauto_da_alloc,noacl,discard,max_batch_time=0x0000000000000008,nolazytime,bsddf,max_batch_time=0x0000000000000995,sb=0x0000000000000010,,errors=continue [ 53.945274][ T869] EXT4-fs error (device loop4) in ext4_mb_clear_bb:5645: Corrupt filesystem [ 53.975459][ T869] EXT4-fs error (device loop4): ext4_clear_blocks:880: inode #13: comm syz.4.102: attempt to clear invalid blocks 983260 len 1 [ 54.006401][ T869] EXT4-fs error (device loop4): ext4_free_branches:1026: inode #13: comm syz.4.102: invalid indirect mapped block 2683928664 (level 0) [ 54.033558][ T869] EXT4-fs error (device loop4): __ext4_get_inode_loc:4437: comm syz.4.102: Invalid inode table block 0 in block_group 0 [ 54.073857][ T869] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5900: Corrupt filesystem [ 54.083935][ T869] EXT4-fs error (device loop4) in ext4_orphan_del:3292: Corrupt filesystem [ 54.093189][ T869] EXT4-fs error (device loop4): __ext4_get_inode_loc:4437: comm syz.4.102: Invalid inode table block 0 in block_group 0 [ 54.106463][ T869] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5900: Corrupt filesystem [ 54.116320][ T869] EXT4-fs error (device loop4): ext4_truncate:4389: inode #13: comm syz.4.102: mark_inode_dirty error [ 54.127826][ T869] EXT4-fs error (device loop4) in ext4_orphan_cleanup:3108: Corrupt filesystem [ 54.137368][ T869] EXT4-fs (loop4): 1 truncate cleaned up [ 54.143140][ T869] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x000000000000ee00,,errors=continue [ 54.207159][ T873] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.214484][ T873] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.221987][ T873] device bridge_slave_0 entered promiscuous mode [ 54.229103][ T873] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.236163][ T873] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.243637][ T873] device bridge_slave_1 entered promiscuous mode [ 54.308014][ T24] audit: type=1326 audit(1746502788.760:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.4.106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075a067969 code=0x7ffc0000 [ 54.342454][ T895] erofs: (device loop3): mounted with root inode @ nid 36. [ 54.344330][ T430] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 54.365443][ T24] audit: type=1326 audit(1746502788.780:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.4.106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f075a067969 code=0x7ffc0000 [ 54.390527][ T24] audit: type=1326 audit(1746502788.780:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.4.106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075a067969 code=0x7ffc0000 [ 54.414741][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.422321][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.439861][ T24] audit: type=1326 audit(1746502788.780:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.4.106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f075a067969 code=0x7ffc0000 [ 54.463937][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.473121][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.481433][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.488498][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.496834][ T24] audit: type=1326 audit(1746502788.780:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.4.106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075a067969 code=0x7ffc0000 [ 54.509345][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.520059][ T24] audit: type=1326 audit(1746502788.780:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.4.106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f075a067969 code=0x7ffc0000 [ 54.551542][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.559919][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.567000][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.587996][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 54.596934][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 54.604926][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.614316][ T24] audit: type=1326 audit(1746502789.060:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.4.106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075a067969 code=0x7ffc0000 [ 54.638528][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.651708][ T873] device veth0_vlan entered promiscuous mode [ 54.658851][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 54.667465][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 54.675016][ T24] audit: type=1326 audit(1746502789.060:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.4.106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075a067969 code=0x7ffc0000 [ 54.699639][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 54.716031][ T873] device veth1_macvtap entered promiscuous mode [ 54.763357][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 54.771424][ T430] usb 1-1: unable to get BOS descriptor or descriptor too short [ 54.852718][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 54.880282][ T911] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 54.886325][ T430] usb 1-1: config 1 has an invalid interface number: 121 but max is 0 [ 54.905804][ T430] usb 1-1: config 1 has no interface number 0 [ 54.916679][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 55.001600][ T911] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2806: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 55.016460][ T911] EXT4-fs (loop4): 1 truncate cleaned up [ 55.035124][ T911] EXT4-fs (loop4): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota, [ 55.054704][ T289] device bridge_slave_1 left promiscuous mode [ 55.063051][ T289] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.070855][ T289] device bridge_slave_0 left promiscuous mode [ 55.077961][ T289] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.086238][ T430] usb 1-1: New USB device found, idVendor=0582, idProduct=0007, bcdDevice=3e.97 [ 55.095408][ T289] device veth1_macvtap left promiscuous mode [ 55.101416][ T430] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 55.101427][ T430] usb 1-1: Product: syz [ 55.101437][ T430] usb 1-1: Manufacturer: syz [ 55.101454][ T430] usb 1-1: SerialNumber: syz [ 55.145803][ T24] audit: type=1400 audit(1746502789.590:351): avc: denied { create } for pid=910 comm="syz.4.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 55.169997][ T916] erofs: (device loop1): mounted with root inode @ nid 36. [ 55.186570][ T430] hub 1-1:1.121: bad descriptor, ignoring hub [ 55.194513][ T430] hub: probe of 1-1:1.121 failed with error -5 [ 55.220387][ T289] device veth0_vlan left promiscuous mode [ 55.231472][ T24] audit: type=1400 audit(1746502789.640:352): avc: denied { write } for pid=910 comm="syz.4.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 55.439106][ T920] fuse: Bad value for 'fd' [ 55.627124][ T430] usb 1-1: USB disconnect, device number 2 [ 55.716304][ T327] udevd[327]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.121/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 55.834340][ T924] netlink: 'syz.2.112': attribute type 16 has an invalid length. [ 55.917535][ T924] netlink: 'syz.2.112': attribute type 17 has an invalid length. [ 56.018140][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 56.026971][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 56.085617][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 56.104493][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 56.156587][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.175109][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.184514][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.209240][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.527610][ T966] cgroup: syz.2.131 (966) created nested cgroup for controller "memory" which has incomplete hierarchy support. Nested cgroups may change behavior in the future. [ 56.544293][ T966] cgroup: "memory" requires setting use_hierarchy to 1 on the root [ 56.561378][ T966] device veth1_macvtap left promiscuous mode [ 56.675601][ T985] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 56.692562][ T985] device syzkaller0 entered promiscuous mode [ 56.856794][ T1014] 9pnet: Insufficient options for proto=fd [ 56.859183][ T1016] Zero length message leads to an empty skb [ 56.886743][ T1018] hub 2-0:1.0: USB hub found [ 56.893249][ T1018] hub 2-0:1.0: 1 port detected [ 56.903176][ T1020] 9pnet: Could not find request transport: rdma [ 56.967231][ T1026] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57369 sclass=netlink_route_socket pid=1026 comm=syz.0.160 [ 57.027739][ T1012] syz.4.154[1012] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 57.027805][ T1012] syz.4.154[1012] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 57.101265][ T1033] EXT4-fs (loop0): 1 orphan inode deleted [ 57.119463][ T1033] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 57.128579][ T1033] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.269343][ T1065] netlink: 20 bytes leftover after parsing attributes in process `syz.3.176'. [ 57.284339][ T1069] device pim6reg1 entered promiscuous mode [ 57.407479][ T1093] tipc: Started in network mode [ 57.413821][ T1093] tipc: Own node identity ac14140f, cluster identity 4711 [ 57.421909][ T1093] tipc: New replicast peer: 255.255.0.10 [ 57.428466][ T1093] tipc: Enabled bearer , priority 10 [ 57.532347][ T1105] EXT4-fs (loop4): Ignoring removed orlov option [ 57.533563][ T1110] Module has invalid ELF structures [ 57.544804][ T1108] netlink: 148 bytes leftover after parsing attributes in process `syz.0.199'. [ 57.564642][ T1108] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 57.587337][ T1105] EXT4-fs (loop4): mounted filesystem without journal. Opts: nogrpid,noblock_validity,noquota,auto_da_alloc=0x0000000000000004,orlov,,errors=continue [ 57.606571][ T1105] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.673331][ T1126] netlink: 16 bytes leftover after parsing attributes in process `syz.2.206'. [ 57.753848][ T1135] netlink: 24 bytes leftover after parsing attributes in process `syz.4.208'. [ 58.165118][ T1142] ------------[ cut here ]------------ [ 58.171563][ T1142] WARNING: CPU: 0 PID: 1142 at fs/sysfs/group.c:116 internal_create_group+0xe4/0xcf0 [ 58.181125][ T1142] Modules linked in: [ 58.185057][ T1142] CPU: 0 PID: 1142 Comm: syz.2.210 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 58.197174][ T1142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 58.207364][ T1142] RIP: 0010:internal_create_group+0xe4/0xcf0 [ 58.213361][ T1142] Code: 00 74 08 48 89 df e8 db c4 d7 ff 48 8b 03 83 7c 24 1c 00 74 22 48 85 c0 0f 84 ef 0b 00 00 e8 23 de 9d ff eb 20 e8 1c de 9d ff <0f> 0b 41 be ea ff ff ff e9 40 0b 00 00 48 85 c0 0f 84 dd 0b 00 00 [ 58.233085][ T1142] RSP: 0018:ffffc90000e87140 EFLAGS: 00010283 [ 58.239619][ T1142] RAX: ffffffff81c5ba8c RBX: ffff88812a58b098 RCX: 0000000000080000 [ 58.247712][ T1142] RDX: ffffc90001d2d000 RSI: 000000000000a0cf RDI: 000000000000a0d0 [ 58.255706][ T1142] RBP: ffffc90000e87248 R08: dffffc0000000000 R09: ffffed10215c8466 [ 58.263825][ T1142] R10: ffffed10215c8466 R11: 1ffff110215c8465 R12: 1ffff920001d0e38 [ 58.271874][ T1142] R13: dffffc0000000000 R14: ffffffff866337c0 R15: 1ffff110254b1613 [ 58.280069][ T1142] FS: 00007f0794ca86c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 58.289119][ T1142] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.295753][ T1142] CR2: 00005555885c74a8 CR3: 000000010d882000 CR4: 00000000003506b0 [ 58.303802][ T1142] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.312527][ T1142] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.320647][ T1142] Call Trace: [ 58.323970][ T1142] ? rt_mutex_setprio+0xb40/0xb40 [ 58.329044][ T1142] ? sysfs_create_group+0x30/0x30 [ 58.334091][ T1142] ? __kasan_check_write+0x14/0x20 [ 58.339288][ T1142] sysfs_create_group+0x1f/0x30 [ 58.344170][ T1142] loop_configure+0xc2f/0x1260 [ 58.348978][ T1142] lo_ioctl+0x76d/0x1a80 [ 58.353262][ T1142] ? lo_release+0x1f0/0x1f0 [ 58.357828][ T1142] ? 0xffffffffa0028000 [ 58.362005][ T1142] ? is_bpf_text_address+0x177/0x190 [ 58.367329][ T1142] ? __kernel_text_address+0xa0/0x100 [ 58.372724][ T1142] ? unwind_get_return_address+0x4d/0x90 [ 58.378426][ T1142] ? stack_trace_save+0xe0/0xe0 [ 58.383299][ T1142] ? arch_stack_walk+0xee/0x140 [ 58.388188][ T1142] ? __kasan_check_write+0x14/0x20 [ 58.393413][ T1142] ? kobject_get_unless_zero+0x15e/0x1e0 [ 58.399090][ T1142] ? __kobject_del+0x2f0/0x2f0 [ 58.403905][ T1142] ? __kasan_check_write+0x14/0x20 [ 58.409663][ T1142] ? mutex_lock+0x8c/0xe0 [ 58.414007][ T1142] ? mutex_trylock+0xa0/0xa0 [ 58.418672][ T1142] ? bdev_check_media_change+0x350/0x350 [ 58.424364][ T1142] ? __kasan_check_write+0x14/0x20 [ 58.429578][ T372] tipc: 32-bit node address hash set to f1414ac [ 58.435989][ T1142] ? bdev_check_media_change+0x350/0x350 [ 58.441727][ T1142] ? __kasan_check_write+0x14/0x20 [ 58.446902][ T1142] ? _raw_spin_lock+0x8e/0xe0 [ 58.451767][ T1142] ? _raw_spin_trylock_bh+0x130/0x130 [ 58.457221][ T1142] ? __kasan_check_write+0x14/0x20 [ 58.462385][ T1142] ? __kasan_check_write+0x14/0x20 [ 58.467662][ T1142] ? __kasan_check_write+0x14/0x20 [ 58.472797][ T1142] ? disk_unblock_events+0x51/0x60 [ 58.478140][ T1142] ? 0xffffffffa0028000 [ 58.482333][ T1142] ? is_bpf_text_address+0x177/0x190 [ 58.487811][ T1142] ? __kernel_text_address+0xa0/0x100 [ 58.493213][ T1142] ? unwind_get_return_address+0x4d/0x90 [ 58.498929][ T1142] ? stack_trace_save+0xe0/0xe0 [ 58.504361][ T1142] ? arch_stack_walk+0xee/0x140 [ 58.509756][ T1142] ? memcpy+0x56/0x70 [ 58.513759][ T1142] ? avc_has_extended_perms+0x7f0/0xc30 [ 58.519359][ T1142] ? avc_ss_reset+0x280/0x280 [ 58.524047][ T1142] ? kasan_set_track+0x5b/0x70 [ 58.528854][ T1142] ? __kasan_slab_free+0x11/0x20 [ 58.533805][ T1142] ? slab_free_freelist_hook+0xc5/0x190 [ 58.539388][ T1142] ? kmem_cache_free+0x100/0x2d0 [ 58.544325][ T1142] ? putname+0xfe/0x150 [ 58.548507][ T1142] ? do_sys_openat2+0x207/0x6d0 [ 58.553378][ T1142] ? blkdev_common_ioctl+0xf90/0x1a80 [ 58.566234][ T1142] ? blkdev_bszset+0x1e0/0x1e0 [ 58.571045][ T1142] ? do_vfs_ioctl+0x766/0x1510 [ 58.575834][ T1142] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 58.581576][ T1142] ? has_cap_mac_admin+0x330/0x330 [ 58.586745][ T1142] ? __kasan_slab_free+0x11/0x20 [ 58.591697][ T1142] ? slab_free_freelist_hook+0xc5/0x190 [ 58.597308][ T1142] ? putname+0xfe/0x150 [ 58.601493][ T1142] ? kmem_cache_free+0x100/0x2d0 [ 58.606488][ T1142] ? selinux_file_ioctl+0x377/0x480 [ 58.611718][ T1142] ? lo_release+0x1f0/0x1f0 [ 58.616296][ T1142] blkdev_ioctl+0x2d2/0x5b0 [ 58.620819][ T1142] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 58.626347][ T1142] ? __fget_files+0x2c4/0x320 [ 58.631051][ T1142] block_ioctl+0xae/0x100 [ 58.635436][ T1142] ? blkdev_iopoll+0x100/0x100 [ 58.640737][ T1142] __se_sys_ioctl+0x121/0x1a0 [ 58.645462][ T1142] __x64_sys_ioctl+0x7b/0x90 [ 58.650171][ T1142] do_syscall_64+0x31/0x40 [ 58.654601][ T1142] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 58.660578][ T1142] RIP: 0033:0x7f079663f56b [ 58.665011][ T1142] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 58.684938][ T1142] RSP: 002b:00007f0794ca7dc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 58.693434][ T1142] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f079663f56b [ 58.702840][ T1142] RDX: 0000000000000003 RSI: 0000000000004c00 RDI: 0000000000000004 [ 58.711145][ T1142] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000061f [ 58.719611][ T1142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 58.727977][ T1142] R13: 00007f0794ca7ef0 R14: 00007f0794ca7eb0 R15: 00007f078c888000 [ 58.736686][ T1142] ---[ end trace b5f5bb3d4f4b78ad ]--- [ 58.757361][ T1158] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 58.790342][ T1161] netlink: 'syz.0.221': attribute type 15 has an invalid length. [ 58.811689][ T1142] EXT4-fs (loop1048578): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 58.826754][ T1142] EXT4-fs error (device loop1048578): ext4_get_journal_inode:5243: inode #32: comm syz.2.210: iget: special inode unallocated [ 58.840114][ T1142] EXT4-fs (loop1048578): no journal found [ 58.845889][ T1142] EXT4-fs (loop1048578): can't get journal size [ 58.853605][ T1142] EXT4-fs (loop1048578): filesystem is read-only [ 58.860073][ T1142] EXT4-fs (loop1048578): mounted filesystem without journal. Opts: errors=remount-ro,noload,noblock_validity,bsdgroups,nobarrier, [ 58.887474][ T1167] EXT4-fs (loop4): Ignoring removed orlov option [ 58.901393][ T1142] EXT4-fs error (device loop1048578): ext4_lookup:1822: inode #2: comm syz.2.210: bad inode number: 15 [ 58.922527][ T1167] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.220: bg 0: block 248: padding at end of block bitmap is not set [ 58.959914][ T1167] EXT4-fs error (device loop4): ext4_acquire_dquot:6226: comm syz.4.220: Failed to acquire dquot type 1 [ 58.972014][ T1167] EXT4-fs (loop4): 1 truncate cleaned up [ 58.986215][ T1167] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,norecovery,orlov,abort,nombcache,usrjquota=,,errors=continue [ 59.005204][ T1167] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 59.049747][ T1167] netlink: 4 bytes leftover after parsing attributes in process `syz.4.220'. [ 59.070538][ T289] EXT4-fs error (device loop4): ext4_release_dquot:6249: comm kworker/u4:3: Failed to release dquot type 1 [ 59.159158][ T1200] netlink: 16 bytes leftover after parsing attributes in process `syz.1.236'. [ 59.181139][ T1202] syz.1.237[1202] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 59.181202][ T1202] syz.1.237[1202] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 59.280249][ T1194] syz.0.234[1194] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 59.298267][ T1194] syz.0.234[1194] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 59.318892][ T24] kauditd_printk_skb: 233 callbacks suppressed [ 59.318906][ T24] audit: type=1326 audit(1746502793.770:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1193 comm="syz.0.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fdb592969 code=0x7ffc0000 [ 59.368981][ T24] audit: type=1326 audit(1746502793.810:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1193 comm="syz.0.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8fdb592969 code=0x7ffc0000 [ 59.422106][ T24] audit: type=1326 audit(1746502793.840:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1193 comm="syz.0.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fdb592969 code=0x7ffc0000 [ 59.468590][ T24] audit: type=1326 audit(1746502793.840:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1193 comm="syz.0.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8fdb592969 code=0x7ffc0000 [ 59.495278][ T24] audit: type=1326 audit(1746502793.840:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1193 comm="syz.0.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fdb592969 code=0x7ffc0000 [ 59.520582][ T1222] binfmt_misc: register: failed to install interpreter file ./file2 [ 59.520833][ T24] audit: type=1326 audit(1746502793.840:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1193 comm="syz.0.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8fdb592969 code=0x7ffc0000 [ 59.553481][ T24] audit: type=1326 audit(1746502793.840:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1193 comm="syz.0.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fdb592969 code=0x7ffc0000 [ 59.577200][ T24] audit: type=1326 audit(1746502793.840:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1193 comm="syz.0.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8fdb592969 code=0x7ffc0000 [ 59.601556][ T24] audit: type=1326 audit(1746502793.840:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1193 comm="syz.0.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fdb592969 code=0x7ffc0000 [ 59.625142][ T24] audit: type=1326 audit(1746502793.840:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1193 comm="syz.0.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f8fdb592969 code=0x7ffc0000 [ 59.650648][ T1204] SELinux: Context Ü is not valid (left unmapped). [ 59.686254][ T1227] netlink: 'syz.4.248': attribute type 3 has an invalid length. [ 59.698166][ T1227] tipc: Started in network mode [ 59.703433][ T1227] tipc: Own node identity ac14140f, cluster identity 4711 [ 59.710905][ T1227] tipc: New replicast peer: 255.255.255.255 [ 59.717102][ T1227] tipc: Enabled bearer , priority 10 [ 59.980089][ T1255] EXT4-fs (loop4): Ignoring removed oldalloc option [ 59.999403][ T1265] ------------[ cut here ]------------ [ 60.005033][ T1265] WARNING: CPU: 1 PID: 1265 at fs/sysfs/group.c:116 internal_create_group+0xe4/0xcf0 [ 60.015471][ T1265] Modules linked in: [ 60.019652][ T1265] CPU: 1 PID: 1265 Comm: syz.2.266 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 60.027019][ T1255] EXT4-fs (loop4): mounted filesystem without journal. Opts: stripe=0x0000000000000001,noauto_da_alloc,noblock_validity,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,i_version,,errors=continue [ 60.031031][ T1265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 60.062827][ T1265] RIP: 0010:internal_create_group+0xe4/0xcf0 [ 60.069652][ T1265] Code: 00 74 08 48 89 df e8 db c4 d7 ff 48 8b 03 83 7c 24 1c 00 74 22 48 85 c0 0f 84 ef 0b 00 00 e8 23 de 9d ff eb 20 e8 1c de 9d ff <0f> 0b 41 be ea ff ff ff e9 40 0b 00 00 48 85 c0 0f 84 dd 0b 00 00 [ 60.076327][ T1274] 9pnet: Could not find request transport: rdma [ 60.089716][ T1265] RSP: 0018:ffffc90000b97140 EFLAGS: 00010283 [ 60.101809][ T1265] RAX: ffffffff81c5ba8c RBX: ffff88812a58b098 RCX: 0000000000080000 [ 60.110320][ T1265] RDX: ffffc90001d2d000 RSI: 00000000000056fc RDI: 00000000000056fd [ 60.118413][ T1265] RBP: ffffc90000b97248 R08: dffffc0000000000 R09: ffffed10215c8466 [ 60.127698][ T1265] R10: ffffed10215c8466 R11: 1ffff110215c8465 R12: 1ffff92000172e38 [ 60.135745][ T1265] R13: dffffc0000000000 R14: ffffffff866337c0 R15: 1ffff110254b1613 [ 60.143824][ T1265] FS: 00007f0794ca86c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 60.152900][ T1265] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 60.159649][ T1265] CR2: 00007f53783b3bac CR3: 0000000112c03000 CR4: 00000000003506b0 [ 60.167808][ T1265] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 60.175871][ T1265] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 60.185285][ T1265] Call Trace: [ 60.188684][ T1265] ? rt_mutex_setprio+0xb40/0xb40 [ 60.193727][ T1265] ? sysfs_create_group+0x30/0x30 [ 60.198861][ T1265] ? __kasan_check_write+0x14/0x20 [ 60.203999][ T1265] sysfs_create_group+0x1f/0x30 [ 60.208953][ T1265] loop_configure+0xc2f/0x1260 [ 60.213752][ T1265] lo_ioctl+0x76d/0x1a80 [ 60.218102][ T1265] ? lo_release+0x1f0/0x1f0 [ 60.222664][ T1265] ? 0xffffffffa0028000 [ 60.226925][ T1265] ? is_bpf_text_address+0x177/0x190 [ 60.232234][ T1265] ? __kernel_text_address+0xa0/0x100 [ 60.235492][ T1280] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1280 comm=syz.0.273 [ 60.237952][ T1265] ? unwind_get_return_address+0x4d/0x90 [ 60.255844][ T1265] ? stack_trace_save+0xe0/0xe0 [ 60.260757][ T1265] ? arch_stack_walk+0xee/0x140 [ 60.265668][ T1265] ? __kasan_check_write+0x14/0x20 [ 60.270905][ T1265] ? kobject_get_unless_zero+0x15e/0x1e0 [ 60.276590][ T1265] ? __kobject_del+0x2f0/0x2f0 [ 60.281397][ T1265] ? __kasan_check_write+0x14/0x20 [ 60.286553][ T1265] ? mutex_lock+0x8c/0xe0 [ 60.290896][ T1265] ? mutex_trylock+0xa0/0xa0 [ 60.295631][ T1265] ? bdev_check_media_change+0x350/0x350 [ 60.301328][ T1265] ? __kasan_check_write+0x14/0x20 [ 60.306525][ T1265] ? bdev_check_media_change+0x350/0x350 [ 60.312595][ T1265] ? __kasan_check_write+0x14/0x20 [ 60.317922][ T1265] ? _raw_spin_lock+0x8e/0xe0 [ 60.322617][ T1265] ? _raw_spin_trylock_bh+0x130/0x130 [ 60.328131][ T1265] ? __kasan_check_write+0x14/0x20 [ 60.333315][ T1265] ? __kasan_check_write+0x14/0x20 [ 60.338591][ T1265] ? __kasan_check_write+0x14/0x20 [ 60.343724][ T1265] ? disk_unblock_events+0x51/0x60 [ 60.348929][ T1265] ? 0xffffffffa0028000 [ 60.354640][ T1265] ? is_bpf_text_address+0x177/0x190 [ 60.360200][ T1265] ? __kernel_text_address+0xa0/0x100 [ 60.365591][ T1265] ? unwind_get_return_address+0x4d/0x90 [ 60.372082][ T1265] ? stack_trace_save+0xe0/0xe0 [ 60.377030][ T1265] ? arch_stack_walk+0xee/0x140 [ 60.381916][ T1265] ? memcpy+0x56/0x70 [ 60.385973][ T1265] ? avc_has_extended_perms+0x7f0/0xc30 [ 60.398131][ T1265] ? avc_ss_reset+0x280/0x280 [ 60.402873][ T1265] ? kasan_set_track+0x5b/0x70 [ 60.407708][ T1265] ? __kasan_slab_free+0x11/0x20 [ 60.412748][ T1265] ? slab_free_freelist_hook+0xc5/0x190 [ 60.418639][ T1265] ? kmem_cache_free+0x100/0x2d0 [ 60.423977][ T1265] ? putname+0xfe/0x150 [ 60.429346][ T1265] ? do_sys_openat2+0x207/0x6d0 [ 60.434480][ T1265] ? blkdev_common_ioctl+0xf90/0x1a80 [ 60.440368][ T1265] ? blkdev_bszset+0x1e0/0x1e0 [ 60.446697][ T1265] ? do_vfs_ioctl+0x766/0x1510 [ 60.453240][ T1265] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 60.459148][ T1265] ? has_cap_mac_admin+0x330/0x330 [ 60.464295][ T1265] ? __kasan_slab_free+0x11/0x20 [ 60.469675][ T1265] ? slab_free_freelist_hook+0xc5/0x190 [ 60.475375][ T1265] ? putname+0xfe/0x150 [ 60.479980][ T1265] ? kmem_cache_free+0x100/0x2d0 [ 60.484967][ T1265] ? selinux_file_ioctl+0x377/0x480 [ 60.491181][ T1265] ? lo_release+0x1f0/0x1f0 [ 60.495713][ T1265] blkdev_ioctl+0x2d2/0x5b0 [ 60.500288][ T1265] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 60.505872][ T1265] ? __fget_files+0x2c4/0x320 [ 60.510679][ T1265] block_ioctl+0xae/0x100 [ 60.515039][ T1265] ? blkdev_iopoll+0x100/0x100 [ 60.519936][ T1265] __se_sys_ioctl+0x121/0x1a0 [ 60.524665][ T1265] __x64_sys_ioctl+0x7b/0x90 [ 60.529366][ T1265] do_syscall_64+0x31/0x40 [ 60.533863][ T1265] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 60.550809][ T1265] RIP: 0033:0x7f079663f56b [ 60.555276][ T1265] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 60.578757][ T1265] RSP: 002b:00007f0794ca7dc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 60.587691][ T1265] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f079663f56b [ 60.605698][ T1265] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 60.613922][ T1265] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000486 [ 60.622548][ T1265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 60.630757][ T1265] R13: 00007f0794ca7ef0 R14: 00007f0794ca7eb0 R15: 00007f078c888000 [ 60.639546][ T1265] ---[ end trace b5f5bb3d4f4b78ae ]--- [ 60.700143][ T1265] EXT4-fs (loop1048578): encrypted files will use data=ordered instead of data journaling mode [ 60.712324][ T1265] EXT4-fs (loop1048578): invalid inodes per group: 1966082 [ 60.712324][ T1265] [ 60.726300][ T430] tipc: 32-bit node address hash set to f1414ac [ 61.280791][ T1392] ------------[ cut here ]------------ [ 61.289838][ T1383] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.321: bg 0: block 248: padding at end of block bitmap is not set [ 61.299965][ T1392] WARNING: CPU: 0 PID: 1392 at fs/sysfs/group.c:116 internal_create_group+0xe4/0xcf0 [ 61.314417][ T1392] Modules linked in: [ 61.318407][ T1392] CPU: 0 PID: 1392 Comm: syz.2.323 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 61.330411][ T1392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 61.340630][ T1392] RIP: 0010:internal_create_group+0xe4/0xcf0 [ 61.346790][ T1392] Code: 00 74 08 48 89 df e8 db c4 d7 ff 48 8b 03 83 7c 24 1c 00 74 22 48 85 c0 0f 84 ef 0b 00 00 e8 23 de 9d ff eb 20 e8 1c de 9d ff <0f> 0b 41 be ea ff ff ff e9 40 0b 00 00 48 85 c0 0f 84 dd 0b 00 00 [ 61.350920][ T1383] EXT4-fs error (device loop3): ext4_acquire_dquot:6226: comm syz.3.321: Failed to acquire dquot type 1 [ 61.377718][ T1392] RSP: 0000:ffffc90000e97140 EFLAGS: 00010283 [ 61.383810][ T1392] RAX: ffffffff81c5ba8c RBX: ffff88812a58b098 RCX: 0000000000080000 [ 61.391960][ T1392] RDX: ffffc90001d2d000 RSI: 0000000000009dd5 RDI: 0000000000009dd6 [ 61.400083][ T1392] RBP: ffffc90000e97248 R08: dffffc0000000000 R09: ffffed10215c8466 [ 61.408168][ T1392] R10: ffffed10215c8466 R11: 1ffff110215c8465 R12: 1ffff920001d2e38 [ 61.415430][ T1383] EXT4-fs (loop3): 1 truncate cleaned up [ 61.416197][ T1392] R13: dffffc0000000000 R14: ffffffff866337c0 R15: 1ffff110254b1613 [ 61.429725][ T1383] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 61.430038][ T1392] FS: 00007f0794ca86c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 61.439752][ T1383] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.448248][ T1392] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 61.464965][ T1392] CR2: 0000200001000000 CR3: 0000000123e86000 CR4: 00000000003506b0 [ 61.473020][ T1392] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 61.481126][ T1392] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 61.489877][ T1392] Call Trace: [ 61.493276][ T1392] ? rt_mutex_setprio+0xb40/0xb40 [ 61.498376][ T1392] ? sysfs_create_group+0x30/0x30 [ 61.503451][ T1392] ? __kasan_check_write+0x14/0x20 [ 61.508634][ T1392] sysfs_create_group+0x1f/0x30 [ 61.513543][ T1392] loop_configure+0xc2f/0x1260 [ 61.518367][ T1392] lo_ioctl+0x76d/0x1a80 [ 61.522630][ T1392] ? lo_release+0x1f0/0x1f0 [ 61.527187][ T1392] ? 0xffffffffa0028000 [ 61.531353][ T1392] ? is_bpf_text_address+0x177/0x190 [ 61.536691][ T1392] ? __kernel_text_address+0xa0/0x100 [ 61.542128][ T1392] ? unwind_get_return_address+0x4d/0x90 [ 61.547827][ T1392] ? stack_trace_save+0xe0/0xe0 [ 61.552770][ T1392] ? arch_stack_walk+0xee/0x140 [ 61.557688][ T1392] ? __kasan_check_write+0x14/0x20 [ 61.562866][ T1392] ? kobject_get_unless_zero+0x15e/0x1e0 [ 61.568577][ T1392] ? __kobject_del+0x2f0/0x2f0 [ 61.573418][ T1392] ? __kasan_check_write+0x14/0x20 [ 61.578705][ T1392] ? mutex_lock+0x8c/0xe0 [ 61.583063][ T1392] ? mutex_trylock+0xa0/0xa0 [ 61.587731][ T1392] ? bdev_check_media_change+0x350/0x350 [ 61.593391][ T1392] ? __kasan_check_write+0x14/0x20 [ 61.598573][ T1392] ? bdev_check_media_change+0x350/0x350 [ 61.604229][ T1392] ? __kasan_check_write+0x14/0x20 [ 61.609591][ T1392] ? _raw_spin_lock+0x8e/0xe0 [ 61.614298][ T1392] ? _raw_spin_trylock_bh+0x130/0x130 [ 61.619964][ T1392] ? __kasan_check_write+0x14/0x20 [ 61.625117][ T1392] ? __kasan_check_write+0x14/0x20 [ 61.630555][ T1392] ? __kasan_check_write+0x14/0x20 [ 61.635863][ T1392] ? disk_unblock_events+0x51/0x60 [ 61.641395][ T1392] ? 0xffffffffa0028000 [ 61.645584][ T1392] ? is_bpf_text_address+0x177/0x190 [ 61.651251][ T1392] ? __kernel_text_address+0xa0/0x100 [ 61.657059][ T1392] ? unwind_get_return_address+0x4d/0x90 [ 61.662730][ T1392] ? stack_trace_save+0xe0/0xe0 [ 61.668115][ T1392] ? arch_stack_walk+0xee/0x140 [ 61.673002][ T1392] ? memcpy+0x56/0x70 [ 61.677394][ T1392] ? avc_has_extended_perms+0x7f0/0xc30 [ 61.684367][ T1392] ? avc_ss_reset+0x280/0x280 [ 61.690391][ T1392] ? kasan_set_track+0x5b/0x70 [ 61.695247][ T1392] ? __kasan_slab_free+0x11/0x20 [ 61.700456][ T1392] ? slab_free_freelist_hook+0xc5/0x190 [ 61.707869][ T1392] ? kmem_cache_free+0x100/0x2d0 [ 61.713476][ T1392] ? putname+0xfe/0x150 [ 61.717937][ T1392] ? do_sys_openat2+0x207/0x6d0 [ 61.722806][ T1392] ? blkdev_common_ioctl+0xf90/0x1a80 [ 61.728508][ T1392] ? blkdev_bszset+0x1e0/0x1e0 [ 61.733287][ T1392] ? do_vfs_ioctl+0x766/0x1510 [ 61.738308][ T1392] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 61.744147][ T1392] ? has_cap_mac_admin+0x330/0x330 [ 61.750014][ T1392] ? __kasan_slab_free+0x11/0x20 [ 61.755229][ T1392] ? slab_free_freelist_hook+0xc5/0x190 [ 61.760944][ T1392] ? putname+0xfe/0x150 [ 61.765138][ T1392] ? kmem_cache_free+0x100/0x2d0 [ 61.770367][ T1392] ? selinux_file_ioctl+0x377/0x480 [ 61.778360][ T1392] ? lo_release+0x1f0/0x1f0 [ 61.783110][ T1392] blkdev_ioctl+0x2d2/0x5b0 [ 61.788076][ T1392] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 61.793743][ T1392] ? __fget_files+0x2c4/0x320 [ 61.795251][ T1417] netlink: 4 bytes leftover after parsing attributes in process `syz.1.337'. [ 61.798827][ T1392] block_ioctl+0xae/0x100 [ 61.811924][ T1392] ? blkdev_iopoll+0x100/0x100 [ 61.817640][ T1392] __se_sys_ioctl+0x121/0x1a0 [ 61.822435][ T1392] __x64_sys_ioctl+0x7b/0x90 [ 61.827287][ T1392] do_syscall_64+0x31/0x40 [ 61.829172][ T1417] netlink: 12 bytes leftover after parsing attributes in process `syz.1.337'. [ 61.831721][ T1392] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 61.831733][ T1392] RIP: 0033:0x7f079663f56b [ 61.831746][ T1392] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 61.831754][ T1392] RSP: 002b:00007f0794ca7dc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 61.880977][ T1392] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f079663f56b [ 61.889974][ T1392] RDX: 0000000000000003 RSI: 0000000000004c00 RDI: 0000000000000004 [ 61.898209][ T1392] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000054d [ 61.906246][ T1392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 61.914358][ T1392] R13: 00007f0794ca7ef0 R14: 00007f0794ca7eb0 R15: 00007f078c888000 [ 61.922683][ T1392] ---[ end trace b5f5bb3d4f4b78af ]--- [ 61.953791][ T1392] EXT4-fs (loop1048578): Ignoring removed bh option [ 61.961100][ T1392] EXT4-fs (loop1048578): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 61.978515][ T1392] EXT4-fs (loop1048578): mounted filesystem without journal. Opts: inlinecrypt,errors=remount-ro,barrier=0x0000000000000002,errors=remount-ro,data_err=ignore,jqfmt=vfsv1,nodelalloc,grpquota,noload,nouid32,bh,dioread_nolock, [ 62.126304][ T1439] syz.3.345[1439] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 62.126384][ T1439] syz.3.345[1439] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 62.140357][ T1439] ================================================================== [ 62.159737][ T1439] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0x842/0x3280 [ 62.167914][ T1439] Read of size 8 at addr ffff888111caf2c0 by task syz.3.345/1439 [ 62.175630][ T1439] [ 62.177985][ T1439] CPU: 0 PID: 1439 Comm: syz.3.345 Tainted: G W 5.10.236-syzkaller-00012-gab07aeb2c93d #0 [ 62.189179][ T1439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 62.199243][ T1439] Call Trace: [ 62.202679][ T1439] __dump_stack+0x21/0x24 [ 62.207005][ T1439] dump_stack_lvl+0x169/0x1d8 [ 62.211673][ T1439] ? show_regs_print_info+0x18/0x18 [ 62.216863][ T1439] ? thaw_kernel_threads+0x220/0x220 [ 62.222143][ T1439] print_address_description+0x7f/0x2c0 [ 62.227679][ T1439] ? tc_setup_flow_action+0x842/0x3280 [ 62.233124][ T1439] kasan_report+0xe2/0x130 [ 62.237532][ T1439] ? flow_action_cookie_create+0x28/0x90 [ 62.243154][ T1439] ? tc_setup_flow_action+0x842/0x3280 [ 62.248605][ T1439] __asan_report_load8_noabort+0x14/0x20 [ 62.254226][ T1439] tc_setup_flow_action+0x842/0x3280 [ 62.259503][ T1439] ? __kmalloc+0x1a7/0x330 [ 62.263913][ T1439] ? flow_rule_alloc+0x32/0x2c0 [ 62.268754][ T1439] mall_replace_hw_filter+0x293/0x810 [ 62.274116][ T1439] ? pcpu_block_update_hint_alloc+0x8bc/0xc50 [ 62.280169][ T1439] ? mall_set_parms+0x410/0x410 [ 62.285005][ T1439] ? tcf_exts_destroy+0xb0/0xb0 [ 62.289846][ T1439] ? pcpu_alloc+0xf8a/0x16b0 [ 62.294425][ T1439] ? mall_set_parms+0x19d/0x410 [ 62.299283][ T1439] mall_change+0x528/0x750 [ 62.303712][ T1439] ? __kasan_check_write+0x14/0x20 [ 62.308849][ T1439] ? mall_get+0xa0/0xa0 [ 62.312992][ T1439] ? tcf_chain_tp_insert_unique+0xac1/0xc10 [ 62.318885][ T1439] ? nla_strcmp+0xf4/0x140 [ 62.323480][ T1439] tc_new_tfilter+0x13f6/0x1a10 [ 62.328321][ T1439] ? mall_get+0xa0/0xa0 [ 62.332467][ T1439] ? tcf_gate_entry_destructor+0x20/0x20 [ 62.338089][ T1439] ? security_capable+0x87/0xb0 [ 62.342924][ T1439] ? ns_capable+0x8c/0xf0 [ 62.347243][ T1439] ? netlink_net_capable+0x125/0x160 [ 62.352518][ T1439] ? tcf_gate_entry_destructor+0x20/0x20 [ 62.358231][ T1439] rtnetlink_rcv_msg+0x800/0xb90 [ 62.363161][ T1439] ? rtnetlink_bind+0x80/0x80 [ 62.367824][ T1439] ? arch_stack_walk+0xee/0x140 [ 62.372663][ T1439] ? stack_trace_save+0x98/0xe0 [ 62.377499][ T1439] ? stack_trace_snprint+0xf0/0xf0 [ 62.382604][ T1439] ? memcpy+0x56/0x70 [ 62.386585][ T1439] ? avc_has_perm+0x234/0x360 [ 62.391273][ T1439] ? __kasan_slab_alloc+0xbd/0xf0 [ 62.396285][ T1439] ? slab_post_alloc_hook+0x5d/0x2f0 [ 62.401559][ T1439] ? ___sys_sendmsg+0x1f0/0x260 [ 62.406425][ T1439] ? avc_has_perm_noaudit+0x240/0x240 [ 62.411792][ T1439] ? selinux_nlmsg_lookup+0x3fb/0x4a0 [ 62.417175][ T1439] netlink_rcv_skb+0x1e0/0x430 [ 62.421928][ T1439] ? rtnetlink_bind+0x80/0x80 [ 62.426596][ T1439] ? netlink_ack+0xb80/0xb80 [ 62.431176][ T1439] ? __netlink_lookup+0x387/0x3b0 [ 62.436214][ T1439] rtnetlink_rcv+0x1c/0x20 [ 62.440623][ T1439] netlink_unicast+0x87c/0xa40 [ 62.445378][ T1439] netlink_sendmsg+0x88d/0xb30 [ 62.450132][ T1439] ? schedule_preempt_disabled+0x20/0x20 [ 62.455753][ T1439] ? netlink_getsockopt+0x530/0x530 [ 62.460945][ T1439] ? security_socket_sendmsg+0x82/0xa0 [ 62.466393][ T1439] ? netlink_getsockopt+0x530/0x530 [ 62.471588][ T1439] ____sys_sendmsg+0x5a2/0x8c0 [ 62.476359][ T1439] ? __sys_sendmsg_sock+0x40/0x40 [ 62.481369][ T1439] ? import_iovec+0x7c/0xb0 [ 62.485858][ T1439] ___sys_sendmsg+0x1f0/0x260 [ 62.490547][ T1439] ? __sys_sendmsg+0x250/0x250 [ 62.495307][ T1439] ? __fdget+0x1a1/0x230 [ 62.499539][ T1439] __x64_sys_sendmsg+0x1e2/0x2a0 [ 62.504469][ T1439] ? ___sys_sendmsg+0x260/0x260 [ 62.509310][ T1439] ? switch_fpu_return+0x197/0x340 [ 62.514413][ T1439] ? syscall_trace_enter+0x108/0x170 [ 62.519692][ T1439] do_syscall_64+0x31/0x40 [ 62.524133][ T1439] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 62.530018][ T1439] RIP: 0033:0x7ff3158e1969 [ 62.534423][ T1439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.554014][ T1439] RSP: 002b:00007ff313f4a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 62.562421][ T1439] RAX: ffffffffffffffda RBX: 00007ff315b08fa0 RCX: 00007ff3158e1969 [ 62.570401][ T1439] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004 [ 62.578362][ T1439] RBP: 00007ff315963ab1 R08: 0000000000000000 R09: 0000000000000000 [ 62.586322][ T1439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 62.594300][ T1439] R13: 0000000000000000 R14: 00007ff315b08fa0 R15: 00007ffdee393488 [ 62.602262][ T1439] [ 62.604579][ T1439] Allocated by task 1439: [ 62.608912][ T1439] __kasan_kmalloc+0xda/0x110 [ 62.613580][ T1439] __kmalloc+0x1a7/0x330 [ 62.617814][ T1439] tcf_idr_create+0x5f/0x790 [ 62.622396][ T1439] tcf_idr_create_from_flags+0x61/0x70 [ 62.627843][ T1439] tcf_gact_init+0x2b4/0x520 [ 62.632422][ T1439] tcf_action_init_1+0x3e1/0x670 [ 62.637345][ T1439] tcf_action_init+0x1e6/0x700 [ 62.642096][ T1439] tcf_exts_validate+0x215/0x510 [ 62.647019][ T1439] mall_set_parms+0x4b/0x410 [ 62.651600][ T1439] mall_change+0x45c/0x750 [ 62.656003][ T1439] tc_new_tfilter+0x13f6/0x1a10 [ 62.660840][ T1439] rtnetlink_rcv_msg+0x800/0xb90 [ 62.665763][ T1439] netlink_rcv_skb+0x1e0/0x430 [ 62.670511][ T1439] rtnetlink_rcv+0x1c/0x20 [ 62.674920][ T1439] netlink_unicast+0x87c/0xa40 [ 62.679705][ T1439] netlink_sendmsg+0x88d/0xb30 [ 62.684463][ T1439] ____sys_sendmsg+0x5a2/0x8c0 [ 62.689241][ T1439] ___sys_sendmsg+0x1f0/0x260 [ 62.693912][ T1439] __x64_sys_sendmsg+0x1e2/0x2a0 [ 62.698838][ T1439] do_syscall_64+0x31/0x40 [ 62.703245][ T1439] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 62.709118][ T1439] [ 62.711540][ T1439] The buggy address belongs to the object at ffff888111caf200 [ 62.711540][ T1439] which belongs to the cache kmalloc-192 of size 192 [ 62.725601][ T1439] The buggy address is located 0 bytes to the right of [ 62.725601][ T1439] 192-byte region [ffff888111caf200, ffff888111caf2c0) [ 62.739216][ T1439] The buggy address belongs to the page: [ 62.744863][ T1439] page:ffffea0004472bc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x111caf [ 62.755083][ T1439] flags: 0x4000000000000200(slab) [ 62.760104][ T1439] raw: 4000000000000200 ffffea0004440e40 0000000500000005 ffff888100043380 [ 62.768680][ T1439] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 62.777248][ T1439] page dumped because: kasan: bad access detected [ 62.783648][ T1439] page_owner tracks the page as allocated [ 62.789364][ T1439] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 107, ts 5180192875, free_ts 0 [ 62.804361][ T1439] prep_new_page+0x179/0x180 [ 62.808978][ T1439] get_page_from_freelist+0x2235/0x23d0 [ 62.814598][ T1439] __alloc_pages_nodemask+0x268/0x5f0 [ 62.820127][ T1439] new_slab+0x84/0x3f0 [ 62.824182][ T1439] ___slab_alloc+0x2a6/0x450 [ 62.828757][ T1439] __slab_alloc+0x63/0xa0 [ 62.833075][ T1439] kmem_cache_alloc_trace+0x1b3/0x2e0 [ 62.838434][ T1439] kernfs_fop_open+0x343/0xb30 [ 62.843205][ T1439] do_dentry_open+0x793/0x1090 [ 62.848044][ T1439] vfs_open+0x73/0x80 [ 62.852011][ T1439] path_openat+0x27ad/0x3160 [ 62.856676][ T1439] do_filp_open+0x1b3/0x3e0 [ 62.861164][ T1439] do_sys_openat2+0x14c/0x6d0 [ 62.865822][ T1439] __x64_sys_openat+0x136/0x160 [ 62.870850][ T1439] do_syscall_64+0x31/0x40 [ 62.875256][ T1439] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 62.881127][ T1439] page_owner free stack trace missing [ 62.886594][ T1439] [ 62.888905][ T1439] Memory state around the buggy address: [ 62.894696][ T1439] ffff888111caf180: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc [ 62.902760][ T1439] ffff888111caf200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 62.910825][ T1439] >ffff888111caf280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 62.918883][ T1439] ^ [ 62.925020][ T1439] ffff888111caf300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 62.933066][ T1439] ffff888111caf380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.941111][ T1439] ================================================================== [ 62.949154][ T1439] Disabling lock debugging due to kernel taint