last executing test programs: 34.54413413s ago: executing program 3 (id=324): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x41, 0x2}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1, 0x1}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000380003803400008028000180230001"], 0xf0}, 0x1, 0x0, 0x0, 0x80}, 0x0) 34.431486332s ago: executing program 3 (id=326): rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8) r0 = gettid() timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r0}, &(0x7f0000044000)) timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000b28000)=0x3) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000380)={'wpan0\x00', 0x0}) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), r4) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x38, r6, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_SEC_LEVEL={0x1c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4840}, 0x800) fcntl$setsig(r2, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r3}], 0x2c, 0xffffffffffbffff8) dup2(r2, r3) fcntl$setown(r2, 0x8, r1) timer_create(0x3, 0x0, &(0x7f0000044000)=0x0) timer_settime(r7, 0x1, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) tkill(r1, 0x13) 34.326232294s ago: executing program 3 (id=330): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) r1 = socket$netlink(0x10, 0x3, 0x0) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x1000) mount$cgroup(0x0, 0x0, 0x0, 0x80080, 0x0) sendmsg$nl_route(r1, 0x0, 0x4000004) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_enter\x00', r2}, 0x18) futimesat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f0000000580)) 34.240432455s ago: executing program 3 (id=333): syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000001c0), 0xfe, 0x25e, &(0x7f0000001000)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r1, &(0x7f0000004200)='t', 0x1) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000020000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b\x00'], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000040), &(0x7f0000000080)=r5}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone3(&(0x7f0000000580)={0x400, 0x0, 0x0, 0x0, {0x30}, 0x0, 0x0, 0x0, 0x0}, 0x58) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000700)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r6}, 0x10) setfsgid(0xee00) io_cancel(0x0, 0x0, 0x0) set_mempolicy_home_node(&(0x7f0000146000/0x1000)=nil, 0x1000, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) write$P9_RLCREATE(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0xf, 0x1, {{0x10, 0x2, 0x7}, 0x400}}, 0x18) r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r7, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port1\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x2, 0xfe}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r7, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x22, 0xe1d9, 0x1101, 0xff}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='kfree\x00', r2, 0x0, 0x9}, 0x18) sendfile(r1, r0, 0x0, 0x7ffff000) 34.016589229s ago: executing program 3 (id=337): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'macvlan1\x00'}) r3 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x41, 0x553, &(0x7f0000000c80)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) close_range(r3, r1, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x2, 0x11, r5, 0x0) ftruncate(r4, 0x2007ffc) r6 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'}) r7 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000000)={@empty, @remote, 0x0}, &(0x7f0000000040)=0xc) recvfrom$inet(r4, &(0x7f0000001200)=""/4096, 0x1000, 0x142, &(0x7f0000000200)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10) sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="484b9900000003002dbd7000fddbdf2507000000b26aa14fb895b9f355334b72bb985096b469131b261c5b8e962de9e92d16f92a37f3aa222948ac7feac57500000000", @ANYRES32=r8, @ANYBLOB="0c00018005000600800000000c00018008000100000003000c00018005000300000000000c0001800500030001000000"], 0x48}, 0x1, 0x0, 0x0, 0x24000804}, 0x10) 33.422476368s ago: executing program 3 (id=342): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_switch\x00', r1, 0x0, 0xa}, 0x18) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2) sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc000000000010800020005000000140006"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000) r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x112) fcntl$setlease(r4, 0x400, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$TIOCEXCL(r4, 0x540c) 33.422039398s ago: executing program 32 (id=342): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_switch\x00', r1, 0x0, 0xa}, 0x18) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2) sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc000000000010800020005000000140006"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000) r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x112) fcntl$setlease(r4, 0x400, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$TIOCEXCL(r4, 0x540c) 2.847203694s ago: executing program 5 (id=859): r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRESOCT=0x0, @ANYBLOB="2cabc36aaf5b094d0eb8bfaf36487a75cf657309c68736d22e10ec05aa3826686aa23fc8794ac574808292640bca2de98fcb7e197b83e87aed411abb91b895f69f3deeeea32117d6fc68060ab9f1a3e7b8a955", @ANYRES16=r3, @ANYBLOB="ae1536a57da6a1855a11e668f3d0236717878c3449a64221167e725801716cf1fbbd580e58d74c5a187eb897b8", @ANYRESDEC=r2, @ANYRESHEX=r0, @ANYRESDEC=0x0, @ANYRESDEC=r1, @ANYRESOCT=r4], 0x48) setreuid(0x0, 0xee01) setrlimit(0x40000000000008, &(0x7f0000000000)) r5 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f00000001c0)={0x200000000000001}, 0x8) sendto$inet6(r5, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES16], 0x48) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080)) mount$9p_tcp(0x0, 0x0, &(0x7f00000006c0), 0x8010, 0x0) 2.809370755s ago: executing program 5 (id=861): r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) faccessat2(r0, &(0x7f0000000040)='\x00', 0x1, 0x1300) 2.767152656s ago: executing program 5 (id=862): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$inet(0x2, 0x2, 0x1) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x20004010) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x5}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) rt_sigqueueinfo(0x0, 0x1b, 0x0) r4 = getpid() bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000840)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000400000000000000000000030000000003000000020000000000000000000000000000010500000020000000020000000000000c0000000000002e"], 0x0, 0x50}, 0x20) r5 = socket$nl_route(0x10, 0x3, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) bpf$TOKEN_CREATE(0x24, &(0x7f0000000540)={0x0, r0}, 0x8) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000080000000000000000000850000007d00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r8, &(0x7f0000000900)=[{{&(0x7f0000000240)={0xa, 0x4e24, 0x9, @dev={0xfe, 0x80, '\x00', 0x14}, 0x6}, 0x1c, &(0x7f0000000680)=[{&(0x7f0000000280)='Q', 0x1}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x4e23, 0xa2cc, @local, 0xf}, 0x1c, &(0x7f0000000880)=[{&(0x7f0000000080)="5cc46bb7a43c", 0x6}, {0x0}, {0x0}], 0x3}}], 0x2, 0x4000840) shutdown(r8, 0x1) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r8, 0x84, 0x19, &(0x7f00000009c0)={0x0, 0x4}, 0x8) ptrace$ARCH_GET_UNTAG_MASK(0x1e, r4, &(0x7f0000000500), 0x4001) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r7}, 0x10) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'team0\x00', &(0x7f0000000440)=@ethtool_coalesce={0xf, 0xb, 0x7, 0x100, 0x8, 0x0, 0x2, 0x7f, 0x3, 0x1, 0x5, 0x1, 0x0, 0xffff, 0x4e9e, 0x3, 0x80000, 0x8d, 0x80000001, 0x6, 0x8, 0x8, 0x6}}) sendmsg$nl_route_sched(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}}, 0x0) sendmsg$inet(r1, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x5a}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000) 2.684443907s ago: executing program 5 (id=864): rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8) r0 = gettid() timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r0}, &(0x7f0000044000)) timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000b28000)=0x3) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000380)={'wpan0\x00', 0x0}) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), r4) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x38, r6, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_SEC_LEVEL={0x1c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4840}, 0x800) fcntl$setsig(r2, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r3}], 0x2c, 0xffffffffffbffff8) dup2(r2, r3) fcntl$setown(r2, 0x8, r1) timer_create(0x3, 0x0, &(0x7f0000044000)=0x0) timer_settime(r7, 0x1, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) tkill(r1, 0x13) 2.596858368s ago: executing program 5 (id=867): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) read(r0, &(0x7f00000003c0)=""/4096, 0x1000) 1.85988518s ago: executing program 1 (id=889): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x6}, 0x18) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000600000000000000", @ANYRES32, @ANYBLOB="000095468bd100000000000000000400002000006bb70225c449ce0000109498b08a84492ef39261d7f17b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x25, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000340)='fdb_delete\x00', r2}, 0x18) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000340)='fdb_delete\x00', r3}, 0x18) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0x2}, 0x18) r6 = socket(0x10, 0x3, 0x9) connect$netlink(r6, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="14000000100001000000006d5ad04364a5e4340a14"], 0x28}}, 0x0) 1.84593223s ago: executing program 1 (id=880): close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x401, 0x0, 0x0, 0x1f00, 0xe, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x360, 0x1c0, 0xffffffff, 0xffffffff, 0x1c0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xc8, 0x60030000, {0x0, 0xff000000}}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1a0, 0x1c8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x1300, 0x4, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff, 0xfd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0) syz_open_dev$usbfs(0x0, 0x2, 0x200000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sync() r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]}) r4 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r4, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10) listen(r4, 0xa) r5 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000fcffffff000000000000000018110000", @ANYRES32], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r6}, 0x18) close_range(r3, r5, 0x0) 1.721171932s ago: executing program 5 (id=883): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, @perf_config_ext={0x0, 0x1}, 0x18208, 0x3, 0x0, 0x0, 0x1000, 0x0, 0x3}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=@newlink={0x3c, 0x10, 0x437, 0x70bd2b, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x6}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0) io_setup(0x2, &(0x7f00000011c0)=0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x23, &(0x7f0000000100)=0x7, 0x4) setsockopt$sock_attach_bpf(r6, 0x1, 0x10, &(0x7f00000003c0), 0x4) setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000004080)=0x99, 0x4) recvmsg$unix(r6, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x12}, 0x0) syz_usb_connect$uac1(0x0, 0xa6, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0}) io_submit(r5, 0x2000000000000326, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, r4}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f00000001c0)='m', 0xfffffdfc}]) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) socket$inet6_tcp(0xa, 0x1, 0x0) 900.581585ms ago: executing program 1 (id=906): r0 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r0, &(0x7f0000001240)=""/102400, 0x200000, 0x0) 813.330527ms ago: executing program 1 (id=911): r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) faccessat2(r0, &(0x7f0000000040)='\x00', 0x1, 0x1300) 769.514518ms ago: executing program 1 (id=914): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1fff}]}) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r2, 0x400, 0x1) link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 753.817758ms ago: executing program 1 (id=917): close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x401, 0x0, 0x0, 0x1f00, 0xe, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x360, 0x1c0, 0xffffffff, 0xffffffff, 0x1c0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xc8, 0x60030000, {0x0, 0xff000000}}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1a0, 0x1c8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x1300, 0x4, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff, 0xfd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0) syz_open_dev$usbfs(0x0, 0x2, 0x200000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sync() r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]}) r4 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r4, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10) listen(r4, 0xa) r5 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000fcffffff000000000000000018110000", @ANYRES32], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r6}, 0x18) close_range(r3, r5, 0x0) 493.603242ms ago: executing program 2 (id=925): r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) faccessat2(r0, &(0x7f0000000040)='\x00', 0x1, 0x1300) 462.459823ms ago: executing program 2 (id=927): r0 = socket$inet(0x2, 0x2, 0x1) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'team0\x00', &(0x7f0000000440)=@ethtool_coalesce={0xf, 0xb, 0x7, 0x100, 0x8, 0x0, 0x2, 0x7f, 0x3, 0x1, 0x5, 0x1, 0x0, 0xffff, 0x4e9e, 0x3, 0x80000, 0x8d, 0x80000001, 0x6, 0x8, 0x8, 0x6}}) sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x5a}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000) 455.997323ms ago: executing program 2 (id=929): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r2, 0x400, 0x1) link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 395.085114ms ago: executing program 2 (id=931): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x100000, 0x0, 0x0, 0x40f00, 0x14, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x109}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r0}, 0x18) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/5, 0x204000, 0x1000}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4) bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x4, r3, 0x2e}, 0x10) 361.422984ms ago: executing program 4 (id=932): bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18) syz_read_part_table(0x59d, &(0x7f00000005c0)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ") 332.156925ms ago: executing program 0 (id=933): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x4, 0x7ffc1ffb}]}) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f00000002c0)={@initdev, 0x0}, &(0x7f0000000300)=0x14) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x101, 0xffffffff, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) iopl(0x3) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, 0x0, 0x0) creat(&(0x7f0000000280)='./file1\x00', 0xecf86c37d53049cc) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$inet(0x2, 0x4000000805, 0x0) listen(r1, 0x7) 311.757415ms ago: executing program 0 (id=934): r0 = mq_open(0x0, 0x42, 0x0, 0x0) mq_timedsend(r0, &(0x7f0000000600)="6d12483bb95dab4da2bccb9a5c51f7769b4aa2ed6f00bcfff2058843f7de72fa8f9dd7572991db9f2968c67d150dbd80321f91c14a7705c3d6e2292f74d074e24cdfdc28da61b60db4ac67a81c04430dd72555dcebe8193594b8fe29718d5781fe3f418379dab48089b86edc4facdbc388e30fdfabe867722b348dcfbff8f7745bb98584b3384eb1b1c541d05427c4e5c33b3692ebf599d4a179bcd27271d55e4a38ac7be3cae3e85eddbdcf574ac462df22b6b2242245f32d5826de908a96ea66331cad4d0ff094f552e118ee643f2f12f854c32d4e548bd82a69c4102bc516a41a52436f6dfd80133de801fdc8e75276c631f041d86269f2ba0791e8119868816c1fe9c78654919d6dcce67a5f32b77575867f43f76e99108bf9ee3fd550cc18f8bee8505da7ea8fe0a3a9e40c01be1d39435821c5f52cf39a7d5558f278b01be298e5460d3ebf011345ed0030603f767fe44876fdf1cb172a4cbfb2f7784ac61c4786a147b6d446eaf46d5b26c6b85580ba4913fc12a443d8dcf05d08513ae01a7f489826fdc8bff83c1708ebbc060aa72d25e6ce21521799bd37c34fdad973fd7e17070b7783bf341fc079c6b0c9811388430c84540d8d544d1887b73e3a9d2625358be4b09128ee7f8d2dacf2d9704b9143c0341568d1e39429e1d442d21878c87271e66651e12d077b8dd49c0bf285097e261a5116b91036368265c1c5b74353bb42ff4936e27a20c48dea290685b09c2e5baa29dbeb790969f793692fb112c973329236f30bd29c39ee6104e1e0ccd1f855e5837d156c83834661a2aa8929ad78c025413179d880ee905d0b1ee1c9c3eacb63ac807a6ce73d492502ce52beba9ea5214a9387e2c5a810a96e14956809b6865e46a9d9ce2deb4cce2155562dd7e3daef9b3c0c0a55f1fe1a89835971dbc9c09ee9d4abe827b0e87dcd08e5e7cf08869cdcd6fe7f42d93c075db2fec9d96aff21410c3cbd5d904ed147af08c297011ec105dec6fb319cc5637ac71dac05d01ef356dcc6b6bd3f8625204d92f6d0447c0ee5c72d13b4e951a5ba060d4e0ab4680bba08ca9e0079ed6332e6449e01ec480903b0f377e08e8146c8a1e86df678dd88f3768e0958b04f24d58f39a15ee93e4b3e1e2dcd91f8cd36c37b2806d5f7c1871d0e1d7496ac64b377a8fb32104166536597bbfd6d814b2eb41970ba1aef50238e34ec8069690029c58c8a01b28b711ff44aed4652629c7cdc7843d83efe9514bb5b1f80d1047e6075870c53505a142e48d6897d7811f84d8c3e8f9985f9a9d01c8fd68960aee376caa465f25622d7ff5deae8f0d628e048bc4387ca3046067768f3014a3ef4d1b55123ce45507ab1b6f587f6302bb9b715899d2fc20cabfd306549b6a2ec8ea5169e5be19cf59ef71cbb16d402cdc62a422b2bf5c01bb6139e60fd61ea4b77382c7e2e038c6511bfe08f7a3cea5e793f9e2cb4facce20e719d179104418f6745bf8065c70da3815c8e1a1b650d96865c41fd45dbcae51e1d54b41002c2f673cd1008dbf3f17847dd28d8fe3c24ef238000be692e05b0365cb7691fa8f134efe70df46b5cc4765def995971ae0c45f653292f4a3c26300e359afbe0c4f7b049f505ab8e8a0d4c7090cc07c62dbcb9bf6682425553de4ca63f98ac5d420d01bf729bf815683d11451eea0295675778f00bef94ac6e29dd2285847fd857cf2d204de3170e024169d568500befd5c6f34e9d3fcae78bd8fcd6d8f85fcf56241c7787d86bdfca06a6e69b996d72530c94eaa82e99f8ccbd66b53ce0f066fffcb3b643f84a1112c4c8a153ef745f7da3c4887f95de7df8dcf6653200eccb389a7aad4a874d347791cd00cf767bdd8d36de55cbc0879e11cddec175b36be0d1224d1dab7d8f8f3bab0f622d031be123b6ab48188716162afea5e0529830a39c3c9edc86b3e6020830f2f94060685d96887fb536afaedcd9523c53e5e210e87a07bc941b29b968ec9b0f6e5a74b929ad56ef7e80b981d39460040df8aedb253bc4681e72de2b3e886320b2f9a52f675bb08e4dee27b468d0822d6269ad1eee16d1c1781ad17b1fae21b44e427ace6d1fa932ca9c295c5ae74140ffea23ac2b70a6ca71af12c6d63adc32110521cee84dce3514c51417fa794fff4fb7b72844fbb3ba786173d3ffea23e03eb49acbd957d52494ffff3cd2dc420ace19bbe375aabb97953dd1b8adc24856a81b2888e2fb635332c2d4257cf6833ccb3135c0327f79c4846b691b693b066cd5de30ca40e29fe8775fd6a8844f566223008d017ccb6f2ee47496b61aa2900f64c1e2136c8dfbb6dd7ab368e0cfeb3e639657f16d9f26f0c575b61476ea7cd499e2fffe75f6118d19d6186e9433d1b92dc30e84bceba4c9bd8e889575c50da8e236d0ad184a2ae7e91e31485a44389a7c6a63c4d7588fa0755ae292102c46df1cfcc21eccfa5bc815a2491cb845de2feae93d5a9365cff327d048b7e66733b1d1cbf1eadae7296631f3f1681ab5878272a9b17e11f64e8ea8afbd297f388b951e39b94d909c74a4c667f6204128c84566c2347222a984f67177160e3f144518721f25aab93c9d0a34d407b84485bf1f2fa07af7de0617dbda0b2eb3ef839d6ad8649fa7133e14646cb30462e827a1bba8b6cf97c93c95552c70aae8ba4918f8b51275ed7e1f90f7ae7a5313aff699f54265adad4b0608a90165c8e7df729ceb0eda12357ea37e7bbb86fc542544c93d494d4edfd098432e389666a8a93f4333e630deefa87397ece144a59fbf736aeefb7b66744954e8076e9d0534508a3631dbdcd2c15b5fd844d62409bf6c63699ac5ff0cab98d4b7f0e33e5cb20853554c895ea26607e9554d74e1511c4c476c41aa7fa717259e5048d80f1f30f07dd5397c17d818dac1849b7ccf6425fa0265edfecb58a763615dedbe98e215ce63dd1688e191a191ccdb4e939bd370f68054440296cb511b5f070fb9479bdef321b7d124506f6345ac3c2ca0ef22292d3f83ec21908de3a3c7f98cc5e086034d0b08df704382a8ee9f6129542cac7dc5fd54e71270f5ea9739b625347f3200d6f74d41106aed8fa8af5a3a6cd58a44de62af681d449a44b5f86702e625a1658f2bb09e1c7a178ec27081bb8e0f3febf700a1663374325bbb17a17c6178fbc0424f83cfafdd8ed301450bc6822105e6033bc999c833ce3f60814f9db98c3880aae837027cc4fd82a1aa61d1c7fbacf0e5da0c820f97e35f52abb212dcfd77c7e159ef4f777a2cbf61508539660a577974291852a3dfdcb0706961faf65f62745240e281e9c1ea25a2bf29729008b59b5bac92c8ffc53b240761c0021edb53bad82a322510f480a53945c63803abb0b5947aa32a7ad5cf8059933ae4dc5d18a261b8d4a126dadd1d7f186cc0f3bc00c82c15516ea2a4b5a5517395d2a16a3beb920b16c706381bae273443ebfa3c37778596177de18a62cb96c08a35459a897ac87bcd87cdbcecae83c95cd4b5eb878a8d31e75955eb11e0cb58c6ad2b39f8f9350ff95778a961b07b4b0e4ff6b58caab6db44c6345c8ad9da0aef0c2b4a09e459a027d774da684ce2defd0b23b6e15ec573268050cba4cd1be4d899672ea3562f280df3b3ee878bd2e9989357829c363b4b47eacadeee76144957f4d76c3ea703aa5bf32f75a0370f49ae371f001eced8bbdaa781f66c83f959af0cb0ecbabeeeb0f91c26a22b430d5cae34e470f79f01446cdca5b70ba6448a8d9e4722dba03369b3204253eea942de2fb7b4408212a4c6a5d36c7e82417edd052a59d6d1ce2b0a2bd94f334647712cc2296e75db316be650195dd28a360e2e44fd32951b2b983d673bce51eea778d2ed2a2468c3b6b94b67ee175aa08f757d5522b43cefd5969511579cd79300802c811adad7b6bdf789f70bc76e94f8ea317043cf29b562a2041c553122ec338834455be1b68fe7470808451b0e1f1d444ae1e430c51c718a751142fa675a663e9d9f66a8a6199b56d18e4167e54942a37366fa0b5242de86bf1af6c758b2f0bb1f0fda16dc5241e3cc442326fdb501b95fe768c45781c8b60fbe576c7e790e2d5a2a76085cdca098fb3209b30a017eefbf6f8b315b38d8f8f194e456d1776cf6c9c4f4a99e9b50ca4bbc57ff1f035f13a3d8261617b5d55387488f9456a32400a84f95320e722c7abed22b9f8b574da8322fe104c12fb35c9d0c600dde78c47cd46647a8e24aafa53c68e2119ed1473bb3b7c9873d0a256e8eec8dc9f57820a7e23d49deb4041beae704b3fb527ce57316ff238515c248c80d51fd44e31dbb2d2e1d6b8007a03bf9b981fee094ee82f413698af66a3057621490d60207bca2e7a11e96cfb850a9a371ce672d0c4826be044acaa0a0a04fab4f2807eac896c48db2c35caf97fdf8bacb854f5351328cfbab2c3b251fc0abe20ba4b8fe8f4a98dfb76a0b1ea6b6463bdd900e23114c94f205f492a4acb30cc8a6efe6f73a96d3688853c60dce92732440db5ec245478bb64ebe9b60e7469ffb253febcda05613a8c1dbf72634e68d912e2fc98501d99c7dafb50081edcc60dc74daf9cecbcf65aa57661451fc6131f8c879b2181984bc4e0973ad6984837e19595caa35ff4713266b6a6c090a50afeb1461590c4c36f7fead0c9620af82302616c154e74199ee11353f6e9861472e2f1826afd0ce1a2ce9712b50019b32397960f54f4fce3c6655e13d8ef3ba20eaa3ca03a831a39732203dc3d2d3bf8de63fb4c96b3ec10cc852401f25a2575e98d9a25bf0767fc180f6fef5928565fa9ffdd620b6713f85bbc140060df1b50607b4eb51c0c71dac8ee2c19b9bd03b1840bb4d1f8a767d788a31926c9c39be4709dd57e856cb417d3947ce825f194fac18323f36a3b7743603abc628d477b3292a6b3f4965e882a110728f2a9f4fa8fd9d9d50859c48fe0f07f6a826bd5c5d8d645c0f7d8d03cf49be2419e2986f8ad55a228cacd0838f867a8612fd1c4b04d54dc9d5b05cc9395f5bb7fe918083bedfa33734a3f6afaf70379f4d423fa592dcfdeef84161df3f8f42204116442fc815a3cb3c79348d489296014fb8d4334c4ad776e14207ed2115781a0caac4cbfddf8f788f58cd9da9c33f145d87a187d7db78ce4368c5bdbba67fde5264a53a65a027a52aa09fd4943aeeae146a769a26a0f3597fd5004b60c179ce2bcafc78220d691c44c153c883bf942f01586b5321e4bbb28ab44d97bea3368f7c5d0c3dda0ef359065fd31f62060beb0b2a31f7164867e4b78f89f5ea0131aed7014ef3385f0b350ff847f4321b81c7dc9a484605ee397a2d5ea8ad9593020cea3acb6a106a560b4bf675c89aa3b14678dfef6602fdfa9afeeb6f16cb1b3cc944ad5d0492a3d07308c07dfc204c071d92f6b8b5694c70d166fe29f7894ceee7554dc32c71f3b971c8f20f2cafa4399a8755684090f90e6b45ee924d1205e0a075fd2259b6ca6430d28c780735353be38578b3cf1badcba4dae86419d4a0c1ec21f4a7510a08018e90974f0757aab8b51dc0fc068193d040cbd9706eeec02360da646b11cc5f1a544ecf24ce87c7165a0cb9bdb6990db03320ecf2f65fb6dfd1f3d32b2ae10723707cf5f30ea387f677aea100649c72e795b5f7d652e0e2fd0ae19eaf96f1b6453d056e01c97aa5c271b5e5f303fa4013f686cfbf64a1c1fe4263786b835e46a98699b8d5262520c4947987748ab21a48aef3", 0xfd1, 0x6, 0x0) mq_timedreceive(r0, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0) 267.700686ms ago: executing program 2 (id=935): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r2}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) ustat(0x3, &(0x7f0000000000)) 266.699686ms ago: executing program 4 (id=936): r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRESOCT=0x0, @ANYBLOB="2cabc36aaf5b094d0eb8bfaf36487a75cf657309c68736d22e10ec05aa3826686aa23fc8794ac574808292640bca2de98fcb7e197b83e87aed411abb91b895f69f3deeeea32117d6fc68060ab9f1a3e7b8a955", @ANYRES16, @ANYBLOB="ae1536a57da6a1855a11e668f3d0236717878c3449a64221167e725801716cf1fbbd580e58d74c5a187eb897b8", @ANYRESDEC=r2, @ANYRESHEX=r0, @ANYRESDEC=0x0, @ANYRESDEC=r1, @ANYRESOCT=r3], 0x48) setreuid(0x0, 0xee01) setrlimit(0x40000000000008, &(0x7f0000000000)) r4 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f00000001c0)={0x200000000000001}, 0x8) sendto$inet6(r4, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES16], 0x48) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080)) mount$9p_tcp(0x0, 0x0, &(0x7f00000006c0), 0x8010, 0x0) 266.528516ms ago: executing program 0 (id=945): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x100000, 0x0, 0x0, 0x40f00, 0x14, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x109}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r0}, 0x18) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/5, 0x204000, 0x1000}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4) bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x4, r3, 0x2e}, 0x10) 206.564717ms ago: executing program 0 (id=937): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000800000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000001240)='kmem_cache_free\x00', r2, 0x0, 0x7}, 0x18) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r3 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r1, &(0x7f00000016c0)={@val={0x8, 0x800}, @val={0x0, 0x0, 0x6, 0x0, 0x14, 0x7}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0x2a, 0x66, 0x0, 0xb, 0x4, 0x0, @rand_addr=0x64010120, @broadcast}, "3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0d"}}, 0x38) 205.741997ms ago: executing program 4 (id=938): r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) faccessat2(r0, &(0x7f0000000040)='\x00', 0x1, 0x1300) 188.240737ms ago: executing program 2 (id=939): r0 = memfd_create(&(0x7f0000001040)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1\x8c.?}jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2) write$binfmt_script(r0, &(0x7f0000000300)={'#! ', './file0'}, 0x17) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000001680), &(0x7f0000001340), 0xede8, r1}, 0x38) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x8004, &(0x7f0000000080)={[{@discard}, {@bh}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi") r3 = open(&(0x7f0000000040)='./file0\x00', 0x42c842, 0x182) pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)='\x00', 0x1}], 0x1, 0x7800, 0x0, 0x3) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r4 = msgget$private(0x0, 0x790) msgsnd(r4, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x64, 0x1, 0x0, 0x0, 0x0, 0x210e, 0xc0002, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b80, 0x2, @perf_bp={&(0x7f0000000040), 0xe}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r6}, 0xe) request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Di', 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x3) pread64(0xffffffffffffffff, &(0x7f0000001240)=""/102400, 0x200000, 0x0) 113.154758ms ago: executing program 4 (id=940): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000000)={@private1, 0x0}, &(0x7f0000000080)=0x14) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r3}, 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r4, 0x400, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) close(r4) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) 112.510408ms ago: executing program 4 (id=951): r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) faccessat2(r0, &(0x7f0000000040)='\x00', 0x1, 0x1300) 64.726229ms ago: executing program 0 (id=941): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) syz_open_procfs$pagemap(0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2}, 0x94) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) lsetxattr$security_ima(0x0, &(0x7f00000000c0), 0x0, 0x0, 0x1) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59) connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000840)=@gcm_128={{0x303}, "004029a1b4950d5b", "0106d79bb1c219ef5dd08dd200", "192a95bf", "f31445eddb841aa3"}, 0x28) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x304}, "2bd8eea5889fda5c", "5cb4608a40090a35aa66d6e1ff5ac8f5", "c6006004", "000000000000001f"}, 0x28) sendto$inet6(r0, &(0x7f0000000280)='S', 0x1, 0x8000, 0x0, 0x0) close(r0) 64.458699ms ago: executing program 4 (id=942): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) r2 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x3, 0x5, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000180)='cpu|=0!|!') r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f00000000c0)=ANY=[@ANYRES8=r2, @ANYRESDEC=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000e00)='kfree\x00', r5, 0x0, 0x4ae}, 0x18) syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f0000000180)='./file1\x00', 0x1004081, &(0x7f0000000040)=ANY=[], 0x2, 0x7f4, &(0x7f0000000d80)="$eJzs3U9oHOfZAPBnFMl2FD5/Id9HPmMcZ2znA5s6ymqVKBU5pJvVSJ5ktSt2V8WmlMTEcjCWk5AQ0pjS1JekLS2lpx7TXEMuubUUWuih7anQHHrpoRDIpSUtLZSWUnDZ2V1r9Wcl/5HlNP39RPadfeeZd953drLPznpnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACASKqzpdJkErW8vnQ6Ha4622wsbDG/395P1xRbrDci6fwX+/bFgW7Vgf9dnX1/5+FoHOo+OxT7OsW+uHzP/fc+8T+jI/3lt+jQzToyfNbY4JMk4uudTl08u7Ky/Mpt6Mgu+taPexP7rnuRv1/tPM5n9bzVyBcq81matxrpzPR06ZFTc610Lq9lrTOtdraQVptZpd1opserJ9LJmZmpNJs401iqz89Walm/8vGHy6XSdPr0xGJWabYa9UeenmhVT+W1Wl6fL2LKpdejE/N4Z0d8Jm+n7ayykKbnL6wsT23X1U7Q5JqavWt2nEMP3fvxax/95cJyZ4cc1kjS2zHLk5Pl8uT0YzOPPV4qjZZL5bUVpXXiWkSMRHQibstOy511zyZ1o709ZsOMiKv/vTNv3nCLRnr5P2qRRz2W4nSkkcZI8bj6NxbVmI1mNGKh8/w3Y+vmb8j////IH3+11XoH838/yx9YnX0wivx/uPvs8LD8v6EXO/A3OqzV+vvd3gzWvRpvxOW4GGdjJVZiOV65mTXuWd/qbfwb2dn25iOLeuTRikbksRCVoibt1aQxE9MxHaV4Nk7FXLQijbnIoxZZtOJMtKIdWbFHVaMZWVSiHY1oRhrHoxonIo3JmImZmIo0spiIM9GIpajHfMxGpWjlfFwotvvUun7d/7XnfvTCrz9+pzN9LWhyi4EknQ9znaA/bxG0Id3fQP7vRIz09u5dyUnskn03+Kru0Ds33LqrRf4fvdPdAAAAAG6jpPj2PYmIsXigmJrLa9mX7nS3AAAAgB1U/K75UKcY60w9EEnn+L+0SeSHu943AAAAYGckxTl2SUSMx4Pdqf7pUpt9CQAAAAD8Gyr+/f9wpxiPeLOocPwPAAAAnzHfGHaN/Y/29K6x21rcm/zkT9FsjiVXFk8/lFyqdOIql+7qLtcrvnitxfbcwWR/r5GimB69fE8SEaPV7FDSv/rlP/d2y0+Kx4OrFyAcdq3/ZJsOxNYdKJ7Ft+NIN+bIuW55rj+nu5bxubyWTVQbtScmk96XI+3XXrzwlSiG/836wv4kzl9YWZ54/qWVc0VfrnRauXKpd3n4pL9URPeEii36crW3BeKBzUc8VpyI0VvveHe9pcHx964mO7L1+JPBdb4VR7sxR8e75fja8e/rrHNy4onJqFT2j7Sz0+3Xrg6MvteLydWR7+2PNrmBV+GtONaNOXb8WLfYpBflNb14cWMvyoPb//q2xXX34p0jb57+688bSTa1XS+mbrEXAHfK+eKqP6tZ6O4iC/3jalcnoa3Lu3f3l7yRd7nzq58y+ssP5LrR2JDd05vJ7m/F8W7M8e7nidGDm+SV0ibv6C9fePkXvXf0R9/7/g++fPiXH6zL6zfQi/fiRDemV8R9PxuSYztj/s66rPpuZ4l3h663VSsnr++dGku6Nx+Kyw9fuHT2heUXll8sl6emS4+WSo+VY6z4qNArhvRU5gH4z7bdPXY++Oq10GF34Uke3eao+r5rPymYiOfjpViJc3GyONsgIh7cvNXxgZ8hnNzmqHV84A4vJ7c5tlyNLa+P3XssiSGxUwNb7P++VxR/u00vCADsgqPb5OEk7u3Of/2/ekusi7grSU5uc9y9Npef6N44t390HMNz+aDf98rP3/YtAgCffVnzk2S8/XbSbOaLz07OzExW2qeytNmoPpM289n5LM3r7axZPVWpz2fpYrPRblT7Xx3PZq20tbS42Gi207lGM11stPLTxZ3f096t31vZQqXezqutxVpWaWVptVFvV6rtdDZvVdPFpadqeetU1iwWbi1m1Xwur1baeaOethpLzWo2kaatLBsIzGezejufy7OxNK+ni818odK8EhG1pYUsnc1a1Wa+2G50G+yvK6/PNZoLRbMTG4f/h93e3gDwafDqG5cvnl1ZWX7l5iZ+ez3Bd3qMAMBasjQAAAAAAAAAAAAAAHz6bTxdr1N7QycCjsVNnz746t64lbMPP3sTn3u/+7LsRIO30s7da17TPb2d5c5vnxueeO7JJy+u1iSjg5v3qTcPnPpdFv3RbdHO5v+nbHaq69v7I/b88Lvdmi8MCU5Gd3ikH0bETSx+NdkiZvffiwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgO/8KAAD//wifUTs=") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r3}, 0x10) r6 = openat$cgroup_ro(r0, &(0x7f0000000380)='memory.stat\x00', 0x0, 0x0) r7 = socket$netlink(0x10, 0x3, 0x14) sendfile(r7, r6, 0x0, 0x17) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r6, 0x40605346, &(0x7f0000000040)={0xd1f, 0x1, {0x0, 0x2, 0x9, 0x2, 0xfff}, 0x9}) 0s ago: executing program 0 (id=943): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x6}, 0x18) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000600000000000000", @ANYRES32, @ANYBLOB="000095468bd100000000000000000400002000006bb70225c449ce0000109498b08a84492ef39261d7f17b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18) r4 = socket(0x10, 0x3, 0x9) connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="14000000100001000000006d5ad04364a5e4340a14"], 0x28}}, 0x0) kernel console output (not intermixed with test programs): 000000000000246 R12: 0000000000000001 [ 43.656699][ T4226] R13: 0000000000000000 R14: 00007fb8da9b5fa0 R15: 00007fff80914e18 [ 43.656715][ T4226] [ 43.922762][ T4233] sit0: entered allmulticast mode [ 44.030653][ T4244] loop4: detected capacity change from 0 to 764 [ 44.040543][ T4239] loop3: detected capacity change from 0 to 8192 [ 44.049339][ T4244] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 44.110373][ T4251] loop4: detected capacity change from 0 to 1024 [ 44.115667][ T4253] netlink: 'syz.2.226': attribute type 4 has an invalid length. [ 44.116816][ T29] kauditd_printk_skb: 325 callbacks suppressed [ 44.116828][ T29] audit: type=1400 audit(1752678772.206:1161): avc: denied { create } for pid=4252 comm="syz.2.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 44.151235][ T4251] EXT4-fs: inline encryption not supported [ 44.157131][ T4251] EXT4-fs: Ignoring removed i_version option [ 44.171072][ T4239] loop3: p2 p3 p4 [ 44.175007][ T4239] loop3: p2 start 4294967295 is beyond EOD, truncated [ 44.181852][ T4239] loop3: p3 start 83886080 is beyond EOD, truncated [ 44.188449][ T4239] loop3: p4 size 3599499264 extends beyond EOD, truncated [ 44.211895][ T29] audit: type=1400 audit(1752678772.226:1162): avc: denied { setcurrent } for pid=4252 comm="syz.2.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.231437][ T29] audit: type=1400 audit(1752678772.226:1163): avc: denied { connect } for pid=4252 comm="syz.2.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 44.251553][ T29] audit: type=1400 audit(1752678772.226:1164): avc: denied { write } for pid=4252 comm="syz.2.226" path="socket:[6660]" dev="sockfs" ino=6660 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 44.292080][ T4251] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 44.324615][ T4251] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #3: block 1: comm syz.4.225: lblock 1 mapped to illegal pblock 1 (length 1) [ 44.346042][ T4251] Quota error (device loop4): write_blk: dquota write failed [ 44.353719][ T4251] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 44.363759][ T29] audit: type=1326 audit(1752678772.426:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe98666e929 code=0x7ffc0000 [ 44.363980][ T4251] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.225: Failed to acquire dquot type 0 [ 44.387516][ T29] audit: type=1326 audit(1752678772.426:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe98666e929 code=0x7ffc0000 [ 44.422164][ T29] audit: type=1326 audit(1752678772.426:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7fe98666e929 code=0x7ffc0000 [ 44.445465][ T29] audit: type=1326 audit(1752678772.426:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe98666e929 code=0x7ffc0000 [ 44.488166][ T4251] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.225: Freeing blocks not in datazone - block = 0, count = 4096 [ 44.504754][ T4251] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.225: Invalid inode bitmap blk 0 in block_group 0 [ 44.517561][ T4251] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem [ 44.527139][ T4251] EXT4-fs (loop4): 1 orphan inode deleted [ 44.533378][ T4251] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.559856][ T51] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 44.581341][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.592028][ T51] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0 [ 44.609313][ T4251] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm syz.4.225: lblock 1 mapped to illegal pblock 1 (length 1) [ 44.625508][ T4251] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.225: Failed to acquire dquot type 0 [ 44.639092][ T4251] netlink: 4268 bytes leftover after parsing attributes in process `syz.4.225'. [ 44.677081][ T4273] loop1: detected capacity change from 0 to 512 [ 44.801784][ T4284] loop3: detected capacity change from 0 to 764 [ 44.814524][ T4284] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 44.830378][ T4286] unsupported nla_type 65024 [ 44.863510][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.872942][ T41] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 44.889333][ T41] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0 [ 44.966135][ T4295] Cannot find del_set index 0 as target [ 44.966924][ T4289] loop3: detected capacity change from 0 to 8192 [ 45.173213][ T4289] loop3: p2 p3 p4 [ 45.177428][ T4289] loop3: p2 start 4294967295 is beyond EOD, truncated [ 45.184656][ T4289] loop3: p3 start 83886080 is beyond EOD, truncated [ 45.191403][ T4289] loop3: p4 size 3599499264 extends beyond EOD, truncated [ 45.262099][ T4301] FAULT_INJECTION: forcing a failure. [ 45.262099][ T4301] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 45.275274][ T4301] CPU: 0 UID: 0 PID: 4301 Comm: syz.4.242 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 45.275298][ T4301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 45.275310][ T4301] Call Trace: [ 45.275316][ T4301] [ 45.275323][ T4301] __dump_stack+0x1d/0x30 [ 45.275420][ T4301] dump_stack_lvl+0xe8/0x140 [ 45.275506][ T4301] dump_stack+0x15/0x1b [ 45.275523][ T4301] should_fail_ex+0x265/0x280 [ 45.275622][ T4301] should_fail+0xb/0x20 [ 45.275648][ T4301] should_fail_usercopy+0x1a/0x20 [ 45.275747][ T4301] _copy_to_user+0x20/0xa0 [ 45.275785][ T4301] simple_read_from_buffer+0xb5/0x130 [ 45.275865][ T4301] proc_fail_nth_read+0x100/0x140 [ 45.275898][ T4301] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 45.275992][ T4301] vfs_read+0x19d/0x6f0 [ 45.276020][ T4301] ? __rcu_read_unlock+0x4f/0x70 [ 45.276042][ T4301] ? __fget_files+0x184/0x1c0 [ 45.276075][ T4301] ksys_read+0xda/0x1a0 [ 45.276106][ T4301] __x64_sys_read+0x40/0x50 [ 45.276210][ T4301] x64_sys_call+0x2d77/0x2fb0 [ 45.276231][ T4301] do_syscall_64+0xd2/0x200 [ 45.276273][ T4301] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 45.276336][ T4301] ? clear_bhb_loop+0x40/0x90 [ 45.276361][ T4301] ? clear_bhb_loop+0x40/0x90 [ 45.276385][ T4301] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 45.276406][ T4301] RIP: 0033:0x7fd460ead33c [ 45.276421][ T4301] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 45.276439][ T4301] RSP: 002b:00007fd45f517030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 45.276459][ T4301] RAX: ffffffffffffffda RBX: 00007fd4610d5fa0 RCX: 00007fd460ead33c [ 45.276471][ T4301] RDX: 000000000000000f RSI: 00007fd45f5170a0 RDI: 0000000000000006 [ 45.276563][ T4301] RBP: 00007fd45f517090 R08: 0000000000000000 R09: 0000000000000000 [ 45.276575][ T4301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 45.276587][ T4301] R13: 0000000000000000 R14: 00007fd4610d5fa0 R15: 00007ffc476a3f18 [ 45.276660][ T4301] [ 45.517559][ T4308] 9pnet_fd: Insufficient options for proto=fd [ 45.554479][ T4308] loop4: detected capacity change from 0 to 512 [ 45.596066][ T4308] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 45.598905][ T4313] loop9: detected capacity change from 0 to 7 [ 45.610668][ T4308] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 45.617989][ T4313] Buffer I/O error on dev loop9, logical block 0, async page read [ 45.637772][ T4313] Buffer I/O error on dev loop9, logical block 0, async page read [ 45.645787][ T4313] loop9: unable to read partition table [ 45.655285][ T4308] EXT4-fs (loop4): 1 truncate cleaned up [ 45.667546][ T4308] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.681784][ T4313] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 45.681784][ T4313] ) failed (rc=-5) [ 45.804583][ T4318] SET target dimension over the limit! [ 45.842225][ T4324] loop3: detected capacity change from 0 to 764 [ 45.857001][ T4324] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 45.900285][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.991273][ T4342] loop4: detected capacity change from 0 to 736 [ 45.997697][ T4332] loop3: detected capacity change from 0 to 8192 [ 46.006244][ T4343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 46.020081][ T4340] loop2: detected capacity change from 0 to 512 [ 46.021453][ T4343] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 46.026688][ T4332] loop3: p2 p3 p4 [ 46.048082][ T4332] loop3: p2 start 4294967295 is beyond EOD, truncated [ 46.054998][ T4332] loop3: p3 start 83886080 is beyond EOD, truncated [ 46.061650][ T4332] loop3: p4 size 3599499264 extends beyond EOD, truncated [ 46.069253][ T4340] ext4: Unknown parameter 'obj_role' [ 46.120308][ T4345] loop2: detected capacity change from 0 to 2048 [ 46.164829][ T4345] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.542125][ T4366] FAULT_INJECTION: forcing a failure. [ 46.542125][ T4366] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 46.555353][ T4366] CPU: 0 UID: 0 PID: 4366 Comm: syz.3.262 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 46.555382][ T4366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 46.555394][ T4366] Call Trace: [ 46.555402][ T4366] [ 46.555531][ T4366] __dump_stack+0x1d/0x30 [ 46.555557][ T4366] dump_stack_lvl+0xe8/0x140 [ 46.555576][ T4366] dump_stack+0x15/0x1b [ 46.555647][ T4366] should_fail_ex+0x265/0x280 [ 46.555674][ T4366] should_fail+0xb/0x20 [ 46.555699][ T4366] should_fail_usercopy+0x1a/0x20 [ 46.555787][ T4366] _copy_from_user+0x1c/0xb0 [ 46.555808][ T4366] __se_sys_mount+0x10d/0x2e0 [ 46.555902][ T4366] ? fput+0x8f/0xc0 [ 46.555926][ T4366] ? ksys_write+0x192/0x1a0 [ 46.555963][ T4366] __x64_sys_mount+0x67/0x80 [ 46.555990][ T4366] x64_sys_call+0xd36/0x2fb0 [ 46.556012][ T4366] do_syscall_64+0xd2/0x200 [ 46.556061][ T4366] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 46.556088][ T4366] ? clear_bhb_loop+0x40/0x90 [ 46.556110][ T4366] ? clear_bhb_loop+0x40/0x90 [ 46.556132][ T4366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 46.556197][ T4366] RIP: 0033:0x7fb8da78e929 [ 46.556293][ T4366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 46.556318][ T4366] RSP: 002b:00007fb8d8df7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 46.556338][ T4366] RAX: ffffffffffffffda RBX: 00007fb8da9b5fa0 RCX: 00007fb8da78e929 [ 46.556389][ T4366] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000 [ 46.556401][ T4366] RBP: 00007fb8d8df7090 R08: 0000200000000240 R09: 0000000000000000 [ 46.556411][ T4366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 46.556421][ T4366] R13: 0000000000000000 R14: 00007fb8da9b5fa0 R15: 00007fff80914e18 [ 46.556483][ T4366] [ 46.936076][ T4367] loop4: detected capacity change from 0 to 1024 [ 46.957923][ T4367] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.975630][ T4373] __nla_validate_parse: 3 callbacks suppressed [ 46.975678][ T4373] netlink: 4 bytes leftover after parsing attributes in process `syz.3.264'. [ 46.991996][ T4373] netlink: 12 bytes leftover after parsing attributes in process `syz.3.264'. [ 47.020398][ T4373] netlink: 156 bytes leftover after parsing attributes in process `syz.3.264'. [ 47.068658][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.183120][ T4377] loop9: detected capacity change from 0 to 7 [ 47.183800][ T4380] loop2: detected capacity change from 0 to 512 [ 47.189514][ T4377] Buffer I/O error on dev loop9, logical block 0, async page read [ 47.206319][ T4377] Buffer I/O error on dev loop9, logical block 0, async page read [ 47.214421][ T4377] loop9: unable to read partition table [ 47.222747][ T4380] ext4: Unknown parameter 'obj_role' [ 47.230208][ T4377] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 47.230208][ T4377] ) failed (rc=-5) [ 47.366859][ T4384] loop2: detected capacity change from 0 to 8192 [ 47.420747][ T4384] loop2: p2 p3 p4 [ 47.431286][ T4384] loop2: p2 start 4294967295 is beyond EOD, truncated [ 47.438091][ T4384] loop2: p3 start 83886080 is beyond EOD, truncated [ 47.444803][ T4384] loop2: p4 size 3599499264 extends beyond EOD, truncated [ 47.549509][ T4388] sctp: [Deprecated]: syz.2.270 (pid 4388) Use of int in maxseg socket option. [ 47.549509][ T4388] Use struct sctp_assoc_value instead [ 47.632031][ T4402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.273'. [ 47.790911][ T4407] loop2: detected capacity change from 0 to 2048 [ 47.815821][ T4407] EXT4-fs: Ignoring removed bh option [ 47.984011][ T4407] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.999811][ T4367] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.200696][ T4362] syz.4.260 (4362) used greatest stack depth: 9272 bytes left [ 48.521635][ T4359] syz.4.260 (4359) used greatest stack depth: 6952 bytes left [ 48.551411][ T4425] loop1: detected capacity change from 0 to 1024 [ 48.561521][ T4425] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 48.593531][ T4425] loop1: detected capacity change from 0 to 512 [ 48.600736][ T4425] EXT4-fs: Mount option(s) incompatible with ext2 [ 48.611875][ T4427] loop4: detected capacity change from 0 to 512 [ 48.618867][ T4427] ext4: Unknown parameter 'obj_role' [ 48.701318][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.710632][ T4429] loop1: detected capacity change from 0 to 8192 [ 48.745627][ T4429] loop1: p2 p3 p4 [ 48.750361][ T4429] loop1: p2 start 4294967295 is beyond EOD, truncated [ 48.757196][ T4429] loop1: p3 start 83886080 is beyond EOD, truncated [ 48.763867][ T4429] loop1: p4 size 3599499264 extends beyond EOD, truncated [ 48.900157][ T4437] pim6reg: entered allmulticast mode [ 48.916322][ T29] kauditd_printk_skb: 72 callbacks suppressed [ 48.916337][ T29] audit: type=1326 audit(1752679545.217:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4436 comm="syz.0.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 48.953997][ T29] audit: type=1326 audit(1752679545.227:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4436 comm="syz.0.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 48.977421][ T29] audit: type=1326 audit(1752679545.227:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4436 comm="syz.0.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 49.001322][ T29] audit: type=1326 audit(1752679545.227:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4436 comm="syz.0.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 49.024854][ T29] audit: type=1326 audit(1752679545.227:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4436 comm="syz.0.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 49.048531][ T29] audit: type=1326 audit(1752679545.227:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4436 comm="syz.0.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 49.072111][ T29] audit: type=1326 audit(1752679545.227:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4436 comm="syz.0.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 49.095551][ T29] audit: type=1326 audit(1752679545.227:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4436 comm="syz.0.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 49.119458][ T29] audit: type=1326 audit(1752679545.227:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4436 comm="syz.0.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 49.142835][ T29] audit: type=1326 audit(1752679545.227:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4436 comm="syz.0.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 49.196143][ T4449] FAULT_INJECTION: forcing a failure. [ 49.196143][ T4449] name failslab, interval 1, probability 0, space 0, times 0 [ 49.208853][ T4449] CPU: 1 UID: 0 PID: 4449 Comm: syz.0.287 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 49.208991][ T4449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 49.209004][ T4449] Call Trace: [ 49.209010][ T4449] [ 49.209018][ T4449] __dump_stack+0x1d/0x30 [ 49.209042][ T4449] dump_stack_lvl+0xe8/0x140 [ 49.209066][ T4449] dump_stack+0x15/0x1b [ 49.209083][ T4449] should_fail_ex+0x265/0x280 [ 49.209259][ T4449] ? __request_module+0x1c4/0x3e0 [ 49.209283][ T4449] should_failslab+0x8c/0xb0 [ 49.209302][ T4449] ? crypto_alg_mod_lookup+0xa1/0x490 [ 49.209323][ T4449] __kmalloc_cache_noprof+0x4c/0x320 [ 49.209424][ T4449] ? crypto_alg_mod_lookup+0xa1/0x490 [ 49.209545][ T4449] __request_module+0x1c4/0x3e0 [ 49.209568][ T4449] crypto_alg_mod_lookup+0xa1/0x490 [ 49.209663][ T4449] crypto_alloc_tfm_node+0xb5/0x2b0 [ 49.209690][ T4449] ? tls_set_sw_offload+0x12d/0xba0 [ 49.209720][ T4449] crypto_alloc_aead+0x2d/0x40 [ 49.209753][ T4449] tls_set_sw_offload+0x65a/0xba0 [ 49.209786][ T4449] tls_setsockopt+0x9b9/0xce0 [ 49.209808][ T4449] sock_common_setsockopt+0x69/0x80 [ 49.209831][ T4449] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 49.209925][ T4449] __sys_setsockopt+0x184/0x200 [ 49.209971][ T4449] __x64_sys_setsockopt+0x64/0x80 [ 49.210003][ T4449] x64_sys_call+0x2bd5/0x2fb0 [ 49.210024][ T4449] do_syscall_64+0xd2/0x200 [ 49.210040][ T4449] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 49.210115][ T4449] ? clear_bhb_loop+0x40/0x90 [ 49.210161][ T4449] ? clear_bhb_loop+0x40/0x90 [ 49.210230][ T4449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 49.210253][ T4449] RIP: 0033:0x7fe64a67e929 [ 49.210267][ T4449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 49.210281][ T4449] RSP: 002b:00007fe648ce7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 49.210297][ T4449] RAX: ffffffffffffffda RBX: 00007fe64a8a5fa0 RCX: 00007fe64a67e929 [ 49.210311][ T4449] RDX: 0000000000000001 RSI: 000000000000011a RDI: 0000000000000003 [ 49.210345][ T4449] RBP: 00007fe648ce7090 R08: 0000000000000038 R09: 0000000000000000 [ 49.210358][ T4449] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001 [ 49.210370][ T4449] R13: 0000000000000000 R14: 00007fe64a8a5fa0 R15: 00007ffcac68a1d8 [ 49.210415][ T4449] [ 49.446451][ T4447] loop3: detected capacity change from 0 to 1024 [ 49.457071][ T4447] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040e01c, mo2=0002] [ 49.501704][ T4456] loop4: detected capacity change from 0 to 164 [ 49.507672][ T4447] System zones: 0-1, 3-36 [ 49.524329][ T4447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.563890][ T4447] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 49.672842][ T4456] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 49.708859][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.728213][ T4456] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 49.755403][ T4456] Symlink component flag not implemented [ 49.761076][ T4456] Symlink component flag not implemented [ 49.796068][ T4463] loop0: detected capacity change from 0 to 512 [ 49.815412][ T4463] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 49.826638][ T4456] Symlink component flag not implemented (7) [ 49.832774][ T4456] Symlink component flag not implemented (116) [ 49.875886][ T4463] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.894454][ T4469] loop3: detected capacity change from 0 to 512 [ 49.901242][ T4469] ext4: Unknown parameter 'obj_role' [ 49.916259][ T4463] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.086607][ T4471] loop3: detected capacity change from 0 to 8192 [ 50.170642][ T4471] loop3: p2 p3 p4 [ 50.174555][ T4471] loop3: p2 start 4294967295 is beyond EOD, truncated [ 50.181377][ T4471] loop3: p3 start 83886080 is beyond EOD, truncated [ 50.187998][ T4471] loop3: p4 size 3599499264 extends beyond EOD, truncated [ 50.206306][ T4477] netlink: 24 bytes leftover after parsing attributes in process `syz.4.294'. [ 50.287281][ T4477] loop4: detected capacity change from 0 to 2048 [ 50.393716][ T4482] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 50.422838][ T4482] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 50.596538][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.686614][ T4499] netlink: 64 bytes leftover after parsing attributes in process `syz.4.298'. [ 50.715451][ T4498] netlink: 'syz.2.301': attribute type 16 has an invalid length. [ 50.723286][ T4498] netlink: 'syz.2.301': attribute type 17 has an invalid length. [ 50.820149][ T4498] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 50.864819][ T4504] can0: slcan on ttyS3. [ 50.950662][ T4512] loop0: detected capacity change from 0 to 512 [ 50.973742][ T4512] ext4: Unknown parameter 'obj_role' [ 50.982909][ T4500] netlink: 'syz.1.299': attribute type 4 has an invalid length. [ 51.231268][ T4524] netlink: 64 bytes leftover after parsing attributes in process `syz.1.309'. [ 51.287275][ T4524] FAULT_INJECTION: forcing a failure. [ 51.287275][ T4524] name failslab, interval 1, probability 0, space 0, times 0 [ 51.300079][ T4524] CPU: 0 UID: 0 PID: 4524 Comm: +}[@ Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 51.300189][ T4524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 51.300215][ T4524] Call Trace: [ 51.300220][ T4524] [ 51.300227][ T4524] __dump_stack+0x1d/0x30 [ 51.300248][ T4524] dump_stack_lvl+0xe8/0x140 [ 51.300264][ T4524] dump_stack+0x15/0x1b [ 51.300278][ T4524] should_fail_ex+0x265/0x280 [ 51.300317][ T4524] should_failslab+0x8c/0xb0 [ 51.300342][ T4524] kmem_cache_alloc_node_noprof+0x57/0x320 [ 51.300372][ T4524] ? __alloc_skb+0x101/0x320 [ 51.300471][ T4524] __alloc_skb+0x101/0x320 [ 51.300496][ T4524] netlink_alloc_large_skb+0xba/0xf0 [ 51.300595][ T4524] netlink_sendmsg+0x3cf/0x6b0 [ 51.300634][ T4524] ? __pfx_netlink_sendmsg+0x10/0x10 [ 51.300705][ T4524] __sock_sendmsg+0x145/0x180 [ 51.300794][ T4524] ____sys_sendmsg+0x31e/0x4e0 [ 51.300893][ T4524] ___sys_sendmsg+0x17b/0x1d0 [ 51.301000][ T4524] __x64_sys_sendmsg+0xd4/0x160 [ 51.301076][ T4524] x64_sys_call+0x2999/0x2fb0 [ 51.301095][ T4524] do_syscall_64+0xd2/0x200 [ 51.301169][ T4524] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 51.301192][ T4524] ? clear_bhb_loop+0x40/0x90 [ 51.301211][ T4524] ? clear_bhb_loop+0x40/0x90 [ 51.301232][ T4524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.301291][ T4524] RIP: 0033:0x7efdc45be929 [ 51.301308][ T4524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.301329][ T4524] RSP: 002b:00007efdc2c27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 51.301346][ T4524] RAX: ffffffffffffffda RBX: 00007efdc47e5fa0 RCX: 00007efdc45be929 [ 51.301356][ T4524] RDX: 0000000000000000 RSI: 0000200000001ac0 RDI: 0000000000000008 [ 51.301366][ T4524] RBP: 00007efdc2c27090 R08: 0000000000000000 R09: 0000000000000000 [ 51.301377][ T4524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.301472][ T4524] R13: 0000000000000000 R14: 00007efdc47e5fa0 R15: 00007ffcd1de70b8 [ 51.301492][ T4524] [ 51.596648][ T4535] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.611144][ T4536] loop3: detected capacity change from 0 to 764 [ 51.619116][ T4536] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 51.680922][ T4542] netlink: 1700 bytes leftover after parsing attributes in process `syz.0.315'. [ 51.702354][ T4535] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.735645][ T4503] can0 (unregistered): slcan off ttyS3. [ 51.764866][ T4546] FAULT_INJECTION: forcing a failure. [ 51.764866][ T4546] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 51.778290][ T4546] CPU: 1 UID: 0 PID: 4546 Comm: syz.3.317 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 51.778315][ T4546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 51.778326][ T4546] Call Trace: [ 51.778331][ T4546] [ 51.778339][ T4546] __dump_stack+0x1d/0x30 [ 51.778423][ T4546] dump_stack_lvl+0xe8/0x140 [ 51.778439][ T4546] dump_stack+0x15/0x1b [ 51.778453][ T4546] should_fail_ex+0x265/0x280 [ 51.778486][ T4546] should_fail+0xb/0x20 [ 51.778567][ T4546] should_fail_usercopy+0x1a/0x20 [ 51.778595][ T4546] _copy_from_user+0x1c/0xb0 [ 51.778759][ T4546] memdup_user+0x5e/0xd0 [ 51.778781][ T4546] io_parse_restrictions+0x56/0x210 [ 51.778899][ T4546] io_register_restrictions+0x81/0xc0 [ 51.778924][ T4546] __se_sys_io_uring_register+0xd72/0xeb0 [ 51.779020][ T4546] ? fput+0x8f/0xc0 [ 51.779041][ T4546] ? ksys_write+0x192/0x1a0 [ 51.779149][ T4546] __x64_sys_io_uring_register+0x55/0x70 [ 51.779190][ T4546] x64_sys_call+0xc91/0x2fb0 [ 51.779211][ T4546] do_syscall_64+0xd2/0x200 [ 51.779228][ T4546] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 51.779323][ T4546] ? clear_bhb_loop+0x40/0x90 [ 51.779347][ T4546] ? clear_bhb_loop+0x40/0x90 [ 51.779365][ T4546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.779406][ T4546] RIP: 0033:0x7fb8da78e929 [ 51.779506][ T4546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.779524][ T4546] RSP: 002b:00007fb8d8df7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 51.779610][ T4546] RAX: ffffffffffffffda RBX: 00007fb8da9b5fa0 RCX: 00007fb8da78e929 [ 51.779624][ T4546] RDX: 0000200000000280 RSI: 000000000000000b RDI: 0000000000000005 [ 51.779638][ T4546] RBP: 00007fb8d8df7090 R08: 0000000000000000 R09: 0000000000000000 [ 51.779651][ T4546] R10: 0000000000000019 R11: 0000000000000246 R12: 0000000000000001 [ 51.779664][ T4546] R13: 0000000000000000 R14: 00007fb8da9b5fa0 R15: 00007fff80914e18 [ 51.779682][ T4546] [ 52.023646][ T4551] SELinux: failed to load policy [ 52.032485][ T4535] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.065767][ T4557] loop4: detected capacity change from 0 to 1024 [ 52.073431][ T4557] EXT4-fs: Ignoring removed orlov option [ 52.079276][ T4557] EXT4-fs: Ignoring removed nomblk_io_submit option [ 52.120460][ T4564] netlink: 8 bytes leftover after parsing attributes in process `syz.3.324'. [ 52.129402][ T4564] netlink: 8 bytes leftover after parsing attributes in process `syz.3.324'. [ 52.162308][ T4566] loop0: detected capacity change from 0 to 764 [ 52.171612][ T4535] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.186213][ T4557] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.199538][ T4566] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 52.234144][ T4535] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.247047][ T4535] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.251893][ T4575] netlink: 'syz.0.327': attribute type 1 has an invalid length. [ 52.259518][ T4535] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.277604][ T4575] bond1: entered promiscuous mode [ 52.295404][ T4575] 8021q: adding VLAN 0 to HW filter on device bond1 [ 52.306681][ T4535] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.357077][ T4575] netlink: 3 bytes leftover after parsing attributes in process `syz.0.327'. [ 52.372570][ T4575] batadv1: entered promiscuous mode [ 52.377948][ T4575] batadv1: entered allmulticast mode [ 52.384434][ T4575] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 52.392464][ T4575] bond1: (slave batadv1): making interface the new active one [ 52.401534][ T4575] bond1: (slave batadv1): Enslaving as an active interface with an up link [ 52.433763][ T4591] loop3: detected capacity change from 0 to 128 [ 52.438484][ T4593] SELinux: syz.0.334 (4593) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 52.456004][ T4595] loop1: detected capacity change from 0 to 256 [ 52.465339][ T4597] loop2: detected capacity change from 0 to 512 [ 52.473158][ T4597] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 52.482142][ T4597] EXT4-fs (loop2): invalid journal inode [ 52.482250][ T4591] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 52.488802][ T4597] EXT4-fs (loop2): can't get journal size [ 52.505868][ T4591] ext4 filesystem being mounted at /58/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 52.553522][ T4597] EXT4-fs (loop2): 1 truncate cleaned up [ 52.568295][ T4597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.580996][ T3318] EXT4-fs error (device loop3): htree_dirblock_to_tree:1080: inode #2: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1 [ 52.602668][ T4597] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.633506][ T4600] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 52.980247][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.166821][ T4615] SELinux: syz.0.341 (4615) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 53.191420][ T58] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.222370][ T4615] FAULT_INJECTION: forcing a failure. [ 53.222370][ T4615] name failslab, interval 1, probability 0, space 0, times 0 [ 53.235227][ T4615] CPU: 1 UID: 0 PID: 4615 Comm: syz.0.341 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 53.235273][ T4615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 53.235392][ T4615] Call Trace: [ 53.235398][ T4615] [ 53.235406][ T4615] __dump_stack+0x1d/0x30 [ 53.235453][ T4615] dump_stack_lvl+0xe8/0x140 [ 53.235473][ T4615] dump_stack+0x15/0x1b [ 53.235530][ T4615] should_fail_ex+0x265/0x280 [ 53.235555][ T4615] should_failslab+0x8c/0xb0 [ 53.235575][ T4615] __kmalloc_noprof+0xa5/0x3e0 [ 53.235667][ T4615] ? sel_write_user+0x197/0x440 [ 53.235691][ T4615] sel_write_user+0x197/0x440 [ 53.235718][ T4615] selinux_transaction_write+0xc3/0x110 [ 53.235742][ T4615] ? __pfx_selinux_transaction_write+0x10/0x10 [ 53.235772][ T4615] vfs_write+0x269/0x8e0 [ 53.235798][ T4615] ? __rcu_read_unlock+0x4f/0x70 [ 53.235886][ T4615] ? __fget_files+0x184/0x1c0 [ 53.235985][ T4615] ksys_write+0xda/0x1a0 [ 53.236017][ T4615] __x64_sys_write+0x40/0x50 [ 53.236048][ T4615] x64_sys_call+0x2cdd/0x2fb0 [ 53.236146][ T4615] do_syscall_64+0xd2/0x200 [ 53.236174][ T4615] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 53.236200][ T4615] ? clear_bhb_loop+0x40/0x90 [ 53.236230][ T4615] ? clear_bhb_loop+0x40/0x90 [ 53.236251][ T4615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.236380][ T4615] RIP: 0033:0x7fe64a67e929 [ 53.236396][ T4615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 53.236413][ T4615] RSP: 002b:00007fe648ce7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 53.236432][ T4615] RAX: ffffffffffffffda RBX: 00007fe64a8a5fa0 RCX: 00007fe64a67e929 [ 53.236445][ T4615] RDX: 0000000000000027 RSI: 0000200000000040 RDI: 0000000000000003 [ 53.236457][ T4615] RBP: 00007fe648ce7090 R08: 0000000000000000 R09: 0000000000000000 [ 53.236468][ T4615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.236514][ T4615] R13: 0000000000000000 R14: 00007fe64a8a5fa0 R15: 00007ffcac68a1d8 [ 53.236529][ T4615] [ 53.449083][ T4618] netlink: 8 bytes leftover after parsing attributes in process `syz.4.345'. [ 53.501310][ T58] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.546041][ T4628] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.559194][ T58] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.612840][ T4628] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.639961][ T58] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.667970][ T4644] loop2: detected capacity change from 0 to 512 [ 53.704220][ T4644] ext4: Unknown parameter 'obj_role' [ 53.710686][ T4628] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.734315][ T4642] syzkaller1: entered promiscuous mode [ 53.739942][ T4642] syzkaller1: entered allmulticast mode [ 53.775207][ T4648] loop1: detected capacity change from 0 to 512 [ 53.791739][ T4648] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 53.804152][ T4648] EXT4-fs (loop1): 1 truncate cleaned up [ 53.804291][ T4628] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.810475][ T4648] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.845280][ T58] bridge_slave_1: left allmulticast mode [ 53.851021][ T58] bridge_slave_1: left promiscuous mode [ 53.856710][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.866312][ T58] bridge_slave_0: left allmulticast mode [ 53.872139][ T58] bridge_slave_0: left promiscuous mode [ 53.877927][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.883640][ T29] kauditd_printk_skb: 247 callbacks suppressed [ 53.883652][ T29] audit: type=1400 audit(1752679550.424:1494): avc: denied { map } for pid=4647 comm="syz.1.354" path="/62/file1/blkio.bfq.io_wait_time_recursive" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 53.920822][ T4648] FAULT_INJECTION: forcing a failure. [ 53.920822][ T4648] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 53.934013][ T4648] CPU: 0 UID: 0 PID: 4648 Comm: syz.1.354 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 53.934030][ T4648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 53.934037][ T4648] Call Trace: [ 53.934042][ T4648] [ 53.934047][ T4648] __dump_stack+0x1d/0x30 [ 53.934061][ T4648] dump_stack_lvl+0xe8/0x140 [ 53.934134][ T4648] dump_stack+0x15/0x1b [ 53.934143][ T4648] should_fail_ex+0x265/0x280 [ 53.934189][ T4648] should_fail+0xb/0x20 [ 53.934303][ T4648] should_fail_usercopy+0x1a/0x20 [ 53.934322][ T4648] strncpy_from_user+0x25/0x230 [ 53.934335][ T4648] ? copy_from_user_nofault+0xa2/0x120 [ 53.934361][ T4648] strncpy_from_user_nofault+0x68/0xf0 [ 53.934379][ T4648] bpf_probe_read_compat_str+0xb4/0x130 [ 53.934399][ T4648] bpf_prog_5e0791613c78f632+0x3e/0x44 [ 53.934409][ T4648] bpf_trace_run3+0x10f/0x1d0 [ 53.934475][ T4648] ? free_buffer_head+0x48/0x1c0 [ 53.934495][ T4648] ? __slab_free+0x77/0x270 [ 53.934512][ T4648] ? free_buffer_head+0x48/0x1c0 [ 53.934592][ T4648] __traceiter_kmem_cache_free+0x35/0x60 [ 53.934604][ T4648] ? free_buffer_head+0x48/0x1c0 [ 53.934618][ T4648] kmem_cache_free+0x257/0x300 [ 53.934694][ T4648] ? folio_account_cleaned+0x195/0x1d0 [ 53.934708][ T4648] free_buffer_head+0x48/0x1c0 [ 53.934784][ T4648] try_to_free_buffers+0x11e/0x170 [ 53.934795][ T4648] ext4_release_folio+0xb8/0x180 [ 53.934874][ T4648] ? __pfx_ext4_release_folio+0x10/0x10 [ 53.934898][ T4648] filemap_release_folio+0xcd/0x150 [ 53.934984][ T4648] block_invalidate_folio+0x35f/0x3b0 [ 53.935003][ T4648] ext4_invalidate_folio+0x73/0x150 [ 53.935031][ T4648] ? __pfx_ext4_invalidate_folio+0x10/0x10 [ 53.935075][ T4648] truncate_cleanup_folio+0x175/0x1f0 [ 53.935087][ T4648] truncate_inode_pages_range+0x182/0x690 [ 53.935113][ T4648] truncate_pagecache_range+0x83/0xa0 [ 53.935126][ T4648] ext4_truncate_page_cache_block_range+0x357/0x370 [ 53.935175][ T4648] ? ext4_update_disksize_before_punch+0x11a/0x210 [ 53.935194][ T4648] ext4_punch_hole+0x1ff/0x770 [ 53.935296][ T4648] ? mnt_put_write_access_file+0x80/0xa0 [ 53.935320][ T4648] ? file_modified_flags+0x32f/0x350 [ 53.935426][ T4648] ext4_fallocate+0x2ee/0x660 [ 53.935449][ T4648] vfs_fallocate+0x413/0x450 [ 53.935461][ T4648] madvise_do_behavior+0x1152/0x1f20 [ 53.935538][ T4648] ? 0xffffffff81000000 [ 53.935603][ T4648] ? __rcu_read_unlock+0x4f/0x70 [ 53.935616][ T4648] ? get_pid_task+0x96/0xd0 [ 53.935628][ T4648] ? proc_fail_nth_write+0x12d/0x160 [ 53.935694][ T4648] ? down_read+0x77/0xe0 [ 53.935712][ T4648] do_madvise+0x103/0x190 [ 53.935728][ T4648] __x64_sys_madvise+0x64/0x80 [ 53.935741][ T4648] x64_sys_call+0x2455/0x2fb0 [ 53.935790][ T4648] do_syscall_64+0xd2/0x200 [ 53.935799][ T4648] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 53.935814][ T4648] ? clear_bhb_loop+0x40/0x90 [ 53.935924][ T4648] ? clear_bhb_loop+0x40/0x90 [ 53.936003][ T4648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.936015][ T4648] RIP: 0033:0x7efdc45be929 [ 53.936023][ T4648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 53.936033][ T4648] RSP: 002b:00007efdc2c27038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 53.936056][ T4648] RAX: ffffffffffffffda RBX: 00007efdc47e5fa0 RCX: 00007efdc45be929 [ 53.936063][ T4648] RDX: 0000000000000009 RSI: 0000000000600002 RDI: 0000200000000000 [ 53.936070][ T4648] RBP: 00007efdc2c27090 R08: 0000000000000000 R09: 0000000000000000 [ 53.936079][ T4648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.936090][ T4648] R13: 0000000000000000 R14: 00007efdc47e5fa0 R15: 00007ffcd1de70b8 [ 53.936108][ T4648] [ 54.316078][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.350878][ T4660] loop1: detected capacity change from 0 to 256 [ 54.382812][ T29] audit: type=1326 audit(1752679550.949:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4663 comm="syz.1.360" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efdc45be929 code=0x0 [ 54.410921][ T4666] loop0: detected capacity change from 0 to 512 [ 54.418956][ T4666] EXT4-fs (loop0): orphan cleanup on readonly fs [ 54.425981][ T4666] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.361: bad orphan inode 13 [ 54.436259][ T4666] ext4_test_bit(bit=12, block=18) = 1 [ 54.436279][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 54.450919][ T4666] is_bad_inode(inode)=0 [ 54.455402][ T4666] NEXT_ORPHAN(inode)=2130706432 [ 54.460302][ T4666] max_ino=32 [ 54.463528][ T4666] i_nlink=1 [ 54.467223][ T4666] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 54.480615][ T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 54.489274][ T29] audit: type=1400 audit(1752679551.065:1496): avc: denied { execute } for pid=4665 comm="syz.0.361" name="file2" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 54.513085][ T58] bond0 (unregistering): Released all slaves [ 54.522671][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.539731][ T4619] chnl_net:caif_netlink_parms(): no params data found [ 54.556967][ T4628] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.572250][ T29] audit: type=1326 audit(1752679551.149:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4671 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 54.598980][ T4628] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.607515][ T4674] loop2: detected capacity change from 0 to 764 [ 54.609225][ T29] audit: type=1326 audit(1752679551.149:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4671 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 54.637525][ T29] audit: type=1326 audit(1752679551.149:1499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4671 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 54.660947][ T29] audit: type=1326 audit(1752679551.149:1500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4671 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 54.684529][ T29] audit: type=1326 audit(1752679551.149:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4671 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 54.684553][ T29] audit: type=1326 audit(1752679551.149:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4671 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 54.684584][ T29] audit: type=1326 audit(1752679551.149:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4671 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 54.708101][ T4674] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 54.767782][ T58] hsr_slave_0: left promiscuous mode [ 54.773300][ T4674] Symlink component flag not implemented [ 54.779310][ T4674] Symlink component flag not implemented (7) [ 54.779376][ T58] hsr_slave_1: left promiscuous mode [ 54.791410][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 54.799006][ T58] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 54.806843][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 54.814548][ T58] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 54.825246][ T58] veth1_macvtap: left promiscuous mode [ 54.832704][ T58] veth0_macvtap: left promiscuous mode [ 54.835916][ T4678] loop2: detected capacity change from 0 to 512 [ 54.838332][ T58] veth1_vlan: left promiscuous mode [ 54.845187][ T4678] ext4: Unknown parameter 'obj_role' [ 54.851295][ T58] veth0_vlan: left promiscuous mode [ 54.901457][ T4680] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 54.925570][ T4680] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 54.944863][ T58] team0 (unregistering): Port device team_slave_1 removed [ 54.955465][ T58] team0 (unregistering): Port device team_slave_0 removed [ 54.984120][ T58] team0 (unregistering): Port device dummy0 removed [ 55.017697][ T4628] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.033176][ T4685] loop0: detected capacity change from 0 to 764 [ 55.042745][ T4628] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.054145][ T4685] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 55.076977][ T4619] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.084085][ T4619] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.093559][ T4619] bridge_slave_0: entered allmulticast mode [ 55.100374][ T4619] bridge_slave_0: entered promiscuous mode [ 55.120589][ T4619] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.127794][ T4619] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.138292][ T4619] bridge_slave_1: entered allmulticast mode [ 55.144931][ T4619] bridge_slave_1: entered promiscuous mode [ 55.172372][ T4693] loop4: detected capacity change from 0 to 256 [ 55.181259][ T4619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.194009][ T4691] syzkaller1: entered promiscuous mode [ 55.199610][ T4691] syzkaller1: entered allmulticast mode [ 55.210005][ T4619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.235776][ T4619] team0: Port device team_slave_0 added [ 55.242780][ T4697] SELinux: syz.4.372 (4697) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 55.258363][ T4619] team0: Port device team_slave_1 added [ 55.275890][ T4619] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.276164][ T4699] loop4: detected capacity change from 0 to 764 [ 55.283175][ T4619] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.283250][ T4619] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.326959][ T4619] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.328787][ T4699] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 55.333990][ T4619] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.334043][ T4619] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.407244][ T4703] FAULT_INJECTION: forcing a failure. [ 55.407244][ T4703] name failslab, interval 1, probability 0, space 0, times 0 [ 55.420330][ T4703] CPU: 1 UID: 0 PID: 4703 Comm: syz.0.375 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 55.420355][ T4703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 55.420368][ T4703] Call Trace: [ 55.420374][ T4703] [ 55.420395][ T4703] __dump_stack+0x1d/0x30 [ 55.420415][ T4703] dump_stack_lvl+0xe8/0x140 [ 55.420435][ T4703] dump_stack+0x15/0x1b [ 55.420452][ T4703] should_fail_ex+0x265/0x280 [ 55.420551][ T4703] should_failslab+0x8c/0xb0 [ 55.420574][ T4703] kmem_cache_alloc_noprof+0x50/0x310 [ 55.420595][ T4703] ? security_inode_alloc+0x37/0x100 [ 55.420695][ T4703] security_inode_alloc+0x37/0x100 [ 55.420724][ T4703] inode_init_always_gfp+0x4b7/0x500 [ 55.420757][ T4703] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 55.420801][ T4703] alloc_inode+0x58/0x170 [ 55.420901][ T4703] new_inode+0x1d/0xe0 [ 55.420921][ T4703] shmem_get_inode+0x244/0x750 [ 55.420956][ T4703] __shmem_file_setup+0x113/0x210 [ 55.420982][ T4703] shmem_file_setup+0x3b/0x50 [ 55.421068][ T4703] __se_sys_memfd_create+0x2c3/0x590 [ 55.421094][ T4703] __x64_sys_memfd_create+0x31/0x40 [ 55.421136][ T4703] x64_sys_call+0x122f/0x2fb0 [ 55.421173][ T4703] do_syscall_64+0xd2/0x200 [ 55.421189][ T4703] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 55.421211][ T4703] ? clear_bhb_loop+0x40/0x90 [ 55.421286][ T4703] ? clear_bhb_loop+0x40/0x90 [ 55.421308][ T4703] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.421330][ T4703] RIP: 0033:0x7fe64a67e929 [ 55.421346][ T4703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.421442][ T4703] RSP: 002b:00007fe648ce6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 55.421461][ T4703] RAX: ffffffffffffffda RBX: 000000000000072b RCX: 00007fe64a67e929 [ 55.421493][ T4703] RDX: 00007fe648ce6ef0 RSI: 0000000000000000 RDI: 00007fe64a7014cc [ 55.421504][ T4703] RBP: 00002000000007c0 R08: 00007fe648ce6bb7 R09: 00007fe648ce6e40 [ 55.421516][ T4703] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0 [ 55.421529][ T4703] R13: 00007fe648ce6ef0 R14: 00007fe648ce6eb0 R15: 0000200000000080 [ 55.421547][ T4703] [ 55.643109][ T4619] hsr_slave_0: entered promiscuous mode [ 55.657428][ T4619] hsr_slave_1: entered promiscuous mode [ 55.669604][ T4619] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.682081][ T4619] Cannot create hsr debugfs directory [ 55.686856][ T4707] loop1: detected capacity change from 0 to 512 [ 55.698599][ T4707] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 55.712582][ T4708] netem: change failed [ 55.740817][ T4707] EXT4-fs (loop1): 1 truncate cleaned up [ 55.747150][ T4707] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 55.823361][ T4619] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 55.824214][ T4718] capability: warning: `syz.2.380' uses deprecated v2 capabilities in a way that may be insecure [ 55.843792][ T4619] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 55.855982][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.860012][ T4619] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 55.906767][ T4724] loop1: detected capacity change from 0 to 256 [ 55.924953][ T4619] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 56.095204][ T4619] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.103440][ T4735] loop1: detected capacity change from 0 to 764 [ 56.108826][ T4619] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.120025][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.127180][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.169133][ T4735] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 56.177942][ T4735] Symlink component flag not implemented [ 56.188015][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.195234][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.205271][ T4735] Symlink component flag not implemented (7) [ 56.220366][ T4619] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 56.230969][ T4619] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 56.313967][ T4619] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.335185][ T4754] loop0: detected capacity change from 0 to 512 [ 56.343465][ T4754] EXT4-fs (loop0): orphan cleanup on readonly fs [ 56.351711][ T4754] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.388: bad orphan inode 13 [ 56.362352][ T4754] ext4_test_bit(bit=12, block=18) = 1 [ 56.362993][ T4747] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 56.367798][ T4754] is_bad_inode(inode)=0 [ 56.367806][ T4754] NEXT_ORPHAN(inode)=2130706432 [ 56.367812][ T4754] max_ino=32 [ 56.367817][ T4754] i_nlink=1 [ 56.368373][ T4754] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 56.384001][ T4747] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 56.385068][ T4754] FAULT_INJECTION: forcing a failure. [ 56.385068][ T4754] name failslab, interval 1, probability 0, space 0, times 0 [ 56.422817][ T4754] CPU: 1 UID: 0 PID: 4754 Comm: syz.0.388 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 56.422859][ T4754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 56.422870][ T4754] Call Trace: [ 56.422874][ T4754] [ 56.422880][ T4754] __dump_stack+0x1d/0x30 [ 56.422902][ T4754] dump_stack_lvl+0xe8/0x140 [ 56.422922][ T4754] dump_stack+0x15/0x1b [ 56.422940][ T4754] should_fail_ex+0x265/0x280 [ 56.422996][ T4754] should_failslab+0x8c/0xb0 [ 56.423015][ T4754] kmem_cache_alloc_lru_noprof+0x55/0x310 [ 56.423041][ T4754] ? __d_alloc+0x3d/0x350 [ 56.423066][ T4754] __d_alloc+0x3d/0x350 [ 56.423136][ T4754] d_alloc_parallel+0x53/0xc40 [ 56.423229][ T4754] ? __rcu_read_unlock+0x4f/0x70 [ 56.423248][ T4754] ? __d_lookup+0x316/0x340 [ 56.423341][ T4754] ? try_to_unlazy+0x25e/0x3a0 [ 56.423364][ T4754] path_openat+0x6b5/0x2170 [ 56.423396][ T4754] do_filp_open+0x109/0x230 [ 56.423498][ T4754] do_open_execat+0xd8/0x260 [ 56.423529][ T4754] open_exec+0x3d/0x60 [ 56.423553][ T4754] bm_register_write+0x8e9/0xbf0 [ 56.423596][ T4754] ? __pfx_bm_register_write+0x10/0x10 [ 56.423616][ T4754] vfs_write+0x269/0x8e0 [ 56.423640][ T4754] ? __rcu_read_unlock+0x4f/0x70 [ 56.423692][ T4754] ? __fget_files+0x184/0x1c0 [ 56.423710][ T4754] ksys_write+0xda/0x1a0 [ 56.423783][ T4754] __x64_sys_write+0x40/0x50 [ 56.423809][ T4754] x64_sys_call+0x2cdd/0x2fb0 [ 56.423828][ T4754] do_syscall_64+0xd2/0x200 [ 56.423847][ T4754] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 56.423945][ T4754] ? clear_bhb_loop+0x40/0x90 [ 56.423966][ T4754] ? clear_bhb_loop+0x40/0x90 [ 56.423988][ T4754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.424010][ T4754] RIP: 0033:0x7fe64a67e929 [ 56.424025][ T4754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.424048][ T4754] RSP: 002b:00007fe648ce7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 56.424065][ T4754] RAX: ffffffffffffffda RBX: 00007fe64a8a5fa0 RCX: 00007fe64a67e929 [ 56.424082][ T4754] RDX: 0000000000000032 RSI: 0000200000000440 RDI: 0000000000000007 [ 56.424094][ T4754] RBP: 00007fe648ce7090 R08: 0000000000000000 R09: 0000000000000000 [ 56.424104][ T4754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.424116][ T4754] R13: 0000000000000000 R14: 00007fe64a8a5fa0 R15: 00007ffcac68a1d8 [ 56.424141][ T4754] [ 56.424482][ T4754] binfmt_misc: register: failed to install interpreter file ./file2 [ 56.596245][ T4619] veth0_vlan: entered promiscuous mode [ 56.686632][ T4619] veth1_vlan: entered promiscuous mode [ 56.702024][ T4619] veth0_macvtap: entered promiscuous mode [ 56.711413][ T4619] veth1_macvtap: entered promiscuous mode [ 56.722664][ T4619] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.733171][ T4768] IPVS: stopping master sync thread 4769 ... [ 56.735431][ T4769] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 56.751496][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.771217][ T4619] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.788302][ T4619] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.797201][ T4619] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.804079][ T4774] loop1: detected capacity change from 0 to 256 [ 56.806025][ T4619] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.821226][ T4619] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.868373][ T4781] loop0: detected capacity change from 0 to 512 [ 56.875338][ T4781] ext4: Unknown parameter 'obj_role' [ 56.883316][ T4775] syzkaller1: entered promiscuous mode [ 56.888957][ T4775] syzkaller1: entered allmulticast mode [ 56.929935][ T4789] loop1: detected capacity change from 0 to 764 [ 56.938567][ T4789] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 56.957845][ T4789] Symlink component flag not implemented [ 56.970432][ T4789] Symlink component flag not implemented (7) [ 57.157579][ T4804] SELinux: failed to load policy [ 57.210458][ T4812] loop5: detected capacity change from 0 to 256 [ 57.292464][ T4815] loop5: detected capacity change from 0 to 512 [ 57.301829][ T4815] ext4: Unknown parameter 'obj_role' [ 57.438643][ T4827] loop1: detected capacity change from 0 to 764 [ 57.451360][ T4827] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 57.520780][ T4830] loop0: detected capacity change from 0 to 764 [ 57.531706][ T4830] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 57.540474][ T4830] Symlink component flag not implemented [ 57.547554][ T4830] Symlink component flag not implemented (7) [ 57.664449][ T4836] FAULT_INJECTION: forcing a failure. [ 57.664449][ T4836] name failslab, interval 1, probability 0, space 0, times 0 [ 57.677477][ T4836] CPU: 1 UID: 0 PID: 4836 Comm: syz.0.415 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 57.677524][ T4836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 57.677536][ T4836] Call Trace: [ 57.677542][ T4836] [ 57.677549][ T4836] __dump_stack+0x1d/0x30 [ 57.677570][ T4836] dump_stack_lvl+0xe8/0x140 [ 57.677589][ T4836] dump_stack+0x15/0x1b [ 57.677618][ T4836] should_fail_ex+0x265/0x280 [ 57.677673][ T4836] should_failslab+0x8c/0xb0 [ 57.677694][ T4836] __kmalloc_node_track_caller_noprof+0xa4/0x410 [ 57.677719][ T4836] ? xfrm_add_sa+0x1674/0x2410 [ 57.677758][ T4836] kmemdup_noprof+0x2b/0x70 [ 57.677778][ T4836] xfrm_add_sa+0x1674/0x2410 [ 57.677805][ T4836] xfrm_user_rcv_msg+0x566/0x660 [ 57.677888][ T4836] ? __kfree_skb+0x109/0x150 [ 57.677917][ T4836] ? nlmon_xmit+0x4f/0x60 [ 57.677981][ T4836] ? consume_skb+0x49/0x150 [ 57.678021][ T4836] netlink_rcv_skb+0x120/0x220 [ 57.678050][ T4836] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 57.678080][ T4836] xfrm_netlink_rcv+0x48/0x60 [ 57.678159][ T4836] netlink_unicast+0x5a5/0x680 [ 57.678185][ T4836] netlink_sendmsg+0x58b/0x6b0 [ 57.678325][ T4836] ? __pfx_netlink_sendmsg+0x10/0x10 [ 57.678412][ T4836] __sock_sendmsg+0x145/0x180 [ 57.678435][ T4836] ____sys_sendmsg+0x31e/0x4e0 [ 57.678467][ T4836] ___sys_sendmsg+0x17b/0x1d0 [ 57.678514][ T4836] __x64_sys_sendmsg+0xd4/0x160 [ 57.678595][ T4836] x64_sys_call+0x2999/0x2fb0 [ 57.678621][ T4836] do_syscall_64+0xd2/0x200 [ 57.678638][ T4836] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 57.678665][ T4836] ? clear_bhb_loop+0x40/0x90 [ 57.678734][ T4836] ? clear_bhb_loop+0x40/0x90 [ 57.678763][ T4836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.678783][ T4836] RIP: 0033:0x7fe64a67e929 [ 57.678796][ T4836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.678840][ T4836] RSP: 002b:00007fe648ce7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 57.678985][ T4836] RAX: ffffffffffffffda RBX: 00007fe64a8a5fa0 RCX: 00007fe64a67e929 [ 57.678996][ T4836] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000006 [ 57.679007][ T4836] RBP: 00007fe648ce7090 R08: 0000000000000000 R09: 0000000000000000 [ 57.679017][ T4836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 57.679028][ T4836] R13: 0000000000000000 R14: 00007fe64a8a5fa0 R15: 00007ffcac68a1d8 [ 57.679047][ T4836] [ 58.069284][ T4840] loop4: detected capacity change from 0 to 764 [ 58.111361][ T4840] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 58.133523][ T4840] Symlink component flag not implemented [ 58.153058][ T4844] loop0: detected capacity change from 0 to 128 [ 58.166585][ T4840] Symlink component flag not implemented (7) [ 58.281912][ T4851] syzkaller1: entered promiscuous mode [ 58.287495][ T4851] syzkaller1: entered allmulticast mode [ 58.479047][ T4856] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 58.486659][ T4856] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 58.541119][ T4860] syzkaller1: entered promiscuous mode [ 58.546951][ T4860] syzkaller1: entered allmulticast mode [ 58.563507][ T4856] vhci_hcd: invalid port number 0 [ 58.697274][ T4870] loop5: detected capacity change from 0 to 128 [ 58.704221][ T4870] EXT4-fs (loop5): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 58.727340][ T4870] FAULT_INJECTION: forcing a failure. [ 58.727340][ T4870] name failslab, interval 1, probability 0, space 0, times 0 [ 58.740001][ T4870] CPU: 0 UID: 0 PID: 4870 Comm: syz.5.426 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 58.740086][ T4870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 58.740099][ T4870] Call Trace: [ 58.740105][ T4870] [ 58.740112][ T4870] __dump_stack+0x1d/0x30 [ 58.740132][ T4870] dump_stack_lvl+0xe8/0x140 [ 58.740152][ T4870] dump_stack+0x15/0x1b [ 58.740194][ T4870] should_fail_ex+0x265/0x280 [ 58.740219][ T4870] should_failslab+0x8c/0xb0 [ 58.740238][ T4870] kmem_cache_alloc_node_noprof+0x57/0x320 [ 58.740335][ T4870] ? __alloc_skb+0x101/0x320 [ 58.740363][ T4870] __alloc_skb+0x101/0x320 [ 58.740393][ T4870] netlink_ack+0xfd/0x500 [ 58.740446][ T4870] ? __pfx_nldev_set_doit+0x10/0x10 [ 58.740472][ T4870] rdma_nl_rcv+0x284/0x5a0 [ 58.740496][ T4870] ? selinux_nlmsg_lookup+0x99/0x890 [ 58.740528][ T4870] netlink_unicast+0x5a5/0x680 [ 58.740685][ T4870] netlink_sendmsg+0x58b/0x6b0 [ 58.740707][ T4870] ? __pfx_netlink_sendmsg+0x10/0x10 [ 58.740724][ T4870] __sock_sendmsg+0x145/0x180 [ 58.740777][ T4870] ____sys_sendmsg+0x31e/0x4e0 [ 58.740813][ T4870] ___sys_sendmsg+0x17b/0x1d0 [ 58.740885][ T4870] __x64_sys_sendmsg+0xd4/0x160 [ 58.740957][ T4870] x64_sys_call+0x2999/0x2fb0 [ 58.740975][ T4870] do_syscall_64+0xd2/0x200 [ 58.741044][ T4870] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 58.741103][ T4870] ? clear_bhb_loop+0x40/0x90 [ 58.741126][ T4870] ? clear_bhb_loop+0x40/0x90 [ 58.741144][ T4870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.741196][ T4870] RIP: 0033:0x7fb2bf3ce929 [ 58.741209][ T4870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.741224][ T4870] RSP: 002b:00007fb2bda37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 58.741240][ T4870] RAX: ffffffffffffffda RBX: 00007fb2bf5f5fa0 RCX: 00007fb2bf3ce929 [ 58.741253][ T4870] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 58.741264][ T4870] RBP: 00007fb2bda37090 R08: 0000000000000000 R09: 0000000000000000 [ 58.741403][ T4870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.741416][ T4870] R13: 0000000000000000 R14: 00007fb2bf5f5fa0 R15: 00007ffd7b943c18 [ 58.741436][ T4870] [ 58.976864][ T29] kauditd_printk_skb: 80 callbacks suppressed [ 58.976932][ T29] audit: type=1326 audit(1752679555.779:1584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4874 comm="syz.1.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 59.007968][ T29] audit: type=1326 audit(1752679555.779:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4874 comm="syz.1.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 59.031765][ T29] audit: type=1326 audit(1752679555.779:1586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4874 comm="syz.1.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 59.055676][ T29] audit: type=1326 audit(1752679555.779:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4874 comm="syz.1.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 59.079311][ T29] audit: type=1326 audit(1752679555.779:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4874 comm="syz.1.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 59.102803][ T29] audit: type=1326 audit(1752679555.779:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4874 comm="syz.1.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 59.126183][ T29] audit: type=1326 audit(1752679555.779:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4874 comm="syz.1.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 59.149672][ T29] audit: type=1326 audit(1752679555.779:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4874 comm="syz.1.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 59.173605][ T29] audit: type=1326 audit(1752679555.779:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4874 comm="syz.1.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 59.197761][ T29] audit: type=1326 audit(1752679555.779:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4874 comm="syz.1.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 59.371239][ T4893] syzkaller1: entered promiscuous mode [ 59.376841][ T4893] syzkaller1: entered allmulticast mode [ 59.442902][ T4906] loop0: detected capacity change from 0 to 1024 [ 59.464449][ T4906] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 59.494505][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.775407][ T4923] loop0: detected capacity change from 0 to 128 [ 59.782421][ T4923] EXT4-fs (loop0): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 59.837344][ T4938] loop4: detected capacity change from 0 to 764 [ 59.845542][ T4938] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 59.862096][ T4942] loop0: detected capacity change from 0 to 764 [ 59.882617][ T4938] Symlink component flag not implemented [ 59.901741][ T4938] Symlink component flag not implemented (7) [ 59.909097][ T4942] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 59.958624][ T4942] Symlink component flag not implemented [ 59.964412][ T4942] Symlink component flag not implemented (7) [ 60.137250][ T4958] syzkaller1: entered promiscuous mode [ 60.142755][ T4958] syzkaller1: entered allmulticast mode [ 60.396480][ T4971] netlink: 16 bytes leftover after parsing attributes in process `syz.0.464'. [ 60.405469][ T4971] netlink: 16 bytes leftover after parsing attributes in process `syz.0.464'. [ 60.414556][ T4971] netlink: 16 bytes leftover after parsing attributes in process `syz.0.464'. [ 60.426786][ T4969] loop2: detected capacity change from 0 to 764 [ 60.434298][ T4969] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 60.444726][ T4973] netlink: 12 bytes leftover after parsing attributes in process `syz.4.465'. [ 60.475477][ T4973] netlink: 52 bytes leftover after parsing attributes in process `syz.4.465'. [ 60.502346][ T4977] loop0: detected capacity change from 0 to 2048 [ 60.511140][ T4975] loop2: detected capacity change from 0 to 764 [ 60.520082][ T4975] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 60.530920][ T4975] Symlink component flag not implemented [ 60.546713][ T4975] Symlink component flag not implemented (7) [ 60.546831][ T4977] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 60.596211][ T4985] loop1: detected capacity change from 0 to 764 [ 60.604473][ T4985] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 60.622421][ T4985] Symlink component flag not implemented [ 60.637632][ T4985] Symlink component flag not implemented (7) [ 60.656880][ T4990] loop4: detected capacity change from 0 to 764 [ 60.662929][ T4991] netlink: 'syz.2.473': attribute type 27 has an invalid length. [ 60.673384][ T4990] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 60.682336][ T4990] Symlink component flag not implemented [ 60.688030][ T4990] Symlink component flag not implemented (7) [ 60.714598][ T4991] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.722087][ T4991] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.778876][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.807339][ T4998] FAULT_INJECTION: forcing a failure. [ 60.807339][ T4998] name failslab, interval 1, probability 0, space 0, times 0 [ 60.813459][ T4991] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 60.820245][ T4998] CPU: 0 UID: 0 PID: 4998 Comm: syz.4.476 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 60.820274][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 60.820288][ T4998] Call Trace: [ 60.820296][ T4998] [ 60.820305][ T4998] __dump_stack+0x1d/0x30 [ 60.820403][ T4998] dump_stack_lvl+0xe8/0x140 [ 60.820422][ T4998] dump_stack+0x15/0x1b [ 60.820438][ T4998] should_fail_ex+0x265/0x280 [ 60.820469][ T4998] should_failslab+0x8c/0xb0 [ 60.820565][ T4998] kmem_cache_alloc_noprof+0x50/0x310 [ 60.820591][ T4998] ? fcntl_dirnotify+0x1b9/0x590 [ 60.820644][ T4998] fcntl_dirnotify+0x1b9/0x590 [ 60.820681][ T4998] ? vfs_write+0x75e/0x8e0 [ 60.820712][ T4998] do_fcntl+0x53b/0xdf0 [ 60.820739][ T4998] ? selinux_file_fcntl+0x1b4/0x1e0 [ 60.820765][ T4998] __se_sys_fcntl+0xb1/0x120 [ 60.820788][ T4998] __x64_sys_fcntl+0x43/0x50 [ 60.820810][ T4998] x64_sys_call+0x1f1d/0x2fb0 [ 60.820831][ T4998] do_syscall_64+0xd2/0x200 [ 60.820869][ T4998] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 60.820974][ T4998] ? clear_bhb_loop+0x40/0x90 [ 60.821007][ T4998] ? clear_bhb_loop+0x40/0x90 [ 60.821028][ T4998] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.821124][ T4998] RIP: 0033:0x7fd460eae929 [ 60.821140][ T4998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.821157][ T4998] RSP: 002b:00007fd45f517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 60.821176][ T4998] RAX: ffffffffffffffda RBX: 00007fd4610d5fa0 RCX: 00007fd460eae929 [ 60.821188][ T4998] RDX: 848234f1c7d17d24 RSI: 0000000000000402 RDI: 0000000000000006 [ 60.821208][ T4998] RBP: 00007fd45f517090 R08: 0000000000000000 R09: 0000000000000000 [ 60.821220][ T4998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 60.821270][ T4998] R13: 0000000000000000 R14: 00007fd4610d5fa0 R15: 00007ffc476a3f18 [ 60.821288][ T4998] [ 60.954623][ T5001] loop4: detected capacity change from 0 to 764 [ 60.979143][ T4991] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 61.041983][ T5001] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 61.079552][ T4991] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.088656][ T4991] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.097572][ T4991] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.107063][ T4991] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.217389][ T4994] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.218648][ T4994] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.228947][ T4994] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 61.305828][ T5014] syzkaller1: tun_chr_ioctl cmd 2148553947 [ 61.416964][ T5021] loop2: detected capacity change from 0 to 764 [ 61.445568][ T5021] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 61.457821][ T5024] loop4: detected capacity change from 0 to 1024 [ 61.465832][ T5021] Symlink component flag not implemented [ 61.478385][ T5021] Symlink component flag not implemented (7) [ 61.493250][ T5027] netlink: 12 bytes leftover after parsing attributes in process `syz.0.486'. [ 61.498265][ T5024] EXT4-fs: Ignoring removed bh option [ 61.586415][ T5024] EXT4-fs: inline encryption not supported [ 61.603135][ T5031] loop1: detected capacity change from 0 to 764 [ 61.631556][ T5027] netlink: 52 bytes leftover after parsing attributes in process `syz.0.486'. [ 61.645573][ T5031] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 61.657357][ T5031] Symlink component flag not implemented [ 61.663614][ T5024] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 61.677646][ T5031] Symlink component flag not implemented (7) [ 61.685817][ T5024] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 61.696849][ T5024] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.480: lblock 2 mapped to illegal pblock 2 (length 1) [ 61.713266][ T5024] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 48: comm syz.4.480: lblock 0 mapped to illegal pblock 48 (length 1) [ 61.728825][ T5024] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.480: Failed to acquire dquot type 0 [ 61.740246][ T5024] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 61.751248][ T5024] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.480: mark_inode_dirty error [ 61.765430][ T5024] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 61.775936][ T5024] EXT4-fs (loop4): 1 orphan inode deleted [ 61.782496][ T5024] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 61.822436][ T58] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 61.937383][ T58] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0 [ 61.964474][ T5039] loop5: detected capacity change from 0 to 1024 [ 62.030795][ T5008] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 48: comm syz.4.480: lblock 0 mapped to illegal pblock 48 (length 1) [ 62.036208][ T5050] loop0: detected capacity change from 0 to 512 [ 62.059968][ T5050] loop0: detected capacity change from 0 to 1024 [ 62.067093][ T5050] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities [ 62.083271][ T5050] netlink: 80 bytes leftover after parsing attributes in process `syz.0.494'. [ 62.183785][ T5057] pim6reg1: entered promiscuous mode [ 62.189194][ T5057] pim6reg1: entered allmulticast mode [ 62.197511][ T5064] loop0: detected capacity change from 0 to 128 [ 62.204508][ T5064] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 62.220283][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.229780][ T5060] loop5: detected capacity change from 0 to 764 [ 62.238702][ T5064] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 62.257571][ T5060] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 62.268659][ T5060] Symlink component flag not implemented [ 62.275631][ T5060] Symlink component flag not implemented (7) [ 62.573541][ T5086] loop0: detected capacity change from 0 to 1024 [ 63.057665][ T5107] loop5: detected capacity change from 0 to 764 [ 63.070808][ T5106] loop4: detected capacity change from 0 to 764 [ 63.081928][ T5106] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 63.093718][ T5107] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 63.108206][ T5106] Symlink component flag not implemented [ 63.122570][ T5106] Symlink component flag not implemented (7) [ 63.138432][ T5113] loop1: detected capacity change from 0 to 764 [ 63.148685][ T5112] loop0: detected capacity change from 0 to 764 [ 63.156613][ T5113] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 63.165853][ T5113] Symlink component flag not implemented [ 63.171729][ T5113] Symlink component flag not implemented (7) [ 63.181463][ T5117] SELinux: syz.5.518 (5117) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 63.221877][ T5112] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 63.240269][ T5123] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5123 comm=syz.5.520 [ 63.252776][ T5123] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5123 comm=syz.5.520 [ 63.306391][ T5112] Symlink component flag not implemented [ 63.317087][ T5112] Symlink component flag not implemented (7) [ 63.362188][ T5131] loop4: detected capacity change from 0 to 512 [ 63.370295][ T5131] ext4: Unknown parameter 'obj_role' [ 63.451999][ T5129] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 63.460598][ T5129] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 63.466679][ T5138] loop0: detected capacity change from 0 to 512 [ 63.479806][ T5138] ext4: Unknown parameter 'obj_role' [ 63.512835][ T5139] loop4: detected capacity change from 0 to 8192 [ 63.699479][ T5147] loop0: detected capacity change from 0 to 764 [ 63.720420][ T5147] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 63.796739][ T5149] loop5: detected capacity change from 0 to 764 [ 63.804466][ T5149] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 63.831315][ T5151] loop0: detected capacity change from 0 to 764 [ 63.843871][ T29] kauditd_printk_skb: 595 callbacks suppressed [ 63.843927][ T29] audit: type=1400 audit(1752679560.892:2185): avc: denied { create } for pid=5152 comm="syz.5.532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 63.853325][ T29] audit: type=1400 audit(1752679560.892:2186): avc: denied { connect } for pid=5152 comm="syz.5.532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 63.893451][ T29] audit: type=1400 audit(1752679560.924:2187): avc: denied { ioctl } for pid=5152 comm="syz.5.532" path="socket:[10432]" dev="sockfs" ino=10432 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 63.919959][ T5151] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 63.957455][ T5155] loop5: detected capacity change from 0 to 764 [ 63.972373][ T5155] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 63.975832][ T5157] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5157 comm=syz.1.534 [ 63.992973][ T5157] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5157 comm=syz.1.534 [ 63.993115][ T5151] Symlink component flag not implemented [ 64.012965][ T5151] Symlink component flag not implemented (7) [ 64.020101][ T5155] Symlink component flag not implemented [ 64.026085][ T5155] Symlink component flag not implemented (7) [ 64.067843][ T5161] loop1: detected capacity change from 0 to 2048 [ 64.074699][ T29] audit: type=1400 audit(1752679561.113:2188): avc: denied { read } for pid=5158 comm="syz.1.535" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 64.099034][ T29] audit: type=1400 audit(1752679561.113:2189): avc: denied { open } for pid=5158 comm="syz.1.535" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 64.136565][ T5161] loop1: p4 < > [ 64.195949][ T5166] netlink: 20 bytes leftover after parsing attributes in process `syz.1.535'. [ 64.233686][ T5166] Cannot find add_set index 0 as target [ 64.577117][ T29] audit: type=1400 audit(1752679561.616:2190): avc: denied { create } for pid=5177 comm="syz.5.540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 64.596942][ T29] audit: type=1400 audit(1752679561.616:2191): avc: denied { setopt } for pid=5177 comm="syz.5.540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 64.616659][ T29] audit: type=1400 audit(1752679561.627:2192): avc: denied { bind } for pid=5177 comm="syz.5.540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 64.925297][ T29] audit: type=1400 audit(1752679562.026:2193): avc: denied { ioctl } for pid=5173 comm="syz.4.539" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xb704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 64.953707][ T5180] loop4: detected capacity change from 0 to 512 [ 65.000309][ T5180] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.028259][ T5191] loop1: detected capacity change from 0 to 512 [ 65.046803][ T5191] ext4: Unknown parameter 'obj_role' [ 65.059598][ T5180] ext4 filesystem being mounted at /97/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 65.100558][ T5193] loop1: detected capacity change from 0 to 764 [ 65.115064][ T5193] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 65.192805][ T5196] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5196 comm=syz.5.545 [ 65.205519][ T5196] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5196 comm=syz.5.545 [ 65.256888][ T5202] loop5: detected capacity change from 0 to 512 [ 65.263662][ T5202] ext4: Unknown parameter 'obj_role' [ 65.280265][ T5203] loop1: detected capacity change from 0 to 764 [ 65.294989][ T5207] loop5: detected capacity change from 0 to 512 [ 65.302740][ T5207] ext4: Unknown parameter 'obj_role' [ 65.309396][ T5203] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 65.319339][ T5203] Symlink component flag not implemented [ 65.325088][ T5203] Symlink component flag not implemented (7) [ 65.371283][ T5216] loop0: detected capacity change from 0 to 764 [ 65.404009][ T5216] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 65.426613][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.436673][ T5216] Symlink component flag not implemented [ 65.443655][ T5216] Symlink component flag not implemented (7) [ 65.481743][ T5222] loop4: detected capacity change from 0 to 128 [ 65.498928][ T5224] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5224 comm=syz.0.558 [ 65.511450][ T5224] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5224 comm=syz.0.558 [ 65.986214][ T5217] loop1: detected capacity change from 0 to 2048 [ 66.303227][ T5237] loop2: detected capacity change from 0 to 764 [ 66.310691][ T5237] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 66.316670][ T5239] loop5: detected capacity change from 0 to 764 [ 66.334905][ T5239] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 66.423924][ T5246] loop5: detected capacity change from 0 to 764 [ 66.462635][ T5246] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 66.562098][ T29] audit: type=1326 audit(1752679563.748:2194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5264 comm="syz.4.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd460eae929 code=0x7ffc0000 [ 66.618179][ T5265] loop4: detected capacity change from 0 to 512 [ 66.634093][ T5265] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.660074][ T5265] ext4 filesystem being mounted at /101/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 66.666402][ T5270] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 66.679131][ T5270] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 66.730932][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.764054][ T5273] loop4: detected capacity change from 0 to 764 [ 66.775527][ T5263] loop1: detected capacity change from 0 to 2048 [ 66.782707][ T5273] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 66.792449][ T5273] Symlink component flag not implemented [ 66.798231][ T5273] Symlink component flag not implemented (7) [ 67.148221][ T5293] syzkaller1: entered promiscuous mode [ 67.153816][ T5293] syzkaller1: entered allmulticast mode [ 67.212907][ T5298] loop0: detected capacity change from 0 to 764 [ 67.220167][ T5298] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 67.229999][ T5298] Symlink component flag not implemented [ 67.232126][ T5302] loop2: detected capacity change from 0 to 512 [ 67.242178][ T5298] Symlink component flag not implemented (7) [ 67.248852][ T5302] ext4: Unknown parameter 'obj_role' [ 67.410067][ T5306] loop1: detected capacity change from 0 to 2048 [ 67.443672][ T5313] loop0: detected capacity change from 0 to 764 [ 67.452837][ T5313] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 67.462251][ T5313] Symlink component flag not implemented [ 67.468256][ T5313] Symlink component flag not implemented (7) [ 67.658510][ T5335] syzkaller1: entered promiscuous mode [ 67.664373][ T5335] syzkaller1: entered allmulticast mode [ 67.691229][ T5339] loop0: detected capacity change from 0 to 764 [ 67.704638][ T5339] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 67.713470][ T5339] Symlink component flag not implemented [ 67.720263][ T5339] Symlink component flag not implemented (7) [ 67.845353][ T5343] loop0: detected capacity change from 0 to 764 [ 67.853470][ T5343] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 67.862723][ T5343] Symlink component flag not implemented [ 67.889850][ T5343] Symlink component flag not implemented (7) [ 67.896106][ T5340] netlink: 3 bytes leftover after parsing attributes in process `syz.2.600'. [ 67.905282][ T5340] 0X: renamed from caif0 [ 67.912520][ T5340] 0X: entered allmulticast mode [ 67.918860][ T5340] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 68.185375][ T5367] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5367 comm=syz.0.613 [ 68.198233][ T5367] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5367 comm=syz.0.613 [ 68.224343][ T5369] loop1: detected capacity change from 0 to 764 [ 68.232519][ T5369] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 68.242580][ T5369] Symlink component flag not implemented [ 68.248548][ T5369] Symlink component flag not implemented (7) [ 68.258101][ T5371] syzkaller1: entered promiscuous mode [ 68.264050][ T5371] syzkaller1: entered allmulticast mode [ 68.295791][ T5373] 9pnet: Could not find request transport: tcp޿$GZR9 r3@#hqnlN [ 68.477819][ T5389] loop0: detected capacity change from 0 to 128 [ 68.510244][ T5393] loop2: detected capacity change from 0 to 764 [ 68.518421][ T5393] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 68.529190][ T5393] Symlink component flag not implemented [ 68.535221][ T5393] Symlink component flag not implemented (7) [ 68.793664][ T5397] loop1: detected capacity change from 0 to 764 [ 68.811779][ T5397] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 68.838481][ T5397] Symlink component flag not implemented [ 68.844790][ T5397] Symlink component flag not implemented (7) [ 69.461899][ T5410] 9pnet: Could not find request transport: tcp޿$GZR9 r3@#hqnlN [ 69.570700][ T5425] loop1: detected capacity change from 0 to 764 [ 69.586732][ T5425] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 69.759306][ T5449] syzkaller1: entered promiscuous mode [ 69.765316][ T5449] syzkaller1: entered allmulticast mode [ 69.887537][ T5461] loop5: detected capacity change from 0 to 764 [ 69.895217][ T5461] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 69.909162][ T5459] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 69.925005][ T5459] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 70.063878][ T5469] loop5: detected capacity change from 0 to 764 [ 70.080773][ T5469] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 70.114948][ T29] kauditd_printk_skb: 163 callbacks suppressed [ 70.114963][ T29] audit: type=1326 audit(1752679567.475:2358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5474 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 70.145252][ T29] audit: type=1326 audit(1752679567.475:2359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5474 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 70.171244][ T29] audit: type=1326 audit(1752679567.538:2360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5474 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 70.194706][ T29] audit: type=1326 audit(1752679567.538:2361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5474 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 70.218354][ T29] audit: type=1326 audit(1752679567.538:2362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5474 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 70.241702][ T29] audit: type=1326 audit(1752679567.538:2363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5474 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe64a67e929 code=0x7ffc0000 [ 70.265342][ T29] audit: type=1326 audit(1752679567.538:2364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5474 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe64a67e963 code=0x7ffc0000 [ 70.265440][ T5475] loop0: detected capacity change from 0 to 2048 [ 70.288841][ T29] audit: type=1326 audit(1752679567.612:2365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5474 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe64a67d3df code=0x7ffc0000 [ 70.318658][ T29] audit: type=1326 audit(1752679567.633:2366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5474 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe64a67e9b7 code=0x7ffc0000 [ 70.341883][ T29] audit: type=1326 audit(1752679567.633:2367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5474 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe64a67d290 code=0x7ffc0000 [ 70.403777][ T5477] syzkaller1: entered promiscuous mode [ 70.409360][ T5477] syzkaller1: entered allmulticast mode [ 70.418112][ T5475] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.724289][ T5504] netlink: 'syz.4.670': attribute type 4 has an invalid length. [ 70.742389][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.757847][ T5504] netlink: 'syz.4.670': attribute type 4 has an invalid length. [ 70.779993][ T5504] loop4: detected capacity change from 0 to 2048 [ 70.827446][ T5504] Alternate GPT is invalid, using primary GPT. [ 70.834230][ T5504] loop4: p2 p3 p7 [ 70.868432][ T5513] netlink: 'syz.5.673': attribute type 4 has an invalid length. [ 71.021632][ T5524] syzkaller1: entered promiscuous mode [ 71.027278][ T5524] syzkaller1: entered allmulticast mode [ 71.128681][ T5533] loop5: detected capacity change from 0 to 2048 [ 71.139258][ T5533] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.231276][ T5538] loop4: detected capacity change from 0 to 764 [ 71.240241][ T5538] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 71.250466][ T5540] loop2: detected capacity change from 0 to 128 [ 71.258098][ T5538] Symlink component flag not implemented [ 71.263884][ T5538] Symlink component flag not implemented (7) [ 71.967802][ T4619] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.072868][ T5556] loop9: detected capacity change from 0 to 7 [ 72.079969][ T5556] Buffer I/O error on dev loop9, logical block 0, async page read [ 72.087989][ T5556] Buffer I/O error on dev loop9, logical block 0, async page read [ 72.096704][ T5556] loop9: unable to read partition table [ 72.104274][ T5556] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 72.104274][ T5556] ) failed (rc=-5) [ 72.145572][ T5559] netlink: 'syz.5.688': attribute type 4 has an invalid length. [ 72.158110][ T5559] netlink: 'syz.5.688': attribute type 4 has an invalid length. [ 72.175425][ T5559] loop5: detected capacity change from 0 to 2048 [ 72.200807][ T5561] netlink: 'syz.4.689': attribute type 4 has an invalid length. [ 72.237347][ T5559] Alternate GPT is invalid, using primary GPT. [ 72.243785][ T5559] loop5: p2 p3 p7 [ 72.313304][ T5568] syzkaller1: entered promiscuous mode [ 72.318974][ T5568] syzkaller1: entered allmulticast mode [ 72.367340][ T5573] loop0: detected capacity change from 0 to 764 [ 72.382639][ T5573] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 72.394604][ T5574] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5574 comm=syz.4.693 [ 72.406998][ T5574] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5574 comm=syz.4.693 [ 72.446949][ T5578] SET target dimension over the limit! [ 72.490835][ T5581] loop5: detected capacity change from 0 to 1024 [ 72.497745][ T5581] EXT4-fs: inline encryption not supported [ 72.503808][ T5581] EXT4-fs: Ignoring removed i_version option [ 72.511878][ T5581] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 72.525741][ T5581] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #3: block 1: comm syz.5.697: lblock 1 mapped to illegal pblock 1 (length 1) [ 72.541089][ T5581] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.697: Failed to acquire dquot type 0 [ 72.552509][ T5581] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.697: Freeing blocks not in datazone - block = 0, count = 4096 [ 72.567431][ T5586] netlink: 'syz.2.699': attribute type 10 has an invalid length. [ 72.575286][ T5581] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.697: Invalid inode bitmap blk 0 in block_group 0 [ 72.575572][ T5586] team0: Device dummy0 is up. Set it down before adding it as a team port [ 72.590931][ T5581] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem [ 72.607799][ T5581] EXT4-fs (loop5): 1 orphan inode deleted [ 72.613377][ T12] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 72.614030][ T5581] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.631087][ T12] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 0 [ 72.722992][ T5581] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm syz.5.697: lblock 1 mapped to illegal pblock 1 (length 1) [ 72.753892][ T5581] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.697: Failed to acquire dquot type 0 [ 72.786732][ T5593] loop4: detected capacity change from 0 to 128 [ 72.868288][ T5581] netlink: 4268 bytes leftover after parsing attributes in process `syz.5.697'. [ 72.887878][ T5581] netlink: 4268 bytes leftover after parsing attributes in process `syz.5.697'. [ 73.964762][ T5609] loop4: detected capacity change from 0 to 2048 [ 74.009482][ T5604] loop1: detected capacity change from 0 to 2048 [ 74.023551][ T5609] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.060070][ T5611] loop9: detected capacity change from 0 to 7 [ 74.070639][ T5611] Buffer I/O error on dev loop9, logical block 0, async page read [ 74.088693][ T5611] Buffer I/O error on dev loop9, logical block 0, async page read [ 74.096790][ T5611] loop9: unable to read partition table [ 74.102651][ T5611] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 74.102651][ T5611] ) failed (rc=-5) [ 74.158366][ T4619] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.175568][ T58] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 74.261414][ T5604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.703'. [ 74.272978][ T5620] loop2: detected capacity change from 0 to 764 [ 74.289746][ T58] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0 [ 74.302690][ T5620] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 74.344601][ T5604] ip6gre1: entered allmulticast mode [ 74.412800][ T5626] syzkaller1: entered promiscuous mode [ 74.418414][ T5626] syzkaller1: entered allmulticast mode [ 74.574504][ T5636] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 74.583339][ T5636] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 75.216319][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.340417][ T5649] loop5: detected capacity change from 0 to 2048 [ 75.372988][ T5655] netlink: 'syz.4.718': attribute type 4 has an invalid length. [ 75.595057][ T5659] loop4: detected capacity change from 0 to 764 [ 75.628015][ T5659] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 75.637354][ T5649] Alternate GPT is invalid, using primary GPT. [ 75.643720][ T5649] loop5: p2 p3 p7 [ 75.855812][ T5667] syzkaller1: entered promiscuous mode [ 75.861529][ T5667] syzkaller1: entered allmulticast mode [ 76.127027][ T5676] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5676 comm=syz.2.727 [ 76.139520][ T5676] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5676 comm=syz.2.727 [ 76.741767][ T29] kauditd_printk_skb: 182 callbacks suppressed [ 76.741782][ T29] audit: type=1326 audit(1752679574.436:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5685 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2bf3ce929 code=0x7ffc0000 [ 76.771568][ T29] audit: type=1326 audit(1752679574.436:2545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5685 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2bf3ce929 code=0x7ffc0000 [ 76.795430][ T29] audit: type=1326 audit(1752679574.436:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5685 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fb2bf3ce929 code=0x7ffc0000 [ 76.818875][ T29] audit: type=1326 audit(1752679574.436:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5685 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2bf3ce929 code=0x7ffc0000 [ 76.842190][ T29] audit: type=1326 audit(1752679574.436:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5685 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2bf3ce929 code=0x7ffc0000 [ 76.865896][ T29] audit: type=1326 audit(1752679574.499:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5685 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2bf3ce929 code=0x7ffc0000 [ 76.889564][ T29] audit: type=1326 audit(1752679574.499:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5685 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2bf3ce929 code=0x7ffc0000 [ 76.913378][ T29] audit: type=1326 audit(1752679574.499:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5685 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2bf3ce929 code=0x7ffc0000 [ 76.936995][ T29] audit: type=1326 audit(1752679574.562:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5685 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7fb2bf3ce929 code=0x7ffc0000 [ 76.960492][ T29] audit: type=1326 audit(1752679574.562:2553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5685 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2bf3ce929 code=0x7ffc0000 [ 76.997837][ T5688] loop4: detected capacity change from 0 to 764 [ 77.005333][ T5688] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 77.014631][ T5688] Symlink component flag not implemented [ 77.020538][ T5688] Symlink component flag not implemented (7) [ 77.026082][ T5693] loop5: detected capacity change from 0 to 764 [ 77.034376][ T5693] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 77.122943][ T5707] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5707 comm=syz.5.740 [ 77.135464][ T5707] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5707 comm=syz.5.740 [ 77.203447][ T5702] loop4: detected capacity change from 0 to 2048 [ 77.227641][ T5712] loop5: detected capacity change from 0 to 2048 [ 77.253808][ T5712] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.281927][ T4619] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.311263][ T5717] netlink: 8 bytes leftover after parsing attributes in process `syz.4.736'. [ 77.326464][ T5720] netlink: 'syz.0.744': attribute type 4 has an invalid length. [ 77.339073][ T5720] netlink: 'syz.0.744': attribute type 4 has an invalid length. [ 77.380454][ T5720] loop0: detected capacity change from 0 to 2048 [ 77.413129][ T5717] ip6gre1: entered allmulticast mode [ 77.435777][ T5720] Alternate GPT is invalid, using primary GPT. [ 77.442327][ T5720] loop0: p2 p3 p7 [ 77.490723][ T5728] loop5: detected capacity change from 0 to 764 [ 77.527603][ T5728] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 77.572982][ T5730] loop0: detected capacity change from 0 to 764 [ 77.601272][ T5730] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 77.623661][ T5730] Symlink component flag not implemented [ 77.641887][ T5730] Symlink component flag not implemented (7) [ 77.736863][ T5743] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5743 comm=syz.0.753 [ 77.749371][ T5743] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5743 comm=syz.0.753 [ 77.776763][ T5746] loop5: detected capacity change from 0 to 2048 [ 77.822564][ T5746] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.852177][ T4619] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.869039][ T5753] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 77.914953][ T5758] loop5: detected capacity change from 0 to 764 [ 77.922169][ T5758] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 77.946870][ T5753] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 77.999122][ T5763] netlink: 'syz.4.758': attribute type 4 has an invalid length. [ 77.999794][ T5762] syzkaller1: entered promiscuous mode [ 78.013016][ T5762] syzkaller1: entered allmulticast mode [ 78.033372][ T5763] netlink: 'syz.4.758': attribute type 4 has an invalid length. [ 78.053171][ T5763] loop4: detected capacity change from 0 to 2048 [ 78.083529][ T5763] Alternate GPT is invalid, using primary GPT. [ 78.090011][ T5763] loop4: p2 p3 p7 [ 78.162306][ T5768] loop4: detected capacity change from 0 to 764 [ 78.170647][ T5768] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 78.179973][ T5768] Symlink component flag not implemented [ 78.187372][ T5768] Symlink component flag not implemented (7) [ 78.371095][ T5779] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5779 comm=syz.2.767 [ 78.383547][ T5779] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5779 comm=syz.2.767 [ 78.400125][ T5780] loop4: detected capacity change from 0 to 2048 [ 78.451995][ T5793] netlink: 'syz.1.773': attribute type 4 has an invalid length. [ 78.465503][ T5780] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.474159][ T5793] loop1: detected capacity change from 0 to 2048 [ 78.497782][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.512238][ T5789] loop2: detected capacity change from 0 to 1024 [ 78.528149][ T5789] EXT4-fs: inline encryption not supported [ 78.534093][ T5789] EXT4-fs: Ignoring removed i_version option [ 78.544375][ T5789] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 78.559895][ T5789] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #3: block 1: comm syz.2.772: lblock 1 mapped to illegal pblock 1 (length 1) [ 78.578435][ T5793] Alternate GPT is invalid, using primary GPT. [ 78.584976][ T5793] loop1: p2 p3 p7 [ 78.610222][ T5789] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.772: Failed to acquire dquot type 0 [ 78.726787][ T5789] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.772: Freeing blocks not in datazone - block = 0, count = 4096 [ 78.742202][ T5789] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.772: Invalid inode bitmap blk 0 in block_group 0 [ 78.755485][ T5789] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 78.764267][ T177] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1) [ 78.780456][ T177] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0 [ 78.792307][ T5789] EXT4-fs (loop2): 1 orphan inode deleted [ 78.799910][ T5789] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.808365][ T5800] loop1: detected capacity change from 0 to 764 [ 78.814810][ T5789] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm syz.2.772: lblock 1 mapped to illegal pblock 1 (length 1) [ 78.833662][ T5800] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 78.834711][ T5789] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.772: Failed to acquire dquot type 0 [ 78.867594][ T5789] netlink: 4268 bytes leftover after parsing attributes in process `syz.2.772'. [ 78.870942][ T5800] Symlink component flag not implemented [ 78.878231][ T5789] netlink: 4268 bytes leftover after parsing attributes in process `syz.2.772'. [ 78.900148][ T5800] Symlink component flag not implemented (7) [ 78.929880][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.005936][ T5806] syzkaller1: entered promiscuous mode [ 79.011779][ T5806] syzkaller1: entered allmulticast mode [ 79.075910][ T5808] netlink: 'syz.1.778': attribute type 16 has an invalid length. [ 79.083717][ T5808] netlink: 'syz.1.778': attribute type 17 has an invalid length. [ 79.167763][ T5808] 0X: left allmulticast mode [ 79.172736][ T5808] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 79.329087][ T5822] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5822 comm=syz.1.784 [ 79.341659][ T5822] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5822 comm=syz.1.784 [ 79.440849][ T5828] loop5: detected capacity change from 0 to 2048 [ 79.547914][ T5828] Alternate GPT is invalid, using primary GPT. [ 79.554299][ T5828] loop5: p2 p3 p7 [ 79.828717][ T5859] loop4: detected capacity change from 0 to 764 [ 79.837335][ T5859] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 80.197424][ T5872] loop2: detected capacity change from 0 to 2048 [ 80.340569][ T5872] Alternate GPT is invalid, using primary GPT. [ 80.347049][ T5872] loop2: p2 p3 p7 [ 80.569161][ T5876] loop2: detected capacity change from 0 to 2048 [ 80.587969][ T5876] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.652924][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.811695][ T5895] loop0: detected capacity change from 0 to 764 [ 80.842943][ T5895] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 80.890402][ T5888] loop2: detected capacity change from 0 to 2048 [ 80.926068][ T5897] loop0: detected capacity change from 0 to 764 [ 80.936797][ T5897] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 80.949647][ T5897] Symlink component flag not implemented [ 80.956541][ T5897] Symlink component flag not implemented (7) [ 81.049724][ T5902] loop0: detected capacity change from 0 to 2048 [ 81.092810][ T5902] Alternate GPT is invalid, using primary GPT. [ 81.099165][ T5902] loop0: p2 p3 p7 [ 81.099505][ T5908] loop4: detected capacity change from 0 to 2048 [ 81.120313][ T5908] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.153135][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.222759][ T5922] selinux_netlink_send: 4 callbacks suppressed [ 81.222776][ T5922] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5922 comm=syz.4.827 [ 81.241782][ T5922] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5922 comm=syz.4.827 [ 81.266880][ T5924] loop0: detected capacity change from 0 to 764 [ 81.275326][ T5924] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 81.285807][ T5924] Symlink component flag not implemented [ 81.291979][ T5924] Symlink component flag not implemented (7) [ 81.296806][ T5926] loop4: detected capacity change from 0 to 764 [ 81.305319][ T5926] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 81.315036][ T5927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 81.323613][ T5927] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 81.716762][ T5939] loop5: detected capacity change from 0 to 2048 [ 81.753801][ T29] kauditd_printk_skb: 371 callbacks suppressed [ 81.753815][ T29] audit: type=1326 audit(1752679579.696:2920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5940 comm="syz.1.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 81.763083][ T5941] loop1: detected capacity change from 0 to 2048 [ 81.790981][ T29] audit: type=1326 audit(1752679579.696:2921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5940 comm="syz.1.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 81.814655][ T29] audit: type=1326 audit(1752679579.696:2922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5940 comm="syz.1.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 81.838107][ T29] audit: type=1326 audit(1752679579.696:2923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5940 comm="syz.1.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 81.842467][ T5939] Alternate GPT is invalid, using primary GPT. [ 81.861532][ T29] audit: type=1326 audit(1752679579.696:2924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5940 comm="syz.1.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 81.868017][ T5939] loop5: p2 p3 p7 [ 81.892019][ T29] audit: type=1326 audit(1752679579.696:2925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5940 comm="syz.1.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7efdc45be929 code=0x7ffc0000 [ 81.919165][ T29] audit: type=1326 audit(1752679579.696:2926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5940 comm="syz.1.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7efdc45be963 code=0x7ffc0000 [ 81.942326][ T29] audit: type=1326 audit(1752679579.707:2927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5940 comm="syz.1.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7efdc45bd3df code=0x7ffc0000 [ 81.965520][ T29] audit: type=1326 audit(1752679579.707:2928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5940 comm="syz.1.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7efdc45be9b7 code=0x7ffc0000 [ 81.988943][ T29] audit: type=1326 audit(1752679579.707:2929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5940 comm="syz.1.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efdc45bd290 code=0x7ffc0000 [ 82.015099][ T5941] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.070291][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.173804][ T5953] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5953 comm=syz.0.839 [ 82.186303][ T5953] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5953 comm=syz.0.839 [ 82.244632][ T5945] loop5: detected capacity change from 0 to 2048 [ 82.309719][ T5957] loop1: detected capacity change from 0 to 764 [ 82.340555][ T5957] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 82.421597][ T5966] syzkaller1: entered promiscuous mode [ 82.427321][ T5966] syzkaller1: entered allmulticast mode [ 82.465739][ T5968] loop1: detected capacity change from 0 to 2048 [ 82.469738][ T5969] netlink: 'syz.4.845': attribute type 16 has an invalid length. [ 82.479966][ T5969] netlink: 'syz.4.845': attribute type 17 has an invalid length. [ 82.480492][ T5968] EXT4-fs: Ignoring removed bh option [ 82.521297][ T5969] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 82.521698][ T5968] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.707609][ T5976] loop5: detected capacity change from 0 to 2048 [ 82.777238][ T5976] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.837792][ T5984] loop4: detected capacity change from 0 to 2048 [ 82.853508][ T4619] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.901346][ T5984] Alternate GPT is invalid, using primary GPT. [ 82.907856][ T5984] loop4: p2 p3 p7 [ 83.021212][ T5990] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5990 comm=syz.4.851 [ 83.034120][ T5990] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5990 comm=syz.4.851 [ 83.225302][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.250444][ T5997] loop1: detected capacity change from 0 to 764 [ 83.272451][ T5997] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 83.497461][ T6000] loop1: detected capacity change from 0 to 2048 [ 83.606573][ T6001] netlink: 8 bytes leftover after parsing attributes in process `syz.1.855'. [ 83.801535][ T6005] loop0: detected capacity change from 0 to 764 [ 83.816272][ T6005] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 83.827164][ T6005] Symlink component flag not implemented [ 83.834836][ T6005] Symlink component flag not implemented (7) [ 83.911946][ T6017] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6017 comm=syz.0.863 [ 83.924494][ T6017] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6017 comm=syz.0.863 [ 83.980449][ T6020] netlink: 'syz.1.874': attribute type 4 has an invalid length. [ 84.211633][ T6035] loop1: detected capacity change from 0 to 2048 [ 84.310328][ T6043] netlink: 8 bytes leftover after parsing attributes in process `syz.1.869'. [ 84.399988][ T6046] loop2: detected capacity change from 0 to 764 [ 84.455314][ T6046] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 84.478365][ T6046] Symlink component flag not implemented [ 84.485339][ T6046] Symlink component flag not implemented (7) [ 84.689772][ T6050] loop2: detected capacity change from 0 to 2048 [ 84.739892][ T6050] Alternate GPT is invalid, using primary GPT. [ 84.746242][ T6050] loop2: p2 p3 p7 [ 84.752850][ T6052] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6052 comm=syz.1.877 [ 84.765411][ T6052] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6052 comm=syz.1.877 [ 84.858166][ T6056] siw: device registration error -23 [ 84.868811][ T6062] netlink: 'syz.0.882': attribute type 4 has an invalid length. [ 84.991829][ T6069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 85.031008][ T6069] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 85.119162][ T6079] loop4: detected capacity change from 0 to 764 [ 85.129108][ T6079] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 85.138493][ T6082] loop2: detected capacity change from 0 to 2048 [ 85.151136][ T6079] Symlink component flag not implemented [ 85.157236][ T6079] Symlink component flag not implemented (7) [ 85.188569][ T6082] Alternate GPT is invalid, using primary GPT. [ 85.195302][ T6082] loop2: p2 p3 p7 [ 85.198216][ T6073] loop0: detected capacity change from 0 to 2048 [ 85.314989][ T6073] netlink: 8 bytes leftover after parsing attributes in process `syz.0.886'. [ 85.410675][ T6097] syzkaller1: entered promiscuous mode [ 85.416342][ T6097] syzkaller1: entered allmulticast mode [ 85.427801][ T6100] netlink: 'syz.0.898': attribute type 4 has an invalid length. [ 85.446612][ T6101] loop2: detected capacity change from 0 to 764 [ 85.454371][ T6101] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 85.554525][ T6108] loop0: detected capacity change from 0 to 2048 [ 85.607573][ T6108] Alternate GPT is invalid, using primary GPT. [ 85.614065][ T6108] loop0: p2 p3 p7 [ 85.649253][ T6106] syzkaller1: entered promiscuous mode [ 85.654785][ T6106] syzkaller1: entered allmulticast mode [ 85.695918][ T6113] loop0: detected capacity change from 0 to 764 [ 85.704252][ T6113] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 85.714631][ T6113] Symlink component flag not implemented [ 85.721661][ T6113] Symlink component flag not implemented (7) [ 85.865875][ T6129] loop2: detected capacity change from 0 to 256 [ 85.881481][ T6132] loop0: detected capacity change from 0 to 2048 [ 85.912255][ T6138] loop4: detected capacity change from 0 to 764 [ 85.924128][ T6138] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 85.936010][ T6132] Alternate GPT is invalid, using primary GPT. [ 85.942477][ T6132] loop0: p2 p3 p7 [ 86.013061][ T6144] syzkaller1: entered promiscuous mode [ 86.018859][ T6144] syzkaller1: entered allmulticast mode [ 86.072457][ T6154] loop0: detected capacity change from 0 to 764 [ 86.081185][ T6154] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 86.090178][ T6154] Symlink component flag not implemented [ 86.096024][ T6154] Symlink component flag not implemented (7) [ 86.229504][ T6165] selinux_netlink_send: 8 callbacks suppressed [ 86.229519][ T6165] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6165 comm=syz.4.928 [ 86.248332][ T6165] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6165 comm=syz.4.928 [ 86.269901][ T6167] loop0: detected capacity change from 0 to 764 [ 86.284299][ T6167] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 86.307480][ T6171] loop4: detected capacity change from 0 to 2048 [ 86.349239][ T6171] Alternate GPT is invalid, using primary GPT. [ 86.355784][ T6171] loop4: p2 p3 p7 [ 86.451511][ T6183] syzkaller1: entered promiscuous mode [ 86.457245][ T6183] syzkaller1: entered allmulticast mode [ 86.540605][ T6190] loop2: detected capacity change from 0 to 2048 [ 86.548869][ T6190] EXT4-fs: Ignoring removed bh option [ 86.570442][ T6190] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.643399][ T6199] loop4: detected capacity change from 0 to 764 [ 86.677867][ T6202] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6202 comm=syz.0.943 [ 86.690444][ T6202] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6202 comm=syz.0.943 [ 86.706044][ T6199] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 86.743376][ T6199] Symlink component flag not implemented [ 86.756992][ T6199] Symlink component flag not implemented (7) [ 86.771626][ T6184] ================================================================== [ 86.779702][ T6184] BUG: KCSAN: data-race in __htab_map_lookup_elem / bpf_lru_pop_free [ 86.787752][ T6184] [ 86.790153][ T6184] write to 0xffff8881199680e8 of 4 bytes by task 6187 on cpu 0: [ 86.797775][ T6184] bpf_lru_pop_free+0xbf0/0xcd0 [ 86.802626][ T6184] __htab_lru_percpu_map_update_elem+0xea/0x600 [ 86.808864][ T6184] bpf_percpu_hash_update+0x61/0xa0 [ 86.814052][ T6184] bpf_map_update_value+0x297/0x3a0 [ 86.819228][ T6184] generic_map_update_batch+0x3f5/0x540 [ 86.824754][ T6184] bpf_map_do_batch+0x258/0x380 [ 86.829670][ T6184] __sys_bpf+0x2e0/0x790 [ 86.833982][ T6184] __x64_sys_bpf+0x41/0x50 [ 86.838380][ T6184] x64_sys_call+0x2478/0x2fb0 [ 86.843061][ T6184] do_syscall_64+0xd2/0x200 [ 86.847539][ T6184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.853414][ T6184] [ 86.855820][ T6184] read to 0xffff8881199680e8 of 4 bytes by task 6184 on cpu 1: [ 86.863361][ T6184] __htab_map_lookup_elem+0xab/0x150 [ 86.868642][ T6184] htab_lru_percpu_map_lookup_elem+0x20/0xb0 [ 86.874806][ T6184] bpf_prog_21aeb496bf6470bb+0x4b/0x53 [ 86.880244][ T6184] bpf_trace_run4+0x114/0x1d0 [ 86.884918][ T6184] __traceiter_sched_switch+0x3c/0x60 [ 86.890365][ T6184] __schedule+0xa1f/0xb30 [ 86.894686][ T6184] schedule+0x5f/0xd0 [ 86.898656][ T6184] do_nanosleep+0x96/0x330 [ 86.903060][ T6184] hrtimer_nanosleep+0xdd/0x280 [ 86.907904][ T6184] common_nsleep+0x62/0x80 [ 86.912313][ T6184] __se_sys_clock_nanosleep+0x21a/0x250 [ 86.917860][ T6184] __x64_sys_clock_nanosleep+0x55/0x70 [ 86.923421][ T6184] x64_sys_call+0x1df0/0x2fb0 [ 86.928093][ T6184] do_syscall_64+0xd2/0x200 [ 86.932751][ T6184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.938644][ T6184] [ 86.940946][ T6184] value changed: 0xe77e3885 -> 0x200cb4aa [ 86.946645][ T6184] [ 86.949214][ T6184] Reported by Kernel Concurrency Sanitizer on: [ 86.955379][ T6184] CPU: 1 UID: 0 PID: 6184 Comm: syz.2.939 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(voluntary) [ 86.967878][ T6184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 86.977942][ T6184] ================================================================== [ 87.310542][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.538283][ T3413] page_pool_release_retry() stalled pool shutdown: id 23, 1 inflight 60 sec