last executing test programs: 58.643632251s ago: executing program 0 (id=1): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380"], 0x44}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'gretap0\x00', &(0x7f00000002c0)={'tunl0\x00', 0x0, 0x20, 0xc0, 0x3, 0x108, {{0x3b, 0x4, 0x3, 0x8, 0xec, 0x65, 0x0, 0xc0, 0x2f, 0x0, @private=0xa010101, @local, {[@timestamp={0x44, 0x28, 0x17, 0x0, 0x0, [0x8, 0xffffff7f, 0x8, 0x1, 0x2, 0x754, 0x2, 0x3, 0x9]}, @timestamp={0x44, 0x10, 0xeb, 0x0, 0x5, [0x7f, 0x101, 0x8]}, @rr={0x7, 0x1b, 0x6b, [@empty, @multicast2, @multicast1, @multicast1, @multicast1, @loopback]}, @timestamp_addr={0x44, 0x2c, 0xfe, 0x1, 0x1, [{@dev={0xac, 0x14, 0x14, 0xd}, 0x3ff}, {@multicast1, 0xe}, {@loopback, 0x2a7}, {@broadcast, 0x6}, {@broadcast}]}, @generic={0x89, 0x3, 'A'}, @cipso={0x86, 0x25, 0x2, [{0x1, 0x5, "9e89f6"}, {0x2, 0x9, "5dde2d94369d6c"}, {0x5, 0xb, "22fe57bfe67c3e2179"}, {0x5, 0x6, "4b4b8b89"}]}, @generic={0x7, 0x7, "cf99602e17"}, @generic={0x88, 0x9, "65b93ff5b07ef8"}, @lsrr={0x83, 0x1f, 0x67, [@dev={0xac, 0x14, 0x14, 0x41}, @local, @rand_addr=0x64010101, @multicast1, @dev={0xac, 0x14, 0x14, 0x28}, @remote, @multicast1]}]}}}}}) sendmsg$ETHTOOL_MSG_PAUSE_GET(r1, &(0x7f0000000500)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)={0xb0, r3, 0x45404c822c4867b, 0x70bd29, 0x25dfdbfc, {}, [@HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4}, 0x4008021) r5 = socket$xdp(0x2c, 0x3, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='sys_enter\x00', r6}, 0x18) rt_sigsuspend(0x0, 0x0) readahead(r5, 0x5, 0x9e90) openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0) close(0x3) r7 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$selinux_access(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r8 = inotify_init1(0x0) inotify_add_watch(r8, &(0x7f00000000c0)='.\x00', 0xa4000061) unlink(&(0x7f0000000180)='./file1\x00') 57.983080671s ago: executing program 0 (id=15): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000f0000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x14, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffe, 0x2, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) fsetxattr$system_posix_acl(r2, &(0x7f0000000600)='system.posix_acl_access\x00', &(0x7f0000000e40)={{}, {0x1, 0x3}, [{0x2, 0x1}, {0x2, 0x2, 0xee01}, {}, {0x2, 0x1}, {0x2, 0x4}], {0x4, 0x1}, [{0x8, 0x2}, {0x8, 0x4, 0xee01}], {}, {0x20, 0x2}}, 0x5c, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000005f80)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {}, {0xffe0}}, [@filter_kind_options=@f_flow={{0x9}, {0x58, 0x2, [@TCA_FLOW_ACT={0x54, 0x9, 0x0, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x20000001, 0x4, 0x2}, 0x1, r6}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0x88}}, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000400)}, 0x20) 56.543133953s ago: executing program 0 (id=27): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00') getdents(r0, 0x0, 0x48) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x2, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x6}, 0x16450, 0x4, 0xfffffffe, 0x2, 0x0, 0x0, 0x71, 0x0, 0x0, 0x0, 0xa9a}, 0x0, 0x0, 0xffffffffffffffff, 0x9) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) gettid() mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) fcntl$lock(r2, 0x26, &(0x7f0000000380)={0x1}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200000000f400850000008600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x392b8a4ff77e3f7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r5, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000840)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}}, 0x0) fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000380)={0x0, 0x0, 0x103ff}) syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f00000005c0)='./file1\x00', 0x8205, &(0x7f0000000000)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x15}}, {@stripe}, {@jqfmt_vfsold}, {@errors_remount}, {@quota}, {@noblock_validity}, {@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x16}}]}, 0x1, 0x60a, &(0x7f0000001c40)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBCDhaW5AivbGHJEDuGyJBDAgmEkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78lrR/pDn84FZvXkzu+999+lp3uzo7QRQWtPZQxpxOCIuJRFTTdsmo75xurHfw+/uXM6WJGq1/32bRNLIK/Z/1Pi5P3tIIsYj4tOzEb+vbC13/dbtqwvVWt2rEbMbq2uz67duH19ZXbiydGXp2vyJf548Nfev+ZPzuxJnEde58//901uvvfSP5c+qx5M4HRdHX1mMljh2y3RMx6NGiM35IxFxKku0eV/2miKEZMD1YGcqjd/H0Yg4FFNRydfqpmLlzYFWDuipWiWiBpRUov9DSRXjgOLcvhfnwcPswZn6CdDW+Efqn43EeH5utO9h0nRmVD/fPbAL5Wdl/HznyHvZEh0+hxjZhXI62bwbEX9sF3+S1+1A/ilOFn8aadPzsvRcRIw13ot0h+VPt6z3+/fvWeJvbocs3tONn1n+2R2WP+j4ASin+2caB/LNbO3J8S8bGRbjn2gz/plsc+zaiUEf/zqP/4rj/Xj+GXnaMg7LxjwX2r/kaGvGV2+ce6dT+c3jv2zJyi/Ggv3w4G7EkZb4X88Hc8nj9k/atH+2y6Uuy/jP59+c67Rt0PHX7kUcbXv+8+SKVpaa3VhdK/Jark/OLq9Ul+bqj23L+OiTFz/oVP6g48/aPzrEv137Z3lrXZbx4YV7q522TT41/vTrseRinhpr5Ly8sLFxYz5iLDnf2KUp/8T2dSn2KV4ji//YX9v3/23izxt6s8v41/5/9WE9tfUqadftv+WvSu5Rrcs6dJLFv7jD9n+7yzJ+eOHmn1uyJorEdvFPbH2ppNv3HAAAAAAAAMooza/BJunM43SazszU5/D+Ifal1evrG39bvn7z2mLEsfz/IUfT4kr3VH09ydbnG/8PW6yfaFn/e0QcjIh3KxP5+szl69XFQQcPAAAAAAAAAAAAAAAAAAAAQ2J/Y/5/cZ/q7yv1+f9d2TjU49oBPdfLG8wBw03/h/LK+/9O7+AK7GmO/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMBz6eBf7n+ZRMTmvyfyJTPW2DY60JoBvfbsfXy6J/UA+q/S16cBw+TxpX/T/6F0uhr//9j4csDeVwcYgKRdZj44qG3f+e+3fSYAAAAAAAAAAAAA0ANHD5v/D2WVxseDrgIwIL9iIr/vAIA9zlf/Q3k5xweeNot/vNMG8/8BAAAAAAAAAAAAoG8m8yVJZxq3AJ2MNJ2ZifhtRByI0WR5pbo0FxG/i4gvKqO/ydbnB11pAAAAAAAAAAAAAAAAAAAAeM6s37p9daFaXbrRnPhpS87znSjugjos9WlORNL/QiciYhhi701ipCknidjMWn4oKnZjPYaiGmlejQH/YQIAAAAAAAAAAAAAAAAAgBJqmnvc3pH3+1wjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi/J/f/33kiecrrDDpGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBv+iUAAP//q+Q5KA==") bpf$PROG_LOAD(0x5, 0x0, 0x0) shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0xf503, 0x0) sysfs$1(0x1, 0x0) 56.524685893s ago: executing program 32 (id=27): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00') getdents(r0, 0x0, 0x48) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x2, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x6}, 0x16450, 0x4, 0xfffffffe, 0x2, 0x0, 0x0, 0x71, 0x0, 0x0, 0x0, 0xa9a}, 0x0, 0x0, 0xffffffffffffffff, 0x9) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) gettid() mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) fcntl$lock(r2, 0x26, &(0x7f0000000380)={0x1}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200000000f400850000008600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x392b8a4ff77e3f7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r5, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000840)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}}, 0x0) fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000380)={0x0, 0x0, 0x103ff}) syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f00000005c0)='./file1\x00', 0x8205, &(0x7f0000000000)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x15}}, {@stripe}, {@jqfmt_vfsold}, {@errors_remount}, {@quota}, {@noblock_validity}, {@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x16}}]}, 0x1, 0x60a, &(0x7f0000001c40)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBCDhaW5AivbGHJEDuGyJBDAgmEkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78lrR/pDn84FZvXkzu+999+lp3uzo7QRQWtPZQxpxOCIuJRFTTdsmo75xurHfw+/uXM6WJGq1/32bRNLIK/Z/1Pi5P3tIIsYj4tOzEb+vbC13/dbtqwvVWt2rEbMbq2uz67duH19ZXbiydGXp2vyJf548Nfev+ZPzuxJnEde58//901uvvfSP5c+qx5M4HRdHX1mMljh2y3RMx6NGiM35IxFxKku0eV/2miKEZMD1YGcqjd/H0Yg4FFNRydfqpmLlzYFWDuipWiWiBpRUov9DSRXjgOLcvhfnwcPswZn6CdDW+Efqn43EeH5utO9h0nRmVD/fPbAL5Wdl/HznyHvZEh0+hxjZhXI62bwbEX9sF3+S1+1A/ilOFn8aadPzsvRcRIw13ot0h+VPt6z3+/fvWeJvbocs3tONn1n+2R2WP+j4ASin+2caB/LNbO3J8S8bGRbjn2gz/plsc+zaiUEf/zqP/4rj/Xj+GXnaMg7LxjwX2r/kaGvGV2+ce6dT+c3jv2zJyi/Ggv3w4G7EkZb4X88Hc8nj9k/atH+2y6Uuy/jP59+c67Rt0PHX7kUcbXv+8+SKVpaa3VhdK/Jark/OLq9Ul+bqj23L+OiTFz/oVP6g48/aPzrEv137Z3lrXZbx4YV7q522TT41/vTrseRinhpr5Ly8sLFxYz5iLDnf2KUp/8T2dSn2KV4ji//YX9v3/23izxt6s8v41/5/9WE9tfUqadftv+WvSu5Rrcs6dJLFv7jD9n+7yzJ+eOHmn1uyJorEdvFPbH2ppNv3HAAAAAAAAMooza/BJunM43SazszU5/D+Ifal1evrG39bvn7z2mLEsfz/IUfT4kr3VH09ydbnG/8PW6yfaFn/e0QcjIh3KxP5+szl69XFQQcPAAAAAAAAAAAAAAAAAAAAQ2J/Y/5/cZ/q7yv1+f9d2TjU49oBPdfLG8wBw03/h/LK+/9O7+AK7GmO/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMBz6eBf7n+ZRMTmvyfyJTPW2DY60JoBvfbsfXy6J/UA+q/S16cBw+TxpX/T/6F0uhr//9j4csDeVwcYgKRdZj44qG3f+e+3fSYAAAAAAAAAAAAA0ANHD5v/D2WVxseDrgIwIL9iIr/vAIA9zlf/Q3k5xweeNot/vNMG8/8BAAAAAAAAAAAAoG8m8yVJZxq3AJ2MNJ2ZifhtRByI0WR5pbo0FxG/i4gvKqO/ydbnB11pAAAAAAAAAAAAAAAAAAAAeM6s37p9daFaXbrRnPhpS87znSjugjos9WlORNL/QiciYhhi701ipCknidjMWn4oKnZjPYaiGmlejQH/YQIAAAAAAAAAAAAAAAAAgBJqmnvc3pH3+1wjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi/J/f/33kiecrrDDpGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBv+iUAAP//q+Q5KA==") bpf$PROG_LOAD(0x5, 0x0, 0x0) shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0xf503, 0x0) sysfs$1(0x1, 0x0) 1.774950342s ago: executing program 1 (id=1307): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0xd00, &(0x7f00000002c0)={&(0x7f0000000000)=@getqdisc={0x24, 0x26, 0x705, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0xfff1}, {0x7, 0x8}, {0x4, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x40188de}, 0x0) 1.683788804s ago: executing program 1 (id=1309): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0207e80702"], 0x10}}, 0x40044) socket$inet6(0xa, 0x2, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa46041, 0x0, 0x1, 0x0, &(0x7f0000000040)) rmdir(&(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00'}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'veth1_vlan\x00'}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50) r4 = socket$kcm(0xa, 0x5, 0x0) r5 = socket$kcm(0x2, 0x5, 0x84) sendmsg$inet(r5, &(0x7f00000002c0)={&(0x7f0000000180)={0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10, &(0x7f0000001400)=[{&(0x7f0000000240)='_', 0x1}], 0x1}, 0x20000064) setsockopt$sock_attach_bpf(r5, 0x84, 0x1e, &(0x7f0000000000), 0x10) r6 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x8936, &(0x7f0000000000)={r6}) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9c, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffffed, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89f1, &(0x7f0000000080)) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x89f2, &(0x7f0000000080)) 1.214863631s ago: executing program 5 (id=1323): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) pivot_root(&(0x7f0000000ac0)='./file1\x00', 0x0) 1.151977932s ago: executing program 4 (id=1326): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000001180)='kfree\x00', r1}, 0x18) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) creat(&(0x7f0000000240)='./bus\x00', 0xc2) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, 0x0, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000580)={[{@journal_path={'journal_path', 0x3d, './bus'}}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noblock_validity}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs") bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x1, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000500)}, 0x0, 0x0, 0x7, 0x0, 0x7, 0x5, 0x0, 0x0, 0x3fc}, 0x0, 0x0, 0xffffffffffffffff, 0x1) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) socket(0x10, 0x3, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r3, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r5}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0) 1.135392382s ago: executing program 5 (id=1327): socket$inet6_sctp(0xa, 0x1, 0x84) write$P9_RLERRORu(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000", @ANYRES16], 0x52) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="020000000400000008000000010000"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) 1.079099613s ago: executing program 5 (id=1328): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$kcm(0x11, 0xa, 0x300) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x13, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 924.351396ms ago: executing program 4 (id=1330): creat(&(0x7f00000000c0)='./file0\x00', 0x48) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, 0x0) 919.616126ms ago: executing program 2 (id=1331): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7040000080000008500000095000000950000"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x200000000200}, 0x18) io_uring_setup(0x32c3, &(0x7f0000000100)={0x0, 0x0, 0x40, 0x0, 0x91}) syz_init_net_socket$llc(0x1a, 0x801, 0x0) syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x71e, &(0x7f0000000800)="$eJzs3U1rXNUbAPDn3mb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7mQmfZtJpppkIPP7wZ15zr03ec6ZCeeBnGFOAAPrZPmQRjwfEdNJxFjrfBIRlWY0FHFp+747t2/OlUcSW1tX/kia95TtuO9nSiciYjMinouInyoRp9NH89bWN5Zn8zxba7Un6iurE7X1jTNLK7OL2WJ27eK5c1PnLpy/eHH/xvrG+x88Wz3/zuj30wszpyZ//S6JSzHaunb/OPbT9mtSKV/CB7x7EMn6KOl3B/hXhiLiWOv5mRiLY80IADjKtoYjtgCAAZOo/wAwYNr/B2iv7R3UOlg3v78dESOd8g+11sxGmuuQx+8kD6xMJBExfpgd5UjavBURV8dPPvr3lzyyZvu4zu5HBzlQP5bzz6VO80+6M/9Eh/lnpP3Zif+o+/x3L/+xLvPfdI853nuxUXTNfyvihaFO+ZOd/EmX/Fd7zP/D3fm/u13b+jbitY71J3kgV/fPh0wsLOXZ2e3HzjlONm5+uNv4j3fJv7nH+Fd7HP/oZy//vLlL/tdf2f3975S/rImf9pj/k8pbX3S7Vuaf7zL+vd7/b3rMf+GljzZ6vBUAAAAAAAAAAAAAAAAAAAAAAAAAAACOhDQiRiNJqztxmlar23t4Px3H07yo1U8vFI1r89HcK3s8Kmn7q5bHtttJ2Z5sfR9/uz31UPvNiHgqIj4f/n+zXZ0r8vl+Dx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWk48tP//X8Pb+/8DAEfcSL87AAAcOvUfAAaP+g8Ag0f9B4DBo/4DwOBR/wFg8Kj/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByy6cuXy2Przu2bc2V7/vp6Y7m4fmY+qy1XVxpz1blibbW6WBSLeVadK1b2+n15UaxOTUXjxkQ9q9UnausbMytF41p9ZmlldjGbySqHMioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeDyjzSNJqxGRNuM0rVYjnoiI8agkC0t5djYinoyIX4Yrw2V7st+dBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9VlvfWJ7N82xNIBAIdoJ+z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+O5t+t3vngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAP6W/JRFRHqfGXh19+Or/krvDzeeI+PjrK1/emK3X1ybL83/unK9/1To/1Y/+AwB7adfpdh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE5q6xvLs3merR1g0O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwf/4JAAD//68fzsc=") 858.743626ms ago: executing program 4 (id=1332): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000000300)='H', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) shutdown(r0, 0x1) 792.278367ms ago: executing program 4 (id=1333): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x18) openat$ppp(0xffffffffffffff9c, &(0x7f0000000600), 0x400c2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0xf2cccc7fae7881b8, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000005c0)='unmap\x00', r1, 0x0, 0x2}, 0x18) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000500)={[{@nobh}, {@usrjquota}, {@minixdf}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08") r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001180)=ANY=[@ANYBLOB="24000000760001fffffffffffffff300090200000e6c6cafd82eff57d1cc3ad006dbae36d0c1c9fe84b11ea3738b2fb002faacb91e8a944cd82ae06a8716190506b577ecb85fa788ca42e59fc70782dbc082edfede0b64c870ff2efbf049eab8b129d1a772d6df670dc9c1ff5bdb3c1e1647ff0227433c12ddfa4351549a649a623fa3fb82", @ANYRES32=0x0, @ANYBLOB="08000180"], 0x24}, 0x1, 0x5502000000000000, 0x0, 0x200008d2}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x275a, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000058000000030a0102000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c00048048000180080001"], 0x122}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r4, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438) 784.343588ms ago: executing program 1 (id=1334): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002200)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0) flock(r2, 0x5) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r4, 0x2) (fail_nth: 4) 673.26827ms ago: executing program 2 (id=1335): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0xe3b9}, 0x18) r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0) writev(r1, &(0x7f0000000080)=[{&(0x7f0000000300)='4', 0x1}], 0x1) (fail_nth: 3) 445.222173ms ago: executing program 5 (id=1336): mq_open(&(0x7f0000000000)='!selinu\xff\x7f\x00\x00inux\x00T\x8b\xb5\xf3\xcb\xdd\xe3\xbf2\x86\x01\x84\xdd\x8a\x8f_l\xa1L\xb1\xef\xb2\xc9\xf7+C\xb2\x8e9\xb8\xec\x1a\xe5\xaeq\x8fZ\xff\xbcY+\xaf0<\xa3\xb8\"Zm\x1c\x18\x11\x93\xb5z \xc2\x8b\xa9\xc5\x9es\t\xfe\x002\xa0-\xaf\xcdP\x9f\xe5Iv\xce*\xa8\xa3\x14i\x05\x8f\x9b\x1eB\x9f\x9d#E\x19\xdc\xfe\xc7\xeb\xb5\xcd\xc8\xe2U\xce\x00\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3}) 445.069423ms ago: executing program 1 (id=1337): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18) utimes(&(0x7f0000000200)='./file0/file0\x00', 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$phonet_pipe(0x23, 0x5, 0x2) r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) close(r0) 444.606843ms ago: executing program 3 (id=1338): socket$inet6_sctp(0xa, 0x1, 0x84) write$P9_RLERRORu(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000", @ANYRES16], 0x52) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000001000000"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) 182.239057ms ago: executing program 5 (id=1339): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000003c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) setuid(0xee00) 181.795177ms ago: executing program 5 (id=1340): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000040)='./bus\x00', 0x8049, &(0x7f00000000c0)={[{@jqfmt_vfsold}, {@data_err_ignore}, {@acl}, {@noload}, {@sysvgroups}, {@usrjquota, 0x22}, {@dax_inode}, {@block_validity}, {@minixdf}]}, 0xfe, 0x44e, &(0x7f0000000f80)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) creat(&(0x7f00000000c0)='./file0\x00', 0x48) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r7 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, 0xffffffffffffffff) r8 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vxcan0\x00', 0x0}) r10 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r10, &(0x7f0000000000)={0x1d, r9}, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', 0x0}) sendmsg$can_bcm(r8, &(0x7f0000000180)={&(0x7f0000000240)={0x1d, r11}, 0x10, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x8004}, 0x4010) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) r12 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x289c2, 0x1) fcntl$setlease(r12, 0x400, 0x1) fremovexattr(r12, &(0x7f0000000040)=@known='system.posix_acl_default\x00') r13 = dup(r6) write$P9_RLERRORu(r13, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r13, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r13, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r13]) sendmsg$nl_xfrm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@updsa={0x13c, 0x1a, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@loopback}, {@in6=@dev, 0x4d4, 0x33}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', {}, {}, {}, 0x40, 0x0, 0xa, 0x0, 0x3}, [@algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x13c}}, 0x0) 169.526687ms ago: executing program 1 (id=1341): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0) 169.187567ms ago: executing program 3 (id=1342): r0 = epoll_create(0xeed) openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0) epoll_wait(r0, &(0x7f0000001180)=[{}], 0x1, 0x7) 134.371098ms ago: executing program 2 (id=1343): openat$vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x8000000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0) 133.930208ms ago: executing program 2 (id=1344): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0a000000020000000110000007c0388677ebdb6ce73e29617a3e3b7b416ce6b8c3d8376dcd2b7e401a7767b119ba0f7f787cd098f8ff34ea6b0bb949eeefee21044fa261ee067bf49739e454dc462ce4343cc2afbdb17541c281d5ed5a8e1fc92975bacc4b6c4b59513c0c1093df6e456d909e0000000000"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x2000000000000284, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000640)='kfree\x00', r1}, 0x18) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}, 0x1, 0x0, 0x0, 0x2005c013}, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x0, 0x2}, 0x0) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000300)="8c85059fbb89ead882486bd2b9624a831ae21036445d6bc80e1f0ef96ef2b187b447c43126e165e6d41aabff6871343ce95e30d2ef7aad3455da099f79bd9d089e1b12dbdd2d53d0b14cac775a0d948942e6175918deed1564f41b09a0abdc0f65d20e9fcbd4382a245c926711063b3d679eef74be10065d46", 0x37db, r2}, 0x38) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000700)={r2}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x1f, 0x10, &(0x7f0000000880)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x0) sendmmsg(r3, &(0x7f0000000000), 0x4000000000001f2, 0x0) 133.052998ms ago: executing program 3 (id=1345): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18) utimes(&(0x7f0000000200)='./file0/file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$phonet_pipe(0x23, 0x5, 0x2) r1 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) close(r1) 126.609178ms ago: executing program 4 (id=1346): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0xff, 0x40, 0x0, 0x0, 0x8, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) r4 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$selinux_user(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t r', @ANYRES32=r2, @ANYRES16=r3], 0x27) 97.972378ms ago: executing program 3 (id=1347): socket$inet6_udplite(0xa, 0x2, 0x88) r0 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x0, 0x18c, 0x203, 0x0, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {0x16}, {}, {0xfffe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x20000000}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000007c0)={&(0x7f00000005c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb0, 0xb0, 0x4, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x3, 0x4}}, @enum64={0xe, 0x8, 0x0, 0x13, 0x0, 0x2, [{0xf, 0x4, 0xfffffff9}, {0x5, 0x4, 0x2}, {0x5, 0x0, 0x6}, {0xe, 0x100, 0x4}, {0x2, 0x2, 0x1}, {0x2, 0x3, 0x8}, {0x6, 0x1000, 0x3}, {0xb, 0x8, 0x9}]}, @volatile={0x9, 0x0, 0x0, 0x9, 0x3}, @ptr={0x7, 0x0, 0x0, 0x2, 0x3}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x9, 0x4}]}]}, {0x0, [0x6c2b9b51ce8533e9, 0x0]}}, &(0x7f00000006c0)=""/219, 0xcc, 0xdb, 0x0, 0x1, 0x10000, @value}, 0x28) r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000880)={0x0, r0}, 0x8) bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@bloom_filter={0x1e, 0xffffffff, 0x81, 0x0, 0x12285, 0x1, 0xffffffff, '\x00', 0x0, r1, 0x4, 0x5, 0x5, 0x9, @void, @value, @value=r2}, 0x50) 93.995058ms ago: executing program 1 (id=1348): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$kcm(0x11, 0xa, 0x300) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x13, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 93.799928ms ago: executing program 2 (id=1349): bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) pivot_root(&(0x7f0000000ac0)='./file1\x00', 0x0) 60.493149ms ago: executing program 3 (id=1350): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000003c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) setuid(0xee00) 27.981799ms ago: executing program 2 (id=1351): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002200)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$can_bcm(0x1d, 0x2, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mkdir(&(0x7f0000000540)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r4}, 0x10) r5 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB="2c5794e31b409ebf74e94d4a12ee3cc8740c857c56b4e52ae4cb674e688fb43392be8d082be57264ee19d05b4c01ce70b6960b365eed86e204a37b22efca9315693f8f3cd420e2b2279bdffd81cd8928"]) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720a00fef8ffffff71a4f1ff0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00ff040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r5, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10) r7 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0) flock(r7, 0x5) r8 = gettid() r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000006c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x57) r10 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r10, &(0x7f00000009c0)=ANY=[@ANYBLOB="2539000020000306f107f62aa6172f7881"], 0x33fe0) r11 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000540)={r9, 0xffffffffffffffff, 0x20, 0x0, @void}, 0x10) sync_file_range(r11, 0x61ddcc04, 0x81, 0x153fd9e242b4db96) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) process_vm_readv(r8, &(0x7f0000000080)=[{&(0x7f0000000300)=""/242, 0xf2}], 0x1, &(0x7f0000000180)=[{&(0x7f0000002480)=""/4096, 0x1000}], 0x1, 0x0) r12 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r12, 0x2) 293.71µs ago: executing program 4 (id=1352): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18) utimes(&(0x7f0000000200)='./file0/file0\x00', 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$phonet_pipe(0x23, 0x5, 0x2) r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) close(r0) 0s ago: executing program 3 (id=1353): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = gettid() tkill(r0, 0x11) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) fcntl$getown(r1, 0x9) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10) sync() kernel console output (not intermixed with test programs): s leftover after parsing attributes in process `syz.2.382'. [ 55.664910][ T4790] loop4: detected capacity change from 0 to 128 [ 55.685985][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 55.715832][ T4790] syz.4.381: attempt to access beyond end of device [ 55.715832][ T4790] loop4: rw=2049, sector=145, nr_sectors = 24 limit=128 [ 55.731248][ T4790] syz.4.381: attempt to access beyond end of device [ 55.731248][ T4790] loop4: rw=2049, sector=177, nr_sectors = 8 limit=128 [ 55.745508][ T4790] syz.4.381: attempt to access beyond end of device [ 55.745508][ T4790] loop4: rw=2049, sector=193, nr_sectors = 8 limit=128 [ 55.774877][ T4790] syz.4.381: attempt to access beyond end of device [ 55.774877][ T4790] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 55.789434][ T4790] syz.4.381: attempt to access beyond end of device [ 55.789434][ T4790] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 55.803707][ T4790] syz.4.381: attempt to access beyond end of device [ 55.803707][ T4790] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 55.819946][ T4790] syz.4.381: attempt to access beyond end of device [ 55.819946][ T4790] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 55.834169][ T4790] syz.4.381: attempt to access beyond end of device [ 55.834169][ T4790] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 55.849820][ T4790] syz.4.381: attempt to access beyond end of device [ 55.849820][ T4790] loop4: rw=2049, sector=289, nr_sectors = 8 limit=128 [ 55.942497][ T4790] syz.4.381: attempt to access beyond end of device [ 55.942497][ T4790] loop4: rw=3, sector=297, nr_sectors = 7 limit=128 [ 55.971086][ T4790] bridge0: port 3(vlan2) entered blocking state [ 55.977422][ T4790] bridge0: port 3(vlan2) entered disabled state [ 55.983935][ T4790] vlan2: entered allmulticast mode [ 55.989252][ T4790] bridge0: entered allmulticast mode [ 56.027343][ T4790] vlan2: left allmulticast mode [ 56.032365][ T4790] bridge0: left allmulticast mode [ 56.101149][ T4816] loop2: detected capacity change from 0 to 2048 [ 56.122061][ T4817] netlink: 'syz.1.391': attribute type 7 has an invalid length. [ 56.129796][ T4817] netlink: 'syz.1.391': attribute type 5 has an invalid length. [ 56.137538][ T4817] netlink: 17 bytes leftover after parsing attributes in process `syz.1.391'. [ 56.150213][ T4816] Alternate GPT is invalid, using primary GPT. [ 56.156584][ T4816] loop2: p2 p3 p7 [ 56.231807][ T4821] loop3: detected capacity change from 0 to 512 [ 56.232395][ T4822] netlink: 8 bytes leftover after parsing attributes in process `syz.2.395'. [ 56.244417][ T3564] udevd[3564]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 56.248957][ T3568] udevd[3568]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 56.260779][ T3565] udevd[3565]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 56.285015][ T4821] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 56.345820][ T4821] EXT4-fs (loop3): 1 truncate cleaned up [ 56.352053][ T4821] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.422207][ T4831] loop5: detected capacity change from 0 to 512 [ 56.440889][ T4831] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.453733][ T4831] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.521626][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.551604][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.564465][ T4837] loop4: detected capacity change from 0 to 2048 [ 56.611240][ T4837] Alternate GPT is invalid, using primary GPT. [ 56.617669][ T4837] loop4: p2 p3 p7 [ 56.677822][ T4852] xt_hashlimit: size too large, truncated to 1048576 [ 56.684630][ T4852] xt_hashlimit: max too large, truncated to 1048576 [ 56.776106][ T4860] loop4: detected capacity change from 0 to 2048 [ 56.800614][ T4866] xt_hashlimit: size too large, truncated to 1048576 [ 56.807338][ T4866] xt_hashlimit: max too large, truncated to 1048576 [ 56.844634][ T4864] loop5: detected capacity change from 0 to 8192 [ 56.854703][ T4860] Alternate GPT is invalid, using primary GPT. [ 56.861208][ T4860] loop4: p2 p3 p7 [ 56.877095][ T4868] loop3: detected capacity change from 0 to 256 [ 56.934731][ T4871] netlink: 12 bytes leftover after parsing attributes in process `syz.1.417'. [ 56.945116][ T4871] netlink: 60 bytes leftover after parsing attributes in process `syz.1.417'. [ 56.955465][ T4871] netlink: 60 bytes leftover after parsing attributes in process `syz.1.417'. [ 57.011606][ T4871] netlink: 60 bytes leftover after parsing attributes in process `syz.1.417'. [ 57.020908][ T4871] netlink: 60 bytes leftover after parsing attributes in process `syz.1.417'. [ 57.057235][ T4873] syzkaller0: entered promiscuous mode [ 57.062816][ T4873] syzkaller0: entered allmulticast mode [ 57.076226][ T4871] netlink: 60 bytes leftover after parsing attributes in process `syz.1.417'. [ 57.085498][ T4871] netlink: 60 bytes leftover after parsing attributes in process `syz.1.417'. [ 57.097807][ T4889] FAULT_INJECTION: forcing a failure. [ 57.097807][ T4889] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 57.111018][ T4889] CPU: 0 UID: 0 PID: 4889 Comm: syz.4.415 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 57.111050][ T4889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 57.111110][ T4889] Call Trace: [ 57.111117][ T4889] [ 57.111126][ T4889] dump_stack_lvl+0xf6/0x150 [ 57.111149][ T4889] dump_stack+0x15/0x1a [ 57.111165][ T4889] should_fail_ex+0x261/0x270 [ 57.111247][ T4889] should_fail+0xb/0x10 [ 57.111276][ T4889] should_fail_usercopy+0x1a/0x20 [ 57.111384][ T4889] _copy_from_user+0x1c/0xa0 [ 57.111501][ T4889] get_user_ifreq+0x8c/0x160 [ 57.111538][ T4889] sock_do_ioctl+0xcb/0x270 [ 57.111635][ T4889] sock_ioctl+0x436/0x630 [ 57.111666][ T4889] ? __pfx_sock_ioctl+0x10/0x10 [ 57.111763][ T4889] __se_sys_ioctl+0xc9/0x140 [ 57.111803][ T4889] __x64_sys_ioctl+0x43/0x50 [ 57.111829][ T4889] x64_sys_call+0x168d/0x2e10 [ 57.111917][ T4889] do_syscall_64+0xc9/0x1c0 [ 57.111974][ T4889] ? clear_bhb_loop+0x25/0x80 [ 57.111998][ T4889] ? clear_bhb_loop+0x25/0x80 [ 57.112025][ T4889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.112051][ T4889] RIP: 0033:0x7fc9e88bd169 [ 57.112069][ T4889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.112166][ T4889] RSP: 002b:00007fc9e6edd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 57.112262][ T4889] RAX: ffffffffffffffda RBX: 00007fc9e8ad6160 RCX: 00007fc9e88bd169 [ 57.112274][ T4889] RDX: 0000200000002280 RSI: 0000000000008943 RDI: 0000000000000009 [ 57.112285][ T4889] RBP: 00007fc9e6edd090 R08: 0000000000000000 R09: 0000000000000000 [ 57.112297][ T4889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 57.112308][ T4889] R13: 0000000000000000 R14: 00007fc9e8ad6160 R15: 00007fff78327268 [ 57.112326][ T4889] [ 57.152964][ T4891] netlink: 48 bytes leftover after parsing attributes in process `syz.3.419'. [ 57.617716][ T4926] loop5: detected capacity change from 0 to 2048 [ 57.700688][ T4926] EXT4-fs (loop5): failed to initialize system zone (-117) [ 57.708565][ T4926] EXT4-fs (loop5): mount failed [ 57.814957][ T4943] loop4: detected capacity change from 0 to 2048 [ 57.870144][ T4938] loop2: detected capacity change from 0 to 8192 [ 58.007480][ T4958] loop2: detected capacity change from 0 to 128 [ 58.034027][ T4958] EXT4-fs: Ignoring removed nobh option [ 58.095940][ T4958] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 58.128638][ T4960] loop5: detected capacity change from 0 to 8192 [ 58.142133][ T4958] ext4 filesystem being mounted at /87/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 58.155942][ T4958] netlink: 12 bytes leftover after parsing attributes in process `syz.2.447'. [ 58.188037][ T4958] netlink: 60 bytes leftover after parsing attributes in process `syz.2.447'. [ 58.452999][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 58.720621][ T4987] loop5: detected capacity change from 0 to 8192 [ 58.755415][ T29] kauditd_printk_skb: 703 callbacks suppressed [ 58.755444][ T29] audit: type=1326 audit(1744256235.516:2980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4986 comm="syz.5.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc0d370bad0 code=0x7ffc0000 [ 58.785142][ T29] audit: type=1326 audit(1744256235.516:2981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4986 comm="syz.5.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fc0d370beb7 code=0x7ffc0000 [ 58.808410][ T29] audit: type=1326 audit(1744256235.516:2982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4986 comm="syz.5.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc0d370bad0 code=0x7ffc0000 [ 58.831841][ T29] audit: type=1326 audit(1744256235.516:2983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4986 comm="syz.5.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d370d169 code=0x7ffc0000 [ 58.855281][ T29] audit: type=1326 audit(1744256235.516:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4986 comm="syz.5.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc0d370d169 code=0x7ffc0000 [ 58.855311][ T29] audit: type=1326 audit(1744256235.516:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4986 comm="syz.5.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d370d169 code=0x7ffc0000 [ 58.855343][ T29] audit: type=1326 audit(1744256235.516:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4986 comm="syz.5.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d370d169 code=0x7ffc0000 [ 58.855374][ T29] audit: type=1326 audit(1744256235.516:2987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4986 comm="syz.5.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fc0d370d169 code=0x7ffc0000 [ 58.954337][ T29] audit: type=1326 audit(1744256235.576:2988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4986 comm="syz.5.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d370d169 code=0x7ffc0000 [ 58.978057][ T29] audit: type=1326 audit(1744256235.576:2989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4986 comm="syz.5.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d370d169 code=0x7ffc0000 [ 59.153776][ T4995] loop3: detected capacity change from 0 to 4096 [ 59.221280][ T4995] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.239739][ T5003] loop5: detected capacity change from 0 to 8192 [ 59.257231][ T5009] loop2: detected capacity change from 0 to 512 [ 59.323944][ T5009] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 59.342295][ T5004] loop4: detected capacity change from 0 to 512 [ 59.421124][ T5009] EXT4-fs (loop2): 1 truncate cleaned up [ 59.427223][ T5009] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 59.513726][ T5004] EXT4-fs (loop4): orphan cleanup on readonly fs [ 59.530973][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.554848][ T5004] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 59.649395][ T5004] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 59.673737][ T5004] EXT4-fs (loop4): 1 truncate cleaned up [ 59.680321][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.696726][ T3295] printk: udevd: 2 output lines suppressed due to ratelimiting [ 59.735327][ T5004] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 59.752011][ T5021] loop2: detected capacity change from 0 to 2048 [ 60.094963][ T5042] loop2: detected capacity change from 0 to 512 [ 60.121540][ T5042] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 60.148598][ T5044] loop5: detected capacity change from 0 to 2048 [ 60.171082][ T5042] EXT4-fs (loop2): orphan cleanup on readonly fs [ 60.177681][ T5042] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 60.209896][ T5042] EXT4-fs (loop2): 1 truncate cleaned up [ 60.218346][ T5042] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 60.558819][ T5073] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 60.576835][ T5073] SELinux: failed to load policy [ 60.600424][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.701108][ T5084] pim6reg1: entered promiscuous mode [ 60.706468][ T5084] pim6reg1: entered allmulticast mode [ 60.885335][ T5097] loop2: detected capacity change from 0 to 2048 [ 60.980791][ T5114] loop2: detected capacity change from 0 to 128 [ 60.987361][ T5114] EXT4-fs: Ignoring removed nobh option [ 61.020597][ T5114] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 61.031626][ T5120] loop5: detected capacity change from 0 to 1024 [ 61.043914][ T5114] ext4 filesystem being mounted at /103/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 61.078145][ T5125] loop3: detected capacity change from 0 to 128 [ 61.097128][ T5120] ext3: Unknown parameter 'pcr' [ 61.179387][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 61.236740][ T5135] loop3: detected capacity change from 0 to 256 [ 61.256929][ T5139] loop5: detected capacity change from 0 to 256 [ 61.649767][ T5166] FAULT_INJECTION: forcing a failure. [ 61.649767][ T5166] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 61.662934][ T5166] CPU: 0 UID: 0 PID: 5166 Comm: syz.5.528 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 61.662967][ T5166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 61.662982][ T5166] Call Trace: [ 61.662990][ T5166] [ 61.662998][ T5166] dump_stack_lvl+0xf6/0x150 [ 61.663022][ T5166] dump_stack+0x15/0x1a [ 61.663088][ T5166] should_fail_ex+0x261/0x270 [ 61.663120][ T5166] should_fail+0xb/0x10 [ 61.663162][ T5166] should_fail_usercopy+0x1a/0x20 [ 61.663232][ T5166] strncpy_from_user+0x25/0x230 [ 61.663315][ T5166] ? getname_flags+0x81/0x3b0 [ 61.663341][ T5166] getname_flags+0xb0/0x3b0 [ 61.663401][ T5166] __x64_sys_unlinkat+0x75/0xb0 [ 61.663457][ T5166] x64_sys_call+0x237a/0x2e10 [ 61.663506][ T5166] do_syscall_64+0xc9/0x1c0 [ 61.663538][ T5166] ? clear_bhb_loop+0x25/0x80 [ 61.663559][ T5166] ? clear_bhb_loop+0x25/0x80 [ 61.663583][ T5166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.663615][ T5166] RIP: 0033:0x7fc0d370d169 [ 61.663633][ T5166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 61.663719][ T5166] RSP: 002b:00007fc0d1d6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 61.663737][ T5166] RAX: ffffffffffffffda RBX: 00007fc0d3925fa0 RCX: 00007fc0d370d169 [ 61.663766][ T5166] RDX: 0000000000000200 RSI: 0000000000000000 RDI: ffffffffffffffff [ 61.663777][ T5166] RBP: 00007fc0d1d6f090 R08: 0000000000000000 R09: 0000000000000000 [ 61.663790][ T5166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 61.663804][ T5166] R13: 0000000000000000 R14: 00007fc0d3925fa0 R15: 00007ffd4f6f6638 [ 61.663827][ T5166] [ 61.956301][ T5183] xt_hashlimit: size too large, truncated to 1048576 [ 61.963316][ T5183] xt_hashlimit: max too large, truncated to 1048576 [ 62.234048][ T5197] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 62.449650][ T5200] loop3: detected capacity change from 0 to 164 [ 62.478848][ T5215] SELinux: policydb table sizes (4376,4) do not match mine (6,7) [ 62.493288][ T5215] SELinux: failed to load policy [ 62.638853][ T5226] __nla_validate_parse: 15 callbacks suppressed [ 62.638908][ T5226] netlink: 32 bytes leftover after parsing attributes in process `syz.2.552'. [ 62.857294][ T5234] loop2: detected capacity change from 0 to 256 [ 62.951897][ T5237] netlink: 12 bytes leftover after parsing attributes in process `syz.1.556'. [ 63.129501][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.140050][ T5250] SELinux: policydb table sizes (4376,6) do not match mine (6,7) [ 63.157239][ T5250] SELinux: failed to load policy [ 63.261855][ T5264] SELinux: failed to load policy [ 63.284811][ T5267] SELinux: failed to load policy [ 63.292090][ T5264] can0: slcan on ptm0. [ 63.339036][ T5263] can0 (unregistered): slcan off ptm0. [ 63.436849][ T5279] SELinux: policydb table sizes (4376,6) do not match mine (6,7) [ 63.445694][ T5279] SELinux: failed to load policy [ 63.526296][ T5281] loop5: detected capacity change from 0 to 8192 [ 63.630626][ T5303] xt_hashlimit: size too large, truncated to 1048576 [ 63.637376][ T5303] xt_hashlimit: max too large, truncated to 1048576 [ 63.727547][ T5312] loop5: detected capacity change from 0 to 1024 [ 63.734859][ T5312] EXT4-fs: Ignoring removed oldalloc option [ 63.741249][ T5312] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 63.774266][ T5312] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.780908][ T29] kauditd_printk_skb: 652 callbacks suppressed [ 63.780926][ T29] audit: type=1326 audit(1744256240.546:3641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5317 comm="syz.2.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 63.830247][ T29] audit: type=1326 audit(1744256240.546:3642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5317 comm="syz.2.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 63.853778][ T29] audit: type=1326 audit(1744256240.546:3643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5317 comm="syz.2.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 63.877432][ T29] audit: type=1326 audit(1744256240.546:3644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5317 comm="syz.2.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 63.900826][ T29] audit: type=1326 audit(1744256240.546:3645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5317 comm="syz.2.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 63.924441][ T29] audit: type=1326 audit(1744256240.546:3646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5317 comm="syz.2.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 63.947818][ T29] audit: type=1326 audit(1744256240.546:3647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5317 comm="syz.2.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 63.971425][ T29] audit: type=1326 audit(1744256240.546:3648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5317 comm="syz.2.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 63.994797][ T29] audit: type=1326 audit(1744256240.546:3649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5317 comm="syz.2.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 64.018275][ T29] audit: type=1326 audit(1744256240.586:3650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5317 comm="syz.2.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 64.061473][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.096413][ T5333] loop5: detected capacity change from 0 to 2048 [ 64.116415][ T5333] EXT4-fs (loop5): failed to initialize system zone (-117) [ 64.124463][ T5333] EXT4-fs (loop5): mount failed [ 64.205839][ T5347] loop5: detected capacity change from 0 to 4096 [ 64.214575][ T5347] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.244809][ T5345] loop2: detected capacity change from 0 to 256 [ 64.359725][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.407554][ T5361] xt_hashlimit: size too large, truncated to 1048576 [ 64.412262][ T5357] loop5: detected capacity change from 0 to 4096 [ 64.414373][ T5361] xt_hashlimit: max too large, truncated to 1048576 [ 64.429537][ T5357] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.482102][ T5364] netlink: 12 bytes leftover after parsing attributes in process `syz.1.610'. [ 64.494002][ T5364] netlink: 60 bytes leftover after parsing attributes in process `syz.1.610'. [ 64.503073][ T5364] netlink: 60 bytes leftover after parsing attributes in process `syz.1.610'. [ 64.528140][ T5364] netlink: 60 bytes leftover after parsing attributes in process `syz.1.610'. [ 64.556346][ T5364] netlink: 60 bytes leftover after parsing attributes in process `syz.1.610'. [ 64.611909][ T5364] netlink: 60 bytes leftover after parsing attributes in process `syz.1.610'. [ 64.623406][ T5364] netlink: 60 bytes leftover after parsing attributes in process `syz.1.610'. [ 64.672027][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.008308][ T5399] netlink: 'syz.5.623': attribute type 2 has an invalid length. [ 65.016135][ T5399] netlink: 8 bytes leftover after parsing attributes in process `syz.5.623'. [ 65.032702][ T5395] loop4: detected capacity change from 0 to 8192 [ 65.054434][ T5402] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 65.064061][ T5402] SELinux: failed to load policy [ 65.110064][ T5406] loop3: detected capacity change from 0 to 2048 [ 65.128396][ T5408] loop5: detected capacity change from 0 to 2048 [ 65.218666][ T5414] xt_hashlimit: size too large, truncated to 1048576 [ 65.225552][ T5414] xt_hashlimit: max too large, truncated to 1048576 [ 65.237251][ T5418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 65.250695][ T5418] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 65.279383][ T5423] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 65.287972][ T5423] SELinux: failed to load policy [ 65.424370][ T5438] loop2: detected capacity change from 0 to 2048 [ 65.446846][ T5453] xt_hashlimit: size too large, truncated to 1048576 [ 65.453634][ T5453] xt_hashlimit: max too large, truncated to 1048576 [ 65.532803][ T5454] batadv0: entered promiscuous mode [ 65.545965][ T5454] batadv0: left promiscuous mode [ 65.661175][ T5492] FAULT_INJECTION: forcing a failure. [ 65.661175][ T5492] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 65.674387][ T5492] CPU: 1 UID: 0 PID: 5492 Comm: syz.4.651 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 65.674463][ T5492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 65.674530][ T5492] Call Trace: [ 65.674537][ T5492] [ 65.674545][ T5492] dump_stack_lvl+0xf6/0x150 [ 65.674568][ T5492] dump_stack+0x15/0x1a [ 65.674585][ T5492] should_fail_ex+0x261/0x270 [ 65.674629][ T5492] should_fail+0xb/0x10 [ 65.674656][ T5492] should_fail_usercopy+0x1a/0x20 [ 65.674737][ T5492] _copy_from_user+0x1c/0xa0 [ 65.674784][ T5492] copy_msghdr_from_user+0x54/0x2b0 [ 65.674885][ T5492] ? __fget_files+0x186/0x1c0 [ 65.674918][ T5492] __sys_sendmmsg+0x1eb/0x4b0 [ 65.674991][ T5492] __x64_sys_sendmmsg+0x57/0x70 [ 65.675026][ T5492] x64_sys_call+0x2b53/0x2e10 [ 65.675053][ T5492] do_syscall_64+0xc9/0x1c0 [ 65.675115][ T5492] ? clear_bhb_loop+0x25/0x80 [ 65.675158][ T5492] ? clear_bhb_loop+0x25/0x80 [ 65.675184][ T5492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.675211][ T5492] RIP: 0033:0x7fc9e88bd169 [ 65.675229][ T5492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.675250][ T5492] RSP: 002b:00007fc9e6f1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 65.675273][ T5492] RAX: ffffffffffffffda RBX: 00007fc9e8ad5fa0 RCX: 00007fc9e88bd169 [ 65.675293][ T5492] RDX: 0400000000000181 RSI: 00002000000030c0 RDI: 0000000000000003 [ 65.675308][ T5492] RBP: 00007fc9e6f1f090 R08: 0000000000000000 R09: 0000000000000000 [ 65.675364][ T5492] R10: 9200000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.675376][ T5492] R13: 0000000000000000 R14: 00007fc9e8ad5fa0 R15: 00007fff78327268 [ 65.675394][ T5492] [ 65.912915][ T5507] loop2: detected capacity change from 0 to 2048 [ 66.017328][ T5525] loop2: detected capacity change from 0 to 2048 [ 66.032518][ T5530] xt_hashlimit: size too large, truncated to 1048576 [ 66.039289][ T5530] xt_hashlimit: max too large, truncated to 1048576 [ 66.042398][ T5531] netlink: 'syz.5.656': attribute type 7 has an invalid length. [ 66.053680][ T5531] netlink: 'syz.5.656': attribute type 5 has an invalid length. [ 66.065036][ T5525] Alternate GPT is invalid, using primary GPT. [ 66.071418][ T5525] loop2: p2 p3 p7 [ 66.126459][ T5542] loop2: detected capacity change from 0 to 2048 [ 66.811878][ T5608] loop4: detected capacity change from 0 to 1024 [ 66.828626][ T5608] EXT4-fs: Ignoring removed oldalloc option [ 66.837189][ T5608] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 66.882580][ T5608] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.961849][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.054341][ T5627] loop5: detected capacity change from 0 to 512 [ 67.070546][ T5627] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 67.085147][ T5627] EXT4-fs (loop5): orphan cleanup on readonly fs [ 67.091709][ T5627] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 67.104467][ T5627] EXT4-fs (loop5): 1 truncate cleaned up [ 67.119220][ T5627] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 67.135445][ T5634] loop4: detected capacity change from 0 to 128 [ 67.162551][ T5634] EXT4-fs: Ignoring removed nobh option [ 67.208277][ T5634] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 67.240401][ T5634] ext4 filesystem being mounted at /118/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 67.325691][ T3302] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 67.389382][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.396673][ T5647] loop2: detected capacity change from 0 to 2048 [ 67.431441][ T5647] EXT4-fs (loop2): failed to initialize system zone (-117) [ 67.438910][ T5647] EXT4-fs (loop2): mount failed [ 67.460608][ T5649] bridge_slave_0: left allmulticast mode [ 67.466370][ T5649] bridge_slave_0: left promiscuous mode [ 67.472574][ T5649] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.484275][ T5653] FAULT_INJECTION: forcing a failure. [ 67.484275][ T5653] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 67.497435][ T5653] CPU: 1 UID: 0 PID: 5653 Comm: syz.5.689 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 67.497531][ T5653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 67.497547][ T5653] Call Trace: [ 67.497554][ T5653] [ 67.497563][ T5653] dump_stack_lvl+0xf6/0x150 [ 67.497587][ T5653] dump_stack+0x15/0x1a [ 67.497605][ T5653] should_fail_ex+0x261/0x270 [ 67.497640][ T5653] should_fail+0xb/0x10 [ 67.497704][ T5653] should_fail_usercopy+0x1a/0x20 [ 67.497801][ T5653] _copy_to_user+0x20/0xa0 [ 67.497842][ T5653] simple_read_from_buffer+0xb2/0x130 [ 67.497880][ T5653] proc_fail_nth_read+0x103/0x140 [ 67.497936][ T5653] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 67.497970][ T5653] vfs_read+0x1b2/0x710 [ 67.498082][ T5653] ? __rcu_read_unlock+0x4e/0x70 [ 67.498180][ T5653] ? __fget_files+0x186/0x1c0 [ 67.498202][ T5653] ksys_read+0xeb/0x1b0 [ 67.498232][ T5653] __x64_sys_read+0x42/0x50 [ 67.498272][ T5653] x64_sys_call+0x2a3b/0x2e10 [ 67.498300][ T5653] do_syscall_64+0xc9/0x1c0 [ 67.498336][ T5653] ? clear_bhb_loop+0x25/0x80 [ 67.498358][ T5653] ? clear_bhb_loop+0x25/0x80 [ 67.498381][ T5653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.498433][ T5653] RIP: 0033:0x7fc0d370bb7c [ 67.498449][ T5653] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 67.498466][ T5653] RSP: 002b:00007fc0d1d6f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 67.498486][ T5653] RAX: ffffffffffffffda RBX: 00007fc0d3925fa0 RCX: 00007fc0d370bb7c [ 67.498501][ T5653] RDX: 000000000000000f RSI: 00007fc0d1d6f0a0 RDI: 0000000000000006 [ 67.498516][ T5653] RBP: 00007fc0d1d6f090 R08: 0000000000000000 R09: 0000000000000000 [ 67.498532][ T5653] R10: 0000000000000086 R11: 0000000000000246 R12: 0000000000000001 [ 67.498546][ T5653] R13: 0000000000000000 R14: 00007fc0d3925fa0 R15: 00007ffd4f6f6638 [ 67.498666][ T5653] [ 67.731920][ T5649] bridge_slave_1: left allmulticast mode [ 67.737609][ T5649] bridge_slave_1: left promiscuous mode [ 67.743455][ T5649] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.772285][ T5649] bond0: (slave bond_slave_0): Releasing backup interface [ 67.792360][ T5649] bond0: (slave bond_slave_1): Releasing backup interface [ 67.812494][ T5649] team0: Port device team_slave_0 removed [ 67.823529][ T5661] SELinux: policydb table sizes (4376,-1) do not match mine (6,7) [ 67.833535][ T5661] SELinux: failed to load policy [ 67.841914][ T5649] team0: Port device team_slave_1 removed [ 67.865287][ T5649] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 67.872799][ T5649] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 67.890788][ T5649] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 67.898328][ T5649] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 67.933558][ T5661] __nla_validate_parse: 19 callbacks suppressed [ 67.933579][ T5661] netlink: 36 bytes leftover after parsing attributes in process `syz.1.693'. [ 67.952519][ T5663] pim6reg1: entered promiscuous mode [ 67.957860][ T5663] pim6reg1: entered allmulticast mode [ 68.056396][ T5673] loop5: detected capacity change from 0 to 1024 [ 68.099836][ T5673] EXT4-fs: Ignoring removed oldalloc option [ 68.124872][ T5673] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 68.161821][ T5673] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.191395][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.282627][ T5685] loop4: detected capacity change from 0 to 128 [ 68.299086][ T5685] EXT4-fs: Ignoring removed nobh option [ 68.335853][ T5685] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 68.359209][ T5685] ext4 filesystem being mounted at /124/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 68.390134][ T5685] netlink: 12 bytes leftover after parsing attributes in process `syz.4.701'. [ 68.402004][ T5693] loop5: detected capacity change from 0 to 2048 [ 68.434313][ T5685] netlink: 60 bytes leftover after parsing attributes in process `syz.4.701'. [ 68.468086][ T5685] netlink: 60 bytes leftover after parsing attributes in process `syz.4.701'. [ 68.498151][ T5685] netlink: 60 bytes leftover after parsing attributes in process `syz.4.701'. [ 68.507211][ T5685] netlink: 60 bytes leftover after parsing attributes in process `syz.4.701'. [ 68.552206][ T5701] pim6reg1: entered promiscuous mode [ 68.557621][ T5701] pim6reg1: entered allmulticast mode [ 68.569135][ T5685] netlink: 60 bytes leftover after parsing attributes in process `syz.4.701'. [ 68.588770][ T5685] netlink: 60 bytes leftover after parsing attributes in process `syz.4.701'. [ 68.616514][ T3302] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 68.648359][ T5707] loop2: detected capacity change from 0 to 1024 [ 68.664448][ T5707] EXT4-fs: Ignoring removed oldalloc option [ 68.674275][ T5707] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 68.717111][ T5707] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.771098][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.809119][ T5720] loop5: detected capacity change from 0 to 512 [ 68.821897][ T5723] loop4: detected capacity change from 0 to 512 [ 68.823909][ T5721] loop2: detected capacity change from 0 to 128 [ 68.828990][ T5723] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 68.839764][ T5720] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 68.851000][ T5721] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 68.860850][ T5723] EXT4-fs (loop4): orphan cleanup on readonly fs [ 68.867360][ T5723] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 68.878036][ T5721] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 68.880647][ T29] kauditd_printk_skb: 429 callbacks suppressed [ 68.880670][ T29] audit: type=1326 audit(1744256245.636:4080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.1.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 68.920728][ T5721] ext2 filesystem being mounted at /140/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 68.930628][ T5723] EXT4-fs (loop4): 1 truncate cleaned up [ 68.957258][ T29] audit: type=1326 audit(1744256245.686:4081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.1.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 68.981804][ T29] audit: type=1326 audit(1744256245.686:4082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.1.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 68.991153][ T5720] EXT4-fs (loop5): invalid journal inode [ 69.005299][ T29] audit: type=1326 audit(1744256245.686:4083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.1.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 69.034176][ T29] audit: type=1326 audit(1744256245.686:4084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.1.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 69.057658][ T29] audit: type=1326 audit(1744256245.686:4085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.1.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 69.081104][ T29] audit: type=1326 audit(1744256245.686:4086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.1.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 69.082063][ T5723] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 69.104425][ T29] audit: type=1326 audit(1744256245.686:4087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.1.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 69.117162][ T5720] EXT4-fs (loop5): can't get journal size [ 69.140123][ T29] audit: type=1326 audit(1744256245.686:4088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.1.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 69.172506][ T29] audit: type=1326 audit(1744256245.726:4089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.1.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 69.198371][ T5720] EXT4-fs (loop5): 1 truncate cleaned up [ 69.204647][ T5720] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.239121][ T5733] EXT4-fs error (device loop2): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.2.715: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1 [ 69.390425][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.530495][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.555187][ T5748] loop3: detected capacity change from 0 to 128 [ 69.565619][ T5748] EXT4-fs: Ignoring removed nobh option [ 69.577196][ T5748] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 69.611402][ T5757] loop4: detected capacity change from 0 to 2048 [ 69.630600][ T5748] ext4 filesystem being mounted at /158/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 69.647173][ T5748] netlink: 60 bytes leftover after parsing attributes in process `syz.3.725'. [ 69.664654][ T5757] EXT4-fs (loop4): failed to initialize system zone (-117) [ 69.666981][ T5748] netlink: 60 bytes leftover after parsing attributes in process `syz.3.725'. [ 69.681659][ T5757] EXT4-fs (loop4): mount failed [ 69.697263][ T5767] loop5: detected capacity change from 0 to 164 [ 69.714317][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 69.727145][ T5767] bio_check_eod: 1 callbacks suppressed [ 69.727165][ T5767] syz.5.733: attempt to access beyond end of device [ 69.727165][ T5767] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 69.747876][ T5767] syz.5.733: attempt to access beyond end of device [ 69.747876][ T5767] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 69.779735][ T5772] loop2: detected capacity change from 0 to 164 [ 69.782640][ T5774] SELinux: policydb table sizes (4376,-1) do not match mine (6,7) [ 69.798311][ T5774] SELinux: failed to load policy [ 69.804707][ T5772] syz.2.734: attempt to access beyond end of device [ 69.804707][ T5772] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 69.819232][ T3312] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 69.843925][ T5772] syz.2.734: attempt to access beyond end of device [ 69.843925][ T5772] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 69.892100][ T5772] FAULT_INJECTION: forcing a failure. [ 69.892100][ T5772] name failslab, interval 1, probability 0, space 0, times 0 [ 69.904951][ T5772] CPU: 0 UID: 0 PID: 5772 Comm: syz.2.734 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 69.904980][ T5772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 69.904992][ T5772] Call Trace: [ 69.904998][ T5772] [ 69.905005][ T5772] dump_stack_lvl+0xf6/0x150 [ 69.905029][ T5772] dump_stack+0x15/0x1a [ 69.905048][ T5772] should_fail_ex+0x261/0x270 [ 69.905088][ T5772] should_failslab+0x8f/0xb0 [ 69.905125][ T5772] __kvmalloc_node_noprof+0x12c/0x520 [ 69.905152][ T5772] ? io_sqe_buffers_register+0xe5/0x4f0 [ 69.905179][ T5772] io_sqe_buffers_register+0xe5/0x4f0 [ 69.905282][ T5772] __se_sys_io_uring_register+0xb04/0x1f50 [ 69.905307][ T5772] ? kstrtouint_from_user+0xbf/0x100 [ 69.905339][ T5772] ? 0xffffffff81000000 [ 69.905355][ T5772] ? __rcu_read_unlock+0x4e/0x70 [ 69.905389][ T5772] ? get_pid_task+0x94/0xd0 [ 69.905475][ T5772] ? proc_fail_nth_write+0x12d/0x160 [ 69.905528][ T5772] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 69.905563][ T5772] ? vfs_write+0x669/0x950 [ 69.905590][ T5772] ? putname+0xe1/0x100 [ 69.905609][ T5772] ? __fget_files+0x186/0x1c0 [ 69.905628][ T5772] ? fput+0x99/0xd0 [ 69.905760][ T5772] ? ksys_write+0x180/0x1b0 [ 69.905914][ T5772] __x64_sys_io_uring_register+0x55/0x70 [ 69.905939][ T5772] x64_sys_call+0xb9d/0x2e10 [ 69.905965][ T5772] do_syscall_64+0xc9/0x1c0 [ 69.906000][ T5772] ? clear_bhb_loop+0x25/0x80 [ 69.906027][ T5772] ? clear_bhb_loop+0x25/0x80 [ 69.906076][ T5772] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.906100][ T5772] RIP: 0033:0x7ff504fdd169 [ 69.906134][ T5772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.906155][ T5772] RSP: 002b:00007ff50363f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 69.906176][ T5772] RAX: ffffffffffffffda RBX: 00007ff5051f5fa0 RCX: 00007ff504fdd169 [ 69.906190][ T5772] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 000000000000000b [ 69.906204][ T5772] RBP: 00007ff50363f090 R08: 0000000000000000 R09: 0000000000000000 [ 69.906218][ T5772] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000001 [ 69.906232][ T5772] R13: 0000000000000000 R14: 00007ff5051f5fa0 R15: 00007ffcc0a80af8 [ 69.906254][ T5772] [ 70.233024][ T5798] loop2: detected capacity change from 0 to 2048 [ 70.324557][ T5798] Alternate GPT is invalid, using primary GPT. [ 70.331069][ T5798] loop2: p2 p3 p7 [ 70.423716][ T5822] loop3: detected capacity change from 0 to 128 [ 70.439254][ T5822] EXT4-fs: Ignoring removed nobh option [ 70.447023][ T5822] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 70.460736][ T5822] ext4 filesystem being mounted at /163/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 70.500444][ T3312] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 70.534584][ T5835] FAULT_INJECTION: forcing a failure. [ 70.534584][ T5835] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 70.547835][ T5835] CPU: 0 UID: 0 PID: 5835 Comm: syz.5.761 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 70.547868][ T5835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 70.547888][ T5835] Call Trace: [ 70.547920][ T5835] [ 70.547929][ T5835] dump_stack_lvl+0xf6/0x150 [ 70.547970][ T5835] dump_stack+0x15/0x1a [ 70.547992][ T5835] should_fail_ex+0x261/0x270 [ 70.548023][ T5835] should_fail+0xb/0x10 [ 70.548048][ T5835] should_fail_usercopy+0x1a/0x20 [ 70.548111][ T5835] _copy_from_user+0x1c/0xa0 [ 70.548144][ T5835] copy_msghdr_from_user+0x54/0x2b0 [ 70.548185][ T5835] ? __fget_files+0x186/0x1c0 [ 70.548208][ T5835] __sys_sendmsg+0x141/0x240 [ 70.548451][ T5835] __x64_sys_sendmsg+0x46/0x50 [ 70.548483][ T5835] x64_sys_call+0x26f3/0x2e10 [ 70.548511][ T5835] do_syscall_64+0xc9/0x1c0 [ 70.548617][ T5835] ? clear_bhb_loop+0x25/0x80 [ 70.548639][ T5835] ? clear_bhb_loop+0x25/0x80 [ 70.548663][ T5835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.548696][ T5835] RIP: 0033:0x7fc0d370d169 [ 70.548713][ T5835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.548803][ T5835] RSP: 002b:00007fc0d1d6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 70.548893][ T5835] RAX: ffffffffffffffda RBX: 00007fc0d3925fa0 RCX: 00007fc0d370d169 [ 70.548907][ T5835] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 70.548919][ T5835] RBP: 00007fc0d1d6f090 R08: 0000000000000000 R09: 0000000000000000 [ 70.548933][ T5835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.548947][ T5835] R13: 0000000000000000 R14: 00007fc0d3925fa0 R15: 00007ffd4f6f6638 [ 70.548968][ T5835] [ 70.776883][ T5844] loop4: detected capacity change from 0 to 2048 [ 70.814355][ T5850] batadv0: entered promiscuous mode [ 70.821393][ T5841] loop3: detected capacity change from 0 to 256 [ 70.833337][ T5844] Alternate GPT is invalid, using primary GPT. [ 70.839796][ T5844] loop4: p2 p3 p7 [ 70.848955][ T5850] batadv0: left promiscuous mode [ 70.893767][ T5854] loop2: detected capacity change from 0 to 4096 [ 70.911225][ T5854] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.989885][ T5865] loop5: detected capacity change from 0 to 1024 [ 71.016066][ T5865] EXT4-fs: Ignoring removed oldalloc option [ 71.036042][ T5865] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 71.067032][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.084330][ T5865] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.165901][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.237909][ T5901] loop2: detected capacity change from 0 to 4096 [ 71.247992][ T5901] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 71.296607][ T5904] loop4: detected capacity change from 0 to 4096 [ 71.314200][ T5904] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 71.478568][ T5926] SELinux: policydb table sizes (4376,-1) do not match mine (6,7) [ 71.486716][ T5927] loop4: detected capacity change from 0 to 1024 [ 71.513634][ T5926] SELinux: failed to load policy [ 71.532716][ T5927] EXT4-fs: Ignoring removed oldalloc option [ 71.548437][ T5936] xt_hashlimit: size too large, truncated to 1048576 [ 71.550326][ T5927] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 71.555443][ T5936] xt_hashlimit: max too large, truncated to 1048576 [ 71.621497][ T5927] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.668173][ T5954] loop2: detected capacity change from 0 to 2048 [ 71.669486][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.726830][ T5954] Alternate GPT is invalid, using primary GPT. [ 71.727866][ T5962] loop3: detected capacity change from 0 to 2048 [ 71.733184][ T5954] loop2: p2 p3 p7 [ 71.780625][ T5967] loop5: detected capacity change from 0 to 128 [ 71.787131][ T5967] EXT4-fs: Ignoring removed nobh option [ 71.820451][ T5967] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 71.834949][ T5967] ext4 filesystem being mounted at /161/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 71.964500][ T3526] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 72.096061][ T6003] loop3: detected capacity change from 0 to 2048 [ 72.111165][ T6005] SELinux: policydb table sizes (4376,-1) do not match mine (6,7) [ 72.120095][ T6005] SELinux: failed to load policy [ 72.153244][ T6001] loop4: detected capacity change from 0 to 2048 [ 72.183691][ T6009] loop5: detected capacity change from 0 to 512 [ 73.055691][ T6009] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 73.073149][ T6009] EXT4-fs (loop5): orphan cleanup on readonly fs [ 73.081151][ T6009] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.830: Failed to acquire dquot type 1 [ 73.095578][ T6009] EXT4-fs (loop5): 1 truncate cleaned up [ 73.106567][ T6009] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 73.271666][ T6049] loop3: detected capacity change from 0 to 128 [ 73.457431][ T6049] EXT4-fs: Ignoring removed nobh option [ 73.470229][ T6049] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 73.497226][ T6049] ext4 filesystem being mounted at /170/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 73.517102][ T6057] loop4: detected capacity change from 0 to 2048 [ 73.528391][ T6049] __nla_validate_parse: 18 callbacks suppressed [ 73.528411][ T6049] netlink: 60 bytes leftover after parsing attributes in process `syz.3.837'. [ 73.556425][ T6049] netlink: 60 bytes leftover after parsing attributes in process `syz.3.837'. [ 73.597567][ T6049] netlink: 60 bytes leftover after parsing attributes in process `syz.3.837'. [ 73.613149][ T6049] netlink: 60 bytes leftover after parsing attributes in process `syz.3.837'. [ 73.692030][ T6049] netlink: 60 bytes leftover after parsing attributes in process `syz.3.837'. [ 73.705976][ T6049] netlink: 60 bytes leftover after parsing attributes in process `syz.3.837'. [ 73.767301][ T3312] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.906384][ T6074] loop4: detected capacity change from 0 to 2048 [ 74.020159][ T29] kauditd_printk_skb: 612 callbacks suppressed [ 74.020253][ T29] audit: type=1326 audit(1744256250.776:4700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.1.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 74.049837][ T29] audit: type=1326 audit(1744256250.776:4701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.1.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 74.073221][ T29] audit: type=1326 audit(1744256250.776:4702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.1.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 74.096609][ T29] audit: type=1326 audit(1744256250.776:4703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.1.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 74.130669][ T6109] SELinux: policydb table sizes (4376,-1) do not match mine (6,7) [ 74.145841][ T6109] SELinux: failed to load policy [ 74.151377][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.155399][ T6109] netlink: 36 bytes leftover after parsing attributes in process `syz.2.852'. [ 74.172991][ T6111] loop3: detected capacity change from 0 to 128 [ 74.179568][ T6111] EXT4-fs: Ignoring removed nobh option [ 74.219062][ T6115] loop5: detected capacity change from 0 to 1024 [ 74.219640][ T6111] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 74.225865][ T6115] EXT4-fs: Ignoring removed oldalloc option [ 74.245004][ T6115] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 74.256067][ T6111] ext4 filesystem being mounted at /171/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 74.267049][ T29] audit: type=1326 audit(1744256251.036:4704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6116 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 74.290523][ T29] audit: type=1326 audit(1744256251.036:4705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6116 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 74.301663][ T6111] netlink: 12 bytes leftover after parsing attributes in process `syz.3.849'. [ 74.315701][ T29] audit: type=1326 audit(1744256251.036:4706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6116 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 74.346250][ T29] audit: type=1326 audit(1744256251.036:4707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6116 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 74.369716][ T29] audit: type=1326 audit(1744256251.036:4708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6116 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 74.393066][ T29] audit: type=1326 audit(1744256251.036:4709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6116 comm="syz.2.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7ff504fdd169 code=0x7ffc0000 [ 74.400291][ T6118] loop2: detected capacity change from 0 to 2048 [ 74.425484][ T6115] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.473524][ T3312] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 74.493503][ T6118] Alternate GPT is invalid, using primary GPT. [ 74.500038][ T6118] loop2: p2 p3 p7 [ 74.508158][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.538315][ T6130] loop3: detected capacity change from 0 to 2048 [ 74.561293][ T6130] EXT4-fs (loop3): failed to initialize system zone (-117) [ 74.569062][ T6130] EXT4-fs (loop3): mount failed [ 74.623147][ T6150] SELinux: policydb table sizes (4376,-1) do not match mine (6,7) [ 74.636500][ T6150] SELinux: failed to load policy [ 74.649679][ T6150] netlink: 36 bytes leftover after parsing attributes in process `syz.2.865'. [ 74.700868][ T6161] netlink: 'syz.3.866': attribute type 7 has an invalid length. [ 74.708572][ T6161] netlink: 'syz.3.866': attribute type 5 has an invalid length. [ 74.716307][ T6161] netlink: 17 bytes leftover after parsing attributes in process `syz.3.866'. [ 74.737852][ T6158] loop2: detected capacity change from 0 to 8192 [ 74.843851][ T6180] loop2: detected capacity change from 0 to 128 [ 74.850626][ T6180] EXT4-fs: Ignoring removed nobh option [ 74.868383][ T6180] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 74.893585][ T6180] ext4 filesystem being mounted at /173/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 74.930892][ T6193] loop5: detected capacity change from 0 to 512 [ 74.953474][ T6193] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 74.996186][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 75.007614][ T6193] EXT4-fs (loop5): 1 truncate cleaned up [ 75.015463][ T6193] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.042343][ T6208] loop2: detected capacity change from 0 to 1024 [ 75.050634][ T6208] EXT4-fs: Ignoring removed oldalloc option [ 75.057105][ T6208] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 75.072003][ T6208] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.126513][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.136362][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.185067][ T6232] loop5: detected capacity change from 0 to 2048 [ 75.198355][ T6236] loop2: detected capacity change from 0 to 1024 [ 75.205300][ T6236] EXT4-fs: Ignoring removed oldalloc option [ 75.211764][ T6236] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 75.243154][ T6232] Alternate GPT is invalid, using primary GPT. [ 75.247988][ T6236] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.249826][ T6232] loop5: p2 p3 p7 [ 75.285953][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.321588][ T6254] SELinux: policydb table sizes (4376,-1) do not match mine (6,7) [ 75.332670][ T6254] SELinux: failed to load policy [ 75.365076][ T6262] xt_hashlimit: size too large, truncated to 1048576 [ 75.371871][ T6262] xt_hashlimit: max too large, truncated to 1048576 [ 75.586380][ T6299] loop4: detected capacity change from 0 to 1024 [ 75.604450][ T6299] EXT4-fs: Ignoring removed oldalloc option [ 75.614082][ T6299] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 75.634744][ T6299] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.674977][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.702508][ T6311] loop5: detected capacity change from 0 to 2048 [ 75.732063][ T6311] EXT4-fs (loop5): failed to initialize system zone (-117) [ 75.752954][ T6321] pim6reg1: entered promiscuous mode [ 75.758301][ T6321] pim6reg1: entered allmulticast mode [ 75.764060][ T6311] EXT4-fs (loop5): mount failed [ 75.825132][ T6327] loop4: detected capacity change from 0 to 2048 [ 75.866569][ T6327] EXT4-fs (loop4): failed to initialize system zone (-117) [ 75.874654][ T6327] EXT4-fs (loop4): mount failed [ 75.940621][ T6348] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 75.948437][ T6348] SELinux: failed to load policy [ 75.970076][ T6345] loop5: detected capacity change from 0 to 256 [ 75.974306][ T6352] loop4: detected capacity change from 0 to 1024 [ 75.985784][ T6352] EXT4-fs: Ignoring removed oldalloc option [ 75.992202][ T6352] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 76.019980][ T6356] pim6reg1: entered promiscuous mode [ 76.025379][ T6356] pim6reg1: entered allmulticast mode [ 76.033608][ T6352] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.061302][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.178565][ T6377] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 76.187128][ T6377] SELinux: failed to load policy [ 76.195267][ T6371] loop4: detected capacity change from 0 to 2048 [ 76.230304][ T6381] loop2: detected capacity change from 0 to 2048 [ 76.298150][ T6385] loop5: detected capacity change from 0 to 256 [ 76.396470][ T6404] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 76.404884][ T6404] SELinux: failed to load policy [ 76.455621][ T6410] loop2: detected capacity change from 0 to 512 [ 76.490842][ T6410] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 76.540586][ T6410] EXT4-fs (loop2): 1 truncate cleaned up [ 76.546720][ T6410] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.693210][ T6440] loop5: detected capacity change from 0 to 512 [ 76.693643][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.714391][ T6441] loop4: detected capacity change from 0 to 256 [ 76.723038][ T6440] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 76.747487][ T6446] FAULT_INJECTION: forcing a failure. [ 76.747487][ T6446] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 76.760661][ T6446] CPU: 1 UID: 0 PID: 6446 Comm: syz.1.947 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 76.760730][ T6446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 76.760745][ T6446] Call Trace: [ 76.760753][ T6446] [ 76.760761][ T6446] dump_stack_lvl+0xf6/0x150 [ 76.760788][ T6446] dump_stack+0x15/0x1a [ 76.760808][ T6446] should_fail_ex+0x261/0x270 [ 76.760897][ T6446] should_fail+0xb/0x10 [ 76.760922][ T6446] should_fail_usercopy+0x1a/0x20 [ 76.760969][ T6446] _copy_to_user+0x20/0xa0 [ 76.761005][ T6446] simple_read_from_buffer+0xb2/0x130 [ 76.761156][ T6446] proc_fail_nth_read+0x103/0x140 [ 76.761181][ T6446] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 76.761255][ T6446] vfs_read+0x1b2/0x710 [ 76.761281][ T6446] ? __rcu_read_unlock+0x4e/0x70 [ 76.761319][ T6446] ? __fget_files+0x186/0x1c0 [ 76.761344][ T6446] ksys_read+0xeb/0x1b0 [ 76.761385][ T6446] __x64_sys_read+0x42/0x50 [ 76.761463][ T6446] x64_sys_call+0x2a3b/0x2e10 [ 76.761491][ T6446] do_syscall_64+0xc9/0x1c0 [ 76.761526][ T6446] ? clear_bhb_loop+0x25/0x80 [ 76.761547][ T6446] ? clear_bhb_loop+0x25/0x80 [ 76.761575][ T6446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.761600][ T6446] RIP: 0033:0x7f487947bb7c [ 76.761618][ T6446] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 76.761680][ T6446] RSP: 002b:00007f4877adf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 76.761701][ T6446] RAX: ffffffffffffffda RBX: 00007f4879695fa0 RCX: 00007f487947bb7c [ 76.761715][ T6446] RDX: 000000000000000f RSI: 00007f4877adf0a0 RDI: 0000000000000005 [ 76.761729][ T6446] RBP: 00007f4877adf090 R08: 0000000000000000 R09: 0000000000000000 [ 76.761790][ T6446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.761804][ T6446] R13: 0000000000000000 R14: 00007f4879695fa0 R15: 00007ffd22625868 [ 76.761826][ T6446] [ 76.771625][ T6449] loop3: detected capacity change from 0 to 128 [ 76.808269][ T6440] EXT4-fs (loop5): orphan cleanup on readonly fs [ 76.847828][ T6449] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 76.869448][ T6440] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 76.881513][ T6449] ext4 filesystem being mounted at /179/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 76.924014][ T6440] EXT4-fs (loop5): 1 truncate cleaned up [ 77.014137][ T6440] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 77.017629][ T6449] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 77.117359][ T6475] loop3: detected capacity change from 0 to 2048 [ 77.163381][ T6490] loop4: detected capacity change from 0 to 512 [ 77.192234][ T6475] Alternate GPT is invalid, using primary GPT. [ 77.198762][ T6475] loop3: p2 p3 p7 [ 77.248641][ T3526] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.281632][ T6490] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 77.329566][ T6490] EXT4-fs (loop4): 1 truncate cleaned up [ 77.335746][ T6490] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.353956][ T6517] loop5: detected capacity change from 0 to 256 [ 77.396044][ T6518] loop3: detected capacity change from 0 to 4096 [ 77.422973][ T6518] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.484617][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.503306][ T6549] FAULT_INJECTION: forcing a failure. [ 77.503306][ T6549] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.516471][ T6549] CPU: 1 UID: 0 PID: 6549 Comm: syz.4.963 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 77.516505][ T6549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 77.516520][ T6549] Call Trace: [ 77.516528][ T6549] [ 77.516537][ T6549] dump_stack_lvl+0xf6/0x150 [ 77.516602][ T6549] dump_stack+0x15/0x1a [ 77.516624][ T6549] should_fail_ex+0x261/0x270 [ 77.516724][ T6549] should_fail+0xb/0x10 [ 77.516752][ T6549] should_fail_usercopy+0x1a/0x20 [ 77.516837][ T6549] _copy_from_iter+0xd8/0xd10 [ 77.516867][ T6549] ? kmalloc_reserve+0x16e/0x190 [ 77.516889][ T6549] ? __build_skb_around+0x199/0x1f0 [ 77.516996][ T6549] ? __alloc_skb+0x227/0x320 [ 77.517035][ T6549] ? __virt_addr_valid+0x1ed/0x250 [ 77.517084][ T6549] ? __check_object_size+0x367/0x510 [ 77.517111][ T6549] netlink_sendmsg+0x492/0x720 [ 77.517145][ T6549] ? __pfx_netlink_sendmsg+0x10/0x10 [ 77.517176][ T6549] __sock_sendmsg+0x140/0x180 [ 77.517290][ T6549] sock_write_iter+0x186/0x1c0 [ 77.517333][ T6549] do_iter_readv_writev+0x40d/0x4b0 [ 77.517376][ T6549] vfs_writev+0x2da/0x880 [ 77.517400][ T6549] ? get_pid_task+0x94/0xd0 [ 77.517479][ T6549] do_writev+0xf7/0x230 [ 77.517506][ T6549] __x64_sys_writev+0x45/0x50 [ 77.517539][ T6549] x64_sys_call+0x1d68/0x2e10 [ 77.517630][ T6549] do_syscall_64+0xc9/0x1c0 [ 77.517668][ T6549] ? clear_bhb_loop+0x25/0x80 [ 77.517695][ T6549] ? clear_bhb_loop+0x25/0x80 [ 77.517722][ T6549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.517749][ T6549] RIP: 0033:0x7fc9e88bd169 [ 77.517767][ T6549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.517821][ T6549] RSP: 002b:00007fc9e6f1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 77.517875][ T6549] RAX: ffffffffffffffda RBX: 00007fc9e8ad5fa0 RCX: 00007fc9e88bd169 [ 77.517890][ T6549] RDX: 0000000000000001 RSI: 00002000000002c0 RDI: 0000000000000004 [ 77.517905][ T6549] RBP: 00007fc9e6f1f090 R08: 0000000000000000 R09: 0000000000000000 [ 77.517919][ T6549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.517934][ T6549] R13: 0000000000000000 R14: 00007fc9e8ad5fa0 R15: 00007fff78327268 [ 77.517955][ T6549] [ 77.873528][ T6575] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 77.882833][ T6575] SELinux: failed to load policy [ 77.883833][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.920311][ T6577] loop4: detected capacity change from 0 to 2048 [ 77.933897][ T6572] syz.5.964 (6572) used greatest stack depth: 9056 bytes left [ 77.942427][ T6577] Alternate GPT is invalid, using primary GPT. [ 77.948909][ T6577] loop4: p2 p3 p7 [ 78.015061][ T6593] loop5: detected capacity change from 0 to 256 [ 78.073878][ T6597] loop3: detected capacity change from 0 to 8192 [ 78.168047][ T6628] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 78.176014][ T6628] SELinux: failed to load policy [ 78.234915][ T6603] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 78.265249][ T6603] usb usb1: usbfs: process 6603 (syz.4.977) did not claim interface 0 before use [ 78.296426][ T6603] loop4: detected capacity change from 0 to 512 [ 78.308929][ T6603] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 78.314511][ T6657] loop3: detected capacity change from 0 to 2048 [ 78.360128][ T6603] EXT4-fs (loop4): 1 truncate cleaned up [ 78.366422][ T6603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.380668][ T6657] Alternate GPT is invalid, using primary GPT. [ 78.387070][ T6657] loop3: p2 p3 p7 [ 78.415744][ T6672] hugetlbfs: gtp (6672): Using mlock ulimits for SHM_HUGETLB is obsolete [ 78.452655][ T6676] pim6reg1: entered promiscuous mode [ 78.458028][ T6676] pim6reg1: entered allmulticast mode [ 78.479941][ T6683] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 78.487645][ T6683] SELinux: failed to load policy [ 78.534424][ T6685] loop5: detected capacity change from 0 to 256 [ 78.558934][ T6696] loop3: detected capacity change from 0 to 128 [ 78.565615][ T6696] EXT4-fs: Ignoring removed nobh option [ 78.574357][ T6696] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 78.587658][ T6696] ext4 filesystem being mounted at /193/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 78.635539][ T3312] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 78.749231][ T6711] loop3: detected capacity change from 0 to 2048 [ 78.789962][ T6721] loop5: detected capacity change from 0 to 2048 [ 78.824362][ T6711] Alternate GPT is invalid, using primary GPT. [ 78.830775][ T6711] loop3: p2 p3 p7 [ 78.935850][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.989723][ T6747] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 79.021806][ T6750] loop2: detected capacity change from 0 to 2048 [ 79.029498][ T6751] loop4: detected capacity change from 0 to 4096 [ 79.036000][ T6747] SELinux: failed to load policy [ 79.037025][ T6755] __nla_validate_parse: 21 callbacks suppressed [ 79.037044][ T6755] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1004'. [ 79.056988][ T6751] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 79.082183][ T29] kauditd_printk_skb: 526 callbacks suppressed [ 79.082200][ T29] audit: type=1400 audit(1744256255.846:5236): avc: denied { create } for pid=6756 comm="syz.1.1005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 79.083476][ T6750] Alternate GPT is invalid, using primary GPT. [ 79.111818][ T29] audit: type=1400 audit(1744256255.876:5237): avc: denied { write } for pid=6760 comm="syz.5.1009" name="001" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 79.114275][ T6750] loop2: p2 p3 p7 [ 79.156172][ T6761] loop5: detected capacity change from 0 to 256 [ 79.168868][ T29] audit: type=1400 audit(1744256255.906:5238): avc: denied { setopt } for pid=6756 comm="syz.1.1005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 79.188528][ T29] audit: type=1400 audit(1744256255.916:5239): avc: denied { allowed } for pid=6760 comm="syz.5.1009" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 79.207932][ T29] audit: type=1400 audit(1744256255.916:5240): avc: denied { create } for pid=6760 comm="syz.5.1009" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 79.225010][ T6765] loop3: detected capacity change from 0 to 2048 [ 79.229247][ T29] audit: type=1400 audit(1744256255.916:5241): avc: denied { map } for pid=6760 comm="syz.5.1009" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13270 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 79.229357][ T29] audit: type=1400 audit(1744256255.916:5242): avc: denied { read write } for pid=6760 comm="syz.5.1009" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13270 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 79.255584][ T29] audit: type=1400 audit(1744256256.016:5243): avc: denied { name_bind } for pid=6760 comm="syz.5.1009" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 79.301659][ T6769] loop4: detected capacity change from 0 to 2048 [ 79.306671][ T29] audit: type=1400 audit(1744256256.016:5244): avc: denied { node_bind } for pid=6760 comm="syz.5.1009" saddr=224.0.0.1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 79.337154][ T29] audit: type=1400 audit(1744256256.056:5245): avc: denied { create } for pid=6768 comm="syz.4.1013" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 79.384507][ T6765] Alternate GPT is invalid, using primary GPT. [ 79.390890][ T6765] loop3: p2 p3 p7 [ 79.392010][ T6774] loop5: detected capacity change from 0 to 2048 [ 79.398215][ T6769] EXT4-fs (loop4): failed to initialize system zone (-117) [ 79.408451][ T6769] EXT4-fs (loop4): mount failed [ 79.424382][ T6776] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1015'. [ 79.449673][ T6774] EXT4-fs (loop5): failed to initialize system zone (-117) [ 79.449748][ T6776] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1015'. [ 79.457386][ T6778] loop4: detected capacity change from 0 to 2048 [ 79.474724][ T6774] EXT4-fs (loop5): mount failed [ 79.512348][ T6776] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1015'. [ 79.564464][ T6776] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1015'. [ 79.578102][ T6788] bridge0: entered promiscuous mode [ 79.590279][ T6788] bridge0: port 4(macsec1) entered blocking state [ 79.596787][ T6788] bridge0: port 4(macsec1) entered disabled state [ 79.617273][ T6794] loop4: detected capacity change from 0 to 4096 [ 79.623774][ T6776] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1015'. [ 79.638730][ T6788] macsec1: entered allmulticast mode [ 79.644262][ T6788] bridge0: entered allmulticast mode [ 79.651006][ T6788] macsec1: left allmulticast mode [ 79.656115][ T6788] bridge0: left allmulticast mode [ 79.662543][ T6788] bridge0: left promiscuous mode [ 79.668162][ T6794] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.692899][ T6776] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1015'. [ 79.706776][ T6776] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1015'. [ 79.729205][ T6807] loop5: detected capacity change from 0 to 2048 [ 79.767275][ T6807] EXT4-fs (loop5): failed to initialize system zone (-117) [ 79.774736][ T6807] EXT4-fs (loop5): mount failed [ 79.829799][ T6815] loop3: detected capacity change from 0 to 512 [ 79.844278][ T6819] loop5: detected capacity change from 0 to 1024 [ 79.850694][ T6815] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 79.868308][ T6819] EXT4-fs: Ignoring removed oldalloc option [ 79.875706][ T6819] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 79.887639][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.898119][ T6815] EXT4-fs (loop3): 1 truncate cleaned up [ 79.912195][ T6819] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.949890][ T6826] loop4: detected capacity change from 0 to 2048 [ 80.137867][ T6849] loop3: detected capacity change from 0 to 4096 [ 80.140821][ T6856] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1046'. [ 80.153407][ T6856] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1046'. [ 80.162873][ T6849] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities [ 80.173360][ T6848] loop5: detected capacity change from 0 to 4096 [ 80.304750][ T6871] loop4: detected capacity change from 0 to 1024 [ 80.365888][ T6871] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt. [ 80.488835][ T6878] loop3: detected capacity change from 0 to 512 [ 80.507605][ T6878] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 80.527084][ T6878] EXT4-fs (loop3): 1 truncate cleaned up [ 80.575306][ T6893] loop4: detected capacity change from 0 to 128 [ 80.582105][ T6893] EXT4-fs: Ignoring removed nobh option [ 80.591130][ T6893] ext4 filesystem being mounted at /201/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 80.693721][ T6910] loop4: detected capacity change from 0 to 1024 [ 80.700862][ T6910] EXT4-fs: Ignoring removed oldalloc option [ 80.707468][ T6910] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 80.726816][ T6911] loop3: detected capacity change from 0 to 2048 [ 80.805228][ T6921] loop4: detected capacity change from 0 to 128 [ 80.812027][ T6921] EXT4-fs: Ignoring removed nobh option [ 80.830001][ T6921] ext4 filesystem being mounted at /206/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 80.847346][ T6926] loop3: detected capacity change from 0 to 128 [ 80.853918][ T6926] EXT4-fs: Ignoring removed nobh option [ 80.862389][ T6926] ext4 filesystem being mounted at /212/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 81.010205][ T6950] FAULT_INJECTION: forcing a failure. [ 81.010205][ T6950] name failslab, interval 1, probability 0, space 0, times 0 [ 81.022982][ T6950] CPU: 0 UID: 0 PID: 6950 Comm: syz.1.1080 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 81.023016][ T6950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 81.023040][ T6950] Call Trace: [ 81.023047][ T6950] [ 81.023056][ T6950] dump_stack_lvl+0xf6/0x150 [ 81.023085][ T6950] dump_stack+0x15/0x1a [ 81.023103][ T6950] should_fail_ex+0x261/0x270 [ 81.023131][ T6950] should_failslab+0x8f/0xb0 [ 81.023217][ T6950] kmem_cache_alloc_lru_noprof+0x5e/0x330 [ 81.023245][ T6950] ? shmem_alloc_inode+0x34/0x50 [ 81.023348][ T6950] shmem_alloc_inode+0x34/0x50 [ 81.023370][ T6950] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 81.023393][ T6950] alloc_inode+0x40/0x170 [ 81.023454][ T6950] new_inode+0x1e/0xe0 [ 81.023476][ T6950] shmem_get_inode+0x24e/0x730 [ 81.023520][ T6950] __shmem_file_setup+0x127/0x1f0 [ 81.023558][ T6950] shmem_file_setup+0x3b/0x50 [ 81.023632][ T6950] __se_sys_memfd_create+0x2e1/0x5a0 [ 81.023665][ T6950] __x64_sys_memfd_create+0x31/0x40 [ 81.023752][ T6950] x64_sys_call+0x1163/0x2e10 [ 81.023776][ T6950] do_syscall_64+0xc9/0x1c0 [ 81.023810][ T6950] ? clear_bhb_loop+0x25/0x80 [ 81.023837][ T6950] ? clear_bhb_loop+0x25/0x80 [ 81.023918][ T6950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.023945][ T6950] RIP: 0033:0x7f487947d169 [ 81.023964][ T6950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.023986][ T6950] RSP: 002b:00007f4877adee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 81.024004][ T6950] RAX: ffffffffffffffda RBX: 0000000000000474 RCX: 00007f487947d169 [ 81.024086][ T6950] RDX: 00007f4877adeef0 RSI: 0000000000000000 RDI: 00007f48794ff0cc [ 81.024140][ T6950] RBP: 00002000000004c0 R08: 00007f4877adebb7 R09: 00007f4877adee40 [ 81.024152][ T6950] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000480 [ 81.024165][ T6950] R13: 00007f4877adeef0 R14: 00007f4877adeeb0 R15: 0000200000000140 [ 81.024185][ T6950] [ 81.379067][ T6967] loop2: detected capacity change from 0 to 1024 [ 81.385996][ T6970] loop5: detected capacity change from 0 to 4096 [ 81.397882][ T6967] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1087: Failed to acquire dquot type 0 [ 81.414458][ T6970] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities [ 81.444336][ T6967] EXT4-fs (loop2): 1 truncate cleaned up [ 81.569112][ T6989] loop3: detected capacity change from 0 to 512 [ 81.584727][ T6989] EXT4-fs: Mount option(s) incompatible with ext3 [ 81.630820][ T6999] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 81.639509][ T7001] FAULT_INJECTION: forcing a failure. [ 81.639509][ T7001] name failslab, interval 1, probability 0, space 0, times 0 [ 81.648887][ T6999] SELinux: failed to load policy [ 81.652317][ T7001] CPU: 1 UID: 0 PID: 7001 Comm: syz.4.1100 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 81.652391][ T7001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 81.652409][ T7001] Call Trace: [ 81.652416][ T7001] [ 81.652424][ T7001] dump_stack_lvl+0xf6/0x150 [ 81.652454][ T7001] dump_stack+0x15/0x1a [ 81.652476][ T7001] should_fail_ex+0x261/0x270 [ 81.652511][ T7001] should_failslab+0x8f/0xb0 [ 81.652582][ T7001] kmem_cache_alloc_node_noprof+0x5c/0x340 [ 81.652611][ T7001] ? __alloc_skb+0x10d/0x320 [ 81.652642][ T7001] __alloc_skb+0x10d/0x320 [ 81.652671][ T7001] netlink_alloc_large_skb+0xad/0xe0 [ 81.652718][ T7001] netlink_sendmsg+0x3da/0x720 [ 81.652754][ T7001] ? __pfx_netlink_sendmsg+0x10/0x10 [ 81.652842][ T7001] __sock_sendmsg+0x140/0x180 [ 81.652902][ T7001] ____sys_sendmsg+0x350/0x4e0 [ 81.652948][ T7001] __sys_sendmsg+0x1a0/0x240 [ 81.652998][ T7001] __x64_sys_sendmsg+0x46/0x50 [ 81.653032][ T7001] x64_sys_call+0x26f3/0x2e10 [ 81.653114][ T7001] do_syscall_64+0xc9/0x1c0 [ 81.653227][ T7001] ? clear_bhb_loop+0x25/0x80 [ 81.653254][ T7001] ? clear_bhb_loop+0x25/0x80 [ 81.653315][ T7001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.653381][ T7001] RIP: 0033:0x7fc9e88bd169 [ 81.653400][ T7001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.653422][ T7001] RSP: 002b:00007fc9e6f1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 81.653507][ T7001] RAX: ffffffffffffffda RBX: 00007fc9e8ad5fa0 RCX: 00007fc9e88bd169 [ 81.653523][ T7001] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 81.653557][ T7001] RBP: 00007fc9e6f1f090 R08: 0000000000000000 R09: 0000000000000000 [ 81.653573][ T7001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.653661][ T7001] R13: 0000000000000000 R14: 00007fc9e8ad5fa0 R15: 00007fff78327268 [ 81.653685][ T7001] [ 81.761273][ T7005] loop4: detected capacity change from 0 to 4096 [ 81.920267][ T7007] loop5: detected capacity change from 0 to 512 [ 81.944561][ T7007] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -13 [ 81.962197][ T7019] FAULT_INJECTION: forcing a failure. [ 81.962197][ T7019] name failslab, interval 1, probability 0, space 0, times 0 [ 81.975006][ T7019] CPU: 1 UID: 0 PID: 7019 Comm: syz.1.1105 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 81.975035][ T7019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 81.975047][ T7019] Call Trace: [ 81.975054][ T7019] [ 81.975063][ T7019] dump_stack_lvl+0xf6/0x150 [ 81.975159][ T7019] dump_stack+0x15/0x1a [ 81.975230][ T7019] should_fail_ex+0x261/0x270 [ 81.975259][ T7019] should_failslab+0x8f/0xb0 [ 81.975307][ T7019] kmem_cache_alloc_node_noprof+0x5c/0x340 [ 81.975330][ T7019] ? __alloc_skb+0x10d/0x320 [ 81.975354][ T7019] __alloc_skb+0x10d/0x320 [ 81.975377][ T7019] netlink_alloc_large_skb+0xad/0xe0 [ 81.975467][ T7019] netlink_sendmsg+0x3da/0x720 [ 81.975498][ T7019] ? __pfx_netlink_sendmsg+0x10/0x10 [ 81.975526][ T7019] __sock_sendmsg+0x140/0x180 [ 81.975562][ T7019] ____sys_sendmsg+0x350/0x4e0 [ 81.975623][ T7019] __sys_sendmsg+0x1a0/0x240 [ 81.975710][ T7019] __x64_sys_sendmsg+0x46/0x50 [ 81.975837][ T7019] x64_sys_call+0x26f3/0x2e10 [ 81.975860][ T7019] do_syscall_64+0xc9/0x1c0 [ 81.975890][ T7019] ? clear_bhb_loop+0x25/0x80 [ 81.975971][ T7019] ? clear_bhb_loop+0x25/0x80 [ 81.976068][ T7019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.976088][ T7019] RIP: 0033:0x7f487947d169 [ 81.976104][ T7019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.976125][ T7019] RSP: 002b:00007f4877adf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 81.976198][ T7019] RAX: ffffffffffffffda RBX: 00007f4879695fa0 RCX: 00007f487947d169 [ 81.976210][ T7019] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 81.976222][ T7019] RBP: 00007f4877adf090 R08: 0000000000000000 R09: 0000000000000000 [ 81.976233][ T7019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.976245][ T7019] R13: 0000000000000000 R14: 00007f4879695fa0 R15: 00007ffd22625868 [ 81.976312][ T7019] [ 82.181476][ T7007] EXT4-fs warning (device loop5): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 82.195402][ T7007] EXT4-fs warning (device loop5): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 82.211299][ T7007] EXT4-fs (loop5): 1 truncate cleaned up [ 82.244304][ T7004] EXT4-fs warning (device loop5): ext4_lookup:1801: Inconsistent encryption contexts: 2/12 [ 82.271600][ T7004] EXT4-fs warning (device loop5): ext4_lookup:1801: Inconsistent encryption contexts: 2/12 [ 82.453475][ T7038] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 82.463250][ T7031] loop2: detected capacity change from 0 to 2048 [ 82.471914][ T7038] SELinux: failed to load policy [ 82.633267][ T7043] loop4: detected capacity change from 0 to 8192 [ 82.779955][ T7053] SELinux: failed to load policy [ 82.944763][ T7063] loop4: detected capacity change from 0 to 1024 [ 82.978637][ T7063] EXT4-fs: Ignoring removed orlov option [ 82.984472][ T7063] EXT4-fs: Ignoring removed nomblk_io_submit option [ 83.122947][ T23] Process accounting resumed [ 83.151038][ T7063] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 83.164039][ T7063] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 83.182418][ T7069] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 83.219681][ T7069] SELinux: failed to load policy [ 83.329881][ T7076] loop4: detected capacity change from 0 to 128 [ 83.336400][ T7076] EXT4-fs: Ignoring removed nobh option [ 83.350070][ T7076] ext4 filesystem being mounted at /217/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 83.552386][ T7009] syz.3.1103 (7009) used greatest stack depth: 7304 bytes left [ 83.698950][ T7098] loop4: detected capacity change from 0 to 512 [ 83.711418][ T7102] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 83.731195][ T7098] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 83.741487][ T7102] SELinux: failed to load policy [ 83.790054][ T7098] EXT4-fs (loop4): 1 truncate cleaned up [ 83.917734][ T7111] loop3: detected capacity change from 0 to 2048 [ 83.979960][ T7111] EXT4-fs (loop3): failed to initialize system zone (-117) [ 83.987260][ T7111] EXT4-fs (loop3): mount failed [ 84.012403][ T7115] loop4: detected capacity change from 0 to 1024 [ 84.039283][ T7115] EXT4-fs: Ignoring removed oldalloc option [ 84.058198][ T7115] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 84.152172][ T7122] loop3: detected capacity change from 0 to 4096 [ 84.207982][ T7125] loop4: detected capacity change from 0 to 4096 [ 84.214610][ T7122] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities [ 84.390186][ T29] kauditd_printk_skb: 282 callbacks suppressed [ 84.390202][ T29] audit: type=1326 audit(1744256261.156:5526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 84.449824][ T7135] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 84.461444][ T7135] SELinux: failed to load policy [ 84.473520][ T7135] __nla_validate_parse: 36 callbacks suppressed [ 84.473539][ T7135] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1148'. [ 84.490474][ T29] audit: type=1326 audit(1744256261.186:5527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 84.514084][ T29] audit: type=1326 audit(1744256261.186:5528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 84.537861][ T29] audit: type=1326 audit(1744256261.186:5529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 84.561341][ T29] audit: type=1326 audit(1744256261.186:5530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 84.584827][ T29] audit: type=1326 audit(1744256261.206:5531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 84.608340][ T29] audit: type=1326 audit(1744256261.206:5532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 84.631775][ T29] audit: type=1326 audit(1744256261.206:5533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 84.655426][ T29] audit: type=1326 audit(1744256261.206:5534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 84.678866][ T29] audit: type=1326 audit(1744256261.206:5535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 84.884865][ T7147] loop4: detected capacity change from 0 to 2048 [ 84.918646][ T7153] loop5: detected capacity change from 0 to 512 [ 84.975909][ T7153] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 85.061902][ T7153] EXT4-fs (loop5): 1 truncate cleaned up [ 85.142852][ T7166] loop3: detected capacity change from 0 to 4096 [ 85.186525][ T7166] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities [ 85.305924][ T7180] loop2: detected capacity change from 0 to 2048 [ 85.314858][ T7187] netlink: 'syz.5.1165': attribute type 7 has an invalid length. [ 85.322814][ T7187] netlink: 'syz.5.1165': attribute type 5 has an invalid length. [ 85.330607][ T7187] netlink: 17 bytes leftover after parsing attributes in process `syz.5.1165'. [ 85.365297][ T7191] loop4: detected capacity change from 0 to 1024 [ 85.378124][ T7191] EXT4-fs: Ignoring removed oldalloc option [ 85.385423][ T7191] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 85.456547][ T7203] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1177'. [ 85.526041][ T7209] loop4: detected capacity change from 0 to 1024 [ 85.534636][ T7209] EXT4-fs: Ignoring removed oldalloc option [ 85.542075][ T7209] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 85.552072][ T7207] loop2: detected capacity change from 0 to 8192 [ 85.656106][ T7223] loop2: detected capacity change from 0 to 128 [ 85.665339][ T7223] EXT4-fs: Ignoring removed nobh option [ 85.675598][ T7223] ext4 filesystem being mounted at /207/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 85.719063][ T7223] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1186'. [ 85.724981][ T7232] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1189'. [ 85.732215][ T7223] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1186'. [ 85.764944][ T7223] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1186'. [ 85.775506][ T7223] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1186'. [ 85.818234][ T7223] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1186'. [ 85.839729][ T7223] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1186'. [ 85.880657][ T7245] loop2: detected capacity change from 0 to 512 [ 85.887953][ T7245] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 85.897803][ T7245] EXT4-fs (loop2): orphan cleanup on readonly fs [ 85.904331][ T7245] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 85.913094][ T7245] EXT4-fs (loop2): 1 truncate cleaned up [ 85.913415][ T7247] pim6reg1: entered promiscuous mode [ 85.924271][ T7247] pim6reg1: entered allmulticast mode [ 86.202707][ T7271] loop2: detected capacity change from 0 to 128 [ 86.243692][ T7277] loop3: detected capacity change from 0 to 1024 [ 86.272512][ T7277] EXT4-fs: Ignoring removed oldalloc option [ 86.278924][ T7271] EXT4-fs: Ignoring removed nobh option [ 86.293728][ T7277] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 86.325299][ T7271] ext4 filesystem being mounted at /209/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 86.359392][ T7288] netlink: 'syz.4.1209': attribute type 7 has an invalid length. [ 86.367262][ T7288] netlink: 'syz.4.1209': attribute type 5 has an invalid length. [ 86.453321][ T7292] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 86.461412][ T7292] SELinux: failed to load policy [ 86.469085][ T7296] FAULT_INJECTION: forcing a failure. [ 86.469085][ T7296] name failslab, interval 1, probability 0, space 0, times 0 [ 86.481844][ T7296] CPU: 0 UID: 0 PID: 7296 Comm: syz.2.1214 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 86.481878][ T7296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 86.481893][ T7296] Call Trace: [ 86.481900][ T7296] [ 86.481908][ T7296] dump_stack_lvl+0xf6/0x150 [ 86.481934][ T7296] dump_stack+0x15/0x1a [ 86.481955][ T7296] should_fail_ex+0x261/0x270 [ 86.482029][ T7296] should_failslab+0x8f/0xb0 [ 86.482166][ T7296] __kmalloc_noprof+0xad/0x410 [ 86.482192][ T7296] ? kobject_get_path+0x91/0x1c0 [ 86.482232][ T7296] kobject_get_path+0x91/0x1c0 [ 86.482250][ T7296] ? __kmalloc_cache_noprof+0x18d/0x320 [ 86.482280][ T7296] kobject_uevent_env+0x1b9/0x550 [ 86.482305][ T7296] ? kernfs_put+0x22d/0x250 [ 86.482343][ T7296] kobject_uevent+0x1c/0x30 [ 86.482447][ T7296] __kobject_del+0x8e/0x1a0 [ 86.482472][ T7296] kobject_put+0x126/0x180 [ 86.482495][ T7296] netdev_queue_update_kobjects+0x482/0x4f0 [ 86.482521][ T7296] netif_set_real_num_tx_queues+0x204/0x570 [ 86.482581][ T7296] __tun_detach+0x6bb/0xae0 [ 86.482617][ T7296] __tun_chr_ioctl+0x955/0x1590 [ 86.482661][ T7296] tun_chr_ioctl+0x27/0x30 [ 86.482686][ T7296] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 86.482712][ T7296] __se_sys_ioctl+0xc9/0x140 [ 86.482842][ T7296] __x64_sys_ioctl+0x43/0x50 [ 86.482875][ T7296] x64_sys_call+0x168d/0x2e10 [ 86.482956][ T7296] do_syscall_64+0xc9/0x1c0 [ 86.482989][ T7296] ? clear_bhb_loop+0x25/0x80 [ 86.483018][ T7296] ? clear_bhb_loop+0x25/0x80 [ 86.483046][ T7296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.483072][ T7296] RIP: 0033:0x7ff504fdd169 [ 86.483087][ T7296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.483108][ T7296] RSP: 002b:00007ff50363f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.483130][ T7296] RAX: ffffffffffffffda RBX: 00007ff5051f5fa0 RCX: 00007ff504fdd169 [ 86.483227][ T7296] RDX: 0000200000000100 RSI: 00000000400454d9 RDI: 0000000000000007 [ 86.483240][ T7296] RBP: 00007ff50363f090 R08: 0000000000000000 R09: 0000000000000000 [ 86.483252][ T7296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.483312][ T7296] R13: 0000000000000000 R14: 00007ff5051f5fa0 R15: 00007ffcc0a80af8 [ 86.483336][ T7296] [ 86.564347][ T7294] loop3: detected capacity change from 0 to 512 [ 86.729095][ T7294] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 86.737609][ T7300] loop5: detected capacity change from 0 to 512 [ 86.744533][ T7294] EXT4-fs (loop3): invalid journal inode [ 86.750386][ T7294] EXT4-fs (loop3): can't get journal size [ 86.757255][ T7300] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 86.757847][ T7294] EXT4-fs (loop3): 1 truncate cleaned up [ 86.780473][ T7300] EXT4-fs (loop5): orphan cleanup on readonly fs [ 86.786998][ T7300] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 86.889749][ T7300] EXT4-fs (loop5): 1 truncate cleaned up [ 86.948291][ T7308] loop2: detected capacity change from 0 to 128 [ 86.973338][ T7308] EXT4-fs: Ignoring removed nobh option [ 86.994368][ T7308] ext4 filesystem being mounted at /212/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 87.102462][ T7318] loop3: detected capacity change from 0 to 2048 [ 87.145109][ T7322] loop4: detected capacity change from 0 to 1024 [ 87.152093][ T7322] EXT4-fs: Ignoring removed oldalloc option [ 87.161105][ T7322] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 87.171539][ T7318] EXT4-fs (loop3): failed to initialize system zone (-117) [ 87.191373][ T7327] pim6reg1: entered promiscuous mode [ 87.196735][ T7327] pim6reg1: entered allmulticast mode [ 87.210329][ T7318] EXT4-fs (loop3): mount failed [ 87.317332][ T7335] FAULT_INJECTION: forcing a failure. [ 87.317332][ T7335] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 87.330589][ T7335] CPU: 0 UID: 0 PID: 7335 Comm: syz.4.1227 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 87.330628][ T7335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 87.330643][ T7335] Call Trace: [ 87.330649][ T7335] [ 87.330657][ T7335] dump_stack_lvl+0xf6/0x150 [ 87.330680][ T7335] dump_stack+0x15/0x1a [ 87.330701][ T7335] should_fail_ex+0x261/0x270 [ 87.330798][ T7335] should_fail+0xb/0x10 [ 87.330824][ T7335] should_fail_usercopy+0x1a/0x20 [ 87.330889][ T7335] _copy_to_user+0x20/0xa0 [ 87.330929][ T7335] __se_sys_cachestat+0x6a1/0x720 [ 87.330959][ T7335] ? fput+0x99/0xd0 [ 87.330983][ T7335] __x64_sys_cachestat+0x55/0x70 [ 87.331004][ T7335] x64_sys_call+0x2d5b/0x2e10 [ 87.331098][ T7335] do_syscall_64+0xc9/0x1c0 [ 87.331134][ T7335] ? clear_bhb_loop+0x25/0x80 [ 87.331158][ T7335] ? clear_bhb_loop+0x25/0x80 [ 87.331185][ T7335] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.331243][ T7335] RIP: 0033:0x7fc9e88bd169 [ 87.331261][ T7335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.331283][ T7335] RSP: 002b:00007fc9e6f1f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c3 [ 87.331301][ T7335] RAX: ffffffffffffffda RBX: 00007fc9e8ad5fa0 RCX: 00007fc9e88bd169 [ 87.331312][ T7335] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 87.331403][ T7335] RBP: 00007fc9e6f1f090 R08: 0000000000000000 R09: 0000000000000000 [ 87.331418][ T7335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.331432][ T7335] R13: 0000000000000000 R14: 00007fc9e8ad5fa0 R15: 00007fff78327268 [ 87.331453][ T7335] [ 87.647355][ T7350] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 87.657165][ T7350] SELinux: failed to load policy [ 87.663245][ T7353] loop3: detected capacity change from 0 to 1024 [ 87.684371][ T7353] EXT4-fs: Ignoring removed oldalloc option [ 87.701171][ T7353] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 87.718121][ T7359] loop5: detected capacity change from 0 to 512 [ 87.726458][ T7361] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in; [ 87.726458][ T7361] program syz.4.1240 not setting count and/or reply_len properly [ 87.743995][ T7359] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 87.823663][ T7359] EXT4-fs (loop5): 1 truncate cleaned up [ 87.991565][ T7384] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 88.020088][ T7384] SELinux: failed to load policy [ 88.097813][ T7392] FAULT_INJECTION: forcing a failure. [ 88.097813][ T7392] name failslab, interval 1, probability 0, space 0, times 0 [ 88.110591][ T7392] CPU: 1 UID: 0 PID: 7392 Comm: syz.4.1252 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 88.110620][ T7392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 88.110634][ T7392] Call Trace: [ 88.110641][ T7392] [ 88.110650][ T7392] dump_stack_lvl+0xf6/0x150 [ 88.110701][ T7392] dump_stack+0x15/0x1a [ 88.110723][ T7392] should_fail_ex+0x261/0x270 [ 88.110757][ T7392] should_failslab+0x8f/0xb0 [ 88.110824][ T7392] __kvmalloc_node_noprof+0x12c/0x520 [ 88.110851][ T7392] ? bpf_test_run_xdp_live+0xf9/0x1050 [ 88.110919][ T7392] bpf_test_run_xdp_live+0xf9/0x1050 [ 88.110946][ T7392] ? synchronize_rcu_expedited+0x6d5/0x790 [ 88.110970][ T7392] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 88.111068][ T7392] ? __pfx_autoremove_wake_function+0x10/0x10 [ 88.111115][ T7392] ? 0xffffffffa0003a40 [ 88.111132][ T7392] ? synchronize_rcu+0x4a/0x320 [ 88.111153][ T7392] ? 0xffffffffa0003a40 [ 88.111170][ T7392] ? 0xffffffffa0003a40 [ 88.111197][ T7392] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 88.111239][ T7392] bpf_prog_test_run_xdp+0x526/0x8e0 [ 88.111274][ T7392] ? __rcu_read_unlock+0x4e/0x70 [ 88.111310][ T7392] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 88.111367][ T7392] bpf_prog_test_run+0x20e/0x3a0 [ 88.111474][ T7392] __sys_bpf+0x440/0x800 [ 88.111501][ T7392] __x64_sys_bpf+0x43/0x50 [ 88.111525][ T7392] x64_sys_call+0x23da/0x2e10 [ 88.111553][ T7392] do_syscall_64+0xc9/0x1c0 [ 88.111589][ T7392] ? clear_bhb_loop+0x25/0x80 [ 88.111668][ T7392] ? clear_bhb_loop+0x25/0x80 [ 88.111695][ T7392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.111722][ T7392] RIP: 0033:0x7fc9e88bd169 [ 88.111783][ T7392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.111805][ T7392] RSP: 002b:00007fc9e6f1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 88.111892][ T7392] RAX: ffffffffffffffda RBX: 00007fc9e8ad5fa0 RCX: 00007fc9e88bd169 [ 88.111947][ T7392] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 88.111961][ T7392] RBP: 00007fc9e6f1f090 R08: 0000000000000000 R09: 0000000000000000 [ 88.111976][ T7392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.111991][ T7392] R13: 0000000000000000 R14: 00007fc9e8ad5fa0 R15: 00007fff78327268 [ 88.112014][ T7392] [ 88.127531][ T7395] loop5: detected capacity change from 0 to 1024 [ 88.359846][ T7395] EXT4-fs: Ignoring removed oldalloc option [ 88.370949][ T7397] loop3: detected capacity change from 0 to 512 [ 88.379145][ T7395] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 88.389652][ T7397] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 88.405544][ T7397] EXT4-fs (loop3): orphan cleanup on readonly fs [ 88.416440][ T7397] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 88.434716][ T7397] EXT4-fs (loop3): 1 truncate cleaned up [ 88.448309][ T7402] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 88.575637][ T7412] SELinux: policydb table sizes (4376,5) do not match mine (6,7) [ 88.585381][ T7412] SELinux: failed to load policy [ 88.634337][ T7422] SELinux: syz.5.1265 (7422) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 88.679918][ T7427] FAULT_INJECTION: forcing a failure. [ 88.679918][ T7427] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.693179][ T7427] CPU: 0 UID: 0 PID: 7427 Comm: syz.5.1267 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 88.693214][ T7427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 88.693236][ T7427] Call Trace: [ 88.693244][ T7427] [ 88.693252][ T7427] dump_stack_lvl+0xf6/0x150 [ 88.693282][ T7427] dump_stack+0x15/0x1a [ 88.693346][ T7427] should_fail_ex+0x261/0x270 [ 88.693380][ T7427] should_fail+0xb/0x10 [ 88.693410][ T7427] should_fail_usercopy+0x1a/0x20 [ 88.693446][ T7427] strncpy_from_user+0x25/0x230 [ 88.693535][ T7427] path_setxattrat+0xef/0x320 [ 88.693581][ T7427] __x64_sys_fsetxattr+0x6d/0x80 [ 88.693606][ T7427] x64_sys_call+0x2bad/0x2e10 [ 88.693631][ T7427] do_syscall_64+0xc9/0x1c0 [ 88.693670][ T7427] ? clear_bhb_loop+0x25/0x80 [ 88.693695][ T7427] ? clear_bhb_loop+0x25/0x80 [ 88.693776][ T7427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.693801][ T7427] RIP: 0033:0x7fc0d370d169 [ 88.693818][ T7427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.693838][ T7427] RSP: 002b:00007fc0d1d6f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 88.693859][ T7427] RAX: ffffffffffffffda RBX: 00007fc0d3925fa0 RCX: 00007fc0d370d169 [ 88.693874][ T7427] RDX: 00002000000004c0 RSI: 0000200000000480 RDI: 0000000000000006 [ 88.693924][ T7427] RBP: 00007fc0d1d6f090 R08: 0000000000000000 R09: 0000000000000000 [ 88.693937][ T7427] R10: 000000000000001a R11: 0000000000000246 R12: 0000000000000001 [ 88.693948][ T7427] R13: 0000000000000000 R14: 00007fc0d3925fa0 R15: 00007ffd4f6f6638 [ 88.693971][ T7427] [ 88.919935][ T7433] loop4: detected capacity change from 0 to 512 [ 88.948368][ T7433] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 88.982325][ T7438] loop3: detected capacity change from 0 to 512 [ 89.070974][ T7433] EXT4-fs (loop4): orphan cleanup on readonly fs [ 89.082440][ T7433] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1269: bg 0: block 248: padding at end of block bitmap is not set [ 89.088892][ T7438] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 89.106802][ T7433] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.1269: Failed to acquire dquot type 1 [ 89.128023][ T7433] EXT4-fs (loop4): 1 truncate cleaned up [ 89.158533][ T7446] xt_CT: You must specify a L4 protocol and not use inversions on it [ 89.335827][ T7438] EXT4-fs (loop3): orphan cleanup on readonly fs [ 89.380227][ T7438] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 89.399137][ T29] kauditd_printk_skb: 524 callbacks suppressed [ 89.399152][ T29] audit: type=1326 audit(1744256266.166:6058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7451 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 89.469268][ T7438] EXT4-fs (loop3): 1 truncate cleaned up [ 89.560138][ T29] audit: type=1326 audit(1744256266.196:6059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7451 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 89.583698][ T29] audit: type=1326 audit(1744256266.196:6060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7451 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 89.607112][ T29] audit: type=1326 audit(1744256266.196:6061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7451 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 89.630571][ T29] audit: type=1326 audit(1744256266.196:6062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7451 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 89.654009][ T29] audit: type=1326 audit(1744256266.196:6063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7451 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 89.677568][ T29] audit: type=1326 audit(1744256266.196:6064): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7451 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487947d169 code=0x7ffc0000 [ 89.702190][ T29] audit: type=1326 audit(1744256266.386:6065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7437 comm="syz.3.1272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 89.725698][ T29] audit: type=1326 audit(1744256266.386:6066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7437 comm="syz.3.1272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 89.749353][ T29] audit: type=1326 audit(1744256266.386:6067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7437 comm="syz.3.1272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe762b6d169 code=0x7ffc0000 [ 89.785202][ T7456] SELinux: syz.1.1278 (7456) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 89.994477][ T7476] loop2: detected capacity change from 0 to 1024 [ 90.004432][ T7477] loop4: detected capacity change from 0 to 2048 [ 90.004562][ T7473] loop3: detected capacity change from 0 to 512 [ 90.017631][ T7476] EXT4-fs: Ignoring removed oldalloc option [ 90.033974][ T7473] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 90.044749][ T7476] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 90.075769][ T7473] EXT4-fs (loop3): 1 truncate cleaned up [ 90.091664][ T7477] EXT4-fs (loop4): failed to initialize system zone (-117) [ 90.101393][ T7477] EXT4-fs (loop4): mount failed [ 90.155813][ T7487] SELinux: syz.5.1290 (7487) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 90.193302][ T7490] loop4: detected capacity change from 0 to 2048 [ 90.326145][ T7504] FAULT_INJECTION: forcing a failure. [ 90.326145][ T7504] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 90.343820][ T7504] CPU: 1 UID: 0 PID: 7504 Comm: syz.1.1296 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 90.343870][ T7504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 90.343886][ T7504] Call Trace: [ 90.343893][ T7504] [ 90.343901][ T7504] dump_stack_lvl+0xf6/0x150 [ 90.343985][ T7504] dump_stack+0x15/0x1a [ 90.344031][ T7504] should_fail_ex+0x261/0x270 [ 90.344064][ T7504] should_fail+0xb/0x10 [ 90.344093][ T7504] should_fail_usercopy+0x1a/0x20 [ 90.344125][ T7504] _copy_to_user+0x20/0xa0 [ 90.344178][ T7504] simple_read_from_buffer+0xb2/0x130 [ 90.344236][ T7504] proc_fail_nth_read+0x103/0x140 [ 90.344326][ T7504] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 90.344366][ T7504] vfs_read+0x1b2/0x710 [ 90.344429][ T7504] ? __rcu_read_unlock+0x4e/0x70 [ 90.344519][ T7504] ? __fget_files+0x186/0x1c0 [ 90.344544][ T7504] ksys_read+0xeb/0x1b0 [ 90.344574][ T7504] __x64_sys_read+0x42/0x50 [ 90.344600][ T7504] x64_sys_call+0x2a3b/0x2e10 [ 90.344626][ T7504] do_syscall_64+0xc9/0x1c0 [ 90.344661][ T7504] ? clear_bhb_loop+0x25/0x80 [ 90.344684][ T7504] ? clear_bhb_loop+0x25/0x80 [ 90.344706][ T7504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.344767][ T7504] RIP: 0033:0x7f487947bb7c [ 90.344786][ T7504] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 90.344806][ T7504] RSP: 002b:00007f4877adf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 90.344824][ T7504] RAX: ffffffffffffffda RBX: 00007f4879695fa0 RCX: 00007f487947bb7c [ 90.344836][ T7504] RDX: 000000000000000f RSI: 00007f4877adf0a0 RDI: 0000000000000023 [ 90.344848][ T7504] RBP: 00007f4877adf090 R08: 0000000000000000 R09: 0000000000000000 [ 90.344860][ T7504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 90.344935][ T7504] R13: 0000000000000000 R14: 00007f4879695fa0 R15: 00007ffd22625868 [ 90.344958][ T7504] [ 90.552753][ T7510] pim6reg1: entered promiscuous mode [ 90.558119][ T7510] pim6reg1: entered allmulticast mode [ 90.566080][ T7511] __nla_validate_parse: 19 callbacks suppressed [ 90.566101][ T7511] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1299'. [ 90.615594][ T7511] vhci_hcd: invalid port number 15 [ 90.620868][ T7511] vhci_hcd: default hub control req: 6003 v0018 i000f l0 [ 90.679627][ T7520] Cannot find del_set index 0 as target [ 90.714209][ T7525] loop2: detected capacity change from 0 to 1024 [ 90.721489][ T7525] EXT4-fs: Ignoring removed orlov option [ 90.727250][ T7525] EXT4-fs: Ignoring removed nomblk_io_submit option [ 90.749947][ T7526] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1301'. [ 90.752717][ T7527] loop3: detected capacity change from 0 to 512 [ 90.771492][ T7520] cgroup: No subsys list or none specified [ 90.801798][ T7520] netlink: 596 bytes leftover after parsing attributes in process `syz.4.1301'. [ 90.813651][ T7527] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 90.840320][ T7532] loop2: detected capacity change from 0 to 128 [ 90.847059][ T7532] EXT4-fs: Ignoring removed nobh option [ 90.853597][ T7527] EXT4-fs (loop3): 1 truncate cleaned up [ 90.872300][ T7526] loop4: detected capacity change from 0 to 2048 [ 90.905496][ T7532] ext4 filesystem being mounted at /225/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 90.919583][ T7532] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1305'. [ 90.934564][ T7532] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1305'. [ 90.943766][ T7532] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1305'. [ 90.978899][ T7532] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1305'. [ 90.993799][ T7532] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1305'. [ 91.043339][ T7532] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1305'. [ 91.059553][ T7532] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1305'. [ 91.093442][ T7550] loop4: detected capacity change from 0 to 512 [ 91.103598][ T7550] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 91.131722][ T7550] EXT4-fs (loop4): 1 truncate cleaned up [ 91.242585][ T7575] loop2: detected capacity change from 0 to 1024 [ 91.258736][ T7575] EXT4-fs: Ignoring removed oldalloc option [ 91.267170][ T7575] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 91.285947][ T7586] FAULT_INJECTION: forcing a failure. [ 91.285947][ T7586] name failslab, interval 1, probability 0, space 0, times 0 [ 91.298713][ T7586] CPU: 0 UID: 0 PID: 7586 Comm: syz.4.1320 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 91.298748][ T7586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 91.298763][ T7586] Call Trace: [ 91.298769][ T7586] [ 91.298778][ T7586] dump_stack_lvl+0xf6/0x150 [ 91.298868][ T7586] dump_stack+0x15/0x1a [ 91.298888][ T7586] should_fail_ex+0x261/0x270 [ 91.298921][ T7586] should_failslab+0x8f/0xb0 [ 91.298957][ T7586] kmem_cache_alloc_noprof+0x59/0x340 [ 91.299008][ T7586] ? ioctx_alloc+0xf0/0x4c0 [ 91.299028][ T7586] ioctx_alloc+0xf0/0x4c0 [ 91.299050][ T7586] __se_sys_io_setup+0x6b/0x1b0 [ 91.299109][ T7586] __x64_sys_io_setup+0x31/0x40 [ 91.299143][ T7586] x64_sys_call+0x2b35/0x2e10 [ 91.299168][ T7586] do_syscall_64+0xc9/0x1c0 [ 91.299203][ T7586] ? clear_bhb_loop+0x25/0x80 [ 91.299308][ T7586] ? clear_bhb_loop+0x25/0x80 [ 91.299329][ T7586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.299353][ T7586] RIP: 0033:0x7fc9e88bd169 [ 91.299368][ T7586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.299387][ T7586] RSP: 002b:00007fc9e6f1f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 91.299409][ T7586] RAX: ffffffffffffffda RBX: 00007fc9e8ad5fa0 RCX: 00007fc9e88bd169 [ 91.299423][ T7586] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000002004 [ 91.299513][ T7586] RBP: 00007fc9e6f1f090 R08: 0000000000000000 R09: 0000000000000000 [ 91.299525][ T7586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.299537][ T7586] R13: 0000000000000000 R14: 00007fc9e8ad5fa0 R15: 00007fff78327268 [ 91.299559][ T7586] [ 91.546639][ T7601] FAULT_INJECTION: forcing a failure. [ 91.546639][ T7601] name failslab, interval 1, probability 0, space 0, times 0 [ 91.559449][ T7601] CPU: 0 UID: 0 PID: 7601 Comm: syz.2.1325 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 91.559530][ T7601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 91.559545][ T7601] Call Trace: [ 91.559553][ T7601] [ 91.559563][ T7601] dump_stack_lvl+0xf6/0x150 [ 91.559592][ T7601] dump_stack+0x15/0x1a [ 91.559613][ T7601] should_fail_ex+0x261/0x270 [ 91.559708][ T7601] should_failslab+0x8f/0xb0 [ 91.559741][ T7601] kmem_cache_alloc_lru_noprof+0x5e/0x330 [ 91.559769][ T7601] ? sock_alloc_inode+0x34/0xa0 [ 91.559867][ T7601] ? selinux_socket_create+0x100/0x180 [ 91.559904][ T7601] sock_alloc_inode+0x34/0xa0 [ 91.559936][ T7601] ? __pfx_sock_alloc_inode+0x10/0x10 [ 91.559978][ T7601] alloc_inode+0x40/0x170 [ 91.560011][ T7601] __sock_create+0x12b/0x5a0 [ 91.560079][ T7601] __sys_socket+0xb3/0x240 [ 91.560105][ T7601] __x64_sys_socket+0x3f/0x50 [ 91.560128][ T7601] x64_sys_call+0x28f1/0x2e10 [ 91.560189][ T7601] do_syscall_64+0xc9/0x1c0 [ 91.560221][ T7601] ? clear_bhb_loop+0x25/0x80 [ 91.560247][ T7601] ? clear_bhb_loop+0x25/0x80 [ 91.560272][ T7601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.560347][ T7601] RIP: 0033:0x7ff504fdd169 [ 91.560361][ T7601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.560379][ T7601] RSP: 002b:00007ff50363f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 91.560401][ T7601] RAX: ffffffffffffffda RBX: 00007ff5051f5fa0 RCX: 00007ff504fdd169 [ 91.560416][ T7601] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 0000000000000002 [ 91.560430][ T7601] RBP: 00007ff50363f090 R08: 0000000000000000 R09: 0000000000000000 [ 91.560444][ T7601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.560523][ T7601] R13: 0000000000000000 R14: 00007ff5051f5fa0 R15: 00007ffcc0a80af8 [ 91.560546][ T7601] [ 91.560555][ T7601] socket: no more sockets [ 91.623851][ T7608] loop4: detected capacity change from 0 to 512 [ 91.764832][ T7608] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 91.776031][ T7608] EXT4-fs (loop4): 1 truncate cleaned up [ 91.863804][ T7631] loop2: detected capacity change from 0 to 2048 [ 91.884831][ T7631] EXT4-fs (loop2): failed to initialize system zone (-117) [ 91.897805][ T7631] EXT4-fs (loop2): mount failed [ 91.974439][ T7679] loop4: detected capacity change from 0 to 128 [ 91.981270][ T7679] EXT4-fs: Ignoring removed nobh option [ 92.041845][ T7679] ext4 filesystem being mounted at /269/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 92.068274][ T7684] FAULT_INJECTION: forcing a failure. [ 92.068274][ T7684] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 92.081469][ T7684] CPU: 1 UID: 0 PID: 7684 Comm: syz.1.1334 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 92.081548][ T7684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 92.081561][ T7684] Call Trace: [ 92.081568][ T7684] [ 92.081575][ T7684] dump_stack_lvl+0xf6/0x150 [ 92.081673][ T7684] dump_stack+0x15/0x1a [ 92.081695][ T7684] should_fail_ex+0x261/0x270 [ 92.081729][ T7684] should_fail+0xb/0x10 [ 92.081757][ T7684] should_fail_usercopy+0x1a/0x20 [ 92.081786][ T7684] _copy_from_user+0x1c/0xa0 [ 92.081887][ T7684] restore_altstack+0x4d/0xd0 [ 92.081982][ T7684] __do_sys_rt_sigreturn+0xe5/0x180 [ 92.082029][ T7684] x64_sys_call+0x2b49/0x2e10 [ 92.082097][ T7684] do_syscall_64+0xc9/0x1c0 [ 92.082147][ T7684] ? clear_bhb_loop+0x25/0x80 [ 92.082174][ T7684] ? clear_bhb_loop+0x25/0x80 [ 92.082202][ T7684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.082229][ T7684] RIP: 0033:0x7f4879419359 [ 92.082248][ T7684] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 92.082274][ T7684] RSP: 002b:00007f4877adea80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f [ 92.082339][ T7684] RAX: ffffffffffffffda RBX: 00007f4879695fa0 RCX: 00007f4879419359 [ 92.082355][ T7684] RDX: 00007f4877adea80 RSI: 00007f4877adebb0 RDI: 0000000000000021 [ 92.082371][ T7684] RBP: 00007f4877adf090 R08: 0000000000000000 R09: 0000000000000000 [ 92.082385][ T7684] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001 [ 92.082400][ T7684] R13: 0000000000000000 R14: 00007f4879695fa0 R15: 00007ffd22625868 [ 92.082420][ T7684] [ 92.278596][ T7697] FAULT_INJECTION: forcing a failure. [ 92.278596][ T7697] name failslab, interval 1, probability 0, space 0, times 0 [ 92.291303][ T7697] CPU: 0 UID: 0 PID: 7697 Comm: syz.2.1335 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 92.291388][ T7697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 92.291403][ T7697] Call Trace: [ 92.291410][ T7697] [ 92.291418][ T7697] dump_stack_lvl+0xf6/0x150 [ 92.291444][ T7697] dump_stack+0x15/0x1a [ 92.291464][ T7697] should_fail_ex+0x261/0x270 [ 92.291491][ T7697] should_failslab+0x8f/0xb0 [ 92.291593][ T7697] __kmalloc_node_track_caller_noprof+0xaa/0x410 [ 92.291619][ T7697] ? security_set_bools+0x8b/0x350 [ 92.291721][ T7697] ? __rcu_read_unlock+0x4e/0x70 [ 92.291750][ T7697] kmemdup_noprof+0x2b/0x70 [ 92.291809][ T7697] security_set_bools+0x8b/0x350 [ 92.291876][ T7697] ? sel_commit_bools_write+0x16d/0x270 [ 92.291915][ T7697] sel_commit_bools_write+0x1ed/0x270 [ 92.291998][ T7697] vfs_writev+0x3f3/0x880 [ 92.292021][ T7697] ? get_pid_task+0x94/0xd0 [ 92.292050][ T7697] ? __pfx_sel_commit_bools_write+0x10/0x10 [ 92.292088][ T7697] ? mutex_lock+0xd/0x40 [ 92.292111][ T7697] do_writev+0xf7/0x230 [ 92.292136][ T7697] __x64_sys_writev+0x45/0x50 [ 92.292181][ T7697] x64_sys_call+0x1d68/0x2e10 [ 92.292233][ T7697] do_syscall_64+0xc9/0x1c0 [ 92.292269][ T7697] ? clear_bhb_loop+0x25/0x80 [ 92.292292][ T7697] ? clear_bhb_loop+0x25/0x80 [ 92.292313][ T7697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.292334][ T7697] RIP: 0033:0x7ff504fdd169 [ 92.292348][ T7697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.292508][ T7697] RSP: 002b:00007ff50363f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 92.292531][ T7697] RAX: ffffffffffffffda RBX: 00007ff5051f5fa0 RCX: 00007ff504fdd169 [ 92.292545][ T7697] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000005 [ 92.292560][ T7697] RBP: 00007ff50363f090 R08: 0000000000000000 R09: 0000000000000000 [ 92.292574][ T7697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.292588][ T7697] R13: 0000000000000000 R14: 00007ff5051f5fa0 R15: 00007ffcc0a80af8 [ 92.292611][ T7697] [ 92.581713][ T7720] loop5: detected capacity change from 0 to 512 [ 92.625757][ T7720] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 92.657612][ T7737] SELinux: syz.4.1346 (7737) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 92.662800][ T7720] EXT4-fs (loop5): orphan cleanup on readonly fs [ 92.678271][ T7720] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 92.688577][ T7720] EXT4-fs (loop5): 1 truncate cleaned up [ 92.769563][ T3292] ================================================================== [ 92.777685][ T3292] BUG: KCSAN: data-race in __mark_inode_dirty / __writeback_single_inode [ 92.786131][ T3292] [ 92.788460][ T3292] read-write to 0xffff88810649cf08 of 4 bytes by task 3419 on cpu 1: [ 92.796530][ T3292] __writeback_single_inode+0x1f4/0x850 [ 92.802094][ T3292] writeback_sb_inodes+0x458/0xa10 [ 92.807224][ T3292] wb_writeback+0x264/0x650 [ 92.811737][ T3292] wb_workfn+0x1aa/0x960 [ 92.815987][ T3292] process_scheduled_works+0x4de/0xa20 [ 92.821470][ T3292] worker_thread+0x52c/0x710 [ 92.826069][ T3292] kthread+0x4b7/0x540 [ 92.830156][ T3292] ret_from_fork+0x4b/0x60 [ 92.834619][ T3292] ret_from_fork_asm+0x1a/0x30 [ 92.839396][ T3292] [ 92.841726][ T3292] read to 0xffff88810649cf08 of 4 bytes by task 3292 on cpu 0: [ 92.849272][ T3292] __mark_inode_dirty+0x198/0x7e0 [ 92.854303][ T3292] mark_buffer_dirty+0x149/0x230 [ 92.859258][ T3292] block_page_mkwrite+0x295/0x3f0 [ 92.864288][ T3292] ext4_page_mkwrite+0x756/0xb90 [ 92.869324][ T3292] do_wp_page+0xe86/0x24e0 [ 92.873776][ T3292] handle_mm_fault+0xc6c/0x2e80 [ 92.878641][ T3292] exc_page_fault+0x3b9/0x6a0 [ 92.883332][ T3292] asm_exc_page_fault+0x26/0x30 [ 92.888187][ T3292] [ 92.890513][ T3292] value changed: 0x0001002a -> 0x00000020 [ 92.896249][ T3292] [ 92.898571][ T3292] Reported by Kernel Concurrency Sanitizer on: [ 92.904813][ T3292] CPU: 0 UID: 0 PID: 3292 Comm: syz-executor Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(voluntary) [ 92.917409][ T3292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 92.927471][ T3292] ================================================================== [ 102.224027][ T29] kauditd_printk_skb: 229 callbacks suppressed [ 102.224045][ T29] audit: type=1400 audit(1744256278.986:6297): avc: denied { read } for pid=2986 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 102.252449][ T29] audit: type=1400 audit(1744256278.986:6298): avc: denied { search } for pid=2986 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 102.274235][ T29] audit: type=1400 audit(1744256278.986:6299): avc: denied { append } for pid=2986 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 102.296830][ T29] audit: type=1400 audit(1744256278.986:6300): avc: denied { open } for pid=2986 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 102.319498][ T29] audit: type=1400 audit(1744256278.986:6301): avc: denied { getattr } for pid=2986 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1