last executing test programs: 2.960274044s ago: executing program 4 (id=379): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c) listen(r3, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0) 2.914794054s ago: executing program 4 (id=381): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="10000000040000000800000002"], 0x48) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000340), r0) sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="11d029bd7000fedbdf252500000005002b0060872e7d020000000a0001007770616e3000000005002e00"], 0x30}}, 0x4) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000180)={0xffffff, 0x100000}, 0x10) write(r2, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000fe00000000000000", 0x1c) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="2800000500000108000200"/20, @ANYRES32=0x0, @ANYBLOB="fe0000000000000008001b0000000000"], 0x28}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$packet(0x11, 0x2, 0x300) r6 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) clock_nanosleep(0x7, 0x0, &(0x7f0000000080)={0x77359400}, &(0x7f0000001b40)) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r8, r7, 0x25, 0x4, @void}, 0x10) sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r7, {}, {}, {0x0, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0x3, 0x2}, {0x9, 0x56}], 0xee01}, 0x18, 0x0) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) 2.614396929s ago: executing program 4 (id=387): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000400396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kfree\x00', r0, 0x0, 0x8000000000}, 0x18) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2) readv(r1, &(0x7f0000000cc0)=[{&(0x7f0000001300)=""/244, 0xf4}], 0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 2.508585101s ago: executing program 4 (id=389): bpf$TOKEN_CREATE(0x24, &(0x7f0000000200), 0x8) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a38500000070000000"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x4}, 0x18) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) personality(0xfe47fef9f5ff7379) sendto(0xffffffffffffffff, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3a) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) r4 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', r5, &(0x7f0000000140)='./file0\x00') syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRESHEX=0x0, @ANYRESOCT], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa") 2.426148632s ago: executing program 4 (id=391): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c) listen(r2, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0) 2.404587613s ago: executing program 4 (id=392): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x5, 0x97, &(0x7f00000001c0)=""/151, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) fcntl$lock(0xffffffffffffffff, 0x25, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1b00000000000000000000000180000000000000", @ANYRES32, @ANYBLOB="000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0106000000000000000000000000001800"/28], 0x50) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, &(0x7f00000000c0)='\x00', 0x0, 0x2}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8000000003, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x5, 0x800000000003}, 0x115d2, 0x0, 0x7, 0x3, 0x3c, 0x81, 0xfffc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) 1.748884672s ago: executing program 3 (id=401): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) clock_gettime(0x1, &(0x7f0000000000)) r1 = socket$inet(0x2, 0x80001, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f0000000180)={0x9, 0x0, 0x800000}, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000"], 0x3c}}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1400000004000000040000000100000000000000c2ce89c68e9e79ed81cd46dd854299588b794b05a5b447c45095985dd18479e49b88bc78eeebf57f944ccb117be4e0409f6d20fed87db32546991579e0db922fd5ff0d2a163a2daebfad6e2bb76295a8ebf309b3ad574658acd4df0bf02707acc3c197275558f6b333386d6236a61d9371fe186880babf564842677f00"/155, @ANYRES16=r1, @ANYRES64=r0, @ANYRES8=r1, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r2, &(0x7f0000000140), &(0x7f0000000200)=""/221}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r3 = socket$inet6_sctp(0xa, 0x801, 0x84) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$kcm(0x2, 0x3, 0x2) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/diskstats\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) getpid() sendto$inet6(r3, &(0x7f0000000040)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3}, 0x3}, 0x1c) 1.739976913s ago: executing program 1 (id=403): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000000000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f6", 0x5a}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c00712152230000000010902"], 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r3}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0) r4 = socket$pppl2tp(0x18, 0x1, 0x1) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0xfff}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]}) ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) 1.629668344s ago: executing program 3 (id=405): bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000047000000010001000800000001000000", @ANYRES32], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00'}, 0x10) nanosleep(0x0, 0x0) 1.550706466s ago: executing program 3 (id=406): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) brk(0x5d555ede6000) 1.418893108s ago: executing program 3 (id=408): r0 = socket$inet6(0xa, 0x2, 0x0) (async) syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000840)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x2000040, &(0x7f0000006080)={[{@inlinecrypt}, {@minixdf}, {@acl}, {@sb={'sb', 0x3d, 0x7}}, {@jqfmt_vfsv0}, {@user_xattr}, {@stripe={'stripe', 0x3d, 0x374}}]}, 0x10, 0x501, &(0x7f0000001f40)="$eJzs3cFvG1kZAPBvJvG2abMkCxzKSuyu2EXpCmonG7obcVgWCbGnlSjlXkLiRFGcOIqdtokqlApxBQkhQOLEiQsSVyQE6p+AkCrBjQMqCISghQMHwMjjcZsGO05V11OS30+azJt59nzfS+SZeTMvngBOrdci4r2IGIuINyNiKl+f5tP77forndc9uH9rqT0l0Wpd/WsSSb6uu60kn5+PiP2IOBsRX34/4mvJ/8Zt7O6tL9Zq1e18udLc2Ko0dvcurW0srlZXq5vz83NvL7yzcHlhtmfe3/zdk7VzOiLe/cIfv/ftH3/x3V9++sbvr/354tfbaU3m9QfbEXHmyTZ+hE7TS9nvoms8IraHFqFYY/m81Kf+W2MjTAYAgIHa5/gfjohPZOf/UzGWnZ0OMjGCzAAAAIBhaX1uMv6VRLQAAACAEyvNxsAmaTkfCzAZaVoud8bwfjTOpbV6o/mplfrO5nJnrOx0lNKVtVp1Nh8rPB2lpL08l4+x7S6/dWh5PiJeiojvTk1ky+Wlem256IsfAAAAcEqcP9T//8dU1v8f+A+w6WjSAwAAAIZluugEAAAAgGduUP//hRHlAQAAADw77v8DAADAifalDz5oT63u86+Xr+/urNevX1quNtbLGztL5aX69lZ5tV5fzb6zb2PQ9mr1+tZnYnPnZqVZbTQrjd29axv1nc3mtbXHHoENAAAAjNBLr975bRIR+5+dyKYw3B9OjWRAffaQkHv5wh9GkBAwMmNFJwAUZrzoBIDClIpOACjcoOsAfQfv/Gr4uQAAAM/GzMf63/93bQBONs/xBIDTx/1/OL1Kj48AvFxcJkBRPjSg/unv/7daT5QQAAAwdJPZlKTl/F7gZKRpuRzxYvZYgFKyslarzub9g99Mlc60l+eydyYDxwwDAAAAAAAAAAAAAAAAAAAAAAAAAB2tVhKtQ5KHdQAAAMBJEJH+Kcm+zT9iZuqNycPXB15I/jmVzSPixg+vfv/mYrO5Pdde/7eH65s/yNe/NeqrFwAAAEAv3X56tx8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMP04P6tpe40yrh/+XxETD+Kf+Fnv6jkVa+ezWZnoxQR5/6exPiB9yURMTaE+Pu3I+JCr/Yn7bRiOjpZ9Io/UWD8NCLODyE+nGZ32vuf93p9/tJ4LZv3/vyN59PTOrz/Oxi/u/8b67P/efGYMV6++9NK3/i3I14e773/6cZP+sR//Zjxv/qVvb1e69vbaP0oYqbn8Sd57HWV5sZWpbG7d2ltY3G1ulrdnJ+fe3vhnYXLC7OVlbVaNf/ZM/53Pv7z/xzV/nN94k8PaP8bx2z/v+/evP+RTrHUK/7F13sffy/0iZ/mx75P5uV2/Uy3vN8pH/TKT379ylHtX+7T/od//x4H2nbMi8ds/5tXvnHvmC8FAEagsbu3vlirVbf/HwtpPBdpKAylcOb5SOM5KnS7QIVEL3jHBAAADN2jk/6iMwEAAAAAAAAAAAAAAAAAAIDTaxRfJ3Y45n4xTQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONJ/AwAA//87qs6H") (async) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async) preadv(r1, &(0x7f0000000180)=[{&(0x7f0000000100)=""/25, 0x19}], 0x1, 0x401, 0x2) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) (async, rerun: 32) r2 = epoll_create1(0x0) (rerun: 32) epoll_wait(r2, &(0x7f0000000040)=[{}, {}, {}, {}, {}], 0x5, 0x6f) (async, rerun: 32) r3 = socket$pppl2tp(0x18, 0x1, 0x1) (rerun: 32) ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101}) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) close(r0) 1.334240409s ago: executing program 3 (id=409): bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mount(0x0, 0x0, &(0x7f0000000000)='proc\x00', 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000200)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$inet_dccp(0x2, 0x6, 0x0) rseq(&(0x7f0000000300), 0x20, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==") r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000180)='\x00', 0x1, 0xfffffffffffffffe) keyctl$search(0x4, r1, &(0x7f0000000580)='cifs.idmap\x00', 0x0, 0xfffffffffffffffa) bpf$TOKEN_CREATE(0x24, &(0x7f0000000340), 0x8) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2}, 0x18) r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5) sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001c80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r4], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) write$nci(r3, &(0x7f0000005c40)=ANY=[@ANYBLOB="6103057f030603f93677ff6fcad8cf254cac"], 0x12) mq_getsetattr(0xffffffffffffffff, &(0x7f0000000200)={0x9, 0xb39fdb0, 0x81, 0x1}, &(0x7f0000000280)) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xd, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc5, &(0x7f0000000740)=""/197, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) mlockall(0x2) shmctl$SHM_LOCK(0x0, 0xb) shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x7000) 1.302071049s ago: executing program 2 (id=410): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x20, r1, 0x301, 0x70bd28, 0x0, {0x2b}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) (fail_nth: 5) 1.190668921s ago: executing program 2 (id=412): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000180)={[{@delalloc}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x0, 0x111, 0x4b4, 0x128, 0xd4feffff, 0x220, 0x20a, 0x278, 0x220, 0x278, 0x3, 0x0, {[{{@ipv6={@private2, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0x100, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2}}]}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x180, 0xa42, 0xb}}]}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350) open(&(0x7f0000000040)='./control\x00', 0x14f3be, 0x8) mkdir(&(0x7f0000000000)='./control\x00', 0x0) fadvise64(r0, 0xd211, 0x200, 0x0) 907.471765ms ago: executing program 1 (id=413): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000400396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kfree\x00', r0, 0x0, 0x8000000000}, 0x18) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2) readv(r1, &(0x7f0000000cc0)=[{&(0x7f0000001300)=""/244, 0xf4}], 0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 836.396657ms ago: executing program 2 (id=415): r0 = socket$inet6(0xa, 0x6, 0x0) r1 = socket$inet_dccp(0x2, 0x6, 0x0) dup2(r0, r1) setsockopt(r1, 0x10d, 0xf, &(0x7f00001c9fff)="03", 0x1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open$cgroup(&(0x7f0000001700)={0x5, 0x80, 0x10, 0x1, 0xff, 0x63, 0x0, 0x3, 0x100, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x40, 0x3}, 0xa102, 0x10, 0x4, 0x8, 0x5, 0x1cf, 0x9f4, 0x0, 0x6, 0x0, 0x400000000000040}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x2) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000280)='kmem_cache_free\x00', r3, 0x0, 0x1}, 0x27) r4 = epoll_create1(0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES32=0x0, @ANYRES8=r2], 0x3c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) add_key(&(0x7f00000001c0)='logon\x00', &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000340)='J', 0x1, 0xffffffffffffffff) 814.415557ms ago: executing program 1 (id=417): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x240, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5414, &(0x7f0000000040)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xd) ioctl$VT_DISALLOCATE(r1, 0x5608) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x4, @perf_bp={0x0, 0xa}, 0x1000, 0x5dd8, 0x0, 0x0, 0x0, 0x7, 0xfdfb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'sit0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, 0x0, &(0x7f0000000040)}, 0x20) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000240)={[{@discard}, {@noload}]}, 0x64, 0x53f, &(0x7f00000007c0)="$eJzs3c9vI1cdAPDvOHZIdrPrFDhAD6XQouwK1t40tI04tEUgOFUCyn0JiRNFceIocdpNVNFE/AFcECBxggsXpP4HqBIXjhVSEZxBFIEQbOHAATrV2OM067Xj7NaJo+TzkWbnvTc/vu/ZOz/ezGQcwKX1ZES8FBHvp2l6MyLKeXkhH2K/PWTzvXfv9cVsSCJNX/lnEkle1llXko+v5otNRMS3vxHxveTBuNu7e2sL9XptK89Xm+ub1e3dvVur6wsrtZXaxtzc7HPzz88/O397KO28FhEvfO2vP/7hL7/+wq+/+Nqf7/z9xvezan01n360HQ+peNzEdtNLrc/i6AJbES8+Yrxzp9hqYW7yZMscnGJ9AADoLzvH/3hEfC4ibkY5xo4/nW3pcToPAAAAnGPpi1PxvyQi7W28V+FE9J0fAAAAOIcKETEVSaGSPwswFYVCpdJ+hveTcSV9I6L5heXGzsZSNi1iOkqF5dV67Xb+rPB0lJIsP9tKf5h/pp0/eDeilZ+LiMci4kflyVa+stioL4364gcAAABcEle7+v//Kbf7/wAAAMAFMz3qCgAAAACnTv8fAAAALj79fwAAALjQvvnyy9mQdn7/eunV3Z21xqu3lmrba5X1ncXKYmNrs7LSaKy03tm3Pmh99UZj80uxsXO32qxtN6vbu3t31hs7G807q/f9BDYAAABwhh77zFt/TCJi/8uTrSEz3mfesTOtGXDaioepJB/32Pr/dL09fveMKgWciUHH9N+Xz6giwJkrjroCwMiUHmZmfycAF1IyYHrfh3fezsefHW59AACA4Zv5dP/7/4Vjl9w/fjJw7tmI4fLq3P+/3pUHLr7W/f9+D/x2c7IAF0rJER8uvYH3//s9APD2SSOk6cPVCAAAGLap1pAUKvnlvakoFCqViGutx/1LyfJqvdbpG/yhXPpYlp9t5ZKBfQYAAAAAAAAAAAAAAAAAAAAAAAAAoC1Nk0gBAACACy2i8LfkN+13+c+Un57qvj4wnvy3HPlPhL72s1d+cneh2dyazcr/dVje/Gle/swormAAAAAA3Tr99E4/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACG6b17ry92hk5ZWj79uP/4SkRM94pfjInWeCJKEXHl30kUjyyXRMTYEOLvH0TEp3rFT7JqHYbsFX/y9OPHdP4p9Ip/dQjx4TJ7K9v/vJRtf+MRcXT7K8STrXHv7a8YcV/+UbX2f9kOrsf+t7P/G+uz/V/rWtd0nxiPv/NmtW/8g4jHi733P534SZ/4T52wjd/9zt5eV9H1TiL9ecRMz+NPcl+sanN9s7q9u3drdX1hpbZS25ibm31u/vn5Z+dvV5dX67X83wdilwbULWv/lT7xpwe0/+kTtv//79y994k+1cni33iqR/zf/iKf48H4hfzY9/k8nU2f6aT32+mjnvjV7544rv1Lfdo/6Pu/ccL23/zWD/4SEe8f+UoBgBHa3t1bW6jXa1u9E2+2E9lpS995znki66Wfg2pIPFpi4H/Rj5J4Y6grTNM0jY+2pSQx8g+8kxj1ngkAABi2D0/6R10TAAAAAAAAAAAAAAAAAAAAuLzO4nVi3TH3D1PJMF6hDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFB8EAAD//7UL0vI=") r8 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) add_key$keyring(0x0, &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000012c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r9], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0) 805.386807ms ago: executing program 2 (id=418): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) brk(0x5d555ede6000) 678.257619ms ago: executing program 2 (id=421): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095", @ANYRESOCT=r0, @ANYRES64=r0, @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c40)={0x14, r3, 0xc4fc9e906872338b, 0x20, 0x0, {{0x15}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) r5 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r5, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) sendmmsg$inet(r5, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044) sendto$inet(r5, &(0x7f0000000c80)="e8", 0x6200, 0x0, 0x0, 0x0) 457.039902ms ago: executing program 2 (id=422): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f00000003c0)='./file0\x00', 0x4891, &(0x7f0000000000)={[{@grpjquota}, {@discard}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}]}, 0x0, 0x41e, &(0x7f0000000880)="$eJzs3c9PHFUcAPDvDAultBaaePDHhaiJJEYo9Ic20cTGaDy0J3vwKAFaSaGYgoltiNZovGmi8eBRD/74B4xHPfg/6Fk92CbEcJDqCTO7M8u6y/Jz12ng80le9r2ZYd6bebzZmcebRwCH1nBEvBARPRFxKiIG8+VpHuJ2LWTbra0uT/29ujyVxPr6q38mkeTLin0l+eexfAcjaUT6QRKPbpLv4s1b1ybn5mZu5Omxpfk3xxZv3np6dn7y6szVmesT506fOXv22fMTz+zxyNKWJSvzyUdPfH3x908+nP705zs/DGXlPZ6vazyOThmO4fo5aXa+05mVrL8hnlRKLAgAAFtK83v/SvX+fzB6YuPmbTA+/qnUwgEAAAAdsb5efAIAAAAHV1J79u/RCQAAAAAHVTEOYG11eaoIJQ5H4H+28m1EDNXq/14eamsq9Xd6e5ve7+2k4Yh4pf/SRBaiS+9hAwAAABxmP16oTfzX2v+XxkMN2x2NiIFibr8OGm5Kt/b/pHc7nCUNVi5EPBcR91r6/+rzJw715KkHql2FvcmV2bmZUxFxIiJGovdIlh7fIo93Hrv2Tbt1jf1/X/z22niWf/a5sUV6t3Lkvz8zPbk0uZ9jZsPKexGPVJrqvy+qs3kWfb6N82Tuxeuza8+3W5fVf1bfRWitf7pp/cuIJzdt/xszlyZbz886Vr0e9EZ+VWj16/Gv3m+Xf2P7z0KWf/G3ALova/8DW9d/dZ7c+ny9i7vP4/u/Lv3Sbt329b/59b8vuVwtYF++7O3JpaUb4xF9ycXW5Qf/t+ncTjcszkdxvrL6H3l88+//4v4vyb/7TzTMD70bL7578nK7ddp/ubL6n95V+9995I2Bh0fa5b+z9n+mWphiJ+7/tlc7+Z+/tF0FlV1OAAAAAAAAADojrY7tS9LRejxNR0dr43wfjIF0bmFx6akrC29dn66NARyK3rQY/znYMB50vPYaeT090ZQ+HREnI+KzwaPV9OjUwtx02QcPAAAAh8SxNs//mT/28rIHAAAAcH8aKrsAAAAAQNd5/gcAAIADbT/z+ueRfE+3X76zv/0cgkjxPxW6mEV/ROxo4+/+KftslB7pj/uiGB2LVDq5wxIvSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADEvwEAAP//iT624w==") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) r1 = io_uring_setup(0x231d, &(0x7f0000000100)={0x0, 0x8712, 0x0, 0x3, 0x305}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$UHID_INPUT(r2, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce302e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e1ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2d54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fc8102754a760b097f464ddb0b83f8168badfa71dfb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24f9f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c979411b0888cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de800000000ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce02ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r2, 0x0) io_uring_register$IORING_REGISTER_CLOCK(r1, 0x1d, &(0x7f0000000080)={0x1}, 0x0) epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x80000000, 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000340), r3) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r3, 0x0, 0x4000141) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 431.691163ms ago: executing program 3 (id=423): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000000000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f6", 0x5a}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c00712152230000000010902"], 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r3}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0) r4 = socket$pppl2tp(0x18, 0x1, 0x1) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0xfff}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]}) ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) 361.358974ms ago: executing program 0 (id=424): r0 = syz_pidfd_open(0x0, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x5}, 0x18) setns(r0, 0x34020000) 312.125454ms ago: executing program 0 (id=425): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000002c7b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400), 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e0000000400001008000000c600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000800000000000000000000006405ccd67b8cac52ae397725e0dc27e241000000003013be1108ca96936971f12e443bda41e007ba3ccbf61d7d76fe60fdc14964b7d44a5af8adf51ddf2a8d40d3df7403854de7ea9254ebc109690465b34c05cabe5b705d36b59ac8bb0688d0d299cd734fd6a9043915720000fefd93ab578bdb8a407d7c467141c0cbfdb06ce9d736830460f4070000007bdba4b6d91a6907edeefa6b0b1e5f22404a0bb7b90388f27422874d49ad9a75f4cfd19373ec75394568344fe73cae4b3c3a6b9517ed00"/228], 0x50) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r3}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) getpeername(r1, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]}) statx(0xffffffffffffff9c, 0x0, 0x400, 0x1, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) r5 = socket$inet6(0xa, 0x2, 0x0) sendmsg$inet6(r5, &(0x7f0000001700)={&(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c, 0x0}, 0x0) 232.028346ms ago: executing program 0 (id=426): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x20, r1, 0x301, 0x70bd28, 0x0, {0x2b}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x1000000}, 0x0) 165.089897ms ago: executing program 0 (id=427): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c) listen(r3, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0) 164.675307ms ago: executing program 0 (id=428): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000400396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kfree\x00', r0, 0x0, 0x8000000000}, 0x18) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2) readv(r1, &(0x7f0000000cc0)=[{&(0x7f0000001300)=""/244, 0xf4}], 0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 163.758397ms ago: executing program 1 (id=429): r0 = socket$inet6(0xa, 0x6, 0x0) r1 = socket$inet_dccp(0x2, 0x6, 0x0) dup2(r0, r1) setsockopt(r1, 0x10d, 0xf, &(0x7f00001c9fff)="03", 0x1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open$cgroup(&(0x7f0000001700)={0x5, 0x80, 0x10, 0x1, 0xff, 0x63, 0x0, 0x3, 0x100, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x40, 0x3}, 0xa102, 0x10, 0x4, 0x8, 0x5, 0x1cf, 0x9f4, 0x0, 0x6, 0x0, 0x400000000000040}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x2) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000280)='kmem_cache_free\x00', r3, 0x0, 0x1}, 0x27) r4 = epoll_create1(0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES32=0x0, @ANYRES8=r2], 0x3c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00'}, 0x10) add_key(&(0x7f00000001c0)='logon\x00', &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000340)='J', 0x1, 0xffffffffffffffff) 81.026278ms ago: executing program 1 (id=430): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 52.532459ms ago: executing program 0 (id=431): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) brk(0x5d555ede6000) 0s ago: executing program 1 (id=432): bpf$TOKEN_CREATE(0x24, &(0x7f0000000200), 0x8) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a38500000070000000"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x4}, 0x18) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) personality(0xfe47fef9f5ff7379) sendto(0xffffffffffffffff, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3a) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) r4 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRESHEX=0x0, @ANYRESOCT], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa") kernel console output (not intermixed with test programs): udit: type=1400 audit(1743333364.927:91): avc: denied { relabelto } for pid=3295 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 28.026062][ T3303] chnl_net:caif_netlink_parms(): no params data found [ 28.046578][ T3302] chnl_net:caif_netlink_parms(): no params data found [ 28.080398][ T3306] chnl_net:caif_netlink_parms(): no params data found [ 28.106451][ T3307] chnl_net:caif_netlink_parms(): no params data found [ 28.131985][ T3312] chnl_net:caif_netlink_parms(): no params data found [ 28.171265][ T3303] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.178406][ T3303] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.185585][ T3303] bridge_slave_0: entered allmulticast mode [ 28.191991][ T3303] bridge_slave_0: entered promiscuous mode [ 28.218749][ T3303] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.225868][ T3303] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.233239][ T3303] bridge_slave_1: entered allmulticast mode [ 28.239887][ T3303] bridge_slave_1: entered promiscuous mode [ 28.263035][ T3302] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.270103][ T3302] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.277423][ T3302] bridge_slave_0: entered allmulticast mode [ 28.283865][ T3302] bridge_slave_0: entered promiscuous mode [ 28.304521][ T3302] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.311678][ T3302] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.319016][ T3302] bridge_slave_1: entered allmulticast mode [ 28.325604][ T3302] bridge_slave_1: entered promiscuous mode [ 28.332765][ T3303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 28.346730][ T3306] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.353826][ T3306] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.360942][ T3306] bridge_slave_0: entered allmulticast mode [ 28.367545][ T3306] bridge_slave_0: entered promiscuous mode [ 28.374384][ T3306] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.381533][ T3306] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.388809][ T3306] bridge_slave_1: entered allmulticast mode [ 28.395378][ T3306] bridge_slave_1: entered promiscuous mode [ 28.409092][ T3303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 28.443898][ T3307] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.450984][ T3307] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.458168][ T3307] bridge_slave_0: entered allmulticast mode [ 28.464677][ T3307] bridge_slave_0: entered promiscuous mode [ 28.482351][ T3302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 28.491996][ T3303] team0: Port device team_slave_0 added [ 28.498786][ T3302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 28.507964][ T3307] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.515080][ T3307] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.522292][ T3307] bridge_slave_1: entered allmulticast mode [ 28.528711][ T3307] bridge_slave_1: entered promiscuous mode [ 28.535913][ T3306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 28.549640][ T3312] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.556775][ T3312] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.564077][ T3312] bridge_slave_0: entered allmulticast mode [ 28.570319][ T3312] bridge_slave_0: entered promiscuous mode [ 28.577488][ T3303] team0: Port device team_slave_1 added [ 28.598699][ T3306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 28.607803][ T3312] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.614954][ T3312] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.622249][ T3312] bridge_slave_1: entered allmulticast mode [ 28.628488][ T3312] bridge_slave_1: entered promiscuous mode [ 28.645961][ T3307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 28.655709][ T3302] team0: Port device team_slave_0 added [ 28.675722][ T3307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 28.690731][ T3302] team0: Port device team_slave_1 added [ 28.706327][ T3306] team0: Port device team_slave_0 added [ 28.717014][ T3303] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 28.723992][ T3303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 28.749904][ T3303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 28.771295][ T3306] team0: Port device team_slave_1 added [ 28.778124][ T3312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 28.787506][ T3303] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 28.794583][ T3303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 28.820547][ T3303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 28.834444][ T3307] team0: Port device team_slave_0 added [ 28.840319][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 28.847314][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 28.873285][ T3302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 28.889251][ T3312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 28.905289][ T3307] team0: Port device team_slave_1 added [ 28.916097][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 28.923064][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 28.948988][ T3302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 28.980405][ T3303] hsr_slave_0: entered promiscuous mode [ 28.986354][ T3303] hsr_slave_1: entered promiscuous mode [ 28.995631][ T3306] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 29.002702][ T3306] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.028665][ T3306] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 29.039952][ T3312] team0: Port device team_slave_0 added [ 29.051379][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 29.058357][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.084285][ T3307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 29.096176][ T3306] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 29.103218][ T3306] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.132849][ T3306] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 29.146720][ T3312] team0: Port device team_slave_1 added [ 29.164781][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 29.171734][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.197724][ T3307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 29.224960][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 29.231941][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.257854][ T3312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 29.278623][ T3302] hsr_slave_0: entered promiscuous mode [ 29.284549][ T3302] hsr_slave_1: entered promiscuous mode [ 29.290372][ T3302] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 29.298424][ T3302] Cannot create hsr debugfs directory [ 29.305297][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 29.312291][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.338225][ T3312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 29.379778][ T3306] hsr_slave_0: entered promiscuous mode [ 29.385781][ T3306] hsr_slave_1: entered promiscuous mode [ 29.391737][ T3306] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 29.399343][ T3306] Cannot create hsr debugfs directory [ 29.418613][ T3307] hsr_slave_0: entered promiscuous mode [ 29.424767][ T3307] hsr_slave_1: entered promiscuous mode [ 29.430658][ T3307] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 29.438532][ T3307] Cannot create hsr debugfs directory [ 29.465244][ T3312] hsr_slave_0: entered promiscuous mode [ 29.471193][ T3312] hsr_slave_1: entered promiscuous mode [ 29.476974][ T3312] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 29.484621][ T3312] Cannot create hsr debugfs directory [ 29.656510][ T3302] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 29.664969][ T3302] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 29.673694][ T3302] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 29.684820][ T3302] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 29.705417][ T3303] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 29.714449][ T3303] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 29.727081][ T3303] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 29.739370][ T3303] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 29.758032][ T3306] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 29.768116][ T3306] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 29.777217][ T3306] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 29.793390][ T3306] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 29.817675][ T3307] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 29.826849][ T3307] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 29.835938][ T3307] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 29.850878][ T3307] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 29.893653][ T3312] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 29.904216][ T3312] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 29.914460][ T3312] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 29.924566][ T3302] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.938305][ T3312] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 29.965916][ T3302] 8021q: adding VLAN 0 to HW filter on device team0 [ 29.975292][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.982426][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.998832][ T3303] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.018918][ T3306] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.028362][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.035451][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.068500][ T3303] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.079841][ T3307] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.088883][ T3306] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.097868][ T1599] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.105008][ T1599] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.125321][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.132453][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.141070][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.148211][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.158171][ T3307] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.170605][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.177807][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.197173][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.204247][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.223712][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.230809][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.247643][ T3312] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.284381][ T3312] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.300352][ T3302] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 30.317863][ T3306] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 30.334944][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.342064][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.362553][ T122] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.369795][ T122] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.407652][ T3312] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 30.438371][ T3307] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 30.451969][ T3303] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 30.473908][ T3306] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 30.528603][ T3312] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 30.561037][ T3302] veth0_vlan: entered promiscuous mode [ 30.594013][ T3302] veth1_vlan: entered promiscuous mode [ 30.644446][ T3307] veth0_vlan: entered promiscuous mode [ 30.654757][ T3302] veth0_macvtap: entered promiscuous mode [ 30.669784][ T3312] veth0_vlan: entered promiscuous mode [ 30.677936][ T3307] veth1_vlan: entered promiscuous mode [ 30.686438][ T3302] veth1_macvtap: entered promiscuous mode [ 30.694906][ T3312] veth1_vlan: entered promiscuous mode [ 30.720225][ T3306] veth0_vlan: entered promiscuous mode [ 30.727045][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.744491][ T3306] veth1_vlan: entered promiscuous mode [ 30.758968][ T3312] veth0_macvtap: entered promiscuous mode [ 30.766418][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.774839][ T3303] veth0_vlan: entered promiscuous mode [ 30.787248][ T3312] veth1_macvtap: entered promiscuous mode [ 30.793733][ T3302] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.802677][ T3302] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.811391][ T3302] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.820140][ T3302] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 30.834127][ T3307] veth0_macvtap: entered promiscuous mode [ 30.848131][ T3303] veth1_vlan: entered promiscuous mode [ 30.854932][ T3306] veth0_macvtap: entered promiscuous mode [ 30.866913][ T3307] veth1_macvtap: entered promiscuous mode [ 30.879478][ T3303] veth0_macvtap: entered promiscuous mode [ 30.888431][ T3302] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 30.892380][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 30.913514][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 30.924061][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.936738][ T3306] veth1_macvtap: entered promiscuous mode [ 30.947054][ T3303] veth1_macvtap: entered promiscuous mode [ 30.954176][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 30.964651][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 30.977685][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.985755][ T3312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 30.996294][ T3312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.006195][ T3312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.016736][ T3312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.027763][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.040540][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.051149][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.061194][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.071793][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.081696][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.092207][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.104148][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.121604][ T3312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.132102][ T3312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.141940][ T3312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.152409][ T3312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.163150][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.170900][ T3307] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.179771][ T3307] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.188642][ T3307] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.197505][ T3307] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.207869][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.218474][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.228466][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.238946][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.248843][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.259414][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.270220][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.277824][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.288316][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.298177][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.308640][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.318473][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.328927][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.338765][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 31.349218][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.359770][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.373885][ T3312] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.382675][ T3312] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.391366][ T3312] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.400128][ T3312] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.411480][ T3303] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.420345][ T3303] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.429195][ T3303] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.437904][ T3303] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.449995][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.460475][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.470353][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.480851][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.490700][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.501207][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.511081][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 31.521527][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 31.532454][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.549935][ T3306] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.558700][ T3306] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.567424][ T3306] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.576142][ T3306] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 31.674275][ T3452] netlink: 'syz.0.1': attribute type 10 has an invalid length. [ 31.682022][ T3452] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1'. [ 31.714711][ T3452] batadv0: entered promiscuous mode [ 31.719971][ T3452] batadv0: entered allmulticast mode [ 31.725895][ T29] kauditd_printk_skb: 40 callbacks suppressed [ 31.725907][ T29] audit: type=1400 audit(1743333369.927:132): avc: denied { create } for pid=3453 comm="syz.1.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 31.738484][ T3458] loop2: detected capacity change from 0 to 1024 [ 31.751344][ T29] audit: type=1400 audit(1743333369.927:133): avc: denied { create } for pid=3453 comm="syz.1.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 31.763997][ T3458] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 31.776784][ T29] audit: type=1400 audit(1743333369.927:134): avc: denied { ioctl } for pid=3453 comm="syz.1.8" path="socket:[3841]" dev="sockfs" ino=3841 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 31.786565][ T3458] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 31.810651][ T29] audit: type=1400 audit(1743333369.927:135): avc: denied { bind } for pid=3453 comm="syz.1.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 31.826547][ T3452] bridge0: port 3(batadv0) entered blocking state [ 31.842381][ T29] audit: type=1400 audit(1743333369.937:136): avc: denied { create } for pid=3455 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 31.845711][ T3452] bridge0: port 3(batadv0) entered disabled state [ 31.864833][ T29] audit: type=1326 audit(1743333369.937:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3455 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b33dd169 code=0x7ffc0000 [ 31.894505][ T29] audit: type=1326 audit(1743333369.937:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3455 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b33dd169 code=0x7ffc0000 [ 31.895805][ T3457] netlink: 'syz.4.5': attribute type 10 has an invalid length. [ 31.917679][ T29] audit: type=1326 audit(1743333369.937:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3455 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe6b33dd169 code=0x7ffc0000 [ 31.932663][ T3452] bridge0: port 3(batadv0) entered blocking state [ 31.948268][ T29] audit: type=1326 audit(1743333369.937:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3455 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe6b33dd1a3 code=0x7ffc0000 [ 31.954716][ T3452] bridge0: port 3(batadv0) entered forwarding state [ 31.977538][ T29] audit: type=1326 audit(1743333369.937:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3455 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe6b33dbc1f code=0x7ffc0000 [ 31.987635][ T3458] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 32.024928][ T3463] netlink: 'syz.3.4': attribute type 13 has an invalid length. [ 32.043278][ T3458] EXT4-fs error (device loop2): ext4_get_journal_inode:5798: inode #5: comm syz.2.3: unexpected bad inode w/o EXT4_IGET_BAD [ 32.060262][ T3458] EXT4-fs (loop2): no journal found [ 32.065573][ T3458] EXT4-fs (loop2): can't get journal size [ 32.072748][ T3458] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 32.096333][ T3463] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 32.113600][ T3459] batman_adv: batadv0: Adding interface: dummy0 [ 32.119861][ T3459] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 32.145314][ T3459] batman_adv: batadv0: Interface activated: dummy0 [ 32.154175][ T3457] 8021q: adding VLAN 0 to HW filter on device team0 [ 32.162452][ T3457] bond0: (slave team0): Enslaving as an active interface with an up link [ 32.172669][ T3452] batadv0: mtu less than device minimum [ 32.178720][ T3452] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 32.189756][ T3452] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 32.200599][ T3452] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 32.211421][ T3452] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 32.222187][ T3452] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 32.233079][ T3452] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 32.236745][ T51] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 32.243897][ T3452] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 32.261133][ T3474] loop3: detected capacity change from 0 to 1024 [ 32.263488][ T3452] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 32.276423][ T3474] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 32.289525][ T3474] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 32.304204][ T122] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 32.305931][ T3474] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 32.313452][ T122] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 32.336807][ T3456] random: crng reseeded on system resumption [ 32.350784][ T3474] EXT4-fs error (device loop3): ext4_get_journal_inode:5798: inode #5: comm syz.3.9: unexpected bad inode w/o EXT4_IGET_BAD [ 32.371687][ T3474] EXT4-fs (loop3): no journal found [ 32.377060][ T3474] EXT4-fs (loop3): can't get journal size [ 32.397499][ T3474] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 32.443542][ T3479] netlink: 'syz.4.11': attribute type 10 has an invalid length. [ 32.605387][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 32.631289][ T3493] serio: Serial port ptm0 [ 32.642501][ T37] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 32.688868][ T3500] loop2: detected capacity change from 0 to 1024 [ 32.701033][ T3500] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 32.711032][ T3500] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 32.742871][ T3500] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 32.759125][ T3500] EXT4-fs error (device loop2): ext4_get_journal_inode:5798: inode #5: comm syz.2.16: unexpected bad inode w/o EXT4_IGET_BAD [ 32.813001][ T3500] EXT4-fs (loop2): no journal found [ 32.818240][ T3500] EXT4-fs (loop2): can't get journal size [ 32.826993][ T3500] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 32.984434][ T3516] loop0: detected capacity change from 0 to 1024 [ 32.991675][ T3516] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 33.001605][ T3516] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 33.011856][ T3516] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 33.023084][ T3516] EXT4-fs error (device loop0): ext4_get_journal_inode:5798: inode #5: comm syz.0.23: unexpected bad inode w/o EXT4_IGET_BAD [ 33.036257][ T3516] EXT4-fs (loop0): no journal found [ 33.041468][ T3516] EXT4-fs (loop0): can't get journal size [ 33.055118][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.065448][ T3516] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 33.078501][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.115290][ T3522] loop3: detected capacity change from 0 to 1024 [ 33.127690][ T3522] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 33.128712][ T3523] loop2: detected capacity change from 0 to 512 [ 33.137490][ T3522] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 33.154168][ T3522] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 33.165128][ T3522] EXT4-fs error (device loop3): ext4_get_journal_inode:5798: inode #5: comm syz.3.24: unexpected bad inode w/o EXT4_IGET_BAD [ 33.175987][ T3523] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 33.178636][ T3522] EXT4-fs (loop3): no journal found [ 33.187690][ T3523] System zones: [ 33.191347][ T3522] EXT4-fs (loop3): can't get journal size [ 33.192278][ T3522] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 33.194944][ T3523] 0-2, 18-18, 34-34 [ 33.217653][ T31] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 33.218295][ T3523] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.25: bg 0: block 248: padding at end of block bitmap is not set [ 33.241675][ T3523] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.25: Failed to acquire dquot type 1 [ 33.253841][ T3523] EXT4-fs (loop2): 1 truncate cleaned up [ 33.259977][ T3523] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.272577][ T3523] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 33.299241][ T3523] team0 (unregistering): Port device team_slave_0 removed [ 33.308766][ T3523] team0 (unregistering): Port device team_slave_1 removed [ 33.660203][ T3537] netlink: 36 bytes leftover after parsing attributes in process `syz.1.27'. [ 33.850258][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.876731][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.884051][ C0] hrtimer: interrupt took 45744 ns [ 33.927627][ T3550] serio: Serial port ptm1 [ 34.029927][ T3555] batman_adv: batadv0: Interface deactivated: dummy0 [ 34.036811][ T3555] batman_adv: batadv0: Removing interface: dummy0 [ 34.044884][ T3555] bridge0: port 3(batadv0) entered disabled state [ 34.057600][ T3555] bridge_slave_0: left allmulticast mode [ 34.063312][ T3555] bridge_slave_0: left promiscuous mode [ 34.069146][ T3555] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.079327][ T3555] bridge_slave_1: left allmulticast mode [ 34.085076][ T3555] bridge_slave_1: left promiscuous mode [ 34.090740][ T3555] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.103698][ T3555] bond0: (slave bond_slave_0): Releasing backup interface [ 34.117404][ T3557] loop3: detected capacity change from 0 to 512 [ 34.124315][ T3555] bond0: (slave bond_slave_1): Releasing backup interface [ 34.137369][ T3555] team0: Port device team_slave_0 removed [ 34.144440][ T3557] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 34.159889][ T3557] EXT4-fs (loop3): mount failed [ 34.160995][ T3555] team0: Port device team_slave_1 removed [ 34.181544][ T3555] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 34.189166][ T3555] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 34.201323][ T3555] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 34.205479][ T3561] serio: Serial port ptm0 [ 34.208770][ T3555] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 34.505132][ T3576] usb usb8: usbfs: process 3576 (syz.4.41) did not claim interface 0 before use [ 34.541455][ T3523] syz.2.25 (3523) used greatest stack depth: 9216 bytes left [ 34.550795][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.621778][ T3582] serio: Serial port ptm0 [ 34.750932][ T3593] netlink: 'syz.4.49': attribute type 10 has an invalid length. [ 34.853306][ T3607] serio: Serial port ptm0 [ 34.855399][ T3608] netlink: 'syz.2.55': attribute type 13 has an invalid length. [ 34.888207][ T3612] loop4: detected capacity change from 0 to 512 [ 34.896897][ T3614] Zero length message leads to an empty skb [ 34.905208][ T3614] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 34.919027][ T3614] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 34.927035][ T3612] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 34.928243][ T3614] batman_adv: batadv0: Adding interface: dummy0 [ 34.948057][ T3614] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.973997][ T3614] batman_adv: batadv0: Interface activated: dummy0 [ 34.996468][ T3612] EXT4-fs (loop4): mount failed [ 35.032769][ T3622] bridge_slave_0: left allmulticast mode [ 35.038453][ T3622] bridge_slave_0: left promiscuous mode [ 35.044369][ T3622] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.061330][ T3622] bridge_slave_1: left allmulticast mode [ 35.067107][ T3622] bridge_slave_1: left promiscuous mode [ 35.073089][ T3622] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.083879][ T3622] bond0: (slave bond_slave_0): Releasing backup interface [ 35.094134][ T3622] bond0: (slave bond_slave_1): Releasing backup interface [ 35.107768][ T3622] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 35.115793][ T3622] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 35.134167][ T3622] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 35.141619][ T3622] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 35.257041][ T3629] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 35.305504][ T3629] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 35.317173][ T3640] netlink: 24 bytes leftover after parsing attributes in process `syz.0.69'. [ 35.326893][ T3640] FAULT_INJECTION: forcing a failure. [ 35.326893][ T3640] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 35.340141][ T3640] CPU: 0 UID: 0 PID: 3640 Comm: syz.0.69 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(voluntary) [ 35.340166][ T3640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 35.340181][ T3640] Call Trace: [ 35.340187][ T3640] [ 35.340195][ T3640] dump_stack_lvl+0xf6/0x150 [ 35.340221][ T3640] dump_stack+0x15/0x1a [ 35.340274][ T3640] should_fail_ex+0x261/0x270 [ 35.340330][ T3640] should_fail+0xb/0x10 [ 35.340360][ T3640] should_fail_usercopy+0x1a/0x20 [ 35.340395][ T3640] _copy_from_iter+0xd8/0xd10 [ 35.340415][ T3640] ? kmalloc_reserve+0x16e/0x190 [ 35.340438][ T3640] ? __build_skb_around+0x199/0x1f0 [ 35.340519][ T3640] ? __alloc_skb+0x227/0x320 [ 35.340559][ T3640] ? __virt_addr_valid+0x1ed/0x250 [ 35.340599][ T3640] ? __check_object_size+0x367/0x510 [ 35.340670][ T3640] netlink_sendmsg+0x492/0x720 [ 35.340773][ T3640] ? __pfx_netlink_sendmsg+0x10/0x10 [ 35.340844][ T3640] __sock_sendmsg+0x140/0x180 [ 35.340897][ T3640] ____sys_sendmsg+0x350/0x4e0 [ 35.340957][ T3640] __sys_sendmsg+0x1a0/0x240 [ 35.341011][ T3640] __x64_sys_sendmsg+0x46/0x50 [ 35.341056][ T3640] x64_sys_call+0x26f3/0x2e10 [ 35.341153][ T3640] do_syscall_64+0xc9/0x1c0 [ 35.341181][ T3640] ? clear_bhb_loop+0x25/0x80 [ 35.341200][ T3640] ? clear_bhb_loop+0x25/0x80 [ 35.341219][ T3640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 35.341258][ T3640] RIP: 0033:0x7fd3b970d169 [ 35.341278][ T3640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 35.341299][ T3640] RSP: 002b:00007fd3b7d77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 35.341320][ T3640] RAX: ffffffffffffffda RBX: 00007fd3b9925fa0 RCX: 00007fd3b970d169 [ 35.341335][ T3640] RDX: 0000000000000004 RSI: 00002000000002c0 RDI: 0000000000000007 [ 35.341367][ T3640] RBP: 00007fd3b7d77090 R08: 0000000000000000 R09: 0000000000000000 [ 35.341380][ T3640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 35.341393][ T3640] R13: 0000000000000000 R14: 00007fd3b9925fa0 R15: 00007ffc713736e8 [ 35.341415][ T3640] [ 35.565605][ T3629] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 35.599140][ T3647] serio: Serial port ptm0 [ 35.634947][ T3629] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 35.690442][ T3629] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.702277][ T3629] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.718560][ T3629] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.733076][ T3629] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.746598][ T3657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 35.756704][ T3657] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 35.769565][ T3658] loop3: detected capacity change from 0 to 1024 [ 35.779304][ T3658] ======================================================= [ 35.779304][ T3658] WARNING: The mand mount option has been deprecated and [ 35.779304][ T3658] and is ignored by this kernel. Remove the mand [ 35.779304][ T3658] option from the mount to silence this warning. [ 35.779304][ T3658] ======================================================= [ 35.815129][ T3658] EXT4-fs: Ignoring removed nobh option [ 35.821120][ T3658] EXT4-fs: Ignoring removed bh option [ 35.841677][ T3658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 35.868594][ T3666] loop4: detected capacity change from 0 to 512 [ 35.887861][ T3666] EXT4-fs error (device loop4): ext4_orphan_get:1390: inode #15: comm syz.4.80: casefold flag without casefold feature [ 35.900769][ T3666] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.80: couldn't read orphan inode 15 (err -117) [ 35.913315][ T3666] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.028528][ T3671] loop1: detected capacity change from 0 to 1024 [ 36.037241][ T3671] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 36.047238][ T3671] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 36.059852][ T3671] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 36.074481][ T3671] EXT4-fs error (device loop1): ext4_get_journal_inode:5798: inode #5: comm syz.1.81: unexpected bad inode w/o EXT4_IGET_BAD [ 36.087854][ T3671] EXT4-fs (loop1): no journal found [ 36.093159][ T3671] EXT4-fs (loop1): can't get journal size [ 36.100696][ T3671] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 36.163894][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.195365][ T3682] serio: Serial port ptm0 [ 36.203156][ T3684] netlink: 'syz.2.85': attribute type 10 has an invalid length. [ 36.211320][ T12] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 36.287296][ T3691] loop4: detected capacity change from 0 to 512 [ 36.295099][ T3691] EXT4-fs error (device loop4): ext4_orphan_get:1390: inode #15: comm syz.4.87: casefold flag without casefold feature [ 36.308776][ T3691] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.87: couldn't read orphan inode 15 (err -117) [ 36.321019][ T3691] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.361939][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.416292][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.436377][ T3704] netlink: 'syz.3.92': attribute type 13 has an invalid length. [ 36.497004][ T3710] netlink: 'syz.3.94': attribute type 13 has an invalid length. [ 36.505794][ T3712] bond0: (slave team0): Releasing backup interface [ 36.516849][ T3712] team0 (unregistering): Port device team_slave_0 removed [ 36.525713][ T3712] team0 (unregistering): Port device team_slave_1 removed [ 36.566365][ T3714] serio: Serial port ptm0 [ 36.648770][ T3719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 36.657377][ T3719] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 36.824251][ T29] kauditd_printk_skb: 1990 callbacks suppressed [ 36.824266][ T29] audit: type=1326 audit(1743333375.037:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3670 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe63792d169 code=0x7ffc0000 [ 36.853804][ T29] audit: type=1326 audit(1743333375.037:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3670 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe63792d169 code=0x7ffc0000 [ 36.877506][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.985675][ T29] audit: type=1400 audit(1743333375.197:2130): avc: denied { create } for pid=3724 comm="syz.1.101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 37.012211][ T3725] loop1: detected capacity change from 0 to 1024 [ 37.018862][ T29] audit: type=1400 audit(1743333375.227:2131): avc: denied { mounton } for pid=3724 comm="syz.1.101" path="/18/file0" dev="tmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 37.018935][ T3725] EXT4-fs: test_dummy_encryption option not supported [ 37.071034][ T3727] loop2: detected capacity change from 0 to 512 [ 37.100498][ T3730] netlink: 'syz.0.103': attribute type 13 has an invalid length. [ 37.125510][ T3727] EXT4-fs error (device loop2): ext4_orphan_get:1390: inode #15: comm syz.2.102: casefold flag without casefold feature [ 37.144523][ T3727] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.102: couldn't read orphan inode 15 (err -117) [ 37.157259][ T3727] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 37.187800][ T3730] net_ratelimit: 34 callbacks suppressed [ 37.187813][ T3730] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 37.396839][ T29] audit: type=1400 audit(1743333375.537:2132): avc: denied { read } for pid=3724 comm="syz.1.101" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 37.420172][ T29] audit: type=1400 audit(1743333375.537:2133): avc: denied { open } for pid=3724 comm="syz.1.101" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 37.450708][ T3745] SELinux: Context Ü is not valid (left unmapped). [ 37.474865][ T3745] netlink: 4 bytes leftover after parsing attributes in process `syz.0.107'. [ 37.588599][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.636076][ T3751] loop3: detected capacity change from 0 to 1024 [ 37.645244][ T3751] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 37.655222][ T3751] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 37.666299][ T29] audit: type=1400 audit(1743333375.687:2134): avc: denied { ioctl } for pid=3743 comm="syz.0.107" path="socket:[5296]" dev="sockfs" ino=5296 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 37.690949][ T29] audit: type=1326 audit(1743333375.747:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3747 comm="syz.3.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f917d169 code=0x7ffc0000 [ 37.714644][ T29] audit: type=1326 audit(1743333375.747:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3747 comm="syz.3.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f917d169 code=0x7ffc0000 [ 37.738196][ T29] audit: type=1326 audit(1743333375.747:2137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3747 comm="syz.3.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f78f917d169 code=0x7ffc0000 [ 37.762877][ T3751] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 37.773262][ T3731] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 37.781712][ T3731] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 37.791127][ T3751] EXT4-fs error (device loop3): ext4_get_journal_inode:5798: inode #5: comm syz.3.111: unexpected bad inode w/o EXT4_IGET_BAD [ 37.804770][ T3751] EXT4-fs (loop3): no journal found [ 37.809997][ T3751] EXT4-fs (loop3): can't get journal size [ 37.817696][ T3751] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 37.834579][ T3756] netlink: 'syz.2.112': attribute type 10 has an invalid length. [ 37.894469][ T12] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 38.456750][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.500648][ T3765] loop3: detected capacity change from 0 to 8192 [ 38.547674][ T3765] program syz.3.114 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 38.557017][ T3765] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 38.598275][ T3768] netlink: 'syz.0.115': attribute type 13 has an invalid length. [ 38.616667][ T3768] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 38.691263][ T3775] syzkaller0: entered promiscuous mode [ 38.697196][ T3775] syzkaller0: entered allmulticast mode [ 38.705419][ T3773] smc: net device bond0 applied user defined pnetid SYZ2 [ 38.712908][ T3774] netlink: 2 bytes leftover after parsing attributes in process `syz.3.117'. [ 38.715661][ T3775] ip6t_rpfilter: unknown options [ 38.745598][ T3781] loop2: detected capacity change from 0 to 512 [ 38.754199][ T3781] EXT4-fs error (device loop2): ext4_orphan_get:1390: inode #15: comm syz.2.120: casefold flag without casefold feature [ 38.769428][ T3781] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.120: couldn't read orphan inode 15 (err -117) [ 38.784470][ T3781] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.856306][ T3789] loop3: detected capacity change from 0 to 512 [ 38.887854][ T3789] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 38.913677][ T3789] EXT4-fs (loop3): mount failed [ 38.920236][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.079663][ T3811] loop3: detected capacity change from 0 to 512 [ 39.103732][ T3811] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 39.118779][ T3811] EXT4-fs (loop3): mount failed [ 39.191168][ T3816] xt_CT: You must specify a L4 protocol and not use inversions on it [ 39.687190][ T3822] loop3: detected capacity change from 0 to 1024 [ 39.696156][ T3822] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 39.706084][ T3822] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 39.716756][ T3822] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 39.727546][ T3822] EXT4-fs error (device loop3): ext4_get_journal_inode:5798: inode #5: comm syz.3.136: unexpected bad inode w/o EXT4_IGET_BAD [ 39.740934][ T3822] EXT4-fs (loop3): no journal found [ 39.746189][ T3822] EXT4-fs (loop3): can't get journal size [ 39.762733][ T3822] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 39.831435][ T37] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 39.920840][ T3840] netlink: 12 bytes leftover after parsing attributes in process `syz.0.142'. [ 39.935007][ T3840] loop0: detected capacity change from 0 to 512 [ 39.941559][ T3840] EXT4-fs: Ignoring removed nobh option [ 39.947732][ T3840] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 39.963749][ T3840] EXT4-fs error (device loop0): ext4_do_update_inode:5194: inode #3: comm syz.0.142: corrupted inode contents [ 39.975742][ T3840] EXT4-fs error (device loop0): ext4_dirty_inode:6086: inode #3: comm syz.0.142: mark_inode_dirty error [ 39.987237][ T3840] EXT4-fs error (device loop0): ext4_do_update_inode:5194: inode #3: comm syz.0.142: corrupted inode contents [ 40.000373][ T3840] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #3: comm syz.0.142: mark_inode_dirty error [ 40.011949][ T3840] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.142: Failed to acquire dquot type 0 [ 40.024777][ T3840] EXT4-fs error (device loop0): ext4_do_update_inode:5194: inode #16: comm syz.0.142: corrupted inode contents [ 40.037071][ T3840] EXT4-fs error (device loop0): ext4_dirty_inode:6086: inode #16: comm syz.0.142: mark_inode_dirty error [ 40.050137][ T3840] EXT4-fs error (device loop0): ext4_do_update_inode:5194: inode #16: comm syz.0.142: corrupted inode contents [ 40.062484][ T3840] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #16: comm syz.0.142: mark_inode_dirty error [ 40.074140][ T3840] EXT4-fs error (device loop0): ext4_do_update_inode:5194: inode #16: comm syz.0.142: corrupted inode contents [ 40.086239][ T3840] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 40.089934][ T3846] serio: Serial port ptm0 [ 40.099366][ T3840] EXT4-fs error (device loop0): ext4_do_update_inode:5194: inode #16: comm syz.0.142: corrupted inode contents [ 40.111420][ T3840] EXT4-fs error (device loop0): ext4_truncate:4266: inode #16: comm syz.0.142: mark_inode_dirty error [ 40.122629][ T3840] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 40.131914][ T3840] EXT4-fs (loop0): 1 truncate cleaned up [ 40.138131][ T3840] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.150764][ T3840] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 40.179715][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.205344][ T3849] bridge_slave_0: left allmulticast mode [ 40.211060][ T3849] bridge_slave_0: left promiscuous mode [ 40.217106][ T3849] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.226707][ T3849] bridge_slave_1: left allmulticast mode [ 40.232566][ T3849] bridge_slave_1: left promiscuous mode [ 40.238411][ T3849] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.248436][ T3849] bond0: (slave bond_slave_0): Releasing backup interface [ 40.257856][ T3849] bond0: (slave bond_slave_1): Releasing backup interface [ 40.270182][ T3849] team0: Port device team_slave_0 removed [ 40.278900][ T3849] team0: Port device team_slave_1 removed [ 40.285562][ T3849] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 40.293143][ T3849] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 40.301760][ T3849] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 40.309268][ T3849] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 40.460586][ T3857] xt_hashlimit: max too large, truncated to 1048576 [ 40.482446][ T3857] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3857 comm=syz.4.148 [ 40.501529][ T3857] netlink: 44 bytes leftover after parsing attributes in process `syz.4.148'. [ 40.524894][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.553781][ T3863] serio: Serial port ptm1 [ 40.689723][ T3884] loop0: detected capacity change from 0 to 1024 [ 40.698113][ T3884] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 40.708121][ T3884] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 40.718275][ T3884] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 40.729371][ T3884] EXT4-fs error (device loop0): ext4_get_journal_inode:5798: inode #5: comm syz.0.160: unexpected bad inode w/o EXT4_IGET_BAD [ 40.752329][ T3884] EXT4-fs (loop0): no journal found [ 40.757570][ T3884] EXT4-fs (loop0): can't get journal size [ 40.774344][ T3884] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 40.878404][ T3887] capability: warning: `syz.3.159' uses deprecated v2 capabilities in a way that may be insecure [ 40.894476][ T31] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 41.427110][ T3915] loop4: detected capacity change from 0 to 512 [ 41.430563][ T3917] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 41.442036][ T3917] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 41.453095][ T3915] EXT4-fs error (device loop4): ext4_orphan_get:1390: inode #15: comm syz.4.170: casefold flag without casefold feature [ 41.453180][ T3915] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.170: couldn't read orphan inode 15 (err -117) [ 41.453917][ T3915] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.551506][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.589190][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.674068][ T3929] FAULT_INJECTION: forcing a failure. [ 41.674068][ T3929] name failslab, interval 1, probability 0, space 0, times 0 [ 41.686744][ T3929] CPU: 1 UID: 0 PID: 3929 Comm: syz.1.176 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(voluntary) [ 41.686831][ T3929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 41.686846][ T3929] Call Trace: [ 41.686853][ T3929] [ 41.686863][ T3929] dump_stack_lvl+0xf6/0x150 [ 41.686888][ T3929] dump_stack+0x15/0x1a [ 41.687013][ T3929] should_fail_ex+0x261/0x270 [ 41.687050][ T3929] should_failslab+0x8f/0xb0 [ 41.687075][ T3929] kmem_cache_alloc_noprof+0x59/0x340 [ 41.687155][ T3929] ? skb_clone+0x154/0x1f0 [ 41.687192][ T3929] skb_clone+0x154/0x1f0 [ 41.687242][ T3929] __netlink_deliver_tap+0x2bd/0x4f0 [ 41.687276][ T3929] netlink_unicast+0x69e/0x6c0 [ 41.687299][ T3929] netlink_sendmsg+0x609/0x720 [ 41.687333][ T3929] ? __pfx_netlink_sendmsg+0x10/0x10 [ 41.687368][ T3929] __sock_sendmsg+0x140/0x180 [ 41.687387][ T3929] ____sys_sendmsg+0x350/0x4e0 [ 41.687427][ T3929] __sys_sendmsg+0x1a0/0x240 [ 41.687487][ T3929] __x64_sys_sendmsg+0x46/0x50 [ 41.687528][ T3929] x64_sys_call+0x26f3/0x2e10 [ 41.687555][ T3929] do_syscall_64+0xc9/0x1c0 [ 41.687591][ T3929] ? clear_bhb_loop+0x25/0x80 [ 41.687696][ T3929] ? clear_bhb_loop+0x25/0x80 [ 41.687758][ T3929] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 41.687784][ T3929] RIP: 0033:0x7fe63792d169 [ 41.687800][ T3929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 41.687816][ T3929] RSP: 002b:00007fe635f97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 41.687834][ T3929] RAX: ffffffffffffffda RBX: 00007fe637b45fa0 RCX: 00007fe63792d169 [ 41.687845][ T3929] RDX: 000000002004c818 RSI: 00002000000011c0 RDI: 0000000000000003 [ 41.687856][ T3929] RBP: 00007fe635f97090 R08: 0000000000000000 R09: 0000000000000000 [ 41.687866][ T3929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 41.687949][ T3929] R13: 0000000000000000 R14: 00007fe637b45fa0 R15: 00007ffd130af778 [ 41.687970][ T3929] [ 41.954986][ T29] kauditd_printk_skb: 267 callbacks suppressed [ 41.955045][ T29] audit: type=1400 audit(1743333380.167:2401): avc: denied { read write } for pid=3936 comm="syz.1.180" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 41.986536][ T29] audit: type=1400 audit(1743333380.197:2402): avc: denied { open } for pid=3936 comm="syz.1.180" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 42.034082][ T29] audit: type=1400 audit(1743333380.247:2403): avc: denied { allowed } for pid=3940 comm=2BA501C3539340C2A691F5D8178AAB scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 42.055135][ T29] audit: type=1400 audit(1743333380.247:2404): avc: denied { create } for pid=3940 comm=2BA501C3539340C2A691F5D8178AAB anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 42.078095][ T29] audit: type=1400 audit(1743333380.247:2405): avc: denied { map } for pid=3940 comm=2BA501C3539340C2A691F5D8178AAB path="anon_inode:[io_uring]" dev="anon_inodefs" ino=6435 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 42.104015][ T29] audit: type=1400 audit(1743333380.247:2406): avc: denied { read write } for pid=3940 comm=2BA501C3539340C2A691F5D8178AAB path="anon_inode:[io_uring]" dev="anon_inodefs" ino=6435 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 42.170216][ T3948] loop1: detected capacity change from 0 to 512 [ 42.203151][ T3948] EXT4-fs error (device loop1): ext4_orphan_get:1390: inode #15: comm syz.1.184: casefold flag without casefold feature [ 42.217349][ T3948] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.184: couldn't read orphan inode 15 (err -117) [ 42.230672][ T3948] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.245725][ T3950] xt_CT: You must specify a L4 protocol and not use inversions on it [ 42.555429][ T29] audit: type=1326 audit(1743333380.737:2407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3953 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 42.578949][ T29] audit: type=1326 audit(1743333380.737:2408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3953 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 42.602620][ T29] audit: type=1326 audit(1743333380.747:2409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3953 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 42.625924][ T29] audit: type=1326 audit(1743333380.747:2410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3953 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa53302d1a3 code=0x7ffc0000 [ 42.659030][ T3954] loop4: detected capacity change from 0 to 1024 [ 42.672379][ T3956] syzkaller0: tun_chr_ioctl cmd 1074025675 [ 42.678209][ T3956] syzkaller0: persist disabled [ 42.701095][ T3958] batman_adv: batadv0: Interface deactivated: dummy0 [ 42.708030][ T3958] batman_adv: batadv0: Removing interface: dummy0 [ 42.709136][ T3954] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 42.724539][ T3954] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 42.734705][ T3954] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 42.745696][ T3954] EXT4-fs error (device loop4): ext4_get_journal_inode:5798: inode #5: comm syz.4.186: unexpected bad inode w/o EXT4_IGET_BAD [ 42.764172][ T3954] EXT4-fs (loop4): no journal found [ 42.769405][ T3954] EXT4-fs (loop4): can't get journal size [ 42.830300][ T3962] netlink: 'syz.0.189': attribute type 10 has an invalid length. [ 42.833098][ T3954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 42.842928][ T3958] bridge_slave_0: left allmulticast mode [ 42.856245][ T3958] bridge_slave_0: left promiscuous mode [ 42.862148][ T3958] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.869820][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.880263][ T3958] bridge_slave_1: left allmulticast mode [ 42.886086][ T3958] bridge_slave_1: left promiscuous mode [ 42.891793][ T3958] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.902221][ T3958] bond0: (slave bond_slave_0): Releasing backup interface [ 42.912590][ T3958] bond0: (slave bond_slave_1): Releasing backup interface [ 42.924561][ T3958] team0: Port device team_slave_0 removed [ 42.933525][ T3958] team0: Port device team_slave_1 removed [ 42.940445][ T3958] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 42.947969][ T3958] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 42.956695][ T3958] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 42.964251][ T3958] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 42.972795][ T12] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 43.048730][ T3977] netlink: 'syz.0.202': attribute type 10 has an invalid length. [ 43.067294][ T3979] netlink: 12 bytes leftover after parsing attributes in process `syz.2.193'. [ 43.081557][ T3979] loop2: detected capacity change from 0 to 512 [ 43.089296][ T3979] EXT4-fs: Ignoring removed nobh option [ 43.141803][ T3979] EXT4-fs error (device loop2): ext4_do_update_inode:5194: inode #3: comm syz.2.193: corrupted inode contents [ 43.153965][ T3979] EXT4-fs error (device loop2): ext4_dirty_inode:6086: inode #3: comm syz.2.193: mark_inode_dirty error [ 43.165820][ T3979] EXT4-fs error (device loop2): ext4_do_update_inode:5194: inode #3: comm syz.2.193: corrupted inode contents [ 43.178641][ T3979] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #3: comm syz.2.193: mark_inode_dirty error [ 43.190460][ T3979] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.193: Failed to acquire dquot type 0 [ 43.203534][ T3979] EXT4-fs error (device loop2): ext4_do_update_inode:5194: inode #16: comm syz.2.193: corrupted inode contents [ 43.215539][ T3979] EXT4-fs error (device loop2): ext4_dirty_inode:6086: inode #16: comm syz.2.193: mark_inode_dirty error [ 43.227285][ T3979] EXT4-fs error (device loop2): ext4_do_update_inode:5194: inode #16: comm syz.2.193: corrupted inode contents [ 43.240406][ T3979] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #16: comm syz.2.193: mark_inode_dirty error [ 43.251812][ T3979] EXT4-fs error (device loop2): ext4_do_update_inode:5194: inode #16: comm syz.2.193: corrupted inode contents [ 43.263858][ T3979] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 43.273330][ T3979] EXT4-fs error (device loop2): ext4_do_update_inode:5194: inode #16: comm syz.2.193: corrupted inode contents [ 43.285601][ T3979] EXT4-fs error (device loop2): ext4_truncate:4266: inode #16: comm syz.2.193: mark_inode_dirty error [ 43.296877][ T3979] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 43.306260][ T3979] EXT4-fs (loop2): 1 truncate cleaned up [ 43.312303][ T3979] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.325141][ T3979] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.353158][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.363650][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.383290][ T3994] loop2: detected capacity change from 0 to 1024 [ 43.385690][ T3996] loop4: detected capacity change from 0 to 512 [ 43.390160][ T3994] EXT4-fs: Ignoring removed nobh option [ 43.402047][ T3994] EXT4-fs: quotafile must be on filesystem root [ 43.408700][ T3996] EXT4-fs error (device loop4): ext4_orphan_get:1390: inode #15: comm syz.4.200: casefold flag without casefold feature [ 43.422562][ T3996] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.200: couldn't read orphan inode 15 (err -117) [ 43.435942][ T3996] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.532743][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.560900][ T4000] loop4: detected capacity change from 0 to 1024 [ 43.569054][ T4000] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 43.578887][ T4000] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 43.590466][ T4000] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 43.604003][ T4000] EXT4-fs error (device loop4): ext4_get_journal_inode:5798: inode #5: comm syz.4.201: unexpected bad inode w/o EXT4_IGET_BAD [ 43.617699][ T4000] EXT4-fs (loop4): no journal found [ 43.622966][ T4000] EXT4-fs (loop4): can't get journal size [ 43.643514][ T4000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 43.728102][ T4009] infiniband syz0: set down [ 43.732748][ T4009] infiniband syz0: added bond0 [ 43.746833][ T4014] loop3: detected capacity change from 0 to 1024 [ 43.751958][ T4017] netlink: 'syz.1.207': attribute type 10 has an invalid length. [ 43.758101][ T4014] EXT4-fs: Ignoring removed nobh option [ 43.766695][ T4014] EXT4-fs: Ignoring removed bh option [ 43.775018][ T4017] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.782829][ T4009] RDS/IB: syz0: added [ 43.783773][ T4017] bond0: (slave team0): Enslaving as an active interface with an up link [ 43.786827][ T4009] smc: adding ib device syz0 with port count 1 [ 43.786850][ T4009] smc: ib device syz0 port 1 has pnetid [ 43.797890][ T31] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 43.884370][ T4014] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.937052][ T4035] loop2: detected capacity change from 0 to 512 [ 43.959655][ T4035] EXT4-fs error (device loop2): ext4_orphan_get:1390: inode #15: comm syz.2.213: casefold flag without casefold feature [ 44.006363][ T4014] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 44.006443][ T4014] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 44.020691][ T4035] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.213: couldn't read orphan inode 15 (err -117) [ 44.021162][ T4035] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.071519][ T4014] ALSA: seq fatal error: cannot create timer (-19) [ 44.183674][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.404150][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.664822][ T4052] loop4: detected capacity change from 0 to 32768 [ 44.702658][ T4052] loop4: p1 p2 p3 < p5 p6 > [ 44.707389][ T4052] loop4: p1 size 242222080 extends beyond EOD, truncated [ 44.716409][ T4052] loop4: p2 start 4294967295 is beyond EOD, truncated [ 44.749131][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.777712][ T4058] loop0: detected capacity change from 0 to 512 [ 44.785773][ T4058] EXT4-fs error (device loop0): ext4_orphan_get:1390: inode #15: comm syz.0.224: casefold flag without casefold feature [ 44.799782][ T4058] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.224: couldn't read orphan inode 15 (err -117) [ 44.813726][ T4058] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.845256][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.877385][ T4069] FAULT_INJECTION: forcing a failure. [ 44.877385][ T4069] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 44.887277][ T4071] loop4: detected capacity change from 0 to 512 [ 44.890483][ T4069] CPU: 1 UID: 0 PID: 4069 Comm: syz.0.226 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(voluntary) [ 44.890559][ T4069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 44.890574][ T4069] Call Trace: [ 44.890581][ T4069] [ 44.890590][ T4069] dump_stack_lvl+0xf6/0x150 [ 44.890619][ T4069] dump_stack+0x15/0x1a [ 44.890640][ T4069] should_fail_ex+0x261/0x270 [ 44.890678][ T4069] should_fail+0xb/0x10 [ 44.890726][ T4069] should_fail_usercopy+0x1a/0x20 [ 44.890767][ T4069] _copy_from_user+0x1c/0xa0 [ 44.890829][ T4069] copy_msghdr_from_user+0x54/0x2b0 [ 44.890861][ T4069] __sys_sendmsg+0x141/0x240 [ 44.890916][ T4069] __x64_sys_sendmsg+0x46/0x50 [ 44.891026][ T4069] x64_sys_call+0x26f3/0x2e10 [ 44.891053][ T4069] do_syscall_64+0xc9/0x1c0 [ 44.891155][ T4069] ? clear_bhb_loop+0x25/0x80 [ 44.891190][ T4069] ? clear_bhb_loop+0x25/0x80 [ 44.891270][ T4069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 44.891295][ T4069] RIP: 0033:0x7fd3b970d169 [ 44.891313][ T4069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 44.891334][ T4069] RSP: 002b:00007fd3b7d77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 44.891398][ T4069] RAX: ffffffffffffffda RBX: 00007fd3b9925fa0 RCX: 00007fd3b970d169 [ 44.891414][ T4069] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000007 [ 44.891427][ T4069] RBP: 00007fd3b7d77090 R08: 0000000000000000 R09: 0000000000000000 [ 44.891441][ T4069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 44.891473][ T4069] R13: 0000000000000000 R14: 00007fd3b9925fa0 R15: 00007ffc713736e8 [ 44.891497][ T4069] [ 44.943803][ T4075] netlink: 'syz.0.230': attribute type 10 has an invalid length. [ 44.973811][ T4071] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 45.091237][ T4071] EXT4-fs (loop4): mount failed [ 45.134159][ T4085] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 45.134218][ T4085] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 45.147167][ T4085] batman_adv: batadv0: Adding interface: dummy0 [ 45.147180][ T4085] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.147205][ T4085] batman_adv: batadv0: Interface activated: dummy0 [ 45.158199][ T4087] FAULT_INJECTION: forcing a failure. [ 45.158199][ T4087] name failslab, interval 1, probability 0, space 0, times 0 [ 45.158230][ T4087] CPU: 1 UID: 0 PID: 4087 Comm: syz.0.234 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(voluntary) [ 45.158347][ T4087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 45.158358][ T4087] Call Trace: [ 45.158363][ T4087] [ 45.158369][ T4087] dump_stack_lvl+0xf6/0x150 [ 45.158423][ T4087] dump_stack+0x15/0x1a [ 45.158438][ T4087] should_fail_ex+0x261/0x270 [ 45.158474][ T4087] should_failslab+0x8f/0xb0 [ 45.158499][ T4087] __kvmalloc_node_noprof+0x12c/0x520 [ 45.158532][ T4087] ? bpf_test_run_xdp_live+0xf9/0x1050 [ 45.158748][ T4087] bpf_test_run_xdp_live+0xf9/0x1050 [ 45.158777][ T4087] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 45.158810][ T4087] ? bpf_dispatcher_xdp_func+0x20/0x30 [ 45.158832][ T4087] ? cpus_read_unlock+0x7b/0xc0 [ 45.158906][ T4087] ? __static_call_update+0x3a5/0x3e0 [ 45.158982][ T4087] ? synchronize_rcu+0x4a/0x320 [ 45.159006][ T4087] ? 0xffffffffa0003940 [ 45.159024][ T4087] ? bpf_dispatcher_change_prog+0x788/0x8b0 [ 45.159087][ T4087] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 45.159170][ T4087] bpf_prog_test_run_xdp+0x526/0x8e0 [ 45.159203][ T4087] ? __rcu_read_unlock+0x4e/0x70 [ 45.159296][ T4087] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 45.159409][ T4087] bpf_prog_test_run+0x20e/0x3a0 [ 45.159430][ T4087] __sys_bpf+0x40d/0x7c0 [ 45.159464][ T4087] __x64_sys_bpf+0x43/0x50 [ 45.159501][ T4087] x64_sys_call+0x23da/0x2e10 [ 45.159527][ T4087] do_syscall_64+0xc9/0x1c0 [ 45.159670][ T4087] ? clear_bhb_loop+0x25/0x80 [ 45.159695][ T4087] ? clear_bhb_loop+0x25/0x80 [ 45.159722][ T4087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 45.159747][ T4087] RIP: 0033:0x7fd3b970d169 [ 45.159764][ T4087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 45.159787][ T4087] RSP: 002b:00007fd3b7d77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 45.159864][ T4087] RAX: ffffffffffffffda RBX: 00007fd3b9925fa0 RCX: 00007fd3b970d169 [ 45.159892][ T4087] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 45.159943][ T4087] RBP: 00007fd3b7d77090 R08: 0000000000000000 R09: 0000000000000000 [ 45.159999][ T4087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 45.160012][ T4087] R13: 0000000000000000 R14: 00007fd3b9925fa0 R15: 00007ffc713736e8 [ 45.160034][ T4087] [ 45.206580][ T4092] loop0: detected capacity change from 0 to 512 [ 45.252958][ T4095] loop2: detected capacity change from 0 to 512 [ 45.267048][ T4092] EXT4-fs error (device loop0): ext4_orphan_get:1390: inode #15: comm syz.0.236: casefold flag without casefold feature [ 45.293498][ T4095] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 45.295628][ T4092] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.236: couldn't read orphan inode 15 (err -117) [ 45.300231][ T4095] EXT4-fs (loop2): mount failed [ 45.307956][ T4092] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.548567][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.607844][ T4106] loop2: detected capacity change from 0 to 512 [ 45.620695][ T4108] loop3: detected capacity change from 0 to 512 [ 45.629859][ T4106] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 45.629886][ T4106] System zones: 0-2, 18-18, 34-34 [ 45.630907][ T4106] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.241: bg 0: block 248: padding at end of block bitmap is not set [ 45.631251][ T4106] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.241: Failed to acquire dquot type 1 [ 45.631890][ T4106] EXT4-fs (loop2): 1 truncate cleaned up [ 45.632423][ T4106] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.632552][ T4106] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.644769][ T4108] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 45.644802][ T4108] System zones: 0-2, 18-18, 34-34 [ 45.645763][ T4108] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.242: bg 0: block 248: padding at end of block bitmap is not set [ 45.750986][ T4108] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.242: Failed to acquire dquot type 1 [ 45.751925][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.773827][ T4108] EXT4-fs (loop3): 1 truncate cleaned up [ 45.774366][ T4108] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.774442][ T4108] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.831450][ T4120] netlink: 24 bytes leftover after parsing attributes in process `syz.2.245'. [ 45.995405][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.995461][ T4129] loop1: detected capacity change from 0 to 2048 [ 46.020033][ T4131] loop2: detected capacity change from 0 to 164 [ 46.045987][ T4129] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.070813][ T4136] loop3: detected capacity change from 0 to 512 [ 46.087069][ T4136] EXT4-fs error (device loop3): ext4_orphan_get:1390: inode #15: comm syz.3.250: casefold flag without casefold feature [ 46.100631][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.111240][ T4136] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.250: couldn't read orphan inode 15 (err -117) [ 46.114626][ T4124] tipc: Started in network mode [ 46.128020][ T4124] tipc: Node identity 16a31fdec54c, cluster identity 4711 [ 46.135533][ T4124] tipc: Enabled bearer , priority 0 [ 46.145056][ T37] tipc: Resetting bearer [ 46.151447][ T4121] tipc: Resetting bearer [ 46.158067][ T4136] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.193127][ T4121] tipc: Disabling bearer [ 46.218290][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.273930][ T4150] netlink: 24 bytes leftover after parsing attributes in process `syz.3.257'. [ 46.442390][ T4162] netlink: 'syz.0.261': attribute type 13 has an invalid length. [ 46.460390][ T4162] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 46.605233][ T4170] netlink: 28 bytes leftover after parsing attributes in process `syz.4.265'. [ 46.750141][ T4177] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 46.900051][ T4180] loop0: detected capacity change from 0 to 1024 [ 46.914645][ T4182] netlink: 24 bytes leftover after parsing attributes in process `syz.4.270'. [ 46.932545][ T4180] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 46.942392][ T4180] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 46.958891][ T4180] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 46.988543][ T4180] EXT4-fs error (device loop0): ext4_get_journal_inode:5798: inode #5: comm syz.0.269: unexpected bad inode w/o EXT4_IGET_BAD [ 47.003541][ T4180] EXT4-fs (loop0): no journal found [ 47.008816][ T4180] EXT4-fs (loop0): can't get journal size [ 47.032821][ T29] kauditd_printk_skb: 721 callbacks suppressed [ 47.032838][ T29] audit: type=1326 audit(1743333385.247:3124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4183 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 47.062634][ T29] audit: type=1326 audit(1743333385.247:3125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4183 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 47.090278][ T29] audit: type=1326 audit(1743333385.297:3126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4183 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 47.113784][ T29] audit: type=1326 audit(1743333385.297:3127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4183 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 47.137350][ T29] audit: type=1326 audit(1743333385.297:3128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4183 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 47.160794][ T29] audit: type=1326 audit(1743333385.297:3129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4183 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 47.184224][ T29] audit: type=1326 audit(1743333385.297:3130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4183 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 47.207680][ T29] audit: type=1326 audit(1743333385.297:3131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4183 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 47.231482][ T29] audit: type=1326 audit(1743333385.297:3132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4183 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 47.254848][ T29] audit: type=1326 audit(1743333385.297:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4183 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa53302d169 code=0x7ffc0000 [ 47.279980][ T4180] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 47.377141][ T3400] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 47.740007][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.780935][ T4195] serio: Serial port ptm0 [ 47.865962][ T4198] netlink: 'syz.4.274': attribute type 13 has an invalid length. [ 47.946083][ T4198] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 48.207470][ T4213] loop0: detected capacity change from 0 to 512 [ 48.225324][ T4214] xt_CT: You must specify a L4 protocol and not use inversions on it [ 48.385098][ T4219] netlink: 32 bytes leftover after parsing attributes in process `syz.2.283'. [ 48.703864][ T4213] EXT4-fs error (device loop0): ext4_orphan_get:1390: inode #15: comm syz.0.281: casefold flag without casefold feature [ 48.717508][ T4213] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.281: couldn't read orphan inode 15 (err -117) [ 48.731765][ T4213] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.759064][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.778923][ T4224] serio: Serial port ptm0 [ 48.809282][ T4144] syz.1.254 (4144) used greatest stack depth: 6960 bytes left [ 48.875896][ T4236] netlink: 'syz.3.290': attribute type 13 has an invalid length. [ 48.905784][ T4236] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 48.934623][ T4239] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 48.980871][ T4242] bond0: (slave team0): Releasing backup interface [ 49.020936][ T4246] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 49.049781][ T4246] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 49.195009][ T4255] FAULT_INJECTION: forcing a failure. [ 49.195009][ T4255] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 49.208324][ T4255] CPU: 0 UID: 0 PID: 4255 Comm: syz.4.296 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(voluntary) [ 49.208492][ T4255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 49.208508][ T4255] Call Trace: [ 49.208515][ T4255] [ 49.208523][ T4255] dump_stack_lvl+0xf6/0x150 [ 49.208551][ T4255] dump_stack+0x15/0x1a [ 49.208571][ T4255] should_fail_ex+0x261/0x270 [ 49.208608][ T4255] should_fail_alloc_page+0xfd/0x110 [ 49.208709][ T4255] __alloc_frozen_pages_noprof+0x11e/0x340 [ 49.208753][ T4255] alloc_pages_mpol+0xb6/0x260 [ 49.208814][ T4255] vma_alloc_folio_noprof+0x1a2/0x310 [ 49.208861][ T4255] handle_mm_fault+0xdec/0x2b30 [ 49.208896][ T4255] exc_page_fault+0x3b9/0x650 [ 49.208926][ T4255] asm_exc_page_fault+0x26/0x30 [ 49.208950][ T4255] RIP: 0033:0x7fa532fda78b [ 49.209035][ T4255] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01 [ 49.209052][ T4255] RSP: 002b:00007fa531694e10 EFLAGS: 00010246 [ 49.209066][ T4255] RAX: 00007fa531696f30 RBX: 00007fa53321c620 RCX: 0000000000000000 [ 49.209077][ T4255] RDX: 00007fa531696f78 RSI: 00007fa53308cbd8 RDI: 00007fa531694e30 [ 49.209088][ T4255] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000 [ 49.209102][ T4255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 49.209116][ T4255] R13: 0000000000000000 R14: 00007fa533245fa0 R15: 00007ffea3a55648 [ 49.209139][ T4255] [ 49.209214][ T4255] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 49.388335][ T4264] serio: Serial port ptm0 [ 49.486845][ T4272] netlink: 1296 bytes leftover after parsing attributes in process `syz.4.303'. [ 49.499239][ T4272] loop4: detected capacity change from 0 to 512 [ 49.506295][ T4272] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 49.517913][ T4272] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 49.531747][ T4272] EXT4-fs (loop4): 1 truncate cleaned up [ 49.537785][ T4272] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.582524][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.603391][ T4278] xt_CT: You must specify a L4 protocol and not use inversions on it [ 49.709487][ T4283] loop0: detected capacity change from 0 to 164 [ 49.891364][ T4292] FAULT_INJECTION: forcing a failure. [ 49.891364][ T4292] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 49.904494][ T4292] CPU: 1 UID: 0 PID: 4292 Comm: syz.4.311 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(voluntary) [ 49.904533][ T4292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 49.904547][ T4292] Call Trace: [ 49.904553][ T4292] [ 49.904571][ T4292] dump_stack_lvl+0xf6/0x150 [ 49.904595][ T4292] dump_stack+0x15/0x1a [ 49.904613][ T4292] should_fail_ex+0x261/0x270 [ 49.904681][ T4292] should_fail+0xb/0x10 [ 49.904706][ T4292] should_fail_usercopy+0x1a/0x20 [ 49.904910][ T4292] _copy_from_iter+0xd8/0xd10 [ 49.904931][ T4292] ? kmalloc_reserve+0x16e/0x190 [ 49.904955][ T4292] ? __build_skb_around+0x199/0x1f0 [ 49.904978][ T4292] ? __alloc_skb+0x227/0x320 [ 49.905058][ T4292] ? __virt_addr_valid+0x1ed/0x250 [ 49.905077][ T4292] ? __check_object_size+0x367/0x510 [ 49.905106][ T4292] netlink_sendmsg+0x492/0x720 [ 49.905187][ T4292] ? __pfx_netlink_sendmsg+0x10/0x10 [ 49.905237][ T4292] __sock_sendmsg+0x140/0x180 [ 49.905262][ T4292] ____sys_sendmsg+0x350/0x4e0 [ 49.905327][ T4292] __sys_sendmsg+0x1a0/0x240 [ 49.905365][ T4292] __x64_sys_sendmsg+0x46/0x50 [ 49.905392][ T4292] x64_sys_call+0x26f3/0x2e10 [ 49.905413][ T4292] do_syscall_64+0xc9/0x1c0 [ 49.905461][ T4292] ? clear_bhb_loop+0x25/0x80 [ 49.905487][ T4292] ? clear_bhb_loop+0x25/0x80 [ 49.905512][ T4292] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 49.905545][ T4292] RIP: 0033:0x7fa53302d169 [ 49.905563][ T4292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 49.905605][ T4292] RSP: 002b:00007fa531697038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 49.905627][ T4292] RAX: ffffffffffffffda RBX: 00007fa533245fa0 RCX: 00007fa53302d169 [ 49.905639][ T4292] RDX: 0000000000004044 RSI: 0000200000000280 RDI: 0000000000000003 [ 49.905650][ T4292] RBP: 00007fa531697090 R08: 0000000000000000 R09: 0000000000000000 [ 49.905660][ T4292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 49.905717][ T4292] R13: 0000000000000000 R14: 00007fa533245fa0 R15: 00007ffea3a55648 [ 49.905733][ T4292] [ 50.180292][ T4300] hub 9-0:1.0: USB hub found [ 50.188156][ T4300] hub 9-0:1.0: 8 ports detected [ 50.261044][ T4314] loop4: detected capacity change from 0 to 164 [ 50.276006][ T4315] loop1: detected capacity change from 0 to 512 [ 50.317054][ T4315] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 50.344099][ T4315] System zones: 0-2, 18-18, 34-34 [ 50.350968][ T4315] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.320: bg 0: block 248: padding at end of block bitmap is not set [ 50.382551][ T4315] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.320: Failed to acquire dquot type 1 [ 50.413224][ T4315] EXT4-fs (loop1): 1 truncate cleaned up [ 50.426868][ T4315] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.482348][ T4315] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.675512][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.925401][ T4351] xt_CT: You must specify a L4 protocol and not use inversions on it [ 51.285250][ T4359] loop0: detected capacity change from 0 to 512 [ 51.315599][ T4359] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 51.334666][ T4359] System zones: 0-2, 18-18, 34-34 [ 51.356777][ T4359] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.338: bg 0: block 248: padding at end of block bitmap is not set [ 51.403892][ T4359] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.338: Failed to acquire dquot type 1 [ 51.416762][ T4359] EXT4-fs (loop0): 1 truncate cleaned up [ 51.423471][ T4359] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 51.437163][ T4359] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 51.508855][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.637482][ T4367] loop0: detected capacity change from 0 to 164 [ 51.651142][ T4371] loop2: detected capacity change from 0 to 512 [ 51.667573][ T4371] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 51.714427][ T4371] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 51.743317][ T4371] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 51.835786][ T4371] FAULT_INJECTION: forcing a failure. [ 51.835786][ T4371] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 51.848975][ T4371] CPU: 1 UID: 0 PID: 4371 Comm: syz.2.343 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(voluntary) [ 51.849001][ T4371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 51.849012][ T4371] Call Trace: [ 51.849019][ T4371] [ 51.849028][ T4371] dump_stack_lvl+0xf6/0x150 [ 51.849093][ T4371] dump_stack+0x15/0x1a [ 51.849107][ T4371] should_fail_ex+0x261/0x270 [ 51.849168][ T4371] should_fail+0xb/0x10 [ 51.849199][ T4371] should_fail_usercopy+0x1a/0x20 [ 51.849250][ T4371] _copy_from_iter+0xd8/0xd10 [ 51.849269][ T4371] ? __virt_addr_valid+0x1ed/0x250 [ 51.849288][ T4371] ? __check_object_size+0x367/0x510 [ 51.849359][ T4371] ip_generic_getfrag+0x9a/0x1b0 [ 51.849393][ T4371] __ip6_append_data+0x12c5/0x2200 [ 51.849495][ T4371] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 51.849538][ T4371] ip6_append_data+0x1ca/0x270 [ 51.849569][ T4371] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 51.849639][ T4371] udpv6_sendmsg+0x72b/0x1600 [ 51.849726][ T4371] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 51.849831][ T4371] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 51.849852][ T4371] inet6_sendmsg+0xaf/0xd0 [ 51.849879][ T4371] __sock_sendmsg+0x8b/0x180 [ 51.849904][ T4371] ____sys_sendmsg+0x350/0x4e0 [ 51.849947][ T4371] __sys_sendmmsg+0x22a/0x4b0 [ 51.850002][ T4371] __x64_sys_sendmmsg+0x57/0x70 [ 51.850037][ T4371] x64_sys_call+0x2b53/0x2e10 [ 51.850135][ T4371] do_syscall_64+0xc9/0x1c0 [ 51.850162][ T4371] ? clear_bhb_loop+0x25/0x80 [ 51.850184][ T4371] ? clear_bhb_loop+0x25/0x80 [ 51.850240][ T4371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.850263][ T4371] RIP: 0033:0x7fe6b33dd169 [ 51.850279][ T4371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.850298][ T4371] RSP: 002b:00007fe6b1a3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 51.850319][ T4371] RAX: ffffffffffffffda RBX: 00007fe6b35f5fa0 RCX: 00007fe6b33dd169 [ 51.850333][ T4371] RDX: 0000000000000001 RSI: 0000200000006780 RDI: 0000000000000003 [ 51.850370][ T4371] RBP: 00007fe6b1a3f090 R08: 0000000000000000 R09: 0000000000000000 [ 51.850430][ T4371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.850443][ T4371] R13: 0000000000000000 R14: 00007fe6b35f5fa0 R15: 00007fffb6dd52a8 [ 51.850464][ T4371] [ 52.121468][ T29] kauditd_printk_skb: 627 callbacks suppressed [ 52.121483][ T29] audit: type=1326 audit(1743333390.317:3757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4382 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f917d169 code=0x7ffc0000 [ 52.151150][ T29] audit: type=1326 audit(1743333390.317:3758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4382 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f78f917d169 code=0x7ffc0000 [ 52.174437][ T29] audit: type=1326 audit(1743333390.317:3759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4382 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f917d169 code=0x7ffc0000 [ 52.207761][ T4387] loop1: detected capacity change from 0 to 512 [ 52.216994][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.243376][ T4390] loop2: detected capacity change from 0 to 1024 [ 52.250855][ T4390] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 52.260744][ T4390] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 52.270794][ T29] audit: type=1326 audit(1743333390.447:3760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4389 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b33dd169 code=0x7ffc0000 [ 52.294458][ T29] audit: type=1326 audit(1743333390.447:3761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4389 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe6b33dd169 code=0x7ffc0000 [ 52.298090][ T4394] netlink: 32 bytes leftover after parsing attributes in process `syz.3.352'. [ 52.317851][ T29] audit: type=1326 audit(1743333390.447:3762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4389 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe6b33dd1a3 code=0x7ffc0000 [ 52.332610][ T4387] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 52.349922][ T29] audit: type=1326 audit(1743333390.447:3763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4389 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe6b33dbc1f code=0x7ffc0000 [ 52.359531][ T4390] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 52.381120][ T29] audit: type=1326 audit(1743333390.457:3764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4389 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe6b33dd1f7 code=0x7ffc0000 [ 52.414344][ T29] audit: type=1326 audit(1743333390.457:3765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4389 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe6b33dbad0 code=0x7ffc0000 [ 52.417737][ T4390] EXT4-fs error (device loop2): ext4_get_journal_inode:5798: inode #5: comm syz.2.349: unexpected bad inode w/o EXT4_IGET_BAD [ 52.437970][ T29] audit: type=1326 audit(1743333390.457:3766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4389 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe6b33dcd6b code=0x7ffc0000 [ 52.453378][ T4387] System zones: 0-2, 18-18, 34-34 [ 52.477811][ T4390] EXT4-fs (loop2): no journal found [ 52.484463][ T4390] EXT4-fs (loop2): can't get journal size [ 52.491099][ T4387] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.351: bg 0: block 248: padding at end of block bitmap is not set [ 52.506515][ T4387] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.351: Failed to acquire dquot type 1 [ 52.518427][ T4387] EXT4-fs (loop1): 1 truncate cleaned up [ 52.525618][ T4387] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 52.538859][ T4387] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.561269][ T4390] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 52.613232][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.666541][ T4409] loop1: detected capacity change from 0 to 512 [ 52.675649][ T4409] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 52.688415][ T4410] xt_CT: You must specify a L4 protocol and not use inversions on it [ 52.701120][ T3400] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 52.724256][ T4409] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 52.738344][ T4409] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.858017][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.918667][ T4419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4419 comm=syz.0.360 [ 52.975321][ T4422] loop0: detected capacity change from 0 to 128 [ 53.001757][ T4419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4419 comm=syz.0.360 [ 53.095061][ T4419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4419 comm=syz.0.360 [ 53.122130][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.136001][ T4419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4419 comm=syz.0.360 [ 53.163186][ T4419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4419 comm=syz.0.360 [ 53.190068][ T4419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4419 comm=syz.0.360 [ 53.209359][ T4419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4419 comm=syz.0.360 [ 53.221835][ T4419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4419 comm=syz.0.360 [ 53.234448][ T4419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4419 comm=syz.0.360 [ 53.246929][ T4419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4419 comm=syz.0.360 [ 53.338388][ T4432] netlink: 32 bytes leftover after parsing attributes in process `syz.2.364'. [ 53.385927][ T4430] loop4: detected capacity change from 0 to 1024 [ 53.393303][ T4430] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 53.403126][ T4430] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 53.415043][ T4430] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 53.426134][ T4436] serio: Serial port ptm1 [ 53.426921][ T4438] loop3: detected capacity change from 0 to 512 [ 53.436988][ T4430] EXT4-fs error (device loop4): ext4_get_journal_inode:5798: inode #5: comm syz.4.363: unexpected bad inode w/o EXT4_IGET_BAD [ 53.450937][ T4430] EXT4-fs (loop4): no journal found [ 53.456211][ T4430] EXT4-fs (loop4): can't get journal size [ 53.467534][ T4430] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 53.501243][ T4438] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 53.509508][ T4443] loop2: detected capacity change from 0 to 164 [ 53.520719][ T4438] System zones: 0-2, 18-18, 34-34 [ 53.535718][ T4438] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.367: bg 0: block 248: padding at end of block bitmap is not set [ 53.561958][ T4438] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.367: Failed to acquire dquot type 1 [ 53.575693][ T4449] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 53.584293][ T4449] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 53.593744][ T4438] EXT4-fs (loop3): 1 truncate cleaned up [ 53.600083][ T4438] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.613341][ T122] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 53.624774][ T4449] batman_adv: batadv0: Adding interface: dummy0 [ 53.631055][ T4449] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.659188][ T4438] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 53.669767][ T4449] batman_adv: batadv0: Interface activated: dummy0 [ 53.683867][ T4449] batadv0: mtu less than device minimum [ 53.689690][ T4449] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 53.700570][ T4449] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 53.711340][ T4449] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 53.722164][ T4449] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 53.732933][ T4449] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 53.743757][ T4449] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 53.754658][ T4449] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 53.765427][ T4449] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 53.776098][ T4449] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 53.809785][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.862828][ T3302] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 53.871713][ T4457] loop3: detected capacity change from 0 to 2048 [ 53.873744][ T3302] CPU: 1 UID: 0 PID: 3302 Comm: syz-executor Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(voluntary) [ 53.873779][ T3302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 53.873795][ T3302] Call Trace: [ 53.873823][ T3302] [ 53.873833][ T3302] dump_stack_lvl+0xf6/0x150 [ 53.873864][ T3302] dump_stack+0x15/0x1a [ 53.873887][ T3302] dump_header+0x83/0x2d0 [ 53.873997][ T3302] oom_kill_process+0x341/0x4c0 [ 53.874043][ T3302] out_of_memory+0x9d1/0xc20 [ 53.874076][ T3302] mem_cgroup_out_of_memory+0x13f/0x190 [ 53.874106][ T3302] try_charge_memcg+0x50a/0x800 [ 53.874190][ T3302] charge_memcg+0x50/0xc0 [ 53.874227][ T3302] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 53.874270][ T3302] __read_swap_cache_async+0x242/0x490 [ 53.874340][ T3302] swap_cluster_readahead+0x38b/0x400 [ 53.874394][ T3302] swapin_readahead+0xe6/0x6f0 [ 53.874433][ T3302] ? kvm_sched_clock_read+0x11/0x20 [ 53.874532][ T3302] ? swap_cache_get_folio+0x77/0x210 [ 53.874572][ T3302] do_swap_page+0x31c/0x2510 [ 53.874604][ T3302] ? ttwu_do_activate+0x1ce/0x210 [ 53.874632][ T3302] ? cgroup_rstat_updated+0xa4/0x590 [ 53.874677][ T3302] ? _raw_spin_unlock_irqrestore+0x2b/0x60 [ 53.874705][ T3302] ? __rcu_read_lock+0x36/0x50 [ 53.874736][ T3302] ? __pfx_default_wake_function+0x10/0x10 [ 53.874774][ T3302] handle_mm_fault+0x8f9/0x2b30 [ 53.874834][ T3302] exc_page_fault+0x3b9/0x650 [ 53.874867][ T3302] asm_exc_page_fault+0x26/0x30 [ 53.874891][ T3302] RIP: 0033:0x7fe6378041b7 [ 53.874910][ T3302] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 e8 15 e7 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d f9 14 e7 00 48 01 d1 39 7c 24 [ 53.874994][ T3302] RSP: 002b:00007ffd130afb00 EFLAGS: 00010202 [ 53.875013][ T3302] RAX: 0000001b31e20000 RBX: 0000000000000090 RCX: 000000000000cf08 [ 53.875028][ T3302] RDX: 000000000ca2cffb RSI: 00007ffd130afb90 RDI: 0000000000000005 [ 53.875043][ T3302] RBP: 00007ffd130afb3c R08: 000000003033d484 R09: 7fffffffffffffff [ 53.875113][ T3302] R10: 00007fe638682038 R11: 0000000000000010 R12: 0000000000001388 [ 53.875128][ T3302] R13: 00000000000927c0 R14: 000000000000cef6 R15: 00007ffd130afb90 [ 53.875150][ T3302] [ 53.875158][ T3302] memory: usage 307200kB, limit 307200kB, failcnt 688 [ 53.904627][ T4458] netlink: 40 bytes leftover after parsing attributes in process `syz.0.370'. [ 53.905721][ T3302] memory+swap: usage 307552kB, limit 9007199254740988kB, failcnt 0 [ 53.915831][ T4457] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.917457][ T3302] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0 [ 54.140937][ T3302] Memory cgroup stats for /syz1: [ 54.141283][ T3302] cache 0 [ 54.149237][ T3302] rss 0 [ 54.152001][ T3302] shmem 0 [ 54.154998][ T3302] mapped_file 0 [ 54.158468][ T3302] dirty 0 [ 54.161408][ T3302] writeback 0 [ 54.164732][ T3302] workingset_refault_anon 219 [ 54.169434][ T3302] workingset_refault_file 609 [ 54.174234][ T3302] swap 360448 [ 54.177646][ T3302] swapcached 0 [ 54.181023][ T3302] pgpgin 12807 [ 54.184426][ T3302] pgpgout 12807 [ 54.187898][ T3302] pgfault 16170 [ 54.191363][ T3302] pgmajfault 204 [ 54.195097][ T3302] inactive_anon 0 [ 54.198739][ T3302] active_anon 0 [ 54.202276][ T3302] inactive_file 0 [ 54.206018][ T3302] active_file 0 [ 54.209604][ T3302] unevictable 0 [ 54.213094][ T3302] hierarchical_memory_limit 314572800 [ 54.218475][ T3302] hierarchical_memsw_limit 9223372036854771712 [ 54.224681][ T3302] total_cache 0 [ 54.228163][ T3302] total_rss 0 [ 54.231460][ T3302] total_shmem 0 [ 54.235125][ T3302] total_mapped_file 0 [ 54.239229][ T3302] total_dirty 0 [ 54.242732][ T3302] total_writeback 0 [ 54.246546][ T3302] total_workingset_refault_anon 219 [ 54.251910][ T3302] total_workingset_refault_file 609 [ 54.257157][ T3302] total_swap 360448 [ 54.260969][ T3302] total_swapcached 0 [ 54.264946][ T3302] total_pgpgin 12807 [ 54.268848][ T3302] total_pgpgout 12807 [ 54.272868][ T3302] total_pgfault 16170 [ 54.276857][ T3302] total_pgmajfault 204 [ 54.280926][ T3302] total_inactive_anon 0 [ 54.285154][ T3302] total_active_anon 0 [ 54.289135][ T3302] total_inactive_file 0 [ 54.293372][ T3302] total_active_file 0 [ 54.297407][ T3302] total_unevictable 0 [ 54.301400][ T3302] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.361,pid=4423,uid=0 [ 54.316026][ T3302] Memory cgroup out of memory: Killed process 4423 (syz.1.361) total-vm:93588kB, anon-rss:1044kB, file-rss:22188kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 54.421688][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.458081][ T4468] loop2: detected capacity change from 0 to 164 [ 54.553630][ T4471] xt_CT: You must specify a L4 protocol and not use inversions on it [ 55.095749][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.118361][ T4482] netlink: 20 bytes leftover after parsing attributes in process `syz.4.381'. [ 55.236597][ T4482] netlink: 4 bytes leftover after parsing attributes in process `syz.4.381'. [ 55.333958][ T4484] process 'syz.3.380' launched './file1' with NULL argv: empty string added [ 55.343412][ T4491] loop0: detected capacity change from 0 to 1024 [ 55.344572][ T4491] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 55.359879][ T4491] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 55.368082][ T4491] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 55.394067][ T4491] EXT4-fs error (device loop0): ext4_get_journal_inode:5798: inode #5: comm syz.0.384: unexpected bad inode w/o EXT4_IGET_BAD [ 55.408214][ T4491] EXT4-fs (loop0): no journal found [ 55.413498][ T4491] EXT4-fs (loop0): can't get journal size [ 55.419880][ T4495] netlink: 96 bytes leftover after parsing attributes in process `syz.1.385'. [ 55.426957][ T4497] loop2: detected capacity change from 0 to 512 [ 55.431891][ T4499] serio: Serial port ptm1 [ 55.436136][ T4495] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.440294][ T4491] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 55.470187][ T4495] netlink: 32 bytes leftover after parsing attributes in process `syz.1.385'. [ 55.494382][ T4497] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 55.507804][ T4497] System zones: 0-2, 18-18, 34-34 [ 55.521372][ T4513] loop4: detected capacity change from 0 to 164 [ 55.529855][ T3400] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 55.531829][ T4497] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.386: bg 0: block 248: padding at end of block bitmap is not set [ 55.562390][ T4484] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 55.570886][ T4484] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 55.572636][ T4497] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.386: Failed to acquire dquot type 1 [ 55.597697][ T4497] EXT4-fs (loop2): 1 truncate cleaned up [ 55.603984][ T4497] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.214394][ T4542] serio: Serial port ptm0 [ 56.218795][ T4543] loop3: detected capacity change from 0 to 128 [ 56.291930][ T4553] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 56.292058][ T4553] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 56.355592][ T4555] loop0: detected capacity change from 0 to 512 [ 56.410055][ T4555] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 56.410127][ T4555] System zones: 0-2, 18-18, 34-34 [ 56.410693][ T4555] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.404: bg 0: block 248: padding at end of block bitmap is not set [ 56.410911][ T4555] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.404: Failed to acquire dquot type 1 [ 56.411455][ T4555] EXT4-fs (loop0): 1 truncate cleaned up [ 56.411909][ T4555] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.436644][ T4553] batman_adv: batadv0: Adding interface: dummy0 [ 56.487466][ T4553] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.539313][ T4553] batman_adv: batadv0: Interface activated: dummy0 [ 56.628167][ T4572] loop0: detected capacity change from 0 to 512 [ 56.629328][ T4572] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 56.650141][ T4577] loop3: detected capacity change from 0 to 1024 [ 56.654520][ T4572] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.407: invalid indirect mapped block 4294967295 (level 0) [ 56.700102][ T4577] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 56.709925][ T4577] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 56.710469][ T4572] EXT4-fs (loop0): Remounting filesystem read-only [ 56.730535][ T4579] FAULT_INJECTION: forcing a failure. [ 56.730535][ T4579] name failslab, interval 1, probability 0, space 0, times 0 [ 56.734851][ T4577] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 56.743254][ T4579] CPU: 0 UID: 0 PID: 4579 Comm: syz.2.410 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(voluntary) [ 56.743288][ T4579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 56.743303][ T4579] Call Trace: [ 56.743312][ T4579] [ 56.743320][ T4579] dump_stack_lvl+0xf6/0x150 [ 56.743350][ T4579] dump_stack+0x15/0x1a [ 56.743388][ T4579] should_fail_ex+0x261/0x270 [ 56.743426][ T4579] should_failslab+0x8f/0xb0 [ 56.743451][ T4579] __kmalloc_noprof+0xad/0x410 [ 56.743482][ T4579] ? genl_family_rcv_msg_attrs_parse+0x75/0x1a0 [ 56.743558][ T4579] ? mod_objcg_state+0x3bf/0x500 [ 56.743593][ T4579] genl_family_rcv_msg_attrs_parse+0x75/0x1a0 [ 56.743620][ T4579] ? __rcu_read_unlock+0x34/0x70 [ 56.743717][ T4579] genl_start+0xe7/0x3a0 [ 56.743836][ T4579] __netlink_dump_start+0x32a/0x520 [ 56.743923][ T4579] genl_rcv_msg+0x55e/0x6f0 [ 56.743990][ T4579] ? __pfx_nl802154_list_associations+0x10/0x10 [ 56.744031][ T4579] ? __pfx_genl_start+0x10/0x10 [ 56.744142][ T4579] ? __pfx_genl_dumpit+0x10/0x10 [ 56.744181][ T4579] ? __pfx_genl_done+0x10/0x10 [ 56.744214][ T4579] netlink_rcv_skb+0x12f/0x230 [ 56.744267][ T4579] ? __pfx_genl_rcv_msg+0x10/0x10 [ 56.744319][ T4579] genl_rcv+0x28/0x40 [ 56.744356][ T4579] netlink_unicast+0x605/0x6c0 [ 56.744389][ T4579] netlink_sendmsg+0x609/0x720 [ 56.744427][ T4579] ? __pfx_netlink_sendmsg+0x10/0x10 [ 56.744540][ T4579] __sock_sendmsg+0x140/0x180 [ 56.744566][ T4579] ____sys_sendmsg+0x350/0x4e0 [ 56.744607][ T4579] __sys_sendmsg+0x1a0/0x240 [ 56.744737][ T4579] __x64_sys_sendmsg+0x46/0x50 [ 56.744803][ T4579] x64_sys_call+0x26f3/0x2e10 [ 56.744831][ T4579] do_syscall_64+0xc9/0x1c0 [ 56.744869][ T4579] ? clear_bhb_loop+0x25/0x80 [ 56.744895][ T4579] ? clear_bhb_loop+0x25/0x80 [ 56.744922][ T4579] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.745022][ T4579] RIP: 0033:0x7fe6b33dd169 [ 56.745040][ T4579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.745062][ T4579] RSP: 002b:00007fe6b1a3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 56.745084][ T4579] RAX: ffffffffffffffda RBX: 00007fe6b35f5fa0 RCX: 00007fe6b33dd169 [ 56.745099][ T4579] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004 [ 56.745114][ T4579] RBP: 00007fe6b1a3f090 R08: 0000000000000000 R09: 0000000000000000 [ 56.745129][ T4579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.745143][ T4579] R13: 0000000000000000 R14: 00007fe6b35f5fa0 R15: 00007fffb6dd52a8 [ 56.745238][ T4579] [ 56.775096][ T4572] EXT4-fs (loop0): 1 orphan inode deleted [ 56.775118][ T4572] EXT4-fs (loop0): 1 truncate cleaned up [ 56.911043][ T4581] loop2: detected capacity change from 0 to 2048 [ 56.946418][ T4577] EXT4-fs error (device loop3): ext4_get_journal_inode:5798: inode #5: comm syz.3.409: unexpected bad inode w/o EXT4_IGET_BAD [ 57.057648][ T4577] EXT4-fs (loop3): no journal found [ 57.058804][ T4581] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT [ 57.063014][ T4577] EXT4-fs (loop3): can't get journal size [ 57.144275][ T4591] serio: Serial port ptm0 [ 57.175299][ T3400] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 57.244171][ T4601] loop1: detected capacity change from 0 to 512 [ 57.254219][ T29] kauditd_printk_skb: 220 callbacks suppressed [ 57.254244][ T29] audit: type=1326 audit(1743333395.467:3979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.2.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b33dd169 code=0x7ffc0000 [ 57.290325][ T4607] loop0: detected capacity change from 0 to 512 [ 57.296743][ T29] audit: type=1326 audit(1743333395.467:3980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.2.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b33dd169 code=0x7ffc0000 [ 57.320499][ T29] audit: type=1326 audit(1743333395.467:3981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.2.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7fe6b33dd169 code=0x7ffc0000 [ 57.344031][ T29] audit: type=1326 audit(1743333395.467:3982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.2.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b33dd169 code=0x7ffc0000 [ 57.350670][ T4607] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 57.378791][ T4601] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 57.396354][ T4601] System zones: 0-2, 18-18, 34-34 [ 57.409302][ T4601] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.417: bg 0: block 248: padding at end of block bitmap is not set [ 57.428877][ T4607] EXT4-fs (loop0): 1 truncate cleaned up [ 57.435129][ T4601] Quota error (device loop1): write_blk: dquota write failed [ 57.442735][ T4601] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 57.466963][ T4607] syz.0.420 uses obsolete (PF_INET,SOCK_PACKET) [ 57.477258][ T29] audit: type=1326 audit(1743333395.687:3983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4576 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f917d169 code=0x7ffc0000 [ 57.478494][ T4601] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.417: Failed to acquire dquot type 1 [ 57.509571][ T29] audit: type=1326 audit(1743333395.687:3984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4576 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f917d169 code=0x7ffc0000 [ 57.566178][ T29] audit: type=1400 audit(1743333395.777:3985): avc: denied { connect } for pid=4606 comm="syz.0.420" laddr=224.0.0.2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 57.606512][ T4616] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 57.614979][ T4616] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 57.627807][ T4618] loop2: detected capacity change from 0 to 512 [ 57.637097][ T29] audit: type=1326 audit(1743333395.847:3986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4615 comm="syz.3.423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f917d169 code=0x7ffc0000 [ 57.662093][ T4601] EXT4-fs (loop1): 1 truncate cleaned up [ 57.668264][ T4618] EXT4-fs (loop2): corrupt root inode, run e2fsck [ 57.674901][ T4618] EXT4-fs (loop2): mount failed [ 57.680375][ T4601] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.872302][ T4631] serio: Serial port ptm0 [ 57.985441][ T4639] ================================================================== [ 57.993577][ T4639] BUG: KCSAN: data-race in __mark_inode_dirty / __writeback_single_inode [ 58.002033][ T4639] [ 58.004364][ T4639] read-write to 0xffff8881048bcf08 of 4 bytes by task 51 on cpu 1: [ 58.012302][ T4639] __writeback_single_inode+0x1f4/0x850 [ 58.017900][ T4639] writeback_sb_inodes+0x458/0xa10 [ 58.023041][ T4639] __writeback_inodes_wb+0x9a/0x1a0 [ 58.028264][ T4639] wb_writeback+0x276/0x650 [ 58.032818][ T4639] wb_workfn+0x510/0x960 [ 58.037085][ T4639] process_scheduled_works+0x4de/0xa20 [ 58.042597][ T4639] worker_thread+0x52c/0x710 [ 58.047211][ T4639] kthread+0x4b7/0x540 [ 58.051302][ T4639] ret_from_fork+0x4b/0x60 [ 58.055729][ T4639] ret_from_fork_asm+0x1a/0x30 [ 58.060534][ T4639] [ 58.062862][ T4639] read to 0xffff8881048bcf08 of 4 bytes by task 4639 on cpu 0: [ 58.070409][ T4639] __mark_inode_dirty+0x198/0x7e0 [ 58.075550][ T4639] mark_buffer_dirty+0x149/0x230 [ 58.080510][ T4639] block_page_mkwrite+0x29b/0x3f0 [ 58.085548][ T4639] ext4_page_mkwrite+0x75c/0xba0 [ 58.090507][ T4639] handle_mm_fault+0x130c/0x2b30 [ 58.095468][ T4639] exc_page_fault+0x3b9/0x650 [ 58.100170][ T4639] asm_exc_page_fault+0x26/0x30 [ 58.105043][ T4639] [ 58.107385][ T4639] value changed: 0x0001002a -> 0x00000020 [ 58.113113][ T4639] [ 58.115442][ T4639] Reported by Kernel Concurrency Sanitizer on: [ 58.121598][ T4639] CPU: 0 UID: 0 PID: 4639 Comm: syz.1.432 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(voluntary) [ 58.133688][ T4639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 58.143760][ T4639] ================================================================== [ 58.180858][ T4641] loop1: detected capacity change from 0 to 164