last executing test programs: 1.949700593s ago: executing program 1 (id=1081): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRES64=r1, @ANYBLOB=',wfdno=', @ANYRES32=r0, @ANYBLOB=',debug=8']) 1.86994076s ago: executing program 1 (id=1083): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000280)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @loopback}, 0xc) fcntl$getownex(r0, 0x10, &(0x7f0000000800)) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x67a, 0x1, 0xfffffffe, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000000)={[{@grpjquota, 0x4a}, {@debug}, {@jqfmt_vfsold}, {@noquota}, {@bsdgroups}, {@usrjquota, 0x22}, {@nojournal_checksum}, {@errors_remount}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3DtvHEUcAPD/rh+JSYxNeOYBMQSExcOOnWdBAwIpDRIIhEJpbCcKcRIUGymJLGwQCiXKJwBKJD4BFTQIqEC0IFqEFCE3CRRo0d7tOWff+fyIz0dyv5909uzu7M7Mzoy9M6O9ANrWQP4jidgZEb9GRF95c2mEgfKvmwuz438vzI4nkWVv/JWU4t1YmB2vRK2ct6PYGEwj0o+T2Fsn3enLV86OTU1NXiy2h2fOvTc8ffnK82fOjZ2ePD15fvT48cOHeo4dHT2yKeXszfO654ML+3afePvaq+Mnr73zw1d5frPi+PaaM/rXmUJHzZ6BGFh6L6s8tc6r/9/1VoWTzhZmhHXJW21eXV2l/t8XHXGr8vrilY9amjmgqbIsy7bV7F38XzafVUuS8gnAXSLRpaFNVf7R31jIR6qz49Xj+XZw/cUojYDyct8sPuUjnZHmY/j+8tioWR6IiJPz/3yWf2LZfAoAQDN8kz//PFd+7qh8ykfSeKgq3r3F2lB/RNwXEbsi4v7i+eXBiFLchyPikSVXn1s1/YFl27XPPz/3bLhwa5A//71QrG0tff5LK1H6O4qt3lL5u5JTZ6YmDxb3ZDC6tuXbI7WXXpxW+/blXz5dKf2Bque//JOnX3kWLPLxZ+eyCbqJsZmx2y13xfUPS1N6c7XlTxZXAvKRwe6I2LOB6+f37MwzX+6re7ByixuWv4FNWGfKvoh4ulz/87Gs/LnuIlR/fXLk2NHRI8PbY2ry4HClVdT68aerrxXBmqHE6vXfXHn937PY/su/y0cWVy77k+r12un1p3H1t09WHNNstP13J2+Wwt3FvktjMzMXRyK6k/na/aO3zr001rMkfl7+wQP1+/+uiH8/L87bGxF5I340Ih6LiP1F3h+PiCci4kCD8n//0pPv1qv7tZW/ufLyT9T9+7dS/a8/0HH2u69XSn9t9X+4FBos9kyMzdQu1y+z1gzezr0DAACAO8X+iNgZSTpUTMftjDQdGorYsTiDMj3z7KkL75+fKL8j0B9daWWmq69qPnSkmBvOt/OzRqu28+OHSvPGWZZlPaXtofELU72tLTq0vR0r9P/cH7WvtAB3m3Wto630RhtwR9r4Onq2qfkAtp73taF96f/Qvtbc/5v5JhzQEvX6/1zEzRZkBdhi9fr/Wy3IB7D1jP+hfen/0L5q+3/aknwAW+p23utvFNh1okGcpLM5ia4cSKPxtwD0R6zvgr+nEZuTw45NLWnPGup0e2xGWpGuGqezwRcxvF57w/PoW9Qk0q1tfo0D2yJilda72NjmKoErzc5Yq/8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbI7/AgAA//+7BdPO") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='.\x00', 0xe0, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) 1.483338181s ago: executing program 1 (id=1088): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xff}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) ptrace(0x10, r0) (fail_nth: 1) 1.216594262s ago: executing program 1 (id=1090): r0 = socket$kcm(0x10, 0x400000002, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0xc085}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x101, 0x0, 0x0, {0x3}, [@NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}], {0x14}}, 0x64}}, 0x0) close(r0) socket$kcm(0x2b, 0x1, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000000380)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) r3 = getpid() r4 = perf_event_open(&(0x7f0000000900)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2000000000}}, 0x0, 0xffffffffffffffff, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0xb01) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4) process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 1.215949462s ago: executing program 3 (id=1091): bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) rseq(&(0x7f0000000580)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000040)={[{@noquota}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18) r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x800, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x59b, &(0x7f0000002480)="$eJzs3T1sG2UfAPD/2fGbfuRt+krvK72gDhUgFamqk/QDClO7IipV6oDEUizHjaI4cRQ70EQZ0r1CdECAupQNBkYQAwNiQWJhZQExI1U0AqnpAEb+StvEDk6p6zT+/aSz77nn7P/z3Pl/9nO6kwMYWEdrD6mIZyLiYhIx+kDdUDQrjzbWW19byd9bW8knUa1e+jWJJCLurq3kW+snzeeDEbEaEf+PiG8yEcdTW+OWl5ZncsViYaFZHqvMzo+Vl5ZPTM/mpgpThblTL79y5uzpMxMnJzo3PrOzvl7/6ca7179/7daNTz87spp/P5fEuRhp1j3Yj8epsU0ycW7T8tO9CNZHSb8bwCNJN/O8lkr/i9FIN7O+neroE20a0GPV4YjqTiSrO1od2M2SneU/sGe0fgfUxr9th9Pp3v7+uH2+MQCpxV9vTo2aoca5idhXH5sc+C15aGRSG28e7m3TGACr1yJifGio9vlrTY2apPn5e3Tjj6OB9NTX5xs7auv+T20cf6LN8Wekde70H2od/9a3HP/ux093OP5d7DLGH2/+/FHH+Ncinm0bP9mIn7SJn4qIt7qMf/ONL892qqt+HHEs2sdvSbY/Pzx2ZbpYGG88to3x1bEjr27X/wMd4jfO2e6rf8202/7zXfb/i28/f251m/gvPr/9/m+3/fdHxHtdxv/P3U9e71R3+1pyp/YrYKf7v7bsVpfxXzp39McOVfu7fAsAAAAAAAAAAKCNVP1atiSV3ZhPpbLZxj28/40DqWKpXDl+pbQ4N9m45u1wZFKtK61GG+WkVp5oXo/bKp/cVD7Vuo44vb9ezuZLxck+9x0AAAAAAAAAAAAAAAAAAAB2i4Ob7v//PV2//3/z31UDe1Xnv/wG9jr5D4Pr4fxPIob71hTgCfP9DwOrKv9hcMl/GFzyHwaX/IfBJf9hcMl/GFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAeuLihQu1qXpvbSVfK08OLS3OlN4+MVkoz2RnF/PZfGlhPjtVKk0VC9l8afbv3q9YKs2Px9zi1bFKoVwZKy8tX54tLc5VLk/P5qYKlwuZJ9IrAAAAAAAAAAAAAAAAAAAAeLqM1KcklY2IVH0+lcpmI/4dEYcjk1yZLhbGI+JQRPyQzgzXyhP9bjQAAAAAAAAAAAAAAAAAAADsMeWl5ZlcsVhYGJCZoS1Lvuu8ckSsPt5m1N5xR68anskVM819tVu24dM2c2j7ddLR9xbuxpk+H5gAAAAAAAAAAAAAAAAAAGAA3b/pt9tX/NnbBgEAAAAAAAAAAAAAAAAAAMBASv2SRERtOjb6wsjm2n8l6+n6c0S8c/PSB1dzlcrCRG35nY3llQ+by0/2o/1At1p52spjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4L7y0vJMrlgsLPRwpt99BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgUfwUAAP//H1DQ4Q==") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write(r4, &(0x7f0000004200)='t', 0x1) sendfile(r4, r3, 0x0, 0x7ffff000) fallocate(r0, 0x0, 0x0, 0x1001f4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sync() 1.204710483s ago: executing program 0 (id=1092): bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40) sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) 1.082305993s ago: executing program 0 (id=1093): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) rseq(0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000040)={[{@noquota}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18) r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x800, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x59b, &(0x7f0000002480)="$eJzs3T1sG2UfAPD/2fGbfuRt+krvK72gDhUgFamqk/QDClO7IipV6oDEUizHjaI4cRQ70EQZ0r1CdECAupQNBkYQAwNiQWJhZQExI1U0AqnpAEb+StvEDk6p6zT+/aSz77nn7P/z3Pl/9nO6kwMYWEdrD6mIZyLiYhIx+kDdUDQrjzbWW19byd9bW8knUa1e+jWJJCLurq3kW+snzeeDEbEaEf+PiG8yEcdTW+OWl5ZncsViYaFZHqvMzo+Vl5ZPTM/mpgpThblTL79y5uzpMxMnJzo3PrOzvl7/6ca7179/7daNTz87spp/P5fEuRhp1j3Yj8epsU0ycW7T8tO9CNZHSb8bwCNJN/O8lkr/i9FIN7O+neroE20a0GPV4YjqTiSrO1od2M2SneU/sGe0fgfUxr9th9Pp3v7+uH2+MQCpxV9vTo2aoca5idhXH5sc+C15aGRSG28e7m3TGACr1yJifGio9vlrTY2apPn5e3Tjj6OB9NTX5xs7auv+T20cf6LN8Wekde70H2od/9a3HP/ux093OP5d7DLGH2/+/FHH+Ncinm0bP9mIn7SJn4qIt7qMf/ONL892qqt+HHEs2sdvSbY/Pzx2ZbpYGG88to3x1bEjr27X/wMd4jfO2e6rf8202/7zXfb/i28/f251m/gvPr/9/m+3/fdHxHtdxv/P3U9e71R3+1pyp/YrYKf7v7bsVpfxXzp39McOVfu7fAsAAAAAAAAAAKCNVP1atiSV3ZhPpbLZxj28/40DqWKpXDl+pbQ4N9m45u1wZFKtK61GG+WkVp5oXo/bKp/cVD7Vuo44vb9ezuZLxck+9x0AAAAAAAAAAAAAAAAAAAB2i4Ob7v//PV2//3/z31UDe1Xnv/wG9jr5D4Pr4fxPIob71hTgCfP9DwOrKv9hcMl/GFzyHwaX/IfBJf9hcMl/GFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAeuLihQu1qXpvbSVfK08OLS3OlN4+MVkoz2RnF/PZfGlhPjtVKk0VC9l8afbv3q9YKs2Px9zi1bFKoVwZKy8tX54tLc5VLk/P5qYKlwuZJ9IrAAAAAAAAAAAAAAAAAAAAeLqM1KcklY2IVH0+lcpmI/4dEYcjk1yZLhbGI+JQRPyQzgzXyhP9bjQAAAAAAAAAAAAAAAAAAADsMeWl5ZlcsVhYGJCZoS1Lvuu8ckSsPt5m1N5xR68anskVM819tVu24dM2c2j7ddLR9xbuxpk+H5gAAAAAAAAAAAAAAAAAAGAA3b/pt9tX/NnbBgEAAAAAAAAAAAAAAAAAAMBASv2SRERtOjb6wsjm2n8l6+n6c0S8c/PSB1dzlcrCRG35nY3llQ+by0/2o/1At1p52spjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4L7y0vJMrlgsLPRwpt99BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgUfwUAAP//H1DQ4Q==") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write(r5, &(0x7f0000004200)='t', 0x1) sendfile(r5, r4, 0x0, 0x7ffff000) fallocate(r1, 0x0, 0x0, 0x1001f4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sync() 1.024509958s ago: executing program 2 (id=1094): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r2}, &(0x7f0000000200), &(0x7f0000000340)=r3}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0xfffffffffffffffe}, 0x18) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000016c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1b00000000000300000005000000180001801400020073797a5f74756e"], 0x40}}, 0x0) 952.184033ms ago: executing program 2 (id=1095): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = memfd_secret(0x80000) fcntl$setlease(r2, 0x400, 0x0) close(r2) 925.081356ms ago: executing program 3 (id=1096): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) rt_sigprocmask(0x2, &(0x7f0000000100)={[0x9c]}, 0x0, 0x8) 911.604107ms ago: executing program 2 (id=1097): statfs(&(0x7f0000000580)='./file0\x00', 0x0) 887.281649ms ago: executing program 2 (id=1098): statfs(&(0x7f0000000580)='./file0\x00', 0x0) (fail_nth: 1) 854.804672ms ago: executing program 3 (id=1099): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000280)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) socket$inet_tcp(0x2, 0x1, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000800)) r4 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x67a, 0x1, 0xfffffffe, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7) ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)) r8 = syz_genetlink_get_family_id$nbd(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f0000000780)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f0000000700)={0x50, r8, 0x4, 0x70bd27, 0x25dfdbfc, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x8001}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xd8f3}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x100000001}, @NBD_ATTR_BACKEND_IDENTIFIER={0x15, 0xa, 'errors=remount-ro'}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000000)={[{@grpjquota, 0x4a}, {@debug}, {@jqfmt_vfsold}, {@noquota}, {@bsdgroups}, {@usrjquota, 0x22}, {@nojournal_checksum}, {@errors_remount}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3DtvHEUcAPD/rh+JSYxNeOYBMQSExcOOnWdBAwIpDRIIhEJpbCcKcRIUGymJLGwQCiXKJwBKJD4BFTQIqEC0IFqEFCE3CRRo0d7tOWff+fyIz0dyv5909uzu7M7Mzoy9M6O9ANrWQP4jidgZEb9GRF95c2mEgfKvmwuz438vzI4nkWVv/JWU4t1YmB2vRK2ct6PYGEwj0o+T2Fsn3enLV86OTU1NXiy2h2fOvTc8ffnK82fOjZ2ePD15fvT48cOHeo4dHT2yKeXszfO654ML+3afePvaq+Mnr73zw1d5frPi+PaaM/rXmUJHzZ6BGFh6L6s8tc6r/9/1VoWTzhZmhHXJW21eXV2l/t8XHXGr8vrilY9amjmgqbIsy7bV7F38XzafVUuS8gnAXSLRpaFNVf7R31jIR6qz49Xj+XZw/cUojYDyct8sPuUjnZHmY/j+8tioWR6IiJPz/3yWf2LZfAoAQDN8kz//PFd+7qh8ykfSeKgq3r3F2lB/RNwXEbsi4v7i+eXBiFLchyPikSVXn1s1/YFl27XPPz/3bLhwa5A//71QrG0tff5LK1H6O4qt3lL5u5JTZ6YmDxb3ZDC6tuXbI7WXXpxW+/blXz5dKf2Bque//JOnX3kWLPLxZ+eyCbqJsZmx2y13xfUPS1N6c7XlTxZXAvKRwe6I2LOB6+f37MwzX+6re7ByixuWv4FNWGfKvoh4ulz/87Gs/LnuIlR/fXLk2NHRI8PbY2ry4HClVdT68aerrxXBmqHE6vXfXHn937PY/su/y0cWVy77k+r12un1p3H1t09WHNNstP13J2+Wwt3FvktjMzMXRyK6k/na/aO3zr001rMkfl7+wQP1+/+uiH8/L87bGxF5I340Ih6LiP1F3h+PiCci4kCD8n//0pPv1qv7tZW/ufLyT9T9+7dS/a8/0HH2u69XSn9t9X+4FBos9kyMzdQu1y+z1gzezr0DAACAO8X+iNgZSTpUTMftjDQdGorYsTiDMj3z7KkL75+fKL8j0B9daWWmq69qPnSkmBvOt/OzRqu28+OHSvPGWZZlPaXtofELU72tLTq0vR0r9P/cH7WvtAB3m3Wto630RhtwR9r4Onq2qfkAtp73taF96f/Qvtbc/5v5JhzQEvX6/1zEzRZkBdhi9fr/Wy3IB7D1jP+hfen/0L5q+3/aknwAW+p23utvFNh1okGcpLM5ia4cSKPxtwD0R6zvgr+nEZuTw45NLWnPGup0e2xGWpGuGqezwRcxvF57w/PoW9Qk0q1tfo0D2yJilda72NjmKoErzc5Yq/8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbI7/AgAA//+7BdPO") syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000400)='./file0/file0\x00', 0x8a, &(0x7f00000001c0)={[{@usrjquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@stripe={'stripe', 0x3d, 0xf8}}, {@minixdf}, {@nombcache}, {@noinit_itable}]}, 0x1, 0x463, &(0x7f0000001040)="$eJzs3MtvG8UfAPCv17Gbvn7Jr5RHSwuBgqh4JE36oAcuRSBxAAkJDkWcQpJWpW6DmiDRqoLCoRxRJe6IIxJ/ARfKBQEnJK5wR0gV6oXCyWjtXedR24ldJy715yM5ntkZZ+a7u2OPZ20HMLDG0j+FiB0R8WtEjNSzKyuM1e9u3bw88/fNyzOFqFbf+LNQq/fXzcszedX8cdvrmWq1TbtX346YrlTmLmT5icVz700sXLz03Jlz06fnTs+dnzq+cOTw/vKxqaM9iXNn2te9H87v2/PKW9demzl57Z0fv077uyMrXx5Hr4zV925TT/a6sT7buSxdGOpjR+hIMSLSw1Wqjf+RKMbWRtlIvPxJXzsHbKhqNaluaV18pQrcw9KJOjCI8hf69P1vftukqcdd4caJaKxj3Mpu9ZKhSLI6pew90kYYi4iTV/754uRwPT9o+x8A2HzXT0TEs83mf0k8sKze/7JrQ6MR8f+I2BUR90XE7oi4P6JW98GIeKjD9ldfIbl9/lMd6SqwdUrnfy9k17ZWzv/y2V+MFrPczlr8pcKpM5W5Q9k+ORilLWl+sk0b3730y2etyhrzv+yWtp/eL9VI/hhatUA3O704Hauv03XpxscRe4eW4h9uxF9ozHnTdvZExN4u2zjz9Ff7WpWtHX8bPZiUV7+MeKp+/K/EiuO/tHcLza9PHj9yePL5Y1NHJ4ajMndoIj8rbvfTz1dfb9X+HcXfAzeuV2Nb0/O/Ef9oYThi4eKls7XrtQudt3H1t09bvqfp9vwvF96spcvZtg+mFxcvTEaUC6/evn1q6bF5Pq+fnv8HDzQf/7tiaU88HBHpSbw/Ih6JiEezvj8WEY9HxIE28f/w4hPvdh5/m1X5Hkrjn13r+Mfy479m4lJErNhSPPv9N53Hn0uP/5Fa6mC2JX/+a2ddPe3qbAYAAID/nqT2GfhCMt5IJ8n4eP0z/LtjW1KZX1h85tT8++dn65+VH41SsnylK18PnczWhvP81Kr84Wzd+PPi1lp+fGa+Mtvn2GHQbW8x/lO/F/vdO2DD+b4WDC7jHwAGj9d/GFzGPwyuZuP/oz70A9h8a7z+b92sfgCbz/wfBpfxD4PL+IeB1PK78UlalNZY5xfpJe4gUe7ZP/y23NFvNdxBIpK7YtfdQ4lSNC0aWvePWXSZ2NK0qN/PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//gELc7A==") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='.\x00', 0xe0, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) 620.58144ms ago: executing program 1 (id=1100): bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @loopback}, 0xc) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000800)) 603.790382ms ago: executing program 2 (id=1101): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRES64=r1, @ANYBLOB=',wfdno=', @ANYRES32=r0, @ANYBLOB=',debug=8']) 603.058931ms ago: executing program 1 (id=1102): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="640300000000072d000000002b00000009180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000020000000400000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000800000000000000000411811ba0b87cfa0c9c0805cb7cc4ffcaca5d6ba0f3cf558d365a9e981e4b727e0642ec24fcb557a493443baf7923b4a32db33e0fa6fead4f182ef5c048c5353d071cc8f8c256f09c782842762ddf33103cb85b25151bbf5c1f5b5727b"], 0x48) pipe(&(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3b, 0xc, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r6, 0x6, &(0x7f0000002000)={0x1}) fcntl$lock(r6, 0x26, &(0x7f00000031c0)={0x1}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10) r7 = socket$nl_rdma(0x10, 0x3, 0x14) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0xfffffffffffffc9e, 0x0, 0x1}, 0x28) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="200000000f14010029b97800fedbdf250d0045"], 0x20}, 0x1, 0x0, 0x0, 0x40004}, 0x48010) r9 = socket$inet6_udp(0xa, 0x2, 0x0) timer_getoverrun(r5) r10 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newqdisc={0x14c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff6, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x11c, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0x0, 0x0, 0xfffffffd, 0x2}}, @TCA_CHOKE_STAB={0x104, 0x2, "0600000000000000b3da2c64426a1d777a61e2fad4599fb11a71e149072d265bbcf090bd7bbe0e5d2de66213d88d7e773024ba3482c95f5dc6359186172ae22ed9616876e0ec13f573a7c2f0d185109a8457e43c5390e59a84747ee7b311ecc2f8bac84497d72789a3fa4ab2e321de479655bda89963ae5f37684f73a07ca9d223dfe04aae9e1ff7f8441133075f4355c81d80a33e4907edd482cafffa6cf279ea06d0d17b9770d10d6978345f4fb5f2b61619e5e3b4b4090c77e69d028f41ab371e8c6bef4485fe557e260ff37e8f6a854d0b686963dcfea9a71953940f9d6ec1de1d4e2221adfd549d529a594013b2dcde2d070f6ba92fcbb700"}]}}]}, 0x14c}}, 0x0) setsockopt$inet6_udp_encap(r9, 0x11, 0x64, &(0x7f0000000200)=0x1, 0x4) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000080)={0x6, 'bridge_slave_1\x00', {0x1}, 0x8}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)=ANY=[@ANYBLOB="4c00000010003b150008000000000000000000005707be5f43de3a5a24b0ca6cdd345292379811648a1c0574d0c2f4fc0b34f10272967eb85179a5994d98b6362801bdedb626071b2d7c910e32441510e80f79463a5ffcff6822117dccaf7219c6b5a67df94d8644588e1bcab030908e3b2788ea0316ab005072ac9c7b643e9b003e3541f39fc51e7d45361fa6a95e61237f5639d3c3bcbc4acbde1ddea11d3794adb1bc05df6ae0d99670837e0859678f2be0b7044d58b4bbe254bcaaf46fd2a8e2d47c100d6fc39b4e911bde22a718a9f24c1dc4fc88a3e9aa9d076762589823f7ae79583c1d292411afa011cd49c2efb040d41826926c375094f6ee47c98f345deb3cb57943f3efc8baeba707441a19bb1dbfbd8de61d217f1155e894d76ce5daf91ee2726ee3d954c1f9c8c4f00fb1c5c06ac092e2e43e683805", @ANYRES32=0x0, @ANYBLOB="0000000000b401002400128009000100626f6e6400000000140002800500010006000000080003000000000008000a00"], 0x4c}}, 0x0) ioctl$sock_ifreq(r2, 0x8992, &(0x7f00000000c0)={'macvtap0\x00', @ifru_hwaddr=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) 540.613017ms ago: executing program 4 (id=1103): r0 = socket$kcm(0x10, 0x400000002, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0xc085}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x101, 0x0, 0x0, {0x3}, [@NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}], {0x14}}, 0x64}}, 0x0) close(r0) socket$kcm(0x2b, 0x1, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000000380)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) r3 = getpid() r4 = perf_event_open(&(0x7f0000000900)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2000000000}}, 0x0, 0xffffffffffffffff, r4, 0x0) process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 510.518489ms ago: executing program 2 (id=1104): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) ioctl$TCSBRKP(r0, 0x5425, 0x0) ioctl$TCSETSW2(r0, 0x5425, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0) r1 = syz_io_uring_setup(0x3aec, &(0x7f0000000240)={0x0, 0x0, 0x10100}, 0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff86}) io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file1\x00', 0x81c0, 0x0) r3 = mq_open(&(0x7f000084dff0)='\xa1sxt\x1a\x00\x00\x00\x00\x00\x00\x00\x01\x88\xbdd', 0x6e93ebbbcc0884f2, 0x100, &(0x7f0000000300)={0x0, 0x1, 0x3}) mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0) 369.77296ms ago: executing program 3 (id=1105): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000280)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) socket$inet_tcp(0x2, 0x1, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000800)) r4 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x67a, 0x1, 0xfffffffe, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32], 0x1c}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000000)={[{@grpjquota, 0x4a}, {@debug}, {@jqfmt_vfsold}, {@noquota}, {@bsdgroups}, {@usrjquota, 0x22}, {@nojournal_checksum}, {@errors_remount}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3DtvHEUcAPD/rh+JSYxNeOYBMQSExcOOnWdBAwIpDRIIhEJpbCcKcRIUGymJLGwQCiXKJwBKJD4BFTQIqEC0IFqEFCE3CRRo0d7tOWff+fyIz0dyv5909uzu7M7Mzoy9M6O9ANrWQP4jidgZEb9GRF95c2mEgfKvmwuz438vzI4nkWVv/JWU4t1YmB2vRK2ct6PYGEwj0o+T2Fsn3enLV86OTU1NXiy2h2fOvTc8ffnK82fOjZ2ePD15fvT48cOHeo4dHT2yKeXszfO654ML+3afePvaq+Mnr73zw1d5frPi+PaaM/rXmUJHzZ6BGFh6L6s8tc6r/9/1VoWTzhZmhHXJW21eXV2l/t8XHXGr8vrilY9amjmgqbIsy7bV7F38XzafVUuS8gnAXSLRpaFNVf7R31jIR6qz49Xj+XZw/cUojYDyct8sPuUjnZHmY/j+8tioWR6IiJPz/3yWf2LZfAoAQDN8kz//PFd+7qh8ykfSeKgq3r3F2lB/RNwXEbsi4v7i+eXBiFLchyPikSVXn1s1/YFl27XPPz/3bLhwa5A//71QrG0tff5LK1H6O4qt3lL5u5JTZ6YmDxb3ZDC6tuXbI7WXXpxW+/blXz5dKf2Bque//JOnX3kWLPLxZ+eyCbqJsZmx2y13xfUPS1N6c7XlTxZXAvKRwe6I2LOB6+f37MwzX+6re7ByixuWv4FNWGfKvoh4ulz/87Gs/LnuIlR/fXLk2NHRI8PbY2ry4HClVdT68aerrxXBmqHE6vXfXHn937PY/su/y0cWVy77k+r12un1p3H1t09WHNNstP13J2+Wwt3FvktjMzMXRyK6k/na/aO3zr001rMkfl7+wQP1+/+uiH8/L87bGxF5I340Ih6LiP1F3h+PiCci4kCD8n//0pPv1qv7tZW/ufLyT9T9+7dS/a8/0HH2u69XSn9t9X+4FBos9kyMzdQu1y+z1gzezr0DAACAO8X+iNgZSTpUTMftjDQdGorYsTiDMj3z7KkL75+fKL8j0B9daWWmq69qPnSkmBvOt/OzRqu28+OHSvPGWZZlPaXtofELU72tLTq0vR0r9P/cH7WvtAB3m3Wto630RhtwR9r4Onq2qfkAtp73taF96f/Qvtbc/5v5JhzQEvX6/1zEzRZkBdhi9fr/Wy3IB7D1jP+hfen/0L5q+3/aknwAW+p23utvFNh1okGcpLM5ia4cSKPxtwD0R6zvgr+nEZuTw45NLWnPGup0e2xGWpGuGqezwRcxvF57w/PoW9Qk0q1tfo0D2yJilda72NjmKoErzc5Yq/8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbI7/AgAA//+7BdPO") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='.\x00', 0xe0, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) 359.897061ms ago: executing program 4 (id=1106): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r2}, &(0x7f0000000200), &(0x7f0000000340)=r3}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0xfffffffffffffffe}, 0x18) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000016c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1b00000000000300000005000000180001801400020073797a5f74756e"], 0x40}}, 0x0) 328.783284ms ago: executing program 4 (id=1107): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='devfreq_frequency\x00', r0, 0x0, 0x4}, 0x18) getdents64(0xffffffffffffffff, 0x0, 0x22) r1 = socket(0x200000000000011, 0x2, 0x0) bind$packet(r1, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @random="933c547ecfa7"}, 0x14) syz_emit_ethernet(0x7, &(0x7f0000000140)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010102}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @multicast2, @multicast1}, "9182649000000000"}}}}}, 0x0) 281.476528ms ago: executing program 4 (id=1108): socket(0x10, 0x3, 0x0) r0 = syz_io_uring_setup(0x239, &(0x7f0000001080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x3c}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) 280.935328ms ago: executing program 4 (id=1109): bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @loopback}, 0xc) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000800)) 265.274259ms ago: executing program 4 (id=1110): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x842cc0, 0x0) flock(r0, 0x5) sched_setaffinity(0x0, 0x0, 0x0) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) socket$inet6(0xa, 0x800, 0x4) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c617374"], 0x140}}, 0x0) 177.747226ms ago: executing program 3 (id=1111): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @loopback}, 0xc) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000000)={[{@grpjquota, 0x4a}, {@debug}, {@jqfmt_vfsold}, {@noquota}, {@bsdgroups}, {@usrjquota, 0x22}, {@nojournal_checksum}, {@errors_remount}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3DtvHEUcAPD/rh+JSYxNeOYBMQSExcOOnWdBAwIpDRIIhEJpbCcKcRIUGymJLGwQCiXKJwBKJD4BFTQIqEC0IFqEFCE3CRRo0d7tOWff+fyIz0dyv5909uzu7M7Mzoy9M6O9ANrWQP4jidgZEb9GRF95c2mEgfKvmwuz438vzI4nkWVv/JWU4t1YmB2vRK2ct6PYGEwj0o+T2Fsn3enLV86OTU1NXiy2h2fOvTc8ffnK82fOjZ2ePD15fvT48cOHeo4dHT2yKeXszfO654ML+3afePvaq+Mnr73zw1d5frPi+PaaM/rXmUJHzZ6BGFh6L6s8tc6r/9/1VoWTzhZmhHXJW21eXV2l/t8XHXGr8vrilY9amjmgqbIsy7bV7F38XzafVUuS8gnAXSLRpaFNVf7R31jIR6qz49Xj+XZw/cUojYDyct8sPuUjnZHmY/j+8tioWR6IiJPz/3yWf2LZfAoAQDN8kz//PFd+7qh8ykfSeKgq3r3F2lB/RNwXEbsi4v7i+eXBiFLchyPikSVXn1s1/YFl27XPPz/3bLhwa5A//71QrG0tff5LK1H6O4qt3lL5u5JTZ6YmDxb3ZDC6tuXbI7WXXpxW+/blXz5dKf2Bque//JOnX3kWLPLxZ+eyCbqJsZmx2y13xfUPS1N6c7XlTxZXAvKRwe6I2LOB6+f37MwzX+6re7ByixuWv4FNWGfKvoh4ulz/87Gs/LnuIlR/fXLk2NHRI8PbY2ry4HClVdT68aerrxXBmqHE6vXfXHn937PY/su/y0cWVy77k+r12un1p3H1t09WHNNstP13J2+Wwt3FvktjMzMXRyK6k/na/aO3zr001rMkfl7+wQP1+/+uiH8/L87bGxF5I340Ih6LiP1F3h+PiCci4kCD8n//0pPv1qv7tZW/ufLyT9T9+7dS/a8/0HH2u69XSn9t9X+4FBos9kyMzdQu1y+z1gzezr0DAACAO8X+iNgZSTpUTMftjDQdGorYsTiDMj3z7KkL75+fKL8j0B9daWWmq69qPnSkmBvOt/OzRqu28+OHSvPGWZZlPaXtofELU72tLTq0vR0r9P/cH7WvtAB3m3Wto630RhtwR9r4Onq2qfkAtp73taF96f/Qvtbc/5v5JhzQEvX6/1zEzRZkBdhi9fr/Wy3IB7D1jP+hfen/0L5q+3/aknwAW+p23utvFNh1okGcpLM5ia4cSKPxtwD0R6zvgr+nEZuTw45NLWnPGup0e2xGWpGuGqezwRcxvF57w/PoW9Qk0q1tfo0D2yJilda72NjmKoErzc5Yq/8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbI7/AgAA//+7BdPO") syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000400)='./file0/file0\x00', 0x8a, &(0x7f00000001c0)={[{@usrjquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@stripe={'stripe', 0x3d, 0xf8}}, {@minixdf}, {@nombcache}, {@noinit_itable}]}, 0x1, 0x463, &(0x7f0000001040)="$eJzs3MtvG8UfAPCv17Gbvn7Jr5RHSwuBgqh4JE36oAcuRSBxAAkJDkWcQpJWpW6DmiDRqoLCoRxRJe6IIxJ/ARfKBQEnJK5wR0gV6oXCyWjtXedR24ldJy715yM5ntkZZ+a7u2OPZ20HMLDG0j+FiB0R8WtEjNSzKyuM1e9u3bw88/fNyzOFqFbf+LNQq/fXzcszedX8cdvrmWq1TbtX346YrlTmLmT5icVz700sXLz03Jlz06fnTs+dnzq+cOTw/vKxqaM9iXNn2te9H87v2/PKW9demzl57Z0fv077uyMrXx5Hr4zV925TT/a6sT7buSxdGOpjR+hIMSLSw1Wqjf+RKMbWRtlIvPxJXzsHbKhqNaluaV18pQrcw9KJOjCI8hf69P1vftukqcdd4caJaKxj3Mpu9ZKhSLI6pew90kYYi4iTV/754uRwPT9o+x8A2HzXT0TEs83mf0k8sKze/7JrQ6MR8f+I2BUR90XE7oi4P6JW98GIeKjD9ldfIbl9/lMd6SqwdUrnfy9k17ZWzv/y2V+MFrPczlr8pcKpM5W5Q9k+ORilLWl+sk0b3730y2etyhrzv+yWtp/eL9VI/hhatUA3O704Hauv03XpxscRe4eW4h9uxF9ozHnTdvZExN4u2zjz9Ff7WpWtHX8bPZiUV7+MeKp+/K/EiuO/tHcLza9PHj9yePL5Y1NHJ4ajMndoIj8rbvfTz1dfb9X+HcXfAzeuV2Nb0/O/Ef9oYThi4eKls7XrtQudt3H1t09bvqfp9vwvF96spcvZtg+mFxcvTEaUC6/evn1q6bF5Pq+fnv8HDzQf/7tiaU88HBHpSbw/Ih6JiEezvj8WEY9HxIE28f/w4hPvdh5/m1X5Hkrjn13r+Mfy479m4lJErNhSPPv9N53Hn0uP/5Fa6mC2JX/+a2ddPe3qbAYAAID/nqT2GfhCMt5IJ8n4eP0z/LtjW1KZX1h85tT8++dn65+VH41SsnylK18PnczWhvP81Kr84Wzd+PPi1lp+fGa+Mtvn2GHQbW8x/lO/F/vdO2DD+b4WDC7jHwAGj9d/GFzGPwyuZuP/oz70A9h8a7z+b92sfgCbz/wfBpfxD4PL+IeB1PK78UlalNZY5xfpJe4gUe7ZP/y23NFvNdxBIpK7YtfdQ4lSNC0aWvePWXSZ2NK0qN/PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//gELc7A==") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='.\x00', 0xe0, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) 124.24193ms ago: executing program 0 (id=1112): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x0, 0x40000000, 0x0, 0x3}, 0x8}) 91.119433ms ago: executing program 0 (id=1113): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xe}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000018110000000000000004000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="fdffffff04"], 0x50) socket$kcm(0x10, 0x2, 0x0) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40) 47.190496ms ago: executing program 3 (id=1114): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a5000000500000"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x3e}, 0x18) r1 = io_uring_setup(0x37ae, &(0x7f00000003c0)={0x0, 0x800000, 0x0, 0x2, 0x22a}) io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f00000004c0)={&(0x7f0000002000)={[{0x0, 0x0, 0x3}, {0x0}, {0x0, 0x0, 0xfffe}, {0x0}]}, 0x4}, 0x1) io_uring_register$IORING_UNREGISTER_PBUF_RING(r1, 0x17, &(0x7f0000000300)={0x0}, 0x1) 37.587837ms ago: executing program 0 (id=1115): bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40) sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) 0s ago: executing program 0 (id=1116): accept(0xffffffffffffffff, &(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x4, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x80000000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) write$nci(0xffffffffffffffff, 0x0, 0xfffffeea) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'ip6gretap0\x00', 0x20}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r3) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000200)=0x3, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r4) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) r6 = socket$kcm(0x2, 0xa, 0x2) r7 = socket$igmp6(0xa, 0x3, 0x2) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r7, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r5, &(0x7f0000000380)=ANY=[@ANYBLOB="0100009ff1f5a500aaaaaaaa88a8600081"], 0x3a) kernel console output (not intermixed with test programs): auditd_printk_skb: 126 callbacks suppressed [ 61.832710][ T29] audit: type=1326 audit(1754401848.801:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 61.866656][ T29] audit: type=1326 audit(1754401848.831:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 61.918816][ T29] audit: type=1326 audit(1754401848.881:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 61.994093][ T4754] loop2: detected capacity change from 0 to 2048 [ 61.997795][ T29] audit: type=1326 audit(1754401848.911:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 62.023836][ T29] audit: type=1326 audit(1754401848.911:1189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 62.047313][ T29] audit: type=1326 audit(1754401848.911:1190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 62.070673][ T29] audit: type=1326 audit(1754401848.911:1191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 62.093964][ T29] audit: type=1326 audit(1754401848.911:1192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 62.117279][ T29] audit: type=1326 audit(1754401848.911:1193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 62.140623][ T29] audit: type=1326 audit(1754401848.911:1194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 62.248718][ T4763] loop1: detected capacity change from 0 to 2048 [ 62.341053][ T4777] loop3: detected capacity change from 0 to 512 [ 62.347875][ T4777] journal_path: Non-blockdev passed as './file1' [ 62.354243][ T4777] EXT4-fs: error: could not find journal device path [ 62.925976][ T4798] loop2: detected capacity change from 0 to 512 [ 62.932925][ T4798] journal_path: Non-blockdev passed as './file1' [ 62.939296][ T4798] EXT4-fs: error: could not find journal device path [ 63.291927][ T4819] loop1: detected capacity change from 0 to 512 [ 63.301123][ T4819] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 63.309648][ T4819] System zones: 1-12 [ 63.314028][ T4819] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.400: Directory hole found for htree index block 0 [ 63.326709][ T4819] EXT4-fs (loop1): Remounting filesystem read-only [ 63.333470][ T4819] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 63.341796][ T4819] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 63.351384][ T4819] ext4: Unknown parameter '' [ 63.409315][ T4822] loop3: detected capacity change from 0 to 512 [ 63.420917][ T4822] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.401: corrupted in-inode xattr: invalid ea_ino [ 63.434484][ T4822] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.401: couldn't read orphan inode 15 (err -117) [ 63.518781][ T4831] loop3: detected capacity change from 0 to 2048 [ 63.943805][ T4855] loop1: detected capacity change from 0 to 2048 [ 64.172398][ T4860] loop1: detected capacity change from 0 to 512 [ 64.472734][ T4873] netlink: 'syz.3.417': attribute type 10 has an invalid length. [ 64.493784][ T4869] loop4: detected capacity change from 0 to 512 [ 64.522270][ T4869] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.413: corrupted in-inode xattr: invalid ea_ino [ 64.567768][ T4869] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.413: couldn't read orphan inode 15 (err -117) [ 64.718297][ T4889] loop3: detected capacity change from 0 to 512 [ 64.733940][ T4889] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 64.781101][ T4889] System zones: 1-12 [ 64.795384][ T4889] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.418: Directory hole found for htree index block 0 [ 64.880562][ T4889] EXT4-fs (loop3): Remounting filesystem read-only [ 64.903317][ T4889] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 64.940816][ T4889] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 64.967735][ T4889] EXT4-fs (loop3): can't enable nombcache during remount [ 65.362949][ T4903] loop1: detected capacity change from 0 to 2048 [ 65.397923][ T4903] EXT4-fs mount: 80 callbacks suppressed [ 65.397936][ T4903] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 65.416363][ T4905] netlink: 'syz.2.426': attribute type 10 has an invalid length. [ 65.452520][ T4905] bond0: (slave dummy0): Releasing backup interface [ 65.462357][ T4905] team0: Port device dummy0 added [ 65.495593][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.587464][ T4913] loop3: detected capacity change from 0 to 512 [ 65.666422][ T4919] netlink: 'syz.3.430': attribute type 10 has an invalid length. [ 65.696683][ T4918] netlink: 108 bytes leftover after parsing attributes in process `syz.2.429'. [ 65.705710][ T4918] netlink: 108 bytes leftover after parsing attributes in process `syz.2.429'. [ 65.714693][ T4918] netlink: 108 bytes leftover after parsing attributes in process `syz.2.429'. [ 65.961638][ T4911] loop4: detected capacity change from 0 to 8192 [ 66.345897][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.501423][ T4930] loop1: detected capacity change from 0 to 8192 [ 66.665585][ T4946] loop2: detected capacity change from 0 to 512 [ 66.668401][ T4945] loop4: detected capacity change from 0 to 512 [ 66.682464][ T4946] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 66.689326][ T4945] journal_path: Non-blockdev passed as './file1' [ 66.696756][ T4945] EXT4-fs: error: could not find journal device path [ 66.730329][ T4946] System zones: 1-12 [ 66.734443][ T4946] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.435: Directory hole found for htree index block 0 [ 66.747961][ T4946] EXT4-fs (loop2): Remounting filesystem read-only [ 66.760315][ T4946] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 66.779475][ T4946] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 66.818679][ T4946] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.836373][ T4946] ext4: Unknown parameter '' [ 67.360400][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.369653][ T4970] loop4: detected capacity change from 0 to 2048 [ 67.403632][ T29] kauditd_printk_skb: 232 callbacks suppressed [ 67.403646][ T29] audit: type=1326 audit(1754401854.371:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.1.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 67.433312][ T29] audit: type=1326 audit(1754401854.371:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.1.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 67.456662][ T29] audit: type=1326 audit(1754401854.371:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.1.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 67.479968][ T29] audit: type=1326 audit(1754401854.371:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.1.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 67.503323][ T29] audit: type=1326 audit(1754401854.371:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.1.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 67.520817][ T4980] netlink: 44 bytes leftover after parsing attributes in process `syz.2.448'. [ 67.526858][ T29] audit: type=1326 audit(1754401854.371:1432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.1.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 67.538529][ T4970] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.559326][ T29] audit: type=1326 audit(1754401854.371:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.1.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 67.594630][ T29] audit: type=1326 audit(1754401854.371:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4964 comm="syz.1.443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 67.640726][ T4985] netlink: 'syz.0.449': attribute type 10 has an invalid length. [ 67.651730][ T4985] team0: Port device dummy0 removed [ 67.659171][ T4985] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 67.688609][ T4989] netlink: 'syz.3.451': attribute type 10 has an invalid length. [ 67.710937][ T4989] bond0: (slave dummy0): Releasing backup interface [ 67.729662][ T4989] team0: Port device dummy0 added [ 67.873257][ T5011] loop3: detected capacity change from 0 to 512 [ 68.195904][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.270717][ T5019] loop4: detected capacity change from 0 to 2048 [ 68.292541][ T5019] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.316906][ T5023] loop2: detected capacity change from 0 to 2048 [ 68.334219][ T5023] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.359768][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.474390][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.527207][ T5033] netlink: 108 bytes leftover after parsing attributes in process `syz.2.464'. [ 68.536334][ T5033] netlink: 108 bytes leftover after parsing attributes in process `syz.2.464'. [ 68.545350][ T5033] netlink: 108 bytes leftover after parsing attributes in process `syz.2.464'. [ 68.567093][ T29] audit: type=1326 audit(1754401855.531:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5036 comm="syz.2.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 68.640654][ T29] audit: type=1326 audit(1754401855.531:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5036 comm="syz.2.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 68.713478][ T5047] loop1: detected capacity change from 0 to 2048 [ 68.757883][ T5047] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.775851][ T5053] netlink: 44 bytes leftover after parsing attributes in process `syz.0.468'. [ 68.806120][ T5059] netlink: 44 bytes leftover after parsing attributes in process `syz.3.471'. [ 69.147877][ T5066] loop2: detected capacity change from 0 to 2048 [ 69.164281][ T5066] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.207846][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.554069][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.662809][ T5083] netlink: 'syz.4.480': attribute type 10 has an invalid length. [ 69.674259][ T5081] loop2: detected capacity change from 0 to 512 [ 69.682823][ T5083] team0: Port device dummy0 removed [ 69.698309][ T5081] journal_path: Non-blockdev passed as './file1' [ 69.704812][ T5081] EXT4-fs: error: could not find journal device path [ 69.715866][ T5083] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 69.749280][ T5084] netlink: 44 bytes leftover after parsing attributes in process `syz.1.476'. [ 69.837826][ T5094] loop4: detected capacity change from 0 to 8192 [ 70.206789][ T5110] loop2: detected capacity change from 0 to 2048 [ 70.232171][ T5110] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.745869][ T5132] loop3: detected capacity change from 0 to 512 [ 70.768791][ T5132] journal_path: Non-blockdev passed as './file1' [ 70.775276][ T5132] EXT4-fs: error: could not find journal device path [ 70.812095][ T5133] loop4: detected capacity change from 0 to 2048 [ 70.938485][ T5136] netlink: 'syz.0.495': attribute type 10 has an invalid length. [ 70.969942][ T5133] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.221308][ T5140] loop3: detected capacity change from 0 to 512 [ 71.286799][ T5140] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.496: corrupted in-inode xattr: invalid ea_ino [ 71.331135][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.466336][ T5147] __nla_validate_parse: 2 callbacks suppressed [ 71.466349][ T5147] netlink: 8 bytes leftover after parsing attributes in process `syz.0.499'. [ 71.485877][ T5140] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.496: couldn't read orphan inode 15 (err -117) [ 71.532096][ T5140] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.604291][ T5140] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.622294][ T5153] loop2: detected capacity change from 0 to 2048 [ 71.639433][ T5155] loop1: detected capacity change from 0 to 2048 [ 71.665700][ T5153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.743799][ T5155] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.807471][ T5161] loop3: detected capacity change from 0 to 2048 [ 71.886578][ T5165] netlink: 44 bytes leftover after parsing attributes in process `syz.0.504'. [ 71.906282][ T5161] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.035662][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.096828][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.115568][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.127068][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.194497][ T5177] loop3: detected capacity change from 0 to 512 [ 72.201127][ T5177] journal_path: Non-blockdev passed as './file1' [ 72.207465][ T5177] EXT4-fs: error: could not find journal device path [ 72.375711][ T5198] netlink: 'syz.4.513': attribute type 10 has an invalid length. [ 72.548451][ T5202] netlink: 108 bytes leftover after parsing attributes in process `syz.4.514'. [ 72.557463][ T5202] netlink: 108 bytes leftover after parsing attributes in process `syz.4.514'. [ 72.566483][ T5202] netlink: 108 bytes leftover after parsing attributes in process `syz.4.514'. [ 72.621116][ T29] kauditd_printk_skb: 67 callbacks suppressed [ 72.621128][ T29] audit: type=1326 audit(1754401859.591:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5188 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 72.658021][ T29] audit: type=1326 audit(1754401859.591:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5173 comm="syz.1.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 72.681494][ T29] audit: type=1326 audit(1754401859.591:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5173 comm="syz.1.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 72.704910][ T29] audit: type=1326 audit(1754401859.621:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5188 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 72.728259][ T29] audit: type=1326 audit(1754401859.621:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5188 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 72.751562][ T29] audit: type=1326 audit(1754401859.621:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5188 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 72.774868][ T29] audit: type=1326 audit(1754401859.621:1510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5188 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 72.798159][ T29] audit: type=1326 audit(1754401859.621:1511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5173 comm="syz.1.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 72.821501][ T29] audit: type=1326 audit(1754401859.621:1512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5188 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 72.844851][ T29] audit: type=1326 audit(1754401859.621:1514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5173 comm="syz.1.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 73.126523][ T5218] loop1: detected capacity change from 0 to 2048 [ 73.175572][ T5218] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.190783][ T5220] loop3: detected capacity change from 0 to 2048 [ 73.224641][ T5220] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.364011][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.432570][ T5231] loop3: detected capacity change from 0 to 512 [ 73.439145][ T5231] journal_path: Non-blockdev passed as './file1' [ 73.445603][ T5231] EXT4-fs: error: could not find journal device path [ 73.527589][ T5238] netlink: 20 bytes leftover after parsing attributes in process `syz.3.523'. [ 73.656654][ T5240] loop3: detected capacity change from 0 to 2048 [ 73.674680][ T5242] netlink: 8 bytes leftover after parsing attributes in process `syz.4.525'. [ 73.714441][ T5240] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.979241][ T5255] loop4: detected capacity change from 0 to 512 [ 73.988319][ T5255] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 74.056074][ T5255] System zones: 1-12 [ 74.073765][ T5255] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.528: Directory hole found for htree index block 0 [ 74.111509][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.151121][ T5255] EXT4-fs (loop4): Remounting filesystem read-only [ 74.160642][ T5255] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 74.179077][ T5255] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 74.197843][ T5255] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.260301][ T5255] EXT4-fs (loop4): can't enable nombcache during remount [ 74.326301][ T5263] netlink: 'syz.2.530': attribute type 10 has an invalid length. [ 74.473928][ T5269] loop2: detected capacity change from 0 to 512 [ 74.527838][ T5269] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.532: corrupted in-inode xattr: invalid ea_ino [ 74.578457][ T5269] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.532: couldn't read orphan inode 15 (err -117) [ 74.602772][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.650015][ T5269] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.712932][ T5274] loop3: detected capacity change from 0 to 2048 [ 74.743428][ T5269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.763078][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.790612][ T5274] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.936979][ T5292] netlink: 8 bytes leftover after parsing attributes in process `syz.1.537'. [ 75.045578][ T5299] loop1: detected capacity change from 0 to 512 [ 75.099695][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.123046][ T5299] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.543: corrupted in-inode xattr: invalid ea_ino [ 75.154098][ T5299] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.543: couldn't read orphan inode 15 (err -117) [ 75.200599][ T5299] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.230914][ T5299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.388440][ T5322] loop1: detected capacity change from 0 to 512 [ 75.405848][ T5322] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.550: corrupted in-inode xattr: invalid ea_ino [ 75.450309][ T5322] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.550: couldn't read orphan inode 15 (err -117) [ 75.491225][ T5322] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.513992][ T5322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.549849][ T5328] netlink: 'syz.4.552': attribute type 10 has an invalid length. [ 75.698107][ T5335] netlink: 108 bytes leftover after parsing attributes in process `syz.4.555'. [ 75.707194][ T5335] netlink: 108 bytes leftover after parsing attributes in process `syz.4.555'. [ 75.770900][ T5342] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5342 comm=syz.4.556 [ 75.821673][ T5340] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5340 comm=syz.4.556 [ 75.969968][ T5348] netlink: 'syz.4.559': attribute type 10 has an invalid length. [ 75.988163][ T5348] bond0: (slave dummy0): Releasing backup interface [ 75.994938][ T5346] loop2: detected capacity change from 0 to 8192 [ 76.015011][ T5348] team0: Port device dummy0 added [ 76.053037][ T5348] syz.4.559 (5348) used greatest stack depth: 10280 bytes left [ 76.148332][ T5366] loop3: detected capacity change from 0 to 2048 [ 76.190700][ T5370] loop4: detected capacity change from 0 to 2048 [ 76.216227][ T5366] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.281090][ T5370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.441955][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.007869][ T5407] loop1: detected capacity change from 0 to 2048 [ 77.047514][ T5407] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.061040][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.211726][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.249964][ T5423] __nla_validate_parse: 2 callbacks suppressed [ 77.249979][ T5423] netlink: 108 bytes leftover after parsing attributes in process `syz.1.582'. [ 77.265267][ T5423] netlink: 108 bytes leftover after parsing attributes in process `syz.1.582'. [ 77.274240][ T5423] netlink: 108 bytes leftover after parsing attributes in process `syz.1.582'. [ 77.343236][ T5432] loop4: detected capacity change from 0 to 512 [ 77.357313][ T5432] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 77.374606][ T5432] System zones: 1-12 [ 77.378825][ T5432] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.581: Directory hole found for htree index block 0 [ 77.392548][ T5432] EXT4-fs (loop4): Remounting filesystem read-only [ 77.399189][ T5432] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 77.407877][ T5432] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 77.417284][ T5432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.435068][ T5432] ext4: Unknown parameter '€' [ 77.453785][ T5437] netlink: 108 bytes leftover after parsing attributes in process `syz.2.586'. [ 77.462924][ T5437] netlink: 108 bytes leftover after parsing attributes in process `syz.2.586'. [ 77.471886][ T5437] netlink: 108 bytes leftover after parsing attributes in process `syz.2.586'. [ 77.509713][ T5442] loop2: detected capacity change from 0 to 2048 [ 77.532519][ T5442] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.614627][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.647309][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.745128][ T5461] netlink: 'syz.3.593': attribute type 10 has an invalid length. [ 77.767075][ T5461] team0: Port device dummy0 removed [ 77.784190][ T5461] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 77.812466][ T5469] loop4: detected capacity change from 0 to 512 [ 77.832093][ T5469] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.597: corrupted in-inode xattr: invalid ea_ino [ 77.847172][ T5469] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.597: couldn't read orphan inode 15 (err -117) [ 77.887868][ T5469] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.962963][ T5469] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.208065][ T5479] loop1: detected capacity change from 0 to 2048 [ 78.275742][ T5481] loop4: detected capacity change from 0 to 512 [ 78.308584][ T5479] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.335543][ T5491] netlink: 'syz.0.604': attribute type 10 has an invalid length. [ 78.344526][ T5481] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.601: corrupted in-inode xattr: invalid ea_ino [ 78.373524][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.382876][ T5481] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.601: couldn't read orphan inode 15 (err -117) [ 78.449397][ T5481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.558370][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.633176][ T5507] loop4: detected capacity change from 0 to 2048 [ 78.648605][ T5509] loop1: detected capacity change from 0 to 512 [ 78.655299][ T5509] journal_path: Non-blockdev passed as './file1' [ 78.661677][ T5509] EXT4-fs: error: could not find journal device path [ 78.671722][ T5507] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.936026][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.996693][ T5522] loop3: detected capacity change from 0 to 2048 [ 79.017318][ T5524] netlink: 108 bytes leftover after parsing attributes in process `syz.4.617'. [ 79.026370][ T5524] netlink: 108 bytes leftover after parsing attributes in process `syz.4.617'. [ 79.035335][ T5524] netlink: 108 bytes leftover after parsing attributes in process `syz.4.617'. [ 79.069345][ T5530] loop2: detected capacity change from 0 to 512 [ 79.088065][ T5522] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.101754][ T5534] loop4: detected capacity change from 0 to 512 [ 79.222753][ T5534] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.620: corrupted in-inode xattr: invalid ea_ino [ 79.272431][ T5534] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.620: couldn't read orphan inode 15 (err -117) [ 79.303687][ T5537] FAULT_INJECTION: forcing a failure. [ 79.303687][ T5537] name failslab, interval 1, probability 0, space 0, times 1 [ 79.316352][ T5537] CPU: 1 UID: 0 PID: 5537 Comm: syz.2.619 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(voluntary) [ 79.316379][ T5537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 79.316390][ T5537] Call Trace: [ 79.316396][ T5537] [ 79.316404][ T5537] __dump_stack+0x1d/0x30 [ 79.316424][ T5537] dump_stack_lvl+0xe8/0x140 [ 79.316443][ T5537] dump_stack+0x15/0x1b [ 79.316469][ T5537] should_fail_ex+0x265/0x280 [ 79.316499][ T5537] should_failslab+0x8c/0xb0 [ 79.316523][ T5537] kmem_cache_alloc_lru_noprof+0x55/0x310 [ 79.316628][ T5537] ? shmem_alloc_inode+0x34/0x50 [ 79.316647][ T5537] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 79.316668][ T5537] shmem_alloc_inode+0x34/0x50 [ 79.316684][ T5537] alloc_inode+0x3d/0x170 [ 79.316706][ T5537] new_inode+0x1d/0xe0 [ 79.316724][ T5537] shmem_get_inode+0x244/0x750 [ 79.316755][ T5537] __shmem_file_setup+0x113/0x210 [ 79.316788][ T5537] shmem_file_setup+0x3b/0x50 [ 79.316814][ T5537] __se_sys_memfd_create+0x2c3/0x590 [ 79.316832][ T5537] __x64_sys_memfd_create+0x31/0x40 [ 79.316903][ T5537] x64_sys_call+0x2abe/0x2ff0 [ 79.316924][ T5537] do_syscall_64+0xd2/0x200 [ 79.316947][ T5537] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 79.317028][ T5537] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 79.317049][ T5537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.317089][ T5537] RIP: 0033:0x7fb72b08eb69 [ 79.317128][ T5537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.317162][ T5537] RSP: 002b:00007fb7296b4e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 79.317181][ T5537] RAX: ffffffffffffffda RBX: 00000000000007bf RCX: 00007fb72b08eb69 [ 79.317197][ T5537] RDX: 00007fb7296b4ef0 RSI: 0000000000000000 RDI: 00007fb72b112784 [ 79.317206][ T5537] RBP: 0000200000000e00 R08: 00007fb7296b4bb7 R09: 00007fb7296b4e40 [ 79.317216][ T5537] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000000c0 [ 79.317226][ T5537] R13: 00007fb7296b4ef0 R14: 00007fb7296b4eb0 R15: 0000200000000400 [ 79.317240][ T5537] [ 79.772218][ T5534] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.028013][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.198988][ T5551] loop1: detected capacity change from 0 to 2048 [ 80.432367][ T5557] netlink: 'syz.4.622': attribute type 10 has an invalid length. [ 80.447585][ T5557] team0: Port device dummy0 removed [ 80.467401][ T5557] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 80.605532][ T5572] loop4: detected capacity change from 0 to 512 [ 80.675852][ T5576] loop3: detected capacity change from 0 to 512 [ 80.816357][ T29] kauditd_printk_skb: 154 callbacks suppressed [ 80.816372][ T29] audit: type=1326 audit(1754401867.781:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5575 comm="syz.2.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 80.845953][ T29] audit: type=1326 audit(1754401867.781:1669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5575 comm="syz.2.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 80.869243][ T29] audit: type=1326 audit(1754401867.781:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5575 comm="syz.2.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 80.951289][ T5572] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.633: corrupted in-inode xattr: invalid ea_ino [ 80.965570][ T5576] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 80.981527][ T5576] System zones: 1-12 [ 80.989100][ T5576] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.632: Directory hole found for htree index block 0 [ 81.013954][ T5572] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.633: couldn't read orphan inode 15 (err -117) [ 81.032419][ T5576] EXT4-fs (loop3): Remounting filesystem read-only [ 81.040289][ T5576] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 81.049262][ T5576] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 81.068948][ T29] audit: type=1326 audit(1754401867.861:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5575 comm="syz.2.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 81.092338][ T29] audit: type=1326 audit(1754401867.861:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5575 comm="syz.2.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 81.115664][ T29] audit: type=1326 audit(1754401867.861:1673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5575 comm="syz.2.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 81.115835][ T5589] loop2: detected capacity change from 0 to 512 [ 81.139047][ T29] audit: type=1326 audit(1754401867.861:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5575 comm="syz.2.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72b08eb69 code=0x7ffc0000 [ 81.177058][ T5566] ext4: Unknown parameter '€' [ 81.197400][ T5589] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 81.206691][ T5589] System zones: 1-12 [ 81.212095][ T5589] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.635: Directory hole found for htree index block 0 [ 81.260071][ T5589] EXT4-fs (loop2): Remounting filesystem read-only [ 81.266872][ T5589] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 81.275855][ T5589] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 81.301024][ T5589] EXT4-fs (loop2): can't enable nombcache during remount [ 81.534943][ T5610] loop1: detected capacity change from 0 to 512 [ 81.543723][ T5610] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 81.551732][ T5610] System zones: 1-12 [ 81.555833][ T5610] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.639: Directory hole found for htree index block 0 [ 81.568425][ T5610] EXT4-fs (loop1): Remounting filesystem read-only [ 81.575069][ T5610] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 81.583438][ T5610] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 81.594494][ T5610] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 81.839591][ T5618] netlink: 'syz.4.640': attribute type 10 has an invalid length. [ 81.877284][ T5621] loop2: detected capacity change from 0 to 2048 [ 81.879319][ T5617] syzkaller0: entered promiscuous mode [ 81.889112][ T5617] syzkaller0: entered allmulticast mode [ 81.900727][ T5618] bond0: (slave dummy0): Releasing backup interface [ 81.930002][ T5627] netlink: 108 bytes leftover after parsing attributes in process `syz.0.643'. [ 81.942274][ T5618] team0: Port device dummy0 added [ 82.055789][ T5639] loop3: detected capacity change from 0 to 8192 [ 82.102194][ T29] audit: type=1326 audit(1754401869.071:1675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5631 comm="syz.4.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 82.125620][ T29] audit: type=1326 audit(1754401869.071:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5631 comm="syz.4.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 82.149123][ T29] audit: type=1326 audit(1754401869.071:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5631 comm="syz.4.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 82.639529][ T5667] loop4: detected capacity change from 0 to 512 [ 82.648531][ T5667] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 82.656593][ T5667] System zones: 1-12 [ 82.660766][ T5667] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.653: Directory hole found for htree index block 0 [ 82.673333][ T5667] EXT4-fs (loop4): Remounting filesystem read-only [ 82.679859][ T5667] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 82.688181][ T5667] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 82.712724][ T5673] loop2: detected capacity change from 0 to 512 [ 82.719114][ T5667] EXT4-fs (loop4): can't enable nombcache during remount [ 82.731143][ T5673] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 82.741196][ T5673] System zones: 1-12 [ 82.745572][ T5673] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.654: Directory hole found for htree index block 0 [ 82.758302][ T5673] EXT4-fs (loop2): Remounting filesystem read-only [ 82.765813][ T5673] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 82.774408][ T5673] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 82.788490][ T5673] EXT4-fs (loop2): can't enable nombcache during remount [ 82.956697][ T5683] netlink: 'syz.4.658': attribute type 10 has an invalid length. [ 82.982983][ T5683] team0: Port device dummy0 removed [ 82.999508][ T5683] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 83.010033][ T5687] __nla_validate_parse: 2 callbacks suppressed [ 83.010046][ T5687] netlink: 44 bytes leftover after parsing attributes in process `syz.3.656'. [ 83.088787][ T5699] loop1: detected capacity change from 0 to 512 [ 83.115155][ T5699] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.663: corrupted in-inode xattr: invalid ea_ino [ 83.138390][ T5699] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.663: couldn't read orphan inode 15 (err -117) [ 83.150339][ T5705] loop2: detected capacity change from 0 to 512 [ 83.158307][ T5705] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 83.166579][ T5705] System zones: 1-12 [ 83.170835][ T5705] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.659: Directory hole found for htree index block 0 [ 83.183537][ T5705] EXT4-fs (loop2): Remounting filesystem read-only [ 83.190360][ T5705] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 83.198573][ T5705] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 83.208951][ T5705] ext4: Unknown parameter '' [ 83.375033][ T5715] netlink: 108 bytes leftover after parsing attributes in process `syz.0.665'. [ 83.384010][ T5715] netlink: 108 bytes leftover after parsing attributes in process `syz.0.665'. [ 83.392960][ T5715] netlink: 108 bytes leftover after parsing attributes in process `syz.0.665'. [ 83.773700][ T5721] loop3: detected capacity change from 0 to 2048 [ 83.931143][ T5738] netlink: 44 bytes leftover after parsing attributes in process `syz.1.668'. [ 83.944101][ T5740] loop2: detected capacity change from 0 to 512 [ 83.949735][ T5741] netlink: 44 bytes leftover after parsing attributes in process `syz.4.671'. [ 83.966242][ T5740] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 83.974289][ T5740] System zones: 1-12 [ 83.978274][ T5740] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.669: Directory hole found for htree index block 0 [ 83.981520][ T5743] netlink: 108 bytes leftover after parsing attributes in process `syz.3.670'. [ 83.991742][ T5740] EXT4-fs (loop2): Remounting filesystem read-only [ 83.999498][ T5743] netlink: 108 bytes leftover after parsing attributes in process `syz.3.670'. [ 84.006816][ T5740] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 84.015066][ T5743] netlink: 108 bytes leftover after parsing attributes in process `syz.3.670'. [ 84.024730][ T5740] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 84.053130][ T5740] EXT4-fs (loop2): can't enable nombcache during remount [ 84.157376][ T5748] netlink: 'syz.0.672': attribute type 10 has an invalid length. [ 84.783443][ T5765] netlink: 20 bytes leftover after parsing attributes in process `syz.3.680'. [ 84.820386][ T5762] loop4: detected capacity change from 0 to 2048 [ 84.822516][ T5770] loop3: detected capacity change from 0 to 2048 [ 85.051903][ T5786] loop3: detected capacity change from 0 to 512 [ 85.061918][ T5786] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 85.070909][ T5786] System zones: 1-12 [ 85.076049][ T5786] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.682: Directory hole found for htree index block 0 [ 85.092100][ T5786] EXT4-fs (loop3): Remounting filesystem read-only [ 85.098705][ T5786] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 85.111566][ T5786] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 85.121159][ T5786] ext4: Unknown parameter '' [ 85.348199][ T5796] netlink: 'syz.1.684': attribute type 10 has an invalid length. [ 85.358863][ T5796] team0: Port device dummy0 removed [ 85.366207][ T5796] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 85.659250][ T5802] loop2: detected capacity change from 0 to 512 [ 85.680361][ T5802] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.687: corrupted in-inode xattr: invalid ea_ino [ 85.697549][ T5802] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.687: couldn't read orphan inode 15 (err -117) [ 85.828133][ T29] kauditd_printk_skb: 220 callbacks suppressed [ 85.828145][ T29] audit: type=1326 audit(1754401872.791:1898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5816 comm="syz.0.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x7ffc0000 [ 85.883511][ T29] audit: type=1326 audit(1754401872.831:1899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5816 comm="syz.0.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ff2b9eb69 code=0x7ffc0000 [ 85.906923][ T29] audit: type=1326 audit(1754401872.831:1900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5816 comm="syz.0.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x7ffc0000 [ 85.930281][ T29] audit: type=1326 audit(1754401872.831:1901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5816 comm="syz.0.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x7ffc0000 [ 85.953557][ T29] audit: type=1326 audit(1754401872.831:1902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5816 comm="syz.0.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff2b9eb69 code=0x7ffc0000 [ 85.976982][ T29] audit: type=1326 audit(1754401872.831:1903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5816 comm="syz.0.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x7ffc0000 [ 86.000308][ T29] audit: type=1326 audit(1754401872.831:1904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5816 comm="syz.0.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x7ffc0000 [ 86.023678][ T29] audit: type=1326 audit(1754401872.831:1905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5816 comm="syz.0.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f5ff2b9eb69 code=0x7ffc0000 [ 86.047058][ T29] audit: type=1326 audit(1754401872.831:1906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5816 comm="syz.0.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x7ffc0000 [ 86.070439][ T29] audit: type=1326 audit(1754401872.831:1907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5816 comm="syz.0.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f5ff2b9eb69 code=0x7ffc0000 [ 86.081710][ T5828] loop2: detected capacity change from 0 to 2048 [ 86.113178][ T5818] loop3: detected capacity change from 0 to 512 [ 86.157253][ T5818] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 86.170289][ T5818] System zones: 1-12 [ 86.174410][ T5818] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.690: Directory hole found for htree index block 0 [ 86.222711][ T5818] EXT4-fs (loop3): Remounting filesystem read-only [ 86.230239][ T5818] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 86.238600][ T5818] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 86.254812][ T5818] EXT4-fs (loop3): can't enable nombcache during remount [ 86.651683][ T5852] loop1: detected capacity change from 0 to 512 [ 86.665249][ T5852] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 86.680288][ T5852] System zones: 1-12 [ 86.685035][ T5852] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.695: Directory hole found for htree index block 0 [ 86.730390][ T5852] EXT4-fs (loop1): Remounting filesystem read-only [ 86.736942][ T5852] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 86.745604][ T5852] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 86.758757][ T5852] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 86.956170][ T5857] loop2: detected capacity change from 0 to 2048 [ 87.168329][ T5862] loop4: detected capacity change from 0 to 8192 [ 87.408501][ T5879] loop1: detected capacity change from 0 to 512 [ 87.419268][ T5879] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 87.428473][ T5879] System zones: 1-12 [ 87.432638][ T5879] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.702: Directory hole found for htree index block 0 [ 87.446267][ T5879] EXT4-fs (loop1): Remounting filesystem read-only [ 87.453159][ T5879] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 87.461487][ T5879] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 87.470827][ T5879] ext4: Unknown parameter '' [ 87.808595][ T5882] netlink: 'syz.2.703': attribute type 10 has an invalid length. [ 87.835950][ T5884] loop2: detected capacity change from 0 to 2048 [ 87.982400][ T5892] netlink: 'syz.4.706': attribute type 10 has an invalid length. [ 88.068335][ T5899] __nla_validate_parse: 6 callbacks suppressed [ 88.068402][ T5899] netlink: 44 bytes leftover after parsing attributes in process `syz.0.707'. [ 88.152090][ T5907] loop3: detected capacity change from 0 to 2048 [ 88.190897][ T5911] loop1: detected capacity change from 0 to 2048 [ 88.282369][ T5916] loop1: detected capacity change from 0 to 2048 [ 88.466848][ T5921] netlink: 'syz.1.714': attribute type 10 has an invalid length. [ 88.478626][ T5921] bond0: (slave dummy0): Releasing backup interface [ 88.487970][ T5921] team0: Port device dummy0 added [ 88.532152][ T5925] loop1: detected capacity change from 0 to 512 [ 88.544233][ T5925] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.716: corrupted in-inode xattr: invalid ea_ino [ 88.574680][ T5928] loop4: detected capacity change from 0 to 2048 [ 88.581717][ T5925] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.716: couldn't read orphan inode 15 (err -117) [ 88.702766][ T5936] netlink: 'syz.4.719': attribute type 10 has an invalid length. [ 88.726176][ T5933] netlink: 108 bytes leftover after parsing attributes in process `syz.1.718'. [ 88.735194][ T5933] netlink: 108 bytes leftover after parsing attributes in process `syz.1.718'. [ 88.744179][ T5933] netlink: 108 bytes leftover after parsing attributes in process `syz.1.718'. [ 88.782247][ T5939] loop4: detected capacity change from 0 to 512 [ 88.797635][ T5939] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 88.821134][ T5948] loop2: detected capacity change from 0 to 764 [ 88.837530][ T5948] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 88.845673][ T5939] System zones: 1-12 [ 88.855768][ T5939] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.720: Directory hole found for htree index block 0 [ 88.869251][ T5939] EXT4-fs (loop4): Remounting filesystem read-only [ 88.905509][ T5939] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 88.926415][ T5939] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 88.943243][ T5955] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 88.956725][ T5955] netlink: 'syz.2.722': attribute type 12 has an invalid length. [ 88.964491][ T5955] netlink: 'syz.2.722': attribute type 29 has an invalid length. [ 88.972279][ T5955] netlink: 148 bytes leftover after parsing attributes in process `syz.2.722'. [ 88.994633][ T5939] EXT4-fs (loop4): can't enable nombcache during remount [ 89.073967][ T5958] loop4: detected capacity change from 0 to 2048 [ 89.167869][ T5962] netlink: 'syz.3.726': attribute type 10 has an invalid length. [ 89.186588][ T5962] bond0: (slave dummy0): Releasing backup interface [ 89.194834][ T5962] team0: Port device dummy0 added [ 89.211440][ T5962] syz.3.726 (5962) used greatest stack depth: 9952 bytes left [ 89.253202][ T5965] loop3: detected capacity change from 0 to 2048 [ 89.491734][ T5975] netlink: 'syz.1.730': attribute type 10 has an invalid length. [ 89.501385][ T5975] team0: Port device dummy0 removed [ 89.517264][ T5975] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 89.607368][ T5980] netlink: 44 bytes leftover after parsing attributes in process `syz.0.731'. [ 89.722107][ T5988] netlink: 20 bytes leftover after parsing attributes in process `syz.2.735'. [ 90.525798][ T6009] netlink: 108 bytes leftover after parsing attributes in process `syz.4.741'. [ 90.535593][ T6009] netlink: 108 bytes leftover after parsing attributes in process `syz.4.741'. [ 90.544651][ T6009] netlink: 108 bytes leftover after parsing attributes in process `syz.4.741'. [ 90.625403][ T6015] netlink: 'syz.1.743': attribute type 10 has an invalid length. [ 90.744444][ T6025] loop1: detected capacity change from 0 to 512 [ 90.776874][ T6027] loop2: detected capacity change from 0 to 512 [ 90.782092][ T6025] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.746: corrupted in-inode xattr: invalid ea_ino [ 90.798184][ T6027] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 90.831165][ T6027] System zones: 1-12 [ 90.847536][ T6025] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.746: couldn't read orphan inode 15 (err -117) [ 90.869841][ T6027] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.744: Directory hole found for htree index block 0 [ 90.890294][ T6027] EXT4-fs (loop2): Remounting filesystem read-only [ 90.896835][ T6027] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 90.907363][ T6027] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 90.926777][ T6030] loop1: detected capacity change from 0 to 512 [ 90.944883][ T29] kauditd_printk_skb: 173 callbacks suppressed [ 90.944939][ T29] audit: type=1326 audit(1754401877.911:2081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5997 comm="syz.3.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb67eeb69 code=0x7ffc0000 [ 90.954031][ T6030] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.747: corrupted in-inode xattr: invalid ea_ino [ 90.979032][ T29] audit: type=1326 audit(1754401877.911:2082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5997 comm="syz.3.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb67eeb69 code=0x7ffc0000 [ 91.011173][ T29] audit: type=1326 audit(1754401877.951:2083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5997 comm="syz.3.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f5bb67eeb69 code=0x7ffc0000 [ 91.022259][ T6027] EXT4-fs (loop2): can't enable nombcache during remount [ 91.034440][ T29] audit: type=1326 audit(1754401877.951:2084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5997 comm="syz.3.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb67eeb69 code=0x7ffc0000 [ 91.050469][ T6030] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.747: couldn't read orphan inode 15 (err -117) [ 91.064766][ T29] audit: type=1326 audit(1754401877.951:2085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5997 comm="syz.3.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb67eeb69 code=0x7ffc0000 [ 91.099766][ T29] audit: type=1326 audit(1754401877.951:2086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5997 comm="syz.3.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5bb67eeb69 code=0x7ffc0000 [ 91.123089][ T29] audit: type=1326 audit(1754401877.951:2087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5997 comm="syz.3.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb67eeb69 code=0x7ffc0000 [ 91.146440][ T29] audit: type=1326 audit(1754401877.951:2088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5997 comm="syz.3.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5bb67eeb69 code=0x7ffc0000 [ 91.169736][ T29] audit: type=1326 audit(1754401877.951:2089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5997 comm="syz.3.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb67eeb69 code=0x7ffc0000 [ 91.193273][ T29] audit: type=1326 audit(1754401877.951:2090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5997 comm="syz.3.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f5bb67eeb69 code=0x7ffc0000 [ 91.631103][ T6069] team_slave_0: entered promiscuous mode [ 91.636788][ T6069] team_slave_1: entered promiscuous mode [ 91.646596][ T6069] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 91.677307][ T6076] netlink: 'syz.4.759': attribute type 12 has an invalid length. [ 92.498467][ T6102] veth0: entered promiscuous mode [ 92.545768][ T6105] loop3: detected capacity change from 0 to 512 [ 92.570071][ T6105] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 92.599430][ T6105] System zones: 1-12 [ 92.619945][ T6105] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.766: Directory hole found for htree index block 0 [ 92.685487][ T6105] EXT4-fs (loop3): Remounting filesystem read-only [ 92.705860][ T6105] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 92.714110][ T6105] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 92.736110][ T6105] EXT4-fs (loop3): can't enable nombcache during remount [ 92.823057][ T6127] loop2: detected capacity change from 0 to 1024 [ 93.349675][ T6134] __nla_validate_parse: 8 callbacks suppressed [ 93.349688][ T6134] netlink: 20 bytes leftover after parsing attributes in process `syz.1.777'. [ 93.447260][ T6140] loop1: detected capacity change from 0 to 512 [ 93.459949][ T6140] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.780: corrupted in-inode xattr: invalid ea_ino [ 93.481195][ T6140] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.780: couldn't read orphan inode 15 (err -117) [ 93.557518][ T6145] FAULT_INJECTION: forcing a failure. [ 93.557518][ T6145] name failslab, interval 1, probability 0, space 0, times 0 [ 93.570274][ T6145] CPU: 0 UID: 0 PID: 6145 Comm: syz.4.778 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(voluntary) [ 93.570299][ T6145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 93.570311][ T6145] Call Trace: [ 93.570318][ T6145] [ 93.570325][ T6145] __dump_stack+0x1d/0x30 [ 93.570397][ T6145] dump_stack_lvl+0xe8/0x140 [ 93.570416][ T6145] dump_stack+0x15/0x1b [ 93.570432][ T6145] should_fail_ex+0x265/0x280 [ 93.570536][ T6145] should_failslab+0x8c/0xb0 [ 93.570558][ T6145] kmem_cache_alloc_lru_noprof+0x55/0x310 [ 93.570627][ T6145] ? shmem_alloc_inode+0x34/0x50 [ 93.570644][ T6145] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 93.570661][ T6145] shmem_alloc_inode+0x34/0x50 [ 93.570678][ T6145] alloc_inode+0x3d/0x170 [ 93.570755][ T6145] new_inode+0x1d/0xe0 [ 93.570777][ T6145] shmem_get_inode+0x244/0x750 [ 93.570796][ T6145] __shmem_file_setup+0x113/0x210 [ 93.570821][ T6145] shmem_file_setup+0x3b/0x50 [ 93.570921][ T6145] __se_sys_memfd_create+0x2c3/0x590 [ 93.570943][ T6145] __x64_sys_memfd_create+0x31/0x40 [ 93.571012][ T6145] x64_sys_call+0x2abe/0x2ff0 [ 93.571033][ T6145] do_syscall_64+0xd2/0x200 [ 93.571059][ T6145] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 93.571085][ T6145] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 93.571179][ T6145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.571196][ T6145] RIP: 0033:0x7f0d92cbeb69 [ 93.571211][ T6145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 93.571229][ T6145] RSP: 002b:00007f0d912dce18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 93.571304][ T6145] RAX: ffffffffffffffda RBX: 00000000000007bf RCX: 00007f0d92cbeb69 [ 93.571314][ T6145] RDX: 00007f0d912dcef0 RSI: 0000000000000000 RDI: 00007f0d92d42784 [ 93.571324][ T6145] RBP: 0000200000000e00 R08: 00007f0d912dcbb7 R09: 00007f0d912dce40 [ 93.571334][ T6145] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000000c0 [ 93.571344][ T6145] R13: 00007f0d912dcef0 R14: 00007f0d912dceb0 R15: 0000200000000400 [ 93.571363][ T6145] [ 93.919477][ T6151] loop3: detected capacity change from 0 to 512 [ 93.953635][ T6155] validate_nla: 3 callbacks suppressed [ 93.953650][ T6155] netlink: 'syz.0.784': attribute type 10 has an invalid length. [ 93.983205][ T6151] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 93.996376][ T6151] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 94.007436][ T6157] loop1: detected capacity change from 0 to 512 [ 94.051415][ T6155] bond0: (slave dummy0): Releasing backup interface [ 94.066457][ T6157] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 94.084087][ T6157] System zones: 1-12 [ 94.093252][ T6151] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 94.110104][ T6155] team0: Port device dummy0 added [ 94.117621][ T6157] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.781: Directory hole found for htree index block 0 [ 94.160862][ T6155] syz.0.784 (6155) used greatest stack depth: 9448 bytes left [ 94.169540][ T6157] EXT4-fs (loop1): Remounting filesystem read-only [ 94.181037][ T6151] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #11: comm syz.3.783: corrupted inode contents [ 94.200353][ T6157] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 94.226970][ T6151] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #11: comm syz.3.783: mark_inode_dirty error [ 94.249909][ T6157] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 94.277847][ T6151] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.783: invalid indirect mapped block 1 (level 1) [ 94.312962][ T6147] EXT4-fs (loop1): can't enable nombcache during remount [ 94.357444][ T6151] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #11: comm syz.3.783: corrupted inode contents [ 94.385077][ T6170] syz.0.788 uses obsolete (PF_INET,SOCK_PACKET) [ 94.403069][ T6151] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 94.432950][ T6151] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #11: comm syz.3.783: corrupted inode contents [ 94.451381][ T6170] tipc: Enabling of bearer rejected, failed to enable media [ 94.487971][ T6151] EXT4-fs error (device loop3): ext4_truncate:4666: inode #11: comm syz.3.783: mark_inode_dirty error [ 94.539565][ T6151] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 94.560820][ T6151] EXT4-fs (loop3): 1 truncate cleaned up [ 94.673588][ T6182] loop2: detected capacity change from 0 to 764 [ 94.698463][ T6182] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 94.737101][ T6184] loop2: detected capacity change from 0 to 512 [ 94.747589][ T6184] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.792: corrupted in-inode xattr: invalid ea_ino [ 94.766742][ T6184] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.792: couldn't read orphan inode 15 (err -117) [ 94.846676][ T6196] SELinux: policydb magic number 0xf97eff03 does not match expected magic number 0xf97cff8c [ 94.858589][ T6196] SELinux: failed to load policy [ 94.864106][ T6198] netlink: 'syz.0.796': attribute type 10 has an invalid length. [ 94.872056][ T6199] loop3: detected capacity change from 0 to 512 [ 94.893888][ T6200] netlink: 44 bytes leftover after parsing attributes in process `syz.4.793'. [ 94.894428][ T6199] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 94.913441][ T6199] System zones: 1-12 [ 94.917547][ T6199] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.790: Directory hole found for htree index block 0 [ 94.929974][ T6199] EXT4-fs (loop3): Remounting filesystem read-only [ 94.936693][ T6199] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 94.945040][ T6199] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 94.969981][ T6199] EXT4-fs (loop3): can't enable nombcache during remount [ 94.976570][ T6207] netlink: 44 bytes leftover after parsing attributes in process `syz.0.797'. [ 95.040860][ T6212] netlink: 4 bytes leftover after parsing attributes in process `syz.2.800'. [ 95.068923][ T6216] loop2: detected capacity change from 0 to 128 [ 95.076974][ T6216] ext4 filesystem being mounted at /162/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.123032][ T6221] loop2: detected capacity change from 0 to 764 [ 95.131034][ T6221] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 95.336289][ T6225] loop1: detected capacity change from 0 to 512 [ 95.345461][ T6225] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.805: corrupted in-inode xattr: invalid ea_ino [ 95.359075][ T6225] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.805: couldn't read orphan inode 15 (err -117) [ 95.390359][ T6228] loop1: detected capacity change from 0 to 512 [ 95.396960][ T6228] EXT4-fs: Ignoring removed bh option [ 95.402788][ T6228] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 95.412148][ T6228] EXT4-fs (loop1): 1 truncate cleaned up [ 95.418093][ T6228] EXT4-fs mount: 82 callbacks suppressed [ 95.418101][ T6228] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.445479][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.675166][ T6233] netlink: 'syz.4.808': attribute type 10 has an invalid length. [ 95.683745][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.683915][ T6233] bond0: (slave dummy0): Releasing backup interface [ 95.701423][ T6233] dummy0: entered promiscuous mode [ 95.706936][ T6233] team0: Port device dummy0 added [ 95.730780][ T6235] FAULT_INJECTION: forcing a failure. [ 95.730780][ T6235] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 95.744105][ T6235] CPU: 0 UID: 0 PID: 6235 Comm: syz.3.809 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(voluntary) [ 95.744208][ T6235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 95.744292][ T6235] Call Trace: [ 95.744299][ T6235] [ 95.744306][ T6235] __dump_stack+0x1d/0x30 [ 95.744461][ T6235] dump_stack_lvl+0xe8/0x140 [ 95.744533][ T6235] dump_stack+0x15/0x1b [ 95.744546][ T6235] should_fail_ex+0x265/0x280 [ 95.744575][ T6235] should_fail_alloc_page+0xf2/0x100 [ 95.744600][ T6235] __alloc_frozen_pages_noprof+0xff/0x360 [ 95.744648][ T6235] alloc_pages_mpol+0xb3/0x250 [ 95.744722][ T6235] alloc_pages_noprof+0x90/0x130 [ 95.744750][ T6235] get_free_pages_noprof+0xc/0x40 [ 95.744776][ T6235] do_proc_control+0x186/0x8b0 [ 95.744854][ T6235] ? should_fail_ex+0xdb/0x280 [ 95.744883][ T6235] proc_control+0x71/0xa0 [ 95.744903][ T6235] usbdev_ioctl+0x948/0x1710 [ 95.744920][ T6235] ? __pfx_usbdev_ioctl+0x10/0x10 [ 95.744977][ T6235] __se_sys_ioctl+0xcb/0x140 [ 95.744994][ T6235] __x64_sys_ioctl+0x43/0x50 [ 95.745010][ T6235] x64_sys_call+0x1816/0x2ff0 [ 95.745021][ T6235] do_syscall_64+0xd2/0x200 [ 95.745033][ T6235] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 95.745081][ T6235] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 95.745092][ T6235] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.745103][ T6235] RIP: 0033:0x7f5bb67eeb69 [ 95.745112][ T6235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.745121][ T6235] RSP: 002b:00007f5bb4e4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 95.745198][ T6235] RAX: ffffffffffffffda RBX: 00007f5bb6a15fa0 RCX: 00007f5bb67eeb69 [ 95.745205][ T6235] RDX: 0000200000000000 RSI: 00000000c0185500 RDI: 0000000000000004 [ 95.745227][ T6235] RBP: 00007f5bb4e4f090 R08: 0000000000000000 R09: 0000000000000000 [ 95.745234][ T6235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.745240][ T6235] R13: 0000000000000000 R14: 00007f5bb6a15fa0 R15: 00007fffb8b58a38 [ 95.745249][ T6235] [ 95.965463][ T29] kauditd_printk_skb: 88 callbacks suppressed [ 95.965476][ T29] audit: type=1326 audit(1754401882.931:2179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6230 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 96.008590][ T29] audit: type=1326 audit(1754401882.931:2180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6230 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 96.032100][ T29] audit: type=1326 audit(1754401882.931:2181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6230 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 96.055398][ T29] audit: type=1326 audit(1754401882.961:2182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6230 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 96.078915][ T29] audit: type=1326 audit(1754401882.961:2183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6230 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 96.102244][ T29] audit: type=1326 audit(1754401882.961:2184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6230 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 96.125627][ T29] audit: type=1326 audit(1754401882.961:2185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6230 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 96.148920][ T29] audit: type=1326 audit(1754401882.961:2186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6230 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 96.172203][ T29] audit: type=1326 audit(1754401882.961:2187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6230 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 96.195657][ T29] audit: type=1326 audit(1754401882.961:2188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6230 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 96.334945][ T6263] loop3: detected capacity change from 0 to 2048 [ 96.365512][ T6270] loop4: detected capacity change from 0 to 512 [ 96.376521][ T6269] loop1: detected capacity change from 0 to 512 [ 96.388652][ T6269] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 96.399258][ T6263] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.399994][ T6280] loop2: detected capacity change from 0 to 512 [ 96.418887][ T6270] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 96.418925][ T6269] System zones: 1-12 [ 96.437403][ T6270] System zones: 1-12 [ 96.442032][ T6270] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.814: Directory hole found for htree index block 0 [ 96.449679][ T6269] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.821: Directory hole found for htree index block 0 [ 96.455935][ T6280] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 96.467125][ T6269] EXT4-fs (loop1): Remounting filesystem read-only [ 96.476058][ T6280] System zones: 1-12 [ 96.481208][ T6269] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 96.485318][ T6270] EXT4-fs (loop4): Remounting filesystem read-only [ 96.493426][ T6269] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 96.501225][ T6280] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.819: Directory hole found for htree index block 0 [ 96.508484][ T6269] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.521397][ T6270] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 96.539245][ T6269] ext4: Unknown parameter '€' [ 96.545747][ T6280] EXT4-fs (loop2): Remounting filesystem read-only [ 96.546868][ T6270] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 96.552593][ T6280] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 96.569682][ T6280] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 96.573859][ T6270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.578707][ T6280] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.603473][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.617867][ T6280] EXT4-fs (loop2): can't enable nombcache during remount [ 96.627913][ T6270] ext4: Unknown parameter '€' [ 96.648058][ T6285] loop1: detected capacity change from 0 to 764 [ 96.658727][ T6285] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 96.670967][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.804534][ T6297] loop1: detected capacity change from 0 to 512 [ 96.813252][ T6297] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 96.821485][ T6297] System zones: 1-12 [ 96.825583][ T6297] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.825: Directory hole found for htree index block 0 [ 96.838121][ T6297] EXT4-fs (loop1): Remounting filesystem read-only [ 96.844717][ T6297] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 96.853156][ T6297] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 96.861756][ T6297] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.876861][ T6297] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 97.130998][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.155277][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.165761][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.197788][ T6306] loop4: detected capacity change from 0 to 512 [ 97.214997][ T6315] loop2: detected capacity change from 0 to 2048 [ 97.231613][ T6306] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 97.264695][ T6315] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.268070][ T6325] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=63313 sclass=netlink_route_socket pid=6325 comm=syz.1.833 [ 97.283347][ T6306] System zones: 1-12 [ 97.319525][ T6306] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.828: Directory hole found for htree index block 0 [ 97.344169][ T6306] EXT4-fs (loop4): Remounting filesystem read-only [ 97.350803][ T6306] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 97.359067][ T6306] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 97.368203][ T6306] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.384063][ T6306] ext4: Unknown parameter '' [ 97.430711][ T6333] netlink: 20 bytes leftover after parsing attributes in process `syz.0.837'. [ 97.440912][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.588071][ T6350] netlink: 'syz.4.844': attribute type 10 has an invalid length. [ 97.602715][ T6350] team0: Port device dummy0 removed [ 97.615726][ T6350] dummy0: left promiscuous mode [ 97.625914][ T6350] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 97.761598][ T6356] netlink: 44 bytes leftover after parsing attributes in process `syz.4.846'. [ 98.071137][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.123853][ T6363] loop2: detected capacity change from 0 to 512 [ 98.135926][ T6363] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 98.144317][ T6363] System zones: 1-12 [ 98.148429][ T6363] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.848: Directory hole found for htree index block 0 [ 98.170718][ T6363] EXT4-fs (loop2): Remounting filesystem read-only [ 98.178301][ T6363] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 98.186898][ T6363] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 98.196907][ T6363] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.217002][ T6363] EXT4-fs (loop2): can't enable nombcache during remount [ 98.312197][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.419818][ T6381] netlink: 'syz.0.854': attribute type 12 has an invalid length. [ 98.427668][ T6381] netlink: 'syz.0.854': attribute type 29 has an invalid length. [ 98.435555][ T6381] netlink: 148 bytes leftover after parsing attributes in process `syz.0.854'. [ 98.461934][ T6383] loop1: detected capacity change from 0 to 512 [ 98.531359][ T6383] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 98.583145][ T6383] EXT4-fs (loop1): mount failed [ 98.600730][ T6395] loop4: detected capacity change from 0 to 512 [ 98.612575][ T6395] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 98.621690][ T6395] System zones: 1-12 [ 98.625845][ T6395] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.861: Directory hole found for htree index block 0 [ 98.663700][ T6395] EXT4-fs (loop4): Remounting filesystem read-only [ 98.674270][ T6395] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 98.708020][ T6395] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 98.737397][ T6395] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.776773][ T6395] EXT4-fs (loop4): can't enable nombcache during remount [ 98.868567][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.886620][ T6419] loop1: detected capacity change from 0 to 512 [ 98.896025][ T6419] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 98.908220][ T6419] System zones: 1-12 [ 98.917792][ T6419] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.864: Directory hole found for htree index block 0 [ 98.967398][ T6419] EXT4-fs (loop1): Remounting filesystem read-only [ 98.989292][ T6419] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 99.007884][ T6419] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 99.060503][ T6419] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.101111][ T6419] ext4: Unknown parameter '€' [ 99.286928][ T6438] loop4: detected capacity change from 0 to 512 [ 99.308965][ T6438] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.871: corrupted in-inode xattr: invalid ea_ino [ 99.323363][ T6438] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.871: couldn't read orphan inode 15 (err -117) [ 99.336388][ T6438] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.350875][ T6438] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.614275][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.710539][ T6456] netlink: 'syz.1.878': attribute type 10 has an invalid length. [ 99.758641][ T6461] loop2: detected capacity change from 0 to 512 [ 99.765584][ T6461] journal_path: Non-blockdev passed as './file1' [ 99.772001][ T6461] EXT4-fs: error: could not find journal device path [ 99.804532][ T6465] loop2: detected capacity change from 0 to 2048 [ 99.833207][ T6465] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.031002][ T6485] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 100.094422][ T6490] netlink: 44 bytes leftover after parsing attributes in process `syz.0.888'. [ 100.109770][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.313622][ T6502] netlink: 'syz.2.895': attribute type 10 has an invalid length. [ 100.338013][ T6502] team0: Port device dummy0 removed [ 100.351896][ T6502] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 100.421422][ T6506] loop2: detected capacity change from 0 to 764 [ 100.443005][ T6506] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 100.462210][ T6507] netlink: 108 bytes leftover after parsing attributes in process `syz.3.896'. [ 100.471310][ T6507] netlink: 108 bytes leftover after parsing attributes in process `syz.3.896'. [ 100.471340][ T6507] netlink: 108 bytes leftover after parsing attributes in process `syz.3.896'. [ 100.648224][ T6522] loop4: detected capacity change from 0 to 512 [ 100.673527][ T6524] loop2: detected capacity change from 0 to 512 [ 100.775743][ T6524] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 100.788344][ T6524] System zones: 1-12 [ 100.792729][ T6524] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.903: Directory hole found for htree index block 0 [ 100.839182][ T6525] loop4: detected capacity change from 0 to 2048 [ 100.865915][ T6524] EXT4-fs (loop2): Remounting filesystem read-only [ 100.873592][ T6524] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 100.882058][ T6524] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 100.894317][ T6524] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.907677][ T6524] ext4: Unknown parameter '' [ 100.961078][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.010905][ T6525] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.052325][ T6534] loop2: detected capacity change from 0 to 2048 [ 101.072563][ T6534] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.324511][ T6555] netlink: 44 bytes leftover after parsing attributes in process `syz.3.913'. [ 101.349230][ T6557] netlink: 44 bytes leftover after parsing attributes in process `syz.0.914'. [ 101.545736][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.599275][ T6563] loop4: detected capacity change from 0 to 2048 [ 101.622267][ T6563] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.829909][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.899979][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.923640][ T6570] loop4: detected capacity change from 0 to 512 [ 101.951843][ T6570] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 101.959917][ T6570] System zones: 1-12 [ 101.964281][ T6570] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.917: Directory hole found for htree index block 0 [ 101.977610][ T6570] EXT4-fs (loop4): Remounting filesystem read-only [ 101.984345][ T6570] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 101.993344][ T6570] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 102.001973][ T6570] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.018760][ T6570] ext4: Unknown parameter '' [ 102.058047][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.112471][ T29] kauditd_printk_skb: 153 callbacks suppressed [ 102.112485][ T29] audit: type=1326 audit(1754401889.081:2341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6577 comm="syz.4.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 102.142205][ T29] audit: type=1326 audit(1754401889.081:2342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6577 comm="syz.4.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 102.165511][ T29] audit: type=1326 audit(1754401889.081:2343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6577 comm="syz.4.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 102.188913][ T29] audit: type=1326 audit(1754401889.081:2344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6577 comm="syz.4.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 102.195020][ T6580] loop3: detected capacity change from 0 to 2048 [ 102.212404][ T29] audit: type=1326 audit(1754401889.081:2345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6577 comm="syz.4.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 102.242112][ T29] audit: type=1326 audit(1754401889.081:2346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6577 comm="syz.4.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 102.265395][ T29] audit: type=1326 audit(1754401889.081:2347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6577 comm="syz.4.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 102.288775][ T29] audit: type=1326 audit(1754401889.081:2348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6577 comm="syz.4.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 102.312062][ T29] audit: type=1326 audit(1754401889.081:2349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6577 comm="syz.4.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 102.335358][ T29] audit: type=1326 audit(1754401889.081:2350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6577 comm="syz.4.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d92cbeb69 code=0x7ffc0000 [ 102.387169][ T6586] loop1: detected capacity change from 0 to 512 [ 102.401166][ T6580] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.446629][ T6586] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 102.455474][ T6586] System zones: 1-12 [ 102.459601][ T6586] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.922: Directory hole found for htree index block 0 [ 102.476301][ T6586] EXT4-fs (loop1): Remounting filesystem read-only [ 102.483211][ T6586] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 102.491958][ T6586] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 102.500901][ T6586] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.542732][ T6607] openvswitch: netlink: Message has 6 unknown bytes. [ 102.573231][ T6586] ext4: Unknown parameter '€' [ 102.606796][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.636718][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.653874][ T6611] loop1: detected capacity change from 0 to 764 [ 102.667134][ T6611] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 102.676514][ T6614] netlink: 44 bytes leftover after parsing attributes in process `syz.0.931'. [ 102.691480][ T6613] loop4: detected capacity change from 0 to 2048 [ 102.706768][ T6613] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.739748][ T6617] loop3: detected capacity change from 0 to 512 [ 102.760011][ T6617] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 102.771816][ T6617] System zones: 1-12 [ 102.775944][ T6617] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.934: Directory hole found for htree index block 0 [ 102.802051][ T6617] EXT4-fs (loop3): Remounting filesystem read-only [ 102.808986][ T6617] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 102.817385][ T6617] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 102.817396][ T6624] loop1: detected capacity change from 0 to 512 [ 102.832672][ T6617] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.851121][ T6624] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 102.864681][ T6624] System zones: 1-12 [ 102.874573][ T6632] netlink: 'syz.2.939': attribute type 4 has an invalid length. [ 102.882344][ T6632] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.939'. [ 102.886188][ T6624] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.936: Directory hole found for htree index block 0 [ 102.904941][ T6624] EXT4-fs (loop1): Remounting filesystem read-only [ 102.911814][ T6624] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 102.920314][ T6624] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 102.921164][ T6617] EXT4-fs (loop3): can't enable nombcache during remount [ 102.928921][ T6624] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.965268][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.990326][ T6624] EXT4-fs (loop1): can't enable nombcache during remount [ 103.028506][ T6635] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 103.041096][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.044155][ C0] hrtimer: interrupt took 50511 ns [ 103.062121][ T6635] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61853 sclass=netlink_route_socket pid=6635 comm=syz.4.940 [ 103.075715][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.113439][ T6639] loop2: detected capacity change from 0 to 512 [ 103.121998][ T6639] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 103.131362][ T6639] System zones: 1-12 [ 103.145003][ T6637] loop3: detected capacity change from 0 to 512 [ 103.146505][ T6639] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.943: Directory hole found for htree index block 0 [ 103.165158][ T6637] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 103.166959][ T6639] EXT4-fs (loop2): Remounting filesystem read-only [ 103.175616][ T6637] System zones: 1-12 [ 103.185753][ T6649] loop4: detected capacity change from 0 to 512 [ 103.186425][ T6637] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.942: Directory hole found for htree index block 0 [ 103.198359][ T6646] loop1: detected capacity change from 0 to 764 [ 103.205503][ T6639] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 103.215199][ T6649] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 103.221221][ T6637] EXT4-fs (loop3): Remounting filesystem read-only [ 103.233232][ T6649] System zones: 1-12 [ 103.238559][ T6649] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.953: Directory hole found for htree index block 0 [ 103.251413][ T6639] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 103.260580][ T6639] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.278034][ T6649] EXT4-fs (loop4): Remounting filesystem read-only [ 103.279898][ T6639] ext4: Unknown parameter 'ÿÿÿÿ' [ 103.285821][ T6637] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 103.298008][ T6649] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 103.298132][ T6646] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 103.306376][ T6649] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 103.316484][ T6637] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 103.323086][ T6649] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.352511][ T6637] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.369620][ T6649] EXT4-fs (loop4): can't enable nombcache during remount [ 103.383710][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.393425][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.410326][ T6652] openvswitch: netlink: Message has 6 unknown bytes. [ 103.464456][ T6637] EXT4-fs (loop3): can't enable nombcache during remount [ 103.505639][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.602240][ T6668] loop3: detected capacity change from 0 to 2048 [ 103.662018][ T6668] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.716335][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.801503][ T6676] netlink: 'syz.3.951': attribute type 10 has an invalid length. [ 103.841549][ T6676] team0: Port device dummy0 removed [ 103.848033][ T6676] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 103.916183][ T6678] loop3: detected capacity change from 0 to 512 [ 103.948850][ T6678] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.423371][ T6682] loop1: detected capacity change from 0 to 512 [ 104.457698][ T6682] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 104.467727][ T6682] System zones: 1-12 [ 104.478660][ T6682] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.956: Directory hole found for htree index block 0 [ 104.512571][ T6682] EXT4-fs (loop1): Remounting filesystem read-only [ 104.534231][ T6682] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 104.543191][ T6692] netlink: 20 bytes leftover after parsing attributes in process `syz.0.957'. [ 104.563414][ T6682] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 104.575163][ T6689] netlink: 108 bytes leftover after parsing attributes in process `syz.4.954'. [ 104.584224][ T6689] netlink: 108 bytes leftover after parsing attributes in process `syz.4.954'. [ 104.593261][ T6689] netlink: 108 bytes leftover after parsing attributes in process `syz.4.954'. [ 104.613788][ T6682] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.642083][ T6694] netlink: 'syz.2.958': attribute type 10 has an invalid length. [ 104.662530][ T6694] bond0: (slave dummy0): Releasing backup interface [ 104.670043][ T6682] ext4: Unknown parameter 'ÿÿÿÿ' [ 104.695568][ T6694] team0: Port device dummy0 added [ 104.702972][ T6697] netlink: 44 bytes leftover after parsing attributes in process `syz.0.959'. [ 104.744116][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.855852][ T6707] loop2: detected capacity change from 0 to 2048 [ 104.859472][ T6709] loop1: detected capacity change from 0 to 512 [ 104.868910][ T6709] journal_path: Non-blockdev passed as './file1' [ 104.875308][ T6709] EXT4-fs: error: could not find journal device path [ 104.891418][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.929838][ T6707] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.973786][ T6715] loop3: detected capacity change from 0 to 2048 [ 105.032375][ T6715] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.134909][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.332711][ T6726] netlink: 'syz.4.967': attribute type 10 has an invalid length. [ 105.352272][ T6726] bond0: (slave dummy0): Releasing backup interface [ 105.359260][ T6724] loop2: detected capacity change from 0 to 1024 [ 105.370946][ T6724] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 105.532841][ T6724] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.558631][ T6726] dummy0: entered promiscuous mode [ 105.580703][ T6726] team0: Port device dummy0 added [ 105.624379][ T6723] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #11: comm syz.2.966: missing EA_INODE flag [ 105.664294][ T6723] EXT4-fs (loop2): Remounting filesystem read-only [ 105.670918][ T6723] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 105.732733][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.853695][ T6755] loop4: detected capacity change from 0 to 512 [ 105.863469][ T6750] netlink: 'syz.2.975': attribute type 4 has an invalid length. [ 105.871181][ T6750] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.975'. [ 105.895686][ T6755] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 105.967593][ T6758] loop1: detected capacity change from 0 to 512 [ 106.020936][ T6755] System zones: 1-12 [ 106.025810][ T6755] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.976: Directory hole found for htree index block 0 [ 106.049426][ T6755] EXT4-fs (loop4): Remounting filesystem read-only [ 106.058051][ T6755] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 106.111405][ T6755] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 106.123255][ T6758] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 106.147195][ T6758] System zones: 1-12 [ 106.157398][ T6758] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.972: Directory hole found for htree index block 0 [ 106.195632][ T6755] EXT4-fs (loop4): can't enable nombcache during remount [ 106.212787][ T6758] EXT4-fs (loop1): Remounting filesystem read-only [ 106.221692][ T6758] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 106.238790][ T6758] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 106.382093][ T6758] ext4: Unknown parameter '€' [ 106.429558][ T6767] loop4: detected capacity change from 0 to 2048 [ 106.565598][ T6778] netlink: 'syz.0.981': attribute type 10 has an invalid length. [ 106.833086][ T6789] netlink: 'syz.0.987': attribute type 29 has an invalid length. [ 106.887069][ T6789] hub 6-0:1.0: USB hub found [ 106.887119][ T6801] loop2: detected capacity change from 0 to 512 [ 106.934004][ T6801] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 106.942531][ T6789] hub 6-0:1.0: 8 ports detected [ 106.962121][ T6801] System zones: 1-12 [ 106.966600][ T6801] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.990: Directory hole found for htree index block 0 [ 107.013962][ T6801] EXT4-fs (loop2): Remounting filesystem read-only [ 107.044791][ T6801] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 107.072638][ T6801] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 107.112471][ T6801] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 107.130754][ T6805] netlink: 108 bytes leftover after parsing attributes in process `syz.0.991'. [ 107.139734][ T6805] netlink: 108 bytes leftover after parsing attributes in process `syz.0.991'. [ 107.148716][ T6805] netlink: 108 bytes leftover after parsing attributes in process `syz.0.991'. [ 107.231869][ T6811] loop3: detected capacity change from 0 to 512 [ 107.302671][ T29] kauditd_printk_skb: 32 callbacks suppressed [ 107.302686][ T29] audit: type=1326 audit(1754401894.271:2383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.1.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 107.340244][ T29] audit: type=1326 audit(1754401894.271:2384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.1.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 107.363753][ T29] audit: type=1326 audit(1754401894.271:2385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.1.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 107.387198][ T29] audit: type=1326 audit(1754401894.311:2386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.1.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 107.410707][ T29] audit: type=1326 audit(1754401894.331:2387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.1.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 107.434097][ T29] audit: type=1326 audit(1754401894.331:2388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.1.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 107.457417][ T29] audit: type=1326 audit(1754401894.331:2389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.1.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 107.480866][ T29] audit: type=1326 audit(1754401894.331:2390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.1.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 107.504188][ T29] audit: type=1326 audit(1754401894.331:2391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.1.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fbc2a4aeb69 code=0x7ffc0000 [ 107.528995][ T6811] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 107.590757][ T6811] System zones: 1-12 [ 107.615413][ T6811] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.992: Directory hole found for htree index block 0 [ 107.685486][ T6828] loop4: detected capacity change from 0 to 512 [ 107.702858][ T6828] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 107.719750][ T6828] System zones: 1-12 [ 107.732988][ T6811] EXT4-fs (loop3): Remounting filesystem read-only [ 107.740658][ T6828] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.996: Directory hole found for htree index block 0 [ 107.760308][ T6828] EXT4-fs (loop4): Remounting filesystem read-only [ 107.821117][ T6811] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 107.855713][ T6811] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 107.894289][ T6828] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 107.907182][ T6828] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 107.916780][ T6828] ext4: Unknown parameter '€' [ 107.946019][ T6833] netlink: 'syz.0.998': attribute type 10 has an invalid length. [ 107.955591][ T6833] team0: Port device dummy0 removed [ 107.963925][ T6833] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 108.124458][ T29] audit: type=1400 audit(1754401895.091:2392): avc: denied { create } for pid=6840 comm="syz.0.1002" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 108.161692][ T6811] EXT4-fs (loop3): can't enable nombcache during remount [ 108.437826][ T6852] loop3: detected capacity change from 0 to 2048 [ 108.447297][ T6854] usb usb9: usbfs: process 6854 (syz.1.1006) did not claim interface 1 before use [ 108.461095][ T6854] vlan3: entered allmulticast mode [ 108.484468][ T6858] netlink: 'syz.2.1009': attribute type 10 has an invalid length. [ 108.564196][ T6867] loop2: detected capacity change from 0 to 764 [ 108.597155][ T6865] loop1: detected capacity change from 0 to 512 [ 108.605850][ T6873] loop4: detected capacity change from 0 to 2048 [ 108.630464][ T6867] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 108.680161][ T6865] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 108.692400][ T6865] System zones: 1-12 [ 108.696958][ T6865] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.1011: Directory hole found for htree index block 0 [ 108.740185][ T6885] loop2: detected capacity change from 0 to 512 [ 108.749297][ T6865] EXT4-fs (loop1): Remounting filesystem read-only [ 108.764115][ T6885] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.1017: casefold flag without casefold feature [ 108.822560][ T6885] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1017: couldn't read orphan inode 15 (err -117) [ 108.835874][ T6865] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 108.845633][ T6865] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 108.904416][ T6865] ext4: Unknown parameter 'ÿÿÿÿ' [ 109.048156][ T6889] loop1: detected capacity change from 0 to 512 [ 109.095580][ T6889] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 109.140182][ T6889] System zones: 1-12 [ 109.144462][ T6889] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.1018: Directory hole found for htree index block 0 [ 109.158095][ T6889] EXT4-fs (loop1): Remounting filesystem read-only [ 109.170246][ T6889] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 109.178610][ T6889] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 109.198354][ T6889] ext4: Unknown parameter '€' [ 109.346777][ T6905] loop1: detected capacity change from 0 to 764 [ 109.384116][ T6905] rock: directory entry would overflow storage [ 109.390314][ T6905] rock: sig=0x5245, size=8, remaining=5 [ 109.422974][ T6910] loop3: detected capacity change from 0 to 512 [ 109.472304][ T6910] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 109.480346][ T6910] System zones: 1-12 [ 109.484574][ T6910] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.1025: Directory hole found for htree index block 0 [ 109.502208][ T6910] EXT4-fs (loop3): Remounting filesystem read-only [ 109.544565][ T6918] loop4: detected capacity change from 0 to 512 [ 109.554301][ T6910] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 109.597297][ T6918] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.1026: bad orphan inode 15 [ 109.626243][ T6910] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 109.641599][ T6918] ext4_test_bit(bit=14, block=5) = 0 [ 109.654006][ T6910] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 109.808130][ T6930] loop3: detected capacity change from 0 to 512 [ 109.814765][ T6930] journal_path: Non-blockdev passed as './file1' [ 109.821123][ T6930] EXT4-fs: error: could not find journal device path [ 109.846591][ T6931] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1030'. [ 109.855867][ T6931] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1030'. [ 109.864932][ T6931] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1030'. [ 109.960150][ T6945] 9pnet_fd: Insufficient options for proto=fd [ 110.137218][ T6957] loop3: detected capacity change from 0 to 512 [ 110.144850][ T6957] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 110.157767][ T6957] System zones: 1-12 [ 110.181237][ T6957] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.1042: Directory hole found for htree index block 0 [ 110.242837][ T6957] EXT4-fs (loop3): Remounting filesystem read-only [ 110.254125][ T6957] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 110.279864][ T6957] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 110.317336][ T6957] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 110.405133][ T6966] loop3: detected capacity change from 0 to 512 [ 110.422637][ T6966] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 110.481079][ T6966] System zones: 1-12 [ 110.504422][ T6966] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.1047: Directory hole found for htree index block 0 [ 110.561281][ T6966] EXT4-fs (loop3): Remounting filesystem read-only [ 110.571222][ T6966] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 110.621732][ T6966] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 110.647347][ T6966] ext4: Unknown parameter '€' [ 110.668670][ T6987] FAULT_INJECTION: forcing a failure. [ 110.668670][ T6987] name failslab, interval 1, probability 0, space 0, times 0 [ 110.681345][ T6987] CPU: 0 UID: 0 PID: 6987 Comm: syz.4.1052 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(voluntary) [ 110.681548][ T6987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 110.681561][ T6987] Call Trace: [ 110.681568][ T6987] [ 110.681575][ T6987] __dump_stack+0x1d/0x30 [ 110.681643][ T6987] dump_stack_lvl+0xe8/0x140 [ 110.681729][ T6987] dump_stack+0x15/0x1b [ 110.681742][ T6987] should_fail_ex+0x265/0x280 [ 110.681767][ T6987] should_failslab+0x8c/0xb0 [ 110.681791][ T6987] kmem_cache_alloc_node_noprof+0x57/0x320 [ 110.681819][ T6987] ? __alloc_skb+0x101/0x320 [ 110.681846][ T6987] __alloc_skb+0x101/0x320 [ 110.681876][ T6987] netlink_alloc_large_skb+0xba/0xf0 [ 110.681926][ T6987] netlink_sendmsg+0x3cf/0x6b0 [ 110.681957][ T6987] ? __pfx_netlink_sendmsg+0x10/0x10 [ 110.681998][ T6987] __sock_sendmsg+0x145/0x180 [ 110.682016][ T6987] ____sys_sendmsg+0x31e/0x4e0 [ 110.682043][ T6987] ___sys_sendmsg+0x17b/0x1d0 [ 110.682116][ T6987] __x64_sys_sendmsg+0xd4/0x160 [ 110.682149][ T6987] x64_sys_call+0x191e/0x2ff0 [ 110.682166][ T6987] do_syscall_64+0xd2/0x200 [ 110.682231][ T6987] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 110.682253][ T6987] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 110.682289][ T6987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.682307][ T6987] RIP: 0033:0x7f0d92cbeb69 [ 110.682344][ T6987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.682358][ T6987] RSP: 002b:00007f0d9131f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 110.682374][ T6987] RAX: ffffffffffffffda RBX: 00007f0d92ee5fa0 RCX: 00007f0d92cbeb69 [ 110.682463][ T6987] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003 [ 110.682476][ T6987] RBP: 00007f0d9131f090 R08: 0000000000000000 R09: 0000000000000000 [ 110.682491][ T6987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 110.682504][ T6987] R13: 0000000000000000 R14: 00007f0d92ee5fa0 R15: 00007ffc1f02b318 [ 110.682521][ T6987] [ 110.958250][ T6989] 9pnet_fd: Insufficient options for proto=fd [ 111.035942][ T6997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1056'. [ 111.070785][ T6997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1056'. [ 111.301706][ T7008] loop3: detected capacity change from 0 to 512 [ 111.328628][ T7008] journal_path: Non-blockdev passed as './file1' [ 111.335072][ T7008] EXT4-fs: error: could not find journal device path [ 111.401870][ T7010] netlink: 'syz.1.1060': attribute type 10 has an invalid length. [ 111.411909][ T7010] bond0: (slave dummy0): Releasing backup interface [ 111.424386][ T7010] team0: Port device dummy0 added [ 111.515337][ T7015] loop1: detected capacity change from 0 to 512 [ 111.880402][ T7018] netlink: 'syz.2.1064': attribute type 10 has an invalid length. [ 111.890401][ T7018] team0: Port device dummy0 removed [ 111.897680][ T7018] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 111.947494][ T7022] loop2: detected capacity change from 0 to 512 [ 111.977283][ T7022] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 111.990292][ T7022] System zones: 1-12 [ 111.998241][ T7022] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.1066: Directory hole found for htree index block 0 [ 112.018042][ T7029] loop1: detected capacity change from 0 to 512 [ 112.021654][ T7022] EXT4-fs (loop2): Remounting filesystem read-only [ 112.036492][ T7022] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 112.044904][ T7022] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 112.081637][ T7022] EXT4-fs (loop2): can't enable nombcache during remount [ 112.099895][ T7029] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 112.136162][ T7029] System zones: 1-12 [ 112.151157][ T7029] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.1068: Directory hole found for htree index block 0 [ 112.240184][ T7029] EXT4-fs (loop1): Remounting filesystem read-only [ 112.246861][ T7029] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 112.255364][ T7029] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 112.264833][ T7029] ext4: Unknown parameter 'ÿÿÿÿ' [ 112.321248][ T29] kauditd_printk_skb: 5537 callbacks suppressed [ 112.321264][ T29] audit: type=1326 audit(1754401899.291:7930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6956 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x50000 [ 112.350723][ T29] audit: type=1326 audit(1754401899.291:7931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6956 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x50000 [ 112.440442][ T7052] netlink: 'syz.1.1077': attribute type 10 has an invalid length. [ 112.455578][ T7052] team0: Port device dummy0 removed [ 112.456946][ T7055] audit: audit_backlog=65 > audit_backlog_limit=64 [ 112.467363][ T7055] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 112.475056][ T7055] audit: backlog limit exceeded [ 112.478452][ T7052] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 112.500351][ T29] audit: type=1326 audit(1754401899.291:7932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6956 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x50000 [ 112.523658][ T29] audit: type=1326 audit(1754401899.291:7933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6956 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x50000 [ 112.546809][ T29] audit: type=1326 audit(1754401899.291:7934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6956 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x50000 [ 112.570063][ T29] audit: type=1326 audit(1754401899.291:7935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6956 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x50000 [ 112.593316][ T29] audit: type=1326 audit(1754401899.291:7936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6956 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2b9eb69 code=0x50000 [ 112.594215][ T7061] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1078'. [ 112.730173][ T7065] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1082'. [ 112.733777][ T7066] 9pnet_fd: Insufficient options for proto=fd [ 112.843291][ T7068] loop1: detected capacity change from 0 to 512 [ 112.886772][ T7072] loop2: detected capacity change from 0 to 512 [ 112.915211][ T7072] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 112.944153][ T7072] System zones: 1-12 [ 112.949058][ T7068] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 112.957240][ T7072] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.1084: Directory hole found for htree index block 0 [ 112.995292][ T7068] System zones: 1-12 [ 112.999344][ T7068] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.1083: Directory hole found for htree index block 0 [ 113.012995][ T7072] EXT4-fs (loop2): Remounting filesystem read-only [ 113.035312][ T7072] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 113.052826][ T7068] EXT4-fs (loop1): Remounting filesystem read-only [ 113.062721][ T7072] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 113.075277][ T7068] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 113.091812][ T7068] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 113.103700][ T7072] EXT4-fs (loop2): can't enable nombcache during remount [ 113.123585][ T7068] ext4: Unknown parameter '€' [ 113.200612][ T7088] FAULT_INJECTION: forcing a failure. [ 113.200612][ T7088] name failslab, interval 1, probability 0, space 0, times 0 [ 113.213280][ T7088] CPU: 1 UID: 0 PID: 7088 Comm: syz.1.1088 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(voluntary) [ 113.213356][ T7088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 113.213366][ T7088] Call Trace: [ 113.213414][ T7088] [ 113.213420][ T7088] __dump_stack+0x1d/0x30 [ 113.213437][ T7088] dump_stack_lvl+0xe8/0x140 [ 113.213452][ T7088] dump_stack+0x15/0x1b [ 113.213464][ T7088] should_fail_ex+0x265/0x280 [ 113.213487][ T7088] should_failslab+0x8c/0xb0 [ 113.213555][ T7088] kmem_cache_alloc_noprof+0x50/0x310 [ 113.213575][ T7088] ? __send_signal_locked+0x154/0x760 [ 113.213597][ T7088] __send_signal_locked+0x154/0x760 [ 113.213646][ T7088] send_signal_locked+0x34e/0x3c0 [ 113.213666][ T7088] ? __ptrace_may_access+0x2c3/0x340 [ 113.213682][ T7088] ptrace_attach+0x3c3/0x590 [ 113.213745][ T7088] __se_sys_ptrace+0x146/0x2c0 [ 113.213830][ T7088] __x64_sys_ptrace+0x55/0x70 [ 113.213847][ T7088] x64_sys_call+0x286c/0x2ff0 [ 113.213862][ T7088] do_syscall_64+0xd2/0x200 [ 113.213880][ T7088] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 113.213897][ T7088] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 113.213923][ T7088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.214001][ T7088] RIP: 0033:0x7fbc2a4aeb69 [ 113.214013][ T7088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.214027][ T7088] RSP: 002b:00007fbc28b17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 113.214042][ T7088] RAX: ffffffffffffffda RBX: 00007fbc2a6d5fa0 RCX: 00007fbc2a4aeb69 [ 113.214051][ T7088] RDX: 0000000000000000 RSI: 0000000000000220 RDI: 0000000000000010 [ 113.214066][ T7088] RBP: 00007fbc28b17090 R08: 0000000000000000 R09: 0000000000000000 [ 113.214075][ T7088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 113.214084][ T7088] R13: 0000000000000000 R14: 00007fbc2a6d5fa0 R15: 00007ffd2c86bb08 [ 113.214098][ T7088] [ 113.457191][ T7093] loop3: detected capacity change from 0 to 2048 [ 113.466665][ T7095] netlink: 'syz.0.1092': attribute type 10 has an invalid length. [ 113.483910][ T7097] loop2: detected capacity change from 0 to 512 [ 113.490746][ T7097] journal_path: Non-blockdev passed as './file1' [ 113.497201][ T7097] EXT4-fs: error: could not find journal device path [ 113.654665][ T7104] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1094'. [ 113.783864][ T7113] FAULT_INJECTION: forcing a failure. [ 113.783864][ T7113] name failslab, interval 1, probability 0, space 0, times 0 [ 113.796620][ T7113] CPU: 0 UID: 0 PID: 7113 Comm: syz.2.1098 Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(voluntary) [ 113.796644][ T7113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 113.796654][ T7113] Call Trace: [ 113.796660][ T7113] [ 113.796666][ T7113] __dump_stack+0x1d/0x30 [ 113.796687][ T7113] dump_stack_lvl+0xe8/0x140 [ 113.796743][ T7113] dump_stack+0x15/0x1b [ 113.796756][ T7113] should_fail_ex+0x265/0x280 [ 113.796783][ T7113] should_failslab+0x8c/0xb0 [ 113.796806][ T7113] kmem_cache_alloc_noprof+0x50/0x310 [ 113.796831][ T7113] ? getname_flags+0x80/0x3b0 [ 113.796888][ T7113] ? kstrtouint+0x76/0xc0 [ 113.796913][ T7113] getname_flags+0x80/0x3b0 [ 113.796969][ T7113] user_path_at+0x28/0x130 [ 113.796992][ T7113] user_statfs+0x4d/0x110 [ 113.797113][ T7113] __x64_sys_statfs+0x65/0xf0 [ 113.797137][ T7113] ? fput+0x8f/0xc0 [ 113.797159][ T7113] ? ksys_write+0x192/0x1a0 [ 113.797222][ T7113] x64_sys_call+0x2a03/0x2ff0 [ 113.797238][ T7113] do_syscall_64+0xd2/0x200 [ 113.797256][ T7113] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 113.797352][ T7113] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 113.797371][ T7113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.797454][ T7113] RIP: 0033:0x7fb72b08eb69 [ 113.797466][ T7113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.797480][ T7113] RSP: 002b:00007fb7296f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000089 [ 113.797550][ T7113] RAX: ffffffffffffffda RBX: 00007fb72b2b5fa0 RCX: 00007fb72b08eb69 [ 113.797560][ T7113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000580 [ 113.797570][ T7113] RBP: 00007fb7296f7090 R08: 0000000000000000 R09: 0000000000000000 [ 113.797580][ T7113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 113.797592][ T7113] R13: 0000000000000001 R14: 00007fb72b2b5fa0 R15: 00007ffd95057028 [ 113.797614][ T7113] [ 114.069970][ T7124] 9pnet_fd: Insufficient options for proto=fd [ 114.082865][ T7115] loop3: detected capacity change from 0 to 512 [ 114.118856][ T7115] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 114.157059][ T7115] System zones: 1-12 [ 114.157762][ T7130] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1102'. [ 114.161284][ T7115] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.1099: Directory hole found for htree index block 0 [ 114.182925][ T7115] EXT4-fs (loop3): Remounting filesystem read-only [ 114.200261][ T7115] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 114.222311][ T7115] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 114.245684][ T7115] EXT4-fs (loop3): can't enable nombcache during remount [ 114.305236][ T7137] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1106'. [ 114.344090][ T7139] loop3: detected capacity change from 0 to 512 [ 114.364594][ T7139] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 114.389013][ T7139] System zones: 1-12 [ 114.399132][ T7139] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.1105: Directory hole found for htree index block 0 [ 114.411917][ T7139] EXT4-fs (loop3): Remounting filesystem read-only [ 114.418473][ T7139] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 114.428172][ T7139] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 114.440432][ T7139] ext4: Unknown parameter '€' [ 114.498781][ T7156] loop3: detected capacity change from 0 to 512 [ 114.515560][ T7156] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 114.527404][ T7156] System zones: 1-12 [ 114.532045][ T7156] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.1111: Directory hole found for htree index block 0 [ 114.545720][ T7156] EXT4-fs (loop3): Remounting filesystem read-only [ 114.546480][ T7159] ALSA: seq fatal error: cannot create timer (-22) [ 114.553561][ T7156] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 114.568112][ T7156] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 114.581194][ T7161] netlink: 'syz.0.1113': attribute type 10 has an invalid length. [ 114.589055][ T7156] EXT4-fs (loop3): can't enable nombcache during remount [ 114.597015][ T7161] bond0: (slave dummy0): Releasing backup interface [ 114.606041][ T7161] team0: Port device dummy0 added [ 114.624193][ T7163] netlink: 'syz.0.1115': attribute type 10 has an invalid length. [ 114.634260][ T7163] team0: Port device dummy0 removed [ 114.641310][ T7163] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 114.660423][ T3304] ================================================================== [ 114.668512][ T3304] BUG: KCSAN: data-race in __lru_add_drain_all / folio_add_lru [ 114.676250][ T3304] [ 114.678566][ T3304] read-write to 0xffff888237d25ea8 of 1 bytes by task 7164 on cpu 1: [ 114.686604][ T3304] folio_add_lru+0xa5/0x1f0 [ 114.691095][ T3304] folio_add_lru_vma+0x49/0x70 [ 114.695870][ T3304] do_wp_page+0x1458/0x24e0 [ 114.700351][ T3304] handle_mm_fault+0x77d/0x2c20 [ 114.705185][ T3304] do_user_addr_fault+0x636/0x1090 [ 114.710297][ T3304] exc_page_fault+0x62/0xa0 [ 114.714790][ T3304] asm_exc_page_fault+0x26/0x30 [ 114.719620][ T3304] [ 114.721921][ T3304] read to 0xffff888237d25ea8 of 1 bytes by task 3304 on cpu 0: [ 114.729440][ T3304] __lru_add_drain_all+0x12b/0x3f0 [ 114.734532][ T3304] lru_add_drain_all+0x10/0x20 [ 114.739271][ T3304] invalidate_bdev+0x47/0x70 [ 114.743835][ T3304] ext4_put_super+0x624/0x7d0 [ 114.748512][ T3304] generic_shutdown_super+0xe3/0x210 [ 114.753799][ T3304] kill_block_super+0x2a/0x70 [ 114.758454][ T3304] ext4_kill_sb+0x42/0x80 [ 114.762766][ T3304] deactivate_locked_super+0x75/0x1c0 [ 114.768123][ T3304] deactivate_super+0x97/0xa0 [ 114.772778][ T3304] cleanup_mnt+0x269/0x2e0 [ 114.777172][ T3304] __cleanup_mnt+0x19/0x20 [ 114.781574][ T3304] task_work_run+0x131/0x1a0 [ 114.786151][ T3304] exit_to_user_mode_loop+0xe4/0x100 [ 114.791409][ T3304] do_syscall_64+0x1d6/0x200 [ 114.795979][ T3304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.801848][ T3304] [ 114.804145][ T3304] value changed: 0x13 -> 0x14 [ 114.808788][ T3304] [ 114.811084][ T3304] Reported by Kernel Concurrency Sanitizer on: [ 114.817208][ T3304] CPU: 0 UID: 0 PID: 3304 Comm: syz-executor Not tainted 6.16.0-syzkaller-11699-g7e161a991ea7 #0 PREEMPT(voluntary) [ 114.829422][ T3304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 114.839459][ T3304] ==================================================================