last executing test programs: 1m46.507425974s ago: executing program 1 (id=94): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x54}, 0x1, 0x0, 0x0, 0x40044}, 0x20008000) 1m46.391429003s ago: executing program 1 (id=98): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r0 = syz_io_uring_setup(0x24fd, &(0x7f0000000b80)={0x0, 0xfffffffd, 0x10100, 0xfffffffc, 0x3d2}, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x4008000) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SPLICE={0x1e, 0x21, 0x0, @fd=r3, 0xe5, {}, 0x1, 0x4, 0x1}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 1m46.358239196s ago: executing program 1 (id=100): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x91) sendmmsg(r2, &(0x7f0000000180), 0x3ef, 0x0) 1m46.341203538s ago: executing program 1 (id=101): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==") openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]}) pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000380)="e9", 0x1}], 0x1, 0x7fff, 0x0, 0x0) 1m46.069885389s ago: executing program 1 (id=104): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000040)={0x0, 'caif0\x00', {0x1}, 0x8000}) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40482, 0x0) ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000140)) pwritev(r2, &(0x7f0000000040)=[{&(0x7f0000000180)="80fd06000040", 0x27}], 0x2, 0x0, 0x4) 1m45.713881508s ago: executing program 1 (id=114): r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x5) fchdir(r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 1m45.712158818s ago: executing program 32 (id=114): r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x5) fchdir(r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 1m22.225140112s ago: executing program 0 (id=775): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f00000002c0)={0x28, 0x0, 0x2710, @local}, 0x10) 1m22.181030375s ago: executing program 0 (id=780): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0x8, [0x0, 0x0, 0x0, 0xc, 0x5, 0x0, 0x0, 0x2]}}) 1m22.143633289s ago: executing program 0 (id=782): r0 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = syz_io_uring_setup(0xbdc, &(0x7f0000000080)={0x0, 0xec21, 0x80, 0x1, 0x40000333}, &(0x7f0000000340)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}) io_uring_enter(r3, 0x847ba, 0x2000, 0xe, 0x0, 0x0) 1m21.968763392s ago: executing program 0 (id=786): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20c006, &(0x7f0000000480)={[{@nomblk_io_submit}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@nojournal_checksum}], [{@seclabel}]}, 0x1, 0x45f, &(0x7f0000000c80)="$eJzs3M9vVFUbAOD33pkC/eCTkSDKD7WKBqKxhYLIwg1GExeamOgCl7UtBBmooTURQhSNwaUhcW9cmvgXuNKNUVcmbnVvSIjpBtTNmNu5t52ZTkunnXZq53mSC+fce6bnvPfeM3PuOZ0G0LeGsn+SiF0R8VtE7K5nmwsM1f+7N3t9/K/Z6+NJ1Gpv/pnMlbs7e328KFq8bmeRKUeknyZxsE2901evXRyrViev5PmRmUvvjUxfvfbchUtj5yfPT14ePX365InjL5wafb4rcWZx3T3w4dSh/a++fev18bO33vnpm6SIvyWOiNjRhSqHljv4dK3WhSo2j/83pJNyDxtCR0r1bhoDc/1/d5Ri4eLtjlc+6WnjgHVVq9Vq+/L+38aNGrCFJdHrFgC9UXzQZ8+/xbaBw4+eu3Om/gCUxX0v3+pHypHmZQZanm+7aSgizt74+8tsi8XzEAAAXffdmYgjh/PxX9PCTxr7GnIP5GsolYh4MCL2RMSpiNgbEQ9FzJV9OCIe6bD+1kWSxeOf9HaHP7Ij2fjvxXxtq3n8V4z+olKK+KcYLldiIDl3oTp5LD8nR2Nge5Zfbnz4/cu/fr7UscbxX7Zl9Rdjwbwdt8vbm18zMTYztpaYG935OOJAuV38yfxKQHZb7I+IA6us48IzXx9a6tj942+2rTHThXWm2lcRR+rX/0a0xF9Ill+fHNkR1cljI8VdsdjPv9x8Y6n6O42/27Lrn7a9/+fjrySN67XTnddx8/fPlnymWe39vy15q2nfB2MzM1eOR2xLXqs3unH/aEu50YXyWfxHD7fv/3ti4UwcjIjsJn40Ih6LiMfztj8REU9GxOFl4v/xpafebd6TdBD/+srin+jo+i8kBvMCbQ41JUoXf/i2qdLKQnJl1//kXOpovmcl73/LNKcpsZZzBwAAAP8VaUTsiiQdnk+n6fBw/Xf498b/0urU9Myz56bevzxR/45AJQbSYqarPh9cnw89nj/WF/nRlvyJfN74i9LgXH54fKo60evgoc/tXKL/Z/4o9bp1wLpbxTqar3jBFqEzQ//S/6F/6f/Qv8qLU4O9aguwsdp9/n/Ug3YAG6+l/1v2gz7i+R/6l/4P/Uv/h740PRj3/5L8Zk3s2BzN2NKJYiFo0aFIe9ewYoZqE5yftSUGV/yHKjY80cM3JQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC76NwAA//8lJN+h") syz_clone3(&(0x7f0000000780)={0x1c3002480, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) lsm_get_self_attr(0x67, &(0x7f0000000180)={0x0, 0x0, 0xdb, 0xbb, ""/187}, &(0x7f0000000040)=0xdb, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0) utimensat(0xffffffffffffff9c, 0x0, 0x0, 0x0) 1m21.550521086s ago: executing program 0 (id=800): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e) recvmmsg(r0, &(0x7f0000000900)=[{{0x0, 0xfffffffffffffe1f, 0x0}, 0x1}], 0x3fffffffffffd3c, 0x40018003, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x1, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001940)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff3}, {}, {0x10, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x24048004}, 0x2008c010) syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), r0) 1m20.87723739s ago: executing program 0 (id=815): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r0, &(0x7f0000000980)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e000000000003000000000000004000000000000000980100000000000002000000000038000200000002000000000000600300000008000000000000000d00000000000000ed08000000000000f0ffffffffffffff0000000000000000080000000000000003000000cff5ffff800300000000000001000000000000000500000000000000ff"], 0x5b0) close(r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff18) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) 1m20.842289343s ago: executing program 33 (id=815): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r0, &(0x7f0000000980)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e000000000003000000000000004000000000000000980100000000000002000000000038000200000002000000000000600300000008000000000000000d00000000000000ed08000000000000f0ffffffffffffff0000000000000000080000000000000003000000cff5ffff800300000000000001000000000000000500000000000000ff"], 0x5b0) close(r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff18) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) 48.00313678s ago: executing program 6 (id=1893): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r2 = msgget(0x3, 0x106) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000700)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x82, 0xfff}, 0x0, 0x0, 0x3, 0x3, 0x9, 0x6347, 0x2, 0x87e5, 0x5, 0xffff}) 47.998517231s ago: executing program 6 (id=1894): r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000b, 0x12, r2, 0x0) mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) io_submit(0x0, 0x1, &(0x7f0000000180)=[0x0]) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x2000) 47.8866345s ago: executing program 6 (id=1889): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r1, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$netlink(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)={0x34, r4, 0x1, 0x70bd2a, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x8000) sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x4c, r4, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0x1a, 0xa8, @random="7bbf7bec864a21f4e5308f8989990ec47ae3beaf9092"}, @handle=@pci={{0x8}, {0x11}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000) 47.566768256s ago: executing program 6 (id=1906): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0xa) 47.537705738s ago: executing program 6 (id=1908): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r2}, &(0x7f0000000400), &(0x7f0000000440)=r3}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x52b, &(0x7f0000000f80)="$eJzs3c9rJFkdAPBvdbpjMpPZZNWDLriu7kJm0OlONu5u8LCOIHpaUNf7GJNOCOmkQ7qzOwmLm8E/QBBRwZNevAj+AYIsePG4CAt6VlQU0VkFPejUUt3VmZlMd6cz0/kxyecDlXqvXlV93+tQ1fW6HlUBXFjPRcSNiLibpum1iJjMlxfyKfbaU7be+3feWsymJNL09X8kkeTLOvtK8vnlfLOxiPj6VyK+lTwct7Gzu7ZQq1W38nylub5ZaezsXl9dX1iprlQ35uZmX55/Zf6l+ZmhtPNKRLz6pb/84Ls/+/Krv/rsm3+8+ber386qNZGX39+OIyr2K2w3vXTj4AZbjxjsLMraU+pkxrutMfLQktvHXCcAALrLrvE/HBGfjohrMRkj/S9nAQAAgCdQ+oWJ+F8SkXY32mM5AAAA8AQptMbAFqOcjwWYiEKhXG6P4f1oXCrU6o3mZ5br2xtL7bGyU1EqLK/WqjP5WOGpKCVZfraVvpd/8UB+LiKejojvT4638uXFem3ptH/8AAAAgAvicqvPnxQ6/f9/T7b7/wAAAMA5M3WEdf9zjPUAAAAAjs9R+v8AAADAk0n/HwAAAM61r772WjalnfdfL72xs71Wf+P6UrWxVl7fXiwv1rc2yyv1+krrmX3rh+2vVq9vfi42tm9VmtVGs9LY2b25Xt/eaN5cbb0OHAAAADgFT3/ynd8nEbH3+fHWlBkdbNMBVwPOquJ+KsnnXQ7rPzzVnv/5hCoFnIiRvqWlE6sHcPKKp10B4NT4hgeSQ8p7Dt55N59/arj1AQAAhm/6473v/xf6brnXvxg48xzEcHH1v/8PnGet+/+DjuR1sQDnSskVAFx4g9//P3AR8O6gEdL0yJUCAACGaqI1JYVyfmU/EYVCuRxxpfVagFKyvFqrzkTEUxHxu8nSh7L8bGvL5NA+AwAAAAAAAAAAAAAAAAAAAAAAAADQlqZJpAAAAMC5FlH4a/Lr9rP8pydfmDj4+8Bo8t/JyF8R+uaPX//hrYVmc2s2W/7P/eXNH+XLXzyNXzAAAADgQjjSC/w7/fROPx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhun9O28tdqaTjPv3L0bE1IH4SVZSjLGI0YixKEXEpX8lUbxvu0JEjAwh/nj252Pd2p9k1doPeTB+0tn2Me3d7hs/prJPoUf8y0OIDxfZO9n550a3468Qz7Xm3Y+/YsQD+UfV9fyXG8v/jvQ4/q8MGOOZ935R6Rn/dsQzxe7nn078pEf85weM/81v7O72Kkt/EjHd9fsneSBWpbm+WWns7F5fXV9Yqa5UN+bmZl+ef2X+pfmZyvJqrZr/7Rrje5/45d1+7b/UI/7UIe1/YcD2//+9W3c+0k6WusW/+nyX+L/5ab7Gw/Hz77707TydlU930nvt9P2e/flvn+3X/qUe7T/s/391wPZf+9p3/jTgqgDACWjs7K4t1GrVrWEnCse25yMmsl76GajGWftYJKpbjbeHusM0TdPsmHqM/SRxFj6WVuK0z0wAAMCw3bvoP+2aAAAAAAAAAAAAAAAAAAAAwMV1Eo8TOxhzbz+VDOMR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ/FBAAAA///ROdsN") 47.537370208s ago: executing program 2 (id=1911): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) rt_tgsigqueueinfo(0x0, 0x0, 0x10, &(0x7f0000000780)={0x3f, 0x6008, 0x8}) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20042, 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) fallocate(r1, 0x0, 0x0, 0x8000c62) 44.179820129s ago: executing program 6 (id=1939): r0 = socket$key(0xf, 0x3, 0x2) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) r4 = openat$cgroup_ro(r1, &(0x7f0000000380)='memory.stat\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x400000013) 44.16488834s ago: executing program 2 (id=1941): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0xdc}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x4, 0xffffffffffffffff, 0x2) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb790700117df37538e486dd6317ce22000000000000000000000000000000007f"], 0xfdef) write$cgroup_subtree(r2, &(0x7f0000000000), 0xfdef) 44.138401672s ago: executing program 34 (id=1939): r0 = socket$key(0xf, 0x3, 0x2) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) r4 = openat$cgroup_ro(r1, &(0x7f0000000380)='memory.stat\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x400000013) 44.087791276s ago: executing program 2 (id=1947): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'macvtap0\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x34, r3, 0x31d, 0x0, 0x0, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}]}, 0x34}}, 0x0) 44.047949059s ago: executing program 2 (id=1949): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0) mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0) umount2(&(0x7f0000000280)='./file0/file0/file0\x00', 0xa) 44.011406243s ago: executing program 2 (id=1951): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) close(0x3) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\t\x00'], 0x48) perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_clone(0x660cb380, 0x0, 0x16, 0x0, 0x0, 0x0) 43.873911503s ago: executing program 2 (id=1954): socket$netlink(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) dup(r0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r1], 0x20}}, 0x0) 43.854620665s ago: executing program 35 (id=1954): socket$netlink(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) dup(r0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r1], 0x20}}, 0x0) 39.314127811s ago: executing program 5 (id=2072): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r3, 0x400, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r1}, 0x18) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) 39.240597337s ago: executing program 5 (id=2077): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0, 0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000340)}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, 0xffffffffffffffff}, &(0x7f0000000040)=0x18, &(0x7f0000000140)}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) r4 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) connect$vsock_stream(r4, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10) 39.2035634s ago: executing program 5 (id=2080): socket$packet(0x11, 0x3, 0x300) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0xf) r1 = socket$packet(0x11, 0xa, 0x300) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth1_to_bridge\x00', 0x0}) setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r2, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14) 39.169783822s ago: executing program 5 (id=2082): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2145c99, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvWlmOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4n8ggoJPPvki+AcIyzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTaTrN5wOnOefem/s954ac3B+n9wYwsV6IiDciohARL0dEKZ+e5in2e6mz3L277yx3UhJZ9tZfk0jyaf11FSKmpyLiav626Yj42pcjvpkcjtva3dtYqtdr23m52m5sVVu7e9fXG0trtbXa5sLC/GuLry++ujiX5R6pneV+5idf+vx7n/7W7278+dq3O9X63EeiGAPtOE29phe726Kvs422H0ewMSjk7SmOuyIAAJxIZx//gxHxie7+fykK3b25AYVx1AwAAAA4LdkXZuLfSUQGAAAAXFhpRMxEklbysQAzkaaX8nMDH44rab3Zan9qtbmzudKZF1GOYrq6Xq/N5WOFy1FMOuX5fIxtv/zKQHkhIp6JiO+XLnfLleVmfWXM5z4AAABgUlwdOP7/Rynt5o835P8EAAAAgPOrPLIAAAAAXBQO+QEAAODiGzz+f+9gwZOdAAAA4En3lTff7KSs//zrlbd3dzaab19fqbU2Ko2d5cpyc3urstZsrnXv2dc4bn31ZnPrM7G5c7ParrXa1dbu3o1Gc2ezfWP9oUdgAwAAAGfomY/f+nUSEfufvdxNkd8HEOAhfxh3BYDTVBh3BYCxcRdvmFxG9wPJMfMN3gEAgCff7EcPX//vP//fuQG42Iz1AYDJ4/o/TK6iEYAw0dKI+EAv+9SoZUZe///lSaNkWcTt0sEpzi8CAMDZmummJK3kxwEzkaaVSsTTEWk5isnqer02lx8f/KpUfKpTnu++Mzl2zDAAAAAAAAAAAAAAAAAAAAAAAAAA0JNlSWQAAADAhRaR/inp3s0/Yrb00szg+YFLyT9L8ce88KO3fnBzqd3enu9M/1v3WV6XIqL9w3z6KyMfHwYAAACctmR/5KzecXr+On+mtQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgAty7+85yP51l3L98MSLKw+JPxXT3dTqKEXHl70lMHXhfEhGFU4i//25EPDssfhL3sywr57UYjJ9GxOXHHL/c3TSj4189hfgwyW51+p83hn3/0nih+zr8+zeVp0c1uv9L88jPdvu5Yf3f04fW1hga47k7P6uOjP9uxHNTw/uffv+bjIj/4qG1/SvLssMxvvH1vb1R8bMfR8wO/f1JHopVbTe2qq3dvevrjaW12lptc2Fh/rXF1xdfXZyrrq7Xa/nfoTG+97Gf3z+q/VeGxP/tb3r971Htf2nUSgf8587Nux/qZYvD4l97cejv73SMiJ/mv32fzPOd+bP9/H4vf9DzP739/FHtXxmx/Y/7/K+dsP0vf/W7vz/hogDAGWjt7m0s1eu17SMy0ydY5knM/GL6XFTj/8xk3+l9cuelPu8309lbfTCl36pzULEDmezMYhXinDT5f5mxdksAAMBj8GCnf9w1AQAAAAAAAAAAAAAAAAAAgMl1FrcTG4y5P56mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAc6b8BAAD//9Kd4Bw=") mount$bind(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x31a1802, 0x0) 38.694789251s ago: executing program 5 (id=2093): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x23) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a2d0000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073f97a310000000008000440080000000900010073797a3000000000080003400000000114000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0) sendmsg$NFT_MSG_GETOBJ(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f5"], 0x34}}, 0x0) 38.449235701s ago: executing program 5 (id=2101): mkdir(&(0x7f0000000280)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r1}, 0x10) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000001700)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}}) 38.408606484s ago: executing program 36 (id=2101): mkdir(&(0x7f0000000280)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r1}, 0x10) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000001700)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}}) 2.931122144s ago: executing program 8 (id=3044): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) ioprio_set$uid(0x3, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x0, 0x0}, 0x10) write(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x800714, &(0x7f0000000180)={[{@dioread_nolock}, {@jqfmt_vfsv0}]}, 0xff, 0x4a9, &(0x7f0000000580)="$eJzs3M9rXNUeAPDvnUnS301eX1/fa1+r0SoWfyRNWrULFyoKLhQEXdRlTNJaO22kiWBLsFGkLqXgXlwK/gXu3Ii6EMGtgkspFA1CUxcSub+aZDKZ5menzXw+MJlz5p6Zc773njNz5p7cCaBt9aZ/koidEfFzRHTn2YUFevO7menJ4ZvTk8NJzM6+9nuSlbsxPTlcFi2ft6PIHKlEVD5K4tlkcb3jFy+dHarVRi8U+f6Jc+/0j1+89MSZc0OnR0+Pnh88ceL4sYGnnxp8cl3iTOO6ceD9sYP7X3rj6ivDJ6+++d2XabP2Hcq3z4/jtm42CKiB3nSv/TGbqd/28Arafi/YNS+ddLSwIaxINSLSw9WZjf/uqMbcweuOFz9saeOADZV+Nm1ZevPULLCJJdHqFgCtUX7Qp99/y9sdmnrcFa4/F9EV+fmKmenJ4Zlb8XdEpSjTuYH190bEyam/PktvsdLzEAAAq5DNbR5vNP+rxL7sPl/r2F2sofRExL8iYk9E/Dsi9kbEfyKysv+NiP/lT57tXmb9vXX5xfOfyrWGbV4n6fzvmZib+83Mi7+466kWuV1Z/J3JqTO10aPFPjkSnVvS/ECTOr5+4adPlto2f/6X3tL6y7lg0YBrHXUn6EaGJobWaydc/yDiQEej+JNbKwFpD9gfEQdi8TpWE7vLxJlHvzi4VKHbx9/EOqwzzX4e8Uh+/KeiLv5S0nx9sn9r1EaP9pe9YrHvf7zy6oIHqnPJNcW/DtLjv31h/68r0f1nkq/XdkatNnphfOV1XPnl4yW/06yk/5ddPu3/Xcnr2Zr1D2/lB+q9oYmJCwMRXcnLWZmuomz2+ODcq5X5snwa/5HDjcf/nuI5aQX/j4i0Ex+KiPsi4v6i7Q9ExIMRcbhJ/N8+/9DbTeJPIomWHv+Rhu9/t/p/TzJ/vX4VierZb75aasV8ecf/eExl77W57P3vNpbbwDXuPgAAALgnVCJiZySVvjzduzMqlb6+/H/498b2Sm1sfOKxU2Pvnh/JrxHoic5Keaare9750IFkqnjFPD9YnCsutx8rzht/Wt2W5fuGx2ojLY4d2t2OheM/yvGf+q3a6tYBG871WtC+6sd/pUXtAO685Xz++y4Am1OD8b+tFe0A7jzf/6F9NRr/l+vy5v+wOXUsSvza4CfrgM3I/B/al/EP7cv4h7a0luv6V58oLxZY/etsXfYV/psmcbl5mfIXLzayGdti7pGo3B27pWHi7+LnLe+W9qw5kY6YBY9EJLGhlc79hgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC97J8AAAD//wHu668=") r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) 2.681046024s ago: executing program 8 (id=3052): sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0) 1.757048559s ago: executing program 8 (id=3066): sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SET_NAME(0xf, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 1.217385142s ago: executing program 7 (id=3079): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8088e3ad132bc192, 0x4002011, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r2, 0x2007ffc) sendfile(r2, r2, 0x0, 0x800000009) 1.092886082s ago: executing program 7 (id=3083): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x1) ioctl$TIOCVHANGUP(r2, 0x5437, 0x2) 960.032333ms ago: executing program 7 (id=3086): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='rxrpc_local\x00', r3}, 0x18) r4 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 932.158255ms ago: executing program 7 (id=3087): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@grpjquota}, {@debug}, {@noload}, {@jqfmt_vfsv1}, {@noblock_validity}, {@grpquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@usrjquota}]}, 0xfe, 0x487, &(0x7f0000001240)="$eJzs3M9vFFUcAPDv7G5bftqK+AMEqaKR+KOl5YccvGA04aDGRA8YT7UtpFKooTURglo94NGQeDf+F8aTXoxy0cSr3g0JMcQE/HFYMzszsCy7bZeWLmU/n2TY92Yenfedmbfz5r3dDaBrDab/JBGbIuK3iOjPsjcXGMxerl05N/73lXPjSVSrb/6Z1MpdvXJuvCha/L+NWaZazfN9TfZ7/p2IsenpydN5fnju5PvDfWfOPj91cuz45PHJU6OHDu3ft7P34OiBZcX3UW/2msZ1dfvHMzu2HXn7wmvjRy+8+1NSiizuaIijldcPX1y0TL3B7Og29VQ7f2gN2FyXTir1W3b9fCPd7Eqgk8oRkZ6unlr7749yrL++rT9e+ayjlQPuqGq1Wl3gXXm+CtzDkuh0DYDOKG706fNvsaxS1+OucPlw9gCUxn0tX7ItlShliV09Dc+3K2kwIo7O//NVusQSxyEAAJbju7T/81yz/l8pHsoStRmU+/I5lIGIuD8itkTEAxGxNSIejKiVfTgiHmlz/40zJLf2f0qXbju4JUj7fy/mc1s39/9KRZGBcp7bXIu/Jzk2NT25t3ZMyrEnevqOTSWTIwvs4/uXf/2i1bb6/l+6pPsv+oJ5PS5VGgboJsbmxpYTc73Ln0ZsrzSLP4liGieJiG0Rsf029zH1TP2E0Kabti0e/wIqt1mhOtWvI57Ozv98NMSf2fJXFPOTs43zkyMvHBw9MLwupif3DhdXxa0u/nL+jVb7X1b8KyA9/xuaXv/XZ4EHknURs2fOnqjN1862v4/zv3/e8pmmzev/yOb8+u9N3qqtyKd348OxubnTIxG9yau3rh+98deKfFE+jX/P7ubtf0vcOBKPRsSOiNgZEY+lD4V53R+PiCciYvcC8f/40pPvtR//6syVpvFPLHb+o/78t58on/jh28XjXxcRrc7//lpqT75mKe9/S63gco4dAAAArBXZZ+CT0tD1dKk0NJR9hn9rbChNz8zOPXts5oNTE9nI3UD0lIqRrv668dCRfGy4yI825Pfl48ZfltfX8kPjM9MTnQ4eutzGFu0/9Ue507UD7rgVmEcD1ijtH7pX5b9O1wDohMT9H7qa9g/dq1n7/6Rl6aFv7mhlgFXl/g/dawntfz57ad0rANYm93/oXto/dKWW340vLesr/6ue+Df/PcO7pT73fiJKd0U17v1EZck/ZtFGotqftf90TV/TMp1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgZ/wcAAP//Lp/pnA==") r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010000100ab5a0000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4024}, 0x4000010) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000001240)=ANY=[@ANYBLOB="000086dd0000120000000000000060fc03000f982c00fe8000"], 0xfce) 860.357331ms ago: executing program 8 (id=3098): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x4}, 0x18) syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3) 682.979755ms ago: executing program 8 (id=3091): r0 = socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bridge0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r0, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14) 682.310605ms ago: executing program 3 (id=3102): pipe2(&(0x7f00000006c0)={0xffffffffffffffff}, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x807, 0x510, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) 681.373136ms ago: executing program 9 (id=3092): perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, 0x0}, 0x8) r3 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000002c0)=r2, 0x4) bpf$LINK_DETACH(0x22, &(0x7f0000000340)=r3, 0x4) 652.368938ms ago: executing program 9 (id=3093): r0 = socket$rds(0x15, 0x5, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0) 641.058738ms ago: executing program 8 (id=3094): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0) r2 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x1, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) close(r2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18) 615.031561ms ago: executing program 3 (id=3095): socket$netlink(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000500)=ANY=[@ANYRES32=r2], 0x53) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 614.410361ms ago: executing program 7 (id=3096): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r3, &(0x7f0000004200)='t', 0x1) sendfile(r3, r2, 0x0, 0x3ffff) 581.772873ms ago: executing program 4 (id=3097): sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x404c041}, 0x4048) r0 = socket(0x28, 0x5, 0x0) r1 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r1, 0x4) connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) sendmmsg(r0, &(0x7f0000000100)=[{{0x0, 0x2d, &(0x7f00000000c0)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x51, 0x0) r2 = accept4$unix(r1, 0x0, 0x0, 0x800) recvfrom$unix(r2, &(0x7f0000000140)=""/248, 0x1ffd4, 0x0, 0x0, 0x0) 517.835719ms ago: executing program 9 (id=3099): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x1) ioctl$TIOCVHANGUP(r2, 0x5437, 0x2) 457.672243ms ago: executing program 3 (id=3100): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000002200)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRESHEX, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x1, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000380)='(', 0x1}], 0x1, 0x5412, 0xfffffffc, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r2, &(0x7f0000004200)='t', 0x1) sendfile(r2, r1, 0x0, 0x3ffff) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) 457.476523ms ago: executing program 4 (id=3101): socketpair$unix(0x1, 0x2, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa"], 0x1c) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x10001}}}}}, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp\x00') pread64(r1, &(0x7f0000000180)=""/15, 0xfffffe9c, 0xb6) 452.657704ms ago: executing program 9 (id=3103): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4008840) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r1, 0x0, 0x8000000000000}, 0x18) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7fe, @empty, 0x1}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x1d}, 0x2}, r3, 0xb}}, 0x48) write$RDMA_USER_CM_CMD_DESTROY_ID(r2, &(0x7f0000000f80)={0x1, 0xe, 0xfa00, {&(0x7f0000000300), r3}}, 0x18) 411.758167ms ago: executing program 4 (id=3104): bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x8, 0x4, 0x7cb4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) creat(0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000840, 0x0, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x4a, &(0x7f0000001180)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "0010a6", 0x14, 0x4, 0x0, @empty, @mcast2, {[], "223427d5c9a46b9fa14172170a013589317d2af3"}}}}}, 0x0) 398.344358ms ago: executing program 9 (id=3105): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x4}, 0x18) syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3) 337.259043ms ago: executing program 3 (id=3106): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)={0x14, r1, 0x1, 0x0, 0x3}, 0x14}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) r2 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0xb0, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r3, {0x0, 0xf}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x80, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1], 0x0, [0x5, 0x6, 0x2, 0x0, 0x8, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x8001]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x24, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x5, 0x4, 0x4000000}]}, {0xf, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x2c2a1f44}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x7}]}]}]}}]}, 0xb0}}, 0x0) 337.108893ms ago: executing program 4 (id=3107): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@grpjquota}, {@debug}, {@noload}, {@jqfmt_vfsv1}, {@noblock_validity}, {@grpquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@usrjquota}]}, 0xfe, 0x487, &(0x7f0000001240)="$eJzs3M9vFFUcAPDv7G5bftqK+AMEqaKR+KOl5YccvGA04aDGRA8YT7UtpFKooTURglo94NGQeDf+F8aTXoxy0cSr3g0JMcQE/HFYMzszsCy7bZeWLmU/n2TY92Yenfedmbfz5r3dDaBrDab/JBGbIuK3iOjPsjcXGMxerl05N/73lXPjSVSrb/6Z1MpdvXJuvCha/L+NWaZazfN9TfZ7/p2IsenpydN5fnju5PvDfWfOPj91cuz45PHJU6OHDu3ft7P34OiBZcX3UW/2msZ1dfvHMzu2HXn7wmvjRy+8+1NSiizuaIijldcPX1y0TL3B7Og29VQ7f2gN2FyXTir1W3b9fCPd7Eqgk8oRkZ6unlr7749yrL++rT9e+ayjlQPuqGq1Wl3gXXm+CtzDkuh0DYDOKG706fNvsaxS1+OucPlw9gCUxn0tX7ItlShliV09Dc+3K2kwIo7O//NVusQSxyEAAJbju7T/81yz/l8pHsoStRmU+/I5lIGIuD8itkTEAxGxNSIejKiVfTgiHmlz/40zJLf2f0qXbju4JUj7fy/mc1s39/9KRZGBcp7bXIu/Jzk2NT25t3ZMyrEnevqOTSWTIwvs4/uXf/2i1bb6/l+6pPsv+oJ5PS5VGgboJsbmxpYTc73Ln0ZsrzSLP4liGieJiG0Rsf029zH1TP2E0Kabti0e/wIqt1mhOtWvI57Ozv98NMSf2fJXFPOTs43zkyMvHBw9MLwupif3DhdXxa0u/nL+jVb7X1b8KyA9/xuaXv/XZ4EHknURs2fOnqjN1862v4/zv3/e8pmmzev/yOb8+u9N3qqtyKd348OxubnTIxG9yau3rh+98deKfFE+jX/P7ubtf0vcOBKPRsSOiNgZEY+lD4V53R+PiCciYvcC8f/40pPvtR//6syVpvFPLHb+o/78t58on/jh28XjXxcRrc7//lpqT75mKe9/S63gco4dAAAArBXZZ+CT0tD1dKk0NJR9hn9rbChNz8zOPXts5oNTE9nI3UD0lIqRrv668dCRfGy4yI825Pfl48ZfltfX8kPjM9MTnQ4eutzGFu0/9Ue507UD7rgVmEcD1ijtH7pX5b9O1wDohMT9H7qa9g/dq1n7/6Rl6aFv7mhlgFXl/g/dawntfz57ad0rANYm93/oXto/dKWW340vLesr/6ue+Df/PcO7pT73fiJKd0U17v1EZck/ZtFGotqftf90TV/TMp1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgZ/wcAAP//Lp/pnA==") r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010000100ab5a0000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4024}, 0x4000010) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000001240)=ANY=[@ANYBLOB="000086dd0000120000000000000060fc03000f982c00fe8000"], 0xfce) 98.714042ms ago: executing program 4 (id=3108): perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, 0x0}, 0x8) r3 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000002c0)=r2, 0x4) bpf$LINK_DETACH(0x22, &(0x7f0000000340)=r3, 0x4) 98.145192ms ago: executing program 9 (id=3118): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='mm_page_free\x00', r0, 0x0, 0x4}, 0x18) kexec_load(0x0, 0x0, 0x0, 0x0) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) 97.474922ms ago: executing program 3 (id=3119): openat$selinux_commit_pending_bools(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) fcntl$notify(0xffffffffffffffff, 0x402, 0x80000005) ioctl$USBDEVFS_RELEASE_PORT(r0, 0x80045519, &(0x7f0000000040)=0xfffff001) syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Le1cYB/CTgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS9hZq7dIWU/rj81ku55znuc89fG/gfy0efmo2m7EQQjPx97u/P8tPFHunxqZnQoiF+RBC/puvfz2JRRW/v/UiWpeidTGRqR3cjr+eddz1PVRTR/Ho/DIewg8hhKWn4+S/vRtfvvPcdXJjc6WwtZZbfCysPw8vDOR7tvPLuyOH2fJsd3Yu+rEu462Zn6qNntw3Sy977YNt1VojcxPVpWOfM5//1p/z3++q1CuNyf7T1aF0Z/2qvBPl/iZ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgk53nrpMbmyuFrbXc4mNh/Xl4YSDfs51f3h05zJZnu7Nz8d/qLuOtmZ+qjZ7cN0sve+2DbdVaI3MT1aVjH1q/+/FzPokW+ja8z3+/q1KvNCb7T1eH0p31q/JOlPvbx/wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5SfqLYOzU2PRNCLMyHEMbjHce/7DcT7+suomcp2i8mMrWD2/HXs467vodq6mgqEcIfW5aejpNfteoS/GM/BwAA//8394ZP") bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) creat(0x0, 0x48) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, 0x0, 0x15) 96.159872ms ago: executing program 7 (id=3120): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=0x0, &(0x7f0000000580)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x1e, 0x0, 0x0, 0x3, &(0x7f0000000280)={0x0, 0x989680}}) io_uring_enter(r2, 0x6e2, 0x3900, 0x1, 0x0, 0xe00) 48.684056ms ago: executing program 4 (id=3109): r0 = socket$rds(0x15, 0x5, 0x0) sendmsg$rds(r0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0x8, &(0x7f0000002000)={0x0, 0x7}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1) 0s ago: executing program 3 (id=3110): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$qrtrtun(r0, &(0x7f0000000300)="ca0e80", 0x3) process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x0) write$char_usb(r0, &(0x7f0000002600)="b56511e72c6cba780ce701ed0b2db27a336692892a6491e2488652ff00c468d353d809d5b20d8ee0f9fefa6cd7bd1036ed25f0e37053d291887c707a892884c2b4aa2ebac156ef8288264449eea05c4f51c3bb4355eb108744fe34e5d0e851d51a855854135f04dd5d854459226f090b6f0d6135e8f2824eed7469236cad2251116a381d8cd30bae59c1fe71e028a667cb910d523aa5d7208286755075ee8be937304cca20e234303df72ad4e2bdc71219456229460a7c6a2df61e8b21b4a4941dcba5c257b90bbf0a976a73973319258ad7f738c04dfbdee4ea0e1b77a909a154fd934f791ebea03db6f06c8f14bc40924e46cbb9b343f25d63f332f9b3f176601f842a4e40401cbc62ee7803c3a2d71f3878f61d8fb8cb5ee90a696b22fb97bbdfd36af05c2e34dfb3d380ae7bc701053b9009d654d84f04c851b311341efcec16ef3d5c8a7e8af494068dbad55bfa7b7bf4475ceb03a6f4ef11ce14652dc36f279671b7184586c7aab57d50ca23deaeeeaebc2ed024d91f399c84834e7802ad28b6ffec7ed089e8af35d15f2713e70ce55b3f60b9c002496e110c3a68e4c01faf901df4e39d007bf99f3a2d2e33c58b92b961937060a92ab6347995c09eb6a363092e3a45b68bd5e734d43b0bc98070d66c8d03490897a7d05e894da6d92c46cb1d961d11a7d1cd9d3c437c07e9f090690d2b344a93fdc5d7276b74231f1ad050024359e7a73ee913e9a7eba72f23482de94c572d07491328ca363762c44ddcdb1623ec6d639b368d407ffafbb265de19bd5e52ec86c12167dfe2a3de629af1d66612c3f313e07a301d8378fc6eb551196b51680d1194d682ff6cdbb0f811608d6321b41664108ef6dd1dfcc7df602901b0c0d549fb8d0c1aa9b542b99d76b6b8c360c9bcb01ed819a57441948465279d0b2652be1058065929bffae3e9c8923ba01c954f3c49298db8ffad96b73684daf2e608046be2ffb0de70237e044d4be3e6ccc1984ebd2f6e0f57e99fcb0ec30598f121bd93a4003e0ba0815e5ddbeba9f3f8600ef86258a5423fb1f30da5be531e573bf5322a5842eeb23107f02021dc332e0e687bd1f4f0ac09293c3638603279484dd552d534089e0b5b903c4ceeedef410662ec12e17e9b616950874e24d313d770e84b488544a8b829039d06637269367c108dc37712d46ef6601ef4e937a120c607e570446d6216366a72ced5d543ba92a929cef7c4fb03307e88174ad88381b16de1c3f9985f483ff75e9b40fc6ba11d037dda41df9a583009baa3b246c19ab5a20cb4e62accb7a86090717c17db68b0d14905ed0ce6e49555de65448782fc0899f631393b5ccd65da59265d1b4ba9ff4d8a328cb42d2e3a465db23cfa9f159ce5716df7ccf393a561a1783679048570f2467c5336106bc8954569c047e854b2211141d169b27ca796b42c544f70123bd9f6ae23f87d1be164cd7bb2da3dc79e6f12a687296942c9c8f2d99b6961b48e046028bd69dcda162510ad235b7bf28a0ff994e23f08e807437dcd1a426a31e818b918e5c28725bf12f42d6f719d9d81100e529b9f7e4891167aef44ec7afa086e46cf832d144ebe668dbafcbf229be799f33df6c1fb3365f4cb64f360fb70ee140818503a185a44f15d3db5fd5abe8ea3c59f4120c23d3792a4ac791959858dc88286e403ad45b31716e28be7684375c2651f88ed78c2948d673ef2a8a937136ca9842717585894453a83280edc21f3fadb974c36696fe7d8bd136a005a69d14d034a869c4035282ac7c91642a05743814b4cd57df50a4eb15dd7a561637ea4ef6b3bcf89695f125fcd390746357917a6bcf55e0268a09ae5b1195f99a7fe5fec2d4115978052e195d7b5df345b827121a86166c9095e387301fc561654db0183715239247eb9dc15e83c20389aa6271b42125bd475b82db032150aa39fab06fde1034347a8a884c74edb21be34c8cf5b437ad7223970defbb27ca8eb0029fdd4acd4bc92236584ed42f03706376c583a5c8e5cf9f2415ee1f8c1b01f34d7cf1b673db2158eb99d55878ee41b391f8d7339c6f3471ae4af25e5ecb8cea2fbed9f915ce483f1a9411ca5b21776295aa4f52fa31d875f9850f3e07b8093b0f92570d41d77e68e9a79a27b6f5a2c9a100cde02ea745353e996b99b43e0f1aa51288d863859bc618a602c17a15e285e6c189a21a4762b57ce396c852a5453f035c7a2d849a98c30a2e7f797ed13ffae44e4d15a240d092a25b4820e0d2fe3b9cb74b89efc977634d1f37eddc1433f6b06fd13c543bceca1254f91413d8b914bd67f1dca660ad8ef561dfb2ce5f0486b3e1a19a3682dad8a727177a1ea448273c3cd308300e3b4fc4f96efa8d6d723de8b38f7688e13c47b2aa801ba5c33a138208412524250e41eb253520f68324dbdb5e7de6e02dc315e20cf1844cc7a5f15428dd342bcf40895d94b3de0e1acdb698a94e0dd881edfb7569d0c81981213e7186eac0d80dd35e1a48aad319678db523e9cea10163e3924c52d1d4ff589b3b228d98e64e6ee22990600ac9b272b483520148dac0e26d27ef618c86b0a49075f71d8c21e49bbcf83eb1374f0ad393074e32fa33a257f13fb187ba40b02ee6e688092e81ce0c04e3e53507b4b244fcf3afd4dbf05747a8c81828351558223a7bd0ff6684e94cd264bb3841cca4983c10b627c3c13286872798a3bce148b7f9847cb2b485bb900ad006b08482c801e9f05e5e57591e9c9ed1235c397ebffec2bffdf0eaa4aa2b3927e583f913edb95ce47603bc725ad16c59c4b638668190bd1f9c4b2c9e1b14a85d9e3e81ef3668baf27e59dd14d1ade2d7873d4feb989cdac04675f40b59a1a41453b44e0fdb89f4a7f3f52cb3a6a79d0763f85826fe1b5acb3215a0328c32ccdf2c21bb4ab3310c2d33f9b1255582e0807492ce59953f6cd4422bfa5ea9192177bbf13bd7a83807362036708653bd01b67d3def4ef7041ea29995404c0b10b0eae74bbf614652f887f755e94d390341437d50cecbf2c16fa21638ad3f85f30db17e1af9bf2b4aa8113d6a9170dc4c024f484200a471e9c73f6d2055585bdb499156081d3bc288a2ddd2b9d856c69c22ad3b4ee16555c64d86b7a9d83722860fdbf06b3a1592f3e5832fdf2d3ee078e54b7cee981cec96de0a4c77e052d2f86061cba468f6c5861771014dd56320f5fd4f84b5a890838e9fe72f41620d131cfdb7d0e627dd490acab383d5fc8cfc95e966ced3dfe3d315ad76a0452a50e8b4e9882ca9294eaa12f73629affc90505f48aedc1da6081259226056012decf4a60c3e252860cc7452e6058d8029d2d0971496e19cc94558c96678bd1b074894271b2bff2810f8a684c9329c584641bfeeb2fd4db920aec9d18e1b05803c37bc1b3cd1b3782a713ea754b1a35f137e21e31afd230aa1ba53cbc0af2ec98c860c993441007f910b8814e115725753f7a05d0b0b290048dd6aa97f3ae6f14b9652db8017e23303a3aa52c9fd5b83aa3f8ecb5e280425709237cd6fc6728664168bb2dda083ceab3ca528a78432104912e96a2ff9057885b1aebf1a8423b5c390f32bc5f3f0093870a27d8eee3576aa70a9b1ee21041a64e7dc0bbac8b46e7aa6a825bddeeab7f7bdad2ffa238a6cc77532551ebe4e650faadf67328371563e17b508ace6ed5dfcec60cd4b90ca23260f8ae78d937b7503f9595f233c7b719b837484bb684b2f9ca4df4d716a7de9ceadf0212e7f24574f1f14015ffb583c9ad2747cbddf2f0903d3dfc60eb204c6b581ba9caba16471d1bfb09b8b96ddadadcc97435ad6fe5ed249e25b01e0d5af5fe0430e4fb18eefce981fa6c78abab2a35f186137f256d8719f2053316680c03e7499941efd68a0ff066519f4d02608c320228c8cdc42fde4abecefde9d2113f730529e0215f284732d267c6804a49778a4ee32fb860122b4584a519ced4dfc0c8a3d25d90142d16e9e36eff436881dbddd06b99dee8c4e2ff7dbc19edaa7e1ad5b1f9d713abd72d4e4547b3a46ab6acfaa7d92b6da52b75bd530f6d833d156b95f1da248219c85fe807af0a47ae22c20392c889f5e89a3524cf42412a70277fe98196deb7a4c2b136fba8cc411afa84ab762d9b95b284d95f9220b3789ab54dcfb21cd2b99fcd501263cf23654c332a3aa37c6dac0c9c54e5602a691192707708e53abea4c63b7943b1348d3cf0bdce7e4076e3a4ed9afe8651cd8e953e30104534dcb6e85ab77773b60be7e46f6cd07ea8fc675d27593223dadb9cba83f3976e5133d79afd6e4a83877bd8f0d56bd99f3d996df0295838ffb421781da6c088f18f1f94e149659f02f01b99c73de89826f65bd3dbb44468518e0f0dd5fca324d3c9864d192040cd067b54b8801610bf8391ded4df50968bf7a0d0c0f7c56f47da904ad9bcc52e8690a844b7b0be9a4e7bc8ae396382ad4f6910df9eee9f19cacd9fb0aa9a378ee8b2e58befcd7158d1ea6cdc73cc63233d8c09fb4a04e7e672d7d0c7187f7b027e87560649eb8dfe97c81f3dea408f7f9c171e38892f077e9423e91b55a4635ddbea7b535d31c8ab28ae5030f04356bf05c737884a351a8da8ae81535ed5e9628befc767cd431907dd388c00b9a8d8ebf5b57017f70830dac5eb2872b77da544742d2c93940a945ed060e387e14680ea92e9a93799e64aca69ded0219486df2541b9fa209923c8d0f57978a39eba4fd17e9108243101d441cfe2c0374aaa65c434cea22e5d103588d526fc92531249ff8b8cd4783d8b915584c5ac71ff330797c85d5f66510a403cf996bec00239cef1730a35c1138b8f7f63f14e253e4d91999632d80f23076f7af79a38388e935e198d666efe799a4b8c2d82e443f01ea4907183d3bc9fb5bb94e119b1fb34beaaf1c0d296c4898600f99488a243c00309ee68a3c7297f3851ca8226eb72103d3e9981ab2dbc7dce584795aa452ee7950508f6016f04c965309f381edb1ce91059c3c21e0f7adf67f966d690545fb9597529fd5885937c433c5a156867951fc419f92ad55795a4267b0c66b59ba22ba782f92d431e37748aa41949a954b3c68120ddac938788b6d753d9152a562f8bf972c744359def08a16da4c077df2795710397e70faa3fe8e004ccf7275ad42d518094821207ad6813f66bf5c15e1a61298b3f977d7fd783f7cac82e88b652a14b9f6df36425cf89507428a6594d2200f392faea2542e6e51faa934ec1218652afd32c1f09ba277f8faa0b0fbf60b82340b42f88115394b36524026e71638bb7faec318168164e7448214f755c36dba743b15858788365171e521b9722d7950d48cb274b67361c89ef262a320186b8fb4ab84394fffdba09b14ca27608e6f49b6513d84a182459666d66902ef5cd3fa048d811401b910fc284c2d07dfe83bd398321f5e4a528b5c76dd2a4bbb7e68ce5826788c065cc686c8e174cc7cafdb289b0e4accd73fb54cccfdf3111a22a0fd764e5677cb54c94f7387b3290e8ea96a43ab678c514a33f497c3ed42ddaae3b1bad3c137d2b4aa193b2de5f4ac6e3f2a1404fcdf9919e18fb4cc8c042a72b550cf01d1dfffb8857d05d92430a669197cd66b7c7c88c539ff61aa880b94b5375989bae5fb8f381f8b211e52fd1bc3060eb2ad77d8de778a49ef3a21d992d3166c586eb5f3bb72a29da04c88441c381752939dc478b3088a66c869949b6d05a66286c61598dba66afb6d57b53ad164476d69fdb2ac668bb9c6fc4452dbb28041bb24556d3aae1dcaee06666fa18d0398e42a93741b508", 0xffe) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7, 0x5], &(0x7f0000000240), 0x0, 0x12}}, 0x40) kernel console output (not intermixed with test programs): ced to purge local tt entries to fit new maximum fragment MTU (-320) [ 91.654153][ T9925] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 91.665062][ T9925] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 91.675817][ T9925] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 91.686665][ T9925] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 91.697564][ T9925] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 91.708398][ T9925] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 91.987471][ T9971] netlink: 'syz.6.1857': attribute type 4 has an invalid length. [ 92.364904][T10010] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1865'. [ 92.383434][T10010] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1865'. [ 92.472601][ T6208] hid-generic 0000:0000:0000.0005: hidraw0: HID v8.00 Device [syz1] on syz0 [ 92.505864][T10034] loop5: detected capacity change from 0 to 512 [ 92.523035][T10034] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.1873: corrupted inode contents [ 92.536994][T10034] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.1873: mark_inode_dirty error [ 92.564558][ T3738] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 92.568815][T10034] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.1873: corrupted inode contents [ 92.572820][ T3738] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.599355][T10034] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.1873: mark_inode_dirty error [ 92.599756][ T3738] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 92.618885][ T3738] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.629039][T10034] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.1873: corrupted inode contents [ 92.657976][T10034] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 92.673944][ T3738] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 92.678041][T10034] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.1873: corrupted inode contents [ 92.682269][ T3738] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.710938][T10034] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.1873: mark_inode_dirty error [ 92.716781][ T3738] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 92.730253][ T3738] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.742395][T10034] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 92.792018][T10034] EXT4-fs (loop5): 1 truncate cleaned up [ 92.822861][ T3738] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:40: Failed to release dquot type 1 [ 92.854178][T10087] SELinux: failed to load policy [ 92.871433][T10097] loop5: detected capacity change from 0 to 512 [ 92.939366][T10116] loop2: detected capacity change from 0 to 512 [ 92.947484][T10116] EXT4-fs (loop2): orphan cleanup on readonly fs [ 92.955949][T10116] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1892: bg 0: block 248: padding at end of block bitmap is not set [ 92.971536][T10116] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1892: Failed to acquire dquot type 1 [ 92.984063][T10116] EXT4-fs (loop2): 1 truncate cleaned up [ 93.374458][T10183] loop5: detected capacity change from 0 to 128 [ 93.421982][ T3733] FAT-fs (loop5): error, invalid FAT chain (i_pos 548, last_block 8) [ 93.430178][ T3733] FAT-fs (loop5): Filesystem has been set read-only [ 93.448339][ T3733] FAT-fs (loop5): error, corrupted file size (i_pos 548, 522) [ 93.484391][T10198] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 93.495981][T10197] IPVS: stopping master sync thread 10198 ... [ 93.615871][T10210] loop4: detected capacity change from 0 to 1024 [ 93.641957][T10212] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10212 comm=syz.3.1923 [ 93.654826][T10210] EXT4-fs: Ignoring removed oldalloc option [ 93.660888][T10210] EXT4-fs: Ignoring removed orlov option [ 94.012399][T10243] loop3: detected capacity change from 0 to 512 [ 95.011449][ T3758] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 95.088980][ T3758] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 95.129178][ T3758] bond0 (unregistering): Released all slaves [ 95.137897][ T3758] bond1 (unregistering): Released all slaves [ 95.200493][ T3758] bond2 (unregistering): Released all slaves [ 95.308663][ T3758] tipc: Left network mode [ 95.348616][ T3758] hsr_slave_0: left promiscuous mode [ 95.354364][ T3758] hsr_slave_1: left promiscuous mode [ 95.360072][ T3758] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 95.608790][ T3758] team0 (unregistering): Port device team_slave_1 removed [ 95.648789][ T3758] team0 (unregistering): Port device team_slave_0 removed [ 96.736800][ T29] kauditd_printk_skb: 561 callbacks suppressed [ 96.736817][ T29] audit: type=1400 audit(352.705:4443): avc: denied { mounton } for pid=10304 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 96.782217][ T29] audit: type=1400 audit(352.755:4444): avc: denied { sys_module } for pid=10304 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 96.813271][T10316] loop3: detected capacity change from 0 to 1024 [ 96.841315][T10326] sch_fq: defrate 4294967295 ignored. [ 96.871747][ T29] audit: type=1400 audit(352.845:4445): avc: denied { mounton } for pid=10309 comm="syz.3.1950" path="/439/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 96.901119][T10316] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.1950: inode #3237228: comm syz.3.1950: iget: illegal inode # [ 96.964511][T10304] chnl_net:caif_netlink_parms(): no params data found [ 96.978164][T10316] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.1950: error while reading EA inode 3237228 err=-117 [ 97.033506][T10461] loop4: detected capacity change from 0 to 128 [ 97.061690][T10304] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.068840][T10304] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.076226][T10304] bridge_slave_0: entered allmulticast mode [ 97.082909][T10304] bridge_slave_0: entered promiscuous mode [ 97.091682][T10304] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.098793][T10304] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.106203][T10304] bridge_slave_1: entered allmulticast mode [ 97.112906][T10304] bridge_slave_1: entered promiscuous mode [ 97.155766][T10461] bio_check_eod: 18532 callbacks suppressed [ 97.155825][T10461] syz.4.1959: attempt to access beyond end of device [ 97.155825][T10461] loop4: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 97.169300][T10304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.200921][T10304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.242232][ T29] audit: type=1326 audit(353.215:4446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10544 comm="syz.5.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76963ebe9 code=0x7ffc0000 [ 97.266247][ T29] audit: type=1326 audit(353.215:4447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10544 comm="syz.5.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe76963d84a code=0x7ffc0000 [ 97.289117][ T29] audit: type=1326 audit(353.215:4448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10544 comm="syz.5.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe7696714a5 code=0x7ffc0000 [ 97.332139][ T29] audit: type=1326 audit(353.305:4449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10549 comm="syz.3.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d928eebe9 code=0x7ffc0000 [ 97.360603][ T29] audit: type=1326 audit(353.305:4450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10549 comm="syz.3.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f6d928eebe9 code=0x7ffc0000 [ 97.383738][ T29] audit: type=1326 audit(353.305:4451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10549 comm="syz.3.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d928eebe9 code=0x7ffc0000 [ 97.406828][ T29] audit: type=1326 audit(353.305:4452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10549 comm="syz.3.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d928eebe9 code=0x7ffc0000 [ 97.495445][T10565] loop4: detected capacity change from 0 to 512 [ 97.503801][T10565] EXT4-fs (loop4): orphan cleanup on readonly fs [ 97.504022][ T3738] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 97.511430][T10565] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1970: Failed to acquire dquot type 1 [ 97.530717][T10565] EXT4-fs (loop4): 1 truncate cleaned up [ 97.536606][ T3738] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 97.545774][ T3738] bond0 (unregistering): Released all slaves [ 97.546153][T10565] EXT4-fs mount: 67 callbacks suppressed [ 97.546168][T10565] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 97.605383][T10304] team0: Port device team_slave_0 added [ 97.612994][T10304] team0: Port device team_slave_1 added [ 97.623037][ T3738] tipc: Disabling bearer [ 97.628040][ T3738] tipc: Left network mode [ 97.652514][ T3738] hsr_slave_0: left promiscuous mode [ 97.658334][ T3738] hsr_slave_1: left promiscuous mode [ 97.665103][ T3738] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.672693][ T3738] batman_adv: batadv0: Removing interface: dummy0 [ 97.684770][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.719907][ T3738] team0 (unregistering): Port device team_slave_1 removed [ 97.730661][ T3738] team0 (unregistering): Port device team_slave_0 removed [ 97.777902][T10304] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.785083][T10304] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.811093][T10304] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.825296][T10304] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.832487][T10304] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.858470][T10304] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.909727][T10304] hsr_slave_0: entered promiscuous mode [ 97.916005][T10304] hsr_slave_1: entered promiscuous mode [ 97.923106][T10304] debugfs: 'hsr0' already exists in 'hsr' [ 97.928940][T10304] Cannot create hsr debugfs directory [ 97.990407][T10435] chnl_net:caif_netlink_parms(): no params data found [ 98.162441][T10435] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.169661][T10435] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.186263][T10435] bridge_slave_0: entered allmulticast mode [ 98.199242][T10435] bridge_slave_0: entered promiscuous mode [ 98.240831][T10435] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.247914][T10435] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.273996][T10435] bridge_slave_1: entered allmulticast mode [ 98.282794][T10914] net_ratelimit: 11 callbacks suppressed [ 98.282809][T10914] IPv4: Oversized IP packet from 127.202.26.0 [ 98.308143][T10435] bridge_slave_1: entered promiscuous mode [ 98.322957][T10304] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 98.376743][T10304] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 98.387203][T10304] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 98.399125][T10435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.409654][T10304] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 98.420976][T10435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.490267][T10435] team0: Port device team_slave_0 added [ 98.497085][T10435] team0: Port device team_slave_1 added [ 98.527375][T10435] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.534424][T10435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.560482][T10435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.586617][T10304] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.594517][T10435] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.601525][T10435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.627525][T10435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.681094][T10304] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.714372][T10435] hsr_slave_0: entered promiscuous mode [ 98.728096][T10435] hsr_slave_1: entered promiscuous mode [ 98.761513][T11038] loop4: detected capacity change from 0 to 4096 [ 98.768249][T10435] debugfs: 'hsr0' already exists in 'hsr' [ 98.774037][T10435] Cannot create hsr debugfs directory [ 98.782216][ T3738] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.789317][ T3738] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.801072][T11038] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.810029][ T3738] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.820638][ T3738] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.986608][T10304] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 99.071768][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.139481][T10435] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 99.160775][T10304] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.179521][T10435] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 99.200907][T10435] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 99.213325][T10435] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 99.311504][T10435] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.329560][T10435] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.355408][T11154] bridge: RTM_NEWNEIGH with invalid ether address [ 99.363267][ T3738] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.370386][ T3738] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.408189][ T3738] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.415403][ T3738] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.482585][T10304] veth0_vlan: entered promiscuous mode [ 99.510832][T10304] veth1_vlan: entered promiscuous mode [ 99.538386][T10304] veth0_macvtap: entered promiscuous mode [ 99.578057][T10304] veth1_macvtap: entered promiscuous mode [ 99.609432][T10304] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.642892][T10435] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.651930][T10304] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.663578][ T3710] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.675141][T11178] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 99.703674][ T3710] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.729984][ T3710] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.779615][ T3710] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.992271][T10435] veth0_vlan: entered promiscuous mode [ 100.031016][T11215] loop4: detected capacity change from 0 to 1024 [ 100.034386][T10435] veth1_vlan: entered promiscuous mode [ 100.051388][T11215] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 100.070425][T11215] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 100.078818][T11215] EXT4-fs (loop4): orphan cleanup on readonly fs [ 100.108479][T10435] veth0_macvtap: entered promiscuous mode [ 100.131340][T11215] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2015: Failed to acquire dquot type 0 [ 100.135331][T10435] veth1_macvtap: entered promiscuous mode [ 100.174481][T10435] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.191847][T11215] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2015: Failed to acquire dquot type 0 [ 100.198850][T10435] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.217401][ T3710] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.244913][T11215] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.2015: Freeing blocks not in datazone - block = 0, count = 4096 [ 100.260320][T11215] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2015: Failed to acquire dquot type 0 [ 100.278388][ T31] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.292191][T11215] EXT4-fs (loop4): 1 orphan inode deleted [ 100.303569][T11215] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 100.318264][ T31] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.337858][ T31] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.397498][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.439561][T11250] loop4: detected capacity change from 0 to 1024 [ 100.446993][T11250] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 100.472491][T11250] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.556544][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.592627][T11280] loop5: detected capacity change from 0 to 512 [ 100.600152][T11281] __nla_validate_parse: 5 callbacks suppressed [ 100.600166][T11281] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2034'. [ 100.621663][T11280] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.721572][T11298] loop4: detected capacity change from 0 to 512 [ 100.728523][T11298] EXT4-fs: Ignoring removed oldalloc option [ 100.729861][ T3710] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 100.752726][ T3710] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1029 with error 28 [ 100.765325][ T3710] EXT4-fs (loop5): This should not happen!! Data will be lost [ 100.765325][ T3710] [ 100.775198][ T3710] EXT4-fs (loop5): Total free blocks count 0 [ 100.781291][ T3710] EXT4-fs (loop5): Free/Dirty block details [ 100.787202][ T3710] EXT4-fs (loop5): free_blocks=65280 [ 100.792562][ T3710] EXT4-fs (loop5): dirty_blocks=1029 [ 100.797874][ T3710] EXT4-fs (loop5): Block reservation details [ 100.803888][ T3710] EXT4-fs (loop5): i_reserved_data_blocks=1029 [ 100.818038][T11298] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.2042: Parent and EA inode have the same ino 15 [ 100.836644][T11298] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.2042: Parent and EA inode have the same ino 15 [ 100.855460][T11298] EXT4-fs (loop4): 1 orphan inode deleted [ 100.861759][ T3806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.864877][T11306] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2047'. [ 100.871476][T11298] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.933113][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.200845][T11345] veth3: entered promiscuous mode [ 101.246999][T11365] loop7: detected capacity change from 0 to 512 [ 101.267132][T11365] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 101.281549][T11369] loop3: detected capacity change from 0 to 164 [ 101.288908][T11365] EXT4-fs (loop7): 1 truncate cleaned up [ 101.294989][T11365] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.311231][T11369] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 101.373556][T10304] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.474935][T11403] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 101.494464][T11403] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 101.631070][T11438] loop3: detected capacity change from 0 to 512 [ 101.637544][T11440] loop5: detected capacity change from 0 to 512 [ 101.651264][T11440] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 101.661311][T11438] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.666584][T11440] EXT4-fs (loop5): orphan cleanup on readonly fs [ 101.683859][T11438] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.694905][T11440] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.2082: corrupted inode contents [ 101.707140][T11451] loop4: detected capacity change from 0 to 2048 [ 101.716193][T11440] EXT4-fs (loop5): Remounting filesystem read-only [ 101.731403][T11440] EXT4-fs (loop5): 1 truncate cleaned up [ 101.737516][ T3729] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 101.748099][ T3729] __quota_error: 130 callbacks suppressed [ 101.748153][ T3729] Quota error (device loop5): write_blk: dquota write failed [ 101.755940][T11451] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.761358][ T3729] Quota error (device loop5): remove_free_dqentry: Can't write block (5) with free entries [ 101.761384][ T3729] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 101.792663][ T29] audit: type=1400 audit(357.755:4575): avc: denied { watch } for pid=11450 comm="syz.4.2083" path="/435/control/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 101.794238][ T3729] Quota error (device loop5): write_blk: dquota write failed [ 101.824551][ T3729] Quota error (device loop5): free_dqentry: Can't move quota data block (5) to free list [ 101.828323][ T29] audit: type=1400 audit(357.805:4576): avc: denied { execute } for pid=11450 comm="syz.4.2083" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 101.837453][ T3729] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started [ 101.856430][ T29] audit: type=1400 audit(357.815:4577): avc: denied { execute_no_trans } for pid=11450 comm="syz.4.2083" path="/435/control/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 101.866402][ T3729] Quota error (device loop5): v2_write_file_info: Can't write info structure [ 101.907478][ T3729] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 101.918518][ T3758] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 101.934338][ T3758] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 101.946626][ T3758] EXT4-fs (loop4): This should not happen!! Data will be lost [ 101.946626][ T3758] [ 101.949006][T11440] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 101.956336][ T3758] EXT4-fs (loop4): Total free blocks count 0 [ 101.974599][ T3758] EXT4-fs (loop4): Free/Dirty block details [ 101.980544][ T3758] EXT4-fs (loop4): free_blocks=4096 [ 101.985860][ T3758] EXT4-fs (loop4): dirty_blocks=16 [ 101.991067][ T3758] EXT4-fs (loop4): Block reservation details [ 101.997087][ T3758] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 102.007405][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.066670][T11472] loop7: detected capacity change from 0 to 512 [ 102.075293][T11472] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 102.100692][T11472] EXT4-fs (loop7): 1 truncate cleaned up [ 102.106811][T11472] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.126205][ T29] audit: type=1400 audit(358.095:4578): avc: denied { append } for pid=11471 comm="syz.7.2090" path="/10/file2/blkio.bfq.avg_queue_size" dev="loop7" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 102.153017][ T6954] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.175677][T11482] netlink: 'syz.3.2096': attribute type 10 has an invalid length. [ 102.183602][T11482] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2096'. [ 102.217666][T11482] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 102.218410][T11472] EXT4-fs (loop7): shut down requested (0) [ 102.283690][T10304] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.604277][T11615] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 102.639985][T11506] chnl_net:caif_netlink_parms(): no params data found [ 102.734823][T11649] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2114'. [ 102.856225][T11506] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.863351][T11506] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.874782][T11506] bridge_slave_0: entered allmulticast mode [ 102.882549][T11506] bridge_slave_0: entered promiscuous mode [ 102.890869][T11506] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.897944][T11506] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.907186][T11506] bridge_slave_1: entered allmulticast mode [ 102.918435][T11506] bridge_slave_1: entered promiscuous mode [ 102.992779][T11506] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.017207][T11506] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.061056][T11506] team0: Port device team_slave_0 added [ 103.076318][T11506] team0: Port device team_slave_1 added [ 103.143260][T11506] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.150477][T11506] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.176465][T11506] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.221426][T11506] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.228461][T11506] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.254493][T11506] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.324771][T11506] hsr_slave_0: entered promiscuous mode [ 103.349201][T11506] hsr_slave_1: entered promiscuous mode [ 103.365587][T11506] debugfs: 'hsr0' already exists in 'hsr' [ 103.371383][T11506] Cannot create hsr debugfs directory [ 103.582702][T11869] loop4: detected capacity change from 0 to 512 [ 103.606604][T11869] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 103.624330][T11506] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 103.681800][T11869] EXT4-fs (loop4): 1 truncate cleaned up [ 103.703547][T11869] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.740454][T11506] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 103.811469][T11506] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 103.850542][T11506] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 103.907455][T11904] EXT4-fs (loop4): shut down requested (0) [ 103.924317][T11901] loop8: detected capacity change from 0 to 2048 [ 103.976865][T11506] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.986030][T11901] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.990276][T11506] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.024935][ T3733] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.032038][ T3733] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.082322][ T3741] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.089454][ T3741] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.101339][T11913] netlink: 'syz.3.2140': attribute type 13 has an invalid length. [ 104.112067][ T3758] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 104.127184][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.139561][ T3758] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 104.151894][ T3758] EXT4-fs (loop8): This should not happen!! Data will be lost [ 104.151894][ T3758] [ 104.161652][ T3758] EXT4-fs (loop8): Total free blocks count 0 [ 104.167742][ T3758] EXT4-fs (loop8): Free/Dirty block details [ 104.173769][ T3758] EXT4-fs (loop8): free_blocks=4096 [ 104.179044][ T3758] EXT4-fs (loop8): dirty_blocks=16 [ 104.184247][ T3758] EXT4-fs (loop8): Block reservation details [ 104.190349][ T3758] EXT4-fs (loop8): i_reserved_data_blocks=1 [ 104.199612][T10435] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.303708][T11926] loop8: detected capacity change from 0 to 256 [ 104.329460][T11926] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 104.366359][T11506] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.384991][T11935] loop3: detected capacity change from 0 to 128 [ 104.402069][T11935] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 104.410043][T11935] FAT-fs (loop3): Filesystem has been set read-only [ 104.417848][T11935] syz.3.2136: attempt to access beyond end of device [ 104.417848][T11935] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 104.433874][T11935] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 104.441843][T11935] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 104.451799][T11935] syz.3.2136: attempt to access beyond end of device [ 104.451799][T11935] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 104.465908][T11935] syz.3.2136: attempt to access beyond end of device [ 104.465908][T11935] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 104.488835][T11935] syz.3.2136: attempt to access beyond end of device [ 104.488835][T11935] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 104.519568][T11935] syz.3.2136: attempt to access beyond end of device [ 104.519568][T11935] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 104.573655][T11935] syz.3.2136: attempt to access beyond end of device [ 104.573655][T11935] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 104.602419][T11959] loop8: detected capacity change from 0 to 512 [ 104.609500][T11506] veth0_vlan: entered promiscuous mode [ 104.617979][T11506] veth1_vlan: entered promiscuous mode [ 104.619451][T11935] syz.3.2136: attempt to access beyond end of device [ 104.619451][T11935] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 104.637096][T11959] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 104.638504][T11506] veth0_macvtap: entered promiscuous mode [ 104.656922][T11506] veth1_macvtap: entered promiscuous mode [ 104.665203][T11959] EXT4-fs (loop8): 1 truncate cleaned up [ 104.669430][T11506] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.678998][T11935] syz.3.2136: attempt to access beyond end of device [ 104.678998][T11935] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 104.679348][T11959] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.692655][T11935] syz.3.2136: attempt to access beyond end of device [ 104.692655][T11935] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 104.721696][T11506] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.729910][T11935] syz.3.2136: attempt to access beyond end of device [ 104.729910][T11935] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 104.749385][ T31] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.854061][T11959] EXT4-fs (loop8): shut down requested (0) [ 105.003039][T11981] sctp: [Deprecated]: syz.7.2149 (pid 11981) Use of int in maxseg socket option. [ 105.003039][T11981] Use struct sctp_assoc_value instead [ 105.034085][ T31] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.043974][ T31] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.054797][ T31] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.085017][T10435] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.125987][T11986] loop8: detected capacity change from 0 to 2048 [ 105.171360][T11986] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.204047][T10435] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.330612][T12010] netlink: 'syz.3.2156': attribute type 298 has an invalid length. [ 105.427284][T12018] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.434580][T12018] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.495042][T12018] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 105.505754][T12018] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 105.551523][T12024] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2162'. [ 105.566449][ T3733] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.619185][ T3710] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.629927][ T3710] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.639333][ T3710] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.703738][T12073] futex_wake_op: syz.7.2171 tries to shift op by -1; fix this program [ 105.852296][T12083] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12083 comm=syz.3.2176 [ 106.010843][T12093] loop7: detected capacity change from 0 to 8192 [ 106.124911][T12134] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 106.331458][T12157] loop8: detected capacity change from 0 to 1024 [ 106.338460][T12157] EXT4-fs: Ignoring removed oldalloc option [ 106.345778][T12157] EXT4-fs (loop8): stripe (6) is not aligned with cluster size (16), stripe is disabled [ 106.369129][T12157] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.430690][T12167] loop4: detected capacity change from 0 to 512 [ 106.440422][T12167] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102] [ 106.449022][T12167] System zones: 1-12 [ 106.470737][T12167] EXT4-fs error (device loop4): ext4_xattr_inode_iget:442: comm syz.4.2197: error while reading EA inode 32 err=-116 [ 106.494283][T12167] EXT4-fs (loop4): Remounting filesystem read-only [ 106.501000][T12167] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 106.511477][T12178] team0: left promiscuous mode [ 106.511526][T12167] EXT4-fs (loop4): 1 orphan inode deleted [ 106.516355][T12178] team0: left allmulticast mode [ 106.527786][T12167] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.531191][T10435] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.569371][T12181] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 106.592190][T12208] loop8: detected capacity change from 0 to 164 [ 106.610955][T12208] rock: directory entry would overflow storage [ 106.617138][T12208] rock: sig=0x66, size=4, remaining=3 [ 106.627807][T12208] rock: directory entry would overflow storage [ 106.634079][T12208] rock: sig=0x66, size=4, remaining=3 [ 106.641474][T12208] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 106.650915][T12208] rock: directory entry would overflow storage [ 106.657108][T12208] rock: sig=0x66, size=4, remaining=3 [ 106.664219][T12208] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 106.702312][T12218] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.746127][T12218] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.803873][T12218] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.872026][T12218] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.951964][ T31] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.963898][ T31] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.975364][ T31] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.986899][ T31] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.060213][ T29] kauditd_printk_skb: 69 callbacks suppressed [ 107.060252][ T29] audit: type=1400 audit(363.035:4648): avc: denied { listen } for pid=12289 comm="syz.8.2213" lport=33946 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 107.074171][T12293] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2214'. [ 107.098066][ T29] audit: type=1400 audit(363.065:4649): avc: denied { accept } for pid=12289 comm="syz.8.2213" lport=33946 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 107.283452][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.336660][T12319] loop3: detected capacity change from 0 to 164 [ 107.344642][T12319] rock: directory entry would overflow storage [ 107.350978][T12319] rock: sig=0x66, size=4, remaining=3 [ 107.357755][T12319] rock: directory entry would overflow storage [ 107.364006][T12319] rock: sig=0x66, size=4, remaining=3 [ 107.370000][T12319] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 107.378543][T12319] rock: directory entry would overflow storage [ 107.384799][T12319] rock: sig=0x66, size=4, remaining=3 [ 107.395605][T12317] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.402821][T12317] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.403101][T12319] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 107.454912][T12317] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 107.467688][T12317] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 107.508858][T12324] sch_tbf: burst 0 is lower than device lo mtu (14) ! [ 107.515891][ T31] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.530557][ T31] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.550416][ T31] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.559485][ T31] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.587508][T12341] loop9: detected capacity change from 0 to 1024 [ 107.595035][T12341] EXT4-fs: Ignoring removed nomblk_io_submit option [ 107.611308][T12341] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.627177][ T29] audit: type=1400 audit(363.595:4650): avc: denied { map } for pid=12339 comm="syz.9.2233" path="/10/file1/file1" dev="loop9" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 107.652378][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.671269][T12360] netlink: 132 bytes leftover after parsing attributes in process `syz.8.2236'. [ 107.718389][T12368] pim6reg1: entered promiscuous mode [ 107.723980][T12368] pim6reg1: entered allmulticast mode [ 107.748302][T12378] bridge: RTM_NEWNEIGH with invalid ether address [ 107.771865][T12380] loop9: detected capacity change from 0 to 1024 [ 107.781233][T12380] EXT4-fs: Ignoring removed orlov option [ 107.797938][T12385] loop4: detected capacity change from 0 to 1024 [ 107.804771][T12385] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 107.807292][T12380] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.841145][ T29] audit: type=1400 audit(363.815:4651): avc: denied { read } for pid=12384 comm="syz.4.2245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 107.871135][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.890127][ T29] audit: type=1326 audit(363.865:4652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12398 comm="syz.9.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda0667ebe9 code=0x7ffc0000 [ 107.913164][ T29] audit: type=1326 audit(363.865:4653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12398 comm="syz.9.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda0667ebe9 code=0x7ffc0000 [ 107.957666][ T29] audit: type=1326 audit(363.905:4654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12398 comm="syz.9.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda0667ebe9 code=0x7ffc0000 [ 107.980815][ T29] audit: type=1326 audit(363.905:4655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12398 comm="syz.9.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda0667ebe9 code=0x7ffc0000 [ 108.003807][ T29] audit: type=1326 audit(363.905:4656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12398 comm="syz.9.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda0667ebe9 code=0x7ffc0000 [ 108.026788][ T29] audit: type=1326 audit(363.905:4657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12398 comm="syz.9.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda0667ebe9 code=0x7ffc0000 [ 108.059397][T12404] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2251'. [ 108.068475][T12404] tipc: Started in network mode [ 108.071070][T12409] loop9: detected capacity change from 0 to 256 [ 108.073552][T12404] tipc: Node identity aaaaaaaaaaaa, cluster identity 4711 [ 108.086844][T12404] tipc: Enabled bearer , priority 10 [ 108.102032][T12404] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2251'. [ 108.111422][T12404] tipc: Resetting bearer [ 108.120336][T12404] tipc: Disabling bearer [ 108.175829][T12427] loop9: detected capacity change from 0 to 128 [ 108.210757][T12432] loop9: detected capacity change from 0 to 1024 [ 108.220043][T12432] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.247102][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.436502][T12468] netlink: 'syz.3.2273': attribute type 6 has an invalid length. [ 108.543977][T12477] loop3: detected capacity change from 0 to 512 [ 108.551234][T12477] EXT4-fs: test_dummy_encryption option not supported [ 108.603079][T12482] loop3: detected capacity change from 0 to 2048 [ 108.625491][T12482] EXT4-fs (loop3): failed to initialize system zone (-117) [ 108.633129][T12482] EXT4-fs (loop3): mount failed [ 108.678361][T12493] loop3: detected capacity change from 0 to 512 [ 108.689316][T12494] loop9: detected capacity change from 0 to 164 [ 108.698198][T12494] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 108.709122][T12493] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 108.718062][T12493] EXT4-fs (loop3): orphan cleanup on readonly fs [ 108.727457][T12493] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2281: corrupted inode contents [ 108.741255][T12493] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.2281: mark_inode_dirty error [ 108.752903][T12493] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2281: corrupted inode contents [ 108.766250][T12493] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.2281: mark_inode_dirty error [ 108.778114][T12493] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2281: corrupted inode contents [ 108.791927][T12493] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 108.801027][T12493] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2281: corrupted inode contents [ 108.814627][T12493] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.2281: mark_inode_dirty error [ 108.825993][T12493] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 108.836963][T12493] EXT4-fs (loop3): 1 truncate cleaned up [ 108.842961][ T31] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1 [ 108.855267][T12493] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 108.877469][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.321841][T12557] netlink: 'syz.3.2289': attribute type 15 has an invalid length. [ 109.329761][T12557] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2289'. [ 109.414028][T12568] loop9: detected capacity change from 0 to 512 [ 109.424462][T12568] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended [ 109.441399][T12568] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.470839][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.502446][T12579] pimreg: entered allmulticast mode [ 109.509857][T12579] pimreg: left allmulticast mode [ 109.572302][T12591] loop3: detected capacity change from 0 to 512 [ 109.590571][T12591] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.673193][T12606] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2318'. [ 109.739374][T12613] netlink: 'syz.9.2311': attribute type 13 has an invalid length. [ 109.896910][T12623] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2316'. [ 109.910741][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.921356][T12623] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2316'. [ 110.214781][T12635] loop8: detected capacity change from 0 to 128 [ 110.293871][T12645] netlink: 14593 bytes leftover after parsing attributes in process `syz.9.2323'. [ 110.369264][T12658] loop4: detected capacity change from 0 to 2048 [ 110.397388][T12658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.423271][T12658] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 102 with max blocks 1 with error 28 [ 110.435777][T12658] EXT4-fs (loop4): This should not happen!! Data will be lost [ 110.435777][T12658] [ 110.445479][T12658] EXT4-fs (loop4): Total free blocks count 0 [ 110.451500][T12658] EXT4-fs (loop4): Free/Dirty block details [ 110.457404][T12658] EXT4-fs (loop4): free_blocks=0 [ 110.462364][T12658] EXT4-fs (loop4): dirty_blocks=0 [ 110.467578][T12658] EXT4-fs (loop4): Block reservation details [ 110.473628][T12658] EXT4-fs (loop4): i_reserved_data_blocks=0 [ 110.484176][T12672] loop8: detected capacity change from 0 to 164 [ 110.491475][T12672] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 110.508908][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.625027][T12711] netlink: 'syz.8.2336': attribute type 13 has an invalid length. [ 110.675665][T12715] netlink: 8 bytes leftover after parsing attributes in process `'. [ 110.732568][T12723] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 110.752442][T12725] pimreg: entered allmulticast mode [ 110.761318][T12725] pimreg: left allmulticast mode [ 110.791488][T12730] loop8: detected capacity change from 0 to 2048 [ 110.826367][T12730] EXT4-fs (loop8): failed to initialize system zone (-117) [ 110.839823][T12730] EXT4-fs (loop8): mount failed [ 110.920443][T12755] pim6reg1: entered promiscuous mode [ 110.925898][T12755] pim6reg1: entered allmulticast mode [ 110.945909][T12758] loop4: detected capacity change from 0 to 164 [ 110.992137][T12758] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 111.061383][T12769] loop3: detected capacity change from 0 to 128 [ 111.180846][T12793] $H: renamed from bond0 (while UP) [ 111.196892][T12793] $H: entered promiscuous mode [ 111.202157][T12793] bond_slave_0: entered promiscuous mode [ 111.207983][T12793] bond_slave_1: entered promiscuous mode [ 111.232569][T12797] loop4: detected capacity change from 0 to 2048 [ 111.266673][T12797] EXT4-fs (loop4): failed to initialize system zone (-117) [ 111.279182][T12797] EXT4-fs (loop4): mount failed [ 111.383975][T12815] pim6reg1: entered promiscuous mode [ 111.389640][T12815] pim6reg1: entered allmulticast mode [ 111.492228][T12828] loop7: detected capacity change from 0 to 128 [ 111.776093][T12848] loop9: detected capacity change from 0 to 512 [ 111.783190][T12851] loop4: detected capacity change from 0 to 128 [ 111.801932][T12848] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102] [ 111.818959][T12848] System zones: 1-12 [ 111.840757][T12848] EXT4-fs error (device loop9): ext4_xattr_inode_iget:442: comm syz.9.2381: error while reading EA inode 32 err=-116 [ 111.862382][T12848] EXT4-fs (loop9): Remounting filesystem read-only [ 111.869039][T12848] EXT4-fs warning (device loop9): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 111.879837][T12848] EXT4-fs (loop9): 1 orphan inode deleted [ 111.886016][T12848] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.131229][ T29] kauditd_printk_skb: 301 callbacks suppressed [ 112.131265][ T29] audit: type=1326 audit(368.105:4958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12873 comm="syz.4.2390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 112.329229][T12933] SELinux: ebitmap: truncated map [ 112.334992][T12933] SELinux: failed to load policy [ 112.388274][T12949] loop8: detected capacity change from 0 to 512 [ 112.404584][ T29] audit: type=1400 audit(368.375:4959): avc: denied { setcurrent } for pid=12950 comm="syz.4.2408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 112.405488][T12949] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.423890][ T29] audit: type=1401 audit(368.375:4960): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t [ 112.467931][T12960] __nla_validate_parse: 5 callbacks suppressed [ 112.467947][T12960] netlink: 8 bytes leftover after parsing attributes in process `'. [ 112.485776][T12964] loop4: detected capacity change from 0 to 128 [ 112.534364][T12971] loop4: detected capacity change from 0 to 512 [ 112.553939][T12971] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 112.595773][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.625606][ T29] audit: type=1400 audit(368.595:4961): avc: denied { setattr } for pid=12970 comm="syz.4.2414" name="memory.events" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 112.684386][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 112.734772][T13005] loop4: detected capacity change from 0 to 512 [ 112.742968][T13005] /dev/loop4: Can't open blockdev [ 112.780533][T10435] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.802483][ T29] audit: type=1400 audit(368.765:4962): avc: denied { unmount } for pid=3300 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 112.932444][T13028] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2424'. [ 112.941527][T13024] sctp: [Deprecated]: syz.4.2425 (pid 13024) Use of int in maxseg socket option. [ 112.941527][T13024] Use struct sctp_assoc_value instead [ 112.964070][T13027] loop9: detected capacity change from 0 to 8192 [ 113.027807][T13037] $H: renamed from bond0 (while UP) [ 113.033463][ T29] audit: type=1400 audit(368.995:4963): avc: denied { listen } for pid=13040 comm="syz.3.2431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 113.052512][ T29] audit: type=1400 audit(368.995:4964): avc: denied { accept } for pid=13040 comm="syz.3.2431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 113.075882][T13037] $H: entered promiscuous mode [ 113.080981][T13037] bond_slave_0: entered promiscuous mode [ 113.086729][T13037] bond_slave_1: entered promiscuous mode [ 113.099421][T13045] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2433'. [ 113.110702][T13045] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2433'. [ 113.148137][T13049] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2435'. [ 113.168053][T13049] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2435'. [ 113.260653][T13064] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 113.270574][T13064] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.338312][T13071] sctp: [Deprecated]: syz.9.2441 (pid 13071) Use of int in maxseg socket option. [ 113.338312][T13071] Use struct sctp_assoc_value instead [ 113.370231][T13064] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 113.380059][T13064] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.390766][ T29] audit: type=1400 audit(369.365:4965): avc: denied { read } for pid=13069 comm="syz.7.2452" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 113.413469][ T29] audit: type=1400 audit(369.365:4966): avc: denied { open } for pid=13069 comm="syz.7.2452" path="/dev/input/event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 113.440329][ T29] audit: type=1400 audit(369.365:4967): avc: denied { ioctl } for pid=13069 comm="syz.7.2452" path="/dev/input/event2" dev="devtmpfs" ino=245 ioctlcmd=0x4592 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 113.498253][T13081] loop9: detected capacity change from 0 to 256 [ 113.506955][T13081] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000001) [ 113.515083][T13081] FAT-fs (loop9): Filesystem has been set read-only [ 113.523388][T13064] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 113.533218][T13064] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.551214][T13089] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 113.571906][T13064] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 113.581782][T13064] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.599410][T13096] loop9: detected capacity change from 0 to 512 [ 113.611732][T13096] EXT4-fs (loop9): 1 orphan inode deleted [ 113.617978][T13096] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.631218][ T3710] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:16: Failed to release dquot type 1 [ 113.637853][T13101] loop7: detected capacity change from 0 to 1024 [ 113.650354][T13101] EXT4-fs: Ignoring removed oldalloc option [ 113.661029][T13101] EXT4-fs (loop7): stripe (6) is not aligned with cluster size (16), stripe is disabled [ 113.671353][ T3710] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.679725][ T3710] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.690208][ T3710] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.690884][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.698846][ T3710] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.711161][ T3710] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.724483][ T3710] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.733132][ T3710] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.741422][ T3710] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.751807][T13101] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.799176][T10304] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.912838][T13124] SELinux: failed to load policy [ 113.937743][T13130] 9pnet: p9_errstr2errno: server reported unknown error [ 113.981506][T13135] loop9: detected capacity change from 0 to 2048 [ 114.009524][T13141] pim6reg: entered allmulticast mode [ 114.035680][T13141] pim6reg: left allmulticast mode [ 114.043127][T13144] SELinux: ebitmap: truncated map [ 114.048989][T13137] loop9: p1 < > p4 [ 114.054305][T13137] loop9: p4 size 8388608 extends beyond EOD, truncated [ 114.056016][T13144] SELinux: failed to load policy [ 114.067994][T13135] loop9: p1 < > p4 [ 114.076885][T13135] loop9: p4 size 8388608 extends beyond EOD, truncated [ 114.193634][T13178] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2471'. [ 114.315883][T13194] ip6tnl2: entered promiscuous mode [ 114.321244][T13194] ip6tnl2: entered allmulticast mode [ 114.625601][T13224] loop8: detected capacity change from 0 to 1024 [ 114.646825][T13230] loop3: detected capacity change from 0 to 1024 [ 114.660807][T13230] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.674428][T13224] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.697335][T13243] loop9: detected capacity change from 0 to 512 [ 114.719805][T10435] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.731572][T13243] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.734818][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.766696][T13258] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 114.795551][T13258] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 114.821964][T13258] 9pnet: p9_errstr2errno: server reported unknown error @00000000000000000000010 [ 114.865942][T13262] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2495'. [ 114.952730][T13270] geneve0: entered allmulticast mode [ 114.996378][T13272] netlink: 830 bytes leftover after parsing attributes in process `syz.7.2499'. [ 115.028175][T13274] loop7: detected capacity change from 0 to 1024 [ 115.036342][T13274] EXT4-fs: Ignoring removed orlov option [ 115.042052][T13274] EXT4-fs: Ignoring removed nomblk_io_submit option [ 115.057714][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.130495][T13285] loop9: detected capacity change from 0 to 1024 [ 115.137443][T13285] EXT4-fs: Ignoring removed oldalloc option [ 115.146017][T13285] EXT4-fs (loop9): stripe (6) is not aligned with cluster size (16), stripe is disabled [ 115.447802][T13322] loop9: detected capacity change from 0 to 512 [ 115.496978][T13333] loop8: detected capacity change from 0 to 128 [ 115.828376][T13382] loop4: detected capacity change from 0 to 8192 [ 115.847755][T13380] loop7: detected capacity change from 0 to 512 [ 115.861915][T13382] bio_check_eod: 15909 callbacks suppressed [ 115.861934][T13382] syz.4.2532: attempt to access beyond end of device [ 115.861934][T13382] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 115.881369][T13382] Buffer I/O error on dev loop4, logical block 57847, async page read [ 115.898679][T13382] syz.4.2532: attempt to access beyond end of device [ 115.898679][T13382] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 115.912123][T13382] Buffer I/O error on dev loop4, logical block 57847, async page read [ 115.920851][T13382] syz.4.2532: attempt to access beyond end of device [ 115.920851][T13382] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 115.934277][T13382] Buffer I/O error on dev loop4, logical block 57847, async page read [ 115.945084][T13382] syz.4.2532: attempt to access beyond end of device [ 115.945084][T13382] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 115.958652][T13382] Buffer I/O error on dev loop4, logical block 57847, async page read [ 115.969212][T13382] syz.4.2532: attempt to access beyond end of device [ 115.969212][T13382] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 115.982756][T13382] Buffer I/O error on dev loop4, logical block 57847, async page read [ 115.992690][T13382] syz.4.2532: attempt to access beyond end of device [ 115.992690][T13382] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 116.006182][T13382] Buffer I/O error on dev loop4, logical block 57847, async page read [ 116.014549][T13410] loop7: detected capacity change from 0 to 512 [ 116.015972][T13382] syz.4.2532: attempt to access beyond end of device [ 116.015972][T13382] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 116.034659][T13382] Buffer I/O error on dev loop4, logical block 57847, async page read [ 116.050707][T13382] syz.4.2532: attempt to access beyond end of device [ 116.050707][T13382] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 116.064247][T13382] Buffer I/O error on dev loop4, logical block 57847, async page read [ 116.094573][T13382] syz.4.2532: attempt to access beyond end of device [ 116.094573][T13382] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 116.108289][T13382] Buffer I/O error on dev loop4, logical block 57847, async page read [ 116.117319][T13382] syz.4.2532: attempt to access beyond end of device [ 116.117319][T13382] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 116.130923][T13382] Buffer I/O error on dev loop4, logical block 57847, async page read [ 116.345781][T13430] loop8: detected capacity change from 0 to 2048 [ 116.399796][T13430] loop8: p1 < > p4 [ 116.411541][T13430] loop8: p4 size 8388608 extends beyond EOD, truncated [ 116.459600][T13442] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2547'. [ 116.511549][T13450] loop7: detected capacity change from 0 to 128 [ 116.533040][T13450] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100) [ 116.541028][T13450] FAT-fs (loop7): Filesystem has been set read-only [ 116.557913][T13450] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100) [ 116.565836][T13450] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100) [ 116.826036][T13473] netlink: 'syz.3.2555': attribute type 2 has an invalid length. [ 116.833853][T13473] netlink: 'syz.3.2555': attribute type 1 has an invalid length. [ 116.961168][T13494] loop3: detected capacity change from 0 to 512 [ 117.036319][T13511] netlink: 'syz.4.2566': attribute type 10 has an invalid length. [ 117.069030][T13511] $H: (slave bond_slave_0): Releasing backup interface [ 117.079584][T13511] bond_slave_0: left promiscuous mode [ 117.099123][T13511] $H: (slave bond_slave_1): Releasing backup interface [ 117.106683][T13511] bond_slave_1: left promiscuous mode [ 117.123872][T13511] team0: Port device C removed [ 117.145749][T13511] team0: Port device team_slave_1 removed [ 117.198301][ T29] kauditd_printk_skb: 194 callbacks suppressed [ 117.198319][ T29] audit: type=1400 audit(373.165:5161): avc: denied { create } for pid=13522 comm="syz.3.2570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 117.231324][T13518] pim6reg: entered allmulticast mode [ 117.235538][ T29] audit: type=1400 audit(373.165:5162): avc: denied { setopt } for pid=13522 comm="syz.3.2570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 117.237371][T13519] pim6reg: left allmulticast mode [ 117.255708][ T29] audit: type=1400 audit(373.165:5163): avc: denied { connect } for pid=13522 comm="syz.3.2570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 117.321018][ T29] audit: type=1400 audit(373.295:5164): avc: denied { bind } for pid=13531 comm="syz.4.2572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 117.400509][ T29] audit: type=1400 audit(373.375:5165): avc: denied { watch watch_reads } for pid=13536 comm="syz.9.2574" path="/98/file0" dev="tmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 117.455950][ T29] audit: type=1400 audit(373.405:5166): avc: denied { execute } for pid=13536 comm="syz.9.2574" name="file0" dev="tmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 117.477817][ T29] audit: type=1400 audit(373.405:5167): avc: denied { execute_no_trans } for pid=13536 comm="syz.9.2574" path="/98/file0" dev="tmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 117.500708][ T29] audit: type=1326 audit(373.415:5168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13540 comm="syz.4.2576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 117.523685][ T29] audit: type=1326 audit(373.415:5169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13540 comm="syz.4.2576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 117.546854][ T29] audit: type=1326 audit(373.415:5170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13540 comm="syz.4.2576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 117.765044][T13571] hub 9-0:1.0: USB hub found [ 117.778739][T13571] hub 9-0:1.0: 8 ports detected [ 117.835456][T13587] loop3: detected capacity change from 0 to 1024 [ 117.874906][T13587] EXT4-fs: Ignoring removed nobh option [ 117.899029][T13598] __nla_validate_parse: 1 callbacks suppressed [ 117.899060][T13598] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2597'. [ 117.930501][T13602] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2598'. [ 118.083279][T13636] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 118.093126][T13636] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.220050][T13636] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 118.229928][T13636] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.246206][T13657] loop9: detected capacity change from 0 to 512 [ 118.252858][T13657] EXT4-fs: Ignoring removed oldalloc option [ 118.261896][T13654] netem: change failed [ 118.280850][T13657] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 118.294213][T13657] EXT4-fs (loop9): 1 truncate cleaned up [ 118.301722][T13636] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 118.312014][T13636] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.390044][T13636] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 118.399860][T13636] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.478836][ T3710] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.487091][ T3710] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.536267][ T3710] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.544527][ T3710] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.620978][ T3710] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.629218][ T3710] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.669890][ T3710] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.678109][ T3710] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.745971][T13691] netlink: 'syz.4.2609': attribute type 30 has an invalid length. [ 118.863073][T13698] netlink: 'syz.4.2612': attribute type 1 has an invalid length. [ 118.911551][T13698] 8021q: adding VLAN 0 to HW filter on device bond0 [ 119.072056][T13734] bond0: (slave veth9): Enslaving as an active interface with a down link [ 119.080856][T13733] loop8: detected capacity change from 0 to 1024 [ 119.145040][T13698] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 119.155366][T13733] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4183: comm syz.8.2613: Allocating blocks 449-513 which overlap fs metadata [ 119.181435][T13732] EXT4-fs (loop8): pa ffff8881072b6ee0: logic 48, phys. 177, len 21 [ 119.182178][T13698] bond0: (slave batadv0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 119.189520][T13732] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 119.290499][T13786] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2617'. [ 119.336834][T13792] serio: Serial port ptm0 [ 119.342315][T13786] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2617'. [ 119.408694][T13800] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 119.418492][T13800] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.472781][T13800] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 119.482635][T13800] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.540005][T13800] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 119.549793][T13800] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.590221][T13800] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 119.600055][T13800] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.189048][T13839] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2630'. [ 120.198183][T13839] IPVS: Error joining to the multicast group [ 120.302634][T13845] loop9: detected capacity change from 0 to 512 [ 120.336395][T13850] loop8: detected capacity change from 0 to 1024 [ 120.345079][T13845] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 120.351053][T13852] loop3: detected capacity change from 0 to 764 [ 120.360449][T13850] EXT4-fs: Ignoring removed orlov option [ 120.378991][T13852] Symlink component flag not implemented [ 120.387575][T13852] Symlink component flag not implemented (101) [ 120.641218][T13897] loop7: detected capacity change from 0 to 1024 [ 120.687811][ T3738] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 120.707376][ T3738] EXT4-fs (loop7): Remounting filesystem read-only [ 120.714838][ T31] EXT4-fs warning (device loop7): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 120.720928][T13908] bond1: entered promiscuous mode [ 120.733600][T13908] bond1: entered allmulticast mode [ 120.739604][T13908] 8021q: adding VLAN 0 to HW filter on device bond1 [ 120.751218][T13908] bond1 (unregistering): Released all slaves [ 120.787077][T13980] loop7: detected capacity change from 0 to 1024 [ 120.816892][T13980] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.2654: Allocating blocks 497-513 which overlap fs metadata [ 120.843323][T13980] EXT4-fs (loop7): pa ffff8881072b6cb0: logic 256, phys. 369, len 9 [ 120.851451][T13980] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 120.895245][T13980] EXT4-fs error (device loop7): mb_free_blocks:2017: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 120.989285][T13992] loop9: detected capacity change from 0 to 1024 [ 121.006913][T13992] journal_path: Non-blockdev passed as './file1' [ 121.013320][T13992] EXT4-fs: error: could not find journal device path [ 121.084347][T14002] syzkaller0: entered promiscuous mode [ 121.089922][T14002] syzkaller0: entered allmulticast mode [ 121.188307][T14020] netlink: 'syz.7.2665': attribute type 1 has an invalid length. [ 121.196227][T14020] netlink: 224 bytes leftover after parsing attributes in process `syz.7.2665'. [ 121.282751][T14046] loop3: detected capacity change from 0 to 512 [ 121.349911][T14059] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2678'. [ 121.410230][T14076] loop7: detected capacity change from 0 to 512 [ 121.417173][T14076] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 121.428221][T14076] EXT4-fs error (device loop7): ext4_iget_extra_inode:5104: inode #15: comm syz.7.2683: corrupted in-inode xattr: overlapping e_value [ 121.442496][T14076] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.2683: couldn't read orphan inode 15 (err -117) [ 121.593094][T14087] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2687'. [ 121.642676][T14089] loop3: detected capacity change from 0 to 128 [ 121.755720][T14103] loop3: detected capacity change from 0 to 512 [ 121.791325][T14103] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 121.823406][T14103] EXT4-fs (loop3): 1 truncate cleaned up [ 121.975929][T14112] loop3: detected capacity change from 0 to 512 [ 121.999414][T14112] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 122.022131][T14112] EXT4-fs error (device loop3): ext4_get_journal_inode:5796: comm syz.3.2693: inode #1661: comm syz.3.2693: iget: illegal inode # [ 122.055706][T14112] EXT4-fs (loop3): no journal found [ 122.061108][T14112] EXT4-fs (loop3): can't get journal size [ 122.084248][T14115] syzkaller0: entered promiscuous mode [ 122.084551][T14112] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 122.089788][T14115] syzkaller0: entered allmulticast mode [ 122.124778][T14112] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8056c118, mo2=0002] [ 122.160607][T14112] EXT4-fs (loop3): Errors on filesystem, clearing orphan list. [ 122.183477][ T3730] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 122.191796][ T3730] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.226478][ T29] kauditd_printk_skb: 112 callbacks suppressed [ 122.226497][ T29] audit: type=1400 audit(378.195:5283): avc: denied { write } for pid=14123 comm="syz.8.2695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 122.261924][ T31] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 122.270507][ T31] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.286825][ T29] audit: type=1400 audit(378.255:5284): avc: denied { accept } for pid=14123 comm="syz.8.2695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 122.306002][ T29] audit: type=1400 audit(378.255:5285): avc: denied { read } for pid=14123 comm="syz.8.2695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 122.343689][ T31] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 122.351938][ T31] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.376698][T14141] loop4: detected capacity change from 0 to 128 [ 122.387646][ T1452] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 122.390426][T14141] bio_check_eod: 29068 callbacks suppressed [ 122.390445][T14141] syz.4.2698: attempt to access beyond end of device [ 122.390445][T14141] loop4: rw=2049, sector=145, nr_sectors = 3 limit=128 [ 122.396054][ T1452] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.410402][T14141] syz.4.2698: attempt to access beyond end of device [ 122.410402][T14141] loop4: rw=2049, sector=153, nr_sectors = 1 limit=128 [ 122.445565][T14143] loop8: detected capacity change from 0 to 512 [ 122.446392][T14141] syz.4.2698: attempt to access beyond end of device [ 122.446392][T14141] loop4: rw=0, sector=153, nr_sectors = 1 limit=128 [ 122.491071][T14143] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #16: comm syz.8.2697: corrupted inode contents [ 122.492672][ T29] audit: type=1400 audit(378.465:5286): avc: denied { setopt } for pid=14148 comm="syz.9.2699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 122.548789][T14143] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #16: comm syz.8.2697: mark_inode_dirty error [ 122.593710][T14143] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #16: comm syz.8.2697: corrupted inode contents [ 122.613888][ T29] audit: type=1400 audit(378.585:5287): avc: denied { lock } for pid=14166 comm="syz.9.2702" path="socket:[32874]" dev="sockfs" ino=32874 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 122.638847][T14143] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #16: comm syz.8.2697: mark_inode_dirty error [ 122.651574][T14143] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #16: comm syz.8.2697: corrupted inode contents [ 122.664972][T14143] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem [ 122.675084][T14143] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #16: comm syz.8.2697: corrupted inode contents [ 122.687283][T14143] EXT4-fs error (device loop8): ext4_truncate:4666: inode #16: comm syz.8.2697: mark_inode_dirty error [ 122.700738][ T29] audit: type=1400 audit(378.625:5288): avc: denied { tracepoint } for pid=14168 comm="syz.4.2703" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 122.717379][T14143] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem [ 122.720167][ T29] audit: type=1400 audit(378.675:5289): avc: denied { create } for pid=14172 comm="syz.7.2704" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 122.730580][T14143] EXT4-fs (loop8): 1 truncate cleaned up [ 122.747842][ T29] audit: type=1400 audit(378.675:5290): avc: denied { ioctl } for pid=14172 comm="syz.7.2704" path="socket:[32883]" dev="sockfs" ino=32883 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 122.765421][ T29] audit: type=1400 audit(378.725:5291): avc: denied { bind } for pid=14172 comm="syz.7.2704" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 122.781545][ T3760] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 122.806151][ T3760] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:61: Failed to release dquot type 1 [ 122.851678][T14183] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2707'. [ 122.869723][T14143] ALSA: seq fatal error: cannot create timer (-22) [ 122.963229][T14206] openvswitch: netlink: Message has 6 unknown bytes. [ 123.029889][T14223] loop4: detected capacity change from 0 to 1024 [ 123.036714][T14223] ext4: Unknown parameter 'fowner' [ 123.071943][T14226] SELinux: failed to load policy [ 123.182028][T14268] syzkaller0: entered promiscuous mode [ 123.187552][T14268] syzkaller0: entered allmulticast mode [ 123.344110][T14279] netlink: 'syz.8.2726': attribute type 4 has an invalid length. [ 123.614752][T14297] loop7: detected capacity change from 0 to 2048 [ 123.661612][T14297] Alternate GPT is invalid, using primary GPT. [ 123.668163][T14297] loop7: p2 p3 p7 [ 123.743845][T14321] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2738'. [ 124.087128][T14357] loop9: detected capacity change from 0 to 512 [ 124.125057][T14362] loop3: detected capacity change from 0 to 512 [ 124.132716][T14362] EXT4-fs: Ignoring removed bh option [ 124.139608][T14362] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 124.148746][T14362] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 124.162397][T14362] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 124.164795][T14368] loop7: detected capacity change from 0 to 128 [ 124.179807][T14362] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 124.245327][T14372] loop8: detected capacity change from 0 to 512 [ 124.254067][T14372] EXT4-fs: inline encryption not supported [ 124.263459][T14376] loop3: detected capacity change from 0 to 1024 [ 124.266954][T14372] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 124.281406][T14372] EXT4-fs (loop8): 1 truncate cleaned up [ 124.329183][T14376] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2751: Allocating blocks 449-513 which overlap fs metadata [ 124.361524][T14393] vlan2: entered allmulticast mode [ 124.362018][T14375] EXT4-fs (loop3): pa ffff88810719a7e0: logic 48, phys. 177, len 21 [ 124.374819][T14375] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 124.904734][T14466] loop3: detected capacity change from 0 to 512 [ 124.913322][T14466] EXT4-fs: Ignoring removed oldalloc option [ 124.928237][T14466] ext4: Unknown parameter 'smackfsfloor' [ 125.053907][T14483] loop9: detected capacity change from 0 to 1024 [ 125.851527][T14568] loop8: detected capacity change from 0 to 512 [ 125.859067][T14568] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem [ 125.869433][T14568] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 125.877395][T14568] System zones: 1-12 [ 125.886267][T14568] EXT4-fs error (device loop8): ext4_iget_extra_inode:5104: inode #15: comm syz.8.2797: corrupted in-inode xattr: e_value size too large [ 125.901023][T14568] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.2797: couldn't read orphan inode 15 (err -117) [ 125.922007][T14568] EXT4-fs warning (device loop8): dx_probe:801: inode #2: comm syz.8.2797: Unrecognised inode hash code 4 [ 125.933458][T14568] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.2797: Corrupt directory, running e2fsck is recommended [ 126.142375][T14586] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2811'. [ 126.567893][T14632] loop9: detected capacity change from 0 to 7 [ 126.611083][T14632] buffer_io_error: 10107 callbacks suppressed [ 126.611099][T14632] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.629356][T14637] loop7: detected capacity change from 0 to 512 [ 126.647642][T14637] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 126.673281][T14632] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.681192][T14632] loop9: unable to read partition table [ 126.687400][T14632] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 126.687400][T14632] ) failed (rc=-5) [ 126.701841][T14637] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 126.716260][T14637] System zones: 1-12 [ 126.725811][T14637] EXT4-fs error (device loop7): ext4_iget_extra_inode:5104: inode #15: comm syz.7.2814: corrupted in-inode xattr: e_value size too large [ 126.754547][T14637] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.2814: couldn't read orphan inode 15 (err -117) [ 126.779890][T14645] pim6reg: entered allmulticast mode [ 126.789613][T14645] pim6reg: left allmulticast mode [ 126.902430][T14637] EXT4-fs warning (device loop7): dx_probe:801: inode #2: comm syz.7.2814: Unrecognised inode hash code 4 [ 126.913900][T14637] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.2814: Corrupt directory, running e2fsck is recommended [ 127.281815][ T29] kauditd_printk_skb: 521 callbacks suppressed [ 127.281834][ T29] audit: type=1326 audit(383.255:5813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 127.359818][T14722] loop9: detected capacity change from 0 to 512 [ 127.367171][ T29] audit: type=1326 audit(383.255:5814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 127.390282][ T29] audit: type=1326 audit(383.295:5815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 127.409114][T14727] loop4: detected capacity change from 0 to 2048 [ 127.413314][ T29] audit: type=1326 audit(383.295:5816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 127.442632][ T29] audit: type=1326 audit(383.295:5817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 127.465714][ T29] audit: type=1326 audit(383.295:5818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 127.488930][ T29] audit: type=1326 audit(383.295:5819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 127.511852][ T29] audit: type=1326 audit(383.295:5820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 127.534877][ T29] audit: type=1326 audit(383.305:5821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 127.538849][T14722] EXT4-fs: Ignoring removed i_version option [ 127.557786][ T29] audit: type=1326 audit(383.305:5822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f3cbcd6ebe9 code=0x7ffc0000 [ 127.563801][T14722] EXT4-fs: Ignoring removed nobh option [ 127.594081][T14722] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 127.594487][T14727] loop4: p1 < > p4 [ 127.622858][T14722] EXT4-fs (loop9): 1 truncate cleaned up [ 127.622874][T14727] loop4: p4 size 8388608 extends beyond EOD, truncated [ 127.649309][T14722] EXT4-fs mount: 48 callbacks suppressed [ 127.649327][T14722] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.929089][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.005866][T14809] loop7: detected capacity change from 0 to 512 [ 128.026530][T14809] EXT4-fs (loop7): 1 orphan inode deleted [ 128.038855][ T1452] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 1 [ 128.040562][T14809] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.101039][T10304] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.137292][T14815] loop3: detected capacity change from 0 to 2048 [ 128.154202][T14819] loop7: detected capacity change from 0 to 1024 [ 128.171305][T14819] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.202710][T14815] loop3: p1 < > p4 [ 128.220770][T14815] loop3: p4 size 8388608 extends beyond EOD, truncated [ 128.260297][T10304] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.298683][T14842] loop3: detected capacity change from 0 to 512 [ 128.320969][T14842] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 128.348828][T14842] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 128.356937][T14842] System zones: 1-12 [ 128.370001][T14842] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.2854: corrupted in-inode xattr: e_value size too large [ 128.510679][T14842] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2854: couldn't read orphan inode 15 (err -117) [ 128.532086][T14842] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.584820][T14842] EXT4-fs warning (device loop3): dx_probe:801: inode #2: comm syz.3.2854: Unrecognised inode hash code 4 [ 128.596316][T14842] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.2854: Corrupt directory, running e2fsck is recommended [ 128.645863][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.820662][T14874] loop4: detected capacity change from 0 to 1024 [ 128.842986][T14868] loop8: detected capacity change from 0 to 8192 [ 128.863119][T14874] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.942774][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.166652][T14887] loop7: detected capacity change from 0 to 2048 [ 129.219629][T14887] loop7: p1 < > p4 [ 129.224182][T14887] loop7: p4 size 8388608 extends beyond EOD, truncated [ 129.422666][T14916] loop9: detected capacity change from 0 to 512 [ 129.450108][T14916] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem [ 129.467094][T14916] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 129.485486][T14916] System zones: 1-12 [ 129.493605][T14916] EXT4-fs error (device loop9): ext4_iget_extra_inode:5104: inode #15: comm syz.9.2875: corrupted in-inode xattr: e_value size too large [ 129.512110][T14916] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.2875: couldn't read orphan inode 15 (err -117) [ 129.526423][T14916] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.580069][T14916] EXT4-fs warning (device loop9): dx_probe:801: inode #2: comm syz.9.2875: Unrecognised inode hash code 4 [ 129.591505][T14916] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.2875: Corrupt directory, running e2fsck is recommended [ 129.673306][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.996301][T14938] pim6reg: entered allmulticast mode [ 130.017947][T14938] pim6reg: left allmulticast mode [ 130.165019][T14951] loop8: detected capacity change from 0 to 1024 [ 130.191581][T14951] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.219101][T14959] loop9: detected capacity change from 0 to 128 [ 130.259685][T14959] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 130.273188][T10435] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.367826][T11506] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 130.420021][T14985] loop3: detected capacity change from 0 to 512 [ 130.440862][T14985] EXT4-fs (loop3): 1 orphan inode deleted [ 130.447174][T14985] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.461021][ T3714] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:20: Failed to release dquot type 1 [ 130.486906][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.521129][T15000] syz_tun: entered allmulticast mode [ 130.527241][T14999] syz_tun: left allmulticast mode [ 130.572782][T15007] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 130.584300][T15007] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 130.596401][T15007] 9pnet: p9_errstr2errno: server reported unknown error @00000000000000000000010 [ 130.678030][T15017] loop3: detected capacity change from 0 to 128 [ 130.687798][T15017] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 130.723959][ T3305] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 131.201376][T15034] pim6reg: entered allmulticast mode [ 131.217640][T15034] pim6reg: left allmulticast mode [ 131.291776][T15052] pim6reg: entered allmulticast mode [ 131.319793][T15052] pim6reg: left allmulticast mode [ 131.337490][T15059] loop3: detected capacity change from 0 to 128 [ 131.360069][T15059] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 131.368093][T15059] FAT-fs (loop3): Filesystem has been set read-only [ 131.407253][T15059] syz.3.2917: attempt to access beyond end of device [ 131.407253][T15059] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 131.428644][T15059] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 131.436588][T15059] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 131.467448][T15059] syz.3.2917: attempt to access beyond end of device [ 131.467448][T15059] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 131.498777][T15059] syz.3.2917: attempt to access beyond end of device [ 131.498777][T15059] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 131.528646][T15059] syz.3.2917: attempt to access beyond end of device [ 131.528646][T15059] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 131.567311][T15059] syz.3.2917: attempt to access beyond end of device [ 131.567311][T15059] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 131.628704][T15059] syz.3.2917: attempt to access beyond end of device [ 131.628704][T15059] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 131.664150][T15059] syz.3.2917: attempt to access beyond end of device [ 131.664150][T15059] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 131.709979][T15059] syz.3.2917: attempt to access beyond end of device [ 131.709979][T15059] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 131.730074][T15059] syz.3.2917: attempt to access beyond end of device [ 131.730074][T15059] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 131.789919][T15076] hub 9-0:1.0: USB hub found [ 131.800127][T15076] hub 9-0:1.0: 8 ports detected [ 131.806483][T15059] syz.3.2917: attempt to access beyond end of device [ 131.806483][T15059] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 132.145776][T15089] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 132.198773][T15089] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 132.223718][T15089] 9pnet: p9_errstr2errno: server reported unknown error @00000000000000000000010 [ 132.396885][ T29] kauditd_printk_skb: 613 callbacks suppressed [ 132.396900][ T29] audit: type=1326 audit(388.365:6434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15097 comm="syz.3.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d928eebe9 code=0x7ffc0000 [ 132.420720][T15100] pim6reg: entered allmulticast mode [ 132.440257][T15100] pim6reg: left allmulticast mode [ 132.456743][ T29] audit: type=1326 audit(388.365:6435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15099 comm="syz.8.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1367f6ebe9 code=0x7ffc0000 [ 132.479693][ T29] audit: type=1326 audit(388.365:6436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15099 comm="syz.8.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1367f6ebe9 code=0x7ffc0000 [ 132.502680][ T29] audit: type=1326 audit(388.375:6437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15099 comm="syz.8.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1367f6ebe9 code=0x7ffc0000 [ 132.525587][ T29] audit: type=1326 audit(388.375:6438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15099 comm="syz.8.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1367f6ebe9 code=0x7ffc0000 [ 132.548585][ T29] audit: type=1326 audit(388.375:6439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15099 comm="syz.8.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1367f6ebe9 code=0x7ffc0000 [ 132.571480][ T29] audit: type=1326 audit(388.375:6440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15099 comm="syz.8.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1367f6ebe9 code=0x7ffc0000 [ 132.594418][ T29] audit: type=1326 audit(388.375:6441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15099 comm="syz.8.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1367f6ebe9 code=0x7ffc0000 [ 132.617344][ T29] audit: type=1326 audit(388.375:6442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15099 comm="syz.8.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1367f6ebe9 code=0x7ffc0000 [ 132.640500][ T29] audit: type=1326 audit(388.375:6443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15099 comm="syz.8.2932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1367f6ebe9 code=0x7ffc0000 [ 132.758954][T15120] loop8: detected capacity change from 0 to 512 [ 132.766238][T15120] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 132.778258][T15120] EXT4-fs (loop8): 1 truncate cleaned up [ 132.786388][T15120] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 132.828519][T10435] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.856520][T15132] pim6reg: entered allmulticast mode [ 132.866243][T15135] loop8: detected capacity change from 0 to 128 [ 132.876846][T15135] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100) [ 132.877479][T15132] pim6reg: left allmulticast mode [ 132.884792][T15135] FAT-fs (loop8): Filesystem has been set read-only [ 132.897660][T15135] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100) [ 132.905664][T15135] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100) [ 133.005089][T15143] loop7: detected capacity change from 0 to 1024 [ 133.017664][T15143] EXT4-fs: Ignoring removed nobh option [ 133.032399][T15143] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.121081][T10304] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.230826][T15156] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2947'. [ 133.344379][T15177] loop4: detected capacity change from 0 to 1024 [ 133.395016][T15180] loop7: detected capacity change from 0 to 1024 [ 133.422436][T15177] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.436963][T15180] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.492902][T15180] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.2952: Allocating blocks 449-513 which overlap fs metadata [ 133.553264][T15179] EXT4-fs (loop7): pa ffff8881072b6e70: logic 48, phys. 177, len 21 [ 133.561335][T15179] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 133.632641][T10304] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.714029][T15193] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2954'. [ 133.775807][T15196] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.818831][T15200] loop8: detected capacity change from 0 to 1024 [ 133.826488][T15200] EXT4-fs: Ignoring removed nobh option [ 133.845349][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.861812][T15200] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.862289][T15196] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.943440][T10435] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.955569][T15196] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.000152][T15196] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.070772][ T3714] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.095220][ T3714] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.101622][T15235] serio: Serial port ptm0 [ 134.113735][ T3714] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.133943][ T3714] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.201138][T15252] pim6reg: entered allmulticast mode [ 134.219144][T15252] pim6reg: left allmulticast mode [ 134.254468][T15256] bond0: entered promiscuous mode [ 134.259635][T15256] bond0: entered allmulticast mode [ 134.265561][T15256] 8021q: adding VLAN 0 to HW filter on device bond0 [ 134.284364][T15256] bond0 (unregistering): Released all slaves [ 134.320401][T15332] loop9: detected capacity change from 0 to 128 [ 134.339375][T15332] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100) [ 134.347256][T15332] FAT-fs (loop9): Filesystem has been set read-only [ 134.374187][T15332] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100) [ 134.382197][T15332] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100) [ 134.561125][T15346] loop4: detected capacity change from 0 to 1024 [ 134.582975][T15346] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.615551][T15346] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2969: Allocating blocks 449-513 which overlap fs metadata [ 134.639444][T15343] EXT4-fs (loop4): pa ffff8881072b6f50: logic 48, phys. 177, len 21 [ 134.647525][T15343] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 134.667739][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.071907][T15368] loop4: detected capacity change from 0 to 764 [ 135.082212][T15368] Symlink component flag not implemented [ 135.088188][T15368] Symlink component flag not implemented (101) [ 135.456218][T15377] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 135.465135][T15376] netlink: 'syz.8.2983': attribute type 1 has an invalid length. [ 135.481906][T15377] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 135.483678][T15376] 8021q: adding VLAN 0 to HW filter on device bond1 [ 135.513615][T15377] 9pnet: p9_errstr2errno: server reported unknown error @00000000000000000000010 [ 135.535470][T15376] bond1: (slave veth3): Enslaving as an active interface with a down link [ 135.570129][T15376] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 135.582089][T15376] bond1: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 135.649269][T15442] serio: Serial port ptm0 [ 135.839165][T15457] loop3: detected capacity change from 0 to 1024 [ 135.860968][T15457] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.920240][T15457] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2987: Allocating blocks 449-513 which overlap fs metadata [ 135.954099][T15453] EXT4-fs (loop3): pa ffff88810719a8c0: logic 48, phys. 177, len 21 [ 135.962359][T15453] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 135.984663][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.056462][T15479] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 136.082979][T15483] loop7: detected capacity change from 0 to 512 [ 136.151814][T15494] netlink: 'syz.9.3000': attribute type 1 has an invalid length. [ 136.164961][T15497] serio: Serial port ptm1 [ 136.175890][T15494] 8021q: adding VLAN 0 to HW filter on device bond1 [ 136.196785][T15494] bond1: (slave veth5): Enslaving as an active interface with a down link [ 136.215174][T15494] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 136.222754][T15494] bond1: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 136.633259][T15564] loop3: detected capacity change from 0 to 1024 [ 136.650185][T15564] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.674495][T15569] loop9: detected capacity change from 0 to 1024 [ 136.694835][T15569] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.712868][ T3754] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 136.734369][ T3754] EXT4-fs (loop3): Remounting filesystem read-only [ 136.749480][ T59] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 136.766646][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.767174][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.803782][T15589] loop9: detected capacity change from 0 to 512 [ 136.812265][T15589] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 136.830489][T15589] EXT4-fs (loop9): 1 truncate cleaned up [ 136.842705][T15589] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.855844][T15589] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.911169][T15597] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3016'. [ 137.161802][T15635] syzkaller0: entered promiscuous mode [ 137.167385][T15635] syzkaller0: entered allmulticast mode [ 137.177254][T15641] loop9: detected capacity change from 0 to 512 [ 137.192303][T15643] loop3: detected capacity change from 0 to 1024 [ 137.195640][T15641] /dev/loop9: Can't open blockdev [ 137.222341][T15643] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.292167][T15655] loop8: detected capacity change from 0 to 512 [ 137.330725][T15655] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 137.350937][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.371095][T15655] EXT4-fs (loop8): 1 truncate cleaned up [ 137.384973][T15655] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.408882][T15655] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.494817][T15675] loop3: detected capacity change from 0 to 512 [ 137.516575][T15675] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3035: corrupted inode contents [ 137.529129][T15682] loop8: detected capacity change from 0 to 128 [ 137.529949][T15680] loop4: detected capacity change from 0 to 1024 [ 137.536010][T15675] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.3035: mark_inode_dirty error [ 137.554319][T15680] EXT4-fs: Ignoring removed orlov option [ 137.560225][T15675] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3035: corrupted inode contents [ 137.563657][T15682] bio_check_eod: 43472 callbacks suppressed [ 137.563671][T15682] syz.8.3038: attempt to access beyond end of device [ 137.563671][T15682] loop8: rw=2049, sector=145, nr_sectors = 3 limit=128 [ 137.573090][T15675] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.3035: mark_inode_dirty error [ 137.581791][T15680] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.601694][T15682] syz.8.3038: attempt to access beyond end of device [ 137.601694][T15682] loop8: rw=2049, sector=153, nr_sectors = 1 limit=128 [ 137.616892][T15675] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3035: corrupted inode contents [ 137.641118][T15675] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 137.652070][T15675] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3035: corrupted inode contents [ 137.655598][T15682] syz.8.3038: attempt to access beyond end of device [ 137.655598][T15682] loop8: rw=0, sector=153, nr_sectors = 1 limit=128 [ 137.668685][T15675] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.3035: mark_inode_dirty error [ 137.689483][T15675] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 137.699214][T15675] EXT4-fs (loop3): 1 truncate cleaned up [ 137.705382][T15675] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.718926][ T3702] __quota_error: 46 callbacks suppressed [ 137.718943][ T3702] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 137.734557][ T3702] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1 [ 137.742185][T15675] ALSA: seq fatal error: cannot create timer (-22) [ 137.774814][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.865120][T15698] loop8: detected capacity change from 0 to 512 [ 137.872207][T15698] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 137.882908][T15698] EXT4-fs error (device loop8): ext4_iget_extra_inode:5104: inode #15: comm syz.8.3044: corrupted in-inode xattr: overlapping e_value [ 137.897012][T15698] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.3044: couldn't read orphan inode 15 (err -117) [ 137.909448][T15698] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.925511][T15699] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3045'. [ 138.062939][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.090762][T15714] netlink: 'syz.7.3049': attribute type 1 has an invalid length. [ 138.096996][T15718] loop3: detected capacity change from 0 to 1024 [ 138.107591][T10435] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.128682][T15714] 8021q: adding VLAN 0 to HW filter on device bond0 [ 138.145177][T15718] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.164582][T15714] bond0: (slave veth5): Enslaving as an active interface with a down link [ 138.188450][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.200329][T15714] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 138.211489][T15714] bond0: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 138.400692][ T29] audit: type=1326 audit(394.375:6490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15796 comm="syz.7.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d19cebe9 code=0x7ffc0000 [ 138.423949][ T29] audit: type=1326 audit(394.375:6491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15796 comm="syz.7.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d19cebe9 code=0x7ffc0000 [ 138.446848][ T29] audit: type=1326 audit(394.375:6492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15796 comm="syz.7.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f50d19cebe9 code=0x7ffc0000 [ 138.484140][T15794] loop3: detected capacity change from 0 to 1024 [ 138.499746][T15794] EXT4-fs: Ignoring removed orlov option [ 138.511247][T15797] syzkaller0: entered promiscuous mode [ 138.516779][T15797] syzkaller0: entered allmulticast mode [ 138.522219][ T29] audit: type=1326 audit(394.495:6493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15796 comm="syz.7.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d19cebe9 code=0x7ffc0000 [ 138.545436][ T29] audit: type=1326 audit(394.495:6494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15796 comm="syz.7.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d19cebe9 code=0x7ffc0000 [ 138.570915][T15794] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.674556][ T29] audit: type=1326 audit(394.645:6495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15796 comm="syz.7.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f50d19cebe9 code=0x7ffc0000 [ 138.752965][ T29] audit: type=1326 audit(394.725:6496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15796 comm="syz.7.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d19cebe9 code=0x7ffc0000 [ 138.775966][ T29] audit: type=1326 audit(394.725:6497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15796 comm="syz.7.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50d19cebe9 code=0x7ffc0000 [ 138.878485][T15832] loop4: detected capacity change from 0 to 512 [ 138.886963][T15832] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 138.897521][T15832] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.3062: corrupted in-inode xattr: overlapping e_value [ 138.912161][T15832] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3062: couldn't read orphan inode 15 (err -117) [ 138.924838][T15832] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.965304][T15837] loop9: detected capacity change from 0 to 1024 [ 138.990481][T15837] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.010727][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.053965][T15849] loop3: detected capacity change from 0 to 512 [ 139.064144][T15849] /dev/loop3: Can't open blockdev [ 139.106799][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.152280][T15860] pim6reg1: entered promiscuous mode [ 139.157715][T15860] pim6reg1: entered allmulticast mode [ 139.157825][T15862] loop9: detected capacity change from 0 to 512 [ 139.173988][T15862] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem [ 139.188617][T15862] EXT4-fs error (device loop9): ext4_get_journal_inode:5796: comm syz.9.3068: inode #1661: comm syz.9.3068: iget: illegal inode # [ 139.207518][T15862] EXT4-fs (loop9): no journal found [ 139.212843][T15862] EXT4-fs (loop9): can't get journal size [ 139.220541][T15862] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended [ 139.222865][T15869] loop7: detected capacity change from 0 to 512 [ 139.230399][T15862] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8056c118, mo2=0002] [ 139.245950][T15862] EXT4-fs (loop9): Errors on filesystem, clearing orphan list. [ 139.255093][T15862] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.274054][T15869] Quota error (device loop7): v2_read_file_info: Free block number 1 out of range (1, 6). [ 139.286209][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.295367][T15869] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 139.314083][T15869] EXT4-fs (loop7): mount failed [ 139.326986][T15880] netlink: 'syz.4.3071': attribute type 4 has an invalid length. [ 139.353514][T15887] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 139.362122][T15887] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 139.374254][T15887] 9pnet: p9_errstr2errno: server reported unknown error @00000000000000000000010 [ 139.387182][T11506] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.485730][T15903] loop9: detected capacity change from 0 to 1024 [ 139.492758][T15903] EXT4-fs: Ignoring removed orlov option [ 139.502796][T15903] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.545390][T15909] loop7: detected capacity change from 0 to 512 [ 139.552679][T15909] /dev/loop7: Can't open blockdev [ 139.587706][T15916] loop7: detected capacity change from 0 to 1024 [ 139.602245][T15916] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 139.640181][T15916] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.3079: Allocating blocks 449-513 which overlap fs metadata [ 139.663674][T15915] EXT4-fs (loop7): pa ffff88810719a850: logic 48, phys. 177, len 21 [ 139.671821][T15915] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 139.692315][T10304] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.716504][T15923] loop3: detected capacity change from 0 to 512 [ 139.724966][T15923] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 139.735515][T15923] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.3084: corrupted in-inode xattr: overlapping e_value [ 139.749708][T15923] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3084: couldn't read orphan inode 15 (err -117) [ 139.762153][T15923] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.868838][T15944] loop7: detected capacity change from 0 to 512 [ 139.878405][T15944] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 139.899664][T15944] EXT4-fs error (device loop7): ext4_get_journal_inode:5796: comm syz.7.3087: inode #1661: comm syz.7.3087: iget: illegal inode # [ 139.914340][T15944] EXT4-fs (loop7): no journal found [ 139.919663][T15944] EXT4-fs (loop7): can't get journal size [ 139.927014][T15944] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended [ 139.954873][T15944] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8056c118, mo2=0002] [ 139.966093][T15949] loop8: detected capacity change from 0 to 1024 [ 139.968879][T15944] EXT4-fs (loop7): Errors on filesystem, clearing orphan list. [ 140.005088][T15949] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4183: comm syz.8.3098: Allocating blocks 497-513 which overlap fs metadata [ 140.033846][T15955] netlink: 'syz.9.3089': attribute type 4 has an invalid length. [ 140.048711][T15949] EXT4-fs (loop8): pa ffff88810719a930: logic 256, phys. 369, len 9 [ 140.056750][T15949] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 140.067045][T15949] EXT4-fs error (device loop8): mb_free_blocks:2017: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 140.186133][T15987] loop7: detected capacity change from 0 to 1024 [ 140.196946][T15987] EXT4-fs: Ignoring removed orlov option [ 140.342112][T16011] loop3: detected capacity change from 0 to 128 [ 140.359012][T16011] syz.3.3100: attempt to access beyond end of device [ 140.359012][T16011] loop3: rw=2049, sector=145, nr_sectors = 3 limit=128 [ 140.387819][T16011] syz.3.3100: attempt to access beyond end of device [ 140.387819][T16011] loop3: rw=2049, sector=153, nr_sectors = 1 limit=128 [ 140.411605][T16016] loop9: detected capacity change from 0 to 1024 [ 140.425671][T16011] syz.3.3100: attempt to access beyond end of device [ 140.425671][T16011] loop3: rw=0, sector=153, nr_sectors = 1 limit=128 [ 140.457556][T16016] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4183: comm syz.9.3105: Allocating blocks 497-513 which overlap fs metadata [ 140.473104][T16021] loop4: detected capacity change from 0 to 512 [ 140.481308][T16016] EXT4-fs (loop9): pa ffff88810719a9a0: logic 256, phys. 369, len 9 [ 140.489368][T16016] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 140.491474][T16021] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 140.499517][T16016] EXT4-fs error (device loop9): mb_free_blocks:2017: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 140.524324][T16021] EXT4-fs error (device loop4): ext4_get_journal_inode:5796: comm syz.4.3107: inode #1661: comm syz.4.3107: iget: illegal inode # [ 140.547281][T16021] EXT4-fs (loop4): no journal found [ 140.552646][T16021] EXT4-fs (loop4): can't get journal size [ 140.562692][T16026] netlink: 'syz.3.3106': attribute type 4 has an invalid length. [ 140.587142][T16021] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 140.597458][T16021] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8056c118, mo2=0002] [ 140.605592][T16021] EXT4-fs (loop4): Errors on filesystem, clearing orphan list. [ 140.710070][T16044] loop3: detected capacity change from 0 to 2048 [ 140.743529][T16044] Alternate GPT is invalid, using primary GPT. [ 140.749944][T16044] loop3: p2 p3 p7 [ 140.814020][T16059] ================================================================== [ 140.822213][T16059] BUG: KCSAN: data-race in io_flush_timeouts / io_issue_sqe [ 140.829495][T16059] [ 140.831810][T16059] read-write to 0xffff888119726210 of 4 bytes by task 16064 on cpu 0: [ 140.839949][T16059] io_issue_sqe+0x19c/0x970 [ 140.844443][T16059] io_wq_submit_work+0x3f7/0x5f0 [ 140.849429][T16059] io_worker_handle_work+0x44e/0x9b0 [ 140.854701][T16059] io_wq_worker+0x22e/0x870 [ 140.859192][T16059] ret_from_fork+0xda/0x150 [ 140.863781][T16059] ret_from_fork_asm+0x1a/0x30 [ 140.868535][T16059] [ 140.870847][T16059] read to 0xffff888119726210 of 4 bytes by task 16059 on cpu 1: [ 140.878462][T16059] io_flush_timeouts+0x56/0x1d0 [ 140.883311][T16059] __io_commit_cqring_flush+0xeb/0x100 [ 140.888770][T16059] io_issue_sqe+0x7cb/0x970 [ 140.893261][T16059] io_wq_submit_work+0x3f7/0x5f0 [ 140.898187][T16059] io_worker_handle_work+0x44e/0x9b0 [ 140.903459][T16059] io_wq_worker+0x22e/0x870 [ 140.907956][T16059] ret_from_fork+0xda/0x150 [ 140.912449][T16059] ret_from_fork_asm+0x1a/0x30 [ 140.917205][T16059] [ 140.919513][T16059] value changed: 0x00000361 -> 0x00000362 [ 140.925212][T16059] [ 140.927618][T16059] Reported by Kernel Concurrency Sanitizer on: [ 140.933750][T16059] CPU: 1 UID: 0 PID: 16059 Comm: iou-wrk-16043 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(voluntary) [ 140.946498][T16059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 140.956540][T16059] ==================================================================