last executing test programs: 1.49477179s ago: executing program 4 (id=3357): r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x1, 0x80, 0x7f, 0x3, 0xc, 0x7, 0x0, 0x8, 0xc000, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x2, 0x46}, 0x0, 0x104, 0x9, 0x7, 0x1e4f, 0x1, 0xa5, 0x0, 0x140000, 0x0, 0xffffffff}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0xf) r1 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) r2 = socket$kcm(0xa, 0x2, 0x0) sendmsg$inet(r2, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x1b, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0xff0e}], 0x4, 0x0, 0x0, 0xa6820000}, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1f00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000000dbeb87dd7f388f04d3b07cc47d2017fe97829a147a5662e2ce383a8cd60ddfb563d978ee9aa82381643aea289593a3adb8e9962c0c7c366ae78fc561a306b0d2cb8fd845e0da560c1e770a37579c381f5339409c6c9be1068ddebfbad6145e0f7d2233b9592ec6529cdd69498481836a198b4ae62d2244d91f8607ceab0dd0e1e3dc9d1590e2f733830b6ddbe6e1a37fa9f986678b8fbf14459e1102d152c6b3905cbec38b22a4fce506be8b75e573b8299d5b25eadccc3917a4a3e2c965b01f0439c7d11ad63ed84bf9453e29538d00137d6b088747b5b40d8a4e8815db047dbdd78d0107559e4a4896a170129969ebff56fb0e5d5a719ddf71e52aaa28afa953b46bfb6dffeb237bc15f4f28f"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1f, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000fcffffff000000008000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r4, 0x10d, 0x80, &(0x7f0000000240), 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/slabinfo\x00', 0x0, 0x0) r5 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_subtree(r5, &(0x7f00000001c0), 0x2, 0x0) r7 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r7, 0x402, 0x8000003d) fcntl$setsig(r7, 0xa, 0x21) r8 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000340)={0x0, &(0x7f0000000340)}, 0x10) r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40201, 0x0) ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000380)={'syzkaller1\x00', 0xc201}) r10 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) write$tun(r9, &(0x7f00000000c0)=ANY=[], 0xffe) utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) write$cgroup_subtree(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="2b63707573657420e80f43d8e45315ff3adc1539d561362a9b85b587"], 0x8) 1.43911788s ago: executing program 1 (id=3359): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffde6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) close(0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000101200000000000000", @ANYRES32, @ANYBLOB="00000000000000a3be00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41000, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000, @void, @value}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0500"/12, @ANYRES32, @ANYBLOB="9281acb07930e4a68346a0c3408784644ed8c300a9d44fb63b57e810e378df127aceab59a494a30f2d9526cd524f5091077b2ee2fda3c9f420f5110e6c9114a10594cf03000000637018a8b47159b1998d3836003cb1016fc640798f5648d821355748fcc0f04c40dc86804d9f2ce6d6eed54b47f23177c7db3a314e319b2f75ee43cd32057d54174004e9dfa785aec95f309c7c9d900c379d25bafbb8b1", @ANYRES64=0x0], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r4}, &(0x7f00000006c0), &(0x7f0000000700)=r3}, 0x20) sendmsg$inet(r2, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) clock_getres(0x2, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10) io_setup(0x7ff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) setsockopt$netlink_NETLINK_NO_ENOBUFS(r7, 0x10e, 0x5, &(0x7f0000000280)=0x8ad1, 0x4) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9, 0x0, 0xa}, 0x18) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setrlimit(0x7, &(0x7f0000000200)={0x5, 0xb}) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r10, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x7, 0x1}}, 0x20) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) socket(0x10, 0x3, 0x0) sendto$inet6(r8, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) 1.39467275s ago: executing program 4 (id=3362): r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001140)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000011200000000000028ed0095"], &(0x7f0000000c00)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000700)=ANY=[@ANYBLOB="d94fbce104c917152f27b659052519769cd80947d0860a6a9f14ca75aec3bddac7df99c833440688a2a2cb08795619bae63e754fe0ff652ec1b925eb3bdef5b4e393f513407b734efc45563986786ed2207420ec757eb58917b7ea0064c47d767785a71c833c8cd1dcd8208ca44985514e87acf92672c46e658aa061daa3a5b5f24b0a40d3642feb2e5399d434b73a562b84adad8f8a4c3ca9a492ccaa6d36d0453167d74d8256cd", @ANYBLOB="b1784df598303f6aa345a5df2704d8a0d6914856e1c5bf44a2793248801dbbaca69673b0e62d2ec2f49cd93d88ae25e755a52289d1195993e6abb7f2a03f0531f9bc6c124d1a8327dc2b7f3197c47106ef0a76c1e25c329a26e53e62e7fb6b47d3e546827e70d473b7be7fe3772792f1354c6bf198ca7b38db9ce0fd5008a206b80678454994b9d631a514dbfb918f29308e497e160fd8ca9d93dad1eb3101ef28b60ab5668bc9c9e0eb18753da69d073c5f8ab635158af4dfa0600766a8b08411193d775f96ec86eb2f602e84f3b01d13f6845c5ac5b26ba6c424f9dabbefe97d897393fa3206a2070615a3dcb7db90170f3c83784bd36e26892d", @ANYRES32], 0x835, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) 1.35025534s ago: executing program 2 (id=3363): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b0000000342930c05100000f1bb498a10d9247f245cd39844edc97cbfdfa6bbac0b9c144836f223c856ea3432508251ae656273c7150ad9e65de7e225315de052b41de759cf8986eef60352d60cbd5b4aa597153d8f1467e694dd26c933d8dd8e572a70546d1f39079f763df7a0a8fe727a9a88", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r1 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r1, 0x0, 0xfffffffffffffde7, 0xfff5, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @mcast1}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000050000000008000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000180000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="7904000000000000000001000000140009000000000000000000000000ff0300000006000a004e210000050002000a"], 0x38}}, 0x0) socket$netlink(0x10, 0x3, 0x0) io_uring_setup(0x6954, &(0x7f0000000080)={0x0, 0x72a9, 0x1000, 0x1, 0x1e5, 0x0, r3}) mq_unlink(&(0x7f0000000000)='fou\x00') bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10) process_vm_readv(0x0, &(0x7f0000000140), 0x100000000000028b, 0x0, 0x12, 0x0) pwritev(r5, &(0x7f0000000080)=[{&(0x7f00000013c0)='\x00!', 0x2}], 0x1, 0x0, 0x0) 1.291248761s ago: executing program 4 (id=3366): socket$inet6_sctp(0xa, 0x5, 0x84) sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x2}, 0x4000000) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @empty}, 0x10) 1.254913111s ago: executing program 2 (id=3368): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) statfs(&(0x7f0000001000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 1.217439122s ago: executing program 4 (id=3370): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) timer_create(0x5, &(0x7f0000000080)={0x0, 0x30}, &(0x7f0000000140)=0x0) timer_delete(r3) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r5}, 0x10) unshare(0x2a060400) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00', @ANYBLOB="796100000000000000007e000000080003", @ANYRES32=0x0, @ANYBLOB="0c0099fff200000038000000"], 0x28}}, 0x4000054) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x2, 0x0, 0x40005, 0xa0398, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3a36d8f0, 0xa5d7}, 0x1, 0x0, 0x0, 0xe6b1c48bba23ec1, 0x10000, 0xffffffff, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) r7 = socket$key(0xf, 0x3, 0x2) stat(&(0x7f0000000500)='./file2\x00', &(0x7f0000000800)) sendmsg$key(r7, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0) 1.195560731s ago: executing program 2 (id=3371): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r2, &(0x7f0000000440), 0x10) listen(r2, 0xf) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000200)="458d1fca4f1d0461442e12c4d90f415ec86aa74e137467ce700772d98322478e00f9", 0x22}], 0x1) r3 = accept4$unix(r2, 0x0, 0x0, 0x0) recvmsg(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=""/68, 0x44}], 0x1}, 0x4c2103a0) 1.191025181s ago: executing program 0 (id=3372): r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x1, 0x80, 0x7f, 0x3, 0xc, 0x7, 0x0, 0x8, 0xc000, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x2, 0x46}, 0x0, 0x104, 0x9, 0x7, 0x1e4f, 0x1, 0xa5, 0x0, 0x140000, 0x0, 0xffffffff}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0xf) r1 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) r2 = socket$kcm(0xa, 0x2, 0x0) sendmsg$inet(r2, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x1b, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0xff0e}], 0x4, 0x0, 0x0, 0xa6820000}, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1f00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000000dbeb87dd7f388f04d3b07cc47d2017fe97829a147a5662e2ce383a8cd60ddfb563d978ee9aa82381643aea289593a3adb8e9962c0c7c366ae78fc561a306b0d2cb8fd845e0da560c1e770a37579c381f5339409c6c9be1068ddebfbad6145e0f7d2233b9592ec6529cdd69498481836a198b4ae62d2244d91f8607ceab0dd0e1e3dc9d1590e2f733830b6ddbe6e1a37fa9f986678b8fbf14459e1102d152c6b3905cbec38b22a4fce506be8b75e573b8299d5b25eadccc3917a4a3e2c965b01f0439c7d11ad63ed84bf9453e29538d00137d6b088747b5b40d8a4e8815db047dbdd78d0107559e4a4896a170129969ebff56fb0e5d5a719ddf71e52aaa28afa953b46bfb6dffeb237bc15f4f28f"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1f, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000fcffffff000000008000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r4, 0x10d, 0x80, &(0x7f0000000240), 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/slabinfo\x00', 0x0, 0x0) r5 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_subtree(r5, &(0x7f00000001c0), 0x2, 0x0) r7 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r7, 0x402, 0x8000003d) fcntl$setsig(r7, 0xa, 0x21) r8 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000340)={0x0, &(0x7f0000000340)}, 0x10) r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40201, 0x0) ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000380)={'syzkaller1\x00', 0xc201}) r10 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) write$tun(r9, &(0x7f00000000c0)=ANY=[], 0xffe) utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) write$cgroup_subtree(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="2b63707573657420e80f43d8e45315ff3adc1539d561362a9b85b587"], 0x8) 1.089361042s ago: executing program 0 (id=3375): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) listen(r2, 0x101) r3 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) 1.042742752s ago: executing program 0 (id=3377): r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001140)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000011200000000000028ed0095"], &(0x7f0000000c00)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000700)=ANY=[@ANYBLOB="d94fbce104c917152f27b659052519769cd80947d0860a6a9f14ca75aec3bddac7df99c833440688a2a2cb08795619bae63e754fe0ff652ec1b925eb3bdef5b4e393f513407b734efc45563986786ed2207420ec757eb58917b7ea0064c47d767785a71c833c8cd1dcd8208ca44985514e87acf92672c46e658aa061daa3a5b5f24b0a40d3642feb2e5399d434b73a562b84adad8f8a4c3ca9a492ccaa6d36d0453167d74d8256cd", @ANYBLOB="b1784df598303f6aa345a5df2704d8a0d6914856e1c5bf44a2793248801dbbaca69673b0e62d2ec2f49cd93d88ae25e755a52289d1195993e6abb7f2a03f0531f9bc6c124d1a8327dc2b7f3197c47106ef0a76c1e25c329a26e53e62e7fb6b47d3e546827e70d473b7be7fe3772792f1354c6bf198ca7b38db9ce0fd5008a206b80678454994b9d631a514dbfb918f29308e497e160fd8ca9d93dad1eb3101ef28b60ab5668bc9c9e0eb18753da69d073c5f8ab635158af4dfa0600766a8b08411193d775f96ec86eb2f602e84f3b01d13f6845c5ac5b26ba6c424f9dabbefe97d897393fa3206a2070615a3dcb7db90170f3c83784bd36e26892d", @ANYRES32], 0x835, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) 940.292343ms ago: executing program 0 (id=3380): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)) ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x50, 0xff, 0x8, 0xfffffffd}]}) 857.173484ms ago: executing program 0 (id=3383): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="18"], 0x50) unshare(0x42000000) mmap(&(0x7f0000164000/0x2000)=nil, 0x2000, 0x1000005, 0x10, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x769f00b363895638, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socket$l2tp(0x2, 0x2, 0x73) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f00000001c0), 0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000940)={r2, 0x2e9, "d656c9a61490b7e8773ca55437fa234c0170c8cbe5ebdd2be903d0f2f3f293a2d3e634319f6d7dcb302630c303d4a221bfbab81b44ec802e71e4b6fa67419e237fb41a26ab414c0fd27d76681ccf3157022592a50678c9650900e2a1efbe8a053a764d669b12049aaf41f70dcfaac678ed9c92f5384c3560fe0445636d9d3e879933377656917eb5bc78c8d8d812d8c3ee7985e269b0e11902f4aafd620c6302c64733e0a06b501f92ea232afc170788c618e985b1ef12f2d4b710724019357f5d8b25dc83d2507d17bceb4ac049345c0b4fefb8444afb85f7977e2fb061da98e91073f9ba63a65e9bed1eb1f546ad5f45601c07ab6f630b2b3e773b60c79f3d92b7a02dec43cdda95a5361dee1cdf3ecc5f637755a0464a4f9d31c91034ea21ececd12283c41addc138fb6b7874b29d16ed2232d91a907ee425d2fe94bbe97a853762be0bd9bff47636e1c63bd40b2ce4e411e2be1e98f0d95d06c3f4a88bc5d13234896dcaf2520905afb8a6dbeac462107cbe46451653284f8de3885697ad7cbd85d94888444fbce51ec904198353184b49399c93a98ef5d5d523ac0b260820ce6cfbe1d26cd8eb6db40fc6cc08b2431a63001f9b989c3bae9ba6fa92a68479c43497a5a17db76b24be87bb00c596fe79ba395db0c68cf80f44d241726f6d18158a4f64bc18a3612a8871cb1e8e69be1682d5d0a409d9bdce6d2fbb37903de8c8d07d35f75fa1027d845fb5fe0df9241855c497a1d9f07d9706abf0265f67f3f802f792f6b73b2303655a2abf3769f073b57f046f914e9d5cc9bd792c909241792441e73e5907bcf68216d15e18f93e9d06dc8e1d8c5217d293064c535ee182ad8b267276070f2c7eb13dbd18f48d369afe1a754bf5dc56d9f8a2ab397ebeab97411c2bc3104679591291b82a77566835d9c9c6c8b7b53473e0850aa23d03073271f57be8a27b0b6b3df1f3de63282db3737374aa3775d8cd0fa4cd50d142299080ff12233547dd32bc6b51c10b94210cba6ce3da027bbcb0882b24fa875fc936ef10cbdb658205"}, &(0x7f0000000200)=0x2f1) unshare(0x62040200) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000010000000000000a20000000000a03000000000000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001"], 0xc4}}, 0x20050800) 830.196964ms ago: executing program 3 (id=3384): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000000)={0x3, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000001040)={0x3, {{0x2, 0x0, @multicast1}}}, 0x88) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = socket$inet_tcp(0x2, 0x1, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10) symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x2) ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22}, {0x2, 0x200, @local}, {0x2, 0x0, @broadcast}, 0x4a, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x3}) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000001ab48299a22f5a2d0000000000003b7300ae0ce9070800000000ffff0000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='signal_deliver\x00', r2, 0x0, 0x3}, 0x18) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3af, 0x4}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0) mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 597.186916ms ago: executing program 3 (id=3385): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffde6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) close(0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000101200000000000000", @ANYRES32, @ANYBLOB="00000000000000a3be00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41000, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000, @void, @value}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0500"/12, @ANYRES32, @ANYBLOB="9281acb07930e4a68346a0c3408784644ed8c300a9d44fb63b57e810e378df127aceab59a494a30f2d9526cd524f5091077b2ee2fda3c9f420f5110e6c9114a10594cf03000000637018a8b47159b1998d3836003cb1016fc640798f5648d821355748fcc0f04c40dc86804d9f2ce6d6eed54b47f23177c7db3a314e319b2f75ee43cd32057d54174004e9dfa785aec95f309c7c9d900c379d25bafbb8b1", @ANYRES64=0x0], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r4}, &(0x7f00000006c0), &(0x7f0000000700)=r3}, 0x20) sendmsg$inet(r2, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) clock_getres(0x2, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10) io_setup(0x7ff, 0x0) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) setsockopt$netlink_NETLINK_NO_ENOBUFS(r7, 0x10e, 0x5, &(0x7f0000000280)=0x8ad1, 0x4) r9 = socket$inet6_sctp(0xa, 0x1, 0x84) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r10, 0x0, 0xa}, 0x18) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setrlimit(0x7, &(0x7f0000000200)={0x5, 0xb}) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r11, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x7, 0x1}}, 0x20) sendto$inet6(r9, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) close_range(r8, 0xffffffffffffffff, 0x0) 562.160506ms ago: executing program 1 (id=3386): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r2, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000800)={@local, @link_local, @val={@void, {0x8100, 0x0, 0x0, 0x4}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0xfffc, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0x0, 0x0, 0x0, {[@mptcp=@syn={0x1e, 0xc, 0x0, 0x1, 0x6, 0x0, 0x6}]}}}}}}}, 0x0) 527.661776ms ago: executing program 1 (id=3387): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0xc, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x800}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="7958000000008a19f11f755b9f81db2e5dec23a1a1832b3951d635c0bc7af9795060f9aeff7373fdffeaf37e0f07639d178c8eebf39a6a406e8a40cf9748a09e22ad51d264c8929eedd14b0713c0446d79aa28fccb14a3048cf7f6499ba8c8716485ceae471e46eadf99047449eb3224d0d77be34365df846abb29c918e0826b38f85aac79dc0da604e304a15dfa7031c58709b2e3621f651a84c96cb8fcb6d0463bf748", @ANYRES32=0x0, @ANYBLOB="88228672a9f7b4de74a8b72141a601cfacd4ff499ed2e441a872b3a30ca5518f65ceea2ef49f4679a602906104f26cc91250c4989c3f55303520c11753c6f70e3e93e6d04d0ba00a41799e8ec6b2f821b59077c43fb6dd180d213288afbb7b9afb6dc61333f3998249", @ANYRES8, @ANYRESHEX], 0x1c}}, 0x4000054) 469.815866ms ago: executing program 1 (id=3388): bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000340)='./file0/file0\x00', 0x300000e, &(0x7f0000000540)={[{@inlinecrypt}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}, {@barrier}, {@nodioread_nolock}], [{@smackfsfloor={'smackfsfloor', 0x3d, '\\}'}}, {@appraise}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs") socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001140)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000011200000000000028ed0095"], &(0x7f0000000c00)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0) 465.874227ms ago: executing program 3 (id=3389): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000010000000000000a20000000000a03000000000000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001"], 0xc4}}, 0x20050800) 432.895647ms ago: executing program 3 (id=3390): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x318a054d}, 0x18) r2 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r2, &(0x7f0000000380)={0x1d, r3, 0x1, {0x0, 0x0, 0x1}, 0xff}, 0x18) sendmmsg$sock(r2, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="1f", 0x1}], 0x1}}], 0x1, 0x0) 391.150147ms ago: executing program 3 (id=3391): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD") chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x3800) writev(r0, 0x0, 0x0) r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r1, &(0x7f0000001fc0)=""/184, 0x18) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESDEC, @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES8], 0x1, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) kexec_load(0x0, 0x0, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) 280.136227ms ago: executing program 2 (id=3392): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010100000000000000000a0000000900010073797a300000000048000000030a010200000000000000000a0000000900010073797a30000000000900030073797a3100000000080007006e617400140004800800014000000000080002"], 0xa4}}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810100850000006d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xe, 0xd, &(0x7f00000000c0)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x1}, @exit, @printk={@ld={0x18, 0x0}, {}, {0x5}, {}, {}, {}, {0x85, 0x0, 0x0, 0x48}}]}, &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x13b1da23e40bac61, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001400)={{r4}, 0x0, &(0x7f00000013c0)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) r5 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000600)=@filter={'filter\x00', 0xc, 0x4, 0x268, 0xffffffff, 0x130, 0x98, 0x0, 0x98, 0xffffffff, 0x1d0, 0x1d0, 0x90, 0x98, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@local, @broadcast, 0x0, 0x0, 'ip6tnl0\x00', 'hsr0\x00'}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8) 279.502988ms ago: executing program 4 (id=3393): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)) ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x50, 0xff, 0x8, 0xfffffffd}]}) 242.408188ms ago: executing program 2 (id=3394): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a18010000090a010400000000000000000100000008000a40000000000900020073797a32000010000900010073797a3000000000080005400000002cd40009800800014000000006c80002800c00018008000140000000032400018008000140000000070800014000000008080001400000000908000140000000080c000180080001400000000a24000180080001400000000608000140000000ff080001400000000208000140000000013400018008000140764f15e208000140000000000800014000000007ebfd014000000000080001400000000908000140000000001c000180080001400000002808000140000000cb0800014000000003140001800800014000000005080001400000000108000340000000a4"], 0x140}}, 0x0) r1 = fsopen(&(0x7f00000002c0)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000000)='-{\x00', &(0x7f0000000040)="c30f8822", 0x4) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000200)=0x4) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10) r6 = dup(0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}}) 203.329408ms ago: executing program 1 (id=3395): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_buf(r0, 0x29, 0xd1, 0x0, 0x0) (fail_nth: 1) 203.031328ms ago: executing program 3 (id=3396): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000880)={[{@nodiscard}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@nojournal_checksum}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c") 160.780339ms ago: executing program 4 (id=3397): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a18010000090a010400000000000000000100000008000a40000000000900020073797a32000010000900010073797a3000000000080005400000002cd40009800800014000000006c80002800c00018008000140000000032400018008000140000000070800014000000008080001400000000908000140000000080c000180080001400000000a24000180080001400000000608000140000000ff080001400000000208000140000000013400018008000140764f15e208000140000000000800014000000007ebfd014000000000080001400000000908000140000000001c000180080001400000002808000140000000cb0800014000000003140001800800014000000005080001400000000108000340000000a4"], 0x140}}, 0x0) r1 = fsopen(&(0x7f00000002c0)='binfmt_misc\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000000)='-{\x00', &(0x7f0000000040)="c30f8822", 0x4) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000200)=0x4) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10) r6 = dup(r4) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}}) 130.813929ms ago: executing program 2 (id=3398): r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x1c}}, 0x1) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) bind$unix(r3, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r3, 0x0) connect$unix(r2, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(r3, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r4}, 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x21ee, 0x4) sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800) recvfrom(r0, 0x0, 0x2a, 0x2101, 0x0, 0x0) 1.07957ms ago: executing program 1 (id=3399): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0xc, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x800}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="7958000000008a19f11f755b9f81db2e5dec23a1a1832b3951d635c0bc7af9795060f9aeff7373fdffeaf37e0f07639d178c8eebf39a6a406e8a40cf9748a09e22ad51d264c8929eedd14b0713c0446d79aa28fccb14a3048cf7f6499ba8c8716485ceae471e46eadf99047449eb3224d0d77be34365df846abb29c918e0826b38f85aac79dc0da604e304a15dfa7031c58709b2e3621f651a84c96cb8fcb6d0463bf748", @ANYRES32=0x0, @ANYBLOB="88228672a9f7b4de74a8b72141a601cfacd4ff499ed2e441a872b3a30ca5518f65ceea2ef49f4679a602906104f26cc91250c4989c3f55303520c11753c6f70e3e93e6d04d0ba00a41799e8ec6b2f821b59077c43fb6dd180d213288afbb7b9afb6dc61333f3998249", @ANYRES8, @ANYRESHEX], 0x1c}}, 0x4000054) 0s ago: executing program 0 (id=3400): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000800)={@local, @link_local, @val={@void, {0x8100, 0x0, 0x0, 0x4}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0xfffc, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0x0, 0x0, 0x0, {[@mptcp=@syn={0x1e, 0xc, 0x0, 0x1, 0x6, 0x0, 0x6}]}}}}}}}, 0x0) kernel console output (not intermixed with test programs): 3300][T16338] x64_sys_call+0xc64/0x2dc0 [ 250.643386][T16338] do_syscall_64+0xc9/0x1c0 [ 250.643499][T16338] ? clear_bhb_loop+0x55/0xb0 [ 250.643537][T16338] ? clear_bhb_loop+0x55/0xb0 [ 250.643564][T16338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.643598][T16338] RIP: 0033:0x7fdd0c95d169 [ 250.643616][T16338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.643642][T16338] RSP: 002b:00007fdd0afc1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 250.643663][T16338] RAX: ffffffffffffffda RBX: 00007fdd0cb75fa0 RCX: 00007fdd0c95d169 [ 250.643675][T16338] RDX: 0000000000000000 RSI: 0000400000000240 RDI: 0000000000000003 [ 250.643686][T16338] RBP: 00007fdd0afc1090 R08: 0000000000000000 R09: 0000000000000000 [ 250.643697][T16338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 250.643709][T16338] R13: 0000000000000000 R14: 00007fdd0cb75fa0 R15: 00007ffe3e6c8e38 [ 250.643726][T16338] [ 250.652082][T16334] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 250.728796][T16332] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 250.870505][T16332] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 250.882980][T16332] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 250.893134][T16334] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.906614][T16332] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c02c, mo2=0002] [ 250.914992][T16334] ext4 filesystem being mounted at /488/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 250.915629][T16332] System zones: 0-2, 18-18, 34-34 [ 250.931296][T16344] loop0: detected capacity change from 0 to 512 [ 250.936599][T16332] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.2311: couldn't read orphan inode 15 (err -116) [ 250.952273][T16344] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 250.962914][T16332] EXT4-fs (loop2): Remounting filesystem read-only [ 250.969834][T16332] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.982474][T16332] SELinux: (dev loop2, type ext2) getxattr errno 5 [ 250.990566][T16332] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.002805][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.026706][T16344] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.076291][T16344] ext4 filesystem being mounted at /463/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 251.100127][T16361] SELinux: syz.3.2323 (16361) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 251.122611][T16344] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.261043][T16387] SELinux: syz.0.2337 (16387) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 251.288855][T16389] loop3: detected capacity change from 0 to 512 [ 251.295937][T16389] EXT4-fs: Ignoring removed bh option [ 251.334219][T16389] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 251.343413][T16389] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 251.370676][T16397] netlink: 'syz.1.2343': attribute type 21 has an invalid length. [ 251.383323][T16397] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2343'. [ 251.392453][T16397] netlink: 'syz.1.2343': attribute type 1 has an invalid length. [ 251.402320][T16389] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 251.412946][T16395] SELinux: syz.4.2341 (16395) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 251.427277][T16389] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c02c, mo2=0002] [ 251.452134][T16389] System zones: 0-2, 18-18, 34-34 [ 251.457988][T16389] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.2338: couldn't read orphan inode 15 (err -116) [ 251.462188][T16389] EXT4-fs (loop3): Remounting filesystem read-only [ 251.462492][T16389] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.462528][T16389] SELinux: (dev loop3, type ext2) getxattr errno 5 [ 251.554798][T16407] loop3: detected capacity change from 0 to 512 [ 251.580877][T16407] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 251.603881][T16407] ext4 filesystem being mounted at /493/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 251.735123][T16437] loop3: detected capacity change from 0 to 1024 [ 251.743868][T16434] loop0: detected capacity change from 0 to 512 [ 251.748447][T16437] EXT4-fs: Ignoring removed nobh option [ 251.755959][T16437] EXT4-fs: Ignoring removed bh option [ 251.764804][T16434] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 251.785714][T16434] ext4 filesystem being mounted at /474/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 251.798854][T16446] netlink: 'syz.4.2362': attribute type 21 has an invalid length. [ 251.806917][T16446] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2362'. [ 251.816124][T16446] netlink: 'syz.4.2362': attribute type 1 has an invalid length. [ 251.860892][T16453] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 251.874307][T16453] netlink: 180900 bytes leftover after parsing attributes in process `syz.0.2363'. [ 251.884813][T16453] netlink: zone id is out of range [ 251.890076][T16453] netlink: zone id is out of range [ 251.912262][T16453] netlink: zone id is out of range [ 251.912331][T16453] netlink: zone id is out of range [ 251.912457][T16453] netlink: zone id is out of range [ 251.912553][T16453] netlink: zone id is out of range [ 251.912614][T16453] netlink: zone id is out of range [ 251.912829][T16453] netlink: zone id is out of range [ 251.912837][T16453] netlink: zone id is out of range [ 251.912899][T16453] netlink: zone id is out of range [ 251.984204][T16453] loop0: detected capacity change from 0 to 512 [ 251.992111][T16453] EXT4-fs: Ignoring removed oldalloc option [ 251.992290][T16453] ext4: Unknown parameter 'appraise_type' [ 252.032736][T16464] SELinux: syz.2.2368 (16464) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 252.073938][T16453] lo speed is unknown, defaulting to 1000 [ 252.096357][T16467] loop4: detected capacity change from 0 to 512 [ 252.099404][T16467] ext4 filesystem being mounted at /477/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 252.637495][T16503] loop1: detected capacity change from 0 to 512 [ 252.656808][T16503] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 252.669759][T16507] loop3: detected capacity change from 0 to 512 [ 252.689916][T16507] EXT4-fs: Ignoring removed bh option [ 252.702967][T16507] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 252.712244][T16507] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 252.732378][T16503] ext4 filesystem being mounted at /397/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 252.741359][T16507] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 252.756469][T16507] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c02c, mo2=0002] [ 252.789082][T16507] System zones: 0-2, 18-18, 34-34 [ 252.796020][T16507] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.2375: couldn't read orphan inode 15 (err -116) [ 252.842341][T16507] EXT4-fs (loop3): Remounting filesystem read-only [ 252.859233][T16526] loop1: detected capacity change from 0 to 512 [ 252.877199][T16507] SELinux: (dev loop3, type ext2) getxattr errno 5 [ 252.888921][T16526] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 252.928226][T16526] ext4 filesystem being mounted at /398/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.072689][T16551] loop2: detected capacity change from 0 to 512 [ 253.112037][T16574] loop1: detected capacity change from 0 to 512 [ 253.151011][T16574] ext4 filesystem being mounted at /399/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 253.233169][T16581] loop4: detected capacity change from 0 to 512 [ 253.245958][T16584] loop2: detected capacity change from 0 to 512 [ 253.269146][T16581] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 253.277786][T16586] loop3: detected capacity change from 0 to 164 [ 253.303715][T16589] SELinux: syz.1.2385 (16589) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 253.346092][T16591] SELinux: syz.1.2386 (16591) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 253.374097][T16584] EXT4-fs: Ignoring removed i_version option [ 253.380270][T16584] EXT4-fs: Ignoring removed mblk_io_submit option [ 253.467257][T16584] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 253.484241][T16581] ext4 filesystem being mounted at /479/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.499582][T16584] EXT4-fs (loop2): 1 truncate cleaned up [ 253.520348][ T30] kauditd_printk_skb: 110 callbacks suppressed [ 253.520366][ T30] audit: type=1400 audit(1741410708.290:20927): avc: denied { sqpoll } for pid=16585 comm="syz.3.2384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 253.656823][T16586] usb usb8: usbfs: process 16586 (syz.3.2384) did not claim interface 0 before use [ 253.696134][ T30] audit: type=1326 audit(1741410708.470:20928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16601 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 253.720024][ T30] audit: type=1326 audit(1741410708.470:20929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16601 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 253.744459][ T30] audit: type=1326 audit(1741410708.470:20930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16601 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 253.768132][ T30] audit: type=1326 audit(1741410708.470:20931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16601 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 253.792057][ T30] audit: type=1326 audit(1741410708.470:20932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16601 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 253.816026][ T30] audit: type=1326 audit(1741410708.470:20933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16601 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 253.840417][ T30] audit: type=1326 audit(1741410708.470:20934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16601 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 253.864457][ T30] audit: type=1326 audit(1741410708.470:20935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16601 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 253.888163][ T30] audit: type=1326 audit(1741410708.470:20936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16601 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 253.996941][T16614] loop3: detected capacity change from 0 to 512 [ 254.007917][T16614] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 254.098189][T16617] netlink: 'syz.0.2394': attribute type 21 has an invalid length. [ 254.124723][T16614] ext4 filesystem being mounted at /502/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 254.166732][T16617] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2394'. [ 254.175873][T16617] netlink: 'syz.0.2394': attribute type 1 has an invalid length. [ 254.326031][T16633] SELinux: syz.0.2399 (16633) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 254.416502][T16650] loop2: detected capacity change from 0 to 512 [ 254.425180][T16650] EXT4-fs (loop2): orphan cleanup on readonly fs [ 254.438977][T16650] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2404: bg 0: block 248: padding at end of block bitmap is not set [ 254.475329][T16650] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.2404: Failed to acquire dquot type 1 [ 254.532891][T16650] EXT4-fs (loop2): 1 truncate cleaned up [ 254.560100][T16667] SELinux: syz.3.2408 (16667) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 254.579145][T16650] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 254.605123][T16650] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 254.620637][T16650] syz.2.2404 (16650) used greatest stack depth: 9208 bytes left [ 254.700725][T16681] loop2: detected capacity change from 0 to 512 [ 254.729358][T16681] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 254.781718][T16681] ext4 filesystem being mounted at /530/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 255.009581][T16733] loop3: detected capacity change from 0 to 512 [ 255.025937][T16733] EXT4-fs: Ignoring removed bh option [ 255.031787][T16733] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 255.041049][T16733] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 255.054872][T16737] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2420'. [ 255.064682][T16737] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 255.074722][T16733] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 255.086560][T16733] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c02c, mo2=0002] [ 255.095089][T16733] System zones: 0-2, 18-18, 34-34 [ 255.100661][T16733] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.2417: couldn't read orphan inode 15 (err -116) [ 255.114615][T16733] EXT4-fs (loop3): Remounting filesystem read-only [ 255.122507][T16733] SELinux: (dev loop3, type ext2) getxattr errno 5 [ 255.169856][T16742] hub 6-0:1.0: USB hub found [ 255.174996][T16742] hub 6-0:1.0: 8 ports detected [ 255.248322][T16752] loop1: detected capacity change from 0 to 512 [ 255.318810][T16758] FAULT_INJECTION: forcing a failure. [ 255.318810][T16758] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 255.332226][T16758] CPU: 1 UID: 0 PID: 16758 Comm: syz.3.2429 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0 [ 255.332251][T16758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 255.332265][T16758] Call Trace: [ 255.332274][T16758] [ 255.332285][T16758] dump_stack_lvl+0xf2/0x150 [ 255.332370][T16758] dump_stack+0x15/0x1a [ 255.332398][T16758] should_fail_ex+0x24a/0x260 [ 255.332433][T16758] should_fail+0xb/0x10 [ 255.332537][T16758] should_fail_usercopy+0x1a/0x20 [ 255.332568][T16758] _copy_from_user+0x1c/0xa0 [ 255.332587][T16758] kstrtouint_from_user+0x76/0xe0 [ 255.332686][T16758] ? 0xffffffff81000000 [ 255.332699][T16758] ? selinux_file_permission+0x22a/0x360 [ 255.332794][T16758] proc_fail_nth_write+0x4f/0x150 [ 255.332827][T16758] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 255.332863][T16758] vfs_write+0x27d/0x920 [ 255.332987][T16758] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 255.333026][T16758] ? j1939_sk_setsockopt_flag+0xa2/0x170 [ 255.333062][T16758] ? j1939_sk_setsockopt+0x34a/0x640 [ 255.333094][T16758] ksys_write+0xe8/0x1b0 [ 255.333192][T16758] __x64_sys_write+0x42/0x50 [ 255.333224][T16758] x64_sys_call+0x287e/0x2dc0 [ 255.333312][T16758] do_syscall_64+0xc9/0x1c0 [ 255.333348][T16758] ? clear_bhb_loop+0x55/0xb0 [ 255.333381][T16758] ? clear_bhb_loop+0x55/0xb0 [ 255.333415][T16758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.333528][T16758] RIP: 0033:0x7f737466bc1f [ 255.333546][T16758] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 255.333594][T16758] RSP: 002b:00007f7372cd7030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 255.333661][T16758] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f737466bc1f [ 255.333681][T16758] RDX: 0000000000000001 RSI: 00007f7372cd70a0 RDI: 0000000000000004 [ 255.333695][T16758] RBP: 00007f7372cd7090 R08: 0000000000000000 R09: 0000000000000000 [ 255.333731][T16758] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 255.333746][T16758] R13: 0000000000000000 R14: 00007f7374885fa0 R15: 00007ffd89f9c608 [ 255.333770][T16758] [ 255.584041][T16762] SELinux: syz.1.2431 (16762) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 255.670879][T16773] loop3: detected capacity change from 0 to 512 [ 255.679979][T16773] EXT4-fs: Ignoring removed bh option [ 255.707099][T16773] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 255.707121][T16773] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 255.722494][T16773] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 255.761653][T16773] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c02c, mo2=0002] [ 255.769950][T16773] System zones: 0-2, 18-18, 34-34 [ 255.792814][T16773] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.2437: couldn't read orphan inode 15 (err -116) [ 255.793074][T16773] EXT4-fs (loop3): Remounting filesystem read-only [ 255.793735][T16773] SELinux: (dev loop3, type ext2) getxattr errno 5 [ 255.804892][T16785] loop2: detected capacity change from 0 to 512 [ 255.840121][T16785] EXT4-fs: Ignoring removed oldalloc option [ 255.846689][T16785] ext4: Unknown parameter 'appraise_type' [ 255.925172][T16794] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 255.939352][T16796] FAULT_INJECTION: forcing a failure. [ 255.939352][T16796] name failslab, interval 1, probability 0, space 0, times 0 [ 255.952269][T16796] CPU: 0 UID: 0 PID: 16796 Comm: syz.3.2447 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0 [ 255.952323][T16796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 255.952337][T16796] Call Trace: [ 255.952345][T16796] [ 255.952354][T16796] dump_stack_lvl+0xf2/0x150 [ 255.952387][T16796] dump_stack+0x15/0x1a [ 255.952433][T16796] should_fail_ex+0x24a/0x260 [ 255.952519][T16796] should_failslab+0x8f/0xb0 [ 255.952551][T16796] __kmalloc_noprof+0xab/0x3f0 [ 255.952648][T16796] ? bpf_test_init+0xa9/0x140 [ 255.952682][T16796] bpf_test_init+0xa9/0x140 [ 255.952715][T16796] bpf_prog_test_run_flow_dissector+0x126/0x350 [ 255.952794][T16796] ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10 [ 255.952859][T16796] bpf_prog_test_run+0x20f/0x3a0 [ 255.952898][T16796] __sys_bpf+0x400/0x7a0 [ 255.952941][T16796] __x64_sys_bpf+0x43/0x50 [ 255.953015][T16796] x64_sys_call+0x2914/0x2dc0 [ 255.953048][T16796] do_syscall_64+0xc9/0x1c0 [ 255.953090][T16796] ? clear_bhb_loop+0x55/0xb0 [ 255.953196][T16796] ? clear_bhb_loop+0x55/0xb0 [ 255.953245][T16796] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.953279][T16796] RIP: 0033:0x7f737466d169 [ 255.953297][T16796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.953317][T16796] RSP: 002b:00007f7372cd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 255.953337][T16796] RAX: ffffffffffffffda RBX: 00007f7374885fa0 RCX: 00007f737466d169 [ 255.953350][T16796] RDX: 0000000000000050 RSI: 0000400000000000 RDI: 000000000000000a [ 255.953430][T16796] RBP: 00007f7372cd7090 R08: 0000000000000000 R09: 0000000000000000 [ 255.953447][T16796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 255.953462][T16796] R13: 0000000000000000 R14: 00007f7374885fa0 R15: 00007ffd89f9c608 [ 255.953484][T16796] [ 255.954028][T16794] netlink: 180900 bytes leftover after parsing attributes in process `syz.0.2445'. [ 256.008852][T16799] loop2: detected capacity change from 0 to 512 [ 256.048220][T16800] loop0: detected capacity change from 0 to 512 [ 256.176487][T16799] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 256.203228][T16806] loop3: detected capacity change from 0 to 512 [ 256.213702][T16800] EXT4-fs: Ignoring removed oldalloc option [ 256.219985][T16800] ext4: Unknown parameter 'appraise_type' [ 256.230399][T16806] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 256.312653][T16806] ext4 filesystem being mounted at /524/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 256.773000][T16816] loop1: detected capacity change from 0 to 512 [ 256.834529][T16816] EXT4-fs: Ignoring removed oldalloc option [ 256.911160][T16816] ext4: Unknown parameter 'appraise_type' [ 257.030798][T16826] loop1: detected capacity change from 0 to 512 [ 257.046494][T16818] lo speed is unknown, defaulting to 1000 [ 257.077506][T16828] loop2: detected capacity change from 0 to 512 [ 257.091700][T16826] EXT4-fs (loop1): orphan cleanup on readonly fs [ 257.099659][T16828] ext4 filesystem being mounted at /542/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 257.164949][T16826] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2458: bg 0: block 248: padding at end of block bitmap is not set [ 257.209514][T16826] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.2458: Failed to acquire dquot type 1 [ 257.277124][T16826] EXT4-fs (loop1): 1 truncate cleaned up [ 257.318354][T16826] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 257.342259][T16826] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 257.476892][T16883] loop2: detected capacity change from 0 to 512 [ 257.506679][T16884] loop4: detected capacity change from 0 to 512 [ 257.522190][T16884] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 257.559528][T16883] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 257.571843][T16888] SELinux: syz.1.2464 (16888) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 257.603692][T16883] ext4 filesystem being mounted at /545/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 257.615558][T16884] ext4 filesystem being mounted at /491/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 257.665943][T16898] loop1: detected capacity change from 0 to 512 [ 257.700536][T16902] SELinux: syz.0.2470 (16902) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 257.721550][T16898] EXT4-fs: Ignoring removed bh option [ 257.746919][T16898] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 257.756260][T16898] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 257.791785][T16898] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 257.856222][T16898] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c02c, mo2=0002] [ 257.875398][T16912] loop2: detected capacity change from 0 to 512 [ 257.901013][T16898] System zones: 0-2, 18-18, 34-34 [ 257.914963][T16912] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 257.923774][T16898] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.2469: couldn't read orphan inode 15 (err -116) [ 257.957620][T16898] EXT4-fs (loop1): Remounting filesystem read-only [ 257.983875][T16912] ext4 filesystem being mounted at /547/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 257.995706][T16898] SELinux: (dev loop1, type ext2) getxattr errno 5 [ 258.161909][T16935] SELinux: syz.4.2485 (16935) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 258.184883][T16937] loop2: detected capacity change from 0 to 512 [ 258.192349][T16937] EXT4-fs: inline encryption not supported [ 258.238434][T16937] ext4 filesystem being mounted at /549/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 258.260271][T16937] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #2: comm syz.2.2484: corrupted inode contents [ 258.319808][T16937] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #2: comm syz.2.2484: mark_inode_dirty error [ 258.331706][T16937] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #2: comm syz.2.2484: corrupted inode contents [ 258.378868][T16937] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #2: comm syz.2.2484: mark_inode_dirty error [ 258.403325][T16956] loop1: detected capacity change from 0 to 512 [ 258.421235][T16956] EXT4-fs: Ignoring removed oldalloc option [ 258.427564][T16956] ext4: Unknown parameter 'appraise_type' [ 258.487305][T16960] SELinux: syz.2.2495 (16960) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 258.560541][T16964] SELinux: syz.4.2497 (16964) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 258.642104][ T30] kauditd_printk_skb: 254 callbacks suppressed [ 258.642119][ T30] audit: type=1326 audit(1741410713.410:21185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16967 comm="syz.2.2499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 258.672064][ T30] audit: type=1326 audit(1741410713.410:21186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16967 comm="syz.2.2499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 258.695728][ T30] audit: type=1326 audit(1741410713.410:21187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16967 comm="syz.2.2499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 258.719561][ T30] audit: type=1326 audit(1741410713.410:21188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16967 comm="syz.2.2499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 258.743204][ T30] audit: type=1326 audit(1741410713.410:21189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16967 comm="syz.2.2499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 258.866404][ T30] audit: type=1326 audit(1741410713.640:21190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16981 comm="syz.4.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 258.890215][ T30] audit: type=1326 audit(1741410713.640:21191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16981 comm="syz.4.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 258.890260][ T30] audit: type=1326 audit(1741410713.640:21192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16981 comm="syz.4.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 258.890305][ T30] audit: type=1326 audit(1741410713.640:21193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16981 comm="syz.4.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 258.961514][ T30] audit: type=1326 audit(1741410713.640:21194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16981 comm="syz.4.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca28cd169 code=0x7ffc0000 [ 259.061562][T16992] loop4: detected capacity change from 0 to 512 [ 259.071238][T16992] EXT4-fs: Ignoring removed bh option [ 259.077417][T16992] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 259.086661][T16992] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 259.102956][T16992] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 259.115289][T16992] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c02c, mo2=0002] [ 259.125735][T16992] System zones: 0-2, 18-18, 34-34 [ 259.131470][T16992] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.2511: couldn't read orphan inode 15 (err -116) [ 259.144048][T16992] EXT4-fs (loop4): Remounting filesystem read-only [ 259.151108][T16992] SELinux: (dev loop4, type ext2) getxattr errno 5 [ 259.385204][T17019] netlink: 'syz.1.2522': attribute type 21 has an invalid length. [ 259.409021][T17024] loop4: detected capacity change from 0 to 512 [ 259.424833][T17019] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2522'. [ 259.434212][T17019] netlink: 'syz.1.2522': attribute type 1 has an invalid length. [ 259.459954][T17024] EXT4-fs: inline encryption not supported [ 259.494881][T17024] ext4 filesystem being mounted at /509/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 259.520876][T17024] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.2524: corrupted inode contents [ 259.521131][T17024] EXT4-fs error (device loop4): ext4_dirty_inode:6042: inode #2: comm syz.4.2524: mark_inode_dirty error [ 259.564589][T17024] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.2524: corrupted inode contents [ 259.580831][T17024] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.2524: mark_inode_dirty error [ 259.606815][T17043] SELinux: syz.1.2527 (17043) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 259.648086][T17048] loop0: detected capacity change from 0 to 512 [ 259.926842][T17088] SELinux: syz.4.2540 (17088) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 260.106207][T17123] loop4: detected capacity change from 0 to 512 [ 260.121621][T17123] EXT4-fs: inline encryption not supported [ 260.136257][T17125] SELinux: syz.2.2543 (17125) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 260.170558][T17123] ext4 filesystem being mounted at /513/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 260.186682][T17123] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.2542: corrupted inode contents [ 260.199248][T17123] EXT4-fs error (device loop4): ext4_dirty_inode:6042: inode #2: comm syz.4.2542: mark_inode_dirty error [ 260.233835][T17123] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.2542: corrupted inode contents [ 260.248716][T17134] loop2: detected capacity change from 0 to 512 [ 260.250803][T17123] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.2542: mark_inode_dirty error [ 260.262683][T17134] EXT4-fs: Ignoring removed bh option [ 260.278622][T17134] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 260.287961][T17134] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 260.297765][T17134] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 260.306889][T17134] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c02c, mo2=0002] [ 260.315187][T17134] System zones: 0-2, 18-18, 34-34 [ 260.320663][T17134] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.2547: couldn't read orphan inode 15 (err -116) [ 260.332920][T17134] EXT4-fs (loop2): Remounting filesystem read-only [ 260.340347][T17134] SELinux: (dev loop2, type ext2) getxattr errno 5 [ 260.430045][T17148] netlink: 'syz.2.2552': attribute type 21 has an invalid length. [ 260.438622][T17148] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2552'. [ 260.438644][T17148] netlink: 'syz.2.2552': attribute type 1 has an invalid length. [ 260.593292][T17165] loop0: detected capacity change from 0 to 512 [ 260.604452][T17165] EXT4-fs: inline encryption not supported [ 260.621830][T17165] ext4 filesystem being mounted at /510/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 260.636673][T17165] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #2: comm syz.0.2561: corrupted inode contents [ 260.658009][T17168] hub 6-0:1.0: USB hub found [ 260.673126][T17165] EXT4-fs error (device loop0): ext4_dirty_inode:6042: inode #2: comm syz.0.2561: mark_inode_dirty error [ 260.675226][T17168] hub 6-0:1.0: 8 ports detected [ 260.695901][T17165] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #2: comm syz.0.2561: corrupted inode contents [ 260.712048][T17165] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #2: comm syz.0.2561: mark_inode_dirty error [ 260.763042][T17174] loop4: detected capacity change from 0 to 512 [ 260.784649][T17174] EXT4-fs (loop4): orphan cleanup on readonly fs [ 260.791745][T17174] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2564: bg 0: block 248: padding at end of block bitmap is not set [ 260.828521][T17174] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2564: Failed to acquire dquot type 1 [ 260.843269][T17174] EXT4-fs (loop4): 1 truncate cleaned up [ 260.902368][T17174] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 260.944387][T17174] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 260.972347][T17184] loop1: detected capacity change from 0 to 1024 [ 260.995577][T17184] EXT4-fs: Ignoring removed nobh option [ 261.001218][T17184] EXT4-fs: Ignoring removed bh option [ 261.090835][T17201] loop2: detected capacity change from 0 to 512 [ 261.111705][T17201] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 261.144729][T17201] ext4 filesystem being mounted at /575/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 261.202738][T17213] SELinux: syz.4.2579 (17213) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 261.338215][T17224] loop2: detected capacity change from 0 to 1024 [ 261.355756][T17224] EXT4-fs: Ignoring removed nobh option [ 261.361430][T17224] EXT4-fs: Ignoring removed bh option [ 261.451165][T17239] netlink: 'syz.2.2591': attribute type 21 has an invalid length. [ 261.459743][T17239] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2591'. [ 261.469240][T17239] netlink: 'syz.2.2591': attribute type 1 has an invalid length. [ 261.502868][T17243] SELinux: syz.2.2593 (17243) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 261.547575][T17248] loop2: detected capacity change from 0 to 1024 [ 261.842603][T17272] netlink: 'syz.0.2606': attribute type 21 has an invalid length. [ 261.850792][T17272] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2606'. [ 261.859941][T17272] netlink: 'syz.0.2606': attribute type 1 has an invalid length. [ 261.908595][T17277] loop0: detected capacity change from 0 to 512 [ 261.917053][T17277] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 261.947370][T17277] ext4 filesystem being mounted at /515/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 262.113847][T17298] loop1: detected capacity change from 0 to 512 [ 262.141098][T17298] EXT4-fs: Ignoring removed i_version option [ 262.142609][T17301] loop2: detected capacity change from 0 to 512 [ 262.147351][T17298] EXT4-fs: Ignoring removed mblk_io_submit option [ 262.160984][T17301] EXT4-fs: inline encryption not supported [ 262.168792][T17298] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 262.184926][T17298] EXT4-fs (loop1): 1 truncate cleaned up [ 262.234260][T17301] ext4 filesystem being mounted at /587/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 262.313220][T17298] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2618'. [ 262.324576][T17298] 9pnet_fd: Insufficient options for proto=fd [ 262.355499][T17301] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #2: comm syz.2.2619: corrupted inode contents [ 262.367598][T17301] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #2: comm syz.2.2619: mark_inode_dirty error [ 262.379807][T17301] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #2: comm syz.2.2619: corrupted inode contents [ 262.392380][T17301] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #2: comm syz.2.2619: mark_inode_dirty error [ 262.905532][T17350] loop2: detected capacity change from 0 to 512 [ 262.976877][T17350] loop2: detected capacity change from 0 to 1024 [ 262.983844][T17350] EXT4-fs: Ignoring removed orlov option [ 262.989746][T17350] EXT4-fs: Ignoring removed nomblk_io_submit option [ 263.102836][T17374] loop1: detected capacity change from 0 to 512 [ 263.129837][T17350] lo speed is unknown, defaulting to 1000 [ 263.147411][T17374] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 263.224363][T17374] ext4 filesystem being mounted at /456/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 263.451185][T17409] loop2: detected capacity change from 0 to 512 [ 263.472670][T17409] EXT4-fs: Ignoring removed bh option [ 263.490803][T17409] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 263.500547][T17409] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 263.517534][T17409] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 263.527276][T17409] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c02c, mo2=0002] [ 263.544724][T17409] System zones: 0-2, 18-18, 34-34 [ 263.627533][T17409] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.2644: couldn't read orphan inode 15 (err -116) [ 263.674381][T17409] EXT4-fs (loop2): Remounting filesystem read-only [ 263.674986][T17409] SELinux: (dev loop2, type ext2) getxattr errno 5 [ 263.768851][T17455] loop2: detected capacity change from 0 to 512 [ 263.778570][T17455] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 263.805016][T17455] ext4 filesystem being mounted at /595/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 263.848627][ T30] kauditd_printk_skb: 305 callbacks suppressed [ 263.848644][ T30] audit: type=1326 audit(1741410718.620:21495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17467 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f737466d169 code=0x7ffc0000 [ 263.883323][ T30] audit: type=1326 audit(1741410718.650:21496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17467 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f737466d169 code=0x7ffc0000 [ 263.907773][ T30] audit: type=1326 audit(1741410718.650:21497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17467 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f737466d169 code=0x7ffc0000 [ 263.932566][ T30] audit: type=1326 audit(1741410718.650:21498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17467 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f737466d169 code=0x7ffc0000 [ 263.956548][ T30] audit: type=1326 audit(1741410718.650:21499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17467 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f737466d169 code=0x7ffc0000 [ 263.983347][ T30] audit: type=1326 audit(1741410718.650:21500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17467 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f737466d169 code=0x7ffc0000 [ 264.009482][ T30] audit: type=1326 audit(1741410718.650:21501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17467 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f737466d169 code=0x7ffc0000 [ 264.021281][T17477] loop2: detected capacity change from 0 to 512 [ 264.035209][ T30] audit: type=1326 audit(1741410718.650:21502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17467 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f737466d169 code=0x7ffc0000 [ 264.067116][ T30] audit: type=1326 audit(1741410718.650:21503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17467 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f737466d169 code=0x7ffc0000 [ 264.091448][ T30] audit: type=1326 audit(1741410718.650:21504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17467 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f737466d169 code=0x7ffc0000 [ 264.365254][T17517] loop3: detected capacity change from 0 to 512 [ 264.388906][T17517] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 264.427034][T17517] ext4 filesystem being mounted at /551/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 264.479320][T17533] loop4: detected capacity change from 0 to 512 [ 264.536365][T17539] loop4: detected capacity change from 0 to 512 [ 264.557248][T17539] EXT4-fs: Ignoring removed oldalloc option [ 264.566129][T17539] ext4: Unknown parameter 'appraise_type' [ 264.756427][T17567] sel_write_user: 1 callbacks suppressed [ 264.756448][T17567] SELinux: syz.4.2674 (17567) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 264.796410][T17574] serio: Serial port ptm1 [ 264.827944][T17578] loop1: detected capacity change from 0 to 512 [ 264.830111][T17580] loop4: detected capacity change from 0 to 512 [ 264.841172][T17578] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 264.851255][T17574] netlink: 'syz.3.2675': attribute type 4 has an invalid length. [ 264.853230][T17580] EXT4-fs (loop4): orphan cleanup on readonly fs [ 264.867653][T17580] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2677: bg 0: block 248: padding at end of block bitmap is not set [ 264.885001][T17580] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2677: Failed to acquire dquot type 1 [ 264.893904][T17578] ext4 filesystem being mounted at /464/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 264.910759][T17580] EXT4-fs (loop4): 1 truncate cleaned up [ 264.950031][T17580] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 265.042294][T17580] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 265.173331][T17634] SELinux: syz.4.2687 (17634) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 265.240738][T17641] loop2: detected capacity change from 0 to 512 [ 265.251710][T17643] loop1: detected capacity change from 0 to 1024 [ 265.266732][T17643] EXT4-fs: Ignoring removed nobh option [ 265.272605][T17643] EXT4-fs: Ignoring removed bh option [ 265.304373][T17641] loop2: detected capacity change from 0 to 1024 [ 265.311373][T17641] EXT4-fs: Ignoring removed orlov option [ 265.317931][T17641] EXT4-fs: Ignoring removed nomblk_io_submit option [ 265.419850][T17665] loop1: detected capacity change from 0 to 1024 [ 265.574292][T17681] loop2: detected capacity change from 0 to 512 [ 265.590629][T17681] EXT4-fs: Ignoring removed oldalloc option [ 265.597629][T17681] ext4: Unknown parameter 'appraise_type' [ 265.936320][T17733] loop1: detected capacity change from 0 to 1024 [ 265.944690][T17733] EXT4-fs: Ignoring removed nobh option [ 265.950646][T17733] EXT4-fs: Ignoring removed bh option [ 266.058298][T17749] loop1: detected capacity change from 0 to 1024 [ 266.486711][T17816] loop0: detected capacity change from 0 to 512 [ 266.574878][T17830] loop3: detected capacity change from 0 to 1024 [ 266.657796][T17839] loop4: detected capacity change from 0 to 512 [ 266.677971][T17842] loop1: detected capacity change from 0 to 164 [ 266.702834][T17842] ISOFS: unable to read i-node block [ 266.708367][T17842] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 266.798686][T17850] loop4: detected capacity change from 0 to 512 [ 266.818772][T17850] EXT4-fs (loop4): orphan cleanup on readonly fs [ 266.829821][T17850] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2750: bg 0: block 248: padding at end of block bitmap is not set [ 266.847995][T17850] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2750: Failed to acquire dquot type 1 [ 266.873489][T17850] EXT4-fs (loop4): 1 truncate cleaned up [ 266.882162][T17850] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 266.904026][T17850] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 266.922311][T17860] loop3: detected capacity change from 0 to 1024 [ 266.929622][T17860] EXT4-fs: Ignoring removed nobh option [ 266.935643][T17860] EXT4-fs: Ignoring removed bh option [ 266.943375][T17864] SELinux: syz.0.2752 (17864) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 266.989480][T17871] loop1: detected capacity change from 0 to 512 [ 267.019604][T17869] loop0: detected capacity change from 0 to 512 [ 267.087076][T17869] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 267.126634][T17869] ext4 filesystem being mounted at /541/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 267.139178][T17888] hub 6-0:1.0: USB hub found [ 267.142083][T17888] hub 6-0:1.0: 8 ports detected [ 267.281794][T17907] loop1: detected capacity change from 0 to 512 [ 267.298545][T17910] loop4: detected capacity change from 0 to 512 [ 267.314987][T17907] EXT4-fs (loop1): orphan cleanup on readonly fs [ 267.328853][T17910] EXT4-fs: inline encryption not supported [ 267.335931][T17907] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2766: bg 0: block 248: padding at end of block bitmap is not set [ 267.351376][T17907] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.2766: Failed to acquire dquot type 1 [ 267.374216][T17907] EXT4-fs (loop1): 1 truncate cleaned up [ 267.477176][T17910] ext4 filesystem being mounted at /543/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 267.492305][T17907] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 267.507098][T17907] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 267.533519][T17910] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.2768: corrupted inode contents [ 267.552048][T17910] EXT4-fs error (device loop4): ext4_dirty_inode:6042: inode #2: comm syz.4.2768: mark_inode_dirty error [ 267.594583][T17910] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.2768: corrupted inode contents [ 267.606951][T17959] loop3: detected capacity change from 0 to 512 [ 267.619424][T17959] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 267.665624][T17955] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.2768: corrupted inode contents [ 267.678082][T17955] EXT4-fs error (device loop4): ext4_dirty_inode:6042: inode #2: comm syz.4.2768: mark_inode_dirty error [ 267.678874][T17959] ext4 filesystem being mounted at /572/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 267.690826][T17955] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.2768: corrupted inode contents [ 267.722096][T17955] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.2768: mark_inode_dirty error [ 267.751534][T17976] loop0: detected capacity change from 0 to 512 [ 267.759127][T17976] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 267.799027][T17955] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.2768: corrupted inode contents [ 267.812314][T17955] EXT4-fs error (device loop4): ext4_dirty_inode:6042: inode #2: comm syz.4.2768: mark_inode_dirty error [ 267.841562][T17976] ext4 filesystem being mounted at /547/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 267.870192][T17987] loop2: detected capacity change from 0 to 512 [ 267.921145][T17987] EXT4-fs (loop2): orphan cleanup on readonly fs [ 267.928769][T17987] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2783: bg 0: block 248: padding at end of block bitmap is not set [ 267.949010][T17987] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.2783: Failed to acquire dquot type 1 [ 267.973175][T17987] EXT4-fs (loop2): 1 truncate cleaned up [ 268.032253][T17987] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 268.056043][T17987] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 268.280870][T18024] loop2: detected capacity change from 0 to 512 [ 268.323889][T18024] loop2: detected capacity change from 0 to 1024 [ 268.324190][T18024] EXT4-fs: Ignoring removed orlov option [ 268.324226][T18024] EXT4-fs: Ignoring removed nomblk_io_submit option [ 268.407199][T18024] lo speed is unknown, defaulting to 1000 [ 268.686248][T18066] loop1: detected capacity change from 0 to 512 [ 268.717259][T18066] EXT4-fs (loop1): orphan cleanup on readonly fs [ 268.742909][T18066] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2806: bg 0: block 248: padding at end of block bitmap is not set [ 268.778919][T18066] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.2806: Failed to acquire dquot type 1 [ 268.918431][T18066] EXT4-fs (loop1): 1 truncate cleaned up [ 268.955059][T18066] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 268.995723][T18066] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 269.025808][T18113] hub 6-0:1.0: USB hub found [ 269.029635][T18111] loop3: detected capacity change from 0 to 512 [ 269.034945][T18113] hub 6-0:1.0: 8 ports detected [ 269.040845][T18120] __quota_error: 461 callbacks suppressed [ 269.040865][T18120] Quota error (device loop1): do_check_range: Getting block 1536 out of range 0-5 [ 269.041737][ T30] audit: type=1326 audit(1741410723.810:21952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18117 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 269.081198][ T30] audit: type=1326 audit(1741410723.810:21953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18117 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 269.105645][ T30] audit: type=1326 audit(1741410723.810:21954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18117 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 269.130817][ T30] audit: type=1326 audit(1741410723.810:21955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18117 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 269.155097][ T30] audit: type=1326 audit(1741410723.810:21956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18117 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 269.180795][ T30] audit: type=1326 audit(1741410723.810:21957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18117 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 269.206498][ T30] audit: type=1326 audit(1741410723.810:21958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18117 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 269.230938][ T30] audit: type=1326 audit(1741410723.810:21959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18117 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 269.255104][ T30] audit: type=1326 audit(1741410723.810:21960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18117 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 269.302850][T18127] loop3: detected capacity change from 0 to 1024 [ 269.309665][T18127] EXT4-fs: Ignoring removed orlov option [ 269.315489][T18127] EXT4-fs: Ignoring removed nomblk_io_submit option [ 269.461263][T18158] loop2: detected capacity change from 0 to 1024 [ 269.671860][T18206] loop4: detected capacity change from 0 to 1024 [ 269.864770][T18228] loop3: detected capacity change from 0 to 512 [ 269.911544][T18236] netlink: 'syz.2.2833': attribute type 4 has an invalid length. [ 269.916520][T18228] loop3: detected capacity change from 0 to 1024 [ 269.933591][T18228] EXT4-fs: Ignoring removed orlov option [ 269.939421][T18228] EXT4-fs: Ignoring removed nomblk_io_submit option [ 269.955045][T18236] netlink: 'syz.2.2833': attribute type 4 has an invalid length. [ 270.029960][T18241] Cannot find add_set index 4 as target [ 270.048884][T18228] lo speed is unknown, defaulting to 1000 [ 270.183898][T18270] loop4: detected capacity change from 0 to 512 [ 270.211830][T18270] EXT4-fs (loop4): orphan cleanup on readonly fs [ 270.225455][T18270] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2838: bg 0: block 248: padding at end of block bitmap is not set [ 270.244113][T18270] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2838: Failed to acquire dquot type 1 [ 270.261468][T18270] EXT4-fs (loop4): 1 truncate cleaned up [ 270.302680][T18270] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 270.387087][T18270] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 270.543328][T18334] SELinux: syz.3.2843 (18334) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 270.697478][T18354] loop4: detected capacity change from 0 to 512 [ 270.728564][T18354] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 270.766736][T18354] ext4 filesystem being mounted at /560/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 270.906984][T18386] SELinux: syz.3.2856 (18386) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 271.067296][T18414] loop3: detected capacity change from 0 to 512 [ 271.112441][T18414] EXT4-fs (loop3): orphan cleanup on readonly fs [ 271.135289][T18426] loop4: detected capacity change from 0 to 512 [ 271.152469][T18414] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2858: bg 0: block 248: padding at end of block bitmap is not set [ 271.172805][T18426] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 271.210426][T18414] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2858: Failed to acquire dquot type 1 [ 271.223143][T18414] EXT4-fs (loop3): 1 truncate cleaned up [ 271.224588][T18414] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 271.241344][T18433] loop0: detected capacity change from 0 to 512 [ 271.241847][T18414] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 271.252122][T18426] ext4 filesystem being mounted at /564/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 271.325344][T18441] loop9: detected capacity change from 0 to 7 [ 271.331783][T18441] Buffer I/O error on dev loop9, logical block 0, async page read [ 271.346077][T18433] loop0: detected capacity change from 0 to 1024 [ 271.353328][T18441] Buffer I/O error on dev loop9, logical block 0, async page read [ 271.356976][T18445] SELinux: syz.3.2869 (18445) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 271.361268][T18441] loop9: unable to read partition table [ 271.390490][T18441] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 271.390490][T18441] Uªÿÿÿÿÿÿ) failed (rc=-5) [ 271.390579][T18433] EXT4-fs: Ignoring removed orlov option [ 271.411000][T18433] EXT4-fs: Ignoring removed nomblk_io_submit option [ 271.470639][T18450] loop1: detected capacity change from 0 to 512 [ 271.591301][T18460] hub 6-0:1.0: USB hub found [ 271.634459][T18460] hub 6-0:1.0: 8 ports detected [ 271.727025][T18476] loop1: detected capacity change from 0 to 512 [ 271.745632][T18476] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 271.761944][T18484] loop0: detected capacity change from 0 to 512 [ 271.788101][T18476] ext4 filesystem being mounted at /512/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 271.797267][T18484] EXT4-fs (loop0): orphan cleanup on readonly fs [ 271.834141][T18484] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2879: bg 0: block 248: padding at end of block bitmap is not set [ 271.856172][T18484] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.2879: Failed to acquire dquot type 1 [ 271.889465][T18484] EXT4-fs (loop0): 1 truncate cleaned up [ 271.910444][T18500] SELinux: syz.1.2882 (18500) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 271.971824][T18484] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 272.015806][T18509] loop4: detected capacity change from 0 to 1024 [ 272.048799][T18484] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 272.172833][T18553] FAULT_INJECTION: forcing a failure. [ 272.172833][T18553] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 272.188838][T18553] CPU: 1 UID: 0 PID: 18553 Comm: syz.0.2891 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0 [ 272.188904][T18553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 272.188977][T18553] Call Trace: [ 272.188986][T18553] [ 272.188996][T18553] dump_stack_lvl+0xf2/0x150 [ 272.189031][T18553] dump_stack+0x15/0x1a [ 272.189059][T18553] should_fail_ex+0x24a/0x260 [ 272.189159][T18553] should_fail+0xb/0x10 [ 272.189207][T18553] should_fail_usercopy+0x1a/0x20 [ 272.189253][T18553] _copy_to_user+0x20/0xa0 [ 272.189277][T18553] simple_read_from_buffer+0xa0/0x110 [ 272.189311][T18553] proc_fail_nth_read+0xf9/0x140 [ 272.189348][T18553] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 272.189441][T18553] vfs_read+0x19b/0x6f0 [ 272.189465][T18553] ? __rcu_read_unlock+0x4e/0x70 [ 272.189491][T18553] ? __fget_files+0x17c/0x1c0 [ 272.189533][T18553] ksys_read+0xe8/0x1b0 [ 272.189572][T18553] __x64_sys_read+0x42/0x50 [ 272.189597][T18553] x64_sys_call+0x2874/0x2dc0 [ 272.189643][T18553] do_syscall_64+0xc9/0x1c0 [ 272.189683][T18553] ? clear_bhb_loop+0x55/0xb0 [ 272.189716][T18553] ? clear_bhb_loop+0x55/0xb0 [ 272.189818][T18553] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.189860][T18553] RIP: 0033:0x7f00e26bbb7c [ 272.189876][T18553] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 272.189912][T18553] RSP: 002b:00007f00e0d27030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 272.189940][T18553] RAX: ffffffffffffffda RBX: 00007f00e28d5fa0 RCX: 00007f00e26bbb7c [ 272.189956][T18553] RDX: 000000000000000f RSI: 00007f00e0d270a0 RDI: 0000000000000004 [ 272.189972][T18553] RBP: 00007f00e0d27090 R08: 0000000000000000 R09: 0000000000000000 [ 272.189987][T18553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 272.190001][T18553] R13: 0000000000000000 R14: 00007f00e28d5fa0 R15: 00007ffce52d9f38 [ 272.190019][T18553] [ 272.547262][T18570] loop1: detected capacity change from 0 to 512 [ 272.566169][T18572] loop3: detected capacity change from 0 to 512 [ 272.583844][T18570] EXT4-fs (loop1): orphan cleanup on readonly fs [ 272.593844][T18572] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 272.606593][T18570] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2896: bg 0: block 248: padding at end of block bitmap is not set [ 272.626672][T18570] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.2896: Failed to acquire dquot type 1 [ 272.644061][T18570] EXT4-fs (loop1): 1 truncate cleaned up [ 272.650818][T18572] EXT4-fs mount: 143 callbacks suppressed [ 272.650836][T18572] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.650919][T18570] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 272.662138][T18572] ext4 filesystem being mounted at /595/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 272.693376][T18570] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 272.712488][T18570] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 272.723981][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.748179][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.843490][T18607] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=1011 sclass=netlink_tcpdiag_socket pid=18607 comm=syz.0.2904 [ 273.024715][T18634] loop0: detected capacity change from 0 to 1024 [ 273.054452][T18634] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 273.115271][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.275887][T18683] loop9: detected capacity change from 0 to 7 [ 273.369832][T18683] Buffer I/O error on dev loop9, logical block 0, async page read [ 273.387472][T18707] loop1: detected capacity change from 0 to 1024 [ 273.392741][T18683] Buffer I/O error on dev loop9, logical block 0, async page read [ 273.404767][T18683] loop9: unable to read partition table [ 273.431734][T18683] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 273.431734][T18683] Uªÿÿÿÿÿÿ) failed (rc=-5) [ 273.476166][T18707] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 273.566129][T18729] loop3: detected capacity change from 0 to 1024 [ 273.620662][T18737] loop0: detected capacity change from 0 to 512 [ 273.649999][T18737] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 273.665770][T18729] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 273.680349][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.709843][T18737] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 273.723178][T18746] loop4: detected capacity change from 0 to 1024 [ 273.723474][T18737] ext4 filesystem being mounted at /585/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 273.746170][T18746] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 273.757313][T18746] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 273.773282][T18746] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 273.801635][T18746] EXT4-fs (loop4): invalid journal inode [ 273.807912][T18746] EXT4-fs (loop4): can't get journal size [ 273.815370][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.824790][T18746] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #3: comm syz.4.2924: blocks 2-2 from inode overlap system zone [ 273.857439][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.882076][T18746] EXT4-fs (loop4): failed to initialize system zone (-117) [ 273.890261][T18746] EXT4-fs (loop4): mount failed [ 274.008519][T18766] lo: entered promiscuous mode [ 274.014022][T18766] lo: entered allmulticast mode [ 274.027844][T18766] lo: left allmulticast mode [ 274.032900][T18766] lo: left promiscuous mode [ 274.054412][T18766] ./file0: Can't lookup blockdev [ 274.060829][ T30] kauditd_printk_skb: 315 callbacks suppressed [ 274.060852][ T30] audit: type=1400 audit(1741410728.830:22264): avc: denied { read } for pid=18763 comm="syz.4.2931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 274.170515][T18783] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2936'. [ 274.185858][T18783] loop0: detected capacity change from 0 to 1024 [ 274.195070][ T30] audit: type=1400 audit(1741410728.970:22265): avc: denied { read } for pid=3037 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 274.218218][T18783] EXT4-fs: Ignoring removed nobh option [ 274.224272][T18783] EXT4-fs: Ignoring removed bh option [ 274.277241][T18783] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.306477][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.352830][T18808] loop0: detected capacity change from 0 to 1024 [ 274.384244][T18808] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.416071][ T30] audit: type=1326 audit(1741410729.190:22266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18807 comm="syz.0.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 274.441616][ T30] audit: type=1326 audit(1741410729.190:22267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18807 comm="syz.0.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 274.466958][ T30] audit: type=1326 audit(1741410729.190:22268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18807 comm="syz.0.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 274.492197][ T30] audit: type=1326 audit(1741410729.190:22269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18807 comm="syz.0.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 274.516086][ T30] audit: type=1326 audit(1741410729.190:22270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18807 comm="syz.0.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 274.543179][ T30] audit: type=1326 audit(1741410729.190:22271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18807 comm="syz.0.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 274.567607][ T30] audit: type=1326 audit(1741410729.190:22272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18807 comm="syz.0.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 274.591913][ T30] audit: type=1326 audit(1741410729.190:22273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18807 comm="syz.0.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 274.625057][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.643305][T18827] loop1: detected capacity change from 0 to 512 [ 274.743517][T18827] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 274.784801][T18858] loop3: detected capacity change from 0 to 512 [ 274.786217][T18862] loop0: detected capacity change from 0 to 164 [ 274.799579][T18827] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.834408][T18867] loop2: detected capacity change from 0 to 128 [ 274.834728][T18827] ext4 filesystem being mounted at /532/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 274.855374][T18867] vfat: Unknown parameter '0xffffffffffffffff' [ 274.861337][T18862] ISOFS: unable to read i-node block [ 274.868671][T18862] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 274.878345][T18858] loop3: detected capacity change from 0 to 1024 [ 274.878660][T18827] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.903759][T18858] EXT4-fs: Ignoring removed orlov option [ 274.909962][T18858] EXT4-fs: Ignoring removed nomblk_io_submit option [ 274.920860][T18867] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2946'. [ 274.938032][T18867] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2946'. [ 274.956193][T18870] loop0: detected capacity change from 0 to 1024 [ 274.976753][T18858] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 275.040907][T18870] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 275.125547][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.163700][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.196740][T18885] loop2: detected capacity change from 0 to 512 [ 275.273739][T18885] loop2: detected capacity change from 0 to 1024 [ 275.285377][T18885] EXT4-fs: Ignoring removed orlov option [ 275.291263][T18885] EXT4-fs: Ignoring removed nomblk_io_submit option [ 275.343993][T18885] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 275.409644][T18905] loop0: detected capacity change from 0 to 512 [ 275.477782][T18915] loop4: detected capacity change from 0 to 512 [ 275.507824][T18915] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 275.522786][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.547846][T18915] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 275.582801][T18931] loop2: detected capacity change from 0 to 512 [ 275.589751][T18915] ext4 filesystem being mounted at /582/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 275.626379][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.686445][T18931] loop2: detected capacity change from 0 to 1024 [ 275.708396][T18931] EXT4-fs: Ignoring removed orlov option [ 275.714430][T18931] EXT4-fs: Ignoring removed nomblk_io_submit option [ 275.764469][T18931] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 275.848520][T18957] hub 6-0:1.0: USB hub found [ 275.854734][T18957] hub 6-0:1.0: 8 ports detected [ 275.997245][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.050062][T18997] loop1: detected capacity change from 0 to 1024 [ 276.073347][T19001] loop0: detected capacity change from 0 to 512 [ 276.081589][T19001] EXT4-fs: Ignoring removed oldalloc option [ 276.103893][T18997] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 276.121725][T19001] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.2973: Parent and EA inode have the same ino 15 [ 276.154250][T19001] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.2973: Parent and EA inode have the same ino 15 [ 276.168304][T19001] EXT4-fs (loop0): 1 orphan inode deleted [ 276.180070][T19001] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 276.240521][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.248828][T19012] loop4: detected capacity change from 0 to 256 [ 276.266309][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.308115][T19012] syz.4.2978 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 276.336015][T19016] loop0: detected capacity change from 0 to 1024 [ 276.354736][T19020] loop1: detected capacity change from 0 to 1024 [ 276.363031][T19020] EXT4-fs: Ignoring removed orlov option [ 276.369845][T19020] EXT4-fs: Ignoring removed nomblk_io_submit option [ 276.380654][T19016] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 276.414416][T19020] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 276.478660][T19032] SELinux: ebitmap: truncated map [ 276.484970][T19032] SELinux: failed to load policy [ 276.494947][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.499441][T19032] autofs4:pid:19032:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e) [ 276.514773][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.527282][T19036] loop4: detected capacity change from 0 to 512 [ 276.560347][T19039] loop0: detected capacity change from 0 to 512 [ 276.610494][T19036] loop4: detected capacity change from 0 to 1024 [ 276.623245][T19036] EXT4-fs: Ignoring removed orlov option [ 276.629468][T19036] EXT4-fs: Ignoring removed nomblk_io_submit option [ 276.636628][T19039] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 276.653841][T19039] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.667663][T19036] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 276.670904][T19039] ext4 filesystem being mounted at /602/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 276.702228][T19044] hub 6-0:1.0: USB hub found [ 276.707190][T19044] hub 6-0:1.0: 8 ports detected [ 276.772499][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.864812][T19036] lo speed is unknown, defaulting to 1000 [ 276.997017][T19061] loop1: detected capacity change from 0 to 512 [ 277.008976][T19061] EXT4-fs: Ignoring removed oldalloc option [ 277.035217][T19061] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.2993: Parent and EA inode have the same ino 15 [ 277.056120][T19066] loop2: detected capacity change from 0 to 512 [ 277.106407][T19071] loop3: detected capacity change from 0 to 1024 [ 277.113845][T19061] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.2993: Parent and EA inode have the same ino 15 [ 277.133738][T19071] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.148370][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.158610][T19061] EXT4-fs (loop1): 1 orphan inode deleted [ 277.178821][T19061] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.226082][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.262074][T19082] loop1: detected capacity change from 0 to 1024 [ 277.280059][T19082] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 277.291128][T19082] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 277.301372][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.302247][T19082] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 277.302623][T19082] EXT4-fs (loop1): invalid journal inode [ 277.302644][T19082] EXT4-fs (loop1): can't get journal size [ 277.311806][T19082] EXT4-fs error (device loop1): ext4_protect_reserved_inode:182: inode #3: comm syz.1.3002: blocks 2-2 from inode overlap system zone [ 277.311940][T19082] EXT4-fs (loop1): failed to initialize system zone (-117) [ 277.312007][T19082] EXT4-fs (loop1): mount failed [ 277.370470][T19089] loop1: detected capacity change from 0 to 512 [ 277.410319][T19089] loop1: detected capacity change from 0 to 1024 [ 277.410665][T19089] EXT4-fs: Ignoring removed orlov option [ 277.410712][T19089] EXT4-fs: Ignoring removed nomblk_io_submit option [ 277.412015][T19094] loop3: detected capacity change from 0 to 512 [ 277.429687][T19089] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.436335][T19094] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 277.485128][T19094] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.500350][T19101] loop2: detected capacity change from 0 to 128 [ 277.503978][T19094] ext4 filesystem being mounted at /606/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 277.518040][T19101] vfat: Unknown parameter '0xffffffffffffffff' [ 277.533356][T19103] loop4: detected capacity change from 0 to 1024 [ 277.556497][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.568672][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.579303][T19103] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.638282][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.702695][T19117] loop4: detected capacity change from 0 to 512 [ 277.703448][T19117] EXT4-fs: Ignoring removed oldalloc option [ 277.708058][T19117] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.3013: Parent and EA inode have the same ino 15 [ 277.735781][T19117] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.3013: Parent and EA inode have the same ino 15 [ 277.735981][T19117] EXT4-fs (loop4): 1 orphan inode deleted [ 277.736383][T19117] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.803002][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.814686][T19126] loop2: detected capacity change from 0 to 512 [ 277.842293][T19126] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 277.868200][T19134] loop4: detected capacity change from 0 to 128 [ 277.877976][T19134] vfat: Unknown parameter '0xffffffffffffffff' [ 277.910064][T19126] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.943643][T19137] hub 6-0:1.0: USB hub found [ 277.952411][T19137] hub 6-0:1.0: 8 ports detected [ 277.954937][T19126] ext4 filesystem being mounted at /662/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 277.981864][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.991015][T19141] loop4: detected capacity change from 0 to 512 [ 278.055747][T19141] loop4: detected capacity change from 0 to 1024 [ 278.078918][T19149] loop0: detected capacity change from 0 to 512 [ 278.089921][T19141] EXT4-fs: Ignoring removed orlov option [ 278.095805][T19141] EXT4-fs: Ignoring removed nomblk_io_submit option [ 278.110639][T19149] EXT4-fs (loop0): orphan cleanup on readonly fs [ 278.122575][T19154] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3030'. [ 278.131692][T19154] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3030'. [ 278.151247][T19149] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3028: bg 0: block 248: padding at end of block bitmap is not set [ 278.171773][T19154] 9pnet_fd: Insufficient options for proto=fd [ 278.189928][T19159] loop3: detected capacity change from 0 to 1024 [ 278.197126][T19149] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.3028: Failed to acquire dquot type 1 [ 278.220273][T19141] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.221553][T19163] loop2: detected capacity change from 0 to 512 [ 278.239669][T19149] EXT4-fs (loop0): 1 truncate cleaned up [ 278.251249][T19163] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 278.260837][T19159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.273640][T19149] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 278.311722][T19149] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 278.312756][T19163] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 278.334122][T19163] ext4 filesystem being mounted at /665/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 278.354973][T19149] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 278.366036][T19163] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.376284][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.410769][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.457728][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.493796][T19180] loop0: detected capacity change from 0 to 1024 [ 278.545871][T19180] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.575738][T19193] FAULT_INJECTION: forcing a failure. [ 278.575738][T19193] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 278.589002][T19193] CPU: 0 UID: 0 PID: 19193 Comm: syz.3.3044 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0 [ 278.589082][T19193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 278.589097][T19193] Call Trace: [ 278.589105][T19193] [ 278.589114][T19193] dump_stack_lvl+0xf2/0x150 [ 278.589197][T19193] dump_stack+0x15/0x1a [ 278.589266][T19193] should_fail_ex+0x24a/0x260 [ 278.589303][T19193] should_fail+0xb/0x10 [ 278.589330][T19193] should_fail_usercopy+0x1a/0x20 [ 278.589368][T19193] strncpy_from_user+0x25/0x210 [ 278.589443][T19193] ? __kmalloc_cache_noprof+0x186/0x320 [ 278.589472][T19193] __se_sys_memfd_create+0x218/0x5a0 [ 278.589508][T19193] __x64_sys_memfd_create+0x31/0x40 [ 278.589576][T19193] x64_sys_call+0x2d4c/0x2dc0 [ 278.589610][T19193] do_syscall_64+0xc9/0x1c0 [ 278.589648][T19193] ? clear_bhb_loop+0x55/0xb0 [ 278.589680][T19193] ? clear_bhb_loop+0x55/0xb0 [ 278.589770][T19193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.589798][T19193] RIP: 0033:0x7f737466d169 [ 278.589816][T19193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.589838][T19193] RSP: 002b:00007f7372cd6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 278.589861][T19193] RAX: ffffffffffffffda RBX: 00000000000004ec RCX: 00007f737466d169 [ 278.589873][T19193] RDX: 00007f7372cd6ef0 RSI: 0000000000000000 RDI: 00007f73746eec3c [ 278.589911][T19193] RBP: 0000400000000c40 R08: 00007f7372cd6bb7 R09: 00007f7372cd6e40 [ 278.589924][T19193] R10: 000000000000000a R11: 0000000000000202 R12: 0000400000000080 [ 278.589936][T19193] R13: 00007f7372cd6ef0 R14: 00007f7372cd6eb0 R15: 00004000000000c0 [ 278.589953][T19193] [ 278.869405][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.883757][T19190] lo speed is unknown, defaulting to 1000 [ 278.913933][T19208] loop0: detected capacity change from 0 to 512 [ 279.169614][ T30] kauditd_printk_skb: 409 callbacks suppressed [ 279.169709][ T30] audit: type=1400 audit(1741410733.940:22680): avc: denied { create } for pid=19225 comm="syz.4.3057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 279.211267][ T30] audit: type=1400 audit(1741410733.980:22681): avc: denied { ioctl } for pid=19225 comm="syz.4.3057" path="socket:[52203]" dev="sockfs" ino=52203 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 279.237490][T19233] FAULT_INJECTION: forcing a failure. [ 279.237490][T19233] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 279.250707][T19233] CPU: 1 UID: 0 PID: 19233 Comm: syz.0.3058 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0 [ 279.250733][T19233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 279.250811][T19233] Call Trace: [ 279.250819][T19233] [ 279.250827][T19233] dump_stack_lvl+0xf2/0x150 [ 279.250859][T19233] dump_stack+0x15/0x1a [ 279.250884][T19233] should_fail_ex+0x24a/0x260 [ 279.250924][T19233] should_fail+0xb/0x10 [ 279.250978][T19233] should_fail_usercopy+0x1a/0x20 [ 279.251063][T19233] _copy_from_user+0x1c/0xa0 [ 279.251087][T19233] kstrtouint_from_user+0x76/0xe0 [ 279.251122][T19233] ? 0xffffffff81000000 [ 279.251139][T19233] ? selinux_file_permission+0x22a/0x360 [ 279.251179][T19233] proc_fail_nth_write+0x4f/0x150 [ 279.251287][T19233] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 279.251323][T19233] vfs_write+0x27d/0x920 [ 279.251353][T19233] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 279.251436][T19233] ? __fget_files+0x17c/0x1c0 [ 279.251477][T19233] ksys_write+0xe8/0x1b0 [ 279.251510][T19233] __x64_sys_write+0x42/0x50 [ 279.251542][T19233] x64_sys_call+0x287e/0x2dc0 [ 279.251594][T19233] do_syscall_64+0xc9/0x1c0 [ 279.251674][T19233] ? clear_bhb_loop+0x55/0xb0 [ 279.251769][T19233] ? clear_bhb_loop+0x55/0xb0 [ 279.251856][T19233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.251884][T19233] RIP: 0033:0x7f00e26bbc1f [ 279.251899][T19233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 279.251918][T19233] RSP: 002b:00007f00e0d06030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 279.251940][T19233] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f00e26bbc1f [ 279.251961][T19233] RDX: 0000000000000001 RSI: 00007f00e0d060a0 RDI: 0000000000000007 [ 279.252050][T19233] RBP: 00007f00e0d06090 R08: 0000000000000000 R09: 0000000000000000 [ 279.252062][T19233] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 279.252074][T19233] R13: 0000000000000000 R14: 00007f00e28d6080 R15: 00007ffce52d9f38 [ 279.252091][T19233] [ 279.307255][ T30] audit: type=1326 audit(1741410734.080:22682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19234 comm="syz.2.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 279.472232][T19256] loop2: detected capacity change from 0 to 512 [ 279.481332][ T30] audit: type=1326 audit(1741410734.080:22683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19234 comm="syz.2.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 279.515459][ T30] audit: type=1326 audit(1741410734.090:22684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19234 comm="syz.2.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 279.520456][T19256] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 279.540091][ T30] audit: type=1326 audit(1741410734.090:22685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19234 comm="syz.2.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 279.540124][ T30] audit: type=1326 audit(1741410734.090:22686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19234 comm="syz.2.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 279.596301][ T30] audit: type=1326 audit(1741410734.090:22687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19234 comm="syz.2.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 279.605227][T19256] ext4 filesystem being mounted at /669/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 279.620261][ T30] audit: type=1326 audit(1741410734.090:22688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19234 comm="syz.2.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 279.654977][ T30] audit: type=1326 audit(1741410734.090:22689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19234 comm="syz.2.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 279.770477][T19295] loop0: detected capacity change from 0 to 1024 [ 279.819112][T19305] SELinux: syz.2.3064 (19305) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 279.895716][T19313] loop3: detected capacity change from 0 to 1024 [ 279.997868][T19325] FAULT_INJECTION: forcing a failure. [ 279.997868][T19325] name failslab, interval 1, probability 0, space 0, times 0 [ 280.010616][T19325] CPU: 1 UID: 0 PID: 19325 Comm: syz.1.3072 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0 [ 280.010703][T19325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 280.010719][T19325] Call Trace: [ 280.010728][T19325] [ 280.010737][T19325] dump_stack_lvl+0xf2/0x150 [ 280.010771][T19325] dump_stack+0x15/0x1a [ 280.010848][T19325] should_fail_ex+0x24a/0x260 [ 280.010880][T19325] should_failslab+0x8f/0xb0 [ 280.011015][T19325] kmem_cache_alloc_node_noprof+0x59/0x320 [ 280.011039][T19325] ? __alloc_skb+0x10b/0x310 [ 280.011062][T19325] __alloc_skb+0x10b/0x310 [ 280.011089][T19325] pfkey_sendmsg+0x10d/0x970 [ 280.011189][T19325] ? avc_has_perm+0xd4/0x160 [ 280.011216][T19325] ? selinux_socket_sendmsg+0x185/0x1c0 [ 280.011266][T19325] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 280.011297][T19325] __sock_sendmsg+0x140/0x180 [ 280.011350][T19325] ____sys_sendmsg+0x326/0x4b0 [ 280.011383][T19325] __sys_sendmsg+0x19d/0x230 [ 280.011488][T19325] __x64_sys_sendmsg+0x46/0x50 [ 280.011520][T19325] x64_sys_call+0x2734/0x2dc0 [ 280.011552][T19325] do_syscall_64+0xc9/0x1c0 [ 280.011586][T19325] ? clear_bhb_loop+0x55/0xb0 [ 280.011657][T19325] ? clear_bhb_loop+0x55/0xb0 [ 280.011688][T19325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.011714][T19325] RIP: 0033:0x7fdd0c95d169 [ 280.011728][T19325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 280.011754][T19325] RSP: 002b:00007fdd0afc1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 280.011777][T19325] RAX: ffffffffffffffda RBX: 00007fdd0cb75fa0 RCX: 00007fdd0c95d169 [ 280.011791][T19325] RDX: 0000000000000000 RSI: 00004000000001c0 RDI: 0000000000000006 [ 280.011805][T19325] RBP: 00007fdd0afc1090 R08: 0000000000000000 R09: 0000000000000000 [ 280.011820][T19325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 280.011834][T19325] R13: 0000000000000000 R14: 00007fdd0cb75fa0 R15: 00007ffe3e6c8e38 [ 280.011922][T19325] [ 280.293961][T19335] loop1: detected capacity change from 0 to 512 [ 280.302088][T19331] loop0: detected capacity change from 0 to 512 [ 280.321278][T19331] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 280.385522][T19335] loop1: detected capacity change from 0 to 1024 [ 280.385784][T19335] EXT4-fs: Ignoring removed orlov option [ 280.393316][T19342] loop2: detected capacity change from 0 to 1024 [ 280.397992][T19335] EXT4-fs: Ignoring removed nomblk_io_submit option [ 280.417084][T19342] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 280.417129][T19342] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 280.417162][T19342] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 280.453420][T19342] EXT4-fs (loop2): invalid journal inode [ 280.454684][T19331] ext4 filesystem being mounted at /614/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 280.459172][T19342] EXT4-fs (loop2): can't get journal size [ 280.481640][T19342] EXT4-fs error (device loop2): ext4_protect_reserved_inode:182: inode #3: comm syz.2.3080: blocks 2-2 from inode overlap system zone [ 280.500020][T19342] EXT4-fs (loop2): failed to initialize system zone (-117) [ 280.507654][T19342] EXT4-fs (loop2): mount failed [ 280.546591][T19356] loop3: detected capacity change from 0 to 512 [ 280.629507][T19365] loop0: detected capacity change from 0 to 512 [ 280.640748][T19356] loop3: detected capacity change from 0 to 1024 [ 280.649174][T19356] EXT4-fs: Ignoring removed orlov option [ 280.654978][T19356] EXT4-fs: Ignoring removed nomblk_io_submit option [ 280.713756][T19365] loop0: detected capacity change from 0 to 1024 [ 280.720633][T19365] EXT4-fs: Ignoring removed orlov option [ 280.726530][T19365] EXT4-fs: Ignoring removed nomblk_io_submit option [ 280.735023][T19375] loop1: detected capacity change from 0 to 512 [ 280.774792][T19375] loop1: detected capacity change from 0 to 1024 [ 280.792419][T19375] EXT4-fs: Ignoring removed orlov option [ 280.798179][T19375] EXT4-fs: Ignoring removed nomblk_io_submit option [ 280.885240][T19388] hub 6-0:1.0: USB hub found [ 280.903382][T19388] hub 6-0:1.0: 8 ports detected [ 280.958855][T19398] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3098'. [ 280.970510][T19398] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3098'. [ 281.066991][T19406] loop0: detected capacity change from 0 to 1024 [ 281.123329][T19409] loop1: detected capacity change from 0 to 1024 [ 281.151891][T19416] loop3: detected capacity change from 0 to 256 [ 281.223866][T19422] loop3: detected capacity change from 0 to 1024 [ 281.252978][T19415] sd 0:0:1:0: device reset [ 281.257588][T19426] loop2: detected capacity change from 0 to 1024 [ 281.382922][T19440] loop1: detected capacity change from 0 to 512 [ 281.391275][T19442] loop3: detected capacity change from 0 to 1024 [ 281.403222][T19440] EXT4-fs: Ignoring removed oldalloc option [ 281.461700][T19440] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.3114: Parent and EA inode have the same ino 15 [ 281.478250][T19440] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.3114: Parent and EA inode have the same ino 15 [ 281.497969][T19440] EXT4-fs (loop1): 1 orphan inode deleted [ 281.545469][T19452] loop2: detected capacity change from 0 to 256 [ 281.616273][T19459] loop2: detected capacity change from 0 to 512 [ 281.644120][T19453] hub 6-0:1.0: USB hub found [ 281.651611][T19453] hub 6-0:1.0: 8 ports detected [ 281.724457][T19459] loop2: detected capacity change from 0 to 1024 [ 281.732366][T19459] EXT4-fs: Ignoring removed orlov option [ 281.738201][T19459] EXT4-fs: Ignoring removed nomblk_io_submit option [ 281.819424][T19484] loop1: detected capacity change from 0 to 1024 [ 281.983113][T19509] loop0: detected capacity change from 0 to 512 [ 282.019182][T19515] loop2: detected capacity change from 0 to 512 [ 282.062657][T19515] loop2: detected capacity change from 0 to 1024 [ 282.081698][T19515] EXT4-fs: Ignoring removed orlov option [ 282.087529][T19515] EXT4-fs: Ignoring removed nomblk_io_submit option [ 282.087555][T19509] loop0: detected capacity change from 0 to 1024 [ 282.087873][T19509] EXT4-fs: Ignoring removed orlov option [ 282.107015][T19509] EXT4-fs: Ignoring removed nomblk_io_submit option [ 282.308380][T19564] loop4: detected capacity change from 0 to 1024 [ 282.327413][T19564] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 282.338479][T19564] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 282.352300][T19564] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 282.362864][T19564] EXT4-fs (loop4): invalid journal inode [ 282.368800][T19564] EXT4-fs (loop4): can't get journal size [ 282.375566][T19564] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #3: comm syz.4.3135: blocks 2-2 from inode overlap system zone [ 282.395900][T19574] loop0: detected capacity change from 0 to 164 [ 282.402068][T19564] EXT4-fs (loop4): failed to initialize system zone (-117) [ 282.425025][T19574] ISOFS: unable to read i-node block [ 282.430392][T19574] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 282.435317][T19571] hub 6-0:1.0: USB hub found [ 282.451863][T19564] EXT4-fs (loop4): mount failed [ 282.452091][T19571] hub 6-0:1.0: 8 ports detected [ 282.592897][T19585] loop0: detected capacity change from 0 to 1024 [ 282.606519][T19587] loop4: detected capacity change from 0 to 1024 [ 282.704658][T19594] loop3: detected capacity change from 0 to 512 [ 282.734692][T19594] loop3: detected capacity change from 0 to 1024 [ 282.741602][T19594] EXT4-fs: Ignoring removed orlov option [ 282.747418][T19594] EXT4-fs: Ignoring removed nomblk_io_submit option [ 282.830302][T19601] loop0: detected capacity change from 0 to 512 [ 282.845881][T19601] EXT4-fs: Ignoring removed oldalloc option [ 282.858438][T19601] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.3147: Parent and EA inode have the same ino 15 [ 282.889316][T19601] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.3147: Parent and EA inode have the same ino 15 [ 282.930087][T19601] EXT4-fs (loop0): 1 orphan inode deleted [ 282.964412][T19617] loop3: detected capacity change from 0 to 128 [ 282.976191][T19617] vfat: Unknown parameter '0xffffffffffffffff' [ 282.986082][T19617] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3155'. [ 283.021419][T19623] loop4: detected capacity change from 0 to 256 [ 283.034243][T19619] loop0: detected capacity change from 0 to 512 [ 283.048084][T19619] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 283.084690][T19619] ext4 filesystem being mounted at /633/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.187819][T19633] hub 6-0:1.0: USB hub found [ 283.194501][T19633] hub 6-0:1.0: 8 ports detected [ 283.214837][T19630] sd 0:0:1:0: device reset [ 283.286299][T19644] loop3: detected capacity change from 0 to 512 [ 283.307759][T19644] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 283.326915][T19648] loop0: detected capacity change from 0 to 512 [ 283.335902][T19644] ext4 filesystem being mounted at /645/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.347811][T19648] EXT4-fs: Ignoring removed oldalloc option [ 283.369932][T19648] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.3168: Parent and EA inode have the same ino 15 [ 283.433398][T19648] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.3168: Parent and EA inode have the same ino 15 [ 283.489094][T19661] loop3: detected capacity change from 0 to 512 [ 283.518140][T19648] EXT4-fs (loop0): 1 orphan inode deleted [ 283.559145][T19661] loop3: detected capacity change from 0 to 1024 [ 283.571234][T19661] EXT4-fs: Ignoring removed orlov option [ 283.577107][T19661] EXT4-fs: Ignoring removed nomblk_io_submit option [ 283.618726][T19667] lo speed is unknown, defaulting to 1000 [ 283.653312][T19678] loop0: detected capacity change from 0 to 1024 [ 283.784849][T19689] loop2: detected capacity change from 0 to 1024 [ 283.842012][T19690] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9) [ 283.848803][T19690] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 283.856326][T19690] vhci_hcd vhci_hcd.0: Device attached [ 283.924300][T19694] vhci_hcd: connection closed [ 283.925030][ T29] vhci_hcd: stop threads [ 283.925043][ T29] vhci_hcd: release socket [ 283.925052][ T29] vhci_hcd: disconnect device [ 283.945212][T19704] loop2: detected capacity change from 0 to 512 [ 283.975472][T19704] loop2: detected capacity change from 0 to 1024 [ 283.975782][T19704] EXT4-fs: Ignoring removed orlov option [ 283.975831][T19704] EXT4-fs: Ignoring removed nomblk_io_submit option [ 284.014063][T19667] lo speed is unknown, defaulting to 1000 [ 284.203783][T19737] loop0: detected capacity change from 0 to 512 [ 284.246013][ T30] kauditd_printk_skb: 415 callbacks suppressed [ 284.246093][ T30] audit: type=1326 audit(1741410739.020:23105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.2.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 284.302984][ T30] audit: type=1326 audit(1741410739.050:23106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.2.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 284.326916][ T30] audit: type=1326 audit(1741410739.050:23107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.2.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 284.350686][ T30] audit: type=1326 audit(1741410739.050:23108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.2.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 284.372497][T19749] loop0: detected capacity change from 0 to 1024 [ 284.374397][ T30] audit: type=1326 audit(1741410739.050:23109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.2.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 284.381301][T19749] EXT4-fs: Ignoring removed orlov option [ 284.404725][ T30] audit: type=1326 audit(1741410739.050:23110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.2.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 284.410429][T19749] EXT4-fs: Ignoring removed nomblk_io_submit option [ 284.433938][ T30] audit: type=1326 audit(1741410739.050:23111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.2.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 284.464457][ T30] audit: type=1326 audit(1741410739.050:23112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.2.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 284.488134][ T30] audit: type=1326 audit(1741410739.050:23113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.2.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 284.511731][ T30] audit: type=1326 audit(1741410739.050:23114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.2.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0369f2d169 code=0x7ffc0000 [ 284.751211][T19796] loop1: detected capacity change from 0 to 256 [ 284.843418][T19803] loop0: detected capacity change from 0 to 512 [ 284.850649][T19803] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 284.859479][T19807] SELinux: syz.4.3203 (19807) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 284.891335][T19812] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3204'. [ 284.900401][T19812] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3204'. [ 284.923164][T19803] ext4 filesystem being mounted at /643/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 284.982104][T19825] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3207'. [ 284.991339][T19825] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3207'. [ 285.054401][T19835] loop0: detected capacity change from 0 to 512 [ 285.056241][T19828] sd 0:0:1:0: device reset [ 285.083168][T19835] EXT4-fs: Ignoring removed oldalloc option [ 285.192653][T19835] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.3208: Parent and EA inode have the same ino 15 [ 285.221584][T19883] loop3: detected capacity change from 0 to 512 [ 285.240139][T19885] loop1: detected capacity change from 0 to 256 [ 285.304917][T19835] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.3208: Parent and EA inode have the same ino 15 [ 285.335508][T19835] EXT4-fs (loop0): 1 orphan inode deleted [ 285.371691][T19898] loop3: detected capacity change from 0 to 512 [ 285.379773][T19888] bridge_slave_0: left allmulticast mode [ 285.385584][T19888] bridge_slave_0: left promiscuous mode [ 285.391326][T19888] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.416024][T19888] bridge_slave_1: left allmulticast mode [ 285.421857][T19888] bridge_slave_1: left promiscuous mode [ 285.427832][T19888] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.451456][T19888] : (slave bond_slave_0): Releasing backup interface [ 285.455790][T19904] loop0: detected capacity change from 0 to 256 [ 285.482744][T19888] : (slave bond_slave_1): Releasing backup interface [ 285.517298][T19909] loop3: detected capacity change from 0 to 1024 [ 285.540280][T19888] team0: Port device team_slave_0 removed [ 285.556976][T19888] team0: Port device team_slave_1 removed [ 285.570192][T19913] loop1: detected capacity change from 0 to 1024 [ 285.588203][T19916] loop0: detected capacity change from 0 to 512 [ 285.611208][ T3374] lo speed is unknown, defaulting to 1000 [ 285.654989][T19914] sd 0:0:1:0: device reset [ 285.672948][T19916] loop0: detected capacity change from 0 to 1024 [ 285.710952][T19916] EXT4-fs: Ignoring removed orlov option [ 285.716841][T19916] EXT4-fs: Ignoring removed nomblk_io_submit option [ 285.762191][T19936] loop3: detected capacity change from 0 to 1024 [ 285.768764][T19928] loop2: detected capacity change from 0 to 512 [ 285.780986][T19932] loop1: detected capacity change from 0 to 1024 [ 285.788212][T19932] EXT4-fs: Ignoring removed orlov option [ 285.794279][T19932] EXT4-fs: Ignoring removed nomblk_io_submit option [ 285.805977][T19928] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 285.857622][T19944] loop4: detected capacity change from 0 to 1024 [ 285.859730][T19928] ext4 filesystem being mounted at /704/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 285.884647][T19944] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 285.895781][T19944] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 285.906050][T19944] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 285.916628][T19944] EXT4-fs (loop4): invalid journal inode [ 285.922618][T19944] EXT4-fs (loop4): can't get journal size [ 285.939308][T19944] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #3: comm syz.4.3233: blocks 2-2 from inode overlap system zone [ 285.940370][T19949] loop0: detected capacity change from 0 to 256 [ 285.974048][T19944] EXT4-fs (loop4): failed to initialize system zone (-117) [ 285.981498][T19944] EXT4-fs (loop4): mount failed [ 286.011367][T19955] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3236'. [ 286.016801][T19953] loop1: detected capacity change from 0 to 512 [ 286.020873][T19955] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3236'. [ 286.064819][T19953] EXT4-fs (loop1): orphan cleanup on readonly fs [ 286.080212][T19953] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3238: bg 0: block 248: padding at end of block bitmap is not set [ 286.110098][T19953] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.3238: Failed to acquire dquot type 1 [ 286.127603][T19953] EXT4-fs (loop1): 1 truncate cleaned up [ 286.151558][T19953] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 286.172328][T19953] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 286.241241][T19978] loop0: detected capacity change from 0 to 128 [ 286.250113][T19976] loop1: detected capacity change from 0 to 512 [ 286.257143][T19978] vfat: Unknown parameter '0xffffffffffffffff' [ 286.263942][T19976] EXT4-fs: Ignoring removed oldalloc option [ 286.271765][T19978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3246'. [ 286.293896][T19976] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.3244: Parent and EA inode have the same ino 15 [ 286.311011][T19976] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.3244: Parent and EA inode have the same ino 15 [ 286.317085][T19983] loop0: detected capacity change from 0 to 512 [ 286.324051][T19976] EXT4-fs (loop1): 1 orphan inode deleted [ 286.372783][T19982] hub 6-0:1.0: USB hub found [ 286.395212][T19982] hub 6-0:1.0: 8 ports detected [ 286.440079][T19987] loop1: detected capacity change from 0 to 1024 [ 286.449892][T19989] loop0: detected capacity change from 0 to 256 [ 286.578445][T20000] loop0: detected capacity change from 0 to 512 [ 286.587745][T20000] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 286.624541][T20000] ext4 filesystem being mounted at /655/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 286.709466][T20016] loop1: detected capacity change from 0 to 1024 [ 286.714055][T20018] loop0: detected capacity change from 0 to 512 [ 286.745782][T20021] loop2: detected capacity change from 0 to 1024 [ 286.882493][T20045] loop0: detected capacity change from 0 to 512 [ 286.928569][T20048] loop3: detected capacity change from 0 to 1024 [ 286.941507][T20045] loop0: detected capacity change from 0 to 1024 [ 286.976108][T20045] EXT4-fs: Ignoring removed orlov option [ 286.981839][T20045] EXT4-fs: Ignoring removed nomblk_io_submit option [ 287.068033][T20087] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3264'. [ 287.077110][T20087] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3264'. [ 287.118589][T20094] loop4: detected capacity change from 0 to 128 [ 287.125522][T20092] loop1: detected capacity change from 0 to 256 [ 287.137322][T20096] loop3: detected capacity change from 0 to 512 [ 287.145390][T20096] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 287.162878][T20094] vfat: Unknown parameter '0xffffffffffffffff' [ 287.188913][T20094] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3267'. [ 287.224317][T20096] ext4 filesystem being mounted at /662/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 287.396348][T20128] loop1: detected capacity change from 0 to 256 [ 287.441499][T20136] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3282'. [ 287.450607][T20136] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3282'. [ 287.524033][T20143] loop2: detected capacity change from 0 to 1024 [ 287.546118][T20147] loop4: detected capacity change from 0 to 512 [ 287.556417][T20147] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 287.576969][T20147] ext4 filesystem being mounted at /639/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 287.691267][T20163] loop3: detected capacity change from 0 to 256 [ 287.699381][T20164] loop1: detected capacity change from 0 to 1024 [ 287.711472][T20164] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 287.722541][T20164] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 287.754168][T20164] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 287.755135][T20168] loop4: detected capacity change from 0 to 512 [ 287.770797][T20164] EXT4-fs (loop1): invalid journal inode [ 287.786773][T20164] EXT4-fs (loop1): can't get journal size [ 287.793795][T20164] EXT4-fs error (device loop1): ext4_protect_reserved_inode:182: inode #3: comm syz.1.3291: blocks 2-2 from inode overlap system zone [ 287.810600][T20172] loop3: detected capacity change from 0 to 512 [ 287.821763][T20164] EXT4-fs (loop1): failed to initialize system zone (-117) [ 287.830009][T20164] EXT4-fs (loop1): mount failed [ 287.845504][T20168] loop4: detected capacity change from 0 to 1024 [ 287.852297][T20168] EXT4-fs: Ignoring removed orlov option [ 287.858059][T20168] EXT4-fs: Ignoring removed nomblk_io_submit option [ 287.859475][T20172] loop3: detected capacity change from 0 to 1024 [ 287.885745][T20172] EXT4-fs: Ignoring removed orlov option [ 287.891479][T20172] EXT4-fs: Ignoring removed nomblk_io_submit option [ 288.040254][T20194] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3302'. [ 288.099013][T20196] loop4: detected capacity change from 0 to 512 [ 288.111598][T20196] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 288.125870][T20203] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3307'. [ 288.162808][T20196] ext4 filesystem being mounted at /643/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 288.224041][T20220] loop3: detected capacity change from 0 to 512 [ 288.236148][T20217] loop4: detected capacity change from 0 to 1024 [ 288.247798][T20220] loop3: detected capacity change from 0 to 1024 [ 288.249998][T20217] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 288.265260][T20217] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 288.283910][T20217] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 288.294369][T20217] EXT4-fs (loop4): invalid journal inode [ 288.300149][T20217] EXT4-fs (loop4): can't get journal size [ 288.305912][T20220] EXT4-fs: Ignoring removed orlov option [ 288.311676][T20220] EXT4-fs: Ignoring removed nomblk_io_submit option [ 288.333849][T20228] loop0: detected capacity change from 0 to 512 [ 288.340776][T20228] EXT4-fs: Ignoring removed oldalloc option [ 288.344438][T20217] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #3: comm syz.4.3309: blocks 2-2 from inode overlap system zone [ 288.370057][T20228] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.3311: Parent and EA inode have the same ino 15 [ 288.377865][T20217] EXT4-fs (loop4): failed to initialize system zone (-117) [ 288.384217][T20228] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.3311: Parent and EA inode have the same ino 15 [ 288.401185][T20217] EXT4-fs (loop4): mount failed [ 288.402402][T20228] EXT4-fs (loop0): 1 orphan inode deleted [ 288.628296][T20259] sd 0:0:1:0: device reset [ 288.637940][T20276] loop4: detected capacity change from 0 to 1024 [ 288.646091][T20276] EXT4-fs: Ignoring removed orlov option [ 288.651868][T20276] EXT4-fs: Ignoring removed nomblk_io_submit option [ 288.825583][T20319] loop2: detected capacity change from 0 to 512 [ 288.827762][T20315] loop4: detected capacity change from 0 to 512 [ 288.852419][T20315] EXT4-fs (loop4): orphan cleanup on readonly fs [ 288.860193][T20315] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3321: bg 0: block 248: padding at end of block bitmap is not set [ 288.865961][T20319] loop2: detected capacity change from 0 to 1024 [ 288.881390][T20319] EXT4-fs: Ignoring removed orlov option [ 288.886665][T20315] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.3321: Failed to acquire dquot type 1 [ 288.887263][T20319] EXT4-fs: Ignoring removed nomblk_io_submit option [ 288.905551][T20315] EXT4-fs (loop4): 1 truncate cleaned up [ 288.921222][T20315] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 288.931046][T20324] loop3: detected capacity change from 0 to 1024 [ 288.937858][T20315] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 288.944020][T20324] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 288.959216][T20324] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 288.970125][T20324] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 288.980977][T20324] EXT4-fs (loop3): invalid journal inode [ 288.987281][T20324] EXT4-fs (loop3): can't get journal size [ 289.005279][T20324] EXT4-fs error (device loop3): ext4_protect_reserved_inode:182: inode #3: comm syz.3.3324: blocks 2-2 from inode overlap system zone [ 289.021859][T20324] EXT4-fs (loop3): failed to initialize system zone (-117) [ 289.029310][T20324] EXT4-fs (loop3): mount failed [ 289.127493][T20342] loop3: detected capacity change from 0 to 512 [ 289.267746][T20353] loop4: detected capacity change from 0 to 512 [ 289.274197][T20355] loop1: detected capacity change from 0 to 1024 [ 289.290688][T20353] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 289.310913][T20347] sd 0:0:1:0: device reset [ 289.321152][T20353] ext4 filesystem being mounted at /653/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.333646][ T30] kauditd_printk_skb: 311 callbacks suppressed [ 289.333662][ T30] audit: type=1326 audit(1741410744.110:23420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.1.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd0c95d169 code=0x7ffc0000 [ 289.335264][T20362] loop0: detected capacity change from 0 to 256 [ 289.370747][ T30] audit: type=1326 audit(1741410744.140:23421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.1.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd0c95d169 code=0x7ffc0000 [ 289.414723][ T30] audit: type=1326 audit(1741410744.140:23422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.1.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd0c95d169 code=0x7ffc0000 [ 289.438467][ T30] audit: type=1326 audit(1741410744.140:23423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.1.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fdd0c95d169 code=0x7ffc0000 [ 289.462148][ T30] audit: type=1326 audit(1741410744.140:23424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.1.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd0c95d169 code=0x7ffc0000 [ 289.485821][ T30] audit: type=1326 audit(1741410744.140:23425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.1.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7fdd0c95d169 code=0x7ffc0000 [ 289.486217][T20366] loop1: detected capacity change from 0 to 512 [ 289.509372][ T30] audit: type=1326 audit(1741410744.140:23426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.1.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd0c95d169 code=0x7ffc0000 [ 289.545584][T20368] loop2: detected capacity change from 0 to 512 [ 289.555382][ T30] audit: type=1326 audit(1741410744.310:23427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20361 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 289.579143][ T30] audit: type=1326 audit(1741410744.310:23428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20361 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 289.602767][ T30] audit: type=1326 audit(1741410744.310:23429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20361 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f00e26bd169 code=0x7ffc0000 [ 289.614788][T20366] EXT4-fs (loop1): orphan cleanup on readonly fs [ 289.642758][T20366] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3337: bg 0: block 248: padding at end of block bitmap is not set [ 289.659718][T20374] loop2: detected capacity change from 0 to 1024 [ 289.678394][T20366] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.3337: Failed to acquire dquot type 1 [ 289.683712][T20374] EXT4-fs: Ignoring removed orlov option [ 289.695496][T20374] EXT4-fs: Ignoring removed nomblk_io_submit option [ 289.706541][T20366] EXT4-fs (loop1): 1 truncate cleaned up [ 289.731991][T20366] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 289.772426][T20366] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 289.805673][T20396] loop0: detected capacity change from 0 to 512 [ 289.881104][T20405] loop4: detected capacity change from 0 to 1024 [ 290.025399][T20418] sd 0:0:1:0: device reset [ 290.166658][T20470] 9pnet_fd: Insufficient options for proto=fd [ 290.220383][T20475] loop0: detected capacity change from 0 to 1024 [ 290.262771][T20481] loop4: detected capacity change from 0 to 1024 [ 290.272980][T20481] EXT4-fs: Ignoring removed orlov option [ 290.278833][T20481] EXT4-fs: Ignoring removed nomblk_io_submit option [ 290.355232][T20490] loop0: detected capacity change from 0 to 1024 [ 290.383797][T20490] EXT4-fs: Ignoring removed orlov option [ 290.389683][T20490] EXT4-fs: Ignoring removed nomblk_io_submit option [ 290.623645][T20522] loop0: detected capacity change from 0 to 1024 [ 290.631133][T20522] EXT4-fs: Ignoring removed orlov option [ 290.636932][T20522] EXT4-fs: Ignoring removed nomblk_io_submit option [ 290.675790][T20531] loop3: detected capacity change from 0 to 1024 [ 290.860916][T20556] lo speed is unknown, defaulting to 1000 [ 291.131422][T20601] __nla_validate_parse: 5 callbacks suppressed [ 291.131437][T20601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3387'. [ 291.186014][T20609] loop1: detected capacity change from 0 to 512 [ 291.255013][T20609] loop1: detected capacity change from 0 to 1024 [ 291.339639][T20609] EXT4-fs: Ignoring removed orlov option [ 291.345423][T20609] EXT4-fs: Ignoring removed nomblk_io_submit option [ 291.345828][T20556] lo speed is unknown, defaulting to 1000 [ 291.370631][T20636] loop3: detected capacity change from 0 to 1024 [ 291.402731][T20647] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3394'. [ 291.411836][T20647] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3394'. [ 291.463029][T20647] 9pnet_fd: Insufficient options for proto=fd [ 291.491498][T20653] loop3: detected capacity change from 0 to 512 [ 291.498232][T20651] FAULT_INJECTION: forcing a failure. [ 291.498232][T20651] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 291.511414][T20651] CPU: 1 UID: 0 PID: 20651 Comm: syz.1.3395 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0 [ 291.511448][T20651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 291.511464][T20651] Call Trace: [ 291.511472][T20651] [ 291.511481][T20651] dump_stack_lvl+0xf2/0x150 [ 291.511524][T20651] dump_stack+0x15/0x1a [ 291.511557][T20651] should_fail_ex+0x24a/0x260 [ 291.511594][T20651] should_fail+0xb/0x10 [ 291.511640][T20651] should_fail_usercopy+0x1a/0x20 [ 291.511678][T20651] _copy_to_user+0x20/0xa0 [ 291.511753][T20651] simple_read_from_buffer+0xa0/0x110 [ 291.511788][T20651] proc_fail_nth_read+0xf9/0x140 [ 291.511836][T20651] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 291.511872][T20651] vfs_read+0x19b/0x6f0 [ 291.511902][T20651] ? __rcu_read_unlock+0x4e/0x70 [ 291.511951][T20651] ? __fget_files+0x17c/0x1c0 [ 291.511992][T20651] ksys_read+0xe8/0x1b0 [ 291.512025][T20651] __x64_sys_read+0x42/0x50 [ 291.512061][T20651] x64_sys_call+0x2874/0x2dc0 [ 291.512169][T20651] do_syscall_64+0xc9/0x1c0 [ 291.512207][T20651] ? clear_bhb_loop+0x55/0xb0 [ 291.512240][T20651] ? clear_bhb_loop+0x55/0xb0 [ 291.512272][T20651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.512317][T20651] RIP: 0033:0x7fdd0c95bb7c [ 291.512332][T20651] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 291.512349][T20651] RSP: 002b:00007fdd0afc1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 291.512370][T20651] RAX: ffffffffffffffda RBX: 00007fdd0cb75fa0 RCX: 00007fdd0c95bb7c [ 291.512384][T20651] RDX: 000000000000000f RSI: 00007fdd0afc10a0 RDI: 0000000000000004 [ 291.512398][T20651] RBP: 00007fdd0afc1090 R08: 0000000000000000 R09: 0000000000000000 [ 291.512418][T20653] EXT4-fs: Ignoring removed oldalloc option [ 291.512501][T20651] ================================================================== [ 291.512556][T20651] BUG: KCSAN: data-race in data_alloc / data_push_tail [ 291.512616][T20651] [ 291.512623][T20651] write to 0xffffffff88bece50 of 8 bytes by task 20653 on cpu 0: [ 291.512641][T20651] data_alloc+0x216/0x2c0 [ 291.512678][T20651] prb_reserve+0x85e/0xb60 [ 291.512713][T20651] vprintk_store+0x558/0x870 [ 291.512734][T20651] vprintk_emit+0x168/0x690 [ 291.512756][T20651] vprintk_default+0x26/0x30 [ 291.512778][T20651] vprintk+0x1d/0x30 [ 291.512807][T20651] _printk+0x7a/0xa0 [ 291.512836][T20651] __ext4_msg+0x134/0x1a0 [ 291.512873][T20651] ext4_parse_param+0x839/0xf40 [ 291.512907][T20651] vfs_parse_fs_param+0x13b/0x290 [ 291.512939][T20651] vfs_parse_monolithic_sep+0x19b/0x220 [ 291.512974][T20651] generic_parse_monolithic+0x24/0x30 [ 291.513007][T20651] parse_monolithic_mount_data+0x43/0x50 [ 291.513044][T20651] do_new_mount+0x1fa/0x690 [ 291.513079][T20651] path_mount+0x49b/0xb30 [ 291.513111][T20651] __se_sys_mount+0x27f/0x2d0 [ 291.513146][T20651] __x64_sys_mount+0x67/0x80 [ 291.513181][T20651] x64_sys_call+0x2c84/0x2dc0 [ 291.513214][T20651] do_syscall_64+0xc9/0x1c0 [ 291.513250][T20651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.513282][T20651] [ 291.513287][T20651] read to 0xffffffff88bece50 of 8 bytes by task 20651 on cpu 1: [ 291.513304][T20651] data_push_tail+0x102/0x430 [ 291.513344][T20651] data_alloc+0xbe/0x2c0 [ 291.513378][T20651] prb_reserve+0x85e/0xb60 [ 291.513413][T20651] vprintk_store+0x558/0x870 [ 291.513434][T20651] vprintk_emit+0x168/0x690 [ 291.513454][T20651] vprintk_default+0x26/0x30 [ 291.513476][T20651] vprintk+0x1d/0x30 [ 291.513505][T20651] _printk+0x7a/0xa0 [ 291.513540][T20651] __show_regs+0xbc/0x450 [ 291.513561][T20651] show_trace_log_lvl+0x348/0x400 [ 291.513594][T20651] dump_stack_lvl+0xf2/0x150 [ 291.513620][T20651] dump_stack+0x15/0x1a [ 291.513646][T20651] should_fail_ex+0x24a/0x260 [ 291.513678][T20651] should_fail+0xb/0x10 [ 291.513709][T20651] should_fail_usercopy+0x1a/0x20 [ 291.513738][T20651] _copy_to_user+0x20/0xa0 [ 291.513754][T20651] simple_read_from_buffer+0xa0/0x110 [ 291.513785][T20651] proc_fail_nth_read+0xf9/0x140 [ 291.513818][T20651] vfs_read+0x19b/0x6f0 [ 291.513845][T20651] ksys_read+0xe8/0x1b0 [ 291.513874][T20651] __x64_sys_read+0x42/0x50 [ 291.513905][T20651] x64_sys_call+0x2874/0x2dc0 [ 291.513938][T20651] do_syscall_64+0xc9/0x1c0 [ 291.513976][T20651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.514009][T20651] [ 291.514014][T20651] value changed: 0x00000000fffffcd0 -> 0x0000000100000885 [ 291.514026][T20651] [ 291.514031][T20651] Reported by Kernel Concurrency Sanitizer on: [ 291.514039][T20651] CPU: 1 UID: 0 PID: 20651 Comm: syz.1.3395 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0 [ 291.514069][T20651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 291.514084][T20651] ================================================================== [ 291.514123][T20651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 291.514138][T20651] R13: 0000000000000000 R14: 00007fdd0cb75fa0 R15: 00007ffe3e6c8e38 [ 291.514162][T20651] [ 291.583274][T20655] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3397'. [ 291.667104][T20653] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.3396: Parent and EA inode have the same ino 15 [ 291.670861][T20655] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3397'. [ 291.683378][T20653] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.3396: Parent and EA inode have the same ino 15 [ 291.688733][T20660] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3399'. [ 291.693621][T20653] EXT4-fs (loop3): 1 orphan inode deleted