last executing test programs: 3.796207172s ago: executing program 4 (id=164): sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000005c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00e12bdca8dfc8109c31575f59aa67f9b13930e3503799fab7fe6d8e6c0df315d3b5d2cb7d48632c9dc2f09c25f99273caf49b5e8a9cfa27", @ANYRES32=0x0, @ANYBLOB="0c0099004e07000019000000050029000c0000000600ed0016070000080014"], 0x54}, 0x1, 0x0, 0x0, 0x4001}, 0x4) r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f00000001c0)={0x0, 0xc8, &(0x7f0000000700)="72c310ee3e73920d0dc3052d4ce181d032ecb02f301f57edab0edfadfeaea2dd697482893bd57292506e26d6633bb1b8806cce7544bbf1a5ead965eb492c8a669161dc927bce5be99deb47fd94fcf3112245ebbb4748baabf645ad4c18dbdace305ef2eedda0c9dc19e19da3ab7e7fc1d855f378e47f6618b7fd699daa0b552e1196c028d1431886d6ca137ecf2a6f26e1e5cfe12ab679c541c51252d8ea5edc670b5f37f59441175991adbe6bf68634d165df24576d7eaefc6de1cd5055e8fca8f57f1d815c9eee"}) write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8) 3.612929637s ago: executing program 0 (id=166): syz_mount_image$iso9660(&(0x7f0000000a80), &(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYRES8=0x0, @ANYRES16=0x0, @ANYRES32], 0xfe, 0x5db, &(0x7f0000000380)="$eJzs3F1v29YZAODDxK4FF8sGFGvSNEDZtBfZRVxJXh0Y3UU0mrbZSqJA0oVzNRSL0xmzu2HZgDU3Q266Fduwq91u6O1+wf5Uf4MG6sPxV618OPE2PA+QnEPxJc97aIIvRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECIkrVmsxWFbtbf2o6/W7JW5L0z1k/39+8jzRHzIYS5g3FDiOp/odEI18YfXXvjSewP6/9uhqvjpauhUTeN8Oj1N3/w0Rtzl+oN56MonJHQK/Hwy0e//Gxvb+c3F53IORhGz77NRtrPyjzrdTbSOCvzeHVlpfnB5noZr2fdtLxXVmkvToq0U+VFfCu5G0JYXY7TpXv5Vn9jrdNN41vJj+LW6uqd2+1mcyX+eGmQdooy73/w8VKZbGbdbtbfGMXUq2+33wl36hPxk6yKq7TTi+MHu3s7y7OSrINaTxPUnhXUbrbbrVa73Vr5cPXDO81mY3K2Hnww1zwmHN9k7uJPWl6510Ljz/WJMlqYXuNeO9cLOTyHYfK359tw7rwzAQAAAF6WaHSPPRrdnb826q1n3bR5JGYYXVh6AAAAwDkYfbW/OrkBEMK1EJ38/g8AAAD8b/vTmc/YhSgK5WAhmj6qMth+P9rv1L3O/uXxR5eP77Favx5dmexk1KzMTZaS9Eb01jjorWn0t5Pmwaw8oqKYjx6/WALhL+H6OOb6/XF7f7pmPMrietZNl5K8+1ErdDpXLlXpdvW7L3Z/H0JRDC9/3e9dicKD3b2dpZ//au/+KJfH9V4e709+IXHihxJHc1kIh3L57cFzj5MZ3z064/nRjZh61l/3e4vjcZuD7tzB/C+Nth6e+JOeMf+vwtvjmLcXx+3i0fk36jFbS6fM/nAWrcH2+wuTwSYzn3+2LG6MY27ceq9u3rs1WTN/KIv2rCzah4//+FiES+eRxeFjsXxGFsOwu7ez/IJZAFyUB8er0Ljuhif1/0TdnVze4uO7OuMqd2p1XxhfKqNxCZ9Z3X8xc5SvwrvjmHevzz2pxceu6M1ZdaX5lHU9hNOz+Fe4+c+/h7AVbk6Dv6vG1uP+9UhVjfa/qTf4ZjruP4ZjYfqkedltR/XC5YX9X4c3H3756Pbu/mef73y+80W7vbzS/HFz+P0Q5kfTmDRqDwCnSItvo8Xqj1FRZIOftVZXW51qM42LPPkkLrK1jTTO+lVaJJud/kYaD4q8ypO8W3c+zdbSMi63BoO8qOL1vIgHeZltj978Ek9e/VKmvU6/ypJy0E07ZRoneb/qJFW8lpVJPNh6UoGKuBykSbaeJZ0qy/txmW8VSboUx2WaxoOtn3azcjMt4mwt7VfZelZ3+/GgyHqd4l78ad7d6qXxWlomRTao8mKUzXSsrL+eF73Rbpcu9EgDwH+Ph2HyBruDV9k9cyc0ZsScNu6Je6QAwCtzvEovnB3eeCVJAQAAAAAAAAAAAAAARxx+XO8nk4fyXviJwDM7jXDQCeFg1XA4/MPxfJ6zc/f101a985Km8xSdRji5KoQw91IHnb446WKm/H/XadSdS+Gi05i+Z/F59xOFEGYHf6+OuaALEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACc4T8BAAD//2tektI=") chdir(&(0x7f0000000040)='./file0\x00') mount(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x800000, 0x0) stat(&(0x7f0000001080)='./file1\x00', 0x0) 3.350571958s ago: executing program 0 (id=171): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000140)={[{@nobh}, {@auto_da_alloc}, {@jqfmt_vfsv0}, {@nojournal_checksum}, {@dioread_nolock}, {@bsdgroups}]}, 0x6, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x0) 3.244043987s ago: executing program 2 (id=173): prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil) brk(0x200000ffc000) bpf$MAP_CREATE(0x0, 0x0, 0x50) mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8) prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffd000/0x3000)=nil) mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4) 3.158922804s ago: executing program 2 (id=175): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x14, 0x0, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x10000}, 0x810) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 3.110953908s ago: executing program 4 (id=176): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002d00)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x800) recvmmsg(r0, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001180)=""/4096, 0x1000}, {0x0}], 0x2, &(0x7f00000004c0)=""/193, 0xc1}, 0x7f}, {{&(0x7f00000005c0)=@in, 0x80, &(0x7f0000000700)=[{&(0x7f0000000680)=""/127, 0x7f}], 0x1}, 0x3}], 0x2, 0x40012100, 0x0) 2.872096627s ago: executing program 4 (id=177): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000140)={[{@oldalloc}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@noblock_validity}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x3a01, 0x17e) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) fstat(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0x0, r2) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) 2.793535563s ago: executing program 0 (id=178): r0 = fsopen(&(0x7f0000000080)='selinuxfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r2, &(0x7f0000000500)=""/45, 0x2d) getdents64(r2, 0x0, 0x18) 2.604755849s ago: executing program 1 (id=179): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x599, &(0x7f0000001280)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x161842, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000140)=ANY=[@ANYBLOB="0100000000000000000000000000008004000100"]) 2.534910235s ago: executing program 4 (id=180): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) r1 = gettid() timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f00000000c0)=0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0) read$char_usb(r4, &(0x7f0000000000)=""/111, 0x6f) write$binfmt_misc(r5, &(0x7f0000000980), 0xfdef) timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000eeff000000000000000000007112bc000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x4a, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x94) mount$9p_fd(0x0, &(0x7f0000000bc0)='./file0\x00', &(0x7f0000000c00), 0x1, &(0x7f0000000c40)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x81}}], [{@fsuuid={'fsuuid', 0x3d, {[0x36, 0x65, 0x52, 0x35, 0x33, 0x31, 0x61, 0x36], 0x2d, [0x38, 0x35, 0x61, 0x31], 0x2d, [0x61, 0x66, 0x66, 0x35], 0x2d, [0x39, 0x0, 0x30, 0x65], 0x2d, [0x32, 0x31, 0x8, 0x37, 0x37, 0x5a, 0x36, 0x39]}}}]}}) r6 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000640)={[{@lazytime}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@barrier_val}, {@journal_dev={'journal_dev', 0x3d, 0x5}}, {@dioread_lock}, {@data_err_ignore}, {@noinit_itable}, {@resgid={'resgid', 0x3d, 0xee00}, 0x32}]}, 0x9b, 0x4fc, &(0x7f0000000140)="$eJzs3U1rHOcdAPD/jLR+lSuZ9uAa6praRXJb70pWbYse3BdKezK0dS+91FallRBaaYV2ZVvCtDL9AIVS2kKh0FMvgXyAQPBHCAFDcg9JSAiJnRx8SLxh32Rb3pVkvNIa7e8Ho3meZ2b0f/677Ow+M8NMAD3rdESciYjHlUrlXEQMNtrTxvSDamW9vt7DB3emqlMSlcq1T5OIpN5WXWXkqf95tL5JHIqI3/064k/J83FLq2vzk4VCfrlRz5UXlnKl1bXzcwuTs/nZ/OL4+NilicsTFydGO5LnQERc+eWH//zb/3915c0f3Xrv+scjf04a7RFP8ui0euqZ2mvR1B8Ry7sRrAv6Gvlkmg0t3msAAF4dzd/534uIczEYfbVfcwAAAMB+UvnpQHzZF1EBAAAA9q20dg1skmYb1wEMRJpms/VreL8VR9JCsVT+4UxxZXG6fq3sUGTSmblCfrRxrfBQZJJqfaxWflK/sKk+HhHHI+Ifg4dr9exUsTDd7YMfAAAA0COObhr/fzFYH/8DAAAA+8xQtzsAAAAA7DrjfwAAANj/jP8BAABgX/vN1avVqdJ8/vX0zdWV+eLN89P50nx2YWUqO1VcXsrOFouztXv2LbT5NxsPDSwUi0s/jsWV27lyvlTOlVbXri8UVxbL1+eeeQQ2AAAAsIeOf/feu0lErP/kcG2qOtDtTgF7ov9FVv5g9/oB7L2+bncA6JoX+v4H9pVMtzsAdF0SEf/dYnnbi3fe2p3+AAAAnTf87dbn/9Ntjw2sp3vURWCXOP4Hvcv5f+hdzv9D78pEXxjIQ29Ltln+8uf/K5UX6hAAANBxA7UpSbONc/4DkabZbMSx2mMBMsnMXCE/GhHfiIh3BjMHq/Wx2pbJtmMGAAAAAAAAAAAAAAAAAAAAAAAAAKCuUkmiAgAAAOxrEelHSeP5X8ODZwc2Hx84kDwarM0j4tZ/rv3r9mS5vDxWbf9so73870b7hW4cwQAAAAA2a47Tm+N4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOikhw/uTDWnvYz7yc8jYqhV/P44VJsfikxEHPk8if6ntksioq8D8dfvRsQv/tgiflLtVgw1etEq/uFOxT/RKv+t46cRcbQD8aGX3avuf37W6vOXxunafPPn7+DGtv0diN9+/5du7P/62ux/ju0wxsn7r+faxr8bcbK/9f6nGT9pE//MDuPf+P3aWrtllf9FDLf8/kmeiZUrLyzlSqtr5+cWJmfzs/nF8fGxSxOXJy5OjOZm5gr5xt+WMf7+nTceb5X/kTbxh7bJ/+wO8//q/u0H36wXM63ij5xp/f6faBM/bXz3fb9Rri4fbpbX6+WnnXrt7VNb5T/dJv/t3v+RHeZ/7rd/fX+HqwIAe6C0ujY/WSjkl3u68FKvRvVn0SuRhcJ2hUpj8NZs+cumdZKI9Vekq10vND8Tj7qzYwIAADru+THwTtzYvQ4BAAAAAAAAAAAAAAAAAABAD+rMPcOa98T+w5Z312tar8+euxcyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA3fR0AAP//HxDPXg==") r7 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3', 0x0) r8 = dup(r7) write$UHID_INPUT(r8, &(0x7f0000001700)={0x8, {"e50c8864cc70450bb1fcdbb657aea7f27d65d1a63d5fb18706fa23511f6ba736e2992afc55360f6bbac1672a7c5bb01b7f112316806e07541865949ecfbdf9679aa6ab9d6c558ae26bb6674ad135626407188c2dbaed05e7208bdfaa4d4cd09ee695dad9b3358ada100dec44593308858b866fc02b791721167029a2e36f5db11d269c9b7e060d8410947563a64b57d1272faf6aa770d7dd457dbea2a2c79c55ced836959eae80e51339eab128af6879c3a5934898c18339c73e79c784d5ef9f5f11f304fe9312ec2919853224687a98c34bf4714c96864d7451cce2dad81af736d160b49fcdef1a6b7916091ddc2b35c771740f146778c4f92774d238ab6f6873b3583501b142297faa0a12e44d0c7fc3c7140f576afb6015365d0e54c6455b54de3211f9e5c6e605d84706050df392e699ee2742e359a30cce49db634bad661303466f45417c894271181a0a8a994faf5042bb9a5777becd31dcefa760afb3aa7bde2acf8627fc7675ed01b89d676ffa285d24a1a3457335757d5cf8d75bec5f223dcff91ef232f753ce3f4e1f1175577c57a93aa5bfeba1056d4beda3bf4d1138363931cd288b931777b629aa067b2a1c56f2a65aabf6e46231019d8b4db81ac3054f156299803fef32e2f46663d2a4790adac37810abfe4e0050eddaf749906f93b1437026022567423ca322801dd7f99035a291eadd1dbb4a1a75fd33ecbb04bf1c58d56798f6453980e82310fea26a949902262f2959add514038d955dbd48cf22c6429f0ace6bc24e4aa3b21448e12dd77173d317fc8fdb6727ae4f11a42d4fc9d28c7d863f757cd16b0b6773f842aed1adbf42ba67a0df712d702c7f5b37b50e2be06328bba9e7349e4f522c197c211b8a810e2ef799c60d6c60d44a092424b35bb10eff359d9ff9b7a8f3dbfe8338bd3e00730a988cf19dfd4886ac1c0219c4ffc4872ba209503f814f08c6669e65f02636b5491772c1c502fa49ed1004f60a273134bb04d1a78b35a610d83e8a8331c82d83b0f069921552511781f9401489e1d1fd214074b1a79c44ab1f783fd93b211a4d6b80e30ae5033f774ef50d8e2fe32376fe17086c72cade77f7914e4c57dedc0e2ed7700cbd56d7c36f10966e922c15135842dfdffa7d7d2559a9b1b91bb94c90145c9a4d9c26649be8e5a996cca5608e3e901399f84352e41782183d64314a5077adb447b47dda74da265177b082f0e8c16571b3c3bf39eff04770460c792740785f19b83cfbe3aba70b4b8d1b01506813063ea0cb1a60f2bae4f74c6797b4541bce7e780344650f06de45f37efebb89b67cb0a7fc28979735fc5ebdb41b7683555c7ff8f79f3003b24244c835764e332bbf04737a626a6a43156d2998ad6ca46931812da063909370fb7c5a7d50ba5f7b04bea9e03464c76ffe51e94f2ea0bc9f26aebf9e4a5b92bd57af790a094aa6e083f89a33900abaa26b4c0035898e1a5b61490a0afe179691bb979e62b9785c4e1d09530024b9aa67e91a71310b3dc111a64330cdd574c7b6c83d63fc8cdf4fb57b9fd6f0bfa78173e176de395e903eacf9db2d0ff6773e9f1b4235953999e247bce73430d88dd81745baea7ad7b119426f3b85b6515497ad3916930c4e19310ee4226702e0adf8f4883823ff8ed46764a3e2a5c77a6a7197e833c11ef3143b94904a50e30eacd807498d16a03e4176f1565b21d46c5517f36db16ce9947f9f3efe43b49747f25d1c2f636052b7857c2ac58512e0da36b573683a218549bb6cd906d17be448566c91f43439987ec3c5f807f65ca728bb10e3721715e914b6cc5fa976ee41ee5222f95cbda0a041bf94be5344bd9d2ddaf7caa661562866bd4a1e2c09d43fb00ff0d51b3ec8678f3d294db7af1ea5523b3ba3a8fea35203095e018558eacc1281933ff5a2788517da4bd0988584da3037f6778170a5c25cd58e56b4664ef8ed6d6fd0ee679a137248c7b9b7c9a58a079cfde9adb34c168fea0a5c224e35033377ae405ff2324c59de2d8da931bf8e677c95de9d1f05c8601c13f8783cdbe91a5e81f4af2697f368448be949d8ffcdbe8387fe58c13e99902703db630a1ee00d5c465e64b4bee610d5f7ff57b780af7bf2996868bd7e61a21f98836866512d40cdf1996bb4a1b8399ed63b587fd4bf4a575d4ad7e7b33854087941a8aff2853ec0f10d422fcc315f970c28dea16e8d71f105643d24f317ef74eb53c3c6bf2007981e0d38d0f904950b277ba05aa938cf4380ec5175bc1821efb92d0c609053091aab3af5924ed2f3bfa985b045f73528a43eebef6fad82cfbebbcec832b914e4ead961c381a62f517631f09fbe704c0f84fe2a678cc9548ccf97e5c30acac944b203e6031ee5585450fbb1a0521c0a77fa2d767dc2efbe2ca994a92c7f227e35e8ef77547c5863589fc90dd4a64bd16159fe9c36e5bcd18c4b8c47d07e08d85a979accb9423b154baa6a7216e9c06f35a4097f74f7c10cff41e3db21bfb9605c73e622a08bbc0d360a843b650e2dcb97b164dacc2dd295cc75336786a863e26c225fa6d8ed87f27acbf9d09cca835eda55b35fbfae1861b0ffd60a6c9239b680ce0e35c89e77aa9c6c9eb1d9d5a79a56bc0b8647595543bf02e42e4d1b3ef18e3cd574218b0e3adbe7e7c1236808b90f19fd1d520a7b6289bf1f52fc9e86e5884a9d9aa88f10ee42647c0e1385d0e7eedbb480c31aaa0dec9c955df974fd215c005a1a692ff45991b51c4e95e2b01c058056ace5a771e861b35280098b1f2e8b0a3a2319f647069878792d2fb15952b52c6071e8fa3eb539e7f57d73229e393ed029ed04d0f92e1954054311760910745780487f0659cbff55078cc14cecf4e7e3e56871a7441beb2ccf8c0de04d20ddf2518442a5541d2a4903fc7740f7482a18a6140064203bda585e7d3f85752166f421b868168718197da75cdabbaa91bb20b418137d952836a7ff2dc2ec42b4a81a3676f246001aca34ef06172a02e7674855773ae9128fe2963d3dad21db8949ec87ac5bd4c363425529907015ed467901273f4d1e3bdafa95e7fef46b2cf8d78eafdbbf9ca6ff632db83fd5d2a5d77f0ce9ec50bd1e3f19141836b7a2accd65dcecab90254715494be228af2536b936b0ba4b3e337a64a80a3902c500c147d3caf52992c67817c454464160e9c53d3d8f8d24f28f29902c6ad8953ce46faebe3dfb907acd2585fdb039c84edb3f4dc3783e8467655eae1cfb06a8dedd5763ef145a622b616570c480d6fb0c305f8309cc6aa5009a09acbcf356d7a2c31259a128b5dcf9bc35ad86669f2ffb485ecfb800c0dbfba32cd2c283efbe459b2be036c49f290fd58a946a1a8321ed7b4d9f278f3dd701af5436254e6f551544f69a99cc2322a40c7fde0416fec3e5100448aca9935f9ae3c63d2f3c25c55af374c89c2d60e6ee667febdad0a054902d21acc7e5c3777a3747426b02de91157c6cfc948b933146a601de41fe426551f6943b093a500e369f6023fd310c0691b8df45d334ce0c55b9960424c75d35a14ce6499271659eb9a3b5ba7b40625ac730d0b419f110513e9c9d162cc1c7d1093a06cbae185764c06e27b63a19ffcfaafff744ce1924232cd84dc0616e7b1033fd0be36d293773587367fee83dad06ac658315af6a3d539f3f4f4294b271cafa41fd502aca15b9adf2eb4f018baab1a50459d326384840e1546e2b27ca10b00a318f12c31b2d11d053f076c139a791013a9c2a9279137f7d55cc7e80284be7950d8d20b23fe02387c4475a3663933e495a316a3ccd61fb7621fbe0bad6980081048530e850457463848fb593d9fe6241d3e1c9c7fe5bb6be7a5111765a09f5bc1764d445ea02cd1b5835e3747f3bf0862d80de2790e7ace2fa02a37826c17d1c7ffe5946fa741b2b919491990cc551a0cd44bdd8414d253b5fa218e83480382d6c0750c102de600e5cdcb62a44f87f74b5076ba79bc3e88a078470021d42aff4e0b82ef589656257a63df5cb9a714111f445dfae6353ca39d18a2c532f7e0def72a3c0a43d8e30e2c9d07bac6c47adaf69efbb8e255b8f87d278e8003b54f98ce4521c4c65bdafa540038b262e72ee8d62947f261d7e597235c4b4f69835b3c261bea6f7fc1f141a86028971d700edaba8662e49671cdae0bd71cec0d6928e87a82aea6afda95c9ea2f4be64aa94de9bace5bbf588795549ed18f9cf17faebde8e72095904d55d6612b1765fe6af1e3ab2b2fda0680ca6da9a3739fa734220008a752c87bbf0828fa93731df9eec1b7091479b86a7e16281aa7c6e613960567ec27a0ba39cb9c75c82a20d1ac6c595b59a699cdb543324060f3b1db46daa4a7609f111a6f8a9fa87ea2b81a10e23d367d4268c62c396bb1ceeaa61bc28d0128df73ed85013020d6def8b066cb689463dbf27bdb2b58ecdcd80dffc3d743e50e8b5349dd3e6891bfdae89b302000afef8842921367088e988f30064f9a23fa6ec994502a85d91d6ccda34acf1a39ee21946766e113550be546ac8963be3a1fa2fa8f890f95f21c9cdcb0c735a6b883893e07b5123b33d8ab10dce1c88745a9f102bbea8d7239a4aa93963da3276a9fc267ab904826c8452b33290319faace452bc7d3643c818c936b22f56e9d8db18c7b32f5b2f9e9b666a48a89f208789e6d20f6c130eccc1b44e7106010485f9ca129608c4109fe527741ad93196823bc82ad196eae86de224e7d3cf3b09def5d3077f6e819a28ea48cf48a8ea4a7638b4053662d6d87d7dfc14cb07f446e827970e0d2b516199e383d6c0f07733aedeeb6b3450fe9bf90159d2aa9360a4135f4b306f020dc3897ce1423821f8bd145b0ffdfb1b21faa9bd3e090c5e8cbff6be4509a3278f366fc28cba8570687dc70b18d54bc061bab9f65338824e57502829150631e6387b555efa89c45b40daeae64141de6fdc7b6e063e3cab498f54afb63e801a5aae5c6557c0d7f6dee5a72682a6b5ee421b001a2819ed9b5bc02089f9879ed91f51dcc595b6d50ddf0b545301c3834a51c60afa24555099849ee9c9c563a1905b2b6b966226532ff0a3028434a7a309b6ae545df5cb989f224f2ff1841f6355f160e179384fce9b476ee23df105ebbed236fd4931034352cbc6d42947efcd19a02b414683a616cc91ee07eced8f8335add58b2d26595bf0e1d223a0083a3501ce1eb3df3b51cad65c7eb77eb806abcf701c6d4e29155ff4f03c19af51817d3063e15e34157f0ce3a27a5f4cf7e7148d90ac907680995ba335e733d66b6ef4c7c7ab8d03a6d33b3672023e940d2790697bb366d3f70ed5626f9b70db8ac5d98470734383ec9ebd6cb1992978aa1508246a75343572c49e7b41ae0fd104a43b1d45232e55160d508a24bf7e6aa9ac721e621ef7ced2328385d504a21cd68b019b0f74013ed2df763d7b4d162f73c6666d8ad89d954b0cc9f96da3da7d13f70f5e9a0ed52c9310fec1a24c49dce5e6dbd08c45390a327f01ede22137bd46c8c90b19f1d598afab5bfbf1ec4e5e1019ef392cbee8130ad2171cdda67401a700258bf9be757054aa74352278646f68231bdbfcb68c960413258a01564dbd41cf761a411a455796e86e08df3ab2426356b7e0073c5edc203a3a04d7f95286e405e44fef024673fa576a4c2a799602c1c69345c653949e6d797dce9716259ddf4d9692674f4ce3b54946f76b2cafcbdb78c0e4b66b2d00c1f59b1bf9718fe7bda3c82fb3a0d506b22d4a0ed3cf750af9d9f00b8f0fed24b84e9f9ee174e7977fbfee6856dd7446b95bf", 0x1000}}, 0xfffffddb) finit_module(r8, 0x0, 0x5) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00') r9 = pidfd_getfd(0xffffffffffffffff, r6, 0x0) ioctl$FIGETBSZ(r9, 0x2, 0x0) 2.511881486s ago: executing program 0 (id=181): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000005"], 0x50) syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f00000007c0)={0x44, &(0x7f0000000540)={0x20, 0xa, 0x65, "4d6cdb91bc29973af2d7719257baef0037b3cf16a267295234978799ee65a5d121564703a1edf588ce79754834929b5c8ad865f3f2f365594a43494b1adacb0aff1aa146908339ac55c7ae30796b3694772a27594b9dddfb4c9376631f1e36d73b44041a41"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r0, &(0x7f0000000580), 0x0}, 0x20) 2.408248485s ago: executing program 1 (id=182): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1, 0x1, 0x86, 0x10, 0x20f4, 0xe05a, 0x6c6d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x69, 0x2, 0x2, 0xff, 0x5a, 0xa3, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x40}}]}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000380)={0x34, &(0x7f0000000180)={0x20, 0x3, 0x1, "ff"}, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.182546803s ago: executing program 2 (id=183): r0 = epoll_create(0x4) r1 = socket(0x28, 0x801, 0x0) connect$vsock_stream(r1, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10) shutdown(r1, 0x1) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000280)={0x30000010}) 2.0961164s ago: executing program 2 (id=186): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) dup3(r1, r0, 0x0) ppoll(&(0x7f0000000380)=[{r1, 0xa200}], 0x1, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000000)=[@request_death], 0x0, 0x1000000, 0x0}) 2.09517008s ago: executing program 3 (id=188): r0 = socket$inet6(0xa, 0x3, 0x5) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x800, 0x0, 0x3, 0x9}, 0x20) 2.082465881s ago: executing program 3 (id=189): bpf$ENABLE_STATS(0x20, 0x0, 0x0) syz_usb_connect$hid(0x3, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="1201000000000040c00725110000000000010902"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18010000000000000000000000000000850000002e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$inet(0x2, 0x1, 0x0) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000b, 0x12, r1, 0x0) mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) io_submit(0x0, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x1802, 0x0, 0x0, 0x2, 0x8000, r2, 0x0, 0x0, 0x0, 0x0, 0x1}]) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x2000) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b04, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x47, 0x0) 1.942599883s ago: executing program 0 (id=190): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x1c9602, 0x0) r4 = socket$inet6(0xa, 0x400000000001, 0x0) sendto$inet6(r4, 0x0, 0xffffffac, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) close(0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000340)=ANY=[]) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$packet(0x11, 0x2, 0x300) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004080), 0x0, 0x0) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x12, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="1800"/12], &(0x7f00000003c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41000, 0x2a, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x17, 0x18, &(0x7f0000000240)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@printk={@p, {}, {0x5}, {0x7, 0x0, 0x9}, {}, {}, {0x15}}, @ldst={0x1, 0x0, 0x3}], {{}, {0x5}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.816219963s ago: executing program 1 (id=191): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000) r1 = syz_open_dev$rtc(&(0x7f0000000500), 0xd2a, 0x80) ioctl$RTC_PIE_ON(r1, 0x7005) 1.574211192s ago: executing program 4 (id=192): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x3810813, &(0x7f0000000540)=ANY=[@ANYBLOB="696f636861727365743d637f313235312c757466382c6f76657272696465726f636b7065726d2c6e6f6a6f6c6965742c6e6f6a6f6c6965742c6f76657272696465726f636b7065726d2c646d6f64653d3078303030303030303030303030303030332c6e6f636f6d70726573732c6d6f64653d3078303030303030303030303030303038302c6e6f726f636b2c636865636b3d7374726963742c6f76657272696465726f636b7065726d2c6f76657272696465726f636b7065726d2c636865636b3d72656c617865642c6769643d", @ANYRESDEC=r0, @ANYBLOB=',\x00'], 0x1, 0xa51, &(0x7f0000000780)="$eJzs3ctvXNd9B/DvHZISQ7u24qiuKzjiSK4UxmEpkqqlCl6kEjmSmPJRkBRgoYsojahCEFu3cQs4RoEoQNFVjBZo0UW7M7rqykA2TReFN0W7a1ZdFCj8LwRdqSsG986QHJIzHIrhy8rnQ8zMffzuOec+zj2cmTv3hC+WtVe3jK2tVY99jt/75yMoMSfYrenPP/n04/Lxw6c5lb68U/xLMpiknvQneSMZmJpeXJjrkdCT5EGSz5Iiyek0X/fkQYq/zsub45+l+Mcy365O7TVlelnjl9pxH38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHASFVPT4+MTxanMzN97r96U1HeYml5cKLK2tnPO+jJNP6l6/S5+0jPfpCgfGRxc7+r7jbObs19PUr+YN5tjb1YdkmcwH730+pl3v9JfW1++W2l+Iaf3nuwH3//oyXdWV1e+13FuURxgqU6Y5jFypzE/s7QwM3fzTqM+s7RQv3Ht2viVu7eX6rdnZhtL95eWG3P1qcXGzeWFxfrI1NfrEzduXK03xu4v3Ju/Mz0221ifeP03J8fHr9W/NfZ7jZuLSwvzV741tjR1d2Z2dmb+ThVTzi5jrpcH4u/OLNeXGzfn6vVHj1dXrm4rWV+2Hb9l0ESv9SmDJnsFTY5PTk5MTE5O/LDVe/bGhGvv3Hjn+vh4/3jTy2kNZEfEIR20nCxf6r6bD/4kDvtUa7b/yWxmMp97eS/1jn9Tmc5iFjLXZX7Levt/6Upj12zT1v63Wvn+tvnnyqeLOd8aHezS/ncpy9H9fZDv56M8yXeymtWs5HvHXqKj/buTRuYzk6UsZCZzuVlNqbem1HMj13It4/l27mY4S+nP7cxkNo0s5X6WspxGdURNZTGN3MxyFrKYekYyla+nnoncyI1cTT2NjOV+FnIv87mT6dysUnmUx9V2v7pLGTeCJvYSNLlL0I7GvFv7v2H7Io3t/5zwAqrtupcP4SwO+7PWav9P9Q4dmdoy2n94hQIAAAAO1K//Z145+9p//G9S5KvV9/K3Z2Yb48ddLAAAAOAAVZfrvVm+DJRDX03h/T8AAAC8aIrqN3ZFkqEMN4fWfwnlQwAAAAB4QVTf/59PMbw5wft/AAAAeMH0vsd+z4hidP32v/WHzdeHrYjmWDF0e2a2MTa1MPvuRC5XdxmofmmwI7W+pBiofn7wdi40oy4MNV+HNlMs8xwsoybG3p3I27nYWpGRt8qXt0Y6RE42I7/WjPxae2RftkReLSMB4EV3cZf2eK/t/9sZbUaMnqua/P5zW9rgvqplHdeyAsBJsdHHzv+3ujTr0P6fb94b4Hy39v+3dnn/X0a8lkfDzUsKxvLdvJ/VPMxoWlccDHdKdb03guZlCKM9Pg0Yal2y8NPrtYzu+DxgcGNd22NXMpnRjp8ItKVbrJfhajOu77D2AgAcrYu7tsPr7X/1IXnX9n909/f/bW2uSwoB4CTY6MH+eQeG9x583OsIAGyllQYAAAAAAAAAAAAAAAAAAAAAAAAAAICDt6cb+P/X5WR1dSXZb2cBHQZ++u//+itdY370UjL4PCXcfaCWAynz6SQHsu6HN9CX5Lhy/2aee6lyH5+UTfciDRRPqwr7C6VzzCcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjkSR9HWaXktOJxlPcuXoS3V4nh53AQ5KfX+LFc/yLB/mlYMuDgAAAAAAAAAAAAAAAAAAAAAAAAAAAADAL7vW/f9rab6+1JyU/lpyKcmDJL9/3GV8HoM95j87onKcPH9UPbfd/7+WDGStSH/W1tbWkmJganpxYa48FIrT5fzPP/n04/LRNckfrA/s7FWhTKDMYUvnEq0c2qYMbF3qy9VSQ9MrHzz5s/f/pD59qzowby3fnp2eu7P4O5uBrxc/bnaB0N4Nwnp5/+LSv/1N2+RTrcx/nP5uK7I939tVvtM78/21Tkt3yXcPHq+uTJY5LTfeW/7zP661z3otF5K3RpKRrTn9YfnoktOF7dtzq+JnxV8Vr+Tv86Da/+XWKNaKche9Wq3/lx49Xl0Z++77qw83yvSDxx+2JXAmw0kebq1lPco0XJ1POnqpynWgzHW8CiqfzvZIb1dtKU5sbtct6/Dl6pAZeq51qHdfh0qP7d4q0dXtJVorK8nf/ulXcnnXPX26Q4qXe+TYUfGz4n+Ku/nv/GVb/x+1cv9fSsfa2SGJKrLtSGmft6V61S5trvlk+4xvb0+za63kEPwof5Df3tj/ter8315vJrvUm43z0TfbJnapN+tVq0u9OL21pu6oFy296sXOmvpPr+5oUbbmmrPbWqTW2afbMq1ynm1GdSnnr+YbSf+55zqjfKPHGaXX8vut//9QjOT/8lT/PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMlXJH2dpteSS0nOJHm1HK8na9tjnu4jv9pQsZ9iHpj9lPmLp+i6osWzPMuHeeWoSwQAAAAAAADA4bg1/fknn35cPqrv4/vyG7XWnHrSn+RM8XcDU9OLC3M9EhpIHqx/pT/YOaTL5Dwon17eHP+sHHujR37He/kAAHyh/TwAAP//FnluMg==") open(&(0x7f0000000040)='./file0\x00', 0x800, 0x106) 1.471267501s ago: executing program 3 (id=193): r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TRIM(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x3f6, 0x2, 0x70bd2d, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) r1 = socket$inet6(0xa, 0x80002, 0x0) sendmsg$sock(r1, &(0x7f0000000780)={&(0x7f0000000100)=@in6={0xa, 0x4e27, 0x41d, @remote, 0x4}, 0x80, 0x0, 0x0, &(0x7f0000000040)=[@mark={{0x14, 0x1, 0x41, 0x1}}], 0x18}, 0x2400c0c1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@jmp={0x5, 0x0, 0x0, 0x0, 0x7, 0x2}, @alu={0x7}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x2}, @jmp={0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_ABORT_SCAN(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r3, 0x400, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r4}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004024}, 0x4000010) 1.328004172s ago: executing program 4 (id=194): sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d40)=[{{&(0x7f00000001c0)={0xa, 0x4e21, 0x2, @empty, 0x93a9}, 0x1c, 0x0}}], 0x1, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x1817c1, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0xc, &(0x7f0000000640)=0x7, 0x4) sendmsg$netlink(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)=ANY=[@ANYRESDEC=r1], 0x350}], 0x1}, 0x4004840) syz_usb_connect(0x4, 0x2d, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYRES8=r0, @ANYRES64=0x0, @ANYRES64=r1, @ANYRES8=r1], 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r5}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40) llistxattr(&(0x7f0000000000)='./file1\x00', 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYRESDEC=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='kfree\x00', r6}, 0x10) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1700000000000000008400000100000000000300", @ANYRES32=r0, @ANYBLOB="00000000000000000000000000000000a4fab745", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/24, @ANYRES32=r0, @ANYBLOB], 0x50) bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r7, 0x0, 0x20000000}, 0x20) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/asound/timers\x00', 0x0, 0x0) lseek(r8, 0x164, 0x0) 1.293216395s ago: executing program 3 (id=195): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2, 0x9, 0x81, 0x9, 0x2, 0x0, 0x70bd2c, 0x25dfdbfe}, 0x10}}, 0x20008040) 1.263458177s ago: executing program 3 (id=196): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x756, &(0x7f0000000fc0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4") chdir(&(0x7f0000000240)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x44000, 0xa) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.202741062s ago: executing program 2 (id=197): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) mremap(&(0x7f0000532000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000190000/0x1000)=nil) sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[], 0x60}, 0x1, 0x7}, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@debug}]}, 0x1, 0x514, &(0x7f0000000300)="$eJzs3c9vI1cdAPDvTOJtdjfFLiBUKlEqWpStYO2koW2EEJQLnCoB5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgf+AFSpElwQBwQIhGAXDkjADrI9ZrOOnYTdxM7Gn4/04vdmxvN9byy/+eGXmQAm1nMR8VpETEXEixFRzKeneYqDbmovd/fOWyvtlESWvfHXJJJ8Wm9d7fJ0RFzP3zYTEV/7csQ3k6Nxm3v7m8u1WnUnL1da9e1Kc2//5kZ9eb26Xt1aXFx4ZenVpZeX5rPcI7Wz1Mv85Euff+fT3/rdrT/f+Ha7Wp/7SBSirx1nqdv0Qmdb9LS30c55BBuDqbw9hXFXBACAU2kf438wIj7ROf4vxlTnaK7P1DhqBgAAAJyV7AtJ/DuJyAAAAIBLK42I2UjScj4WYDbS9Ep+beDDcS2tNZqtT601drdW2/MiSlFI1zZq1fl8rHApCkm7vJCPse2VX+orL0bEUxHx/eLVTrm80qitjvnaBwAAAEyK633n//8opp38yQb8nwAAAABwcZWGFgAAAIDLwik/AAAAXH795//vjKkeAAAAwLn4yuuvt1PWe/716pt7u5uNN2+uVpub5fruSnmlsbNdXm801jv37KuftL5ao7H9mdjavV1pVZutSnNv/1a9sbvVurXxwCOwAQAAgBF66uPv/jqJiIPPXu2kyO8DCPCAP4y7AsBZmhp3BYCxefi7eBfOtB7A6PkWA8kJ8w3eAQCAx9/cR4/+/t97/r9rA3C5GesDAJPHU7xhchWMAISJlkbEB7rZJ4YtM/T3/1+eNkqWRbxXPDzF9UUAABit2U5K0nJ+HjAbaVouRzwZkZaikKxt1Krz+fnBr4qFJ9rlhc47kxPHDAMAAAAAAAAAAAAAAAAAAAAAAAAAXVmWRAYAAABcahHpn5LO3fwj5oovzPZfH7iS/LMYf8wLP3rjB7eXW62dhfb0v3We5XUlIlo/zKe/NPTxYQAAAMBZSw6Gzuqep+evCyOtFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT4O6dt1Z6aZRx//LFiCgNij8dM53XmShExLW/JzF96H1JREydQfyDtyPi6UHxk7iXZVkpr0V//DQirp5z/FJn0wyPf/0M4sMke7fd/7w26PuXxnOd18Hfv+k8Parh/V+aR366088N6v+ePLK2+sAYz7z/s8rQ+G9HPDM9uP/p9b/JkPjPH1nbv7IsOxrjG1/f3x8WP/txxNzA/U/yQKxKq75dae7t39yoL69X16tbi4sLryy9uvTy0nxlbaNWzf8OjPG9j/383nHtvzYg/m9/0+1/j2v/C8NW2uc/79++86FutjAo/o3nB+5/Z2JI/DTf930yz7fnz/XyB938Yc/+9L1nj2v/6pDtf9Lnf+OU7X/xq9/9/SkXBQBGoLm3v7lcq1V3jsnMnGKZxzHzi5kLUY3/M5N9p/vJXZT6PGymfbR6f0qvVRegYocy2chiTcUFafL/MmPtlgAAgHNw/6B/3DUBAAAAAAAAAAAAAAAAAACAyTWK24n1xzwYT1MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI713wAAAP//fG7gBw==") 962.811192ms ago: executing program 0 (id=198): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) mlock(&(0x7f0000008000/0x2000)=nil, 0x2000) mlock(&(0x7f0000007000/0x3000)=nil, 0x3000) 962.568552ms ago: executing program 3 (id=199): socket$packet(0x11, 0x2, 0x300) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4) 924.525675ms ago: executing program 1 (id=200): syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000000)='.\x02\x00', 0x8c48, &(0x7f0000000240)=ANY=[@ANYBLOB='nojoliet,mode=0x00000000000000e4,dmode=0x0000000000000005,check=relaxed,overriderockperm,utf8,mode=0x0000000000000000,nojoliet,cruft,mode=0xfffffffffffffffb,utf8,session=0x0000000000000043,hide,dmode=0x000000000000001f,uid=', @ANYRESDEC, @ANYBLOB="2c6d6f64653d3078303030303030303038303030303030310086cb4be138f89f69aed82c696f636861727365743d6d6163696e7569742c66756e633d4250524d5f434845434b2c0020e70c853946a2904771793dc06c06611e03f5e2c7602f64a957c88cc3d8ee83589beff40c21fbbb1601b5869235b81f95cf0a39f6c3195e5125f94f2f8c75c38fc0c09c03ea3fbd2e56cce2a69c86db67514e59f271f5f87b7b075aabe717344a6eaeb832436386d4424b4a3d25832eb577d44c6accfaa75c7ae620d71699794e59af4cb377883fc3e4c9dfdb6340cb6395e3776c2b7e56043e63b8dd704ed4ede91e42537942c5e62bf46bf7b8542c03f6240d54f161466db4e9134915ca2839bbf4d798c1de7af1366d9b142b4e603178a6862a8b03340d309cab1a0cd33fb757910ccc8420000000934038e92ed734e0eb7d200c8283ff14dcc7b61114a4fef9561fa91274ac0114c707f4e3bf295693ab"], 0x1, 0x5a7, &(0x7f0000000f80)="$eJzs3M9v29YdAPBHx64NFwsGFGvSNEDZtIfsEFeSFwdGd4hGUzZbSRRIunBOQ7E4nTG7G5YNWHPLpVuBDTvtPPS6v2D/VP8GD5TkRLKTKD+cKQU+HyB+T+KX730fQ/ALEyYDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABCiZKvRaEahm/V39+KnS7aKvPeM7Sfj/XeqmbI08TNEIUT1v7CyEi6Pvrr8zuPYn9U/roVLo0+XwkrdrIQHb7/700/fWVyod1yKovCMhM7F8owZ7n/z4HdfHh7u//F1J/J/cBy9+D7baT8r86zX3k7jrMzjzY2Nxic7nTLuZN20vFNWaS9OirRd5UV8PbkdQthcj9O1O/luf3ur3U3j68nP4+bm5q0brUZjI/5sbZC2izLvf/LZWpnsZN1u1t8extSbb7Q+CLfqE/HzrIqrtN2L43sHh/vrs5Ksg5rPE9SaFdRqtFrNZqvV3Li5efNWo7EyPlsffbHYOCWc3mXx9Z+0vHHeGp8oww8n17i3zu8qDi/nOPnnvFMAAAAAXrNoeI89Gt6XvzzsdbJu2piKOY7mlh4AAABwDoa/2l8a3wAI4XKIzv7+DwAAAPy4/e2Zz9iFKArlYDk6eVRlsPdxdNSue+2jC6OvLpwesepciS6OBxk2G4vjT0l6NXpvFPTeSfQP4+berDyioliKHr5aAuHv4coo5srdUXv3ZMtoltVO1k3Xkrz7aTO02xcXqnSv+vPXB38JoSiOL3zX712Mwr2Dw/213/z+8O4wl4f1KA+Pxn8hceYPJaZzWQ4Tufzp0XOP4xXfnl7x0vBGTL3q7/q91dG8jcn1L4x2X3iB9X8b3h/FvL86alen179Sz9lce8LqJ7NoDvY+Xh5P9pwrP5XF1VHM1esf1c1H18dbliayaM3KojV5/F/qWDwli8ljsf6MLI7DweH++itmATAv905XoVHdDY/r/5m6+xJXuRnVvS7hM6v7b2fO8m34cBTz4ZXFxxXp1BW9MauuNJ6zrofw5Cz+E679+18h7IZrJ8FPq7H1vP+YqqrR0ff1Dt+fmXdlevooLB/9Ibx7/5sHNw6Ovvxq/6v9r1ut9Y3GLxqNm62wNFzGuFF7AHiCtPghWq3+GhVFNvh1c3Oz2a520rjIk8/jItvaTuOsX6VFstPub6fxoMirPMm7deeLbCst43J3MMiLKu7kRTzIy2xv+OaXePzqlzLttftVlpSDbtou0zjJ+1U7qeKtrEziwe6vulm5kxbDnctBmmSdLGlXWd6Py3y3SNK1OC7TdCIw20r7VdbJ6m4/HhRZr13cib/Iu7u9NN5Ky6TIBlU+GvBkrqzfyYvecNi1eR9sAHhD3A/jN9g9epXdC3fCyoyYea8RAJh2ukovzzshAAAAAAAAAAAAAADgjMnH9X45fqXPCz7/t/xqjw+ee+f220/a9MH8E5vshBAWX+sUJy9OmvtK59ipz+dzGnCl7iyEea9rafy/+rLjRCGE2cE/qWPmdUUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKf7XwAAAP//3geMdQ==") creat(&(0x7f0000000080)='.\x02\x00', 0x8) 696.204854ms ago: executing program 1 (id=201): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080)) 651.895147ms ago: executing program 1 (id=202): r0 = socket$inet(0x2, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = fsopen(0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='source', 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4) sendto$inet(r0, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93) 0s ago: executing program 2 (id=203): r0 = socket$inet(0x2, 0x3, 0x6) ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x0, @local}, 0x4a, {0x2, 0x0, @multicast2}, 'syz_tun\x00'}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.222' (ED25519) to the list of known hosts. [ 20.983711][ T29] audit: type=1400 audit(1754713447.974:62): avc: denied { mounton } for pid=3271 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 20.984636][ T3271] cgroup: Unknown subsys name 'net' [ 21.006528][ T29] audit: type=1400 audit(1754713447.974:63): avc: denied { mount } for pid=3271 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 21.033798][ T29] audit: type=1400 audit(1754713448.004:64): avc: denied { unmount } for pid=3271 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 21.149610][ T3271] cgroup: Unknown subsys name 'cpuset' [ 21.155761][ T3271] cgroup: Unknown subsys name 'rlimit' [ 21.304857][ T29] audit: type=1400 audit(1754713448.294:65): avc: denied { setattr } for pid=3271 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 21.329208][ T29] audit: type=1400 audit(1754713448.294:66): avc: denied { create } for pid=3271 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 21.349718][ T29] audit: type=1400 audit(1754713448.294:67): avc: denied { write } for pid=3271 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 21.356399][ T3288] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 21.370118][ T29] audit: type=1400 audit(1754713448.294:68): avc: denied { read } for pid=3271 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 21.398849][ T29] audit: type=1400 audit(1754713448.304:69): avc: denied { mounton } for pid=3271 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 21.423625][ T29] audit: type=1400 audit(1754713448.304:70): avc: denied { mount } for pid=3271 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 21.441559][ T3271] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 21.446953][ T29] audit: type=1400 audit(1754713448.364:71): avc: denied { relabelto } for pid=3288 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 23.291280][ T3305] chnl_net:caif_netlink_parms(): no params data found [ 23.314736][ T3299] chnl_net:caif_netlink_parms(): no params data found [ 23.323406][ T3309] chnl_net:caif_netlink_parms(): no params data found [ 23.349700][ T3300] chnl_net:caif_netlink_parms(): no params data found [ 23.396438][ T3306] chnl_net:caif_netlink_parms(): no params data found [ 23.422494][ T3305] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.429611][ T3305] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.436884][ T3305] bridge_slave_0: entered allmulticast mode [ 23.443217][ T3305] bridge_slave_0: entered promiscuous mode [ 23.462618][ T3305] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.469761][ T3305] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.476835][ T3305] bridge_slave_1: entered allmulticast mode [ 23.483179][ T3305] bridge_slave_1: entered promiscuous mode [ 23.519142][ T3309] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.526370][ T3309] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.534079][ T3309] bridge_slave_0: entered allmulticast mode [ 23.540472][ T3309] bridge_slave_0: entered promiscuous mode [ 23.558210][ T3300] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.565317][ T3300] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.572686][ T3300] bridge_slave_0: entered allmulticast mode [ 23.579207][ T3300] bridge_slave_0: entered promiscuous mode [ 23.585540][ T3309] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.592702][ T3309] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.600024][ T3309] bridge_slave_1: entered allmulticast mode [ 23.606296][ T3309] bridge_slave_1: entered promiscuous mode [ 23.613363][ T3305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 23.622472][ T3299] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.629558][ T3299] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.636665][ T3299] bridge_slave_0: entered allmulticast mode [ 23.643295][ T3299] bridge_slave_0: entered promiscuous mode [ 23.651754][ T3300] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.658818][ T3300] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.665913][ T3300] bridge_slave_1: entered allmulticast mode [ 23.672260][ T3300] bridge_slave_1: entered promiscuous mode [ 23.683669][ T3305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 23.692765][ T3299] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.699816][ T3299] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.706899][ T3299] bridge_slave_1: entered allmulticast mode [ 23.713512][ T3299] bridge_slave_1: entered promiscuous mode [ 23.754061][ T3300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 23.764227][ T3309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 23.781862][ T3306] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.789022][ T3306] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.796773][ T3306] bridge_slave_0: entered allmulticast mode [ 23.803365][ T3306] bridge_slave_0: entered promiscuous mode [ 23.810093][ T3306] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.817129][ T3306] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.824239][ T3306] bridge_slave_1: entered allmulticast mode [ 23.830621][ T3306] bridge_slave_1: entered promiscuous mode [ 23.837529][ T3300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 23.852236][ T3309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 23.861909][ T3305] team0: Port device team_slave_0 added [ 23.873030][ T3299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 23.892111][ T3305] team0: Port device team_slave_1 added [ 23.898455][ T3300] team0: Port device team_slave_0 added [ 23.910445][ T3299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 23.924505][ T3300] team0: Port device team_slave_1 added [ 23.940294][ T3309] team0: Port device team_slave_0 added [ 23.947264][ T3306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 23.970278][ T3309] team0: Port device team_slave_1 added [ 23.976572][ T3299] team0: Port device team_slave_0 added [ 23.983146][ T3306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 23.997758][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.004725][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.030621][ T3305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.046426][ T3299] team0: Port device team_slave_1 added [ 24.057017][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.064014][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.090022][ T3300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.101025][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.107982][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.133926][ T3305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.159860][ T3306] team0: Port device team_slave_0 added [ 24.165862][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.172798][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.198753][ T3300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.212238][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.219267][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.245318][ T3309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.260904][ T3306] team0: Port device team_slave_1 added [ 24.270358][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.277293][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.303327][ T3309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.314309][ T3299] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.321321][ T3299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.347260][ T3299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.368212][ T3306] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 24.375195][ T3306] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.401113][ T3306] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 24.420772][ T3299] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.427697][ T3299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.453604][ T3299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.473147][ T3306] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 24.480206][ T3306] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 24.506157][ T3306] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 24.545519][ T3309] hsr_slave_0: entered promiscuous mode [ 24.551651][ T3309] hsr_slave_1: entered promiscuous mode [ 24.565993][ T3300] hsr_slave_0: entered promiscuous mode [ 24.571861][ T3300] hsr_slave_1: entered promiscuous mode [ 24.577747][ T3300] debugfs: 'hsr0' already exists in 'hsr' [ 24.583492][ T3300] Cannot create hsr debugfs directory [ 24.591031][ T3305] hsr_slave_0: entered promiscuous mode [ 24.597008][ T3305] hsr_slave_1: entered promiscuous mode [ 24.603731][ T3305] debugfs: 'hsr0' already exists in 'hsr' [ 24.609472][ T3305] Cannot create hsr debugfs directory [ 24.632591][ T3299] hsr_slave_0: entered promiscuous mode [ 24.638517][ T3299] hsr_slave_1: entered promiscuous mode [ 24.644366][ T3299] debugfs: 'hsr0' already exists in 'hsr' [ 24.650127][ T3299] Cannot create hsr debugfs directory [ 24.662123][ T3306] hsr_slave_0: entered promiscuous mode [ 24.668200][ T3306] hsr_slave_1: entered promiscuous mode [ 24.674094][ T3306] debugfs: 'hsr0' already exists in 'hsr' [ 24.679853][ T3306] Cannot create hsr debugfs directory [ 24.872849][ T3299] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 24.881474][ T3299] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 24.894633][ T3299] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 24.903150][ T3299] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 24.921278][ T3300] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 24.929879][ T3300] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 24.940081][ T3300] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 24.948669][ T3300] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 24.975576][ T3309] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 24.985798][ T3309] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 24.994965][ T3309] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 25.003234][ T3309] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 25.040777][ T3306] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 25.056654][ T3306] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 25.080833][ T3306] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 25.091685][ T3306] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 25.102417][ T3305] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 25.111758][ T3305] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 25.120575][ T3305] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 25.133298][ T3305] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 25.158295][ T3299] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.177926][ T3299] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.197201][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.204453][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.217606][ T3300] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.227132][ T3309] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.235728][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.242786][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.262252][ T3300] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.281070][ T3309] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.298486][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.305589][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.314260][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.321336][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.347432][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.354489][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.364478][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.371551][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.388156][ T3306] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.414366][ T3306] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.438331][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.445509][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.469870][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.476932][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.499777][ T3300] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.508092][ T3305] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.537192][ T3299] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.557210][ T3305] 8021q: adding VLAN 0 to HW filter on device team0 [ 25.575856][ T3306] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 25.611926][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.619014][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.628627][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.635729][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.671704][ T3309] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.721298][ T3299] veth0_vlan: entered promiscuous mode [ 25.730226][ T3300] veth0_vlan: entered promiscuous mode [ 25.740513][ T3299] veth1_vlan: entered promiscuous mode [ 25.752625][ T3300] veth1_vlan: entered promiscuous mode [ 25.766351][ T3305] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.781448][ T3306] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 25.794768][ T3300] veth0_macvtap: entered promiscuous mode [ 25.801781][ T3300] veth1_macvtap: entered promiscuous mode [ 25.831181][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 25.845706][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 25.856056][ T3299] veth0_macvtap: entered promiscuous mode [ 25.866791][ T3299] veth1_macvtap: entered promiscuous mode [ 25.878674][ T3434] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 25.908079][ T3309] veth0_vlan: entered promiscuous mode [ 25.914251][ T3434] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 25.925900][ T3299] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 25.942877][ T3309] veth1_vlan: entered promiscuous mode [ 25.950976][ T3434] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 25.972700][ T3299] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 25.985980][ T3434] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.003703][ T3300] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 26.031263][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 26.031277][ T29] audit: type=1400 audit(1754713453.024:90): avc: denied { read write } for pid=3300 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 26.058325][ T3306] veth0_vlan: entered promiscuous mode [ 26.061425][ T29] audit: type=1400 audit(1754713453.024:91): avc: denied { open } for pid=3300 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 26.071704][ T3306] veth1_vlan: entered promiscuous mode [ 26.090743][ T29] audit: type=1400 audit(1754713453.024:92): avc: denied { ioctl } for pid=3300 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 26.122588][ T3434] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.132222][ T29] audit: type=1400 audit(1754713453.124:93): avc: denied { write } for pid=3469 comm="syz.3.4" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 26.155416][ T29] audit: type=1400 audit(1754713453.124:94): avc: denied { open } for pid=3469 comm="syz.3.4" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 26.180032][ T3309] veth0_macvtap: entered promiscuous mode [ 26.185095][ T29] audit: type=1400 audit(1754713453.124:95): avc: denied { ioctl } for pid=3469 comm="syz.3.4" path="/dev/sg0" dev="devtmpfs" ino=137 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 26.187103][ T3309] veth1_macvtap: entered promiscuous mode [ 26.210807][ T29] audit: type=1400 audit(1754713453.174:96): avc: denied { prog_load } for pid=3471 comm="syz.3.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 26.218109][ T3305] veth0_vlan: entered promiscuous mode [ 26.234964][ T29] audit: type=1400 audit(1754713453.174:97): avc: denied { bpf } for pid=3471 comm="syz.3.6" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 26.250810][ T3305] veth1_vlan: entered promiscuous mode [ 26.260599][ T29] audit: type=1400 audit(1754713453.174:98): avc: denied { create } for pid=3471 comm="syz.3.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 26.286204][ T29] audit: type=1400 audit(1754713453.174:99): avc: denied { write } for pid=3471 comm="syz.3.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 26.307735][ T3434] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.316695][ T3434] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.328070][ T3434] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.356758][ T3305] veth0_macvtap: entered promiscuous mode [ 26.373746][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.383641][ T3305] veth1_macvtap: entered promiscuous mode [ 26.401376][ T3306] veth0_macvtap: entered promiscuous mode [ 26.411998][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 26.424954][ T3306] veth1_macvtap: entered promiscuous mode [ 26.444530][ T41] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.457998][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.480559][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 26.490890][ T41] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.501615][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 26.513356][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 26.522020][ T3434] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.540603][ T3434] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.560779][ T3434] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.597585][ T3434] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.620030][ T3434] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.639311][ T3434] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.648021][ T3434] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.686410][ T3486] vhci_hcd: invalid port number 255 [ 26.691654][ T3486] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 26.702276][ T3434] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.721423][ T3434] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.763249][ T3434] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 26.860476][ T3497] loop2: detected capacity change from 0 to 512 [ 27.002390][ T3497] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 27.026364][ T3497] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 27.061059][ T3497] EXT4-fs (loop2): shut down requested (0) [ 27.078115][ T3497] syz.2.8 (3497) used greatest stack depth: 10368 bytes left [ 27.117351][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 27.163811][ T3513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 27.184708][ T3513] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 27.200331][ T3515] loop2: detected capacity change from 0 to 512 [ 27.274162][ T3515] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 27.332545][ T3515] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 27.396682][ T3515] EXT4-fs (loop2): shut down requested (0) [ 27.463788][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 27.911280][ T3526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 27.955440][ T3526] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 28.161616][ T3530] loop1: detected capacity change from 0 to 128 [ 28.221912][ T3530] netlink: 36 bytes leftover after parsing attributes in process `syz.1.15'. [ 28.230843][ T3530] netlink: 12 bytes leftover after parsing attributes in process `syz.1.15'. [ 28.344983][ T3532] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 28.885392][ T3559] netlink: 256 bytes leftover after parsing attributes in process `syz.0.17'. [ 29.357623][ T3590] loop1: detected capacity change from 0 to 1024 [ 29.387457][ T3590] EXT4-fs: Ignoring removed bh option [ 29.407031][ T3590] EXT4-fs: inline encryption not supported [ 29.450829][ T3590] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 29.589321][ T3590] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 2: comm syz.1.20: lblock 2 mapped to illegal pblock 2 (length 1) [ 29.640744][ T3590] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.20: lblock 0 mapped to illegal pblock 48 (length 1) [ 29.719731][ T3590] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.20: Failed to acquire dquot type 0 [ 29.761436][ T3590] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 29.799196][ T3590] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.20: mark_inode_dirty error [ 29.800143][ T3590] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 29.800291][ T3590] EXT4-fs (loop1): 1 orphan inode deleted [ 29.800588][ T3590] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 29.812449][ T3434] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1) [ 29.824138][ T3434] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 0 [ 29.824690][ T3590] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 29.839782][ T3590] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 29.847288][ T3590] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.20: lblock 0 mapped to illegal pblock 48 (length 1) [ 29.857494][ T3590] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 29.860076][ T3613] netdevsim netdevsim4: Direct firmware load for ./file0/file1 failed with error -2 [ 29.867303][ T3613] SELinux: policydb version 65301 does not match my version range 15-35 [ 29.867336][ T3613] SELinux: failed to load policy [ 29.868255][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 30.016699][ T3632] netdevsim netdevsim1: Direct firmware load for ./file0/file1 failed with error -2 [ 30.024424][ T3632] SELinux: policydb version 65301 does not match my version range 15-35 [ 30.024522][ T3632] SELinux: failed to load policy [ 30.462501][ T3648] netdevsim netdevsim2: Direct firmware load for ./file0/file1 failed with error -2 [ 30.513231][ T3648] SELinux: policydb version 65301 does not match my version range 15-35 [ 30.548910][ T3648] SELinux: failed to load policy [ 30.770454][ T3658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 30.781326][ T3658] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 30.908367][ T3664] loop4: detected capacity change from 0 to 512 [ 30.970927][ T3664] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 30.988830][ T3664] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.019161][ T3671] netdevsim netdevsim2: Direct firmware load for ./file0/file1 failed with error -2 [ 31.036001][ T3664] EXT4-fs (loop4): shut down requested (0) [ 31.048508][ T3662] loop0: detected capacity change from 0 to 8192 [ 31.070981][ T3662] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 31.085863][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 31.099444][ T3671] SELinux: policydb version 65301 does not match my version range 15-35 [ 31.117626][ T3671] SELinux: failed to load policy [ 31.215627][ T3675] loop0: detected capacity change from 0 to 1024 [ 31.224713][ T3675] EXT4-fs: Ignoring removed bh option [ 31.338822][ T3675] EXT4-fs: inline encryption not supported [ 31.351145][ T3675] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 31.405464][ T3675] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm syz.0.39: lblock 2 mapped to illegal pblock 2 (length 1) [ 31.429346][ T3675] __quota_error: 115 callbacks suppressed [ 31.429361][ T3675] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 31.435831][ T29] audit: type=1400 audit(1754713458.424:211): avc: denied { shutdown } for pid=3688 comm="syz.2.44" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 31.459855][ T3675] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.39: lblock 0 mapped to illegal pblock 48 (length 1) [ 31.466090][ T29] audit: type=1400 audit(1754713458.454:212): avc: denied { write } for pid=3688 comm="syz.2.44" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 31.481495][ T3689] netlink: 12 bytes leftover after parsing attributes in process `syz.2.44'. [ 31.499518][ T29] audit: type=1400 audit(1754713458.474:213): avc: denied { create } for pid=3688 comm="syz.2.44" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 31.526274][ T3675] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 31.533024][ T3690] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 31.535087][ T3675] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.39: Failed to acquire dquot type 0 [ 31.558095][ T3675] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 31.564213][ T3690] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 31.575609][ T3675] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm syz.0.39: mark_inode_dirty error [ 31.616381][ T3675] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 31.643863][ T3675] EXT4-fs (loop0): 1 orphan inode deleted [ 31.653474][ T3675] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 31.668796][ T41] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 31.686012][ T41] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 31.694526][ T41] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0 [ 31.750258][ T3675] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 31.766701][ T3675] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 31.790137][ T3675] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.39: lblock 0 mapped to illegal pblock 48 (length 1) [ 31.830605][ T3675] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=-117 [ 31.858727][ T3675] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 31.910135][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 32.069849][ T3703] loop0: detected capacity change from 0 to 8192 [ 32.100031][ T3703] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 32.178225][ T29] audit: type=1326 audit(1754713459.164:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3705 comm="syz.0.50" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c22dbebe9 code=0x7ffc0000 [ 32.201465][ T29] audit: type=1326 audit(1754713459.164:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3705 comm="syz.0.50" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c22dbebe9 code=0x7ffc0000 [ 32.258713][ T29] audit: type=1326 audit(1754713459.214:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3705 comm="syz.0.50" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f6c22dbebe9 code=0x7ffc0000 [ 32.331164][ T3708] netlink: 'syz.0.51': attribute type 13 has an invalid length. [ 32.464905][ T3708] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.472346][ T3708] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.647314][ T3708] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 32.679170][ T3708] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 32.690725][ T3717] SELinux: policydb version 65301 does not match my version range 15-35 [ 32.724462][ T3717] SELinux: failed to load policy [ 32.783982][ T3712] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2 [ 32.794185][ T12] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 32.837374][ T12] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 32.868718][ T12] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 32.897409][ T12] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 33.074710][ T3741] loop3: detected capacity change from 0 to 2048 [ 33.126954][ T3741] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 33.169355][ T3745] loop0: detected capacity change from 0 to 8192 [ 33.181535][ T3745] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 33.329316][ T3741] +}[@ (3741) used greatest stack depth: 10232 bytes left [ 33.342199][ T3756] FAULT_INJECTION: forcing a failure. [ 33.342199][ T3756] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 33.355401][ T3756] CPU: 1 UID: 0 PID: 3756 Comm: syz.0.63 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) [ 33.355510][ T3756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 33.355523][ T3756] Call Trace: [ 33.355530][ T3756] [ 33.355538][ T3756] __dump_stack+0x1d/0x30 [ 33.355565][ T3756] dump_stack_lvl+0xe8/0x140 [ 33.355599][ T3756] dump_stack+0x15/0x1b [ 33.355615][ T3756] should_fail_ex+0x265/0x280 [ 33.355645][ T3756] should_fail+0xb/0x20 [ 33.355676][ T3756] should_fail_usercopy+0x1a/0x20 [ 33.355696][ T3756] _copy_to_user+0x20/0xa0 [ 33.355752][ T3756] simple_read_from_buffer+0xb5/0x130 [ 33.355776][ T3756] proc_fail_nth_read+0x10e/0x150 [ 33.355816][ T3756] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 33.355843][ T3756] vfs_read+0x1a0/0x6f0 [ 33.355873][ T3756] ? __rcu_read_unlock+0x4f/0x70 [ 33.355896][ T3756] ? __fget_files+0x184/0x1c0 [ 33.355944][ T3756] ksys_read+0xda/0x1a0 [ 33.355964][ T3756] __x64_sys_read+0x40/0x50 [ 33.355984][ T3756] x64_sys_call+0x27bc/0x2ff0 [ 33.356005][ T3756] do_syscall_64+0xd2/0x200 [ 33.356031][ T3756] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 33.356125][ T3756] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 33.356148][ T3756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 33.356171][ T3756] RIP: 0033:0x7f6c22dbd5fc [ 33.356234][ T3756] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 33.356253][ T3756] RSP: 002b:00007f6c2181f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 33.356273][ T3756] RAX: ffffffffffffffda RBX: 00007f6c22fe5fa0 RCX: 00007f6c22dbd5fc [ 33.356285][ T3756] RDX: 000000000000000f RSI: 00007f6c2181f0a0 RDI: 000000000000000b [ 33.356296][ T3756] RBP: 00007f6c2181f090 R08: 0000000000000000 R09: 0000000000000000 [ 33.356308][ T3756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 33.356325][ T3756] R13: 00007f6c22fe6038 R14: 00007f6c22fe5fa0 R15: 00007fffbff6f7b8 [ 33.356344][ T3756] [ 33.413591][ T3753] netlink: 4 bytes leftover after parsing attributes in process `syz.1.55'. [ 33.531881][ T3731] netlink: 4 bytes leftover after parsing attributes in process `syz.1.55'. [ 33.663577][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.708344][ T3766] loop1: detected capacity change from 0 to 512 [ 33.726876][ T3766] ======================================================= [ 33.726876][ T3766] WARNING: The mand mount option has been deprecated and [ 33.726876][ T3766] and is ignored by this kernel. Remove the mand [ 33.726876][ T3766] option from the mount to silence this warning. [ 33.726876][ T3766] ======================================================= [ 33.811223][ T3773] netdevsim netdevsim2: Direct firmware load for ./file0/file1 failed with error -2 [ 33.825826][ T3773] SELinux: policydb version 65301 does not match my version range 15-35 [ 33.838408][ T3773] SELinux: failed to load policy [ 33.855490][ T3775] FAULT_INJECTION: forcing a failure. [ 33.855490][ T3775] name failslab, interval 1, probability 0, space 0, times 1 [ 33.868237][ T3775] CPU: 1 UID: 0 PID: 3775 Comm: syz.1.69 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) [ 33.868263][ T3775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 33.868276][ T3775] Call Trace: [ 33.868282][ T3775] [ 33.868330][ T3775] __dump_stack+0x1d/0x30 [ 33.868353][ T3775] dump_stack_lvl+0xe8/0x140 [ 33.868373][ T3775] dump_stack+0x15/0x1b [ 33.868390][ T3775] should_fail_ex+0x265/0x280 [ 33.868462][ T3775] should_failslab+0x8c/0xb0 [ 33.868539][ T3775] kmem_cache_alloc_node_noprof+0x57/0x320 [ 33.868566][ T3775] ? alloc_vmap_area+0x231/0xe50 [ 33.868595][ T3775] alloc_vmap_area+0x231/0xe50 [ 33.868704][ T3775] ? __kmalloc_cache_node_noprof+0x18a/0x320 [ 33.868789][ T3775] __get_vm_area_node+0x173/0x1d0 [ 33.868823][ T3775] __vmalloc_node_range_noprof+0x273/0xe00 [ 33.868858][ T3775] ? bpf_prog_alloc_no_stats+0x47/0x3a0 [ 33.868934][ T3775] ? mntput+0x4b/0x80 [ 33.868963][ T3775] ? sysvec_irq_work+0xe/0x80 [ 33.869081][ T3775] ? _parse_integer_limit+0x170/0x190 [ 33.869114][ T3775] ? bpf_prog_alloc_no_stats+0x47/0x3a0 [ 33.869286][ T3775] __vmalloc_noprof+0x83/0xc0 [ 33.869320][ T3775] ? bpf_prog_alloc_no_stats+0x47/0x3a0 [ 33.869387][ T3775] bpf_prog_alloc_no_stats+0x47/0x3a0 [ 33.869416][ T3775] ? bpf_prog_alloc+0x2a/0x150 [ 33.869439][ T3775] bpf_prog_alloc+0x3c/0x150 [ 33.869483][ T3775] __get_filter+0x92/0x230 [ 33.869520][ T3775] sk_reuseport_attach_filter+0x20/0x140 [ 33.869699][ T3775] sk_setsockopt+0x1890/0x20e0 [ 33.869732][ T3775] sock_setsockopt+0x40/0x50 [ 33.869765][ T3775] __sys_setsockopt+0x13a/0x200 [ 33.869877][ T3775] __x64_sys_setsockopt+0x64/0x80 [ 33.869952][ T3775] x64_sys_call+0x20ec/0x2ff0 [ 33.869975][ T3775] do_syscall_64+0xd2/0x200 [ 33.870005][ T3775] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 33.870033][ T3775] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 33.870094][ T3775] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 33.870118][ T3775] RIP: 0033:0x7fa019c7ebe9 [ 33.870132][ T3775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 33.870148][ T3775] RSP: 002b:00007fa0186e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 33.870183][ T3775] RAX: ffffffffffffffda RBX: 00007fa019ea5fa0 RCX: 00007fa019c7ebe9 [ 33.870198][ T3775] RDX: 0000000000000033 RSI: 0000000000000001 RDI: 0000000000000006 [ 33.870212][ T3775] RBP: 00007fa0186e7090 R08: 0000000000000010 R09: 0000000000000000 [ 33.870306][ T3775] R10: 000020000002eff0 R11: 0000000000000246 R12: 0000000000000001 [ 33.870320][ T3775] R13: 00007fa019ea6038 R14: 00007fa019ea5fa0 R15: 00007ffe57c61fb8 [ 33.870341][ T3775] [ 34.133614][ T3775] syz.1.69: vmalloc error: size 20480, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 34.133696][ T3775] CPU: 1 UID: 0 PID: 3775 Comm: syz.1.69 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) [ 34.133724][ T3775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 34.133735][ T3775] Call Trace: [ 34.133745][ T3775] [ 34.133758][ T3775] __dump_stack+0x1d/0x30 [ 34.133848][ T3775] dump_stack_lvl+0xe8/0x140 [ 34.133866][ T3775] dump_stack+0x15/0x1b [ 34.133883][ T3775] warn_alloc+0x12b/0x1a0 [ 34.133922][ T3775] __vmalloc_node_range_noprof+0x297/0xe00 [ 34.133954][ T3775] ? mntput+0x4b/0x80 [ 34.134015][ T3775] ? sysvec_irq_work+0xe/0x80 [ 34.134059][ T3775] ? _parse_integer_limit+0x170/0x190 [ 34.134091][ T3775] ? bpf_prog_alloc_no_stats+0x47/0x3a0 [ 34.134148][ T3775] __vmalloc_noprof+0x83/0xc0 [ 34.134206][ T3775] ? bpf_prog_alloc_no_stats+0x47/0x3a0 [ 34.134306][ T3775] bpf_prog_alloc_no_stats+0x47/0x3a0 [ 34.134330][ T3775] ? bpf_prog_alloc+0x2a/0x150 [ 34.134357][ T3775] bpf_prog_alloc+0x3c/0x150 [ 34.134386][ T3775] __get_filter+0x92/0x230 [ 34.134493][ T3775] sk_reuseport_attach_filter+0x20/0x140 [ 34.134525][ T3775] sk_setsockopt+0x1890/0x20e0 [ 34.134572][ T3775] sock_setsockopt+0x40/0x50 [ 34.134602][ T3775] __sys_setsockopt+0x13a/0x200 [ 34.134632][ T3775] __x64_sys_setsockopt+0x64/0x80 [ 34.134791][ T3775] x64_sys_call+0x20ec/0x2ff0 [ 34.134856][ T3775] do_syscall_64+0xd2/0x200 [ 34.134908][ T3775] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 34.134935][ T3775] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 34.134984][ T3775] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 34.135007][ T3775] RIP: 0033:0x7fa019c7ebe9 [ 34.135027][ T3775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 34.135047][ T3775] RSP: 002b:00007fa0186e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 34.135066][ T3775] RAX: ffffffffffffffda RBX: 00007fa019ea5fa0 RCX: 00007fa019c7ebe9 [ 34.135079][ T3775] RDX: 0000000000000033 RSI: 0000000000000001 RDI: 0000000000000006 [ 34.135112][ T3775] RBP: 00007fa0186e7090 R08: 0000000000000010 R09: 0000000000000000 [ 34.135128][ T3775] R10: 000020000002eff0 R11: 0000000000000246 R12: 0000000000000001 [ 34.135142][ T3775] R13: 00007fa019ea6038 R14: 00007fa019ea5fa0 R15: 00007ffe57c61fb8 [ 34.135163][ T3775] [ 34.135517][ T3775] Mem-Info: [ 34.135524][ T3775] active_anon:12542 inactive_anon:0 isolated_anon:0 [ 34.135524][ T3775] active_file:5782 inactive_file:2192 isolated_file:0 [ 34.135524][ T3775] unevictable:18 dirty:1435 writeback:0 [ 34.135524][ T3775] slab_reclaimable:3116 slab_unreclaimable:42225 [ 34.135524][ T3775] mapped:35820 shmem:5909 pagetables:1063 [ 34.135524][ T3775] sec_pagetables:0 bounce:0 [ 34.135524][ T3775] kernel_misc_reclaimable:0 [ 34.135524][ T3775] free:1858058 free_pcp:22258 free_cma:0 [ 34.135660][ T3775] Node 0 active_anon:50168kB inactive_anon:0kB active_file:23128kB inactive_file:8768kB unevictable:72kB isolated(anon):0kB isolated(file):0kB mapped:143280kB dirty:5740kB writeback:0kB shmem:23636kB kernel_stack:3648kB pagetables:4252kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 34.135755][ T3775] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 34.135815][ T3775] lowmem_reserve[]: 0 2883 7862 7862 [ 34.135865][ T3775] Node 0 DMA32 free:2949224kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952856kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB [ 34.136069][ T3775] lowmem_reserve[]: 0 0 4978 4978 [ 34.136130][ T3775] Node 0 Normal free:4467648kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:50168kB inactive_anon:0kB active_file:23128kB inactive_file:8768kB unevictable:72kB writepending:5740kB present:5242880kB managed:5098240kB mlocked:72kB bounce:0kB free_pcp:85400kB local_pcp:53136kB free_cma:0kB [ 34.136246][ T3775] lowmem_reserve[]: 0 0 0 0 [ 34.136303][ T3775] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 34.136621][ T3775] Node 0 DMA32: 4*4kB (M) 1*8kB (M) 3*16kB (M) 3*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949224kB [ 34.136882][ T3775] Node 0 Normal: 2*4kB (ME) 1*8kB (U) 1*16kB (U) 3*32kB (ME) 3*64kB (U) 3*128kB (U) 1*256kB (E) 2*512kB (UE) 1*1024kB (M) 2*2048kB (UE) 1089*4096kB (UM) = 4467648kB [ 34.137363][ T3775] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 34.137389][ T3775] 13908 total pagecache pages [ 34.137403][ T3775] 0 pages in swap cache [ 34.137409][ T3775] Free swap = 124996kB [ 34.137416][ T3775] Total swap = 124996kB [ 34.137424][ T3775] 2097051 pages RAM [ 34.137430][ T3775] 0 pages HighMem/MovableOnly [ 34.137436][ T3775] 80437 pages reserved [ 34.260420][ T3779] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 34.260517][ T3779] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 34.420258][ T3783] tipc: Started in network mode [ 34.420324][ T3783] tipc: Node identity 46002ef8cf1c, cluster identity 4711 [ 34.420388][ T3783] tipc: Enabled bearer , priority 0 [ 34.421776][ T3783] tipc: Disabling bearer [ 34.990278][ T3802] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 34.990385][ T3802] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 35.866396][ T3805] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 35.866396][ T3805] program syz.0.77 not setting count and/or reply_len properly [ 36.520084][ T3816] netlink: 4 bytes leftover after parsing attributes in process `syz.2.81'. [ 36.532557][ T3816] netlink: 4 bytes leftover after parsing attributes in process `syz.2.81'. [ 36.749860][ T29] kauditd_printk_skb: 31 callbacks suppressed [ 36.749876][ T29] audit: type=1326 audit(1754713463.744:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12f3d3ebe9 code=0x7ffc0000 [ 36.798815][ T29] audit: type=1326 audit(1754713463.774:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12f3d3ebe9 code=0x7ffc0000 [ 36.821993][ T29] audit: type=1326 audit(1754713463.774:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12f3d3ebe9 code=0x7ffc0000 [ 36.845138][ T29] audit: type=1326 audit(1754713463.774:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12f3d3ebe9 code=0x7ffc0000 [ 36.868296][ T29] audit: type=1326 audit(1754713463.774:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12f3d3ebe9 code=0x7ffc0000 [ 36.891719][ T29] audit: type=1326 audit(1754713463.774:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f12f3d3ebe9 code=0x7ffc0000 [ 36.914936][ T29] audit: type=1326 audit(1754713463.774:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12f3d3ebe9 code=0x7ffc0000 [ 36.939482][ T29] audit: type=1326 audit(1754713463.774:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12f3d3ebe9 code=0x7ffc0000 [ 36.962697][ T29] audit: type=1326 audit(1754713463.774:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f12f3d3ebe9 code=0x7ffc0000 [ 36.985835][ T29] audit: type=1326 audit(1754713463.774:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12f3d3ebe9 code=0x7ffc0000 [ 37.109492][ T3839] loop4: detected capacity change from 0 to 1024 [ 37.118188][ T3839] EXT4-fs: Ignoring removed bh option [ 37.130027][ T3839] EXT4-fs: inline encryption not supported [ 37.158139][ T3839] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 37.219405][ T3839] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.89: lblock 2 mapped to illegal pblock 2 (length 1) [ 37.261655][ T3839] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.89: lblock 0 mapped to illegal pblock 48 (length 1) [ 37.296648][ T3839] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.89: Failed to acquire dquot type 0 [ 37.307077][ T3848] netlink: 60 bytes leftover after parsing attributes in process `syz.3.92'. [ 37.316918][ T3848] unsupported nlmsg_type 40 [ 37.322083][ T3839] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 37.331797][ T3839] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.89: mark_inode_dirty error [ 37.348985][ T3839] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 37.365222][ T3839] EXT4-fs (loop4): 1 orphan inode deleted [ 37.380647][ T12] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 37.403155][ T3839] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 37.426309][ T12] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 0 [ 37.456835][ T3839] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 37.474404][ T3839] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 37.486588][ T3839] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.89: lblock 0 mapped to illegal pblock 48 (length 1) [ 37.505999][ T3839] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 37.540260][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.660852][ C0] hrtimer: interrupt took 47467 ns [ 37.712788][ T3860] vhci_hcd: invalid port number 96 [ 37.717913][ T3860] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 37.798389][ T3864] netlink: 20 bytes leftover after parsing attributes in process `syz.4.98'. [ 37.825015][ T3864] netlink: 152 bytes leftover after parsing attributes in process `syz.4.98'. [ 37.833550][ T3855] netlink: 4 bytes leftover after parsing attributes in process `syz.1.95'. [ 37.881159][ T3855] netlink: 4 bytes leftover after parsing attributes in process `syz.1.95'. [ 37.978034][ T3873] loop4: detected capacity change from 0 to 8192 [ 38.002907][ T3876] SELinux: Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped). [ 38.042057][ T3873] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 38.193036][ T3882] loop2: detected capacity change from 0 to 1024 [ 38.219408][ T3882] EXT4-fs: Ignoring removed bh option [ 38.224929][ T3882] EXT4-fs: inline encryption not supported [ 38.264213][ T3882] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 38.309053][ T3882] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.105: lblock 2 mapped to illegal pblock 2 (length 1) [ 38.393301][ T3882] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.105: lblock 0 mapped to illegal pblock 48 (length 1) [ 38.408867][ T3892] loop4: detected capacity change from 0 to 2048 [ 38.450226][ T3882] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.105: Failed to acquire dquot type 0 [ 38.478532][ T3882] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 38.510812][ T3882] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.105: mark_inode_dirty error [ 38.531116][ T3882] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 38.555351][ T3882] EXT4-fs (loop2): 1 orphan inode deleted [ 38.569167][ T41] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 38.587810][ T3882] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.617451][ T41] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0 [ 38.631703][ T3882] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 38.707979][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.751748][ T3305] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 38.802631][ T3305] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 38.848190][ T3305] EXT4-fs error (device loop2): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 38.903808][ T3902] infiniband syz1: set down [ 38.908372][ T3902] infiniband syz1: added bond0 [ 38.962052][ T3902] RDS/IB: syz1: added [ 38.977513][ T3902] smc: adding ib device syz1 with port count 1 [ 38.985615][ T3902] smc: ib device syz1 port 1 has pnetid [ 39.048275][ T3886] syz.4.107 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 39.062303][ T3886] CPU: 1 UID: 0 PID: 3886 Comm: syz.4.107 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) [ 39.062334][ T3886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 39.062398][ T3886] Call Trace: [ 39.062403][ T3886] [ 39.062465][ T3886] __dump_stack+0x1d/0x30 [ 39.062488][ T3886] dump_stack_lvl+0xe8/0x140 [ 39.062510][ T3886] dump_stack+0x15/0x1b [ 39.062530][ T3886] dump_header+0x81/0x220 [ 39.062638][ T3886] oom_kill_process+0x342/0x400 [ 39.062670][ T3886] out_of_memory+0x979/0xb80 [ 39.062707][ T3886] try_charge_memcg+0x5e6/0x9e0 [ 39.062762][ T3886] obj_cgroup_charge_pages+0xa6/0x150 [ 39.062799][ T3886] __memcg_kmem_charge_page+0x9f/0x170 [ 39.062835][ T3886] __alloc_frozen_pages_noprof+0x188/0x360 [ 39.062906][ T3886] alloc_pages_mpol+0xb3/0x250 [ 39.063013][ T3886] alloc_pages_noprof+0x90/0x130 [ 39.063105][ T3886] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 39.063148][ T3886] __kvmalloc_node_noprof+0x30f/0x4e0 [ 39.063176][ T3886] ? ip_set_alloc+0x1f/0x30 [ 39.063229][ T3886] ? ip_set_alloc+0x1f/0x30 [ 39.063259][ T3886] ? __kmalloc_cache_noprof+0x189/0x320 [ 39.063301][ T3886] ip_set_alloc+0x1f/0x30 [ 39.063330][ T3886] hash_netiface_create+0x282/0x740 [ 39.063431][ T3886] ? __pfx_hash_netiface_create+0x10/0x10 [ 39.063466][ T3886] ip_set_create+0x3c9/0x960 [ 39.063643][ T3886] ? __nla_parse+0x40/0x60 [ 39.063735][ T3886] nfnetlink_rcv_msg+0x4c6/0x590 [ 39.063821][ T3886] netlink_rcv_skb+0x120/0x220 [ 39.063921][ T3886] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 39.063953][ T3886] nfnetlink_rcv+0x16b/0x1690 [ 39.063979][ T3886] ? nlmon_xmit+0x4f/0x60 [ 39.064025][ T3886] ? consume_skb+0x49/0x150 [ 39.064084][ T3886] ? nlmon_xmit+0x4f/0x60 [ 39.064106][ T3886] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 39.064192][ T3886] ? __dev_queue_xmit+0x1200/0x2000 [ 39.064249][ T3886] ? __dev_queue_xmit+0x182/0x2000 [ 39.064283][ T3886] ? ref_tracker_free+0x37d/0x3e0 [ 39.064320][ T3886] ? __netlink_deliver_tap+0x4dc/0x500 [ 39.064355][ T3886] netlink_unicast+0x5c0/0x690 [ 39.064400][ T3886] netlink_sendmsg+0x58b/0x6b0 [ 39.064435][ T3886] ? __pfx_netlink_sendmsg+0x10/0x10 [ 39.064505][ T3886] __sock_sendmsg+0x142/0x180 [ 39.064535][ T3886] ____sys_sendmsg+0x31e/0x4e0 [ 39.064629][ T3886] ___sys_sendmsg+0x17b/0x1d0 [ 39.064691][ T3886] __x64_sys_sendmsg+0xd4/0x160 [ 39.064732][ T3886] x64_sys_call+0x191e/0x2ff0 [ 39.064809][ T3886] do_syscall_64+0xd2/0x200 [ 39.064858][ T3886] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 39.064895][ T3886] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 39.064917][ T3886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 39.064939][ T3886] RIP: 0033:0x7fd18430ebe9 [ 39.064954][ T3886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 39.065039][ T3886] RSP: 002b:00007fd182d6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 39.065058][ T3886] RAX: ffffffffffffffda RBX: 00007fd184535fa0 RCX: 00007fd18430ebe9 [ 39.065071][ T3886] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006 [ 39.065083][ T3886] RBP: 00007fd184391e19 R08: 0000000000000000 R09: 0000000000000000 [ 39.065095][ T3886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 39.065107][ T3886] R13: 00007fd184536038 R14: 00007fd184535fa0 R15: 00007ffd6bc86918 [ 39.065125][ T3886] [ 39.065133][ T3886] memory: usage 307200kB, limit 307200kB, failcnt 158 [ 39.096342][ T3911] loop3: detected capacity change from 0 to 1024 [ 39.097781][ T3886] memory+swap: usage 308420kB, limit 9007199254740988kB, failcnt 0 [ 39.130291][ T3911] EXT4-fs: Ignoring removed bh option [ 39.130447][ T3886] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 39.156652][ T3911] EXT4-fs: inline encryption not supported [ 39.157185][ T3886] Memory cgroup stats for [ 39.182226][ T3911] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 39.186582][ T3886] /syz4 [ 39.220065][ T3911] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.113: lblock 2 mapped to illegal pblock 2 (length 1) [ 39.221041][ T3886] : [ 39.236245][ T3911] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.113: lblock 0 mapped to illegal pblock 48 (length 1) [ 39.245453][ T3886] cache 0 [ 39.318417][ T3911] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.113: Failed to acquire dquot type 0 [ 39.321276][ T3886] rss 0 [ 39.361958][ T3911] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 39.369584][ T3886] shmem 0 [ 39.369595][ T3886] mapped_file 0 [ 39.369602][ T3886] dirty 0 [ 39.369609][ T3886] writeback 0 [ 39.369617][ T3886] workingset_refault_anon 14 [ 39.445403][ T3921] loop1: detected capacity change from 0 to 128 [ 39.451164][ T3886] workingset_refault_file 15 [ 39.451176][ T3886] swap 1249280 [ 39.469192][ T3911] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.113: mark_inode_dirty error [ 39.470422][ T3886] swapcached 4096 [ 39.518524][ T3911] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 39.520048][ T3886] pgpgin 11031 [ 39.520057][ T3886] pgpgout 11030 [ 39.520064][ T3886] pgfault 12045 [ 39.520071][ T3886] pgmajfault 9 [ 39.520078][ T3886] inactive_anon 0 [ 39.534581][ T3911] EXT4-fs (loop3): 1 orphan inode deleted [ 39.538733][ T3886] active_anon 4096 [ 39.538742][ T3886] inactive_file 0 [ 39.538750][ T3886] active_file 0 [ 39.538757][ T3886] unevictable 0 [ 39.538765][ T3886] hierarchical_memory_limit 314572800 [ 39.548953][ T41] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 39.553221][ T3886] hierarchical_memsw_limit 9223372036854771712 [ 39.571545][ T41] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0 [ 39.573788][ T3886] total_cache 0 [ 39.573796][ T3886] total_rss 0 [ 39.579952][ T3911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.580631][ T3886] total_shmem 0 [ 39.663709][ T3886] total_mapped_file 0 [ 39.667677][ T3886] total_dirty 0 [ 39.671150][ T3886] total_writeback 0 [ 39.674945][ T3886] total_workingset_refault_anon 14 [ 39.680090][ T3886] total_workingset_refault_file 15 [ 39.685180][ T3886] total_swap 1249280 [ 39.689086][ T3886] total_swapcached 4096 [ 39.693231][ T3886] total_pgpgin 11031 [ 39.697112][ T3886] total_pgpgout 11030 [ 39.701172][ T3886] total_pgfault 12045 [ 39.705132][ T3886] total_pgmajfault 9 [ 39.709043][ T3886] total_inactive_anon 0 [ 39.713194][ T3886] total_active_anon 4096 [ 39.717427][ T3886] total_inactive_file 0 [ 39.721599][ T3886] total_active_file 0 [ 39.725569][ T3886] total_unevictable 0 [ 39.729569][ T3886] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.107,pid=3885,uid=0 [ 39.744124][ T3886] Memory cgroup out of memory: Killed process 3885 (syz.4.107) total-vm:95944kB, anon-rss:944kB, file-rss:22368kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 39.769020][ T3892] syz.4.107 (3892) used greatest stack depth: 10008 bytes left [ 39.769140][ T3921] netlink: 36 bytes leftover after parsing attributes in process `syz.1.116'. [ 39.785544][ T3921] netlink: 12 bytes leftover after parsing attributes in process `syz.1.116'. [ 39.785789][ T3894] syz.4.107 (3894) used greatest stack depth: 9824 bytes left [ 39.797667][ T3911] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 39.819425][ T3885] syz.4.107 (3885) used greatest stack depth: 9032 bytes left [ 39.865219][ T3930] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 39.910233][ T3930] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.113: lblock 0 mapped to illegal pblock 48 (length 1) [ 39.960343][ T3930] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 40.020281][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.051161][ T3886] syz.4.107 (3886) used greatest stack depth: 7312 bytes left [ 40.279672][ T3957] FAULT_INJECTION: forcing a failure. [ 40.279672][ T3957] name failslab, interval 1, probability 0, space 0, times 0 [ 40.292334][ T3957] CPU: 1 UID: 0 PID: 3957 Comm: syz.3.122 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) [ 40.292361][ T3957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 40.292374][ T3957] Call Trace: [ 40.292380][ T3957] [ 40.292387][ T3957] __dump_stack+0x1d/0x30 [ 40.292423][ T3957] dump_stack_lvl+0xe8/0x140 [ 40.292472][ T3957] dump_stack+0x15/0x1b [ 40.292498][ T3957] should_fail_ex+0x265/0x280 [ 40.292529][ T3957] should_failslab+0x8c/0xb0 [ 40.292598][ T3957] kmem_cache_alloc_lru_noprof+0x55/0x310 [ 40.292700][ T3957] ? shmem_alloc_inode+0x34/0x50 [ 40.292725][ T3957] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 40.292786][ T3957] shmem_alloc_inode+0x34/0x50 [ 40.292877][ T3957] alloc_inode+0x3d/0x170 [ 40.292949][ T3957] new_inode+0x1d/0xe0 [ 40.292971][ T3957] shmem_get_inode+0x244/0x750 [ 40.293061][ T3957] __shmem_file_setup+0x113/0x210 [ 40.293104][ T3957] shmem_file_setup+0x3b/0x50 [ 40.293167][ T3957] __se_sys_memfd_create+0x2c3/0x590 [ 40.293250][ T3957] __x64_sys_memfd_create+0x31/0x40 [ 40.293274][ T3957] x64_sys_call+0x2abe/0x2ff0 [ 40.293299][ T3957] do_syscall_64+0xd2/0x200 [ 40.293327][ T3957] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 40.293425][ T3957] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 40.293455][ T3957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 40.293474][ T3957] RIP: 0033:0x7fac96cbebe9 [ 40.293498][ T3957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 40.293555][ T3957] RSP: 002b:00007fac956e4e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 40.293625][ T3957] RAX: ffffffffffffffda RBX: 00000000000004fe RCX: 00007fac96cbebe9 [ 40.293707][ T3957] RDX: 00007fac956e4ef0 RSI: 0000000000000000 RDI: 00007fac96d427e8 [ 40.293722][ T3957] RBP: 0000200000000a40 R08: 00007fac956e4bb7 R09: 00007fac956e4e40 [ 40.293734][ T3957] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000140 [ 40.293746][ T3957] R13: 00007fac956e4ef0 R14: 00007fac956e4eb0 R15: 0000200000001080 [ 40.293763][ T3957] [ 40.540402][ T3965] vhci_hcd: invalid port number 96 [ 40.545526][ T3965] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 40.806868][ T3955] netlink: 4 bytes leftover after parsing attributes in process `syz.2.126'. [ 40.858870][ T3964] netlink: 4 bytes leftover after parsing attributes in process `syz.2.126'. [ 41.233779][ T4022] pim6reg: entered allmulticast mode [ 41.256632][ T4022] pim6reg: left allmulticast mode [ 41.320447][ T4022] netlink: 7 bytes leftover after parsing attributes in process `syz.2.134'. [ 41.326760][ T4031] loop4: detected capacity change from 0 to 128 [ 41.368496][ T4031] netlink: 36 bytes leftover after parsing attributes in process `syz.4.138'. [ 41.377439][ T4031] netlink: 12 bytes leftover after parsing attributes in process `syz.4.138'. [ 41.696514][ T4064] loop2: detected capacity change from 0 to 128 [ 41.870999][ T4076] loop3: detected capacity change from 0 to 512 [ 41.879275][ T4076] ext4: Bad value for 'init_itable' [ 41.939935][ T4078] FAT-fs (loop2): error, invalid access to FAT (entry 0x0fff0000) [ 41.947871][ T4078] FAT-fs (loop2): Filesystem has been set read-only [ 41.958636][ T4078] FAT-fs (loop2): error, invalid access to FAT (entry 0x0fff0000) [ 42.380297][ T4086] loop4: detected capacity change from 0 to 256 [ 42.426650][ T29] kauditd_printk_skb: 354 callbacks suppressed [ 42.426664][ T29] audit: type=1400 audit(1754713469.414:601): avc: denied { map } for pid=4087 comm="syz.3.148" path="socket:[5804]" dev="sockfs" ino=5804 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 42.631586][ T29] audit: type=1400 audit(1754713469.614:602): avc: denied { read } for pid=4093 comm="syz.2.150" name="usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 42.654881][ T29] audit: type=1400 audit(1754713469.614:603): avc: denied { open } for pid=4093 comm="syz.2.150" path="/dev/usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 42.678535][ T29] audit: type=1400 audit(1754713469.614:604): avc: denied { ioctl } for pid=4093 comm="syz.2.150" path="/dev/usbmon7" dev="devtmpfs" ino=163 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 42.723550][ T4097] loop4: detected capacity change from 0 to 128 [ 42.756916][ T4100] loop2: detected capacity change from 0 to 256 [ 42.790008][ T29] audit: type=1400 audit(1754713469.774:605): avc: denied { append } for pid=4101 comm="syz.3.152" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 42.959164][ T4108] loop4: detected capacity change from 0 to 512 [ 42.994898][ T4108] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.009837][ T4108] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.067927][ T29] audit: type=1400 audit(1754713470.054:606): avc: denied { bind } for pid=4105 comm="syz.3.156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 43.087599][ T29] audit: type=1400 audit(1754713470.054:607): avc: denied { connect } for pid=4105 comm="syz.3.156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 43.330302][ T29] audit: type=1400 audit(1754713470.124:608): avc: denied { mounton } for pid=4107 comm="syz.4.155" path="/29/bus" dev="tmpfs" ino=173 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 43.352578][ T29] audit: type=1400 audit(1754713470.154:609): avc: denied { read } for pid=4107 comm="syz.4.155" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 43.456468][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.664212][ T29] audit: type=1400 audit(1754713470.444:610): avc: denied { unmount } for pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 43.808203][ T4133] loop0: detected capacity change from 0 to 736 [ 43.987871][ T4145] loop0: detected capacity change from 0 to 512 [ 44.026454][ T4145] EXT4-fs: Ignoring removed nobh option [ 44.081646][ T4145] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 44.163579][ T4156] loop1: detected capacity change from 0 to 256 [ 44.239974][ T4145] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.171: iget: bad i_size value: 38620345925642 [ 44.247649][ T4156] FAT-fs (loop1): Directory bread(block 64) failed [ 44.252808][ T4145] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.171: couldn't read orphan inode 15 (err -117) [ 44.271122][ T4156] FAT-fs (loop1): Directory bread(block 65) failed [ 44.277722][ T4156] FAT-fs (loop1): Directory bread(block 66) failed [ 44.279335][ T4145] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.284526][ T4156] FAT-fs (loop1): Directory bread(block 67) failed [ 44.304498][ T4156] FAT-fs (loop1): Directory bread(block 68) failed [ 44.314359][ T4156] FAT-fs (loop1): Directory bread(block 69) failed [ 44.324755][ T4156] FAT-fs (loop1): Directory bread(block 70) failed [ 44.331743][ T4156] FAT-fs (loop1): Directory bread(block 71) failed [ 44.338465][ T4156] FAT-fs (loop1): Directory bread(block 72) failed [ 44.348613][ T4156] FAT-fs (loop1): Directory bread(block 73) failed [ 44.483493][ T4163] loop4: detected capacity change from 0 to 2048 [ 44.522043][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.533751][ T4163] EXT4-fs: Ignoring removed oldalloc option [ 44.621345][ T4163] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.737743][ T4167] loop1: detected capacity change from 0 to 1024 [ 44.764573][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.802015][ T4167] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 44.820459][ T4167] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 44.851191][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 44.868639][ T4178] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 44.877644][ T4178] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 44.965047][ T4180] loop4: detected capacity change from 0 to 512 [ 44.977218][ T4180] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 44.986373][ T4180] EXT4-fs (loop4): blocks per group (42) and clusters per group (32768) inconsistent [ 45.223693][ T4194] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 45.233070][ T4194] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 45.257677][ T4194] SELinux: failed to load policy [ 45.806540][ T4204] loop4: detected capacity change from 0 to 1764 [ 46.066139][ T4216] loop2: detected capacity change from 0 to 512 [ 46.077014][ T4216] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 46.087825][ T4217] loop3: detected capacity change from 0 to 2048 [ 46.114468][ T4216] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002] [ 46.132064][ T4216] System zones: 0-2, 18-18, 34-34 [ 46.141191][ T4217] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.169227][ T4217] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 46.295430][ T4216] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters [ 46.321974][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.380275][ T4216] EXT4-fs (loop2): Remounting filesystem read-only [ 46.431436][ T4227] loop1: detected capacity change from 0 to 736 [ 46.443549][ T4216] EXT4-fs (loop2): 1 truncate cleaned up [ 46.468420][ T4227] iso9660: Bad value for 'mode' [ 46.476889][ T4216] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.563291][ T4216] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 46.774292][ T51] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 46.784954][ T51] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 47.266001][ T51] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 47.302527][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.552069][ T3299] ================================================================== [ 47.560270][ T3299] BUG: KCSAN: data-race in generic_fillattr / inode_add_bytes [ 47.567758][ T3299] [ 47.570086][ T3299] read-write to 0xffff88811a0806d8 of 8 bytes by task 4235 on cpu 0: [ 47.578143][ T3299] inode_add_bytes+0x47/0xe0 [ 47.582751][ T3299] __dquot_alloc_space+0x180/0x8a0 [ 47.587872][ T3299] shmem_inode_acct_blocks+0x129/0x240 [ 47.593343][ T3299] shmem_get_folio_gfp+0x5a7/0xd60 [ 47.598462][ T3299] shmem_write_begin+0xa8/0x190 [ 47.603313][ T3299] generic_perform_write+0x181/0x490 [ 47.608598][ T3299] shmem_file_write_iter+0xc5/0xf0 [ 47.613727][ T3299] __kernel_write_iter+0x256/0x4c0 [ 47.618842][ T3299] dump_user_range+0x61e/0x8f0 [ 47.623622][ T3299] elf_core_dump+0x1e00/0x1f90 [ 47.628399][ T3299] coredump_write+0xb0a/0xe30 [ 47.633077][ T3299] vfs_coredump+0x142f/0x20c0 [ 47.637770][ T3299] get_signal+0xd85/0xf70 [ 47.642150][ T3299] arch_do_signal_or_restart+0x96/0x480 [ 47.647695][ T3299] irqentry_exit_to_user_mode+0x5e/0xa0 [ 47.653250][ T3299] irqentry_exit+0x12/0x50 [ 47.657665][ T3299] asm_exc_page_fault+0x26/0x30 [ 47.662531][ T3299] [ 47.664847][ T3299] read to 0xffff88811a0806d8 of 8 bytes by task 3299 on cpu 1: [ 47.672401][ T3299] generic_fillattr+0x27d/0x340 [ 47.677264][ T3299] shmem_getattr+0x181/0x200 [ 47.681859][ T3299] vfs_getattr_nosec+0x143/0x1e0 [ 47.686815][ T3299] vfs_statx+0x113/0x390 [ 47.691061][ T3299] vfs_fstatat+0x115/0x170 [ 47.695480][ T3299] __se_sys_newfstatat+0x55/0x260 [ 47.700518][ T3299] __x64_sys_newfstatat+0x55/0x70 [ 47.705553][ T3299] x64_sys_call+0x135a/0x2ff0 [ 47.710238][ T3299] do_syscall_64+0xd2/0x200 [ 47.714809][ T3299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 47.720711][ T3299] [ 47.723044][ T3299] value changed: 0x00000000000181b8 -> 0x00000000000181c0 [ 47.730145][ T3299] [ 47.732462][ T3299] Reported by Kernel Concurrency Sanitizer on: [ 47.738605][ T3299] CPU: 1 UID: 0 PID: 3299 Comm: syz-executor Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) [ 47.750842][ T3299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 47.760889][ T3299] ==================================================================