last executing test programs: 19.489438615s ago: executing program 2 (id=413): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r0}, 0x8) r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000440)=@generic={&(0x7f0000000400)='./file0\x00', 0x0, 0x10}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES32=r0, @ANYRESHEX=r1, @ANYRESOCT=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macvtap0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@delneigh={0x28, 0x1d, 0x1, 0x8a, 0x0, {0x7, 0x0, 0x0, r4, 0x8, 0x12}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x53}, @exit], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) write$sndseq(r5, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000004780)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)=ANY=[@ANYRES32=r6, @ANYRES32=r7, @ANYBLOB="05"], 0x10) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) close_range(r8, 0xffffffffffffffff, 0x0) 18.578106437s ago: executing program 2 (id=422): bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==") perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0xffffffff}, 0x1100, 0x5dd8, 0x3a65, 0x9, 0x0, 0x8, 0x8, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = gettid() pipe(&(0x7f0000000240)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_REMOVE(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c80)=ANY=[@ANYBLOB="bc04000001050500"], 0x4bc}, 0x1, 0x0, 0x0, 0x6008890}, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r2, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r3, 0x29, 0x41, &(0x7f0000000180)={'filter\x00', 0x2, [{}, {}]}, 0x48) mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0) mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x80000001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000002c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0) pwritev2(r5, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) 18.35023778s ago: executing program 2 (id=426): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) recvmmsg(r1, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {&(0x7f00000006c0)=""/131, 0x83}], 0x2}, 0x9e}], 0x3ffffffffffff8c, 0x40000030, 0x0) 17.466301282s ago: executing program 2 (id=432): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000000, &(0x7f0000000000), 0x1, 0x530, &(0x7f00000003c0)="$eJzs3e9rJGcdAPDvTLLX3F1qtipyFmyLrdwVvd3LxbZRpK0g+qqgnu/PNNkL4TbZI7s5L6HYFP8AQUQF/wARBMG3gvRPELGg70VFEb3qS+3IzM56l8tusnfZZM/N5wNP9nnmx/N9niE7Oz8eZgI4tZ6LiNcjYioiXoyIuXJ6WqbY7aZ8uffvvrWcpySy7Nrfk0jKab268vJ0RJwvV5uJiK9/JeLNZH/c9vbOzaVms7FZluud9Vv19vbO5bX1pdXGamNjYWH+5cVXFl9avJKVjtTPakS8+qU//+C7P/nyq7/6zLf+cP2vl76dN+sLH+u2OyKWjxRggG7dlWJb9OTbaPM4go1J3p/K1LhbAQDAMPJj/A9HxCeL4/+5mCqO5gAAAIBJkr02G/9OIjIAAABgYqURMRtJWivHAsxGmtZq3TG8H41zabPV7nz6RmtrYyWfF1GNSnpjrdm4Uo4VrkYlycvz5RjbXvnqA+WFiHgqIr4/d7Yo15ZbzZVxX/wAAACAU+L8s3vP//81lxb5e347trYBAAAAI1QdWCjc/sVP3zzJ5gAAAADHYP8pPwAAADBpnP8DAADARPvqG2/kKeu9x3vl9vbWzdbtyyuN9s3a+tZybbm1eau22mqtFs/sWz+svmardeuzsbF1p95ptDv19vbO9fXW1kbn+tqeV2ADAAAAJ+ipZ9/9fRIRu58/W6QonwMIsMefxt0AYJSmehlX5+HUmR53A4CxqRy6hD0ETLrkkPl7Tg+yLHu7l//1sTUJAAAYsYsf33///0w57/BrA8D/M2N9AOD0cXcPTq/KvRGAD+fCqFsCjMuHuh9PDJo/cHjwEPf/u9cYsuyRGgYAAIzMbJGStFYep89GmtZqEU8WrwWoJDfWmo0r5fnB7+YqT+Tl+WLN5NAxwwAAAAAAAAAAAAAAAAAAAAAAAABAV5YlkQEAAAATLSL9S1I8zT/i4twLs3uvDjzw1q8fX/vhnaVOZ3M+4kzyj7l80pmI6PzoWhL59KuZVwIAAADAY6A4f79afs6PuzUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATJr377613EsnGfdvX4yIar/40zFTfM5EJSLO/TOJ6fvWSyJiagTxd9+JiAv94ifxQZZl1bIV/eKfPeb41WLT9I+fRsT5EcSH0+zdfP/zer/vXxrPFZ/9v3/TZTqqwfu/9H/7v6kB+58nHygP8vR7P68PjP9OxNPT/fc/vfhJN/6eEHnh+SH7+M1v7Oz0nXFflf3i3x+r3lm/VW9v71xeW19abaw2NhYW5l9efGXxpcUr9RtrzUb5t2+Y733ilx8c1P9zA+JX9/Z/3/Z/YajeZ/Gf9+7c/Ui3UOkX/9Lz/X9/LwyIn5a/fZ8q8/n8i738bjd/v2d+9ptnDur/yoD+zxzS/0tD9T8+9+LXvvPHvnP2bQ0A4CS0t3duLjWbjc0DMjNDLHPCmdcej2aMMBOPRzMeNlMZUT3Z293/x6PVc8TV92Wyo6w+HSNoxpl939OpeNQKk4jdvK4h/yEBAIAJc++g/6A7SAAAAAAAAAAAAAAAAAAAAMBxesTHks1ExNALPxhzdzxdBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA40H8DAAD//6DU1oA=") r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v2={0x2000000, [{0x14d, 0x5}, {0x10000, 0x1}]}, 0x14, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], &(0x7f00000002c0)=""/203, 0xfffffffffffffe5f) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x81, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0xa5d4}, 0x4c58, 0x0, 0x0, 0x1, 0x8, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000200)='dctcp\x00', 0x6) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}]}}}]}, 0x40}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r2], 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_emit_ethernet(0x1f, &(0x7f0000000780)={@local, @local, @void, {@llc_tr={0x11, {@snap={0xaa, 0x0, "bf", "997238", 0x886c, "b73edb3d918b9ef7ab"}}}}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) 17.148208426s ago: executing program 2 (id=433): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000900)='kfree\x00', r0, 0x0, 0x3}, 0x18) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_sctp(0x2, 0x5, 0x84) close(r1) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$inet_sctp(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000640)="be", 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000000000000000840000000200000006000400280100000b008002", @ANYRES8=r3], 0x20, 0x6044}, 0x6) 16.677825532s ago: executing program 2 (id=437): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22, 0x1, @rand_addr, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000340)={0x2, 0x4e26, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffc}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000000), 0x0) 16.674605722s ago: executing program 32 (id=437): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22, 0x1, @rand_addr, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000340)={0x2, 0x4e26, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffc}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000000), 0x0) 6.11666471s ago: executing program 0 (id=522): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xffffffffffffffff}, 0x18) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r0) sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="59bb22bd7000000020001100000008002b01"], 0x28}}, 0x0) (fail_nth: 4) 5.690231596s ago: executing program 0 (id=523): open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200008, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@quota}]}, 0x1, 0x519, &(0x7f0000001540)="$eJzs3c9vI1cdAPDveOPEm02btPQACNqlLSxotU7ibaOqBygnhFAlRI8gbUPiRFHsOIqdsgl7SM9InJCoxAmO/AGce+LOBcGNSzkg8SMCNUgcjGY8Tp2snQaS2FH8+UijeW/erL/v2TvveZ5jvwDG1t2IOIiIyYh4NyJm8+NJvsVbnS097+PDJytHh09Wkmi33/l7kpWnx6Ln36Tu5I9ZiojvfSvih8nTcZt7+5vLtVp1J8/Pt+rb8829/Qcb9eX16np1q1JZWlxaeOPh65VLa+tL9ck89cWPfnfwtR+n1ZrJj/S24zJ1ml48jpOaiIjvXEWwEbiVt2dy1BXh/1KIiOcj4uXs+p+NW9mrCQDcZO32bLRne/PHkpNZAOCmKGRzYEmhnM8FzEShUC535vBeiOlCrdFs3V9r7G6tdubK5qJYWNuoVRfyucK5KCZpfjFLf5KvnMo/jIjnIuJnU7ezfHmlUVsd5RsfABhjd06N//+a6oz/AMANVxp1BQCAoTP+A8D4Mf4DwPgx/gPA+OmM/7dHXQ0AYIjc/wPA+DH+A8BY+e7bb6db+yj//evV9/Z2NxvvPVitNjfL9d2V8kpjZ7u83misZ7/ZU/+0x6s1GtuLr8Xu47mvbzdb8829/Uf1xu5W61H2u96PqsXsrIMhtAwAGOS5lz78Y5KOyG/ezrboWcuhONKaAVetMOoKACNza9QVAEbGal8wvi5wj1+M+KkpArgB+izRe0Kp3xeE2u12++qqBFyxe58z/w/jqmf+318Bw5gx/w/jy/w/jK92OznvIv9x3hMBgOvNHD8w4PP/5/P9r/MPB36wevqMD66yVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHC9ddf/Ledrgc9EoVAuRzwTEXNRTNY2atWFiHg2Iv4wVZxK84sjrjMAcFGFvyT5+l/3Zl+dOVH04p3j5GRE/OgX7/z88XKrtfP7iMnkH1Pd460P8uOV4dceAPh03XH68XIriZ4b+Y8Pn6x0t2HW56/fjIhSJ/7R4WQcHcefiIlsX4piREz/M8nzHUnP3MVFHLwfEZ/t1/4kZrI5kM7Kp6fjp7GfGWr8won4hayss0+fi89cQl1g3HyY9j9v9bv+CnE32/e//ktZD3Vxef+XPtTKUdYHfhK/2//dGtD/3T1vjNd+++1O6vbTZe9HfH4iohv7qKf/6cZvD4j/6jnj/+kLL748qKz9y4h70Td+emuZ9f1prPlWfXu+ubf/YKO+vF5dr25VKkuLSwtvPHy9Mr+2UZtYmB88GvztzfvPDipL2z/dP37+ypey+P3a/+Vztv9X/3n3+186I/5XX+kXvxAvnBE/fV6+cs74y9O/KQ0qS+OvDmj/xBnx02P3zxn/oz/vP7VsOAAwOs29/c3lWq26IyEx4kQ7d8Y56X/Z61DVfolvDCvWZPQv+skrnWv6VFH3vf//GGtQj3EZs27AdXB80UfEv0ddGQAAAAAAAAAAAAAAoK9hfGNp1G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5vpvAAAA//+LN8ti") 5.602898497s ago: executing program 0 (id=524): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002300000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]}) syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file2\x00', 0x2000414, &(0x7f0000000340)=ANY=[], 0x1, 0x2a1, &(0x7f0000000540)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==") mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x100000000000000) 5.197840082s ago: executing program 0 (id=527): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000808500000004000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) recvmmsg(r1, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {&(0x7f00000006c0)=""/131, 0x83}], 0x2}, 0x9e}], 0x3ffffffffffff8c, 0x40000030, 0x0) 4.353030213s ago: executing program 5 (id=533): r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0xffffffff7fffffff, 0x200) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb4, 0x9, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0x8}, [@IPSET_ATTR_ADT={0x1c, 0x8, 0x0, 0x1, [{0x18, 0x7, 0x0, 0x1, @IPSET_ATTR_IFACE={0x14, 0x17, 'macsec0\x00'}}]}, @IPSET_ATTR_ADT={0x70, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e23}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2={0x18, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x10}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @mcast1}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x6}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz2\x00'}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0xb4}, 0x1, 0x0, 0x0, 0x48010}, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x40cd03, 0x0) fchmod(r1, 0x180) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0xa, &(0x7f0000000200)=@raw=[@printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @alu={0x7, 0x1, 0x1, 0x4, 0x1, 0xffffffffffffffe0, 0x4}, @ldst={0x0, 0x3, 0x1, 0xe, 0x6, 0xfffffffffffffff8, 0xfffffffffffffffc}], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x12, &(0x7f00000002c0)=""/18, 0x40f00, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x1, 0xb, 0x8, 0xfffffff9}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000380)=[r0, r0, r0], &(0x7f00000003c0)=[{0x5, 0x5, 0x1, 0xa}, {0x3, 0x2, 0x5, 0x4}], 0x10, 0x2, @void, @value}, 0x94) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r3, &(0x7f0000000600)={&(0x7f00000004c0), 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, r4, 0x400, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x51}, 0x20000010) sendmsg$802154_dgram(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000640)="b912c8d4d2c6dda78c1414dab446bcf1cbcad398a883b31e038c87793610b2441cbbba918eba9381e8c8bcc1670fb1390f32f9a675a774301b11220762fef507832cdd3bc473b9d2be790739c71317f61cb5578044720b137d11774a9873e985b6c889d7b066127156043b62d0a82faa0ff79c53dd7c3194ea67ed5aad6757fe7d3560222f31", 0x86}, 0x1, 0x0, 0x0, 0x4c000}, 0x20000084) r6 = open(&(0x7f0000000780)='./file0\x00', 0x2000, 0x80) ioctl$F2FS_IOC_GET_FEATURES(r2, 0x8004f50c, &(0x7f00000007c0)) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001000), r6) sendmsg$NL80211_CMD_GET_STATION(r3, &(0x7f0000001100)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001040)={0x78, r7, 0x1, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x7, 0x34}}}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0xe, 0x13, [{0x34, 0x1}, {0x36, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {0x18, 0x1}, {0x2, 0x1}, {0x1}, {0xb, 0x1}, {0x48, 0x1}, {0x5}]}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0xc, 0xbd, [0xbc, 0x9, 0x2, 0x6]}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}, @NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x2b1}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0xc, 0xbd, [0x8, 0x9ff, 0x7, 0x9]}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x81}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}]}, 0x78}, 0x1, 0x0, 0x0, 0x4000020}, 0x84) 4.304386064s ago: executing program 5 (id=535): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000)={0x0, 0xa55c, 0x8, 0xef}, 0x0) 4.245613585s ago: executing program 0 (id=537): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x11, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xb21}, {{0x18, 0x1, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0x2000000}}, {}, [@map_idx={0x18, 0x4, 0x5, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 4.129838756s ago: executing program 5 (id=540): bpf$PROG_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x450302, 0x0, 0x10}, 0x18) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000012c0)=@mangle={'mangle\x00', 0x1f, 0x6, 0x6a8, 0x4c0, 0x220, 0x130, 0x2f0, 0x2f0, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x6, &(0x7f0000000340), {[{{@uncond, 0x0, 0x108, 0x130, 0x0, {}, [@common=@ah={{0x30}, {[0x4d3, 0x4d2], 0x4, 0x61}}, @common=@frag={{0x30}, {[0x81, 0x8], 0x3, 0x24, 0x2}}]}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x3, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@private1, @ipv6=@remote, 0x1, 0x1e, 0x7210}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x7, 'system_u:object_r:devlog_t:s0\x00'}}}, {{@uncond, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@dst={{0x48}, {0x4, 0x5, 0x0, [0x9, 0xd299, 0x8001, 0x9, 0x3, 0x0, 0x7, 0x8, 0x9, 0xd, 0x3bea, 0x1, 0x3, 0xffff, 0xd01b, 0x8], 0xe}}]}, @HL={0x28, 'HL\x00', 0x0, {0x2, 0x5}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x708) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001100)=0xffffffffffffffff, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000004) openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) 3.83793662s ago: executing program 0 (id=542): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r0 = inotify_init() r1 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) r2 = inotify_add_watch(r0, &(0x7f0000000240)='./file0\x00', 0x8c7) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) write$binfmt_elf32(r1, &(0x7f0000000040)=ANY=[@ANYRES64=r2], 0x69) close(r1) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 3.423542085s ago: executing program 5 (id=549): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a000000040000000600000003"], 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1f}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f0000000000), 0x4) r4 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r5 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) connect$pppoe(r5, &(0x7f00000000c0)={0x18, 0x0, {0x4, @local, 'wg1\x00'}}, 0x1e) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080), 0x10) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20040014}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}, 0x1, 0x0, 0x0, 0x20008011}, 0x0) setsockopt$sock_int(r6, 0x1, 0x2e, &(0x7f0000000240)=0x7, 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r4) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket$packet(0x11, 0x2, 0x300) socket$isdn(0x22, 0x3, 0x22) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', 0x0}) sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=ANY=[@ANYBLOB="a800000010000d0428ad70000010000000000000", @ANYRES32=r9, @ANYBLOB="208004003c40000005001000c900000008001e00dfbd00000500100005"], 0xa8}, 0x1, 0x0, 0x0, 0x4}, 0x0) 3.227227018s ago: executing program 5 (id=551): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000003c0)={0x0, 0xfff, 0x1b}) r1 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00') syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==") pread64(r1, &(0x7f0000002240)=""/237, 0xfecf, 0x4eb) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000001480)={'syzkaller0\x00', 0x7101}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4}, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SCAN(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) 2.638127276s ago: executing program 5 (id=554): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x6, 0xc, &(0x7f0000000b40)=ANY=[@ANYBLOB="18000000000000000000000000000000181100000f2ba640c2f5fa0a3b962f7270b64516b8aed9b206b0449c148db9b6f83eb6bb7550b1e9a5a64f6cfd642fec2bdb3704838907ad3d8c9861c2c9b26d9f7b5b72f094d5d8", @ANYRES32, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000008c0)=ANY=[@ANYRES16=r1], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000680)='xen_cpu_write_idt_entry\x00', r0, 0x0, 0x10000000000000}, 0xffffff2f) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRESDEC=r4, @ANYRES32=r4, @ANYRES32=0x0, @ANYRES32, @ANYRES16=0x0], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES8=r2, @ANYRES32=r5, @ANYBLOB="0000000000000009000000f80800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa9) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f00000006c0)=ANY=[@ANYRES32=r4, @ANYRES64=r3, @ANYRES32=r2, @ANYRES16, @ANYRES8], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r6}, 0x10) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRESDEC=r7, @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="010000000500000002000000ffff000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="2b4063249556ea3d25c7977daff2acb4feb3f1859ffc471d3559996de367f048b56729ba76f0cd2f14fffe23ec2862"], 0x48) r10 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20) fallocate(r10, 0x1, 0x0, 0x1001f0) ioctl$PPPOEIOCSFWD(r10, 0x4008b100, &(0x7f0000000000)={0x18, 0x0, {0x2, @multicast}}) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a01040000000000000000020200000900010073797a30000000000900020073797a320000000024000480200001800b0001006f626a7265660000100002800900020073797a3100000000140000001100010000000000000000000a00000a98694e7abf1e7aa5fb552ecc38f8201efe9c22f9e1e687416b5651551b6bcc9b81a772cae0c7fe1ef660873339ad7a1a563a8954cc6503ba7bc2ba2d3f19eb32f495666faaf110277a73e004f66eeee7384ae9e26b3105893bd054d9520d87d62063f87d10c1d7caad73a38f5d0990d85de56ca732e6f9bf65d6120bea09f091630f3c73326ae0fba8f6f23961fdf18cabcb4acc2ffcb8f977547702922a595a8009b47ea24f8f2318267fd24e3bcaa894559336391d2d4e8235e26f74d09b0d"], 0x78}, 0x1, 0x0, 0x0, 0x8004}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000d7f000/0x1000)=nil, 0x1000, 0x200000f, 0x73bb8ce3366151f2, r10, 0x0) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil) mkdir(&(0x7f0000000400)='./file0\x00', 0x101) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r13 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r13, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r14 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r15 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r15}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r14}, 0x10) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r11, @ANYBLOB=',wfdno=', @ANYRESHEX=r12]) brk(0x200000ffc000) bpf$MAP_CREATE(0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB="0a00000007000000ff0f00000700000000000000846f7f49ffb9153739e83946c5f2f5ceee00fb7ca3a2a9f19da7ca73312473d4e86a4aecd7fd74961e77f02e6d5fbe2202cd4408b085685e5228550a3276f00491b229a361af145eb75e82e1ba9e13ad681aecefbf14c67e86a847d5f3b153a80ec4c394be8a40ba07305e619c01d3fc69d7825eea2133ac2a968c35847b408647229f56e8545bc0d25af775e1ae595536906b0bceeef9083edd00000000006867308597942e70ff9ea83c9fec7f844c45b1be5d5aaf5f24bc0f77174e2ef3d713b3a1b48a404d", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000300"/28], 0x50) 2.435353798s ago: executing program 1 (id=556): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x100000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x20000e8c, @void, @value}, 0x94) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001740)={0x1c, r2, 0x701, 0x0, 0x0, {{}, {@void, @void, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8}]}, 0x1c}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) utimes(&(0x7f0000000040)='./cgroup\x00', &(0x7f00000002c0)={{}, {r4, r5/1000+10000}}) mount$tmpfs(0x0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000140), 0x3200841, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00 \x00'/13]) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10) socket(0x2, 0x80805, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r7}, 0x10) lsm_set_self_attr(0x66, 0x0, 0x22, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200008, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@quota}]}, 0x1, 0x519, &(0x7f0000001540)="$eJzs3c9vI1cdAPDveOPEm02btPQACNqlLSxotU7ibaOqBygnhFAlRI8gbUPiRFHsOIqdsgl7SM9InJCoxAmO/AGce+LOBcGNSzkg8SMCNUgcjGY8Tp2snQaS2FH8+UijeW/erL/v2TvveZ5jvwDG1t2IOIiIyYh4NyJm8+NJvsVbnS097+PDJytHh09Wkmi33/l7kpWnx6Ln36Tu5I9ZiojvfSvih8nTcZt7+5vLtVp1J8/Pt+rb8829/Qcb9eX16np1q1JZWlxaeOPh65VLa+tL9ck89cWPfnfwtR+n1ZrJj/S24zJ1ml48jpOaiIjvXEWwEbiVt2dy1BXh/1KIiOcj4uXs+p+NW9mrCQDcZO32bLRne/PHkpNZAOCmKGRzYEmhnM8FzEShUC535vBeiOlCrdFs3V9r7G6tdubK5qJYWNuoVRfyucK5KCZpfjFLf5KvnMo/jIjnIuJnU7ezfHmlUVsd5RsfABhjd06N//+a6oz/AMANVxp1BQCAoTP+A8D4Mf4DwPgx/gPA+OmM/7dHXQ0AYIjc/wPA+DH+A8BY+e7bb6db+yj//evV9/Z2NxvvPVitNjfL9d2V8kpjZ7u83misZ7/ZU/+0x6s1GtuLr8Xu47mvbzdb8829/Uf1xu5W61H2u96PqsXsrIMhtAwAGOS5lz78Y5KOyG/ezrboWcuhONKaAVetMOoKACNza9QVAEbGal8wvi5wj1+M+KkpArgB+izRe0Kp3xeE2u12++qqBFyxe58z/w/jqmf+318Bw5gx/w/jy/w/jK92OznvIv9x3hMBgOvNHD8w4PP/5/P9r/MPB36wevqMD66yVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHC9ddf/Ledrgc9EoVAuRzwTEXNRTNY2atWFiHg2Iv4wVZxK84sjrjMAcFGFvyT5+l/3Zl+dOVH04p3j5GRE/OgX7/z88XKrtfP7iMnkH1Pd460P8uOV4dceAPh03XH68XIriZ4b+Y8Pn6x0t2HW56/fjIhSJ/7R4WQcHcefiIlsX4piREz/M8nzHUnP3MVFHLwfEZ/t1/4kZrI5kM7Kp6fjp7GfGWr8won4hayss0+fi89cQl1g3HyY9j9v9bv+CnE32/e//ktZD3Vxef+XPtTKUdYHfhK/2//dGtD/3T1vjNd+++1O6vbTZe9HfH4iohv7qKf/6cZvD4j/6jnj/+kLL748qKz9y4h70Td+emuZ9f1prPlWfXu+ubf/YKO+vF5dr25VKkuLSwtvPHy9Mr+2UZtYmB88GvztzfvPDipL2z/dP37+ypey+P3a/+Vztv9X/3n3+186I/5XX+kXvxAvnBE/fV6+cs74y9O/KQ0qS+OvDmj/xBnx02P3zxn/oz/vP7VsOAAwOs29/c3lWq26IyEx4kQ7d8Y56X/Z61DVfolvDCvWZPQv+skrnWv6VFH3vf//GGtQj3EZs27AdXB80UfEv0ddGQAAAAAAAAAAAAAAoK9hfGNp1G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5vpvAAAA//+LN8ti") 2.3196046s ago: executing program 1 (id=558): open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200008, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@quota}]}, 0x1, 0x519, &(0x7f0000001540)="$eJzs3c9vI1cdAPDveOPEm02btPQACNqlLSxotU7ibaOqBygnhFAlRI8gbUPiRFHsOIqdsgl7SM9InJCoxAmO/AGce+LOBcGNSzkg8SMCNUgcjGY8Tp2snQaS2FH8+UijeW/erL/v2TvveZ5jvwDG1t2IOIiIyYh4NyJm8+NJvsVbnS097+PDJytHh09Wkmi33/l7kpWnx6Ln36Tu5I9ZiojvfSvih8nTcZt7+5vLtVp1J8/Pt+rb8829/Qcb9eX16np1q1JZWlxaeOPh65VLa+tL9ck89cWPfnfwtR+n1ZrJj/S24zJ1ml48jpOaiIjvXEWwEbiVt2dy1BXh/1KIiOcj4uXs+p+NW9mrCQDcZO32bLRne/PHkpNZAOCmKGRzYEmhnM8FzEShUC535vBeiOlCrdFs3V9r7G6tdubK5qJYWNuoVRfyucK5KCZpfjFLf5KvnMo/jIjnIuJnU7ezfHmlUVsd5RsfABhjd06N//+a6oz/AMANVxp1BQCAoTP+A8D4Mf4DwPgx/gPA+OmM/7dHXQ0AYIjc/wPA+DH+A8BY+e7bb6db+yj//evV9/Z2NxvvPVitNjfL9d2V8kpjZ7u83misZ7/ZU/+0x6s1GtuLr8Xu47mvbzdb8829/Uf1xu5W61H2u96PqsXsrIMhtAwAGOS5lz78Y5KOyG/ezrboWcuhONKaAVetMOoKACNza9QVAEbGal8wvi5wj1+M+KkpArgB+izRe0Kp3xeE2u12++qqBFyxe58z/w/jqmf+318Bw5gx/w/jy/w/jK92OznvIv9x3hMBgOvNHD8w4PP/5/P9r/MPB36wevqMD66yVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHC9ddf/Ledrgc9EoVAuRzwTEXNRTNY2atWFiHg2Iv4wVZxK84sjrjMAcFGFvyT5+l/3Zl+dOVH04p3j5GRE/OgX7/z88XKrtfP7iMnkH1Pd460P8uOV4dceAPh03XH68XIriZ4b+Y8Pn6x0t2HW56/fjIhSJ/7R4WQcHcefiIlsX4piREz/M8nzHUnP3MVFHLwfEZ/t1/4kZrI5kM7Kp6fjp7GfGWr8won4hayss0+fi89cQl1g3HyY9j9v9bv+CnE32/e//ktZD3Vxef+XPtTKUdYHfhK/2//dGtD/3T1vjNd+++1O6vbTZe9HfH4iohv7qKf/6cZvD4j/6jnj/+kLL748qKz9y4h70Td+emuZ9f1prPlWfXu+ubf/YKO+vF5dr25VKkuLSwtvPHy9Mr+2UZtYmB88GvztzfvPDipL2z/dP37+ypey+P3a/+Vztv9X/3n3+186I/5XX+kXvxAvnBE/fV6+cs74y9O/KQ0qS+OvDmj/xBnx02P3zxn/oz/vP7VsOAAwOs29/c3lWq26IyEx4kQ7d8Y56X/Z61DVfolvDCvWZPQv+skrnWv6VFH3vf//GGtQj3EZs27AdXB80UfEv0ddGQAAAAAAAAAAAAAAoK9hfGNp1G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5vpvAAAA//+LN8ti") 2.171254212s ago: executing program 1 (id=570): timer_create(0x2, &(0x7f000049efa0)={0x0, 0x7, 0x4}, 0x0) syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0x31cc437, &(0x7f0000000340)=ANY=[@ANYRES8], 0x0, 0x1fc, &(0x7f00000008c0)="$eJzs3b2KE18UAPCT/LP5+FfpBEEYsdBqUZ9gRVYQA8JKCu0ErUy122Rtdh/DV7D3kXwAWSzSyJU4k50Ys2MYSEbX36/JmZx75n4MmaTJnRS5zzc+RL/fivZBHMSsFcNox8J5AADXySyl+JJyTY8FANiNDb7/v1WUf/q6pXEBANvz4uWrZ49Go8OjLOtHXJxPx9Nx/prnnzwdHd7PfhiWVRfT6fi/y/yDbPW3wzy/F/8X+Yd5fXaZ7kbEuBv37uT5ee7x81H2c30v3mx57gAAAAAAAAAAAAAAAAAAAAAA0JRbkS2s3d9nf381Pyjy+dHS/kAr+/d04manOCy3B0pnu5gUAAAAAAAAAAAAAAAAAAAA/GVOTt+/ez2ZvD0ug15ELL/TWdPm6qBVnHijxs0H7ahXPiimWaPTVrFE253gYP3F3SSIzp9ydeoG2e/bxLD2+uTBoLI8pXmw/lOw2BbjyvJuRFT3fveo7vrMUkqTj7ePT04jVTYu7xG9nd6RAAAAAAAAAAAAAAAAAADg37X0r+9f9JsYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0oHz+f43grFecpbrxoq+96Dc3UQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK617wEAAP//cioisg==") r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000100)=""/75, 0x4b) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b0000000000000000000000008000", @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYBLOB='\x00'/14], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd964a1ceafa62cbe, 0x7, &(0x7f0000000740)=ANY=[@ANYRES32=r1, @ANYRES16, @ANYRES32=0x0, @ANYRESHEX=r2], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8000000000000000}, 0x18) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil) shmat(r4, &(0x7f0000ff7000/0x3000)=nil, 0x400c) shmctl$IPC_RMID(r4, 0x0) flistxattr(r3, &(0x7f0000000180)=""/133, 0x85) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x1100, 0x5dd8, 0x3, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r5 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r5, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) mmap(&(0x7f00007f4000/0x4000)=nil, 0x4000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffeca50000006d000000850000000f00000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x5a, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='kmem_cache_free\x00', r6}, 0x10) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0b00000007000000050000000800000005"], 0x48) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x15, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xaf4e}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@map_val={0x18, 0x8, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x14}, @jmp={0x5, 0x1, 0x5, 0x5, 0xd, 0x30, 0x8}, @generic={0xe4, 0x0, 0x6, 0x48b, 0xff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @jmp={0x5, 0x1, 0x2, 0x7, 0x6, 0xfffffffffffffff8, 0x4}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x3, 0xe7, &(0x7f0000000340)=""/231, 0x41000, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000040)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0xf, 0x5, 0x9}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000004c0)=[r7, r7, r7, r7, r7, r7], &(0x7f0000000500)=[{0x0, 0x3, 0x0, 0xb}], 0x10, 0x2e5, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000900)=ANY=[@ANYBLOB="b700000000000000070000000000000095000000000000005b1953e7203b3833b487e3c4bd4540e4b6e87b7891e0f159182f542be18de00d9d95e1c4a6b62a3c065fc1a7b4c144cc2508eba2540e3425abc138dbaf9f6da59d9c77cbe2a8a9666a08ed1704c6bb2e422f01d64cae3050d7bd3c10b0e80d9483a2e36568cf0c6a1b78d9ca2f8065a1d7b4b0eeeecaa3c865de68042c9ab36e8a43b97955b04e5351f99c682a939832582c0dfd64028580c33fca4ca652f4c4e116c16e0f76fd9379599b54e06a8662f81fe375751e06007efabbd87b82d35367257d1bc15f92370261aace269013bc00b86daae71e253200000000b1467c86aff0ee8ff6c53939acb3866e8247eff7c10f000200000e6bd59e5b4dbc12ce8f0a5f816382fc66bcf14bb83ce2336b93b90594b78301e696503eea3404fe7dc3a8a5f9fde10f53e458e9efbe57fb52e85ea5346ed9f42418aefc6052afd588f8ae73eaab3af38936bfdadc91cda3983de6513ef3c2e58a54ffb1921aab1df971cdc2b2ab17bc9e421b5991b6036f845313a4a5f9d8a36472d7d758d73e9be967ca3fdae7d7ba03a8d9e5962c67ca30e5b6eb3c524c22632e47f18c879f0564361ef35aba5ed3f2d1b0bc6954e7e2dc49106ce8a49b48812ad3f5f8391c14ecde831be42d15bdc797c2b9ab30a8e90d7d53784e7add8e5bd5b6797a63e48efa0eb4d1df88ea8b388e94c6a15ac4e22447dad331244a38a5a2e294905611bfeadcac35f6ccf6af94191954c6b840a3092ef94d1e0e23019fbbdcd5b47e4a565ce42d0bbd7b14f9df1139c15ee4d687fe0861a8210071ebeb63606d28dcb5404e077400bd04453c49d0e2e0bb2700000046a4e564ba31c3d62f2d0fb6b7630f66f086e36885c3634a522888f1c4049361cfb8914f59073ba6a8a6ea283acfa3d3bc40e7a70f71b27686ac5307918ac06f1a396fe1accc74e9eabfea"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x40f00, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_route(r9, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c000000190001000100000000000a0080201400000400050000081e0e000900"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0) 2.009236894s ago: executing program 1 (id=563): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550) 1.678771278s ago: executing program 1 (id=564): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0x5, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$tipc(0x1e, 0x5, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000240)={@multicast2, @local}, 0xc) socket$kcm(0x10, 0x2, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xf7}, 0x18) ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246) 1.51823614s ago: executing program 1 (id=567): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002300000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0xd, &(0x7f0000000100)=@raw=[@call={0x85, 0x0, 0x0, 0xb2}, @map_val={0x18, 0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x5}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @alu={0x4, 0x0, 0x4, 0x9, 0x2, 0x2, 0x10}, @jmp={0x5, 0x0, 0x7, 0x6, 0xb, 0xffffffffffffffff, 0xffffffffffffffff}], &(0x7f0000000080)='syzkaller\x00', 0xc5d, 0x8d, &(0x7f0000000280)=""/141, 0x41000, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000340)={0x5, 0x4, 0xab8, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000440)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000480), 0x10, 0x3, @void, @value}, 0x94) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000005c0)={0x3, 0x0}, 0x8) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000240)='./bus\x00', 0x8842, &(0x7f0000000000), 0x1, 0x4e6, &(0x7f0000000f40)="$eJzs3c1vG2UaAPDHdpMmaXb7satV25W2lbpS90ON86FVk92VVnsCDpUQlbiAVELihlInjmJHNFEPKdx64IBAICEOiCt/ARd6oqqEOIO4Ig6oCEqQAKmSkcd2mw87DSWxaeb3kyaed8ae531jPa/H78x4Akitk7U/mYjBiPgkIg7Wi+ufcLL+sHrn6lRtykS1ev6bTPK8Wrn51ObrDkTESkT0RcRTj0U8n9kct7y0fHmyWCwsNMr5yux8vry0fObS7ORMYaYwNzJ+dmJifHhsdGLH2nr91Revn/vgid73f3jl9s3XPvqwVq3Bxrq17dhJ9ab3xOE1y/ZFxH93I1gX5Brt6e92RXgotffvDxFxKsn/g5FL3k0gDarVavVudX+71StVYM/KJvvAmexQRNTns9mhofo+/B9jIFsslSv/vFhanJuu7ysfip7sxUvFwnDju8Kh6MnUyiPJ/P3y6IbyWESyD/x6rj8pD02VitOd7eqADQ5syP/vc/X8B1LCV35IL/kP6SX/Ib3a5f9gh+sBdJ7Pf0gv+Q/pJf8hveQ/pJf8h/SS/5BeW+V/bwfrAXTUk+fO1aZq8/r35nXc04Xy5aHZxamhqdLC/NBMqTSTXLMz+6DtFUul+ZF/xeKVfKVQruTLS8sXZkuLc5ULyXX9Fwo9u94iYLsOn7jxWSYiVv7dn0yx5iNfrsLeVq1motvXIAPdket2BwR0jaF/SK9f8B2/7Y+EAY+2zMD68sZ+oa/1y/4X87tWJWCXZR/+pe/tZD2Azjt9zPE/SCvj/5Bexv8hvezjAy1u0bdOm/H/eOD4/7WHqw+w+37F+D/wiBtsc/+v3625d9dwRPw+Ij7N9exv3usL2AuyX2Ua+/+nD/510y9+92Z+TA4R9EbES2+ff/PKZKWyMFJb/u295ZW3GstHu1F/YLuaedrMYwAgvVbvXJ1qTp2M+/X/6ychbI6/rzE22ZccoxxYzaw7VyGzQ+curFyLiKOt4mca9zuvH/kYWM1tin+k8ZipbyKp777kvulNbY+a7Ej8Y2vi/2VN/OM78H+BNLhR63+GW+VfNsnpuJd/6/ufwR06d6J9/5e91//l2vR/J7ba8JoTO1945+Uv28a/FnG8ZfxmvL4k1sb4tbqd3mYbbz/79J/arau+W99Oq/gRcbdarSZz+crsfL68tHwm+R25mcLcyPjZiYnx4bHRiXwyRp1vjlRv9p+jH9/cqv0DbeLX2/t5y/bXlv19m+3/6c+3njm5Rfy/nWr9/h9JHlv///sj4h/bjP/d6BfPtVtXiz/dpv3ZLeLXlo1tM375jcddOwwAvyHlpeXLk8ViYcGMGTMpnrm1YcmDeo6VznRQwK65n/TdrgkAAAAAAAAAAACwXZ04wbjbbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2At+DgAA//9FrdpY") r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0) r4 = creat(&(0x7f00000000c0)='./bus\x00', 0x182) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000002060e00000000000000000000000001050005000a0000000500010007000000050004000000000900022073797a31000000000c000300686173683a697000"], 0x44}}, 0x4004010) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='mm_page_free\x00', r6}, 0x18) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000030601020000000000000000000000000500010007"], 0x1c}}, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000140)={0xc, r4, 0xffffffffffffffff, 0xffffffffffffffff, 0xec9, 0x3e}) r8 = socket$nl_audit(0x10, 0x3, 0x9) bind$netlink(r8, &(0x7f00000001c0)={0x10, 0x0, 0x25dfdbff}, 0xc) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x400, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000004c0)='kmem_cache_free\x00', r9}, 0x18) syz_usb_connect(0x0, 0x88a, &(0x7f0000001780)={{0x12, 0x1, 0x250, 0x13, 0x3, 0xe0, 0x20, 0x7ca, 0xa309, 0x7f92, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x878, 0x1, 0xfc, 0x4, 0xc0, 0x9, [{{0x9, 0x4, 0x5b, 0x3, 0xf, 0xa5, 0x9f, 0x19, 0x0, [], [{{0x9, 0x5, 0x80, 0xc, 0x40, 0x5, 0xca, 0xff, [@generic={0xd4, 0x7, "9b07ef2a4c4ee6054b843d825c8856919ca1d1f98ca443e7e0e879e363c1d337dd0ea062bd30a67cd86214d96ee3b9f58cec330501791fda02350620fb2dc3770c414252b856074f3ca917ffa9fda16057876bf7ec669d727866b00207516de80c2deb6041b625da327ff488a2c1381863b247530938d9902044802110b48ec2796b3cc34616f9629d72efe3a2804b4f07ddaa0c12711eeaf13e499ba7347fe56c2105ccffd813429932f58931e64538be4012d7edf112db64e8585e74c00772e8dea6b5ef0ab6cb45bf4c3cbd917db03515"}]}}, {{0x9, 0x5, 0x1, 0x10, 0x400, 0x4, 0x5, 0x22, [@generic={0xe4, 0x6, "fabbaf2464382c88bc7b70c97187c93695b627a884c34607afa46e0def4b5d68496eee9988fe92ff51e4f4a5b17e7f2227db15a3b80a6a2fa12e51fd7163a419b49278e7970c58c8a3a596554e1a3f2fb88d04e9a2b2cdfe921273e10fa63e19b8785c8bf13ca6a9f5ae2114d233bddb6fb18e406d1d684a811ad66a0647d30a83f26d7b0f471393ffaf4e52e8b987066468c38c68f336752315c3f6c5ed2e4e6a889e858b2940e5b05a2556a49b07f4c57e06c189540b6bbac30585ac0743823816ed0066dbeb6c80e79b3e4468fe38d5650a9b3baf11b0a3e312392d7d89969d69"}]}}, {{0x9, 0x5, 0x6, 0x10, 0x3ff, 0x3, 0x63, 0x0, [@generic={0x88, 0xf, "0209fef1ce6cc8c0d4bc2e7fa84f7801b8584a6d37cadbfb79d846373210d985632e6c4ca5403f593f376a6022a501c2ff06feaf50493cf976b13026b15845c9f07cc737bab4e62a9e8639cb8daa3d6c15138cbf6d8170be65a09f8f2fb7601cc49999019e2d5d8d44643db5dee87a933845977f1aa07777a5bb572b71a42ff0a02790bb3928"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x7f, 0x3ff}]}}, {{0x9, 0x5, 0x9, 0x3, 0x3ff, 0x3c, 0x1, 0x1, [@generic={0x56, 0x23, "4476ec34105896db2abc1af512c75b664bd637f318f93ec7942da007273169a0f3fbdd8328dfa0550a37acc04a11c9bc5dda9c39a586de1d0f8074a037f02227d492c6bf979373efa156369844332355e70e3085"}]}}, {{0x9, 0x5, 0x80, 0x0, 0x40, 0x1, 0x9, 0xff, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x4, 0x101}, @generic={0xb4, 0xe, "a7f1e98ac6d6b253d73edc7a79e51c3a3c319820999e81d1fbe37c0f5e92ce788d2c9ccd50a2e25bcd9e5242bba4aeb641316e939191f00c831196559449bff64666bbee34adf7e79f91dad532c04f5e4c984fffe6a92bfa6c9c263125430f4e52b5ad996db011213319bcb6bc13b41e8417a8d083a5f71ca54e20e26561e9ed05e5c3af92e075d295e4c01c106c741a686cf76d409cb6fada8393d3ffe7640cacde70e47533f37129467b4176b7935c8855"}]}}, {{0x9, 0x5, 0xc, 0x10, 0x8, 0x1, 0x3, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x3}, @generic={0x20, 0x23, "1e72febb200cf0c47e9a53f958ed79619638b5ade73042cafd4113757c3f"}]}}, {{0x9, 0x5, 0x5, 0x10, 0x20, 0x80, 0x8, 0x3, [@generic={0xc1, 0x22, "316d23c3a12cf831307f3c3a71b3192ee3c19473c4483298eaadc6870b6e0d7857ce79ed10c6a4a101576b11cb17d14cd3ca887bec9be9509618671d0dbebfdcff9772d97981328c3f66002de3d78fe8c64103b500b72e1df41571c46e8bbd4da43a36ab7731e7acc7e502a35e55c877ce137272419d022aebfde6cc6f8f4646eac24cd0d27348eec9e771edb2cc03ea337789f062159d9f408809ab67a0d4839d1a42ff5ab2dadc01da67902929debaaa0b8a838f024592574a592e9fff3c"}]}}, {{0x9, 0x5, 0xe, 0x10, 0x40, 0x1, 0x6, 0x2, [@generic={0x52, 0x21, "3f7350a57561f794bc4dfdc265ea58aaa6123aff3f7e9dee39cb778b026a824bc5ecc60b3addaf4fa2e7e853879e180e488114f979933038d97f82368ab27efe8a1fe5ebc2eca201855329b294ff110e"}]}}, {{0x9, 0x5, 0x80, 0x8, 0x20, 0x3, 0xd7, 0x10, [@generic={0x2f, 0x30, "77978378214fdf0da8bfa33565250493a74c9aa04c0cacf1d286ab5dda13a7348129d58398d7c621c81f0cae4e"}]}}, {{0x9, 0x5, 0x80, 0x10, 0x400, 0x1, 0xb8, 0x5}}, {{0x9, 0x5, 0x2, 0x3, 0x20, 0x7, 0x8, 0x8}}, {{0x9, 0x5, 0x8, 0x0, 0x438, 0x0, 0x57, 0xf, [@generic={0xe2, 0x23, "3f261ea501f1c0b8d57cf3d7d4462d8a534ee00a1697912a3440a0e9e68677dec059e60ea7ab08d3c71b68f2d281a9996fb738e472e3c1c98761f8603e2c427c0436f43d1b6da4a5f434cdf451642d210504a6f8a30aedb5121a7995db9379b69794dcb6056a0d653c43a2d5fce94b9ca6041173816c07d6cd50d3ca1bb2baa819a4db25dfe24c50fedb6a13464d40a6d06ca14f9cb4baf5ffe42cb43b24614308a392d6475476d3e158a60b9d1a695f00f52edaee5e04ce12ea28e39adb5585c5b283d5b1fd6b54471675d980bb502ca1df5638c92b996a302136ea4dff64b5"}, @generic={0x87, 0xc, "f58195cd434e132f667f0b6db7e4d631fe0e6e0091d24c780d6c1d2373d4687f93292ee0ff32871302e932a92890f3054b2cc64c06744669e8b7e31345889f3d41481a58e5a3afb40f16bd07f19c4abe57dd4930dcccc559934b2311e7412235192dd65958d3e88f79c69bde95c513b7e0f3744c923f9df9989106117aefcfda7b1e545744"}]}}, {{0x9, 0x5, 0x6, 0x4, 0x3ff, 0x65, 0xd7, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x8, 0xf}]}}, {{0x9, 0x5, 0x9, 0x0, 0x8, 0x14, 0x47, 0x7, [@generic={0x7b, 0x21, "4568ee4bf702553fe80467001e57d5dae77e7c404d8ed12b07b0c00f6dfa5e11f17e00f0cc5f1366421c3eb869ba57dacc4370e4dcca59495ac1ab72a45de06eb7106a068bdb635b9756c8401ca590962a3e4fad5721758bfc39a2a4cd783a9057eb9e9eb69e101ffb48f3dd3fc785fc19a44ec3b4dc7f5595"}, @generic={0x7e, 0x0, "f84a89939cdfb78d1b28b6986c9dd0567de933d3cb4893bfcaf048799b1da90c19031a1b083bddbc09f6ba85f9c427d7e679aae2288fb7afce328257c101a7b4497e88b31951ecaf993c44c6095448db9380e64466290929887deeed8d72a3629904123a412477e952855a8e51eac4c4199ccc98501806eebd388ec0"}]}}, {{0x9, 0x5, 0xf, 0x0, 0x8, 0xeb, 0x4d, 0x40, [@generic={0xb5, 0x8, "7c72f01433aa429757c27032f34a240b8de6c87367374a18a6c7be26ecb76b537fb720df0e0c458024a2c835b5ce854386472b90fc77ac0109483efbc64c753afb57852be79dcca86189507986d8806ce104b23f867b546095249db6fb28134f558729f86302799732712e0c8c74b7739b123ea11e11e942942ec45cc915fa20d1bdd928b2a72b8ce1a648495b4c3573edde8c71180d778ceb6171953e56f412045b7d09617da668a842c9e963ac5e0d7125d4"}]}}]}}]}}]}}, &(0x7f0000000b40)={0xa, &(0x7f0000000640)={0xa, 0x6, 0x250, 0x1, 0x2f, 0xd, 0x8, 0x1}, 0xe5, &(0x7f0000000840)={0x5, 0xf, 0xe5, 0x5, [@generic={0xa3, 0x10, 0x3, "1d8346033ac92319cd884fb7b9f7af617f47cd70c45924cbfa77fdf9bb2d42a4243e2c81c4098c85158fa0175fb5c7ce8f9d4e0b22f9286f6541afae785322463a21b2385a281a03363b83b434c27080b09adb82fd0e9da4197d45db8614946478cb58df222679438cc3c8cc838ddba8ac39a3c09b41f786c84dcbf56bf45cc433bd1bedfe6afa6b0def1aafd083ba0e741ef412dfe51cf67a434fff6dd6f7e6"}, @ext_cap={0x7, 0x10, 0x2, 0xe, 0x9, 0x4, 0x4}, @ssp_cap={0x18, 0x10, 0xa, 0x5, 0x3, 0x6d, 0xf000, 0x5, [0xf, 0xffc0c0, 0xc0]}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x4, 0x5f, 0x40, 0x200}, @ssp_cap={0x14, 0x10, 0xa, 0x80, 0x2, 0xe4a, 0xf, 0x7, [0x3f30, 0x3ff0]}]}, 0x4, [{0x4, &(0x7f0000000940)=@lang_id={0x4, 0x3, 0x2c09}}, {0x4, &(0x7f0000000980)=@lang_id={0x4, 0x3, 0x3c03}}, {0x65, &(0x7f00000009c0)=@string={0x65, 0x3, "d7966a3a1c159e6aaafcf224740935b9e1b6371d4004fc14f28f8b1b9256339468d22ca6ddda84d913eb2166bf8ca73b8edf90ff8f99c0bd4895b3a23a008a7a8f6a4ea3e75b4e26208a3a0f53beaac77230732dfdad835495bd77b566cbf0c53d8403"}}, {0xd1, &(0x7f0000000a40)=@string={0xd1, 0x3, "2858b34edd6f30177c1414df6d6eb55d42c8882a6ae35004a05f0edfee04ac3a51605ac1671261fee1e63e96268bbaef5dd7c28da4187ffbb471b17c03559ca28d2347f189fd73040f7e78e29c7f62f4e4b064b0e5a444493e63fa1d1c0aedeb3b76ba9afa2a8d2749a448112e3af855cc30eb82584d88b3d35b55865f4078d966b88f4e9016cb115747c7ff66e0c19f1dc4d4b06a34877764412b8825e4a397dd552229e7a3a67db51a3a8e7949966373378207b31421956ea884c7ba8f0f1e0d1afef15d4104ace78b1966c89013"}}]}) io_destroy(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r10 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x5, '\x00', 0x0, r3, 0x2, 0x2, 0x1, 0x0, @void, @value, @void, @value}, 0xfffffffffffffcf6) bind$inet(r10, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r10, &(0x7f0000ccb000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10) symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') link(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000600)='\x00') 1.455267991s ago: executing program 4 (id=568): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) rt_sigpending(&(0x7f00000001c0), 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0], 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10) r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r6, 0x6, 0x0, 0x0, 0x0) r7 = fsmount(r6, 0x0, 0x0) r8 = openat$cgroup_subtree(r7, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r8, &(0x7f0000000680)=ANY=[@ANYBLOB="2b72646d6120bba99ff9c53ea765f88285fee8dbb367307d098a2c0afec57333903cd5db707e2497efadd7f7379438afae56b1658a8221afd2e0753c9b3b8c2f0a53858222e288f185c11ffc6db201fe91205649eed570e86263fcc97e9ea7d6293d4d6da4081ea0df9d38c680b2267502627977afb00234022078f0e4939fad097eeb8e906f1bdab17cb5db"], 0x6) r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 704.936091ms ago: executing program 3 (id=571): epoll_create1(0x80000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0) r3 = dup3(r1, r2, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000080), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3, 0x12, r5, 0x0) ioctl$MON_IOCG_STATS(r3, 0xc0109207, &(0x7f0000000140)) perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x71, 0x4, 0x8, 0x8, 0x0, 0x1f, 0x0, 0x4, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, @perf_bp={0x0}, 0xb06, 0xffffffffffffffff, 0x80000000, 0x6, 0x7f, 0x800, 0x5, 0x0, 0x2, 0x0, 0x3}, 0x0, 0xffffffffffffffff, r3, 0x2) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a0000000400000008"], 0x50) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r8, 0x0, 0x5}, 0x18) r9 = socket(0x10, 0x3, 0x0) connect$netlink(r9, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r3, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000380)=@newtaction={0x18, 0x30, 0x829, 0x4, 0x0, {}, [{0x4}]}, 0x18}}, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r6}, &(0x7f0000000240), &(0x7f0000000280)=r7}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r7}, 0x10) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r10 = syz_open_dev$vcsa(&(0x7f00000001c0), 0x0, 0x20001) setsockopt$inet6_tcp_int(r10, 0x6, 0x7, &(0x7f0000000240)=0x1ff, 0x1) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r11 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r11, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r11, 0x29, 0x30, &(0x7f0000001b80)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f700000000000000000000000000000000000000000000000000000000000000060000000000000000050000000a004e200e8a34c38f36f0c7eb2700d609bcf41076d88144448ebe7994dd1b33d7c8787734cc315672f62261ceeede940774fd94d2767288cfb3a20882449d601ff878eedd3d57c9eb3a723b62102bd534c8a304a975d752e82cc8d5f969771c94a1d69cfd8694e29b9468fca5df65ece31ed7c209325604001fcd06adc3ac391f60a3523d6d0b4a8a"], 0x310) setsockopt$inet6_group_source_req(r11, 0x29, 0x2b, &(0x7f00000005c0)={0x1, {{0xa, 0x0, 0xfffffffc, @mcast1, 0x3}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) 566.015553ms ago: executing program 3 (id=572): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000000), &(0x7f0000000040)=0xc) (async) syz_io_uring_setup(0x3a21, &(0x7f0000000080)={0x0, 0x94b8, 0x0, 0x3, 0x34d}, &(0x7f0000000100)=0x0, &(0x7f0000000140)) (async, rerun: 64) r2 = mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000004, 0x100010, 0xffffffffffffffff, 0x10000000) (rerun: 64) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_WRITE_FIXED={0x5, 0x48, 0x4004, @fd, 0x90f2, 0x8, 0x5e, 0xb, 0x1, {0x1, r3}}) (async, rerun: 64) r4 = socket$inet_tcp(0x2, 0x1, 0x0) (rerun: 64) ioctl$sock_inet_tcp_SIOCINQ(r4, 0x541b, &(0x7f00000001c0)) (async) r5 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000240)=0x1c, 0x80000) setsockopt$inet6_mtu(r5, 0x29, 0x17, &(0x7f0000000280)=0x2, 0x4) (async) syz_open_dev$usbfs(&(0x7f00000002c0), 0x4, 0x200) (async) ioctl$MON_IOCH_MFLUSH(0xffffffffffffffff, 0x9208, 0x0) (async) openat$autofs(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0) r6 = syz_open_dev$mouse(&(0x7f0000000340), 0x6, 0x10b800) write$UHID_CREATE2(r6, &(0x7f0000000380)={0xb, {'syz1\x00', 'syz0\x00', 'syz0\x00', 0x1000, 0x2c, 0xb868, 0x12, 0xfffff839, 0x7, "d7b0483dbf8600d420e903e949821f4bc5c14553e8c32d3f729cb0e9e21e5c90a191c45bb670c98d4fbb0f6b2c8e3d78f7358d7f5c72948397d21c85fd74d5c87d11506522a6a6cf2f2d99cadaf413179e2da70e0ff5d5019749471c06f99328d5b2fee54cb4fb2aae6094181d42c116634748c1ccf40659ebd9d1e12d8bb77d74780e9817906a0cb415467775a670a134f1b8f3432dab081eb791b6937435fe4c835c0b3e1f00023bf64826b65f2e9eae912107c88489cbf63184bbc94255cb3e4a6354d4e403c8990380b456e5eee6ba6c087f0b982fe6812cce7e8458c0ab2270309838752e98c9536c82275bc28d6ccee79249dbdec16ce21dffdb79f0486240cc0593686cec9c2eee2df16d425def61ea429d60b85b8c6078e98e6c60629717c8907306959d164623347592baebd348cba890c883d78ed23ab6cf11fe97f9618d39165669d53d42cf29e1f2e65ba9c09ae153b3405efc0e95f264668c485b937579827b24b4c6c17124aea5d64cd11ce05e055ae2927c71c6618d96a9f8f19cb4f4a2d18b6a662fecd27c5fe6a47789f05e8b24fd1e67c3ca53414dd3364328c621fb759045859e9a01df6c5ae62d02a26e91f97b82ef487053ab5af0f7db3e9fe89042dad9b8ec151c50c86bc0c91382aca1a53c1b8df9fee29f6c04cd3192aebb609dfa0fc20154d5c5e6d3c33aae2c368da149263f6bbda70b8da3af2516a730c00ca4dfc2801e06a531966303681b8fe89263b8711fa1d99e03b009de9fd5e1ef39690142740db61961379c92b54846199596d62b40fca27ef2499c0c381bbf8c4439eec03c702b8bd0e02260f25b04a347b2dfd722170c732034bd0bf1fd596754886047fff8df7583b1510aa1e75d3cb0bb975077aa53430a3677dd967797cfcee7314d8bdcf3efca0fa02d7e1c10673655233d83b4e947512764b5c7ef130431f42c4c008ea44755647263ea36d616d176278ecdbaa0fb73952f982be8ef228d2429e284618d956d71533f24ff6bdd979bc5b389cd42a70745e039d7ac993d0bb2f131d3707389100e38beea85f2e90ca618c753b7e849fbe41f4796b96b558da3851d889274073a2c5140461e6fb54ad79b11473ce749fbfdd5ad66bdf073eb5afdbcf1d3f7bf8ce96b76e71ee17a1e1feb2e10f2910eda0c590dc24e80bb472e5f2a97c323fd417fb66bf3cb659a6b05a5d1de3b4ba57b1943632cf7ef6c10334f0ec54f087ab57d241ff6349bb920af14c1bfe8864cd5e64968d2325a63d14dd2de74ab20e6fdf609c0a93e085f52a576048841ac04ee620801bab73267d10c92660cac96db2eacd12450a942c64490f13be2f3f30bd39dc005d964b9523b853de9fff26846d2bf664b7889ed49041fa09aa8e5ee243e6562f0f319a13d690101f59f5c49a28dacbd69293538be3b2a19b4fb26b2c05d465160850b816779512cb661559754a3e11222e9054b64d00f93cd8ddb3ecef7320790df2faeb18f23908726638cb0b4bbc6e82f125e95b007e7f6bad47263c35a1bfe25a37f7e742ee2ec82e6b878e29d47073af8db21056e6ecbe73fceb0a1f0a4cd13238b723e4bc825efe4e17d3bde1cac7ebbe081d0c8a46eb09fed0b2abf5cc3f4d723d42322f288ce7602e7837279feb0194beff9a77913da162a122f9a0242db69cb4c984166b274b4cc7de510c2fb5dbf5b7a19b1e3b47d1920b610ecb7c222a911964fa5d8f034c16877bc24a761ed36a0690dd3d6b4945335737c4a9dfdc30f59bc31366d2b779bd4b934df93e10d0480d8928c3e85a989a49bcaf26285593d3a6ab367761943a06e0725cfaa3c975b2252dea1e0f97101510be9d37a3d0ad828d888faf2172e1b70ac404a722c8f4b0c464d55d61a55690a94f695f49e95c9506a47a138bb662e5d8371fc180583178c8c248cf536a46a30b35c02e5dec1a54e69c58b8bf65e5b4609dcf330ebeb82d9d54ad95c0f61d72ddc7a118c83696f2fccdccd849642a75e7af5963543e1d55141f40e50027b6085dcf4dd803c4c31d5931e59d111d6fd146b92e605f60d410337523e1245eec05948962874eef34c2c6bad69bfa8048593d534340badf6bd633146646698d9ba0e3e5d068d7993479971b6dfb14a60b539336a860a473bcb6fab62a73af56d24a0c21b3de14e993f6b51e425f24b313f65d2479b17b22f9c047ffaa4a3590c36ab42a4e5d583a050ad5ed81c8be0ebda4823cb501ff2c7f8222df728959bfc1d3faf12a23a6645318875484f4a75769e0b9840b3ff1ed3cd888b95615634e218efbac9c35d9e11057f06de5043578b3cbfd3956e24cee30d091f79595919d19c2a3d3ce483101a993468f9da618372ee87e29841f9bc96c805dfd3c3c33f6ab50b22d510945ae66154c66fd7fbd3e933d867793ce4bb352853db018c25b950a5adb55b37b3181a99b342821a640229cf3d9526b3d5f3a9d3cefc3452d76f48f291be9590f8ff851a92865338ec350edba292b1d7043e92df3793192ff28b608ac768cd6dc8e5b0071808ecc85aafa93aa185d3dd383e0ef4b98502c8da6f6452f675beff5e395b40335324d295d81a75ad68674b47c2b940b9bb31aed01f33204dc46d694de30220b4536365530d37d1d7748fa684476ac6091b0186d4f4fe1b3ad58aa239585b0e373cf30c7a99d55120158a7400f4f933585da7be4ab459dc47a9a70fac2fa70ce591196b70883442496a87ae10135b27e082becff4b6ec7d837d788ddf8f85e6334d810c7f2a6ec7387d1eee16187273ed7853650da03d19e735695e1aa660839119668d82831496ae8aa98c229e9bf36ffe1bdf29c6da57acb8a6b2363e62d99faac9b9e81917a66d8655cad4dad5d75b8795a43b689593b7976f3113516f677355edeb40c88974f5594fd363d627b43e6b46ff0e496f028238ae48cc2b8b3a6067eec271def5f7282aaacaac55f7bf7179b78b6a6e9229b30b6ef5c5db0a53b2709ae3f931d46c54b74b77b089af72cb16fb9e5ac031d894f2b170f41d87d517ee40f4d2063463ee8171a25568f45f8d32e0976587d08093c4fb5ff8a045a7913079339e358ea10013fac6027328c939ddb9af076da674f25b0dc2145644e49c28d108456b55f815c33177abb35d0e71c8aed84061435e8201407c8c271ef179cbc996bc99dcfded7ca48e2dfeb36aa20a72bfa753203ed3ea6e2d9c3d38d05c68d87d629cb5613a45faa06ecc0767b8736e8df952ce22c84297e925bb3b299dcb5e9077259b6dfa31d354ed487ac24274e112a4916e372a519102ec7e6fdbf6c086ab013719ad97a9eb833b76ff5a3695b9c531b9d186b6bdbba2c9326f8946c5b2a4c0784935bb64e2733358ba41e7cca08c6f59bb9cd52124145d6190c77ab8df564d04fad25d67d0e9ae0212415a1ab61a6336582ad9ac80cfdbb1a927b2b105766f80fc7ee9fb104222b2e1fe62c3df4a52d156dc656d7c48aa0594dc1d9d420dbc3e3f7de88101910a7e1c4eff9eafa5fd44868fcda0666acf07c2954a64d4297215b363730c764070865a764e2189134b157624a7948c50bed50a99fcbb76e248db966aa95b997f40f76418521a38cd334e1938dfb2d2da2ff4b33ab43a7feeb7681a069fe730ad02972e28a2f0306b31b53e83a3648feefa4dcb0bdba9026396b8271cc1d3ddb3a18871dfd912a0af72db8fc6663e5b22c29d4f9e04004fa2df495f3f0d0b878f7c9f09ca11db69ee0c550c01cc2a96f5c5a3bf2d96d5b7e155f8ceb1f624f588ea8415cf33c1b7ed9fbc067c0a0cb09d153a3c72a949dc27f9592e805584772d24d3701aa16a3c6fe401a9b08958f0d51d2c05946ffda6d87b273eaa94b1e52dd159775ff3183b9dcded17d36f99f1f6ae9154333c3f9281ac31a774113f42bbd3c4674fc72bfb39b0429646286e6c6ee1b62deca6c8542849dab67637a15b8fc4e69f4477b56b7d50ee5088c5b61dadd584dc014124237d3888462ffc10297e8d8d0324036212bf50fbc69c08e063bdd42089a7f46b87ed050db22b0047f3bdecaeb76d164e69a9b7b7f7fb07300179f1d958ce47b18f024c273dc90b60decaefca050811738d48f5ae6b2882a4f5ad4ab8c9a7966f6ce013a7c306329f7f833e3f6502a278e75b72c32ff8028727e1065a600c8fb96cb825b8699e26f690eb1314947308620e0ee0cadfe43d11264160935db6e0540efde82e3765146ccb242dd86ded600f8a153137c314ccb8c5428e6221f117d36e88a1c8bf753b4083a0f9c0d3ae4ef35af5b7045c8121910e1e6d7ceb1901cca16bb9adc0804238b18e20c3b590b08512a6fa9fb71ce4b3ea059458c3bce1bac327bc906b3909c747272cf1d2db9ff0c920c2bf1814d0637bf9864f224e89d88c84d5035e3aa97f21d4432f97d8c87e7fd3027b315ac08c98b192f748b3298c31b1854d21a056a0af417156f2abe8807fc251665f1c7cde3a0dbfa205ba43906145b00fb50b10b352f84579e16b98c6db9d95512a666bc28d79d1094b41aca5dc7e149ae0f1ccdf3ac8697839391e3069de94b57fd0dc8219538963b399735705ee58400aedf0c5a0a3e0695e6e9249421a52f42f0390ab6291c7ed0604c218f0e00effe8b938c141b0c7a43154b2cec10e45a845ca81ebdd98da35337cf72b1a534fe684b20598bf33f2dd978d833e3c866d635e4ad8320ecfba2658248e565d8ecd384a4bcdc9e0bb5f0bb8b7d51c589114d363dbd2fabef5b980250f1b317175526a342954121f4fbded9fe97985113cc76c4987a815ee038a711b3da01da6c8aeb8f169fb1b1c5c98323bc069940a81a0d6d6e756744e84c54d5733cf0bfeb74b98955c2da55cc89bc2c7081c5650b14077acbeeb73702719ce20d5d71fb4e0ab487d2aae5e7f7a288877618f154f93360b95e821cd592ca1c24681ebad33b505d17e8a30bb4c081d8e6bc40c01a0fa9dc3698c92e573eb5ca911f4ddff2a55c216fb62a30f2ea0d02df0a97caa7363a33df8ea405fa3470a28b0c10d1f87e7c7af476bc112d7f1ac6ea93cdf0639fb1e2fcbc2c32cd920c74f9477e1923b24b5a4c872b6a4573ba82813b833186c8fc5914d1704930c6f1e80fdcf8a44a4f959d4489f1c569ab7b68c2f73027527297aafeb55bb62318ccca907a0b61bf0cbea87ec8cbf5aa40ec63f02cbc3b3c4a16865d5d51de521b0b55bee1c7b2dbcc6110b0fdfaf9d9c7a769829f623982cc07764ad65bfa89fe318bd1151e0a9da26b49fb1563d0d48b356b0a6e95456f3b65bdda23db746101271713ca1edc0c7d4e157acec89d00fcb82946d2f016a70841b65edfb696bc90cab2248af556e46500a52cf793fe4ddb8653d15a9bbb89dc0a7ed7d67243189ffaa1b6e9c4f582988fd842ec5ca7b280cc04461cff177fd1b9c467f24edda6560555f071d93e4f5913c281cbb8864d0ba8925bd27c123ac8e19e5a7581e18351e29af2cd5d024f87b8fae4a85d94543d31450d4af9e4c52e9a29f9fca8afaee74ede908269e1dc8760fff61f1ee7b96236963368adef2a25d2e48d1c5bfcd295e351e649022204292dab3b1a39ffea180bc6d12c439d3bed09a75e7e2d96d9356fa9ba84428950e7f2aab8d0178def85cd0b7a78ad6f2e5a292fe265a6c2b10d22572ed4707fb1fa16f4d469e59d3a3a845ad31a636f84267abb73f0261d755d519dac73c3bff22bc1db1c11aa1c63364cf732b6505a62087c8b711baedaf0cf7868513ecc96f99490824172bc5a4abb188217dfeb29eec5f94926c509223a8c9ce"}}, 0x1118) r7 = syz_open_dev$usbfs(&(0x7f00000014c0), 0x1, 0x88040) (async) r8 = socket$caif_seqpacket(0x25, 0x5, 0x4) ioctl$AUTOFS_DEV_IOCTL_FAIL(r6, 0xc0189377, &(0x7f0000001500)={{0x1, 0x1, 0x18, r8, {0xfe3, 0x8}}, './file0\x00'}) syz_genetlink_get_family_id$ethtool(&(0x7f0000001540), r9) (async, rerun: 32) ioctl$BLKPG(r9, 0x1269, &(0x7f0000001640)={0x3, 0x0, 0x98, &(0x7f0000001580)={0x8, 0x9, 0x1}}) (async, rerun: 32) rt_sigreturn() ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r9, 0xc018937d, &(0x7f0000001680)={{0x1, 0x1, 0x18, r7, {0xbac}}, './file0\x00'}) socket$kcm(0x29, 0x2, 0x0) (async) ioctl$sock_inet_SIOCGIFNETMASK(r6, 0x891b, &(0x7f00000016c0)={'netpci0\x00', {0x2, 0x0, @multicast2}}) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) bind$bt_l2cap(r10, &(0x7f0000001700)={0x1f, 0x7c, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4, 0x1}, 0xe) (async) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001780), r6) sendmsg$NL80211_CMD_DEL_KEY(r10, &(0x7f0000001880)={&(0x7f0000001740)={0x10, 0x0, 0x0, 0xc1040008}, 0xc, &(0x7f0000001840)={&(0x7f00000017c0)={0x4c, r11, 0x4, 0x70bd29, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_KEY={0x30, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_IDX={0x5, 0x2, 0x1}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_TYPE={0x8, 0x7, 0x2}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_TYPE={0x8, 0x7, 0x7f65a5d59c7111ca}]}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000007) (async, rerun: 32) rt_sigreturn() (async, rerun: 32) setxattr$system_posix_acl(&(0x7f00000018c0)='./file0\x00', &(0x7f0000001900)='system.posix_acl_default\x00', &(0x7f0000002040)={{}, {0x1, 0x1}, [{0x2, 0x3}, {0x2, 0x1}, {0x2, 0x4}, {0x2, 0x5}, {0x2, 0x4}, {0x2, 0x6}, {0x2, 0x6}, {0x2, 0x1}], {0x4, 0x4}, [{0x8, 0x5}, {0x8, 0x6}, {0x8, 0x1, 0xee00}, {0x8, 0x4}], {0x10, 0x4}}, 0x84, 0x0) 515.559714ms ago: executing program 4 (id=573): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x100000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x20000e8c, @void, @value}, 0x94) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001740)={0x1c, r2, 0x701, 0x0, 0x0, {{}, {@void, @void, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8}]}, 0x1c}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) utimes(&(0x7f0000000040)='./cgroup\x00', &(0x7f00000002c0)={{}, {r4, r5/1000+10000}}) mount$tmpfs(0x0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000140), 0x3200841, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00 \x00'/13]) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) lsm_set_self_attr(0x66, 0x0, 0x22, 0x0) 378.864135ms ago: executing program 4 (id=574): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = epoll_create1(0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_GATEWAY={0x8, 0x1d, @private=0xa010101}]}, 0x24}}, 0x4000008) r2 = fcntl$dupfd(r0, 0x2, 0xffffffffffffffff) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000cc0)={0x16, 0x3, &(0x7f0000000c40)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000004e90cc3f3924511636c23828a9083b606285c6aed96c488b9a383d128bdf7a640b41181e319fd86eb0f3399b906c060bc4f87ff47c"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000180)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="11"], 0x11) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r4}, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2000000000000004, 0xffffffff}, 0x1320, 0x0, 0x3, 0x5, 0x0, 0x800001, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) write$binfmt_script(r2, &(0x7f0000000340)={'#! ', './file0', [{0x20, 'GPL\x00'}, {0x20, 'GPL\x00'}], 0xa, "115cd6fd413200182425bfbaa04e01d1607ae79d3b647771a3e6f5abdfadaa71e53a4bd56b8e90b96fb77f26c5df29409d0bc2c42865d0dcc268a925a82e629f6217d77005728dd06371cb5604979674bb730ceacea588638a2cb5042439f86e5cde5e6887cd40bde69963571891979b35fa311113b1d95701e9f5ce14"}, 0x92) openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000580), r5) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$IEEE802154_LIST_PHY(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, r6, 0x30b}, 0x14}}, 0x0) 330.093816ms ago: executing program 3 (id=575): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = epoll_create1(0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_GATEWAY={0x8, 0x1d, @private=0xa010101}]}, 0x24}}, 0x4000008) r2 = fcntl$dupfd(r0, 0x2, 0xffffffffffffffff) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000cc0)={0x16, 0x3, &(0x7f0000000c40)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000004e90cc3f3924511636c23828a9083b606285c6aed96c488b9a383d128bdf7a640b41181e319fd86eb0f3399b906c060bc4f87ff47c"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000180)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="11"], 0x11) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r4}, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2000000000000004, 0xffffffff}, 0x1320, 0x0, 0x3, 0x5, 0x0, 0x800001, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) write$binfmt_script(r2, &(0x7f0000000340)={'#! ', './file0', [{0x20, 'GPL\x00'}, {0x20, 'GPL\x00'}], 0xa, "115cd6fd413200182425bfbaa04e01d1607ae79d3b647771a3e6f5abdfadaa71e53a4bd56b8e90b96fb77f26c5df29409d0bc2c42865d0dcc268a925a82e629f6217d77005728dd06371cb5604979674bb730ceacea588638a2cb5042439f86e5cde5e6887cd40bde69963571891979b35fa311113b1d95701e9f5ce14"}, 0x92) openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000580), r5) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32, @void, @value}, 0x94) sendmsg$IEEE802154_LIST_PHY(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, r6, 0x30b}, 0x14}}, 0x0) 312.454376ms ago: executing program 4 (id=576): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x100000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x20000e8c, @void, @value}, 0x94) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001740)={0x1c, r2, 0x701, 0x0, 0x0, {{}, {@void, @void, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8}]}, 0x1c}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) utimes(&(0x7f0000000040)='./cgroup\x00', &(0x7f00000002c0)={{}, {r4, r5/1000+10000}}) mount$tmpfs(0x0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000140), 0x3200841, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00 \x00'/13]) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10) socket(0x2, 0x80805, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r7}, 0x10) lsm_set_self_attr(0x66, 0x0, 0x22, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10) open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0) r9 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r9, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550) 254.482417ms ago: executing program 3 (id=577): r0 = socket(0x25, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=@newqdisc={0x24, 0x24, 0x200, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, {0x5, 0x5}, {0xd}, {0x0, 0xf}}}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x2, 0x1, 0x1}}}}]}, 0x44}}, 0xc4) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002b80)=@newtfilter={0x3c, 0x2c, 0xd27, 0x200, 0x0, {0x0, 0x0, 0x0, r1, {0x5, 0xd}, {}, {0x9, 0x8}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xf, 0xfff3}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000004) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$IEEE802154_LIST_IFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="05052bbd7000fc3f17009561bdc0"], 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001940), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000001980)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000001a40)={&(0x7f0000001900)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001a00)={&(0x7f0000001a80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="00032bbd7000fbdbdf251c00000008000300", @ANYRES32=r4, @ANYBLOB="4260afdc201c18c99b0d918a86383f2a0797fa1e1a8f61f00a274bcc098136ca96612e7fecf36685db1694f1e35c78acef2bc5140c2d09d2252090c3944ea820eb3b7dbb60390edc85aeb7d5e20270d2b0f56bac798a80a5ffd6d5874a62fc7658bd10a413519709d061a9855efb5ac1e2694ea8"], 0x1c}, 0x1, 0x0, 0x0, 0x20008840}, 0x8005) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000010080)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18) r6 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000018c0)={r5, 0xffffffffffffffff}, 0x4) sendmsg$nl_route_sched(r6, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x2}, 0x2, r9}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) r11 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$inet_udp(0x2, 0x2, 0x0) r13 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r12}, 0x10) r14 = socket$kcm(0x2, 0x2, 0x0) sendmsg$kcm(r8, &(0x7f0000001800)={&(0x7f0000000380)=@in={0x2, 0x4e20, @remote}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000180)}, {&(0x7f0000000800)="f9f5e8b3fe3e5a20ed90ef8d8e82e444fa9c43e4ac2bb667931b175bd8df8777c230517ba2e0e15d06419af2c817435c5fdab27bc65d73989149949e44c42744fd5d675ae903e2a60ed90815d18e24acd40ddcd674baa7cc8eaeea87316241d94b94819e9d5baac28005d137daea25e3c56ccb965fde806fdb3acc4a31ac1f58084d78d31d686324d150c819ad3aa920566a5c6695a9fb4488d8afc7761281c0cc5c01b05d7fd355ef8ebcbf9101d93fcc7dd3dfd7ca880fcda81c34f4a439502c2704d9a8ec589f2a1d2700d434da2dcf4ef7c3f7734756a5b0b9b1a0e59d7cc898a0e9548cb57a603f611e771de80cbc100456f0da561b617c9c66ac911332a8c30c93466fa91a5db1d8238a6b9cf9724fd2ba27b87de80fa843f89ede7d98eea83706a127ff160a814f2d633181b25a20f4e92463036b39b58044ce12fc294c4c2fb49b5e1c3df19599631fb9a4b3f03431cc2d71af4ea2a1f78001ab0f5e558c121c79b9ee4632c5de4a4fc276ee00033850df0525a45e65bd8ce61aee073c99ee0b8393cc35259cb101986990bd926d5184ae26f6e9cac85a432b5cc004dfa040f1816dbe7eb937a43fd117c67a23774e730eea6a55f1c238bf0adfa8ee97b1fd1b1de9570f1384f9d75f6e7eec676a80381f71f27f8723c50ca6879571ed3f71b12db715d34ffd0d73380dea3f3acc66924b37dd118a4438c089b3ccd532315633d2e78c28bb73351dfc8d3eb1a0514724d56222d3daa8feb8a4be101499ff12f3f619ad76f9efa3bfb1b45724922ae0377296aa51002cad79925b1507fedc7518ff48193549ba422bf2e139e568228025dbd296f0e94b34e944bb409ea9d8e7300b87919dde912e8602e6f00afa9871bf482f2182614920b629d73a391e527fda31c0622be5f95786a42a764ee1ee15b568f62b5e7fb93bf5c6c0ad8e1af9c73a8891cc04c2d2de2cd250089512bb77b5ab283a4d2da4bfd5a212f1110fa416ecceb8acea5ac3fa13aa30c26d5a62475cfa9e58324ae0cf2a847ec7863ae03d9ea18396c3cf4f3d72464fa8ebdc4aa5075a28fc9eacffc58385bacdb69b3c7dc4121f8dcc9f4604c9c163f3985306112efd5bf75ad1d7a72ac235de6ad8a52bef102e014df102a9d2ec7eebe06391c20a673d6f5327b2a043a54e3120bc321335c327110a91614b24967b68d118033265f255647ab2e520efbc0614e1a874b5c69484ecf4a1c16ebe54e0b5b3ed7c930fe8886fa1462289cd64807fdeb2319f12e748462b03b17684e8ab89945a133ba43e342b9ce1653d2598a053c39b11a3b01484331df3191c5bae6b749dc24cc6f5ac37e06ea6ba52dfd7e1ae5d2225d8f06f9a6e6c120bee0f981901f11547f4f6f1f35c0b4f184fe12d9837fe07496ecbefc6d47dcffce26894143c59f38b65ecc4976c608c2a9369ce0754878c1c3b267519a7b5d6503f969b4b35f12eeaaf8bae7c747e8fd8050fa96a518a4a50212e17556b0adfcaaf0698402246d559dd4b6002ad8970b60f4f5a82f0d91fd442f0c17c10bf503425d9518f8d6bec23c55f6da0389b4fc921d4d863519a036f37054d7f7e1feee8031d7dfbb8b533f0998b28b658c79d9f7a127c64f54eb20070892895fe6990e9e23a82bca41108936911a891994658b02a09e0fdb38870cf2b3bec586a755624913007d285bce61b367f82aa741d6828026116ef091d76aa7cd27c3dd5bf00d44055c6c8eba9f693e42020901cd0b533c218e6d2532044952226b6541f4104a79ef30ba4e619ed1cfed6c11b2554360bf1a92841a35653bbc6ed7e919c2f336a5665b9d79c674303d1e74faf66d4599526e1a98c5d459544d67d435b67cf4189ebaf3f6bd7aced92ad1bcc7088b5ebaff533855fc75c2712f87ecef6c67dd9ae29569f026ecc23c4dc9d19be1bbdbe15b7ab941e4529a76ae8d77efa6dd8e25493e337cbfca4a1149d346044d94ff79512c5535c66915a5edfa9b92a034aca46726691684458e0750ad7c798e9261b312c8789b3dc61441cc92c38b99b2ba8a3d5c18448cecc8ca2351e9050d21c5a77144d361cb32e319be1cb046f9f16dfd7e75742cca3f79a0ab9655aecdf1be189a2a5d546a69edb95a5cc6866bc20812cb7aac47067ad337f39605ae2f001a742cd37935f67822b91cd135bf538186d5366a0149cdf65a21ab072245eff42e9854a2e476735be8c1cf44081bd1c79e048a4befbaa7e728d8a3ac871a066b6e7916a1848766adff55b5d9de2a1ee57b1cd178948c1b9bbe88cffbc163b5752a76d17f75df48afae85feb51b6c073f10dfdac53f7ca10731357f59653f378fdb0e7633c4d895647f5c242b58acb4fb91aa69bab0675a23beb38a940ac66b37401d995cce98141642d2266cc54d857395a400b7d16161fc985097c36cd7154ebf5ca78ad25d6e3d13bc3a8829d0f70c0055d949148efd1e61eca270a825c373cb659e964bc371a56f70a94e2fb59556f04c3c424627a57af3244a74d5d02ad14d0ac3697a778f9d77c5ebb26b9c55747253872d509191c4d9d61114fbdd013a04170b57d901eba56101fec2db0fa1eff162adb10f633112b51713c15d09e8ed2aca2608b914ecac207afb0f11d90e26b5e858576bc2f9058fcf4321fb807f52562a3763fcbeb180d76af797e4db26a8abcfdd3d1cffa5bcdfeba463a011d95cc8633de55e05410a5b8ead439f2bbc2ba869c97a2a8253544d9a2de0f2512813a6810da210bcdd2ca4de3b7783772e38d232a2f35ce574d64280abf7f8a6f95164f12eca09c5c40c7336de0fb313b49363f89adb078217a84e6d9f808c6765e67561823e8eeae802c45fe73e03486a6018228c07bcc0190fbcb02e25b7be47f70a1314b4ed73edb9cccfb71df07f82e55b8a56dbadf7644857ab17c4b768be2b2be3986a9f1bc484de97e2c15be5de7f27828c8f74933155460ca8447198f15ff89b8cfb0569cd2ecc1f63da57b8cbe0ffe634c25fbf8fbfe4240100bd40d9189ad2bbd19d624b1bbeac9078d15f1206278c9448bdcab51bb2727229edd4df45410062b1a3904b8e7e9f3fbc8f81e9676152bf2da005ec69d30f3b246d95971aa4cf1b5e01913052b9f3740c0b0136a33087f9a23e3c488bb564d9fcdb48ec48bfa3b228d29585236c4145c7640fd60a313fc65e36bacd0541e290334eea938f91ea2c5fb3acf696f47288e82d4152f790df2c32a5e91ea6b64ef3e2047e8faa7db18f4a9fc0d65bd1d31ce3734d31ed9b1acaf6165f70860a548323e505be4231f31539291c34880482234195be64ce71053cbcf99c3a367171089af71f69a9d4b618c842f64890d5ff5ac7fa06fff19c34edd312bae4c043068449aa829a18fbb34fbf49df5d0785cfd66c9d02b55b7c22001c633f2724e1dfb19c55d289262d32e46d4a9960162da1354d298fb4d0b7eeb17214e4a2f0a582608cc6686f0421875b68428cb21cd4de0e4cfd6bcc4d02fd167710fa96b011fd156f8c8a538cdd77fbf650efbd1ff6ad0cbed801f188088cd0cf187842650f00a4e5e93d5cae7d7f25245377b52883ef363f6efb064be95b6456e216f1342122538b39556509889e813cef7305b384f1c6776922b751ed20a4dc3014a728ec7ddb159a6c9e96deb9d4c4cbea5be3bce8643637a9a9223accde2cbb40b482e59412bfa90b94ea3ff343bba7e19efe8658bf1be3518f71dc60cdc5886bf5f55104151286320e0a04b0e9cb570064a1800a2484b93d67e5a3529efdb6be17a4b29d949dd55b2dd13f149caf2837c3f5bcd4a10d822441b0a8a9b259008bfeb622c5f5a6e62adfbd7c44e9c6dbe2036f10195cc84592496efa6659ab27c23c9640e5decb8dd684672fbecea3d96c16555cb275f6ceae908b1961b0a9c1060b7f9278c6fa83b74732987b4e845f53f6c1043ecd2477c2a4ce012c9cc52a4fd18827cf0393d4f615ab1b04b965e81279ab37a52e6e8c7ff895818230bf69380ebb285efea1c0456b67059f497761c538036a22453f157076dfc6a5181b7f98ef9dd65d2bb320db293b1c672c91c9b1d7b8f57e7c30010c0335c95c35e9a4b688554d7a4ab39a62fbfd235bbb6d966eb7d7d87df7885fb81fa914cfb7001ac7867f06033e199a777fa9e8c88bc809eb362c36d5ef3a4c4a29aee67bc1863b526e3566c57f981cebde2676b172054f491cc4a57d9defbdd61c7be26a180c71c0a256759453075adfbb35224a25a38a74c9b25627527bde4321f0893fcb31e2f08108251e4ecbd957c4bdbdfddf0b33212c2920c7b5e08a48980f2149ed6378f2549c5374bb839cd6d6d6555c94df41dc5cb656360c010f914318a8217bca508ec28ba85d14baf8effcc60d8d7881af26580568351dc6a3b1dd73f3e65e51efb43a37141f182e7c722ef44efbc96b8334c1738d0c8c8abe2727129670be0ea8bae608eb5909b58576059bc44a99156caa6a0d4703f1a3e641c4e92dd837fb723d87a445a38381f4fe4efe62f99472ea76bb43677a4965b333a9ba76b6e54718ce6e2bb049959845e12459a22a276967ca50e49e15e152e99c5daa9734870a61354e7dd8ca801421bbd0113ccc256f0ce67232509a290c34c2b55e87b147dc5192297c5ffac537d70c24510515def369a6e64decc61bc0f01b086d577056df8731d74eef167eac1b69f604440b10b9557c6164a5b04cf115d635c14cbf07cca18e72adac350199d783f872d776d5553676e42f4e1e43d359896b0637ce273997aa95ea7e2f2fa18deaf465ef326abdb5e6854e75d1438fe121302020ebb0e3ab64cce93280a05180d3d232174fd6a61112661dae19c796258e0b971df4fa024d6b65925c35a5b1f951b8ca88675fa9c0aa40f1d69ad298f27bce15937b15141bda148190833d6a40dc7eb6119348aef8e08763aa3c89a6944916edb5d803cc2fe02f9e6ed8d97bc5e59980f642922d69290d16ebc052dfcc4164f4e0e3dc4036936588358ea3b383a46cae27138941c797be50523f251171f0ab0accd69c0a55c7dc5d135c6e38bcce418f2ed9759628a3f67cbc7d062c7227e5d86e6c078289f7c2d70908b797d0c11b581b625282317b30d8c4feb0dfecf97481a2a2a8b845c77f093d9cea1d3b1e37290416c96a6ab3d3b6b2341fa9ea15fa15bfcca5d3a00a82d8b32164d056b7f7858cb5cb02c0082b232f4e91aff2c3ec8a63831a3724e3ae1e7ab2d4b07622541914868699389570cdc77a0c5973c6c5aca0e6c93f5dfae16500eeb95f0b21600d016ce69848dd4d919e2d0deb9177ef1536cfa1f169eef962bca3e20f1ca9d4eb385eed607699ed76a2608cbfcd8acec7593e4e146af0cd52ba6f4247ce1b4fc7fe8566b6c6e1d6ccf28ef456f72d5ee3550c5a921025c37ea9f7c76af2a65a4d24f44003d4a6bc7a7304af47c50a78d8c3a5e3d6db7711cf473c9137e8524912a493db0478fc3a23613214ec5a962fa319533eb4246af790c38a2687dc015a79977196125f3c155bdf496dea38438b9e995af6509c31f2b2dd20d02b13d01a3e10c085fb50017f3888f0227ab69c89343484726c8132a5d75820e86923eb36c40138e850ae1912fc3cbe962e39e1288be74bc01e43ce8feeecf71b8a34683cb4ef1b947f25e3395746546e9a703b4190f8c240920d05b680223e8e8ebf73a9f6651d75c313d00c977c743a078d2840f2d032513adbec2c49ac581276017655472ea8d80ebeabe2a3ed9d0844c39c30e34303997290db6377402fe9453365d37086adbb438297996da", 0x1000}, {&(0x7f0000000500)="bb41994101528c06fe404452b535c80652d6e9b6f2b65c34d0fe88e0d9f9a1c6d894d573a0670d401a7de746fa214e59890c73456b692a4f64be2bb59dfe89ba888770c2750338bebea3b9928a83d721aa879c2aa680ef12ef492bebf3fd35d5242f9a8889a18530ff312e878313098034bc1f494a68716b3d7c20b6ac61900c562a86ce966b9f12e181d12508916dbc14c711a3ca2b0a63ad2178532230ca0f5a02e8dec8184ff4489a8bbfc88ab34c55277c0ce46b3c5109a2828e5ceb3de7152ac0e0d898f54aab6b1ee775a4134b029d141658966cb89c04ca9f3b3b8a1964cd723062df", 0xe6}, {&(0x7f0000000600)="99010f38296fc036633a9324029abe24fde6d01945e1b8abd128b1a30289f15227bfa46018d22bb1598f4cc6f029946f9d17af78bd00c4dfffc25e49d697a2e4ddd4b487cd1d1ea78c91545bf6d37aae37eab66fea67becb5efaa89530124b", 0x5f}], 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="28000000000000000a0100e607000000b9037609296a60c3d57754725115286505be00000000000070000000000000003a0000000400000049c0c5d1c752ccc0c2d4659ba462ce2997b651df7d53b4b1edf52def4fc90dcc6bd22045afccc506a3d78f1a9e6f10404d80fa3879901427cd4da62630327b4c5ba6c9ebd17804f5608e144fcbb25eb61ebabf552c91056534fff80000000000"], 0x98}, 0x20000000) sendmsg$inet(r14, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000001b40)=ANY=[@ANYBLOB="3000000000000000000080140901f5962c761d89da48e566f47d8c6b60aad04f5fb1e7e01c7fd9ef53b50817f14a150f1c3041c781fb6540832759c10fc8f32a04342d8956bf5f0a7d89d2227a24635af3e370cc61cb4b9f6ab3818214215c91bde9dcdaf3010907c220344218f03fbfc163d01e02377d37915ddbc60aec1629dbc6874de6040b", @ANYRESOCT=r10, @ANYRESDEC=r13], 0x30}, 0x0) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) tee(r16, r15, 0x7fff, 0x0) close_range(r15, 0xffffffffffffffff, 0x0) 253.282647ms ago: executing program 4 (id=578): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0x5, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$tipc(0x1e, 0x5, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000240)={@multicast2, @local}, 0xc) socket$kcm(0x10, 0x2, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xf7}, 0x18) ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246) 146.006788ms ago: executing program 4 (id=579): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001540)={{}, &(0x7f00000014c0), 0x0}, 0x20) r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffbffd, @void, @value}, 0x94) socketpair$unix(0x1, 0x4, 0x0, 0x0) recvfrom(0xffffffffffffffff, &(0x7f0000000380)=""/186, 0xba, 0x40, &(0x7f0000000280)=@can, 0x80) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x410, 0x0, 0x0, 0xffffff6a, 0x0, 0x0, 0x340, 0x258, 0x258, 0x340, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x11}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x0, 0x9}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x180, 0x1c0, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @empty, @private2}}, @common=@dst={{0x48}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x470) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffd}]}) r4 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x3, 0x800000000007}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x9, 0x8, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x1, r0, 0x1) syz_open_pts(0xffffffffffffffff, 0x2042) socket$netlink(0x10, 0x3, 0x14) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5) r6 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x25dfdbfb, {0x60, 0x0, 0x0, r8, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0xa0000, 0x40000}, 0x44080) 129.950448ms ago: executing program 3 (id=580): syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f0000000180)='./file1\x00', 0x1004081, &(0x7f0000000380)=ANY=[], 0x2, 0x81c, &(0x7f0000001540)="$eJzs3U9oHOfZAPBnFMmyZeIv5PvIZ4zjjO18YPM5ykpKlIoc0s1qJE8i7YrdVbEpITGxnBrLSUgIaUxp6kvSlpbSU49priGX3FoKLfTQ9lRoDr30EAjk0pKWFkpLKbjs7K61+rOSLctymv5+i/edfeedd953djzPzmrfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIqlMl0pjSczl1cUzaX+V6XptfpP53fp+tirZZL0RSetf7N0bB9tZB/9nZfZ9radjcbj96nDsbSV748r+++55/L8HB7rLb9Kg7Traf9ZQ74sk4hutRl06t7y89MptaMgu+vZPOhN7b3iRv19rPc9m1bxRy+fLs1maN2rp1ORk6eHTM410Jp/LGmcbzWw+rdSzcrNWT09UTqZjU1MTaTZ6trZYnZ0uz2XdzMceGi+VJtOnRheycr1Rqz781Gijcjqfm8urs0WZ8dLr0SrzWGtHfDpvps2sPJ+mFy4uL01s1dRWobFVOcOrdpzDD97zyWsf/+XiUmuH7FdJ0tkxx8fGxsfHJh+devSxUmlwvDS+OqO0RlwvEQMRrRK3Zaflztq/Qd5gZ49ZNyPi2n/tzMEbbtFAJ/7HXORRjcU4E2mkMVA8rzyGohLTUY9azLde/3Zozfx18f//Hv7jrzdbb2/870b5gyuzD0UR/4+0Xx3pF//XtWIHHoP9aq2+325Nb96r8UZciUtxLpZjOZbile2scc/aWm/HY7idDuxsrbORRTXyaEQt8piPcpGTdnLSmIrJmIxSPBunYyYakcZM5DEXWTTibDSiGVmxR1WiHlmUoxm1qEcaJ6ISJyONsZiKqZiINLIYjbNRi8WoxmxMR7mo5UJcLLb7xJp23ff15378wm8+eac1fb3Q2CYdSVof5vZ/FPHnTQqtC/c3Ef9bJQY6e/euxCR2yd6bfFd36MgNt+5aEf8H73QzAAAAgNsoKb59TyJiKO4vpmbyuezLd7pZAAAAwA4qftd8uJUMtabuj6R1/l/aoOSHEcO73jwAAABgByTFGLskIkbigfZUd7jURl8CAAAAAP+Gir//H2klIxFvFhnO/wEAAOBz5pv9rrH/8Z7iGrsj0VgYTn76p6jXh5KrC2ceTC6XW+XKl+9qL9dJvnS9xubMoeRAp5IimRy8sj+JiMFKdjjpXv3yn52xBJ8Wz4dWLkDY71r/yRYNiM0bULyK78TRdpmj59vp+e6c9lpGZvK5bLRSm3t8LOl8OdJ87cWLX42i+9+qzh9I4sLF5aXR519aPl+05WqrlquXO5eHT7pLRbQHVGzSlmvd0RT3b9zjoWIgRme9I+31lnr737ma7MDm/U961/lWHGuXOTbSTkdW939va51jo4+PRbl8YKCZnWm+dq2n951WjK30fLjb2+Qm3oW34ni7zPETx9vJBq0YX9WKF9e3Yrx3+9/YtrjhVrxz9M0zf/1FLckmtmrFxC22AuBOuVBc9WclCu0rotA/rrW1AtqauLuvu+TNHOUurHzK6C7fE+sGY110T7cT3d+KE+0yJ9qfJwYPbRBXShsc0V+++PIvO0f0R977wQ+fOfKrD9bE9ZtoxXtxsl2mk8S9P+8TY1t9/u6aqPpua4l3+663MTeevD48MZS0bz4UVx66ePncC0svLL04Pj4xWXqkVHp0PIaKjwqdpE9LRR6A/2xb3WPng69dL9rvLjzJI1ucVd97/ScFo/F8vBTLcT5OFaMNIuKBjWsd6fkZwqktzlpHeu7wcmqLc8uVsuNryw4fT6JP2YmeLfa/3y+Sv92mNwQAdsGxLeJwEve0L/vz+t2dJdaUuCtJTvWed38lIg71i7mtWH6yfePc7tlx9I/lvX7fSb+wGxsFAD7nsvqnyUjz7aRezxeeHZuaGis3T2dpvVZ5Oq3n07NZmlebWb1yulydzdKFeq1Zq3S/Op7OGmljcWGhVm+mM7V6ulBr5GeKO7+nnVu/N7L5crWZVxoLc1m5kaWVWrVZrjTT6bxRSRcWn5zLG6ezerFwYyGr5DN5pdzMa9W0UVusV7LRNG1kWU/BfDqrNvOZPBtK82q6UM/ny/WrETG3OJ+l01mjUs8XmrV2hd115dWZWn2+qHZ0fff/sNvbGwA+C15948qlc8vLS69sb+J3N1L4TvcRAFhNlAYAAAAAAAAAAAAAgM++9cP1Wrk3NRBwKLY9fPDV4WhN7Nvu4q2JZzo9uYVRjJtMDMYOV7j5xP+/3+7MTlS4vp6hbs7dW4373LfqPd3T2cS7tBF2cuK5J564tJKTDPZu3iffPHj6oyy6vdukno3/p2w01PXtAxF7fvS9ds4X+xROBne4px9GxDYWv5ZsUmZ3j0MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcCP+FQAA//+XX0rH") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) 0s ago: executing program 3 (id=581): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="f22b20adcd06daa1b228cb4bf07cd7ec877a655659cbc6c40a9643fa35f03328d045d5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$inet6_dccp(0xa, 0x6, 0x0) rmdir(0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x5, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10) set_robust_list(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x550, 0x0, 0xffffffff, 0xffffffff, 0x1c0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x298, 0x2c0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x2, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x4, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff, 0xfd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5b0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r3}, 0x10) ioperm(0x3, 0xffffffffffffffff, 0x1) syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f0000000680)={[{@grpquota}]}, 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7") r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x1010, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000600)='ns/time_for_children\x00') writev(r6, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x100000}], 0x1) r7 = socket$inet6(0xa, 0x6, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f00000000c0)={@mcast2, 0x800, 0x1, 0x103, 0x1, 0x800, 0x20}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18040000000000000000000000000000180000002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001040)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000840)="b9ff03316845268cb89614f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) setsockopt$inet6_int(r7, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x4) connect$inet6(r7, &(0x7f0000000000)={0xa, 0x203, 0x80000, @initdev={0xfe, 0x88, '\x00', 0x4, 0x0}}, 0x1c) kernel console output (not intermixed with test programs): ng mode [ 57.239743][ T4256] EXT4-fs (loop4): 1 truncate cleaned up [ 57.246725][ T4256] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.280312][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.308541][ T3317] EXT4-fs (loop2): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 57.397160][ T4273] 9pnet: p9_errstr2errno: server reported unknown error [ 57.446938][ T4279] FAULT_INJECTION: forcing a failure. [ 57.446938][ T4279] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 57.460506][ T4279] CPU: 1 UID: 0 PID: 4279 Comm: syz.2.219 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 57.460553][ T4279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 57.460569][ T4279] Call Trace: [ 57.460578][ T4279] [ 57.460588][ T4279] __dump_stack+0x1d/0x30 [ 57.460615][ T4279] dump_stack_lvl+0xe8/0x140 [ 57.460640][ T4279] dump_stack+0x15/0x1b [ 57.460688][ T4279] should_fail_ex+0x265/0x280 [ 57.460718][ T4279] should_fail+0xb/0x20 [ 57.460748][ T4279] should_fail_usercopy+0x1a/0x20 [ 57.460781][ T4279] strncpy_from_user+0x25/0x230 [ 57.460849][ T4279] ? kmem_cache_alloc_noprof+0x186/0x310 [ 57.460873][ T4279] ? getname_flags+0x80/0x3b0 [ 57.460892][ T4279] getname_flags+0xae/0x3b0 [ 57.460916][ T4279] user_path_at+0x28/0x130 [ 57.460994][ T4279] __se_sys_mount+0x25b/0x2e0 [ 57.461060][ T4279] ? fput+0x8f/0xc0 [ 57.461141][ T4279] __x64_sys_mount+0x67/0x80 [ 57.461180][ T4279] x64_sys_call+0xd36/0x2fb0 [ 57.461203][ T4279] do_syscall_64+0xd2/0x200 [ 57.461256][ T4279] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 57.461282][ T4279] ? clear_bhb_loop+0x40/0x90 [ 57.461360][ T4279] ? clear_bhb_loop+0x40/0x90 [ 57.461381][ T4279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.461407][ T4279] RIP: 0033:0x7fd70683e969 [ 57.461426][ T4279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.461473][ T4279] RSP: 002b:00007fd704e86038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 57.461544][ T4279] RAX: ffffffffffffffda RBX: 00007fd706a66080 RCX: 00007fd70683e969 [ 57.461559][ T4279] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000 [ 57.461574][ T4279] RBP: 00007fd704e86090 R08: 0000200000000080 R09: 0000000000000000 [ 57.461589][ T4279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 57.461602][ T4279] R13: 0000000000000001 R14: 00007fd706a66080 R15: 00007ffc78986b28 [ 57.461621][ T4279] [ 57.822639][ T4293] loop2: detected capacity change from 0 to 512 [ 57.845638][ T4293] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 57.857651][ T4294] loop1: detected capacity change from 0 to 1024 [ 57.868218][ T4293] EXT4-fs (loop2): 1 truncate cleaned up [ 57.877685][ T4293] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.892461][ T4294] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.229: Failed to acquire dquot type 0 [ 57.928814][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.945067][ T4294] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 57.995834][ T4294] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.229: corrupted inode contents [ 58.016468][ T4294] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #13: comm syz.1.229: mark_inode_dirty error [ 58.031733][ T4294] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.229: corrupted inode contents [ 58.079741][ T4306] FAULT_INJECTION: forcing a failure. [ 58.079741][ T4306] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 58.093921][ T4306] CPU: 1 UID: 0 PID: 4306 Comm: syz.3.232 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 58.093972][ T4306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 58.093988][ T4306] Call Trace: [ 58.093996][ T4306] [ 58.094032][ T4306] __dump_stack+0x1d/0x30 [ 58.094061][ T4306] dump_stack_lvl+0xe8/0x140 [ 58.094085][ T4306] dump_stack+0x15/0x1b [ 58.094104][ T4306] should_fail_ex+0x265/0x280 [ 58.094134][ T4306] should_fail_alloc_page+0xf2/0x100 [ 58.094259][ T4306] __alloc_frozen_pages_noprof+0xff/0x360 [ 58.094302][ T4306] alloc_pages_mpol+0xb3/0x250 [ 58.094328][ T4306] alloc_pages_noprof+0x90/0x130 [ 58.094412][ T4306] __pmd_alloc+0x47/0x460 [ 58.094451][ T4306] handle_mm_fault+0x19ae/0x2c00 [ 58.094488][ T4306] ? __rcu_read_unlock+0x4f/0x70 [ 58.094600][ T4306] do_user_addr_fault+0x3fe/0x1090 [ 58.094650][ T4306] exc_page_fault+0x62/0xa0 [ 58.094670][ T4306] asm_exc_page_fault+0x26/0x30 [ 58.094690][ T4306] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 58.094722][ T4306] Code: eb 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 8f eb 01 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 58.094744][ T4306] RSP: 0018:ffffc90000ef3e18 EFLAGS: 00050206 [ 58.094819][ T4306] RAX: ffff888102949ad8 RBX: 0000000000000090 RCX: 0000000000000090 [ 58.094870][ T4306] RDX: 0000000000000000 RSI: ffffc90000ef3e50 RDI: 0000200000000200 [ 58.094887][ T4306] RBP: ffffc90000ef3f48 R08: 0000000000000026 R09: 0000000000000000 [ 58.094902][ T4306] R10: 0001c90000ef3e50 R11: 0001c90000ef3edf R12: 0000200000000290 [ 58.094918][ T4306] R13: 00007ffffffff000 R14: 0000200000000200 R15: ffffc90000ef3e50 [ 58.094943][ T4306] _copy_to_user+0x7c/0xa0 [ 58.094980][ T4306] __x64_sys_getrusage+0xaf/0x110 [ 58.095033][ T4306] x64_sys_call+0x27aa/0x2fb0 [ 58.095062][ T4306] do_syscall_64+0xd2/0x200 [ 58.095164][ T4306] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 58.095278][ T4306] ? clear_bhb_loop+0x40/0x90 [ 58.095305][ T4306] ? clear_bhb_loop+0x40/0x90 [ 58.095346][ T4306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.095370][ T4306] RIP: 0033:0x7f13b28be969 [ 58.095385][ T4306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.095401][ T4306] RSP: 002b:00007f13b0f27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000062 [ 58.095419][ T4306] RAX: ffffffffffffffda RBX: 00007f13b2ae5fa0 RCX: 00007f13b28be969 [ 58.095466][ T4306] RDX: 0000000000000000 RSI: 0000200000000200 RDI: ffffffffffffffff [ 58.095481][ T4306] RBP: 00007f13b0f27090 R08: 0000000000000000 R09: 0000000000000000 [ 58.095497][ T4306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.095512][ T4306] R13: 0000000000000001 R14: 00007f13b2ae5fa0 R15: 00007fff6e405d98 [ 58.095536][ T4306] [ 58.427318][ T4308] netlink: 'syz.2.233': attribute type 39 has an invalid length. [ 58.471139][ T4310] loop3: detected capacity change from 0 to 764 [ 58.488398][ T4310] Symlink component flag not implemented [ 58.494962][ T4310] Symlink component flag not implemented (7) [ 58.522941][ T4294] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #13: comm syz.1.229: mark_inode_dirty error [ 58.556782][ T4294] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.229: corrupted inode contents [ 58.571219][ T4301] netlink: 'syz.4.231': attribute type 13 has an invalid length. [ 58.655253][ T4294] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 58.714419][ T4294] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.229: corrupted inode contents [ 58.735996][ T4294] EXT4-fs error (device loop1): ext4_truncate:4255: inode #13: comm syz.1.229: mark_inode_dirty error [ 58.773779][ T4294] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 58.785059][ T4301] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.793246][ T4301] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.824103][ T4294] EXT4-fs (loop1): 1 truncate cleaned up [ 58.838314][ T4294] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.879228][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.917572][ T4301] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 58.976454][ T4301] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.986199][ T4301] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.995359][ T4301] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.005929][ T4301] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.009329][ T4322] SELinux: Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped). [ 59.095258][ T10] lo speed is unknown, defaulting to 1000 [ 59.097529][ T4316] FAULT_INJECTION: forcing a failure. [ 59.097529][ T4316] name failslab, interval 1, probability 0, space 0, times 0 [ 59.102593][ T10] syz0: Port: 1 Link DOWN [ 59.117301][ T4316] CPU: 1 UID: 0 PID: 4316 Comm: syz.3.235 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 59.117367][ T4316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 59.117385][ T4316] Call Trace: [ 59.117394][ T4316] [ 59.117405][ T4316] __dump_stack+0x1d/0x30 [ 59.117437][ T4316] dump_stack_lvl+0xe8/0x140 [ 59.117465][ T4316] dump_stack+0x15/0x1b [ 59.117572][ T4316] should_fail_ex+0x265/0x280 [ 59.117629][ T4316] should_failslab+0x8c/0xb0 [ 59.117807][ T4316] __kmalloc_node_track_caller_noprof+0xa4/0x410 [ 59.117839][ T4316] ? ethnl_default_set_doit+0x2bc/0x5b0 [ 59.117870][ T4316] kmemdup_noprof+0x2b/0x70 [ 59.117900][ T4316] ethnl_default_set_doit+0x2bc/0x5b0 [ 59.117991][ T4316] genl_family_rcv_msg_doit+0x140/0x1b0 [ 59.118035][ T4316] genl_rcv_msg+0x422/0x460 [ 59.118068][ T4316] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 59.118099][ T4316] netlink_rcv_skb+0x120/0x220 [ 59.118193][ T4316] ? __pfx_genl_rcv_msg+0x10/0x10 [ 59.118234][ T4316] genl_rcv+0x28/0x40 [ 59.118262][ T4316] netlink_unicast+0x5a1/0x670 [ 59.118378][ T4316] netlink_sendmsg+0x58b/0x6b0 [ 59.118407][ T4316] ? __pfx_netlink_sendmsg+0x10/0x10 [ 59.118434][ T4316] __sock_sendmsg+0x142/0x180 [ 59.118471][ T4316] ____sys_sendmsg+0x31e/0x4e0 [ 59.118503][ T4316] ___sys_sendmsg+0x17b/0x1d0 [ 59.118609][ T4316] __x64_sys_sendmsg+0xd4/0x160 [ 59.118642][ T4316] x64_sys_call+0x2999/0x2fb0 [ 59.118709][ T4316] do_syscall_64+0xd2/0x200 [ 59.119008][ T4316] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 59.119088][ T4316] ? clear_bhb_loop+0x40/0x90 [ 59.119116][ T4316] ? clear_bhb_loop+0x40/0x90 [ 59.119147][ T4316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 59.119327][ T4316] RIP: 0033:0x7f13b28be969 [ 59.119349][ T4316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 59.119438][ T4316] RSP: 002b:00007f13b0f27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 59.119464][ T4316] RAX: ffffffffffffffda RBX: 00007f13b2ae5fa0 RCX: 00007f13b28be969 [ 59.119481][ T4316] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006 [ 59.119498][ T4316] RBP: 00007f13b0f27090 R08: 0000000000000000 R09: 0000000000000000 [ 59.119515][ T4316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 59.119532][ T4316] R13: 0000000000000000 R14: 00007f13b2ae5fa0 R15: 00007fff6e405d98 [ 59.119626][ T4316] [ 59.482848][ T4333] loop0: detected capacity change from 0 to 128 [ 59.501230][ T4334] loop2: detected capacity change from 0 to 512 [ 59.526820][ T4334] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 59.544491][ T4333] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 59.548979][ T4334] EXT4-fs (loop2): 1 truncate cleaned up [ 59.564010][ T4333] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.566115][ T4334] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.606306][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.661637][ T3322] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 59.678671][ T4344] netlink: 64 bytes leftover after parsing attributes in process `syz.3.244'. [ 59.815283][ T29] kauditd_printk_skb: 81 callbacks suppressed [ 59.815303][ T29] audit: type=1326 audit(1748415592.650:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4347 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13b28be969 code=0x7ffc0000 [ 59.857765][ T29] audit: type=1326 audit(1748415592.650:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4347 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13b28be969 code=0x7ffc0000 [ 59.888446][ T29] audit: type=1326 audit(1748415592.730:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4347 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f13b28be969 code=0x7ffc0000 [ 59.915816][ T29] audit: type=1326 audit(1748415592.730:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4347 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13b28be969 code=0x7ffc0000 [ 59.941925][ T29] audit: type=1326 audit(1748415592.730:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4347 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13b28be969 code=0x7ffc0000 [ 60.011759][ T4351] nftables ruleset with unbound set [ 60.018092][ T4351] program syz.0.247 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.047955][ T29] audit: type=1326 audit(1748415592.890:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4347 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f13b28be969 code=0x7ffc0000 [ 60.073841][ T29] audit: type=1326 audit(1748415592.890:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4347 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13b28be969 code=0x7ffc0000 [ 60.098583][ T29] audit: type=1326 audit(1748415592.890:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4347 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13b28be969 code=0x7ffc0000 [ 60.175523][ T4359] netlink: 'syz.3.251': attribute type 39 has an invalid length. [ 60.240913][ T4362] loop0: detected capacity change from 0 to 512 [ 60.249479][ T4362] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 60.261581][ T4362] EXT4-fs (loop0): 1 truncate cleaned up [ 60.269981][ T4362] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 60.324747][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.334574][ T29] audit: type=1326 audit(1748415593.170:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4368 comm="syz.1.255" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f79eb41e969 code=0x0 [ 60.364263][ T4367] FAULT_INJECTION: forcing a failure. [ 60.364263][ T4367] name failslab, interval 1, probability 0, space 0, times 0 [ 60.378440][ T4367] CPU: 1 UID: 0 PID: 4367 Comm: syz.3.254 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 60.378472][ T4367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 60.378484][ T4367] Call Trace: [ 60.378565][ T4367] [ 60.378573][ T4367] __dump_stack+0x1d/0x30 [ 60.378599][ T4367] dump_stack_lvl+0xe8/0x140 [ 60.378640][ T4367] dump_stack+0x15/0x1b [ 60.378663][ T4367] should_fail_ex+0x265/0x280 [ 60.378700][ T4367] should_failslab+0x8c/0xb0 [ 60.378779][ T4367] __kvmalloc_node_noprof+0x126/0x4f0 [ 60.378807][ T4367] ? ip_set_alloc+0x1f/0x30 [ 60.378914][ T4367] ? __kmalloc_cache_noprof+0x189/0x320 [ 60.378944][ T4367] ip_set_alloc+0x1f/0x30 [ 60.378970][ T4367] hash_ip_create+0x54f/0xa20 [ 60.378996][ T4367] ? __pfx_hash_ip_create+0x10/0x10 [ 60.379042][ T4367] ip_set_create+0x3cc/0x960 [ 60.379088][ T4367] ? __nla_parse+0x40/0x60 [ 60.379120][ T4367] nfnetlink_rcv_msg+0x4c3/0x590 [ 60.379186][ T4367] netlink_rcv_skb+0x120/0x220 [ 60.379293][ T4367] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 60.379327][ T4367] nfnetlink_rcv+0x16b/0x1690 [ 60.379355][ T4367] ? mod_objcg_state+0x40e/0x530 [ 60.379462][ T4367] ? should_fail_ex+0x30/0x280 [ 60.379561][ T4367] ? xas_load+0x413/0x430 [ 60.379581][ T4367] ? xas_load+0x413/0x430 [ 60.379603][ T4367] ? __rcu_read_unlock+0x4f/0x70 [ 60.379625][ T4367] ? xa_load+0xb1/0xe0 [ 60.379655][ T4367] ? memcg_list_lru_alloc+0xc2/0x490 [ 60.379754][ T4367] ? mod_objcg_state+0x40e/0x530 [ 60.379785][ T4367] ? mod_objcg_state+0x40e/0x530 [ 60.379811][ T4367] ? should_fail_ex+0x30/0x280 [ 60.379842][ T4367] ? __rcu_read_unlock+0x4f/0x70 [ 60.379900][ T4367] ? should_fail_ex+0xdb/0x280 [ 60.379934][ T4367] ? selinux_nlmsg_lookup+0x99/0x8b0 [ 60.380011][ T4367] ? selinux_netlink_send+0x59f/0x5f0 [ 60.380045][ T4367] ? __rcu_read_unlock+0x34/0x70 [ 60.380070][ T4367] ? __netlink_lookup+0x266/0x2a0 [ 60.380095][ T4367] netlink_unicast+0x5a1/0x670 [ 60.380196][ T4367] netlink_sendmsg+0x58b/0x6b0 [ 60.380223][ T4367] ? __pfx_netlink_sendmsg+0x10/0x10 [ 60.380246][ T4367] __sock_sendmsg+0x142/0x180 [ 60.380328][ T4367] ____sys_sendmsg+0x31e/0x4e0 [ 60.380358][ T4367] ___sys_sendmsg+0x17b/0x1d0 [ 60.380401][ T4367] __x64_sys_sendmsg+0xd4/0x160 [ 60.380426][ T4367] x64_sys_call+0x2999/0x2fb0 [ 60.380569][ T4367] do_syscall_64+0xd2/0x200 [ 60.380597][ T4367] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 60.380625][ T4367] ? clear_bhb_loop+0x40/0x90 [ 60.380826][ T4367] ? clear_bhb_loop+0x40/0x90 [ 60.380861][ T4367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.380940][ T4367] RIP: 0033:0x7f13b28be969 [ 60.381034][ T4367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.381057][ T4367] RSP: 002b:00007f13b0f27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 60.381076][ T4367] RAX: ffffffffffffffda RBX: 00007f13b2ae5fa0 RCX: 00007f13b28be969 [ 60.381147][ T4367] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005 [ 60.381161][ T4367] RBP: 00007f13b0f27090 R08: 0000000000000000 R09: 0000000000000000 [ 60.381175][ T4367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 60.381189][ T4367] R13: 0000000000000000 R14: 00007f13b2ae5fa0 R15: 00007fff6e405d98 [ 60.381234][ T4367] [ 60.762519][ T4372] loop0: detected capacity change from 0 to 128 [ 60.833302][ T4378] loop2: detected capacity change from 0 to 512 [ 60.848270][ T4372] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 60.866714][ T4378] EXT4-fs: Ignoring removed bh option [ 60.874356][ T4372] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.892533][ T4378] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 60.908057][ T29] audit: type=1326 audit(1748415593.740:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4368 comm="syz.1.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 60.959629][ T4378] EXT4-fs (loop2): 1 truncate cleaned up [ 60.967875][ T4378] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 60.990014][ T4380] loop1: detected capacity change from 0 to 4096 [ 61.021943][ T4380] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 61.063456][ T3322] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 61.091855][ T4383] netlink: 'syz.4.260': attribute type 13 has an invalid length. [ 61.101975][ T4387] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 61.110154][ T4387] vhci_hcd: default hub control req: 2314 v0008 i0002 l0 [ 61.123617][ T4389] loop0: detected capacity change from 0 to 128 [ 61.182125][ T4391] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 61.193030][ T4391] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 61.203440][ T4391] netlink: 8 bytes leftover after parsing attributes in process `syz.0.261'. [ 61.215811][ T4391] netlink: 28 bytes leftover after parsing attributes in process `syz.0.261'. [ 61.221276][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.248694][ T4393] FAULT_INJECTION: forcing a failure. [ 61.248694][ T4393] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 61.250273][ T4391] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 61.264215][ T4393] CPU: 0 UID: 0 PID: 4393 Comm: syz.2.262 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 61.264374][ T4393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 61.264416][ T4393] Call Trace: [ 61.264426][ T4393] [ 61.264436][ T4393] __dump_stack+0x1d/0x30 [ 61.264467][ T4393] dump_stack_lvl+0xe8/0x140 [ 61.264495][ T4393] dump_stack+0x15/0x1b [ 61.264520][ T4393] should_fail_ex+0x265/0x280 [ 61.264666][ T4393] should_fail+0xb/0x20 [ 61.264745][ T4393] should_fail_usercopy+0x1a/0x20 [ 61.264785][ T4393] _copy_to_user+0x20/0xa0 [ 61.264838][ T4393] simple_read_from_buffer+0xb5/0x130 [ 61.264912][ T4393] proc_fail_nth_read+0x100/0x140 [ 61.264956][ T4393] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 61.264997][ T4393] vfs_read+0x19d/0x6f0 [ 61.265036][ T4393] ? __rcu_read_unlock+0x4f/0x70 [ 61.265190][ T4393] ? __fget_files+0x184/0x1c0 [ 61.265237][ T4393] ksys_read+0xda/0x1a0 [ 61.265277][ T4393] __x64_sys_read+0x40/0x50 [ 61.265351][ T4393] x64_sys_call+0x2d77/0x2fb0 [ 61.265382][ T4393] do_syscall_64+0xd2/0x200 [ 61.265469][ T4393] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 61.265505][ T4393] ? clear_bhb_loop+0x40/0x90 [ 61.265556][ T4393] ? clear_bhb_loop+0x40/0x90 [ 61.265586][ T4393] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.265615][ T4393] RIP: 0033:0x7fd70683d37c [ 61.265636][ T4393] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 61.265660][ T4393] RSP: 002b:00007fd704ea7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 61.265686][ T4393] RAX: ffffffffffffffda RBX: 00007fd706a65fa0 RCX: 00007fd70683d37c [ 61.265754][ T4393] RDX: 000000000000000f RSI: 00007fd704ea70a0 RDI: 0000000000000003 [ 61.265770][ T4393] RBP: 00007fd704ea7090 R08: 0000000000000000 R09: 0000000000000000 [ 61.265853][ T4393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 61.265870][ T4393] R13: 0000000000000000 R14: 00007fd706a65fa0 R15: 00007ffc78986b28 [ 61.265897][ T4393] [ 61.347228][ T4397] netlink: 'syz.2.264': attribute type 39 has an invalid length. [ 61.355560][ T4391] vhci_hcd: default hub control req: 1f03 v0017 i0001 l0 [ 61.653383][ T4410] loop3: detected capacity change from 0 to 764 [ 61.664707][ T4410] Symlink component flag not implemented [ 61.671103][ T4410] Symlink component flag not implemented (7) [ 61.710724][ T4414] loop1: detected capacity change from 0 to 128 [ 61.739233][ T4416] netlink: 420 bytes leftover after parsing attributes in process `syz.3.273'. [ 61.749866][ T4416] netlink: 16 bytes leftover after parsing attributes in process `syz.3.273'. [ 61.759916][ T4416] netlink: 16 bytes leftover after parsing attributes in process `syz.3.273'. [ 61.771225][ T4416] netlink: 4 bytes leftover after parsing attributes in process `syz.3.273'. [ 61.789457][ T4421] FAULT_INJECTION: forcing a failure. [ 61.789457][ T4421] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 61.803975][ T4421] CPU: 1 UID: 0 PID: 4421 Comm: syz.1.274 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 61.804011][ T4421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 61.804027][ T4421] Call Trace: [ 61.804036][ T4421] [ 61.804109][ T4421] __dump_stack+0x1d/0x30 [ 61.804140][ T4421] dump_stack_lvl+0xe8/0x140 [ 61.804167][ T4421] dump_stack+0x15/0x1b [ 61.804190][ T4421] should_fail_ex+0x265/0x280 [ 61.804230][ T4421] should_fail+0xb/0x20 [ 61.804262][ T4421] should_fail_usercopy+0x1a/0x20 [ 61.804300][ T4421] _copy_to_user+0x20/0xa0 [ 61.804425][ T4421] simple_read_from_buffer+0xb5/0x130 [ 61.804480][ T4421] proc_fail_nth_read+0x100/0x140 [ 61.804524][ T4421] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 61.804565][ T4421] vfs_read+0x19d/0x6f0 [ 61.804605][ T4421] ? __rcu_read_unlock+0x4f/0x70 [ 61.804635][ T4421] ? __fget_files+0x184/0x1c0 [ 61.804691][ T4421] ksys_read+0xda/0x1a0 [ 61.804784][ T4421] __x64_sys_read+0x40/0x50 [ 61.804823][ T4421] x64_sys_call+0x2d77/0x2fb0 [ 61.804853][ T4421] do_syscall_64+0xd2/0x200 [ 61.804884][ T4421] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 61.804932][ T4421] ? clear_bhb_loop+0x40/0x90 [ 61.804956][ T4421] ? clear_bhb_loop+0x40/0x90 [ 61.804985][ T4421] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.805034][ T4421] RIP: 0033:0x7f79eb41d37c [ 61.805054][ T4421] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 61.805078][ T4421] RSP: 002b:00007f79e9a87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 61.805103][ T4421] RAX: ffffffffffffffda RBX: 00007f79eb645fa0 RCX: 00007f79eb41d37c [ 61.805119][ T4421] RDX: 000000000000000f RSI: 00007f79e9a870a0 RDI: 0000000000000004 [ 61.805132][ T4421] RBP: 00007f79e9a87090 R08: 0000000000000000 R09: 0000000000000000 [ 61.805185][ T4421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 61.805233][ T4421] R13: 0000000000000000 R14: 00007f79eb645fa0 R15: 00007ffe74b2cde8 [ 61.805252][ T4421] [ 62.076325][ T4426] loop1: detected capacity change from 0 to 128 [ 62.096150][ T4427] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98 [ 62.133044][ T4428] loop4: detected capacity change from 0 to 2048 [ 62.140213][ T4432] netlink: 32 bytes leftover after parsing attributes in process `syz.3.273'. [ 62.142465][ T3668] nci: nci_rsp_packet: unknown rsp opcode 0x116 [ 62.163839][ T4431] xt_hashlimit: max too large, truncated to 1048576 [ 62.174003][ T4431] FAULT_INJECTION: forcing a failure. [ 62.174003][ T4431] name failslab, interval 1, probability 0, space 0, times 0 [ 62.189278][ T4431] CPU: 0 UID: 0 PID: 4431 Comm: syz.1.277 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 62.189310][ T4431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 62.189323][ T4431] Call Trace: [ 62.189331][ T4431] [ 62.189343][ T4431] __dump_stack+0x1d/0x30 [ 62.189369][ T4431] dump_stack_lvl+0xe8/0x140 [ 62.189409][ T4431] dump_stack+0x15/0x1b [ 62.189431][ T4431] should_fail_ex+0x265/0x280 [ 62.189477][ T4431] should_failslab+0x8c/0xb0 [ 62.189524][ T4431] kmem_cache_alloc_noprof+0x50/0x310 [ 62.189599][ T4431] ? __proc_create+0x265/0x500 [ 62.189621][ T4431] __proc_create+0x265/0x500 [ 62.189643][ T4431] ? should_failslab+0x8c/0xb0 [ 62.189693][ T4431] proc_create_seq_private+0xa8/0x180 [ 62.189787][ T4431] htable_create+0x2e4/0x450 [ 62.189826][ T4431] hashlimit_mt_check_common+0x5db/0x6c0 [ 62.189862][ T4431] hashlimit_mt_check_v1+0x12d/0x160 [ 62.189966][ T4431] xt_check_match+0x2ad/0x4f0 [ 62.190079][ T4431] ? strnlen+0x28/0x50 [ 62.190111][ T4431] ? strcmp+0x22/0x50 [ 62.190144][ T4431] ? xt_find_match+0x1d1/0x210 [ 62.190178][ T4431] translate_table+0xa9c/0xf90 [ 62.190285][ T4431] ? _copy_from_user+0x89/0xb0 [ 62.190339][ T4431] do_ipt_set_ctl+0x66f/0x820 [ 62.190386][ T4431] nf_setsockopt+0x199/0x1b0 [ 62.190413][ T4431] ip_setsockopt+0x102/0x110 [ 62.190515][ T4431] udp_setsockopt+0x99/0xb0 [ 62.190565][ T4431] sock_common_setsockopt+0x69/0x80 [ 62.190603][ T4431] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 62.190642][ T4431] __sys_setsockopt+0x181/0x200 [ 62.190712][ T4431] __x64_sys_setsockopt+0x64/0x80 [ 62.190737][ T4431] x64_sys_call+0x2bd5/0x2fb0 [ 62.190780][ T4431] do_syscall_64+0xd2/0x200 [ 62.190810][ T4431] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 62.190845][ T4431] ? clear_bhb_loop+0x40/0x90 [ 62.190873][ T4431] ? clear_bhb_loop+0x40/0x90 [ 62.190904][ T4431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.191009][ T4431] RIP: 0033:0x7f79eb41e969 [ 62.191027][ T4431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.191120][ T4431] RSP: 002b:00007f79e9a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 62.191144][ T4431] RAX: ffffffffffffffda RBX: 00007f79eb645fa0 RCX: 00007f79eb41e969 [ 62.191161][ T4431] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 62.191178][ T4431] RBP: 00007f79e9a87090 R08: 00000000000003c8 R09: 0000000000000000 [ 62.191195][ T4431] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000001 [ 62.191212][ T4431] R13: 0000000000000000 R14: 00007f79eb645fa0 R15: 00007ffe74b2cde8 [ 62.191293][ T4431] [ 62.564822][ T4443] loop2: detected capacity change from 0 to 764 [ 62.598576][ T4443] Symlink component flag not implemented [ 62.609024][ T4443] Symlink component flag not implemented (7) [ 62.626130][ T4449] loop1: detected capacity change from 0 to 128 [ 62.645245][ T4450] loop4: detected capacity change from 0 to 128 [ 62.741071][ T4450] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 62.749116][ T4461] program syz.3.289 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 62.790184][ T4450] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.791058][ T4463] program syz.1.288 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 62.810514][ T4461] loop3: detected capacity change from 0 to 512 [ 62.825884][ T4467] loop2: detected capacity change from 0 to 128 [ 62.832511][ T4463] loop1: detected capacity change from 0 to 512 [ 62.842161][ T4463] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 62.851538][ T4463] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 62.860257][ T4461] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 62.860277][ T4461] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 62.860888][ T4461] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 62.861031][ T4461] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 62.861064][ T4461] System zones: 0-2, 18-18, 34-35 [ 62.887978][ T4461] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 62.923111][ T4461] netlink: 'syz.3.289': attribute type 3 has an invalid length. [ 62.941768][ T3321] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 62.942134][ T4463] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 62.946423][ T4463] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 62.990212][ T4463] System zones: 0-2, 18-18, 34-35 [ 62.996143][ T4463] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.013043][ T4472] loop4: detected capacity change from 0 to 1024 [ 63.028753][ T4472] EXT4-fs: Ignoring removed orlov option [ 63.039705][ T4472] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 63.069877][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.091225][ T4472] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.125839][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.164210][ T4482] FAULT_INJECTION: forcing a failure. [ 63.164210][ T4482] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 63.178147][ T4482] CPU: 1 UID: 0 PID: 4482 Comm: syz.4.297 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 63.178218][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.178255][ T4482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 63.178270][ T4482] Call Trace: [ 63.178277][ T4482] [ 63.178286][ T4482] __dump_stack+0x1d/0x30 [ 63.178311][ T4482] dump_stack_lvl+0xe8/0x140 [ 63.178350][ T4482] dump_stack+0x15/0x1b [ 63.178371][ T4482] should_fail_ex+0x265/0x280 [ 63.178473][ T4482] should_fail+0xb/0x20 [ 63.178499][ T4482] should_fail_usercopy+0x1a/0x20 [ 63.178531][ T4482] _copy_from_iter+0xcf/0xe40 [ 63.178595][ T4482] ? __build_skb_around+0x1a0/0x200 [ 63.178636][ T4482] ? __alloc_skb+0x223/0x320 [ 63.178680][ T4482] netlink_sendmsg+0x471/0x6b0 [ 63.178707][ T4482] ? __pfx_netlink_sendmsg+0x10/0x10 [ 63.178801][ T4482] __sock_sendmsg+0x142/0x180 [ 63.178827][ T4482] ____sys_sendmsg+0x31e/0x4e0 [ 63.178855][ T4482] ___sys_sendmsg+0x17b/0x1d0 [ 63.178888][ T4482] __x64_sys_sendmsg+0xd4/0x160 [ 63.178963][ T4482] x64_sys_call+0x2999/0x2fb0 [ 63.178997][ T4482] do_syscall_64+0xd2/0x200 [ 63.179028][ T4482] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 63.179117][ T4482] ? clear_bhb_loop+0x40/0x90 [ 63.179143][ T4482] ? clear_bhb_loop+0x40/0x90 [ 63.179171][ T4482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 63.179198][ T4482] RIP: 0033:0x7ff2d65ae969 [ 63.179218][ T4482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 63.179238][ T4482] RSP: 002b:00007ff2d4c17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 63.179257][ T4482] RAX: ffffffffffffffda RBX: 00007ff2d67d5fa0 RCX: 00007ff2d65ae969 [ 63.179269][ T4482] RDX: 0000000000040010 RSI: 0000200000000140 RDI: 0000000000000003 [ 63.179281][ T4482] RBP: 00007ff2d4c17090 R08: 0000000000000000 R09: 0000000000000000 [ 63.179292][ T4482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 63.179364][ T4482] R13: 0000000000000000 R14: 00007ff2d67d5fa0 R15: 00007ffce005e258 [ 63.179462][ T4482] [ 63.485144][ T4489] loop4: detected capacity change from 0 to 128 [ 63.643691][ T4498] loop0: detected capacity change from 0 to 128 [ 63.659449][ T4500] netlink: 'syz.4.303': attribute type 1 has an invalid length. [ 63.745882][ T4507] loop4: detected capacity change from 0 to 764 [ 63.778306][ T4511] program syz.1.308 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 63.801085][ T4513] netlink: 24 bytes leftover after parsing attributes in process `syz.0.309'. [ 63.813135][ T4507] Symlink component flag not implemented [ 63.820030][ T4507] Symlink component flag not implemented (7) [ 63.820056][ T4511] loop1: detected capacity change from 0 to 512 [ 63.838528][ T4511] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 63.848806][ T4511] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 63.860328][ T4511] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 63.880656][ T4519] loop4: detected capacity change from 0 to 128 [ 63.898909][ T4511] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 63.909236][ T4511] System zones: 0-2, 18-18, 34-35 [ 63.915124][ T4511] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 64.060512][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.148150][ T4531] netlink: 'syz.3.315': attribute type 39 has an invalid length. [ 64.197124][ T4542] FAULT_INJECTION: forcing a failure. [ 64.197124][ T4542] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 64.211076][ T4542] CPU: 1 UID: 0 PID: 4542 Comm: syz.3.319 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 64.211103][ T4542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 64.211118][ T4542] Call Trace: [ 64.211123][ T4542] [ 64.211172][ T4542] __dump_stack+0x1d/0x30 [ 64.211199][ T4542] dump_stack_lvl+0xe8/0x140 [ 64.211224][ T4542] dump_stack+0x15/0x1b [ 64.211246][ T4542] should_fail_ex+0x265/0x280 [ 64.211326][ T4542] should_fail+0xb/0x20 [ 64.211349][ T4542] should_fail_usercopy+0x1a/0x20 [ 64.211461][ T4542] _copy_to_user+0x20/0xa0 [ 64.211502][ T4542] simple_read_from_buffer+0xb5/0x130 [ 64.211534][ T4542] proc_fail_nth_read+0x100/0x140 [ 64.211590][ T4542] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 64.211626][ T4542] vfs_read+0x19d/0x6f0 [ 64.211659][ T4542] ? __rcu_read_unlock+0x4f/0x70 [ 64.211750][ T4542] ? __fget_files+0x184/0x1c0 [ 64.211785][ T4542] ksys_read+0xda/0x1a0 [ 64.211821][ T4542] __x64_sys_read+0x40/0x50 [ 64.211910][ T4542] x64_sys_call+0x2d77/0x2fb0 [ 64.211936][ T4542] do_syscall_64+0xd2/0x200 [ 64.212040][ T4542] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 64.212073][ T4542] ? clear_bhb_loop+0x40/0x90 [ 64.212101][ T4542] ? clear_bhb_loop+0x40/0x90 [ 64.212123][ T4542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.212172][ T4542] RIP: 0033:0x7f13b28bd37c [ 64.212191][ T4542] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 64.212439][ T4542] RSP: 002b:00007f13b0f27030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 64.212461][ T4542] RAX: ffffffffffffffda RBX: 00007f13b2ae5fa0 RCX: 00007f13b28bd37c [ 64.212477][ T4542] RDX: 000000000000000f RSI: 00007f13b0f270a0 RDI: 0000000000000008 [ 64.212542][ T4542] RBP: 00007f13b0f27090 R08: 0000000000000000 R09: 0000000000000000 [ 64.212556][ T4542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 64.212568][ T4542] R13: 0000000000000000 R14: 00007f13b2ae5fa0 R15: 00007fff6e405d98 [ 64.212588][ T4542] [ 64.216263][ T4539] loop0: detected capacity change from 0 to 512 [ 64.362001][ T4547] loop3: detected capacity change from 0 to 128 [ 64.380468][ T4539] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 64.464582][ T4548] loop4: detected capacity change from 0 to 2048 [ 64.479130][ T4539] EXT4-fs (loop0): 1 truncate cleaned up [ 64.488078][ T4539] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.518780][ T4548] EXT4-fs (loop4): failed to initialize system zone (-117) [ 64.520395][ T4547] FAT-fs (loop3): Directory bread(block 162) failed [ 64.526574][ T4548] EXT4-fs (loop4): mount failed [ 64.534412][ T4547] FAT-fs (loop3): Directory bread(block 163) failed [ 64.545685][ T4547] FAT-fs (loop3): Directory bread(block 164) failed [ 64.553316][ T4547] FAT-fs (loop3): Directory bread(block 165) failed [ 64.560851][ T4547] FAT-fs (loop3): Directory bread(block 166) failed [ 64.591799][ T4547] FAT-fs (loop3): Directory bread(block 167) failed [ 64.599899][ T4547] FAT-fs (loop3): Directory bread(block 168) failed [ 64.607793][ T4547] FAT-fs (loop3): Directory bread(block 169) failed [ 64.628236][ T4554] loop4: detected capacity change from 0 to 128 [ 64.649835][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.697909][ T4558] loop4: detected capacity change from 0 to 128 [ 64.706481][ T4561] loop0: detected capacity change from 0 to 128 [ 64.717067][ T4562] FAT-fs (loop3): Directory bread(block 162) failed [ 64.737375][ T4562] FAT-fs (loop3): Directory bread(block 163) failed [ 64.747392][ T4561] FAT-fs (loop0): Directory bread(block 162) failed [ 64.756212][ T4558] netlink: 1192 bytes leftover after parsing attributes in process `syz.4.325'. [ 64.769019][ T4561] FAT-fs (loop0): Directory bread(block 163) failed [ 64.769785][ T4564] program syz.1.326 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 64.776523][ T4561] FAT-fs (loop0): Directory bread(block 164) failed [ 64.796131][ T4561] FAT-fs (loop0): Directory bread(block 165) failed [ 64.804247][ T4561] FAT-fs (loop0): Directory bread(block 166) failed [ 64.807891][ T4565] bio_check_eod: 11 callbacks suppressed [ 64.807912][ T4565] syz.3.321: attempt to access beyond end of device [ 64.807912][ T4565] loop3: rw=3, sector=226, nr_sectors = 6 limit=128 [ 64.837897][ T4565] syz.3.321: attempt to access beyond end of device [ 64.837897][ T4565] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 64.860645][ T4561] FAT-fs (loop0): Directory bread(block 167) failed [ 64.869164][ T29] kauditd_printk_skb: 111 callbacks suppressed [ 64.869176][ T29] audit: type=1400 audit(1748415597.700:688): avc: denied { write } for pid=4546 comm="syz.3.321" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 64.878869][ T4561] FAT-fs (loop0): Directory bread(block 168) failed [ 64.915053][ T4569] netlink: 'syz.2.327': attribute type 1 has an invalid length. [ 64.923702][ T4570] netlink: 'syz.2.327': attribute type 1 has an invalid length. [ 64.937910][ T4558] syz.4.325: attempt to access beyond end of device [ 64.937910][ T4558] loop4: rw=2049, sector=129, nr_sectors = 16 limit=128 [ 64.939573][ T29] audit: type=1326 audit(1748415597.750:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd70683e969 code=0x7ffc0000 [ 64.952929][ T4561] FAT-fs (loop0): Directory bread(block 169) failed [ 64.975097][ T29] audit: type=1326 audit(1748415597.750:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd70683e969 code=0x7ffc0000 [ 64.983833][ T4558] syz.4.325: attempt to access beyond end of device [ 64.983833][ T4558] loop4: rw=2049, sector=153, nr_sectors = 8 limit=128 [ 65.005711][ T29] audit: type=1326 audit(1748415597.750:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd70683e969 code=0x7ffc0000 [ 65.005753][ T29] audit: type=1326 audit(1748415597.750:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd70683e969 code=0x7ffc0000 [ 65.028435][ T4570] 8021q: adding VLAN 0 to HW filter on device bond2 [ 65.043354][ T29] audit: type=1326 audit(1748415597.750:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd70683e969 code=0x7ffc0000 [ 65.072408][ T4561] FAT-fs (loop0): Directory bread(block 162) failed [ 65.074476][ T29] audit: type=1326 audit(1748415597.750:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd70683e969 code=0x7ffc0000 [ 65.100698][ T4558] syz.4.325: attempt to access beyond end of device [ 65.100698][ T4558] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 65.105779][ T29] audit: type=1326 audit(1748415597.750:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd70683e969 code=0x7ffc0000 [ 65.170175][ T29] audit: type=1326 audit(1748415597.750:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd70683e969 code=0x7ffc0000 [ 65.193963][ T29] audit: type=1326 audit(1748415597.750:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7fd70683e969 code=0x7ffc0000 [ 65.220417][ T4561] FAT-fs (loop0): Directory bread(block 163) failed [ 65.220891][ T4558] syz.4.325: attempt to access beyond end of device [ 65.220891][ T4558] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 65.228752][ T4561] syz.0.323: attempt to access beyond end of device [ 65.228752][ T4561] loop0: rw=3, sector=226, nr_sectors = 6 limit=128 [ 65.265335][ T4558] syz.4.325: attempt to access beyond end of device [ 65.265335][ T4558] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 65.280878][ T4558] syz.4.325: attempt to access beyond end of device [ 65.280878][ T4558] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 65.294511][ T4558] syz.4.325: attempt to access beyond end of device [ 65.294511][ T4558] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 65.309278][ T4576] Cannot find del_set index 0 as target [ 65.333417][ T4575] lo speed is unknown, defaulting to 1000 [ 65.416764][ T4582] loop0: detected capacity change from 0 to 128 [ 65.451733][ T4585] loop3: detected capacity change from 0 to 128 [ 65.462475][ T4584] FAULT_INJECTION: forcing a failure. [ 65.462475][ T4584] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 65.484036][ T4584] CPU: 1 UID: 0 PID: 4584 Comm: syz.4.332 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 65.484084][ T4584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 65.484101][ T4584] Call Trace: [ 65.484109][ T4584] [ 65.484119][ T4584] __dump_stack+0x1d/0x30 [ 65.484180][ T4584] dump_stack_lvl+0xe8/0x140 [ 65.484214][ T4584] dump_stack+0x15/0x1b [ 65.484233][ T4584] should_fail_ex+0x265/0x280 [ 65.484289][ T4584] should_fail_alloc_page+0xf2/0x100 [ 65.484334][ T4584] __alloc_frozen_pages_noprof+0xff/0x360 [ 65.484369][ T4584] alloc_pages_mpol+0xb3/0x250 [ 65.484479][ T4584] alloc_pages_noprof+0x90/0x130 [ 65.484546][ T4584] pgd_alloc+0x51/0x2e0 [ 65.484580][ T4584] mm_init+0x37c/0x850 [ 65.484667][ T4584] ? kmem_cache_alloc_noprof+0x220/0x310 [ 65.484692][ T4584] ? copy_mm+0xdf/0x1360 [ 65.484719][ T4584] copy_mm+0x11b/0x1360 [ 65.484749][ T4584] ? __hrtimer_setup+0x144/0x170 [ 65.484776][ T4584] ? __pfx_it_real_fn+0x10/0x10 [ 65.484810][ T4584] ? __pfx_it_real_fn+0x10/0x10 [ 65.484900][ T4584] ? tty_audit_fork+0x4b/0x60 [ 65.484920][ T4584] ? __init_rwsem+0x5d/0x70 [ 65.484949][ T4584] copy_process+0xcf1/0x1fe0 [ 65.484988][ T4584] kernel_clone+0x16c/0x5b0 [ 65.485030][ T4584] __se_sys_clone3+0x1c2/0x200 [ 65.485081][ T4584] __x64_sys_clone3+0x31/0x40 [ 65.485119][ T4584] x64_sys_call+0x10c9/0x2fb0 [ 65.485160][ T4584] do_syscall_64+0xd2/0x200 [ 65.485188][ T4584] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 65.485239][ T4584] ? clear_bhb_loop+0x40/0x90 [ 65.485265][ T4584] ? clear_bhb_loop+0x40/0x90 [ 65.485293][ T4584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.485344][ T4584] RIP: 0033:0x7ff2d65ae969 [ 65.485366][ T4584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.485384][ T4584] RSP: 002b:00007ff2d4c16f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 65.485486][ T4584] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007ff2d65ae969 [ 65.485503][ T4584] RDX: 00007ff2d4c16f20 RSI: 0000000000000058 RDI: 00007ff2d4c16f20 [ 65.485519][ T4584] RBP: 00007ff2d4c17090 R08: 0000000000000000 R09: 0000000000000058 [ 65.485534][ T4584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 65.485550][ T4584] R13: 0000000000000000 R14: 00007ff2d67d5fa0 R15: 00007ffce005e258 [ 65.485574][ T4584] [ 65.813819][ T4585] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 65.833878][ T4585] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.863860][ T4582] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 65.961587][ T4582] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 66.109667][ T4602] loop2: detected capacity change from 0 to 764 [ 66.137439][ T4602] Symlink component flag not implemented [ 66.227919][ T4604] program syz.0.339 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 66.234428][ T4602] Symlink component flag not implemented (7) [ 66.261829][ T4604] loop0: detected capacity change from 0 to 512 [ 66.318749][ T4604] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 66.328221][ T4604] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 66.347831][ T4604] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 66.358926][ T4604] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 66.367171][ T4604] System zones: 0-2, 18-18, 34-35 [ 66.389763][ T4604] netlink: 'syz.0.339': attribute type 3 has an invalid length. [ 66.541630][ T4614] loop2: detected capacity change from 0 to 764 [ 66.613372][ T4614] Symlink component flag not implemented [ 66.621280][ T4614] Symlink component flag not implemented (7) [ 66.717067][ T4623] macvlan2: entered promiscuous mode [ 66.724745][ T4623] bridge0: entered promiscuous mode [ 66.745605][ T4618] loop3: detected capacity change from 0 to 512 [ 66.777974][ T4627] loop2: detected capacity change from 0 to 128 [ 66.813641][ T4618] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.345: bad orphan inode 15 [ 66.833971][ T4630] netlink: 4 bytes leftover after parsing attributes in process `syz.4.350'. [ 66.847033][ T4627] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 66.863341][ T4630] capability: warning: `syz.4.350' uses deprecated v2 capabilities in a way that may be insecure [ 66.868405][ T4618] ext4_test_bit(bit=14, block=18) = 1 [ 66.881273][ T4618] is_bad_inode(inode)=0 [ 66.885906][ T4618] NEXT_ORPHAN(inode)=1023 [ 66.890714][ T4618] max_ino=32 [ 66.894525][ T4618] i_nlink=0 [ 66.933954][ T4618] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2962: inode #15: comm syz.3.345: corrupted xattr block 19: invalid header [ 66.951219][ T4618] EXT4-fs warning (device loop3): ext4_evict_inode:279: xattr delete (err -117) [ 66.994681][ T4618] ext4 filesystem being mounted at /71/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 67.009697][ T4640] program syz.4.353 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 67.024384][ T4640] loop4: detected capacity change from 0 to 512 [ 67.049017][ T4640] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 67.058735][ T4640] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 67.095632][ T4640] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 67.105655][ T4640] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 67.114749][ T4640] System zones: 0-2, 18-18, 34-35 [ 67.125769][ T4648] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4648 comm=syz.1.356 [ 67.166964][ T4650] Cannot find del_set index 0 as target [ 67.175175][ T4640] netlink: 'syz.4.353': attribute type 3 has an invalid length. [ 67.199472][ T4650] loop3: detected capacity change from 0 to 2048 [ 67.217285][ T1041] hid-generic 0000:0003:0800.0002: unknown main item tag 0x0 [ 67.224882][ T1041] hid-generic 0000:0003:0800.0002: unknown main item tag 0x0 [ 67.232434][ T1041] hid-generic 0000:0003:0800.0002: unknown main item tag 0x0 [ 67.246355][ T1041] hid-generic 0000:0003:0800.0002: hidraw0: HID vffffff.fe Device [syz1] on syz1 [ 67.280455][ T4650] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 67.423639][ T4670] FAULT_INJECTION: forcing a failure. [ 67.423639][ T4670] name failslab, interval 1, probability 0, space 0, times 0 [ 67.437299][ T4670] CPU: 1 UID: 0 PID: 4670 Comm: syz.2.363 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 67.437336][ T4670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 67.437353][ T4670] Call Trace: [ 67.437362][ T4670] [ 67.437372][ T4670] __dump_stack+0x1d/0x30 [ 67.437397][ T4670] dump_stack_lvl+0xe8/0x140 [ 67.437418][ T4670] dump_stack+0x15/0x1b [ 67.437449][ T4670] should_fail_ex+0x265/0x280 [ 67.437492][ T4670] should_failslab+0x8c/0xb0 [ 67.437558][ T4670] kmem_cache_alloc_node_noprof+0x57/0x320 [ 67.437591][ T4670] ? __alloc_skb+0x101/0x320 [ 67.437627][ T4670] __alloc_skb+0x101/0x320 [ 67.437694][ T4670] ? audit_log_start+0x365/0x6c0 [ 67.437737][ T4670] audit_log_start+0x380/0x6c0 [ 67.437775][ T4670] ? ns_to_kernel_old_timeval+0x6c/0xb0 [ 67.437816][ T4670] ? getrusage+0xb66/0xbb0 [ 67.437904][ T4670] audit_seccomp+0x48/0x100 [ 67.437949][ T4670] ? __seccomp_filter+0x68c/0x10d0 [ 67.437979][ T4670] __seccomp_filter+0x69d/0x10d0 [ 67.438011][ T4670] ? should_fail_ex+0xdb/0x280 [ 67.438109][ T4670] ? _copy_to_user+0x7c/0xa0 [ 67.438154][ T4670] __secure_computing+0x82/0x150 [ 67.438254][ T4670] syscall_trace_enter+0xcf/0x1e0 [ 67.438362][ T4670] do_syscall_64+0xac/0x200 [ 67.438394][ T4670] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 67.438428][ T4670] ? clear_bhb_loop+0x40/0x90 [ 67.438454][ T4670] ? clear_bhb_loop+0x40/0x90 [ 67.438475][ T4670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.438557][ T4670] RIP: 0033:0x7fd70683d37c [ 67.438577][ T4670] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 67.438599][ T4670] RSP: 002b:00007fd704ea7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 67.438623][ T4670] RAX: ffffffffffffffda RBX: 00007fd706a65fa0 RCX: 00007fd70683d37c [ 67.438636][ T4670] RDX: 000000000000000f RSI: 00007fd704ea70a0 RDI: 0000000000000003 [ 67.438688][ T4670] RBP: 00007fd704ea7090 R08: 0000000000000000 R09: 0000000000000000 [ 67.438771][ T4670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 67.438784][ T4670] R13: 0000000000000000 R14: 00007fd706a65fa0 R15: 00007ffc78986b28 [ 67.438803][ T4670] [ 67.814152][ T31] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 345: padding at end of block bitmap is not set [ 67.828653][ T4680] netlink: 'syz.0.364': attribute type 3 has an invalid length. [ 67.899934][ T31] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 669 with error 117 [ 67.916496][ T31] EXT4-fs (loop3): This should not happen!! Data will be lost [ 67.916496][ T31] [ 67.953369][ T4687] loop2: detected capacity change from 0 to 164 [ 68.078179][ T4694] netlink: 'syz.2.372': attribute type 13 has an invalid length. [ 68.422322][ T4694] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.430326][ T4694] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.704991][ T4694] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.714906][ T4714] loop4: detected capacity change from 0 to 256 [ 68.763294][ T4714] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 68.772245][ T4716] FAULT_INJECTION: forcing a failure. [ 68.772245][ T4716] name failslab, interval 1, probability 0, space 0, times 0 [ 68.778456][ T4694] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.792398][ T4716] CPU: 1 UID: 0 PID: 4716 Comm: syz.1.378 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 68.792498][ T4716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 68.792516][ T4716] Call Trace: [ 68.792526][ T4716] [ 68.792538][ T4716] __dump_stack+0x1d/0x30 [ 68.792568][ T4716] dump_stack_lvl+0xe8/0x140 [ 68.792596][ T4716] dump_stack+0x15/0x1b [ 68.792619][ T4716] should_fail_ex+0x265/0x280 [ 68.792689][ T4716] should_failslab+0x8c/0xb0 [ 68.792799][ T4716] kmem_cache_alloc_node_noprof+0x57/0x320 [ 68.792831][ T4716] ? __alloc_skb+0x101/0x320 [ 68.792897][ T4716] __alloc_skb+0x101/0x320 [ 68.792936][ T4716] ? audit_log_start+0x365/0x6c0 [ 68.793067][ T4716] audit_log_start+0x380/0x6c0 [ 68.793113][ T4716] audit_seccomp+0x48/0x100 [ 68.793148][ T4716] ? __seccomp_filter+0x68c/0x10d0 [ 68.793178][ T4716] __seccomp_filter+0x69d/0x10d0 [ 68.793235][ T4716] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 68.793331][ T4716] ? vfs_write+0x75e/0x8e0 [ 68.793377][ T4716] __secure_computing+0x82/0x150 [ 68.793407][ T4716] syscall_trace_enter+0xcf/0x1e0 [ 68.793509][ T4716] do_syscall_64+0xac/0x200 [ 68.793540][ T4716] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 68.793574][ T4716] ? clear_bhb_loop+0x40/0x90 [ 68.793637][ T4716] ? clear_bhb_loop+0x40/0x90 [ 68.793747][ T4716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.793776][ T4716] RIP: 0033:0x7f79eb41e969 [ 68.793797][ T4716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.793820][ T4716] RSP: 002b:00007f79e9a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 68.793892][ T4716] RAX: ffffffffffffffda RBX: 00007f79eb645fa0 RCX: 00007f79eb41e969 [ 68.793909][ T4716] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 68.793926][ T4716] RBP: 00007f79e9a87090 R08: 0000000000000000 R09: 0000000000000000 [ 68.793971][ T4716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.793996][ T4716] R13: 0000000000000000 R14: 00007f79eb645fa0 R15: 00007ffe74b2cde8 [ 68.794022][ T4716] [ 69.136324][ T3668] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 685 with max blocks 1 with error 28 [ 69.149930][ T3668] EXT4-fs (loop3): This should not happen!! Data will be lost [ 69.149930][ T3668] [ 69.160254][ T3668] EXT4-fs (loop3): Total free blocks count 0 [ 69.166558][ T3668] EXT4-fs (loop3): Free/Dirty block details [ 69.172810][ T3668] EXT4-fs (loop3): free_blocks=0 [ 69.177987][ T3668] EXT4-fs (loop3): dirty_blocks=16 [ 69.183345][ T3668] EXT4-fs (loop3): Block reservation details [ 69.189827][ T3668] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 69.219988][ T4694] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.228946][ T4694] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.238087][ T4694] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.239608][ T4722] netlink: 'syz.1.380': attribute type 13 has an invalid length. [ 69.247415][ T4694] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.269989][ T3325] EXT4-fs unmount: 11 callbacks suppressed [ 69.314107][ T4714] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 69.322979][ T4714] FAT-fs (loop4): Filesystem has been set read-only [ 69.446752][ T4727] netlink: 4 bytes leftover after parsing attributes in process `syz.3.379'. [ 69.567258][ T4739] loop0: detected capacity change from 0 to 764 [ 69.598434][ T4739] Symlink component flag not implemented [ 69.604658][ T4739] Symlink component flag not implemented (7) [ 69.703165][ T4745] lo speed is unknown, defaulting to 1000 [ 69.734426][ T4749] Cannot find del_set index 0 as target [ 69.779136][ T4749] loop0: detected capacity change from 0 to 2048 [ 69.811359][ T4749] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.845549][ T4749] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.956281][ T29] kauditd_printk_skb: 263 callbacks suppressed [ 69.956298][ T29] audit: type=1400 audit(1748415602.790:957): avc: denied { cpu } for pid=4754 comm="syz.1.390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 70.027901][ T29] audit: type=1326 audit(1748415602.850:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 70.052424][ T29] audit: type=1326 audit(1748415602.850:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 70.078440][ T29] audit: type=1326 audit(1748415602.850:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 70.109132][ T29] audit: type=1326 audit(1748415602.850:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 70.134466][ T29] audit: type=1326 audit(1748415602.850:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 70.134612][ T29] audit: type=1326 audit(1748415602.850:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 70.134713][ T29] audit: type=1326 audit(1748415602.850:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 70.134751][ T29] audit: type=1326 audit(1748415602.850:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 70.241429][ T391] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:7: bg 0: block 345: padding at end of block bitmap is not set [ 70.247147][ T391] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 492 with error 117 [ 70.247189][ T391] EXT4-fs (loop0): This should not happen!! Data will be lost [ 70.247189][ T391] [ 70.287603][ T29] audit: type=1326 audit(1748415602.870:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 70.298253][ T4760] xt_CT: No such helper "pptp" [ 70.623560][ T4780] syz.2.398 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 70.717926][ T4786] netlink: 28 bytes leftover after parsing attributes in process `syz.4.400'. [ 70.741528][ T4787] loop2: detected capacity change from 0 to 512 [ 70.749228][ T4786] netem: change failed [ 70.759873][ T4787] EXT4-fs: Ignoring removed i_version option [ 70.764969][ T4782] lo speed is unknown, defaulting to 1000 [ 70.768056][ T4787] EXT4-fs: Ignoring removed mblk_io_submit option [ 70.815054][ T4787] EXT4-fs error (device loop2): ext4_orphan_get:1391: comm syz.2.399: inode #13: comm syz.2.399: iget: illegal inode # [ 70.845258][ T4787] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.399: couldn't read orphan inode 13 (err -117) [ 70.864579][ T4793] loop3: detected capacity change from 0 to 512 [ 70.894855][ T4793] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.401: Failed to acquire dquot type 1 [ 70.909510][ T4793] EXT4-fs (loop3): 1 truncate cleaned up [ 70.915906][ T4793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.930555][ T4787] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.944484][ T4793] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 70.947037][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.967211][ T4782] netlink: 96 bytes leftover after parsing attributes in process `syz.2.399'. [ 70.990538][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.003729][ T4793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.097450][ T4793] netlink: 36 bytes leftover after parsing attributes in process `syz.3.401'. [ 71.210826][ T4804] loop4: detected capacity change from 0 to 512 [ 71.224366][ T4804] EXT4-fs: Ignoring removed mblk_io_submit option [ 71.263709][ T4806] loop0: detected capacity change from 0 to 2048 [ 71.297574][ T4804] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 71.318628][ T3910] loop0: p1 < > p4 [ 71.320037][ T4804] EXT4-fs (loop4): 1 truncate cleaned up [ 71.333220][ T3910] loop0: p4 size 8388608 extends beyond EOD, truncated [ 71.338392][ T4804] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.359662][ T4806] loop0: p1 < > p4 [ 71.370104][ T4806] loop0: p4 size 8388608 extends beyond EOD, truncated [ 71.530657][ T4804] EXT4-fs error (device loop4): ext4_search_dir:1476: inode #12: block 7: comm syz.4.405: bad entry in directory: inode out of bounds - offset=0, inode=16777215, rec_len=16, size=56 fake=0 [ 71.565302][ T4811] netlink: 'syz.1.407': attribute type 13 has an invalid length. [ 71.606136][ T4804] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 71.618439][ T4804] netlink: 20 bytes leftover after parsing attributes in process `syz.4.405'. [ 71.659028][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.745845][ T4825] loop4: detected capacity change from 0 to 512 [ 71.757373][ T4825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.773316][ T4825] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 71.805981][ T3321] EXT4-fs error (device loop4): ext4_readdir:264: inode #12: block 32: comm syz-executor: path /88/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 71.817406][ T4827] netlink: 'syz.3.408': attribute type 13 has an invalid length. [ 71.833720][ T3321] EXT4-fs (loop4): Remounting filesystem read-only [ 71.850746][ T4827] bridge0: left promiscuous mode [ 71.911933][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.926297][ T4831] random: crng reseeded on system resumption [ 72.230612][ T4845] loop0: detected capacity change from 0 to 764 [ 72.243187][ T4845] Symlink component flag not implemented [ 72.251458][ T4845] Symlink component flag not implemented (7) [ 72.284979][ T4847] netlink: 28 bytes leftover after parsing attributes in process `syz.0.418'. [ 72.294622][ T4847] netem: change failed [ 72.318027][ T4849] loop0: detected capacity change from 0 to 512 [ 72.325236][ T4849] EXT4-fs: Ignoring removed orlov option [ 72.332910][ T4849] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #2: block 3: comm syz.0.419: lblock 0 mapped to illegal pblock 3 (length 1) [ 72.348798][ T4849] EXT4-fs warning (device loop0): dx_probe:793: inode #2: lblock 0: comm syz.0.419: error -117 reading directory block [ 72.362563][ T4849] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 72.372576][ T4849] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.401190][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.427858][ T4853] FAULT_INJECTION: forcing a failure. [ 72.427858][ T4853] name failslab, interval 1, probability 0, space 0, times 0 [ 72.443782][ T4853] CPU: 1 UID: 0 PID: 4853 Comm: syz.0.420 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 72.443815][ T4853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 72.443828][ T4853] Call Trace: [ 72.443914][ T4853] [ 72.443922][ T4853] __dump_stack+0x1d/0x30 [ 72.444023][ T4853] dump_stack_lvl+0xe8/0x140 [ 72.444044][ T4853] dump_stack+0x15/0x1b [ 72.444137][ T4853] should_fail_ex+0x265/0x280 [ 72.444173][ T4853] should_failslab+0x8c/0xb0 [ 72.444214][ T4853] __kmalloc_noprof+0xa5/0x3e0 [ 72.444242][ T4853] ? genl_family_rcv_msg_attrs_parse+0x75/0x190 [ 72.444320][ T4853] genl_family_rcv_msg_attrs_parse+0x75/0x190 [ 72.444356][ T4853] genl_family_rcv_msg_doit+0x48/0x1b0 [ 72.444389][ T4853] ? security_capable+0x83/0x90 [ 72.444416][ T4853] ? ns_capable+0x7d/0xb0 [ 72.444452][ T4853] genl_rcv_msg+0x422/0x460 [ 72.444551][ T4853] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 72.444572][ T4853] netlink_rcv_skb+0x120/0x220 [ 72.444603][ T4853] ? __pfx_genl_rcv_msg+0x10/0x10 [ 72.444682][ T4853] genl_rcv+0x28/0x40 [ 72.444701][ T4853] netlink_unicast+0x5a1/0x670 [ 72.444730][ T4853] netlink_sendmsg+0x58b/0x6b0 [ 72.444748][ T4853] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.444830][ T4853] __sock_sendmsg+0x142/0x180 [ 72.444855][ T4853] ____sys_sendmsg+0x31e/0x4e0 [ 72.444877][ T4853] ___sys_sendmsg+0x17b/0x1d0 [ 72.444969][ T4853] __x64_sys_sendmsg+0xd4/0x160 [ 72.444990][ T4853] x64_sys_call+0x2999/0x2fb0 [ 72.445011][ T4853] do_syscall_64+0xd2/0x200 [ 72.445034][ T4853] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 72.445102][ T4853] ? clear_bhb_loop+0x40/0x90 [ 72.445131][ T4853] ? clear_bhb_loop+0x40/0x90 [ 72.445150][ T4853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.445169][ T4853] RIP: 0033:0x7fb13547e969 [ 72.445184][ T4853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.445224][ T4853] RSP: 002b:00007fb133ae7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.445241][ T4853] RAX: ffffffffffffffda RBX: 00007fb1356a5fa0 RCX: 00007fb13547e969 [ 72.445252][ T4853] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 72.445264][ T4853] RBP: 00007fb133ae7090 R08: 0000000000000000 R09: 0000000000000000 [ 72.445274][ T4853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 72.445285][ T4853] R13: 0000000000000000 R14: 00007fb1356a5fa0 R15: 00007ffe1ad5b408 [ 72.445356][ T4853] [ 72.779122][ T4857] loop2: detected capacity change from 0 to 128 [ 72.793147][ T4857] netlink: 1192 bytes leftover after parsing attributes in process `syz.2.422'. [ 72.820349][ T4857] bio_check_eod: 4 callbacks suppressed [ 72.820368][ T4857] syz.2.422: attempt to access beyond end of device [ 72.820368][ T4857] loop2: rw=2049, sector=129, nr_sectors = 16 limit=128 [ 72.841306][ T4857] syz.2.422: attempt to access beyond end of device [ 72.841306][ T4857] loop2: rw=2049, sector=153, nr_sectors = 8 limit=128 [ 72.856681][ T4857] syz.2.422: attempt to access beyond end of device [ 72.856681][ T4857] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 72.872362][ T4857] syz.2.422: attempt to access beyond end of device [ 72.872362][ T4857] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 72.887136][ T4857] syz.2.422: attempt to access beyond end of device [ 72.887136][ T4857] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 72.913676][ T4857] syz.2.422: attempt to access beyond end of device [ 72.913676][ T4857] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 72.932431][ T4857] syz.2.422: attempt to access beyond end of device [ 72.932431][ T4857] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 72.947056][ T4857] syz.2.422: attempt to access beyond end of device [ 72.947056][ T4857] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 72.977599][ T4857] syz.2.422: attempt to access beyond end of device [ 72.977599][ T4857] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 72.992882][ T4857] syz.2.422: attempt to access beyond end of device [ 72.992882][ T4857] loop2: rw=2049, sector=281, nr_sectors = 9 limit=128 [ 73.018701][ T4865] netlink: 16 bytes leftover after parsing attributes in process `syz.4.425'. [ 73.178650][ T4875] FAULT_INJECTION: forcing a failure. [ 73.178650][ T4875] name failslab, interval 1, probability 0, space 0, times 0 [ 73.195040][ T4875] CPU: 1 UID: 0 PID: 4875 Comm: syz.4.428 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 73.195068][ T4875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 73.195081][ T4875] Call Trace: [ 73.195087][ T4875] [ 73.195094][ T4875] __dump_stack+0x1d/0x30 [ 73.195115][ T4875] dump_stack_lvl+0xe8/0x140 [ 73.195138][ T4875] dump_stack+0x15/0x1b [ 73.195159][ T4875] should_fail_ex+0x265/0x280 [ 73.195192][ T4875] should_failslab+0x8c/0xb0 [ 73.195232][ T4875] kmem_cache_alloc_noprof+0x50/0x310 [ 73.195255][ T4875] ? vm_area_dup+0x32/0x230 [ 73.195284][ T4875] vm_area_dup+0x32/0x230 [ 73.195312][ T4875] copy_mm+0x72c/0x1360 [ 73.195346][ T4875] copy_process+0xcf1/0x1fe0 [ 73.195377][ T4875] kernel_clone+0x16c/0x5b0 [ 73.195405][ T4875] ? vfs_write+0x75e/0x8e0 [ 73.195595][ T4875] __x64_sys_clone+0xe6/0x120 [ 73.195640][ T4875] x64_sys_call+0x2c59/0x2fb0 [ 73.195667][ T4875] do_syscall_64+0xd2/0x200 [ 73.195692][ T4875] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 73.195725][ T4875] ? clear_bhb_loop+0x40/0x90 [ 73.195748][ T4875] ? clear_bhb_loop+0x40/0x90 [ 73.195769][ T4875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.195789][ T4875] RIP: 0033:0x7ff2d65ae969 [ 73.195807][ T4875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.195830][ T4875] RSP: 002b:00007ff2d4c16fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 73.195854][ T4875] RAX: ffffffffffffffda RBX: 00007ff2d67d5fa0 RCX: 00007ff2d65ae969 [ 73.195870][ T4875] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000026801000 [ 73.195886][ T4875] RBP: 00007ff2d4c17090 R08: 0000000000000000 R09: 0000000000000000 [ 73.195901][ T4875] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 73.195914][ T4875] R13: 0000000000000000 R14: 00007ff2d67d5fa0 R15: 00007ffce005e258 [ 73.195937][ T4875] [ 73.691971][ T4883] vhci_hcd: vhci_device speed not set [ 73.949319][ T4888] loop2: detected capacity change from 0 to 512 [ 73.974822][ T4888] EXT4-fs (loop2): 1 orphan inode deleted [ 73.993412][ T153] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 73.993764][ T4888] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.037830][ T4888] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.201019][ T3317] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /84/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 74.223014][ T3317] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 74.242807][ T3317] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.' [ 74.255976][ T3317] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /84/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 74.278171][ T3317] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 74.297949][ T3317] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.' [ 74.310112][ T3317] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /84/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 74.331891][ T3317] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 74.365949][ T3317] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.' [ 74.378308][ T3317] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /84/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 74.407981][ T3317] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 74.428057][ T3317] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.' [ 74.440462][ T3317] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /84/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 74.468908][ T3317] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.' [ 74.490965][ T3317] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.' [ 74.503940][ T3317] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.' [ 74.518820][ T3317] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.' [ 74.538726][ T3317] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.' [ 74.552658][ T3317] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.' [ 74.640225][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.683637][ T4901] netlink: 4 bytes leftover after parsing attributes in process `syz.1.436'. [ 74.787756][ T4909] netlink: 'syz.1.440': attribute type 21 has an invalid length. [ 74.800461][ T4909] netlink: 'syz.1.440': attribute type 6 has an invalid length. [ 74.808768][ T4909] netlink: 132 bytes leftover after parsing attributes in process `syz.1.440'. [ 74.853474][ T4909] SELinux: syz.1.440 (4909) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 74.958491][ T29] kauditd_printk_skb: 128 callbacks suppressed [ 74.958507][ T29] audit: type=1400 audit(1748415607.800:1092): avc: denied { read } for pid=3047 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 75.016302][ T153] bridge_slave_1: left allmulticast mode [ 75.022622][ T153] bridge_slave_1: left promiscuous mode [ 75.029460][ T153] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.051193][ T29] audit: type=1400 audit(1748415607.850:1093): avc: denied { search } for pid=3047 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 75.076736][ T29] audit: type=1400 audit(1748415607.850:1094): avc: denied { read } for pid=3047 comm="dhcpcd" name="n29" dev="tmpfs" ino=3711 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 75.099236][ T29] audit: type=1400 audit(1748415607.850:1095): avc: denied { open } for pid=3047 comm="dhcpcd" path="/run/udev/data/n29" dev="tmpfs" ino=3711 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 75.124377][ T29] audit: type=1400 audit(1748415607.850:1096): avc: denied { getattr } for pid=3047 comm="dhcpcd" path="/run/udev/data/n29" dev="tmpfs" ino=3711 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 75.151766][ T153] bridge_slave_0: left allmulticast mode [ 75.159055][ T153] bridge_slave_0: left promiscuous mode [ 75.165417][ T153] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.214407][ T29] audit: type=1400 audit(1748415608.050:1097): avc: denied { read } for pid=4928 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 75.266047][ T29] audit: type=1400 audit(1748415608.080:1098): avc: denied { open } for pid=4928 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 75.292064][ T29] audit: type=1400 audit(1748415608.080:1099): avc: denied { getattr } for pid=4928 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 75.350325][ T153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 75.362443][ T153] bond_slave_0: left allmulticast mode [ 75.371829][ T153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 75.387778][ T153] bond_slave_1: left allmulticast mode [ 75.398013][ T153] bond0 (unregistering): Released all slaves [ 75.410325][ T29] audit: type=1400 audit(1748415608.250:1100): avc: denied { watch watch_reads } for pid=4935 comm="syz.1.444" path="/92" dev="tmpfs" ino=501 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 75.437217][ T29] audit: type=1326 audit(1748415608.250:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4935 comm="syz.1.444" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x0 [ 75.475505][ T153] bond1 (unregistering): Released all slaves [ 75.490137][ T153] bond2 (unregistering): Released all slaves [ 75.514540][ T4940] SELinux: syz.1.444 (4940) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 75.525794][ T4910] lo speed is unknown, defaulting to 1000 [ 75.556324][ T153] hsr_slave_0: left promiscuous mode [ 75.562702][ T153] hsr_slave_1: left promiscuous mode [ 75.569990][ T153] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 75.578642][ T153] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 75.615878][ T153] team0 (unregistering): Port device team_slave_1 removed [ 75.627070][ T153] team0 (unregistering): Port device team_slave_0 removed [ 75.660426][ T4946] loop3: detected capacity change from 0 to 128 [ 75.830714][ T4910] chnl_net:caif_netlink_parms(): no params data found [ 75.914108][ T4910] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.921991][ T4910] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.930224][ T4910] bridge_slave_0: entered allmulticast mode [ 75.938595][ T4910] bridge_slave_0: entered promiscuous mode [ 75.947348][ T4910] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.955445][ T4910] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.964121][ T4910] bridge_slave_1: entered allmulticast mode [ 75.972213][ T4910] bridge_slave_1: entered promiscuous mode [ 76.007513][ T4910] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.021857][ T4910] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.051160][ T4910] team0: Port device team_slave_0 added [ 76.066440][ T4910] team0: Port device team_slave_1 added [ 76.102537][ T4910] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.109925][ T4910] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.138304][ T4910] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.153945][ T4910] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.163458][ T4910] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.200774][ T4910] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.258930][ T4910] hsr_slave_0: entered promiscuous mode [ 76.273235][ T4910] hsr_slave_1: entered promiscuous mode [ 76.444968][ T4910] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 76.465241][ T4910] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 76.488538][ T4910] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 76.504499][ T4910] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 76.564147][ T4910] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.571549][ T4910] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.579544][ T4910] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.587226][ T4910] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.665149][ T4910] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.684074][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.696269][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.735324][ T4910] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.752924][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.761051][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.833561][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.841662][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.908079][ T5013] Cannot find del_set index 0 as target [ 76.925810][ T4910] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 76.944899][ T5013] loop4: detected capacity change from 0 to 2048 [ 76.982008][ T5013] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.003219][ T5013] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.084894][ T4910] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.248585][ T5020] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 77.303391][ T5029] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 240 with error 117 [ 77.316099][ T5029] EXT4-fs (loop4): This should not happen!! Data will be lost [ 77.316099][ T5029] [ 77.368900][ T5050] loop0: detected capacity change from 0 to 128 [ 77.459901][ T4910] veth0_vlan: entered promiscuous mode [ 77.470910][ T5057] loop0: detected capacity change from 0 to 764 [ 77.479969][ T4910] veth1_vlan: entered promiscuous mode [ 77.509819][ T391] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 256 with max blocks 122 with error 117 [ 77.522925][ T391] EXT4-fs (loop4): This should not happen!! Data will be lost [ 77.522925][ T391] [ 77.524001][ T4910] veth0_macvtap: entered promiscuous mode [ 77.543177][ T5057] Symlink component flag not implemented [ 77.557907][ T5057] Symlink component flag not implemented (7) [ 77.590326][ T4910] veth1_macvtap: entered promiscuous mode [ 77.603475][ T4910] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.614779][ T4910] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.625203][ T4910] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.634646][ T4910] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.643968][ T4910] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.653382][ T4910] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.670965][ T5059] loop0: detected capacity change from 0 to 128 [ 77.703000][ T5059] netlink: 1192 bytes leftover after parsing attributes in process `syz.0.457'. [ 77.793897][ T5063] loop3: detected capacity change from 0 to 2048 [ 77.861199][ T5063] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.904252][ T5063] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.053459][ T5093] loop0: detected capacity change from 0 to 512 [ 78.149772][ T5093] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 78.159127][ T5093] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities [ 78.455502][ T5061] Cannot find del_set index 0 as target [ 78.536461][ T5119] lo speed is unknown, defaulting to 1000 [ 78.859219][ T5073] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 78.933263][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.021965][ T5075] lo speed is unknown, defaulting to 1000 [ 79.065241][ T59] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1998 with error 117 [ 79.078334][ T59] EXT4-fs (loop3): This should not happen!! Data will be lost [ 79.078334][ T59] [ 79.222777][ T5131] loop0: detected capacity change from 0 to 256 [ 79.814594][ T5157] FAULT_INJECTION: forcing a failure. [ 79.814594][ T5157] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 79.829994][ T5157] CPU: 1 UID: 0 PID: 5157 Comm: syz.1.471 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 79.830044][ T5157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 79.830061][ T5157] Call Trace: [ 79.830070][ T5157] [ 79.830081][ T5157] __dump_stack+0x1d/0x30 [ 79.830111][ T5157] dump_stack_lvl+0xe8/0x140 [ 79.830139][ T5157] dump_stack+0x15/0x1b [ 79.830160][ T5157] should_fail_ex+0x265/0x280 [ 79.830254][ T5157] should_fail_alloc_page+0xf2/0x100 [ 79.830404][ T5157] __alloc_frozen_pages_noprof+0xff/0x360 [ 79.830446][ T5157] alloc_pages_mpol+0xb3/0x250 [ 79.830474][ T5157] vma_alloc_folio_noprof+0x1aa/0x300 [ 79.830628][ T5157] do_wp_page+0x673/0x23d0 [ 79.830766][ T5157] ? __rcu_read_lock+0x37/0x50 [ 79.830878][ T5157] handle_mm_fault+0x77d/0x2c00 [ 79.830979][ T5157] ? mas_walk+0xf2/0x120 [ 79.831015][ T5157] do_user_addr_fault+0x636/0x1090 [ 79.831087][ T5157] ? fpregs_assert_state_consistent+0xb4/0xe0 [ 79.831133][ T5157] exc_page_fault+0x62/0xa0 [ 79.831159][ T5157] asm_exc_page_fault+0x26/0x30 [ 79.831209][ T5157] RIP: 0033:0x7f79eb2e0cc3 [ 79.831224][ T5157] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c [ 79.831246][ T5157] RSP: 002b:00007f79e9a864a0 EFLAGS: 00010202 [ 79.831267][ T5157] RAX: 0000000000005005 RBX: 00007f79e9a86540 RCX: 00007f79e1667000 [ 79.831284][ T5157] RDX: 00007f79e9a866e0 RSI: 0000000000000001 RDI: 00007f79e9a865e0 [ 79.831301][ T5157] RBP: 00000000000000cf R08: 0000000000000008 R09: 00000000000000a6 [ 79.831317][ T5157] R10: 00000000000000c4 R11: 00007f79e9a86540 R12: 0000000000000001 [ 79.831392][ T5157] R13: 00007f79eb4bbfc0 R14: 0000000000000010 R15: 00007f79e9a865e0 [ 79.831417][ T5157] [ 79.831445][ T5157] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 80.109569][ T5150] loop5: detected capacity change from 0 to 512 [ 80.151544][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 80.151560][ T29] audit: type=1400 audit(1748415612.990:1127): avc: denied { mounton } for pid=5149 comm="syz.5.470" path="/1/bus" dev="tmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 80.232793][ T5150] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.240116][ T5170] program syz.1.476 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 80.267784][ T5150] ext4 filesystem being mounted at /1/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 80.305904][ T5170] netlink: 'syz.1.476': attribute type 3 has an invalid length. [ 80.316830][ T5150] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.331723][ T5173] loop4: detected capacity change from 0 to 256 [ 80.344686][ T29] audit: type=1400 audit(1748415613.180:1128): avc: denied { remount } for pid=5172 comm="syz.4.475" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 80.365631][ T29] audit: type=1400 audit(1748415613.180:1129): avc: denied { setopt } for pid=5172 comm="syz.4.475" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 80.443885][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.537693][ T29] audit: type=1326 audit(1748415613.370:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5187 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 80.545958][ T5191] vhci_hcd: vhci_device speed not set [ 80.563096][ T29] audit: type=1326 audit(1748415613.370:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5187 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 80.593766][ T29] audit: type=1326 audit(1748415613.370:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5187 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 80.620809][ T29] audit: type=1326 audit(1748415613.370:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5187 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f79eb41d41f code=0x7ffc0000 [ 80.650509][ T29] audit: type=1326 audit(1748415613.370:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5187 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 80.678837][ T29] audit: type=1326 audit(1748415613.370:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5187 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 80.708196][ T29] audit: type=1326 audit(1748415613.370:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5187 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79eb41e969 code=0x7ffc0000 [ 80.742470][ T5181] loop5: detected capacity change from 0 to 512 [ 80.780321][ T5205] netlink: 64 bytes leftover after parsing attributes in process `syz.0.484'. [ 80.843238][ T5208] loop0: detected capacity change from 0 to 1024 [ 80.910996][ T5208] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.938161][ T5181] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.956961][ T5181] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 81.022311][ T5209] pim6reg1: entered promiscuous mode [ 81.028105][ T5209] pim6reg1: entered allmulticast mode [ 81.105129][ T5181] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #18: comm syz.5.479: corrupted inode contents [ 81.132358][ T5181] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #18: comm syz.5.479: mark_inode_dirty error [ 81.161181][ T5181] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #18: comm syz.5.479: corrupted inode contents [ 81.177956][ T5181] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #18: comm syz.5.479: mark_inode_dirty error [ 81.306797][ T5181] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #18: comm syz.5.479: mark inode dirty (error -117) [ 81.359772][ T5181] EXT4-fs warning (device loop5): ext4_evict_inode:279: xattr delete (err -117) [ 81.438699][ T5227] SELinux: failed to load policy [ 81.450033][ T4910] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.590924][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.674820][ T5250] netlink: 64 bytes leftover after parsing attributes in process `syz.1.496'. [ 81.699505][ T5252] loop0: detected capacity change from 0 to 128 [ 81.743518][ T5252] netlink: 1192 bytes leftover after parsing attributes in process `syz.0.497'. [ 81.800003][ T5252] bio_check_eod: 10 callbacks suppressed [ 81.800025][ T5252] syz.0.497: attempt to access beyond end of device [ 81.800025][ T5252] loop0: rw=2049, sector=129, nr_sectors = 16 limit=128 [ 81.867018][ T5252] syz.0.497: attempt to access beyond end of device [ 81.867018][ T5252] loop0: rw=2049, sector=153, nr_sectors = 8 limit=128 [ 81.911579][ T5252] syz.0.497: attempt to access beyond end of device [ 81.911579][ T5252] loop0: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 81.951504][ T5261] loop4: detected capacity change from 0 to 764 [ 81.958069][ T5252] syz.0.497: attempt to access beyond end of device [ 81.958069][ T5252] loop0: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 82.057721][ T5263] lo speed is unknown, defaulting to 1000 [ 82.156565][ T5252] syz.0.497: attempt to access beyond end of device [ 82.156565][ T5252] loop0: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 82.156585][ T5261] Symlink component flag not implemented [ 82.178956][ T5261] Symlink component flag not implemented (7) [ 82.189494][ T5252] syz.0.497: attempt to access beyond end of device [ 82.189494][ T5252] loop0: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 82.217730][ T5252] syz.0.497: attempt to access beyond end of device [ 82.217730][ T5252] loop0: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 82.233486][ T5252] syz.0.497: attempt to access beyond end of device [ 82.233486][ T5252] loop0: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 82.252026][ T5252] syz.0.497: attempt to access beyond end of device [ 82.252026][ T5252] loop0: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 82.266939][ T5252] syz.0.497: attempt to access beyond end of device [ 82.266939][ T5252] loop0: rw=2049, sector=281, nr_sectors = 9 limit=128 [ 82.300581][ T5269] loop4: detected capacity change from 0 to 1024 [ 82.336878][ T5269] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 82.348164][ T5269] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 82.370285][ T5269] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 82.385174][ T5269] EXT4-fs (loop4): orphan cleanup on readonly fs [ 82.419629][ T5269] EXT4-fs error (device loop4): __ext4_get_inode_loc:4450: comm syz.4.502: Invalid inode table block 0 in block_group 0 [ 82.434313][ T5269] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 82.444533][ T5269] EXT4-fs error (device loop4): ext4_quota_write:7324: inode #3: comm syz.4.502: mark_inode_dirty error [ 82.458902][ T5269] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.502: Failed to acquire dquot type 0 [ 82.472641][ T5269] EXT4-fs error (device loop4): __ext4_get_inode_loc:4450: comm syz.4.502: Invalid inode table block 0 in block_group 0 [ 82.487682][ T5269] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 82.498020][ T5269] EXT4-fs error (device loop4): ext4_ext_truncate:4457: inode #15: comm syz.4.502: mark_inode_dirty error [ 82.510329][ T5269] EXT4-fs error (device loop4): __ext4_get_inode_loc:4450: comm syz.4.502: Invalid inode table block 0 in block_group 0 [ 82.524180][ T5269] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 82.534954][ T5269] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 82.562669][ T5269] EXT4-fs error (device loop4): __ext4_get_inode_loc:4450: comm syz.4.502: Invalid inode table block 0 in block_group 0 [ 82.578413][ T5269] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 82.613001][ T5269] EXT4-fs error (device loop4): ext4_truncate:4255: inode #15: comm syz.4.502: mark_inode_dirty error [ 82.688084][ T5269] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 82.702666][ T5269] EXT4-fs (loop4): 1 truncate cleaned up [ 82.704867][ T5277] bridge1: entered promiscuous mode [ 82.714242][ T5277] bridge1: entered allmulticast mode [ 82.718025][ T5269] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 82.735602][ T5280] netlink: 'syz.5.506': attribute type 29 has an invalid length. [ 82.791505][ T5269] xt_hashlimit: size too large, truncated to 1048576 [ 82.986615][ T5292] netlink: 64 bytes leftover after parsing attributes in process `syz.5.509'. [ 83.064980][ T5297] loop5: detected capacity change from 0 to 1024 [ 83.072252][ T5282] netlink: 'syz.1.507': attribute type 13 has an invalid length. [ 83.118902][ T5297] EXT4-fs: Ignoring removed orlov option [ 83.154254][ T5297] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.195349][ T5303] netlink: 28 bytes leftover after parsing attributes in process `syz.0.511'. [ 83.204779][ T5303] netlink: 28 bytes leftover after parsing attributes in process `syz.0.511'. [ 83.229847][ T5297] netlink: 12 bytes leftover after parsing attributes in process `syz.5.510'. [ 83.263348][ T5303] loop0: detected capacity change from 0 to 512 [ 83.282572][ T5297] bpf: Bad value for 'gid' [ 83.379281][ T5303] EXT4-fs (loop0): 1 orphan inode deleted [ 83.398145][ T59] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 1 [ 83.411683][ T5269] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 83.441351][ T5303] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.526793][ T5303] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.544364][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.619014][ T5310] loop4: detected capacity change from 0 to 764 [ 83.641741][ T5310] Symlink component flag not implemented [ 83.658916][ T5310] Symlink component flag not implemented (7) [ 83.738534][ T5312] FAULT_INJECTION: forcing a failure. [ 83.738534][ T5312] name failslab, interval 1, probability 0, space 0, times 0 [ 83.752558][ T5312] CPU: 0 UID: 0 PID: 5312 Comm: syz.4.513 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 83.752599][ T5312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 83.752680][ T5312] Call Trace: [ 83.752691][ T5312] [ 83.752701][ T5312] __dump_stack+0x1d/0x30 [ 83.752732][ T5312] dump_stack_lvl+0xe8/0x140 [ 83.752755][ T5312] dump_stack+0x15/0x1b [ 83.752777][ T5312] should_fail_ex+0x265/0x280 [ 83.752889][ T5312] should_failslab+0x8c/0xb0 [ 83.753023][ T5312] __kmalloc_noprof+0xa5/0x3e0 [ 83.753050][ T5312] ? ___neigh_create+0x4c9/0x1290 [ 83.753077][ T5312] ___neigh_create+0x4c9/0x1290 [ 83.753102][ T5312] ? __kmalloc_node_track_caller_noprof+0x1e5/0x410 [ 83.753247][ T5312] ? __alloc_skb+0x1b2/0x320 [ 83.753327][ T5312] __neigh_create+0x54/0x70 [ 83.753371][ T5312] ip_neigh_gw4+0x12e/0x170 [ 83.753403][ T5312] ip_finish_output2+0x857/0x8b0 [ 83.753445][ T5312] ? ip_fraglist_prepare+0x2bf/0x310 [ 83.753481][ T5312] ip_do_fragment+0xadb/0xc90 [ 83.753517][ T5312] ? __pfx_ip_finish_output2+0x10/0x10 [ 83.753568][ T5312] ip_fragment+0xcc/0x140 [ 83.753594][ T5312] ip_finish_output+0x1c5/0x290 [ 83.753617][ T5312] ip_output+0xad/0x170 [ 83.753716][ T5312] ? __pfx_ip_finish_output+0x10/0x10 [ 83.753775][ T5312] ? __pfx_ip_output+0x10/0x10 [ 83.753802][ T5312] ip_send_skb+0x11d/0x140 [ 83.753830][ T5312] udp_send_skb+0x6e3/0xa40 [ 83.753863][ T5312] udp_sendmsg+0x48d/0x13a0 [ 83.753890][ T5312] ? memcg_list_lru_alloc+0xc2/0x490 [ 83.753998][ T5312] ? __rcu_read_unlock+0x4f/0x70 [ 83.754027][ T5312] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 83.754065][ T5312] ? avc_has_perm+0xd3/0x150 [ 83.754123][ T5312] ? __pfx_udp_sendmsg+0x10/0x10 [ 83.754151][ T5312] inet_sendmsg+0xac/0xd0 [ 83.754193][ T5312] __sock_sendmsg+0x102/0x180 [ 83.754240][ T5312] ____sys_sendmsg+0x345/0x4e0 [ 83.754271][ T5312] ___sys_sendmsg+0x17b/0x1d0 [ 83.754315][ T5312] __sys_sendmmsg+0x178/0x300 [ 83.754348][ T5312] __x64_sys_sendmmsg+0x57/0x70 [ 83.754425][ T5312] x64_sys_call+0x2f2f/0x2fb0 [ 83.754462][ T5312] do_syscall_64+0xd2/0x200 [ 83.754491][ T5312] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 83.754525][ T5312] ? clear_bhb_loop+0x40/0x90 [ 83.754625][ T5312] ? clear_bhb_loop+0x40/0x90 [ 83.754648][ T5312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.754671][ T5312] RIP: 0033:0x7ff2d65ae969 [ 83.754690][ T5312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.754774][ T5312] RSP: 002b:00007ff2d4c17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 83.754801][ T5312] RAX: ffffffffffffffda RBX: 00007ff2d67d5fa0 RCX: 00007ff2d65ae969 [ 83.754819][ T5312] RDX: 0000000000000001 RSI: 0000200000000500 RDI: 0000000000000003 [ 83.754836][ T5312] RBP: 00007ff2d4c17090 R08: 0000000000000000 R09: 0000000000000000 [ 83.754849][ T5312] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001 [ 83.754862][ T5312] R13: 0000000000000000 R14: 00007ff2d67d5fa0 R15: 00007ffce005e258 [ 83.754906][ T5312] [ 84.139237][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.263270][ T4910] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.304054][ T5317] loop0: detected capacity change from 0 to 512 [ 84.443110][ T5317] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.461840][ T5317] ext4 filesystem being mounted at /102/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 84.490750][ T5317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.558982][ T5324] lo speed is unknown, defaulting to 1000 [ 85.229310][ T5337] netlink: 64 bytes leftover after parsing attributes in process `syz.0.520'. [ 85.370077][ T5339] FAULT_INJECTION: forcing a failure. [ 85.370077][ T5339] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 85.383772][ T5339] CPU: 1 UID: 0 PID: 5339 Comm: syz.0.522 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 85.383865][ T5339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 85.383883][ T5339] Call Trace: [ 85.383892][ T5339] [ 85.383903][ T5339] __dump_stack+0x1d/0x30 [ 85.383932][ T5339] dump_stack_lvl+0xe8/0x140 [ 85.384028][ T5339] dump_stack+0x15/0x1b [ 85.384059][ T5339] should_fail_ex+0x265/0x280 [ 85.384092][ T5339] should_fail+0xb/0x20 [ 85.384123][ T5339] should_fail_usercopy+0x1a/0x20 [ 85.384195][ T5339] _copy_from_iter+0xcf/0xe40 [ 85.384330][ T5339] ? __build_skb_around+0x1a0/0x200 [ 85.384375][ T5339] ? __alloc_skb+0x223/0x320 [ 85.384418][ T5339] netlink_sendmsg+0x471/0x6b0 [ 85.384472][ T5339] ? __pfx_netlink_sendmsg+0x10/0x10 [ 85.384492][ T5339] __sock_sendmsg+0x142/0x180 [ 85.384535][ T5339] ____sys_sendmsg+0x31e/0x4e0 [ 85.384566][ T5339] ___sys_sendmsg+0x17b/0x1d0 [ 85.384712][ T5339] __x64_sys_sendmsg+0xd4/0x160 [ 85.384744][ T5339] x64_sys_call+0x2999/0x2fb0 [ 85.384773][ T5339] do_syscall_64+0xd2/0x200 [ 85.384862][ T5339] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 85.384895][ T5339] ? clear_bhb_loop+0x40/0x90 [ 85.384917][ T5339] ? clear_bhb_loop+0x40/0x90 [ 85.384956][ T5339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.384977][ T5339] RIP: 0033:0x7fb13547e969 [ 85.384996][ T5339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.385021][ T5339] RSP: 002b:00007fb133ae7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 85.385040][ T5339] RAX: ffffffffffffffda RBX: 00007fb1356a5fa0 RCX: 00007fb13547e969 [ 85.385053][ T5339] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 85.385081][ T5339] RBP: 00007fb133ae7090 R08: 0000000000000000 R09: 0000000000000000 [ 85.385097][ T5339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 85.385110][ T5339] R13: 0000000000000000 R14: 00007fb1356a5fa0 R15: 00007ffe1ad5b408 [ 85.385128][ T5339] [ 85.642353][ T5342] lo speed is unknown, defaulting to 1000 [ 85.666825][ T5345] loop0: detected capacity change from 0 to 512 [ 85.715262][ T5345] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.735470][ T5345] ext4 filesystem being mounted at /106/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 85.750323][ T5345] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.801234][ T29] kauditd_printk_skb: 55 callbacks suppressed [ 85.801255][ T29] audit: type=1326 audit(1748415618.640:1189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5350 comm="syz.0.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13547e969 code=0x7ffc0000 [ 85.834125][ T29] audit: type=1326 audit(1748415618.640:1190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5350 comm="syz.0.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13547e969 code=0x7ffc0000 [ 85.860693][ T29] audit: type=1326 audit(1748415618.680:1191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5350 comm="syz.0.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb13547e969 code=0x7ffc0000 [ 85.885405][ T29] audit: type=1326 audit(1748415618.680:1192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5350 comm="syz.0.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb13547e9a3 code=0x7ffc0000 [ 85.912769][ T29] audit: type=1326 audit(1748415618.680:1193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5350 comm="syz.0.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb13547d41f code=0x7ffc0000 [ 85.924034][ T5351] loop0: detected capacity change from 0 to 128 [ 85.937536][ T29] audit: type=1326 audit(1748415618.680:1194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5350 comm="syz.0.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb13547e9f7 code=0x7ffc0000 [ 85.939571][ T29] audit: type=1326 audit(1748415618.750:1195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5350 comm="syz.0.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb13547d2d0 code=0x7ffc0000 [ 85.999029][ T29] audit: type=1326 audit(1748415618.750:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5350 comm="syz.0.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb13547e56b code=0x7ffc0000 [ 86.043239][ T5351] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 86.061336][ T29] audit: type=1326 audit(1748415618.870:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5350 comm="syz.0.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb13547d5ca code=0x7ffc0000 [ 86.087603][ T29] audit: type=1326 audit(1748415618.870:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5350 comm="syz.0.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb13547d5ca code=0x7ffc0000 [ 86.143052][ T5355] loop4: detected capacity change from 0 to 128 [ 86.152622][ T59] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 86.432348][ T5367] netlink: 4 bytes leftover after parsing attributes in process `+}[@'. [ 86.536382][ T5377] lo speed is unknown, defaulting to 1000 [ 86.961728][ T5382] netlink: 64 bytes leftover after parsing attributes in process `syz.1.532'. [ 87.257911][ T5399] FAULT_INJECTION: forcing a failure. [ 87.257911][ T5399] name failslab, interval 1, probability 0, space 0, times 0 [ 87.272108][ T5399] CPU: 0 UID: 0 PID: 5399 Comm: syz.4.539 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 87.272136][ T5399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 87.272209][ T5399] Call Trace: [ 87.272218][ T5399] [ 87.272228][ T5399] __dump_stack+0x1d/0x30 [ 87.272304][ T5399] dump_stack_lvl+0xe8/0x140 [ 87.272327][ T5399] dump_stack+0x15/0x1b [ 87.272389][ T5399] should_fail_ex+0x265/0x280 [ 87.272417][ T5399] should_failslab+0x8c/0xb0 [ 87.272459][ T5399] kmem_cache_alloc_node_noprof+0x57/0x320 [ 87.272518][ T5399] ? __alloc_skb+0x101/0x320 [ 87.272556][ T5399] ? __rtnl_unlock+0x95/0xb0 [ 87.272627][ T5399] __alloc_skb+0x101/0x320 [ 87.272723][ T5399] netlink_ack+0xfd/0x500 [ 87.272823][ T5399] ? avc_has_perm_noaudit+0x1b1/0x200 [ 87.272887][ T5399] netlink_rcv_skb+0x192/0x220 [ 87.272964][ T5399] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 87.272995][ T5399] rtnetlink_rcv+0x1c/0x30 [ 87.273017][ T5399] netlink_unicast+0x5a1/0x670 [ 87.273054][ T5399] netlink_sendmsg+0x58b/0x6b0 [ 87.273533][ T5399] ? __pfx_netlink_sendmsg+0x10/0x10 [ 87.273559][ T5399] __sock_sendmsg+0x142/0x180 [ 87.273594][ T5399] ____sys_sendmsg+0x31e/0x4e0 [ 87.273618][ T5399] ___sys_sendmsg+0x17b/0x1d0 [ 87.273727][ T5399] __x64_sys_sendmsg+0xd4/0x160 [ 87.273815][ T5399] x64_sys_call+0x2999/0x2fb0 [ 87.273838][ T5399] do_syscall_64+0xd2/0x200 [ 87.273861][ T5399] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 87.273910][ T5399] ? clear_bhb_loop+0x40/0x90 [ 87.273933][ T5399] ? clear_bhb_loop+0x40/0x90 [ 87.274031][ T5399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.274072][ T5399] RIP: 0033:0x7ff2d65ae969 [ 87.274092][ T5399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.274113][ T5399] RSP: 002b:00007ff2d4c17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 87.274134][ T5399] RAX: ffffffffffffffda RBX: 00007ff2d67d5fa0 RCX: 00007ff2d65ae969 [ 87.274150][ T5399] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 87.274166][ T5399] RBP: 00007ff2d4c17090 R08: 0000000000000000 R09: 0000000000000000 [ 87.274201][ T5399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.274213][ T5399] R13: 0000000000000000 R14: 00007ff2d67d5fa0 R15: 00007ffce005e258 [ 87.274231][ T5399] [ 87.592399][ T5410] loop4: detected capacity change from 0 to 1024 [ 87.600301][ T5410] EXT4-fs: Ignoring removed bh option [ 87.636855][ T5410] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 87.675028][ T5415] loop3: detected capacity change from 0 to 512 [ 87.686208][ T5415] EXT4-fs: Ignoring removed nobh option [ 87.707800][ T5415] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.544: invalid indirect mapped block 256 (level 2) [ 87.726344][ T5415] EXT4-fs (loop3): 2 truncates cleaned up [ 87.734277][ T5415] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.751349][ T5415] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.544: bg 0: block 5: invalid block bitmap [ 87.767225][ T5415] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 87.781671][ T5415] EXT4-fs (loop3): This should not happen!! Data will be lost [ 87.781671][ T5415] [ 87.793204][ T5415] EXT4-fs (loop3): Total free blocks count 0 [ 87.800533][ T5415] EXT4-fs (loop3): Free/Dirty block details [ 87.806466][ T5415] EXT4-fs (loop3): free_blocks=0 [ 87.811743][ T5415] EXT4-fs (loop3): dirty_blocks=66 [ 87.817276][ T5415] EXT4-fs (loop3): Block reservation details [ 87.823768][ T5415] EXT4-fs (loop3): i_reserved_data_blocks=66 [ 87.833863][ T5422] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 60 with error 28 [ 88.003740][ T5428] netlink: 'syz.1.547': attribute type 29 has an invalid length. [ 88.050209][ T5429] netlink: 100 bytes leftover after parsing attributes in process `syz.5.549'. [ 88.065298][ T5430] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2 [ 88.104202][ T5426] netlink: 112 bytes leftover after parsing attributes in process `syz.5.549'. [ 88.151145][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 88.182380][ T5436] program syz.5.551 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 88.221820][ T5436] loop5: detected capacity change from 0 to 512 [ 88.268893][ T5436] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 88.279188][ T5436] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 88.327817][ T5436] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 88.339308][ T5436] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 88.355715][ T5436] System zones: 0-2, 18-18, 34-35 [ 88.363223][ T5436] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.422812][ T5445] lo speed is unknown, defaulting to 1000 [ 88.547689][ T5436] netlink: 'syz.5.551': attribute type 3 has an invalid length. [ 88.759313][ T4910] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.207269][ T5473] loop4: detected capacity change from 0 to 2048 [ 89.249568][ T5473] netlink: 4 bytes leftover after parsing attributes in process `+}[@'. [ 89.400788][ T5482] FAULT_INJECTION: forcing a failure. [ 89.400788][ T5482] name failslab, interval 1, probability 0, space 0, times 0 [ 89.415517][ T5482] CPU: 1 UID: 0 PID: 5482 Comm: syz.4.562 Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 89.415577][ T5482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 89.415590][ T5482] Call Trace: [ 89.415596][ T5482] [ 89.415605][ T5482] __dump_stack+0x1d/0x30 [ 89.415634][ T5482] dump_stack_lvl+0xe8/0x140 [ 89.415717][ T5482] dump_stack+0x15/0x1b [ 89.415747][ T5482] should_fail_ex+0x265/0x280 [ 89.415783][ T5482] ? rdma_restrack_init+0x31/0x220 [ 89.415854][ T5482] should_failslab+0x8c/0xb0 [ 89.415970][ T5482] __kmalloc_cache_noprof+0x4c/0x320 [ 89.416044][ T5482] rdma_restrack_init+0x31/0x220 [ 89.416068][ T5482] _ib_alloc_device+0x49/0x440 [ 89.416141][ T5482] siw_newlink+0xcf/0x680 [ 89.416178][ T5482] nldev_newlink+0x369/0x3f0 [ 89.416262][ T5482] ? __pfx_nldev_newlink+0x10/0x10 [ 89.416325][ T5482] rdma_nl_rcv+0x479/0x5a0 [ 89.416364][ T5482] ? selinux_nlmsg_lookup+0x99/0x8b0 [ 89.416405][ T5482] netlink_unicast+0x5a1/0x670 [ 89.416505][ T5482] netlink_sendmsg+0x58b/0x6b0 [ 89.416533][ T5482] ? __pfx_netlink_sendmsg+0x10/0x10 [ 89.416586][ T5482] __sock_sendmsg+0x142/0x180 [ 89.416622][ T5482] ____sys_sendmsg+0x31e/0x4e0 [ 89.416651][ T5482] ___sys_sendmsg+0x17b/0x1d0 [ 89.416776][ T5482] __x64_sys_sendmsg+0xd4/0x160 [ 89.416805][ T5482] x64_sys_call+0x2999/0x2fb0 [ 89.416828][ T5482] do_syscall_64+0xd2/0x200 [ 89.416910][ T5482] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 89.416939][ T5482] ? clear_bhb_loop+0x40/0x90 [ 89.416963][ T5482] ? clear_bhb_loop+0x40/0x90 [ 89.416985][ T5482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.417006][ T5482] RIP: 0033:0x7ff2d65ae969 [ 89.417065][ T5482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.417088][ T5482] RSP: 002b:00007ff2d4c17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 89.417160][ T5482] RAX: ffffffffffffffda RBX: 00007ff2d67d5fa0 RCX: 00007ff2d65ae969 [ 89.417174][ T5482] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 000000000000000a [ 89.417187][ T5482] RBP: 00007ff2d4c17090 R08: 0000000000000000 R09: 0000000000000000 [ 89.417204][ T5482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.417220][ T5482] R13: 0000000000000000 R14: 00007ff2d67d5fa0 R15: 00007ffce005e258 [ 89.417279][ T5482] [ 89.837804][ T5488] loop4: detected capacity change from 0 to 764 [ 89.863906][ T5488] Symlink component flag not implemented [ 89.874664][ T5490] loop3: detected capacity change from 0 to 764 [ 89.882573][ T5488] Symlink component flag not implemented (7) [ 89.929341][ T5492] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 89.967675][ T5492] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 90.013597][ T5495] Symlink component flag not implemented [ 90.021840][ T5495] Symlink component flag not implemented (7) [ 90.192916][ T5500] lo speed is unknown, defaulting to 1000 [ 90.362168][ T5499] loop3: detected capacity change from 0 to 512 [ 90.544161][ T5499] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.638776][ T5499] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 90.683996][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.842994][ T29] kauditd_printk_skb: 125 callbacks suppressed [ 90.843009][ T29] audit: type=1400 audit(1748415623.680:1324): avc: denied { getopt } for pid=5508 comm="syz.3.572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 90.937646][ T29] audit: type=1400 audit(1748415623.730:1325): avc: denied { read } for pid=5508 comm="syz.3.572" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 90.962660][ T29] audit: type=1400 audit(1748415623.730:1326): avc: denied { open } for pid=5508 comm="syz.3.572" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 90.989169][ T29] audit: type=1400 audit(1748415623.730:1327): avc: denied { create } for pid=5508 comm="syz.3.572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 91.025932][ T5517] netlink: 'syz.4.574': attribute type 29 has an invalid length. [ 91.046045][ T5519] netlink: 'syz.3.575': attribute type 29 has an invalid length. [ 91.250894][ T5535] xt_CT: No such helper "snmp_trap" [ 91.278372][ T29] audit: type=1326 audit(1748415624.110:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="syz.4.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2d65ae969 code=0x7ffc0000 [ 91.306519][ T29] audit: type=1326 audit(1748415624.110:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="syz.4.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2d65ae969 code=0x7ffc0000 [ 91.332198][ T5541] loop3: detected capacity change from 0 to 764 [ 91.343894][ T5541] Symlink component flag not implemented [ 91.357597][ T5541] Symlink component flag not implemented (7) [ 91.412594][ T5547] Cannot find del_set index 0 as target [ 91.428232][ T3047] ================================================================== [ 91.436554][ T3047] BUG: KCSAN: data-race in memcpy_and_pad / rcu_tasks_trace_pregp_step [ 91.445547][ T3047] [ 91.447910][ T3047] write to 0xffff8881036da4dc of 4 bytes by task 28 on cpu 1: [ 91.456656][ T3047] rcu_tasks_trace_pregp_step+0x1ac/0x920 [ 91.463563][ T3047] rcu_tasks_wait_gp+0x88/0x530 [ 91.469197][ T3047] rcu_tasks_one_gp+0x7f3/0x8e0 [ 91.474473][ T3047] rcu_tasks_kthread+0xf7/0x110 [ 91.479841][ T3047] kthread+0x486/0x510 [ 91.484137][ T3047] ret_from_fork+0xda/0x150 [ 91.488844][ T3047] ret_from_fork_asm+0x1a/0x30 [ 91.494167][ T3047] [ 91.496510][ T3047] read to 0xffff8881036da080 of 3200 bytes by task 3047 on cpu 0: [ 91.504549][ T3047] memcpy_and_pad+0x48/0x80 [ 91.509183][ T3047] arch_dup_task_struct+0x2c/0x40 [ 91.514275][ T3047] dup_task_struct+0x83/0x6a0 [ 91.518996][ T3047] copy_process+0x399/0x1fe0 [ 91.523727][ T3047] kernel_clone+0x16c/0x5b0 [ 91.528273][ T3047] __se_sys_clone3+0x1c2/0x200 [ 91.533065][ T3047] __x64_sys_clone3+0x31/0x40 [ 91.538039][ T3047] x64_sys_call+0x10c9/0x2fb0 [ 91.542935][ T3047] do_syscall_64+0xd2/0x200 [ 91.547912][ T3047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.554093][ T3047] [ 91.556682][ T3047] Reported by Kernel Concurrency Sanitizer on: [ 91.563104][ T3047] CPU: 0 UID: 0 PID: 3047 Comm: dhcpcd Not tainted 6.15.0-syzkaller-02245-gdd3922cf9d4d #0 PREEMPT(voluntary) [ 91.575736][ T3047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 91.586774][ T3047] ================================================================== [ 91.595679][ T29] audit: type=1326 audit(1748415624.120:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="syz.4.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff2d65ae969 code=0x7ffc0000 [ 91.596316][ T5547] loop3: detected capacity change from 0 to 2048 [ 91.621247][ T29] audit: type=1326 audit(1748415624.200:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="syz.4.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2d65ae969 code=0x7ffc0000 [ 91.621287][ T29] audit: type=1326 audit(1748415624.200:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="syz.4.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2d65ae969 code=0x7ffc0000 [ 91.681156][ T29] audit: type=1326 audit(1748415624.220:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="syz.4.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff2d65ae969 code=0x7ffc0000 [ 91.788071][ T5547] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.809235][ T5547] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.248049][ T59] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 345: padding at end of block bitmap is not set [ 92.276450][ T59] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 844 with error 117 [ 92.289159][ T59] EXT4-fs (loop3): This should not happen!! Data will be lost [ 92.289159][ T59] [ 92.987191][ T31] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 860 with max blocks 1 with error 28 [ 93.000144][ T31] EXT4-fs (loop3): This should not happen!! Data will be lost [ 93.000144][ T31] [ 93.010150][ T31] EXT4-fs (loop3): Total free blocks count 0 [ 93.016412][ T31] EXT4-fs (loop3): Free/Dirty block details [ 93.022909][ T31] EXT4-fs (loop3): free_blocks=0 [ 93.028220][ T31] EXT4-fs (loop3): dirty_blocks=16 [ 93.034300][ T31] EXT4-fs (loop3): Block reservation details