last executing test programs: 45.690944845s ago: executing program 2 (id=152): prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0), 0x8) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x6, 0x4, 0x7, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5d371c61f550e9d86aabda45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0db2b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec08647566b1bdd75d6a9a1e600aaf0f42ce94b4725d4c2da80150dc34e5975d6904f061ed9a7608959f2d24ee6ec4f2395d16e02f53c746f74b12013f738d76456c3407188eff97f31ca36e5d79e1f1c7c3b688ee21d37ba5ebf4afc2a61f16"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r4 = socket$packet(0x11, 0x3, 0x300) close(r2) setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x10}, 0x1c) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) write$selinux_access(r5, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56) 45.662065355s ago: executing program 2 (id=156): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = socket(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffe, 0x8}}]}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xfff1, 0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34, 0x1, [@m_gact={0x30, 0x1d, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x68}}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x10, 0x3, 0x10) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x12008002}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8c0}, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10) syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/FH50/9GTqJCAqqp7ypiIPbdaAjNKKBUS4sITjmWY2dtrEzVpNwCwJvuuimf9cVRAhCdBEEYhddhRLeddGdd15kV0lEJ+Y0N5tapk7y/brYHvZ8P4fv+bPD9h1s+vjda9GwY4TNlFTXV0l1u+RktkqapVoW5OTI9ZH3+85duHg6EAx2nFXtDHT7/KradGC09+bwobHUjvMvm17XyXjzpekZ/9T47vE909+7r0YcjTgai6fU1L54PGX22Zb233eihuoZ2zIdSyMxx0qW9MN2PJHIqBnrb2xIJC3HUTOW0aiV0VRcU8mMmlfMSEwNw9DGBsHKhtOPAst3Q89nXVdmUu9cty4nruvmX6zfxOmhwubOv+sWnf87lZ4SNlHRTb1exB5Kh9KhwnOhHwhLRGyxpFW88k3y14j7eMSdu1Tyjzf8I8HJo2/fqGqzDNrZ+Xw2HfKU5n3idT2FTEGh7jwV7PBpQWn+P2kozvvFK7vK5/1l87VyuKUob4hXJi9LXGyZGD34Zapr6MFCftCneqIruCT/v/QvHqZnnyt0fgAAAAAAAAAAWAtDfyq7fm/kB9weUNXGJf1CvtzvA0vX51vLrs/XyN6ayu47AAAAAADbhZMZiJq2bSX/ssh/lV+P7fx7xZNbvz94f+fKY1raPBPtH3KJrbBff1B87dkS0ygtZH71abXBnnV+pywWn9ZlO1Xz81t+zMnejy9W3U7tL8dnOWMbf1cCAAAAsBEWP/S3STb8Kp3tOXav0nMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGC7WcNfjk08LNfSfLHzablWpfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgJT8CAAD//wva0Pw=") r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000) renameat2(r7, &(0x7f0000000140)='./file1\x00', r7, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1) 45.503092108s ago: executing program 2 (id=160): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, r0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0, r2}, 0x18) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$kcm(0x11, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r4}, &(0x7f0000000200), &(0x7f0000000240)=r3}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x50006, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) 44.645224641s ago: executing program 2 (id=169): r0 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x4}, 0x4110, 0x6, 0x7, 0x9, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000001c0)='cpu&00\t&&') syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x3000000, &(0x7f0000000200)={[{@nobarrier}, {@dioread_nolock}]}, 0x1, 0x527, &(0x7f0000019580)="$eJzs3W1rZFcdAPD/vZPZZndTM1WRtWBbbGW36M5sGttGkXYF0RdSUOv7NSaTEDLJhMykbkLRLH4AQUSFfgDfCH4AQfoRRCjoe1FRRLf6UnvlztyxeZhJhjzN7uT3g5M55z6c/zmXzJ37cLg3gEvruYi4GxGliHgxIqaL6WmRYreb8uXef/j2Qp6SyLI3/5FEUkzr1ZWXJyLierHaZER862sR300Ox21t76zONxr1zaJca69t1FrbO7dX1uaX68v19dnZmVfmXp17ee5OVjhVPysR8dpX/vLTH/3iq6/95nPf++O9v936ft6sL32i2+6IWDhVgAG6dZc726In30ab5xFsRPL+lEujbgUAAMPIj/E/GhGf7hz/T0epczQHAAAAjJPs9an4TxKRAQAAAGMrjYipSNJqMRZgKtK0Wu2O4f14XEsbzVb7s0vNrfXFfF5EJcrp0kqjfqcYK1yJcpKXZ4oxtr3ySwfKsxHxVET8ZPpqp1xdaDYWR33xAwAAAC6J68/uP///93TayQMAAABjpjKwAAAAAIwLp/wAAAAw/pz/AwAAwFj7xhtv5Cnrvcd78a3trdXmW7cX663V6trWQnWhublRXW42lzvP7Fs7rr5Gs7nx+Vjful9r11vtWmt7595ac2u9fW9l3yuwAQAAgAv01LPv/iGJiN0vXu2kKJ4DCFwWX78y1GJ/PveGABeoNOoGACMzMeoGACNTPnYJewgYd8kx8w8P3uleK4zfnk97AACAs3fzk3vv/7/Tmda7GXj8tQHgcWasDwBcPu7uweVVjtKDE61448ybAozIR7ofTwyaP/DhHUPc/+9eY8iyEzUMAAA4M1OdlKTV4jh9KtK0Wo14svNagHKytNKo3ynOD34/XX4iL8901kyOHTMMAAAAAAAAAAAAAAAAAAAAAAAAAHRlWRJZX1G8Fbz/XAAAAODxEZH+NSnO9G9OvzC1/+rAgbd+vfPmz+7Pt9ubMxFXkn9O55OuRET758X0lzKvBAAAAIBHQPc8vficGXVrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg37z98e6GXLjLu378cEZV+8SdisvM5GeWIuPavJCb2rJdEROkM4u8+iIgb/eIn8UGWZZWiFf3iXz3n+JXOpukfP42I62cQHy6zd/P9z91+3780nut89v/+TRTptAbv/9L/7/9KA/Y/Tx4oD/L0e7+qDYz/IOLpif77n178pBt/X4i88PyQffzOt3d2+s7YU2W/+Htj1dprG7XW9s7tlbX55fpyfX12duaVuVfnXp67U1taadSLv33D/PhTv/7gqP5fGxC/sr//h7b/C0P1Pov/vnf/4ce6hXK/+Lee7//7e2NA/LT47ftMkc/n3+zld7v5vZ755e+eOar/iwP6P3lM/28N1f/4wovf/OGf+s45tDUAgIvQ2t5ZnW806ptHZCaHWOaCM68/Gs04w0w8Gs0YVSb7Qff/8XT1nHL1Q5nsNKtPxBk048qh72kpTlphErGb1zXkPyQAADBmPjzoP+oOEgAAAAAAAAAAAAAAAAAAAHCeTvhYssmIOHKZu3tqPhhzdzRdBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA40v8CAAD//+SZylA=") r1 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000002600000007"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) setreuid(0x0, 0xee00) r4 = socket$unix(0x1, 0x1, 0x0) bind$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x20000) sendmsg$NL80211_CMD_ADD_TX_TS(r1, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x40, 0x0, 0x91c, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x6, 0x26}}}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xd}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xa}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x8}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x3}]}, 0x40}}, 0x200000d0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20) syz_clone(0x1000, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r1, 0xc0185879, &(0x7f0000000100)={0x8003, 0x1000, 0x2000, 0x0, 0x0, 0x0, 0x2401}) 43.727696556s ago: executing program 2 (id=182): r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, @perf_config_ext={0xffffffffffffffff, 0x8}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000a00)=@newsa={0x138, 0x10, 0x633, 0x80ffffff, 0x0, {{@in=@broadcast, @in6=@private0}, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x32}, @in=@loopback, {}, {}, {0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xa, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0) 43.226867134s ago: executing program 2 (id=187): r0 = socket$inet6(0xa, 0x806, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000012c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sched_setscheduler(0x0, 0x1, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x2) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) (fail_nth: 2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r1}, 0x18) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10) socket$inet_dccp(0x2, 0x6, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000001500), 0x588, 0x0) 43.223698534s ago: executing program 32 (id=187): r0 = socket$inet6(0xa, 0x806, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000012c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sched_setscheduler(0x0, 0x1, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x2) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) (fail_nth: 2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r1}, 0x18) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10) socket$inet_dccp(0x2, 0x6, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000001500), 0x588, 0x0) 6.635152063s ago: executing program 4 (id=759): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000005c0)='kfree\x00', r0, 0x0, 0x8000}, 0x18) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000005c0)='kfree\x00', r0, 0x0, 0x8000}, 0x18) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) getpid() (async) r1 = getpid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) (async) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) pipe(&(0x7f0000002480)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r3, 0x0, 0x4, 0x9) write$P9_RWRITE(r3, &(0x7f0000000040)={0xb}, 0x11000) openat(r3, &(0x7f0000000000)='./file0\x00', 0x292002, 0x10) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 3.617234202s ago: executing program 4 (id=831): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x7ffd) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0xffffffff7ffffffc]}, 0x8) readv(r3, &(0x7f0000000340)=[{&(0x7f0000006a40)=""/161, 0xa1}], 0x1) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10) r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETS(r6, 0x5402, &(0x7f0000000100)={0x6, 0x73, 0x2, 0x10000, 0x19, "88bd91aa90758062b5fffd9272e301aa98af75"}) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10c4, 0xea90, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000180)={0x0, 0x3, 0x1, 0x0, 0x0, [{{}, 0x1826}]}) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r8}, 0x10) bind$inet6(0xffffffffffffffff, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) syz_usb_control_io$hid(r7, 0x0, 0x0) write$UHID_INPUT(r6, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1061}}, 0x1006) r9 = fcntl$dupfd(r5, 0x0, r5) ioctl$USBDEVFS_SUBMITURB(r9, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0x8, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) r10 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) r11 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00') getdents(r11, &(0x7f0000000000)=""/159, 0x9f) r12 = socket$l2tp(0x2, 0x2, 0x73) sendmsg$L2TP_CMD_SESSION_GET(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="000428bd7000fedbdf250800000008001700", @ANYRES32=r11, @ANYBLOB="050004000900000008001900000000000c001600010000000000000014001f00fe8000000000000000000000000000bb050004000100000008001700", @ANYRES32=r12, @ANYBLOB="0c0016a9761b1023c3c5953e27bc6600000000000000000006000000"], 0x78}, 0x1, 0x0, 0x0, 0x30008014}, 0x800) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000180)={0x1, &(0x7f00000000c0)=[{0x2d}]}) 2.735008396s ago: executing program 1 (id=849): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000001, 0x8010, r1, 0x180000000) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) fsopen(&(0x7f0000000080)='tmpfs\x00', 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x800, 0xfffffffa) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, r3, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000340)={@random="6ea88d319b8c", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x43, 0x4e22, 0x8}}}}}, 0x0) 2.652599807s ago: executing program 1 (id=850): bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$kcm(0x29, 0x5, 0x0) recvmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000280)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000040)=""/25, 0x19}, {&(0x7f0000000100)=""/11, 0xb}, {&(0x7f0000000200)}, {&(0x7f0000000340)=""/30, 0x1e}, {&(0x7f0000000380)=""/75, 0x4b}, {&(0x7f0000000400)=""/65, 0x41}], 0x8}, 0x40000020) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000010010000000ffdbdf2500000000", @ANYRES32, @ANYBLOB="20000000280e0400280012800b0001006d61637365630000180002800500030008"], 0x48}, 0x1, 0x0, 0x0, 0x24008001}, 0x0) 1.811008691s ago: executing program 0 (id=861): r0 = socket$kcm(0x29, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00') preadv(r1, &(0x7f00000014c0)=[{&(0x7f0000000340)=""/191, 0xfffffd90}], 0x1, 0x182, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r2 = getpid() bind$inet6(0xffffffffffffffff, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000100)={0x0, 0x4100, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r2}}]}, 0x3c}}, 0x0) 1.792271941s ago: executing program 1 (id=862): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x190, 0x168, 0x10, 0x0, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [0xff6a, 0x0, 0xff], [0xff], 'ip6gretap0\x00', 'veth1_to_hsr\x00', {}, {0xff}, 0x3a, 0xb6, 0x0, 0x20}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@inet=@rpfilter={{0x28}, {0x1}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x40, 0x0, 0x3ff, 0x1, 0xfffffffc, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x10000, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@eui64={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x442, 0x195) pwrite64(r4, &(0x7f0000000140)='2', 0x155c2, 0x8000c64) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3}, 0x10) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x800) r7 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x5, 0x0, 0x0, 0x0, 0x3, 0x80005, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x400, 0x0, 0x20000, 0xfffffffffffffffd, 0x4, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, r5, 0x1) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240), r9) sendmsg$TIPC_CMD_GET_NODES(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r10, 0x870e1659d9891487, 0x70bd26, 0x25df5bfc}, 0x1c}, 0x1, 0x0, 0x0, 0x4000800}, 0x80) sendmsg$TIPC_CMD_SET_LINK_PRI(r8, &(0x7f0000000880)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000800)={0x68, r10, 0x20, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x4c, 0x18, {0x1, @media='ib\x00'}}}, ["", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) r11 = socket$packet(0x11, 0x3, 0x300) recvmmsg(r6, &(0x7f0000000440)=[{{&(0x7f00000000c0)=@can={0x1d, 0x0}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000240)=""/138, 0x8a}, {&(0x7f00000001c0)=""/53, 0x35}, {&(0x7f0000000740)=""/155, 0x9b}], 0x3, &(0x7f0000000380)=""/43, 0x2b}, 0xc}], 0x1, 0x40000020, &(0x7f0000000480)={0x0, 0x989680}) setsockopt$packet_fanout(r11, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) r13 = semget$private(0x0, 0x3, 0x60) semop(r13, &(0x7f0000000000)=[{0x4, 0xf, 0x1800}, {0x4, 0x9, 0x1800}, {0x1, 0x1}], 0x3) r14 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000980)=ANY=[@ANYBLOB="180000000000000000008ae28a18d1d1a64e0000", @ANYRES32=r14, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095", @ANYRESOCT=r2, @ANYBLOB="f58e966378c6b36e3eeb5ded228e0495da3e35f5ef6766ec8d261c8f19914091c439f35d87090fb291763de53c36b8ea9ff9891e1955906f7fdd166bef5eaa6259", @ANYRES32=r12, @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r15 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r15}, 0x10) keyctl$KEYCTL_PKEY_ENCRYPT(0x19, 0x0, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a0103000000000000000002000000540003804000038014000100626f6e645f736c6176655f300000000014000100736974300000000000000000000000001400010073697430000000000000000000000000080002400000000008000140000000000900020073797a31000000000900010073797a30"], 0xa8}, 0x1, 0x0, 0x0, 0x8000}, 0x0) close(r7) 1.456557276s ago: executing program 0 (id=866): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x80) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000040)={r4, 0x1, 0x6, @local}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000000)={r4, 0x11, 0x6, @broadcast}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x20008050) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000080)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x2, 0x0, @void, @value, @void, @value}, 0x50) clock_nanosleep(0x2, 0x0, &(0x7f0000000280)={0x77359400}, 0xfffffffffffffffe) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x3, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x0) 939.795865ms ago: executing program 1 (id=871): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) writev(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0xe1002) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r1]) 881.951166ms ago: executing program 1 (id=874): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x44, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x44}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="8c0000000906010200000000000000000200ffff08000940000000390900020073797a310000000005000100070000005c0008801c0007801800018014000240"], 0x8c}, 0x1, 0x0, 0x0, 0x10000182}, 0x14044081) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0x2b00, 0x0) ppoll(&(0x7f0000000600)=[{r3, 0x1400}], 0x1, 0x0, 0x0, 0x0) r4 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_DISALLOCATE(r4, 0x5608) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r5, 0x0, 0x1}, 0x18) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0) mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x000xffffffffffffffff}) sendmmsg$inet_sctp(r5, &(0x7f0000008fc0)=[{0x0, 0x0, &(0x7f0000000ec0)=[{&(0x7f0000002b40)="2c05d95c8f0da517ffe604c7b0", 0xd}, {0x0}, {0x0}, {&(0x7f0000000f40), 0x34000}], 0x4, 0x0, 0x0, 0x20004050}], 0x1, 0x4) 638.13411ms ago: executing program 5 (id=877): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000001, 0x8010, r1, 0x180000000) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) fsopen(&(0x7f0000000080)='tmpfs\x00', 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x800, 0xfffffffa) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, r3, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000340)={@random="6ea88d319b8c", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x43, 0x4e22, 0x8}}}}}, 0x0) 627.68552ms ago: executing program 5 (id=879): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448df, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000000), &(0x7f0000000040)=0x4) 571.1768ms ago: executing program 0 (id=881): r0 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4) bpf$LINK_DETACH(0x22, &(0x7f0000000040)=r0, 0x4) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x20200, 0x0) write$tun(r1, &(0x7f00000000c0)={@void, @val={0x2, 0x0, 0x60, 0xc, 0x800, 0x6}, @eth={@broadcast, @broadcast, @void, {@can={0xc, {{0x1, 0x1}, 0x8, 0x1, 0x0, 0x0, "b02b64f91f1e9353"}}}}}, 0x28) r2 = signalfd4(r1, &(0x7f0000000100)={[0xc941]}, 0x8, 0x80000) r3 = accept(r2, &(0x7f0000000140)=@phonet, &(0x7f00000001c0)=0x80) renameat(r2, &(0x7f0000000200)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00') ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000300)={'erspan0\x00', &(0x7f0000000280)={'gre0\x00', 0x0, 0x80, 0x7800, 0x10, 0x55dc0ae8, {{0x9, 0x4, 0x2, 0x37, 0x24, 0x66, 0x0, 0xda, 0x0, 0x0, @dev={0xac, 0x14, 0x14, 0xc}, @local, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0xb, 0xd6, [@dev={0xac, 0x14, 0x14, 0x30}, @multicast1]}]}}}}}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r2, r4, 0x25, 0x15, @void}, 0x10) ioctl$KDFONTOP_COPY(r2, 0x4b72, &(0x7f0000000780)={0x3, 0x0, 0x1f, 0xe, 0x1f2, &(0x7f0000000380)}) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000007c0)=0x0) sched_setscheduler(r5, 0x1, &(0x7f0000000800)=0x1ff) memfd_create(&(0x7f0000000840)='#-@]@\x00', 0x4) sendmmsg$inet(r3, &(0x7f00000024c0)=[{{&(0x7f0000000880)={0x2, 0x4e22, @loopback}, 0x10, &(0x7f0000000b80)=[{&(0x7f00000008c0)="d0613442a9e12acc3c5299a300a1100bfa8214d08db7e536584dcbe7d95f2c018f627543e7373aacfd6992d82b7b8920bb03cf0900e7e7880ad387ad9a78820dc9551b8caada0f47036889ba72ddd4fa9d67541a1cce4fa970e97312be7bdc21d3b75916063412082883887b1d587f31b2ee246793a35fa6f8c896111d0102657d86d19c9d7b2d2e8df71b36486951efbaa331a08627adc921b5a18e0d40b740e47ed612912a1b90324b70f1158ee5fbfc1e5baf0000538d14bbf79114211b", 0xbf}, {&(0x7f0000000980)="58afa779d9d447da0c3ac72369bbccfcb470cf6713248cc320b60d00ef7a7a99b8e2c4a6fd28936c2dcb958580e2802e8b0450c8d308574383d58497e5be382eb5274d30e0140bc9c133c1ddf66ec8b3781273f18ebae5d66639a7aa559a79b843d448f529c1665b0c7e7e699b0624fddee0eb03144f2aa48dfbe57d225315712067da1fe6bb784f38b2d460ef4170483e8b5838d820f607d3fa01c0956dba043538f31d05b7db2f15baa4f04517bb29178685f987d1d243a28db4e018d9c274886ade652e582a8d29093c6f7899d80f0a7732ca5c90379a384699c86d730d0085195bdb6fd322aa8ef4d0823f322b989ebfd7cc7d3df7302ddd10", 0xfb}, {&(0x7f0000000a80)="75ed07ec82c8aac49d8166ef8f6a5e2ecf5fa6faa3660e3f8ac65758678e8a138efbd170a015b36cd1a95c7749", 0x2d}, {&(0x7f0000000ac0)="4b1b0be594480e21bcf98a05f5a0273791d83a548893db07da3f04b10d94f2cbfbdac094feb8b8211855902b40af97ed554c9c46e9d0993949b898b987952b50f0fd018908309b9f6117576004da0a70c7151dd02d88d3170595829e182d05b196d251f896c3c6b65d8c7dc285561fc0a2a48ae86d830415738fabd49b12cb90f0cfd5c3efd9545d04a616ee1ad0f2", 0x8f}], 0x4, &(0x7f0000000bc0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x3}}], 0x18}}, {{&(0x7f0000000c00)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f0000001180)=[{&(0x7f0000000c40)="382cb23bc481bf7c41eff49cb452411260f9c055ab246dc30bdb621aa1e7ab84e0bd96bc4c6fada312ea85aea5f4ead5a6c180ac4b358f20001c99559b8fe16ea28d339284f192d0dbb5a0fc4376d0959b37a6fda0c2b87d44b6bf9b57974dded422733869b701f65c0d212e9c0fafd9416d2cea9f94da9b2456ec883a54db20efc2d1d119d228c96ec7538a680ed78cfffc248f584eaa6a63ea09bc6baefcf526fc6a6ea6ba7710a5eaa8e0c63005592f0b8fe3ede685bd8b9e52196d9900902a5a886a0636feec3ddf4bf99e2877d7d17f1fc03e9f7bc5e7741bb6fddafc3eeaebd9c8527ff1ad454833a31d", 0xed}, {&(0x7f0000000d40)="bab810259458b6d616d258125702d30fd029c860014a2b911646fef958a838806588656510247001ec892d80f4ec2b620867ccba576bbadb7d0f119a0ebfed62600fd250603db4c55f3c010b339e7bbba7ea630d602c4e69e375a5043400bd3a992fb73dcff36a2ca9ebbf172e0ed361cc366fec9668302c8b453cd8f7330621017fb06709ecf63421f4ace005698dedd1729b0afa8fe20811125e", 0x9b}, {&(0x7f0000000e00)="fe9fbe", 0x3}, {&(0x7f0000000e40)="6183315798cd6e4d2dce1c1717c6537df6e6d9bdf85fbb795c806268c6cf59e1b85c31065bc1f58d740f3f2615289694d88e0dbd4e63d9a7a10174086a6a5f3a789a29cae718a0e0f756e199f027104b01ed37691a3310629fce733588a284924fe8aa419d434abdab4e53b8fcd210712a6f62269d2cf0283fe0d5ea1465ab67782f50dc28e897f6901c6eefdef20527ea664331a4911416ee77f040d59712a15669374acb4de4d489e7144a670625c16b312f893f91a8ffcaf44501f60b063116", 0xc1}, {&(0x7f0000000f40)="4676f32e56f9eef6664c6a7bbe8f70ab1b9d87736a7020335a8d8c1b10032b3b08ed60", 0x23}, {&(0x7f0000000f80)="b8e7de973bfdd6b690091ea7a251d5ef3e33ae511ee64089b0e225aa68fa67eb72a12df204adb2f3530d0c38cab2c3fe63b84ebdc3f440af641e74b7fa1311aa5f378a3a08c298ba538e137cef929c24e8809441123528b32a31133aeb14fb7c2263ca3c3c780ca06397913aa208eecfe3e09514b6689aab579a5423f07c109cc39a32f2112b4dc7f84f2b452410eeb1a783c38cb5fe57af2cedc5f0455ec1407100", 0xa2}, {&(0x7f0000001040)="b29e761c8dbc73e1351f08f4406ffeb343c7662b2ba5bf4712f0ebb6da2caf60652048167c92fff0028da282ce03772cba192108465c97a400019d03152bbf6b087b4130436944704cd68f7a547eccb17b9f2f905d35491d7c6095d2299b2748e386cbdfa94b19876e9dad0518f6b0e89c3a8b7cf04520b2d6f050abe51e125f7f138ef29457caae9cfb25250cd0e42fd4a11d1ffcf9cc4ff8c0966030efbdaa595c70dcf063b090f14718cb60b63ba111af8fee7582bf5df4fb2a11baf22f4c0cc50abb3b447213f617fa1ce0d4f3fd", 0xd0}, {&(0x7f0000001140)="f8fb65ff88cfd60be6faa6e992ad4f736850fa109d4dfd72058a698bd4c9877fcd531121d3981f2dd8bcab59208e8c646c7b519e98e7603648dc6ba4d748", 0x3e}], 0x8}}, {{&(0x7f0000001200)={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10, &(0x7f0000002440)=[{&(0x7f0000001240)="213e7db042af4dca8ab3c0ddbd9c51e15b7fa113e956297c47a6724cc0e3e1d788187bd727e438cb1e582b003b0069447e594683f39ce1e36035ee4a5f0bf451d6a8c1aec99e4dbe15aaf62fee1155b1f86c1f1c7253cd6a14bb81ee207dca3552a2f125", 0x64}, {&(0x7f00000012c0)="40b2390a4bf80595e91b8c583b60ee6311c83b998040ba68e1cabbbd7bd8", 0x1e}, {&(0x7f0000001300)="abe4ddc48e5194ffffa9f8f13877c83f990c1c251132e43a5dc00c11168c9675ede0e5ac6c7be1899b4ad3d8a0b0904f4b05342fb14cce3ac334b86addd25cb391dc08f424aff75ca98fc4724e6d83db0de1d000b370bc08ae6cfebd8f4941b69680b63db3946482991318a71de3e9b05ed23f476543a86fe136f91ee7e35f899925694f323284", 0x87}, {&(0x7f00000013c0)="308edb8f76451ab5f9e4edab4df8641e0b5711400656690c97b8ab822452d8cdb54c89c55b5459dbcc0d365b085d85ed57fac7ba030d0e05f5365c4ff7aa2c02572113e9e7633aa8a9e7327bb4d880fbe44bd6", 0x53}, {&(0x7f0000001440)="b0715325ef211ace4b7d615d2dbfb74e841b7e7a98ce94103d9a580ab6001df46ffd84b7fda04f3b0b65e3065f5f863c31f7fe65322cff9918f55ae08e73034430df2dcffc02838f1f7cd26b90291b880944aa944867a007966c2f02ad42cdb04b44d1832872e32e6bb3f263c3394238a3f58d98e66bc7c2bd5fcb6683fefc725090a12df5af9acdc2a19b4aca5453fcf1dbf2c933ca8e81636e0615441822e2acc4d2c7173c4e8e6a88208bcb3757c8d99335079c2fa5893068df0458630e44992bd7cd7c0dd926b50f782be59da572d1bbab2fa00bb86d2e44718d95d68c9c58fe3720e7c25baa41ec6da1aef8b9d4536dbb171e3eb418e8a9b399d160b47117fb856683835c1057220fcda20007bc7c23bd1309d0f9a2e7c7548842658bd6a7af1cb97b01131369841e4ca798e37e295d48e4c3f1f125e3cc13aca5ac1d9be72726ec7788ddf7063812cc335bdd17ffb1cd4d4cc638d53211a116e1ae6acdc11390a39ade50bc94efa88ff1105396ece5c5113e9153ade9292ecb1e21c1ee1d81b91ce97a6bc66cb55104de4b3e957f6db5b360d9e9f88eceb2b2d760ca40ddd7875f4415542acc3646a7c6d5676de7e0f48413e57712c323f2fd5d27ebe9a5e18859b6938c4e19f5da2d71dc3f1b25692c8b3d39158792b3cc087526543cf387f85ec3048e518046eb8f707f87eb6e97469d648f323de03a0a55850e8253f9bdbced49a2e4b26b18378f2847a6cf2711df7212d17cc02f6379200ea85771c914db68962d22d26f9d14de4d9dbae4b173bd5314845e9801c07ee507aba5f1841f94a534ba9b1d283bed26968c105844900f59682c605ef3ea84e858a8328e8853d7bc6f67958453946ecfd599fdeee9408e28712fee8e57ecf95f900e05c394709dc2b28dcc5e12cc2f8d2aa45ef3e51be7ec48e91484bcc696df77e1906e75ac3cb1b5e3690975603a42dcf2e9d385886cd0c6e51cea97fb39f3e99386b3b1b8641cf6f614e2c5b586b637a0608ede327a6ec57e5649aee45b5e2b6e4e90acc697213ad807d7282efe975dc8234617e6512b295286f1bf875c30a7926134af415f5dd9b31e9cc501c5d68cdcd65be62ec4581dee2b141a4a1d8ff3378b3ffbfede5c80ebf731d0a78f5ebeb31b292c74437b744e9a5016e12aaab4da3913e2e994a515702e9f856e622ddec07ff85e4036b3e3e8d284c6dbd4be874afd2853c9f792ddc53cb88002b826e96064afb14667e08c68097c4ba81cb1356070a49e06f9092a854258127538a1f7738d2f20dc5560b4a3b3b02b2579d43a4840451a0c085e7426e01abcce93ca3b55f98f1f42f98978edb99b1b16771cf146c0aae7162c06ae17a2b1d93f8b2a043d29729977caa2ad4aa3fd0cf480a4d7f98f7d10984f64e93144c2ffffe939a96a04cdfd6179f7fb24d095a5dbe0d5f72709011d9e4595417d7c5228062f23060f004914a3c6724350c5e2c0b8fe23fe77c57c3d6f887beca93d440af4788f6c3253b1a827891c9695738ae59db0048413ef0eb024d3078002a01b9702709b293cc5a8aa2986f83548ae0fda90c3e73b601378b51b2e8055c79a3e9dfe6afd062d1a2439333c0a6459866b1bf923c6ce40d12dc38caffd0eaf3b79195f866a4eef4521185c590e8d881d4419915b404d9d65114eb581891b50c1dbeb194c0f614aa084d62a66718bd584d30540b7eb726de381e3f7ff68f00e710d2f8ae54db5ef34a9ea753f9d369da5f99dd39f1b390900bee3363a7c3079a9b6ca3b82ab4936ec7599f784974dfeb5018895de601b39d8797939132fdb642e45f6df1ebcc8e0fa8f8a8a6e0c7b5d68134e62fa19b68cc3b20179bfbc6957338b97466e36c45e06a4afb7dd4ef942f3eb296552a4febac2ff783f49c4f59d6c9cb9e4340dcda85906f50250fc5907f460a2f433182e8b7075ea09865fab53e57310a06650c312bcfaa77a734b6f81dcb489bb8e5d35926c1622188fbcf65c8b5613aa57e279ea69fda20608234ca9ff525b44093b458802280aac016f7fbb28a2b37bbe3a00cc96c45184686471eed488b7bfd7d45a5e72f44ecebc4336c88d05d6bd66a04bd71c94c84ad78cd1fa8abdb54c3b1aae2693d2afe47e692378f5b86ed675968fc739219a3897ee20e429d4dc4310bcf3897c0782a156f8bd2e1871cf1c601ab614c9f8bc72c28b1d9400495c6efb0f03888be2a5b6911d231d0e4253da8dff56e0ff5c29cc1c6d070d553f8018ea463054dc173cfe1cc77f3e04f2eb129ffc0e0287bf61f23744e8c63312779aba2b34d6a977a53a98917ad65a1c67d11739282ed48518b07cc9b07136a52c0ec464c7898ffa6930f65ff4acc6e6a9014afa908844153eac35255169e771f3c3aedcf569f91a22750d8926ecc49755ccdf33770a30ad5191a536b72eca03337762f99a14454cdf8005be2c0c2c718721bdde017483ac278ad8219dbd33a8fef98335e01d05df217847e63b0c74a41d3cb7890af347ab2e09f30bf240bd0e49c916c234f5d887d71bc2b23ee2bf14ee28527107940e5231e813e1cd42021db28607d2879996adefbbdbb39a8fa230d442bbb1ff37317657e454c7bbc916ac16f2f6c709579ee29263494ce7b1c31f7b02c3347c1cca750ec09669c5343f8c88ca73bb36e77c01f9742112a9170c2af29557820c2f653301144713efe3eaa87f62eacdc6ebe0d6ffd86de621e3fdcdeb9a4589c2ce2d3eb2477fefa1e898f04cfba648b55387bc5587702ac3be05a05527d17b854e6fee1c737266901a4d678b88e50dbee87f1ab7d8f1518a9da2daa399c7260c570eecc653cb744008c1b52c157ff2716e8ba6c4b647ce7e2913475356dbfc1f491ba7e6299c938f3b5fcfe92777fc110c1b52582f7873c71ae3708a0703178fcab92a0c3f8034a0136a76d4c5fdadd079895c21ee2c49a95b47d8da192753aaa42e5ef7c748acad254c577d0f5d69d7920ae15bd64e7740b08185838c89858e4279391b29516a3010869f638bbeb7bef8244c1765b95398dea60ea9e8e42acf00df3874bc003ea6a9616898eea55a0a98110be993326a31fe263d830c6141aec54809a21b4674f376227de5d6e075de9fe5693dce0efe2da6da8303ebf8b54b3d13e9ae8ccc59f0f6d07c3a105305522ec51529b404ec3deb37b438a2c20e3b936d98cb33a2a1c2c042cee968fd8faf9b51781dbcb3c02106ee6ab77710107ab583c952fadc9938659a060b0133d06519643d1cf3b3c28053d3b49cc85aef0642ba6de4fe6630a1921e16e7ed019e2cd41799aa11feac40cd85f19892a4fe215425b0e7fa10ca06dd0446d25e4e0770af844fd63ead84b921ca69943499675d1f3e38ea4fe240b7fdbfca4f9a4fbe7a67ca5054dddc904cf02574c8b5fdc54bcc4b56352a4787969afb5895b0bb6cc365adcef44f6f9acd48da35ab539fa4913c0f69f03d5aed3447ab3c3079d36a994da8da6dec682d25b6959e7fa90a5d92a814f42ad338d4336c33624e76a72e9cc73e0c5dd09e7570fc20c31291926034b862c72970c7f4d02794b616237089f91c696c713819c385c08d2e682ff1c05dddda04bf9cac55a8b9f63b665dc0c5630271d850c2249f573d06f02edc7db81fd50780b08f5a44dccdba5e3d82d519d7865d7145d54ff0cd436cc1afaf130ef63ac1dded76853eb50182b2071884156cacfaea672ec88ef31a25579cad5b6e518b566a7973d23dc018f1b3910b30aa747872976862c2a95b9b6e49d253b1de893492d690d5117ca3b667fa3ac562cd3fd4296c446274f1e2dd73d671bd046510f1c4a4963dfc1dbf1aa0574408bd77379c1d6a3f3eb59a9db5cd2ec9baff62ad1287c404bf56993eac56f82a3e60c856b6f52c59e327d0b2da7bdc4b32a0762f7b00b2c95e0e451fd165b8b1b7eb9df846c34c5a5cdbf9f2f66417c378651f4f42250c88b8ad0d39a83d730449a4cf5f424717d2cd9bdafb823df9275e120c0276eb20651c1b159528ba400082e1d0e7e5eb3035b57c972f1382f301ff9010ac451f28a5e77712b00f11562aad3ec3a948b2de9aa036a745a46b39291728ffcaf0764de443c801f48e213059d07ec187b6c9735e2c35539193cc8e7becfb37ed2ee65695ce92633b79b25637d3f2ddb2a0ce3ce88e82524929a7008cdec4842265851166552d7bcee6244535c0c5741595419be344c1b53f8984348bdd6f1a9776d408b9217e6d985d801cc818787ac97762dba1e04fa28963201fae2704ab95a10d2b57a06abd6bae33118c069f64dbdc4af50239f9dc8df907100c505c7dd908afb48ab5490f409d32959097e3fe6df71c93f8f0e5d3c3cf46bd1c0fa63778743771ea0ba2ce472ee58b70ce8daed4418349f003928c12b6ebccd292e216884aac15a1fda94cbec3ca991771898a2d15b29161bfabfcd23e3e7a851b6d9ba0844c727b47f5df603bdfd297eadd8c023cc9c60f09e31f3efa7e4f0cd6889d978f367a02b97012204cf109105005d2be4a9f2b2be5bf60a7a83a62054ae2e818747dbbb36ecd3753ccdbaf1811f331311c50ec402fe32095f33dc0f3902f17006c00ba0eb68181cd313c1540bc88e493090d3d6b7ccad90807a7526f7af601ae5b4ef2b1b35df359f15e5ae411f54380be0e528ecb914d9bde85a5cf906caf56a081e032fe57b9f72e514c19c9c89319f772eef23f4fe7c50ecbfc4f8ff99110f4bb21524e89237f1ac870fb7cd8fdee6da0905411db54a9c20a31be1144bc2ad4f44da8fe48b15e776f9c84be30db5d4c9607717cf69b4223da8e117c90d8cc53213a490ecce5a410b243c32aebccdee89b1f401621f1629e350630a9f6e003ed5c2ee32b1e7948f93b7fd2eea7708382bf6c2f7e519f26a33ff309a061b218de734413a2f76f70b9ff640f440e8c31cb52185bea1512dcbf0505c64110be21a76935300830d7afb72496917151b6cdc9df5ee6430912149abfb8023bf47612795fa30cfee00653bb5dde266158a8a17c9836813305a61c00f1eb38a99617a905cf74a7bb476033bf24ba6594058245973b6524f3b496437c63dd2a89e35f09eeff2c0f71ace844462a9414c809c30872d05d01a2f113879f397797ff286d9efb99f731bfcf4702dcd497385d76209974c9f686a1dbd6ab65887bede03b09e30c0021bcba8c373975b96b25f57afdd0e9e61a2a2fe190b4ebcdce526a6163401559862ae2e5681f482aa6d4be58ca2186374c3175b8312f33c60d12b5042fba2f976169d9cb1062f03c5764922a8ec8ca6fd404be9fcaaeae3385807ddfaf107d3ece6051c9764ebc929cefa4cd12faea6e793e14286fd22e07306d190fe8450443e21856562a5e06a3cf08070eb3c1b2a48b88cb5e87af8d1e6329084a711c1f384ba44f6b5973f8b00afc2cdac834f9f20fa48adcdd547180174b94ab05ee45514a1ba57581c77f91a399b26d7669172c6ba8da4bb5efec989a0e0acab81e576581105e954a05e5f91e898d43a82cad4d27c3c30c6b268881a328a50dccc01a54fcf5dd5bd304fdb1a145b673550156fbf3610ca15245057109fb1f868bf28b0a3868b45260aa7d5bc84b2b674fd1e1a6ae9806378e2b2a79e8b8197a829f15d3e04b7a2716a89fd04acb4290627b513708de5f750d343d7f4ed3f56af6e1ea04b9e3d0a343da60f1f6af6c4abe97ab9c7ee481432b1483c2c246e684d000571951a55d8d70690dadd91e148a926b057073616af67ccd9ef9ad706aba269135f7b72e803bce40aef22da737947b3c6f3894", 0x1000}], 0x5}}], 0x3, 0x8000) close$binfmt(r2) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000002580)=@bloom_filter={0x1e, 0x7, 0x8, 0x5, 0x10000, 0x1, 0x0, '\x00', r4, r2, 0x4, 0x0, 0x3, 0x3, @void, @value, @value=r2}, 0x50) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000002600)={0x0, 0xff, 0x3}, &(0x7f0000002640)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000002680)={r7, 0x2, 0xf3, "3ae0c8042fe8c460582fa72f446011cf8ad4f032c760cae962733f2a97819fb1a55738a34bc75d8ebda42f1abf8e234444c20266d94d2c7a596d09f65e3f9bf982f00109fb75cd4ae97c733373ab87e7a5f97b3e98e5fe30af04ab15ec1b191fe6e6de176c37404434b99ba8762b9885917c13b0bd8ee34f1790c057409bec41ea3294534304c70f912c8fb1f3c847d8d08c6e023236207079aafb01cd5ea1e8d8e5a00cc67fbee778b1aa618d7ce3331598b5469c1f642b3c1ee10b748e98a07e94706b2ae6b1c3e5d2310aa8909cbd01e66343fa6a70a4ccbff9017e810b1dc5b398929b9a7ad273c2eda4ea5653fbfa2e4b"}, 0xfb) socket$unix(0x1, 0x5, 0x0) r8 = openat$cgroup_ro(r2, &(0x7f0000002780)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=@bloom_filter={0x1e, 0x10000, 0x3ff, 0x1ff, 0x4004, 0x1, 0xa758, '\x00', r4, r8, 0x0, 0x2, 0x2, 0x9, @void, @value, @void, @value}, 0x50) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000002840)={0x5fc, 0x20b, 0x9c, 0x0, r7}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000002c00)={r8, 0x20, &(0x7f0000002bc0)={&(0x7f0000002a80)=""/132, 0x84, 0x0, &(0x7f0000002b40)=""/94, 0x5e}}, 0x10) r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002c40)={0x2, 0x4, 0x8, 0x1, 0x80, r6, 0x0, '\x00', 0x0, r8, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000002d40)={0xb, 0xc, &(0x7f0000002880)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@map_fd={0x18, 0xa, 0x1, 0x0, r9}, @jmp={0x5, 0x0, 0x6, 0x8, 0xb, 0x100, 0xfffffffffffffff0}, @map_val={0x18, 0x5, 0x2, 0x0, r8, 0x0, 0x0, 0x0, 0x3}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r8}}]}, &(0x7f0000002900)='syzkaller\x00', 0x5, 0xf6, &(0x7f0000002940)=""/246, 0x41000, 0x20, '\x00', r4, @fallback=0x2, r8, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002a40)={0x2, 0xc, 0x10001, 0x4}, 0x10, r10, r2, 0x3, &(0x7f0000002cc0)=[r8, r11, r9, r9], &(0x7f0000002d00)=[{0x3, 0x2, 0x1, 0xb}, {0x0, 0x2, 0x8, 0x4}, {0x0, 0x4, 0x10, 0x5}], 0x10, 0x9, @void, @value}, 0x94) write$tun(r2, &(0x7f0000002e00)={@void, @val={0x1, 0x1, 0x4, 0x9, 0x0, 0x200}, @ipv6=@generic={0x3, 0x6, "0eeb1d", 0x2b8, 0x87, 0x1, @ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, {[@srh={0x2e, 0xe, 0x4, 0x7, 0x9, 0x20, 0x7f, [@ipv4={'\x00', '\xff\xff', @local}, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, @dev={0xfe, 0x80, '\x00', 0x18}, @remote, @private0={0xfc, 0x0, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}, @dstopts={0x29, 0x17, '\x00', [@calipso={0x7, 0x30, {0x0, 0xa, 0x9, 0x3, [0x33b4, 0x3, 0x3, 0x7, 0x3]}}, @enc_lim={0x4, 0x1, 0x1}, @generic={0x4, 0x27, "640abd191c50767b01110cbca81eadf09fb1234eaeb95000bb8e2923d6da0eba775e054e6d5a62"}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x987}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x48, {0x2, 0x10, 0xce, 0x7, [0x8, 0x0, 0x1, 0x2260, 0x6, 0xb110, 0xfffffffffffffff0, 0x0]}}, @enc_lim={0x4, 0x1, 0xc7}, @pad1]}, @srh={0x33, 0xc, 0x4, 0x6, 0x9, 0x10, 0x92f7, [@private0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @remote, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}]}, @routing={0x2b, 0x2, 0x2, 0xfb, 0x0, [@mcast1]}, @routing={0x1d, 0xc, 0x0, 0xaa, 0x0, [@private1, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @remote, @ipv4={'\x00', '\xff\xff', @multicast2}, @remote, @mcast1]}, @fragment={0x29, 0x0, 0x10, 0x1, 0x0, 0x5, 0x65}], "67f0f9deec946a2bec7c539ef24b30aded6203bb1d5809fd3cbb3c4501c1d4246e2419445cf2df4913e1b1ab6c2bd756a007a67f18360d2e49558e84ef61bcce8b3a11ffa0222f0665c39c494f6935c1f3a7fc05bf06b4cb102bc719185a49b9f0f6e346fd11d3a285d557bde9a41fdb5cdd389aae8fb386f490409b332da4407c0e13c27675c702"}}}, 0x2ea) ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000003140)={0x1, &(0x7f0000003100)=[{0x8, 0x8, 0x3, 0x7f}]}) getsockopt$inet_mreqn(r2, 0x0, 0x27, &(0x7f0000003180)={@dev, @empty, 0x0}, &(0x7f00000031c0)=0xc) r13 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000003300)={&(0x7f0000003200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x3, [@ptr={0xc, 0x0, 0x0, 0x2, 0x3}, @restrict={0xe, 0x0, 0x0, 0xb, 0x2}]}, {0x0, [0x30]}}, &(0x7f0000003240)=""/182, 0x33, 0xb6, 0x1, 0x3, 0x0, @void, @value}, 0x28) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000003340)={0x1b, 0x0, 0x0, 0x8, 0x0, r8, 0x0, '\x00', r12, r13, 0x2, 0x2, 0x5, 0x0, @void, @value, @void, @value}, 0x50) 524.945172ms ago: executing program 5 (id=883): r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10) capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000040)) setpriority(0x2, 0x0, 0x6) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x400}}, 0x24) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[{0x70, 0x110, 0x1, "242b6f529584ac2156c1189b3a188cd2cc3baddb3dff667fcdc8123f35cada47936757dea762d563403556793e2b59669fd0cf6aaea5d0e9201a3dab7b2bb34c3a967b1db344f41d40b94b25dac673cc1d6626fe7cd378b4108a4c7167d7fc16"}], 0x70, 0xe000}, 0x5}], 0x1, 0x0) 522.435972ms ago: executing program 0 (id=884): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x13) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161142, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x7ffd) write$ppp(r1, &(0x7f0000000480)='3I', 0x2) 522.079361ms ago: executing program 4 (id=885): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 462.537732ms ago: executing program 5 (id=886): r0 = socket$key(0xf, 0x3, 0x2) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000440)=0xa1e, 0x4) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000100)=0x21f0, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4) sendmmsg$inet6(r2, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0) 460.835112ms ago: executing program 4 (id=887): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) r3 = getpgid(0x0) r4 = syz_pidfd_open(r3, 0x0) r5 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0xac63094eb3328933, 0x0) r6 = pidfd_getfd(r4, r5, 0x0) readlinkat(r6, &(0x7f0000000100)='\x00', &(0x7f0000000140)=""/189, 0xbd) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) pipe(&(0x7f0000000040)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r8}, 0x18) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r9 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r9, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r9, 0x2) syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0200", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0xfffd}}}}}}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7, 0x0, 0x1}, 0x18) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001740)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010700000000000000a6670000000800c300000000000800c4"], 0x2c}}, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0x158) 460.496362ms ago: executing program 0 (id=888): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3c0000001000370400000000ffffffff00000000", @ANYRES32=r3, @ANYBLOB="0b120500000000001c0012800b00010069703667726500000c00028008000100", @ANYRES32=r3], 0x3c}}, 0x4000010) sendmmsg$inet(r0, &(0x7f00000008c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000001480)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d55906000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd8000000000000080231c61ccd106cb937b450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9ccd5788029901e5a79d8b9990ace8f74087f25ad50c4608800"/686], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000080)="05804ab382844306d758e620b9dc", 0x0, 0x12c4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 407.131383ms ago: executing program 3 (id=889): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x4, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffff9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r2, 0x400, 0x0) fcntl$setlease(r2, 0x400, 0x2) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x181b00, 0x0) semop(0x0, &(0x7f0000000240)=[{0x2, 0x7fff, 0x1000}], 0x1) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'}) 406.797013ms ago: executing program 3 (id=890): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000001, 0x8010, r1, 0x180000000) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) fsopen(&(0x7f0000000080)='tmpfs\x00', 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x800, 0xfffffffa) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, r3, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000340)={@random="6ea88d319b8c", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x43, 0x4e22, 0x8}}}}}, 0x0) 398.970023ms ago: executing program 5 (id=891): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x80) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000040)={r4, 0x1, 0x6, @local}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000000)={r4, 0x11, 0x6, @broadcast}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x20008050) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000080)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x2, 0x0, @void, @value, @void, @value}, 0x50) clock_nanosleep(0x2, 0x0, &(0x7f0000000280)={0x77359400}, 0xfffffffffffffffe) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x3, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x0) 356.228474ms ago: executing program 3 (id=892): r0 = socket$tipc(0x1e, 0x5, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18) bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10) 306.871555ms ago: executing program 4 (id=893): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r1}, 0x18) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000d40)=ANY=[@ANYBLOB="38010000100001000000000000000000ac1e0001000000000000000000000000fc01000000000000000000000000010000000000000000000000000062000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000004d532000000fe80000000000000000000000000000b0000000000000000810000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000372a000000000000000000000a000100000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) syz_mount_image$ext4(&(0x7f0000000740)='ext2\x00', &(0x7f0000000780)='./file0\x00', 0x1, &(0x7f0000000000)={[{@mb_optimize_scan}, {@block_validity}, {@i_version}]}, 0x1, 0x743, &(0x7f0000000f40)="$eJzs3c2LW1UbAPDnpjOdvu2rMwU3FcFAFxZKE5vWUkGkogspVoq6c9GmSTqUSZoyyZTOUNGKILgSKa79WLnzHxDd6M6l4NqVFIqUuhGEyM0kY9okncx00qj5/eAO59x7M+c+9+OcM3MONwFMrWz6IxNxICI+TiLmO+uTiJhtp2YiTq3vd/fO9VK6JNFqvflb0t4nzUfPZ1L71jO7u+sPZ/rLbayuLRWr1cpyJ59v1q7kG6trRy7ViouVxcrlwonnjxVOFp47WdixWP/44PULp79+5cub7//4yxvvnH46iVNxvrOtN46dko1s55zMpqfwHi/vdGETlkz6ANiW9NHctf6Ux4GYj13tFADwX/ZuRLQAgCmTaP8BYMp0/w/QHdsbxzjYP9ntlyJiz6D4Zzpjdnva46B77yb3jIwkEbGwA+VnI+La2x9+ky4xpnFIgEHeuxER5xey/fVf0jdnYaueHWGf7H159R88Ot+l/Z+Tg/o/mY3+Twzo/8wNeHa3Y/PnP3NrB4oZKu3/vTCw/7sxaW1hVyf3WLvPN5tcvFStpHXb4xFxKGbn0vzRB5Rx/JMXfxi2rbf/ly5p+d2+YOc4bs3M3fuZcrFZfJiYe92+EfHkzKD4k43rnwzp/54dsYzm9099MWzb5vGPV+vziGcGXv+/Z7QlPfMT56JvfmK+fT/ku3dFv9xH8/uHlT/p+NPrv/fB8S8kvfM1G1sv46dP/3x12Lbt3v+7k7fa6e4k02vFZnP5aMTu5LX+9T1TSLv57v5p/IcORty9MD+0/ht0/6d/E54fMf6lz766sP34xyuNv7yl67/1xMGfvx0cT6sz23jT63+8nTrUWTNK/TfqAT7MuQMAAAAAAAAAAAAAAAAAAAAAAACAUWUi4v+RZHIb6Uwml1t/+d8TsTdTrTeahy/WVy6X023t959mum+6nO95H+rRzvvwu/nCffljEbE/Im7O/a+dz5Xq1fKkgwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAjn2Dv/+/7de5SR8dADA2eyZ9AADAI6f9B4Dpo/0HgOmj/QeA6aP9B4Dpo/0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzM6eOZMurd/vXC+l+fLV1ZWl+tUj5UpjKVdbKeVK9eUrucV6fbFayZXqtc1+X7Vev1I4ESvX8s1Ko5lvrK6dq9VXLjfPXaoVFyvnKrOPJCoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JrG6tpSsVqtLEtISEhsJCZdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8O/wVAAD//0uIHN0=") bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', 0xffffffffffffffff, 0x0, 0x800002}, 0x18) syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000740)='./file0\x00', 0x800, &(0x7f00000006c0)=ANY=[], 0x5, 0x7fd, &(0x7f0000000840)="$eJzs3U1oHPfZAPBnZMmRlfc1Ie+LX2NsZ+LkBRscZSU7CiKFZLMayZOsdsXuKtiEkphaDsZyE+IGah/q+JLS0hJ66jHJoZf2VHppKbTQHtpTob32Fgj0kLS0t5aAyszs2pL14S/FNunvJ6z5eub/f+av9TwaSTMbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAkjZlabSKJZt5aPJlurjHTac9vsX3Q3q/XTLboNyIp/sXoaOytVu393+ub9xSfDsX+aml/jBaT0bj88J5Hnvuf4aHB/lsktN2GN1p58dLl86eXl5fevpUWRrY9p+3y3V+uWfzRWNziyM5lrbzbzufrc1mad9vp9NRU7ekTs910Nm9m3VPdXjafNjpZvdfupIcbR9KJ6eljaTZ+qr3YmpupN7N0uFr57FOTtdpU+tL4QlbvdNutp18a7zZO5M1m3pordyw2FzHPFi/El/Ne2svq82l69tzy0rG1Ke1al2QRNLFmzecrq5f2P/nIJ+98/I9zS5M3O9zJ2uTkxMTk5MRUEhG12vD1Fc9MP/NsrTZcu0Gsi7inL1oeQNt8Boc7N9Sv/9GMPFqxGCcj3fCjETPRiXbMx/UX8OrtfYP6//9P//UPW/X7/qr6X1X5of17r2/eF2X9P1gtHdys/ld973xok5y/qI/SV4pPF+NSXI7zcTqWYzmW4u0vpL9k+9oa2t7M5iKLVuTRjXbkMR/1ck3aX5PGdEzFVNTitTgRs9GNNGYjj2Zk0Y1T0Y1eZOUrqhGdyKIevWhHJ9I4HI04EmlMxHRMx7FII4vxOBXtWIxWzMVM1MtWzsa5ctyP3ZDXnm+9/os3/vjJB+VXaxA0sdUQvxtRBv19i6B1xVz957ZFxG+37wQOd2FlUP8BAACAL62k/Ol7cf0/EgfKudm8mb26JubVz27ca7j49O49TBMAAAC4C+Vv/vdHUs3EgUiK6//a2qCfjJSTh+5DfgAAAMDdS8p77IqL/7F4rJob3C5Vu9+5AQAAANuj/LX/wWIyFnGlXOH6HwAAAL5kXvlZf+bGZ+x/PHjG7tDCQ8mv/hadzkhy/MOTTyYX6kVc/cKOar/+5JVrLfZm9w3uJqjamhq+/HCxPNzI9ieDBwV/3r+ZoHq0wL7ha7uvzeOFXdXaJEmKBK4ubJpArElgd/8oriVQLsX34vEq5vEz1fTMYEt1tGOzeTMbb7Sbz01Evb57qJed7L3z9XPfjPLwv9Oa353E2XPLS+Nfe3P5TJnL1aKVqxf6x7vuOYpb5LIyuJ3iwPqnGxdNjZQ3YvT7Hav6ra0+/qGLu4uZoRvHYIs+34tD/1XGHBqrYsfWHv9o0efE+GZHP1Yd38S6Ix9e/8KqsjjVXyqyuHb7yHvxRDXzxOEnqskGWUxulUUxFpOrs6jGLIZuY/w3ySIeiYgPHr9y8sBoRHbsZlkcu8ssAO6Xs+VTf4oqVJ2eqyr0r5VKUf87nZGdsabuVDvc6lkuKXu5yTv5jBSn/luq7v9c2eKMfriKOVx9PzG8b4O6UtvgjP7Wubd+1z+jH//xDz/86sHf//SO6/roIGTXYObR3zw8FGUWu/pZXO5v6Ywk379WSaqq+lGx/qNN++02J5NiCHd848JbsefipctPnbtw+o2lN5Z2RsRU7Xit9kyS9L94K+V3DGoPABs4FAerQr7pe+xs8i485TcAZURyfKur6h2RPHrtTwqKmvhmLMeZOFrebRARj23c79iqP0M4Gof6yW581Tq26h1ejm50VXclrsUWdbKKndw4dsN2j60asf/7wRf59QCAe+HQTerwpvX/ekRy9CbX3Wtr+ZEq9sggg81reUQ8f29HAwD+M2Sdz5Kx3reTTidfeG1ienqi3juRpZ124+W0k8/MZWne6mWdGK635rJ0odPutRvtZjHzSj6TddPu4sJCu9NLZ9uddKHdzU+W7/ye9t/6vZvN11u9vNFdaGb1bpY22q1evdFLZ/JuI11YfLGZd09knXLn7kLWyGfzRr2Xt1tpt73YaWTjadrNslWB+UzW6uWzeTHbShc6+Xy9czUimovzWTqTdRudfKHXrhoc9JW3Ztud+bLZv+y+36MNAA+Gi5cunz+9vLz09p3N/PlWgjfvfXTkXh4rAFC5XqU//e8bt/nhOwAAAAAAAAAAAAAAPBju8v6/9TO7trfB0a1iVq5ErN+UrKys3EYXu+ImMTurkdoR2ztQ92Tm6ra0MxQbjfODM5Nsvun1558/v9nuL17Ze+LWurjp/5ThiOjf6vrupzt//n616YU7Opyh29/rTxFxB32tJFvE3OcTEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABs4N8BAAD//2uxZPA=") open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000100)=ANY=[@ANYBLOB="20000000020000001d"], 0x8840) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$inet_icmp(0x2, 0x2, 0x1) recvmmsg(r6, &(0x7f00000037c0)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x41, 0x0) r7 = syz_genetlink_get_family_id$gtp(&(0x7f00000001c0), 0xffffffffffffffff) r8 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000280)) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'syztnl2\x00', &(0x7f0000000680)={'ip_vti0\x00', 0x0, 0x8000, 0x1, 0x80, 0x40, {{0x12, 0x4, 0x1, 0x3, 0x48, 0x68, 0x0, 0x7c, 0x29, 0x0, @empty, @private=0xa010102, {[@timestamp_prespec={0x44, 0xc, 0xf4, 0x3, 0x1, [{@empty, 0x3}]}, @lsrr={0x83, 0x27, 0x9d, [@remote, @remote, @multicast1, @loopback, @broadcast, @private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102, @multicast2]}]}}}}}) sendmsg$GTP_CMD_NEWPDP(r5, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10004}, 0xc, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="100025bd7000ffdbdf2500000000080002000000000014000b000000000000000000000000000000000108000700", @ANYRES32=r8, @ANYBLOB="05000d000100000b00000000", @ANYRES32=r9, @ANYBLOB="0800020001000000"], 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x80) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NFC_CMD_GET_TARGET(r10, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, r11, 0x1, 0x70bd2a, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[], 0x250}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) r12 = socket(0x9, 0x800, 0xb) r13 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r13) getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r12, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl0\x00', r14, 0x0, 0x0, 0x0, 0x2900, 0x0, @dev, @dev}}) 306.278395ms ago: executing program 3 (id=894): socketpair$unix(0x1, 0x2, 0x0, 0x0) socket$inet(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x10000, 0x1}, 0x8002, 0x0, 0x1003, 0x2, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) r2 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r2, 0x89fd, &(0x7f0000000040)={'bond0\x00', 0xff}) r3 = gettid() rt_sigaction(0x16, &(0x7f0000000080)={&(0x7f0000000440)="c4a23d0643b9f0430fc079fff3460f1ec9f081035c000000f30faed446a900000000660f7ed238c461915492db8876efa1efa12eb22d233333f30fa7d0", 0x90000000, 0x0}, 0x0, 0x8, &(0x7f0000000200)) rt_sigsuspend(&(0x7f0000000000), 0x8) tkill(r3, 0x16) write$qrtrtun(r0, &(0x7f0000000540)="0b8393b6167aa5d73dad0a66a7c9277d481343d806b77c2ca991d28a336cca04457118d40ecc80b9e740666d460730b94c5c0f5ade0536ed26", 0x39) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x8, 0x9fd, 0x84, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffd, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r4}, 0x38) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280), 0xffffffffffffffff, 0x3, r4}, 0x38) write$UHID_INPUT(r0, &(0x7f0000001300)={0x8, {"af0014920c989bde943127351c7e048fe805d44569c987d51286ac5e80b0961cfe3629729c82e28c53b31e3ecbb8722bff9c0906027d5cb6fbd929cb4b5e657cc88a443809e6a720828c27b6519e7c18904d67528373733934aa5240afd60544d489e1ec3779ac45095c12c6c5f13c086306dfbbd31926b74150ff2c87db2be1d995e9b3a16fb7360de12618b05d94c291acfcdab84c919de60133f54a0a18d2517c1d0de417ae39fec1c9fa306573205051a9880da1f213b9a27c22b72d42d92b7b260b41bcc1868a0404936774ea5209f02929ec3eef4298818ddb708de6c0e1fda05436037d7d4042d2de3adebc8a62f58ec6ccb4160435c4393ba913250b56ec2fce544a01a5a3ce4363fd497fb256910f31e9416f5b719d64f931bd6d71b54787841b3e49e01fe6ac9598ddb5ef1aeb3d1cabb75845d46806a494b6cf89ec9c8203b92dd0dadc5a3c02545cd005b5f26b7d2b848cb684cb58245d591472d5109e7fbe1175656d729fdd689af57802b33d7d53d427aa57eb0af7a63d9f73be83cd9c12bd06463083b4cc853aad416e9faf484fa069d3b7599b6fc6d94152811403201b91da2547ff6721b0ea237c37464b47b3b4f37384e50ba5773a63356991a5abef659e089cc95e5c3b6d8428115efcf9e89e2743b167d7b9824392d868c159fd1264bea8b9b8b26769d15a27df3af350e2a6e9e37b35c153bf980e8ad15de3b0f3add5f98eb2cbc03eeb2b04e6fb032991d7a88b14c7d2cf2959fc4ed27c4c93c13f5760d0803f10afb91effb45967b4793c58e4bc2e4348c93b4e59f1544a01e89530f6056cda3f972050ae79d9297af71cce0d82c764db2422967f05c9847715c66321e8ab0075a361e8fd78a956074945e687ec1ad01f8dfeb7f3ae2c25daff35617a5d752ad5b019689f10c789d0196f73011f5a4e002aebb676ccb2d8b92ff6c1eb60de10ed0d42f2d19fe96786938eca0fd09a3f16f7b52ef806183282c05ff9fccf96abd096b442c73c494c78c4161ce0599bf6e637664f5dbefa129e69a0d53525d77f871716052385649c1249a402a4a9ecadfd7182a4aba3fc48d76890dfe8a5442ff1b833b95fdb7ae5f052e5c18e9b0ad482ed80c4567f0d0645e6525e3390195b3a4314ab063ffca639d2b181efe15d5bb09e967900fd55ad9db7f6ba99268e0d7e2785c5b14f801b16b6fe9966bb3fa88352bc2ca79aa9a77ec5f9c271dcc62b6124a4d5ed1014fa6eb98521d4be4ca4323311d39e44002e71469326056d98af69fd42eed1dfec48d191587b35e2641abe8c80a2553b92cb43feea49505b5b5ca35dfaf06c693730033ebcad45b6b8026d4722b5c7e13d69269808f438816f77a7b1ed2d31ab44968657e70a51e8d98e520e3628014a09e55f36ca5c4c630d687b20e5a7bdfd6d43613fd3738c8ec1464561586987388885b7a424c949a3110e5de795ffdcf1ef43fb8b5b0364cdb0e9a62c1c6922f0812571a8d5b57c06efe30d960f9a67d3dd7dd6ec13c799f9b89d90593ba794c5c582f8bd583af0a59043a1da36cee8e2cc173610960e33300ec48cf7281887ffe66e7ec113a29ed339556d84d638ae9554bb20f2a7695da8bcad10e5f155fe5d54eb511087f7abb4a8ae9e78e233b1e079a44c9cdf2529ed3166c24f80a2bda3b2dfdd2e1c2f650cc35fccf8cb17c03681c6f379f535eeaf46caa1dd95f0b72ea6cf301f2d713844b36c7e90e052528f04a668e1dc5ed11e95bbb86268c712af3f6c77d538c9d3dafeceaacc7ba6b20d9266d75c7470d627725700bfd36a9faf5488532a0871a00e18466f3499e3e3270513168d05f52472045b8558d3fb7880805b6fe3a56b3df9eaea72d147f94ee09e763fcf66d0c71b708fb842bbe619eeeaf483fa717864ab435ca03503285591364727a3615582c80d2023897f7bfdda9b00d095ec11f42482f3851a9232ed09ec6733d54020a9e3b98cb3a014f094e9d968672632a30f967a6d2f00c64fb0aefbeb64510edca5496c9f69379f71412f08fe6afeeb604040a42f00290bc04a40f66f0b84c9c6d7e4d1bc213ed49142215b259be08a0a305c68cbec769ce195ea62b7a2ce632da0a98b469284fd7802bb8c47943ac1c8a7a2b0ee36ed45cde2d13cc00ecc11ca9516d9e917fa28d703566b8d5743c5aba0da662f0446768c6d0df6773d1b0c46dac6a6213aa7b5095a8bd9f34048394a8baac9ec65d740ad8acb8eb683702eaf509c30b547bf355561ca00841efdccd413295a430344d17d2d5f4f435d0a33fafe1b4f6826e9d91436b379cc46039551997e54692487562f65a406b769f2856d37c87a73e2e3738c9afdfa5e0f088bbd2799c7c722c23a7cc37266af557beecb9cc8340bc76ba85a147530f3a9bd8cfe82358c0d799f0687540d463e0f010d1e914f043027284292bf31af75301e27689910393e41f877832797dd7c184249e7b2ec0a79b0decb9a3eead5b3c82ac60fe1485829bf75b8af597b5fd9e47460ebb6d809733eb790027094b019ef2bfb76d75876a5e1e312e80e841c5e074c78b35be6a4070c99372dbb13dc27966a8d448b8e3225b11af907985f3142d41da70a682166814fce9e535cca37058bbb3a02894f6ada82c266e763f431d7e1926da2fc86805b02d6af712c82e7a36e667bd3091661be9cc0cdbd3b3cc690594cf8bac39dd9dac1f883cfb0e500759b0e5dc36721b3ed452addc26d39733a2d76d852d897298009dea9546bae66e9aac7f35277e025d440ca93fdec4bbd58970a130fc79056af96f81b0461ef0e16d4fb12014313438a4bb95b2f9cac98e24a713ed14b539ceddf55e90b6c000044a24be6597e2c5a397a772d7c493ad53a05d6076b584ee7c1615ee7f9de627ac9d7d0d4a12b5a080a9c4977da436704bc9eb9f1d25ba91498e4b575550a69aab83e9157a910c4b2907ea97bcc171dcb7ff6fa982dee16d5c5aaaf93fcc225a6c67c96e54ead190f9c6f949b8025988a46d29c86cf18623882d5aa996a3ece81881ba63e0e7d62b585a179631c7e22f924be7aad5699af389c6651c92848153007d9929683648c8a3fb102a50d9a3e9c83e6cabeae5f97d7faad7a803f8c6dbd9237fa4bec7b33db2cc4db5cd7b3baf1c4f4ddc1f16ec6484cbd1adecab06617045b2d5bac8d1bf97a37ed2780a967a678095a6849cabd87256dbe46f52c960ba8ead52e666a131abfb019d2ac7dd2b055bf91168322b23821a522d241f27a2e7ef892d589a0e55b606167e53b0725a089cae5ef65f02f8a2f32dedb370bf2dc34dac5218be294e755915b399cece7e5c3fa887909961a3d626e4a43bab7edd193a9bc0a7a764640943a635fec7722ff8b3add819b26b78c4e54ff970c15d6b27971cd135d288f081a66e792a8ee5b2d89d5945a99f4216ac21fd9a61e305b4a908f4cbe38e5ccd5eab65f5962877a570524809dffa4ca0ed90d505601d7d244273f20cc47feca7259bd1362e334be459e25a59d4873fc8ede03744c88599a5e5f2a6fb0ca08d085e40c8bd71a0777f7715153e71f4a67f6bb73bbbcd766a9dd4287671dcf6b7daacc4f4b81b32ea0d0381fc32807fe9393249e596d3d5ae4bc5a1cb3e48d63478679eb381fbe8cafd2c6890ba29c1af695f2597c6b472a163b7584dde7327933b9d5e88e0d77e3a3d526a619966dde7f82c7ab7a67a59ded2c880ee0e2f736f054b7d99cc68df48c28d76ab12762c85d07a1f3215d3d4ef2ebd65b0f7eacf62ec12997ccdada731992513263a06e063c27eccfdb3c9d1199136c1a2c3d6b5ea6b2e96c9aa6be3bfbda408b2779ad4eba91809a495c1b872e40d49b0acf4b19b4677e6ea8d07b9a621816c4c5f0e5aa364d4803567da0b2b646604563b31aaa298130576690cbab52bf1ddad7c64a7a416ceb36d6b3202f377ed003e8d74cabd4a6a7be18c95716022cc30c45157d6743785746cf8b0e21ec3208336ab0a43ad9c058fffa3021f84ca8b037dea55254ab944493ca03d025a4b42df3e5b830b81471cddf81fd14aed18e45cfed27b1ef015827942f833a0eee4cc0fcd57f0180f83f32e17d27e4784e42eb1a256404aa6e12f9daabddb907230b20693f3bc74723be6808d95c6463ef7bb6bc4a756fdc805ef4077303e5cd504e6c1754ee8303ee92b94808782984f75c0df49436d3859c092133b0545dac0d8f84fc95a1f0f38e4ecbe3f935d33e86b97bb11ca6f502a602bc7e05b4e6514ddc8ae4d8231874b350b32f96ff6cfbe03f1bf5a0fda73c15eca00afe85c026f5e34e699910ab16502b224b8f383a9a863ca351a1e87c17baadb3f7141aa1295a2a6be4d88d1347da9c356ba9b3bfcc678b58add1b224a0c9b7c3cc4c828abc56acd320e8a8ad22da90a0cf6ae40a471c150581da040297aed0e4889c5963bd8c1415acecbd932f9acda87315e3b2dade276b8324dc7d95141cdd8c4fba82c834a95f9efeb2c74c31e7fd32f96a6a68d9e9942c0bdc55bedd1617e47420877b9f640094a37ceea39656468215ebe789a277f585adc1cc0285b53e33afae1616b0806aeed78b6cc4da54e3bdfa3d49ead4e4fa3623f86a4dfa3042ed403684c62a5d148a30c99c24c3cf9a8858e02800e49e0eed84472a559c9f208f6c3310050e4c5948320b5b4eeefe583bb0bcc0bc01356e76e3465f66a7d0c56ca7abc069db5bd7ad20ec01307f391b5bc890b5034271ee31d5bd374a9422a08ce949667512c8d0bb60eb5d4d22fa0e2a5d172edc7b7386abe63222ef8fc5c676828a1441c5ed19ed5827b0d73d568efc51f46f65ea4f205ac26924d6a7f11477fe23049e0de65bd534c81756556c1cd8bc70b3ce71e4e13d44500773e0767bc735c98f0e1d06dc79e43b946a2faaf698e188cf5909e433edbc546beffcbdea76064ff9d5d56273ca05af42c541b896bc7a942665599c9a8f52db36dbd6d42e8f9bb3446df5f44e3971eb408d0c63381b4aa5997441e01a5eff9fa51d82b7d60d8c3ead784e50b562db074b19e855e8290896b808611c40ed7e0691f758103208900d69cd4c86310318d339eeb473b4bea27be94622560cf35416eea7333bb72110afe202dfcc55c755ed32ea9b4851378b554546b52ebd71b90828733ac3040daf1e3d23bfcadd20bb9248731ab11155aebd259b7e693ebad5d43e6a85f14ea317f31eca905634f9e8d5b1ff73dc5dbd2bbeef6c2965932c885969e00e1939685b472c097b4504c9e6f273e1038045e5ac4010ac2322886a72e7d3433a143292f145465b6d1f9020aa4f8405bda4310059b82ad8fd41e698a7824456e11f44e577dc5d5a0eb93b98421a2867c3d40627f9061c1d5689205915c7a91da42348ad3bd12038d84175bddaee423b73c93aebf873c850ef44d66324a80ad0cf268998d71fac6988cb0b1879ebcb6c4c3bce2c45daf73db246bc55fb8221341ef760f5f5264113a437e03cbcf03bb276cdc4100138afc6a1eeb9d90e7f43ce8abbd8be6b9c5b54920f76f07d1557167292feb4c970da3f582d40c0661af8f043e01db8016e2600f655175fa7d705bda3a14d1733ccf6603b7f8709b71f2046211468460791330234fa21f417e6a68cdb1d4496808923a87d02f0ebfb09e102a7c9f7c870c082d6993d10e0de2dbe119ac811848661ab30ab8d7a528acf262bf7d21c2f235e5638be58171b61bed99ac3fef801562aabcf3feff77fe9498d09de3e9c3cf18914392433030595aa31d9c79abc29350a2a2a1d0c2f31124600", 0x1000}}, 0x1006) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$IPVS_CMD_SET_CONFIG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002abd70000000000011"], 0x24}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000003c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="e8051b96dc92ad6c0df89773a8ea5d0cba5a243009ec47c083a4ffc2f2d62cf99851563a2c1907e49295b2cf7adc291252d52626b733c9379fd9b2e317ca6eb7492b6e03e2271259095d320e8a3acab460db7ec816b508959720954e38328d71245775786b7a696173f03ba7d12e65d6443f277a13e5eb1c6060ef4c821a68eab86ffd99db3ebeb505f02f937f32f330f2b166606d90f356f29ca899303ffc8ab80a5f15a0c20c046576a36dfcc9ce1a796b9aa6639951b19974f7492eee5345ec88e211e8284e958434cb37327b5010", @ANYRES16=r7, @ANYBLOB="02002bbd7000ffdbdf25090000000800050000000000080004001000000034000180060004004e2000000c000700000000001800000014000300000000000000000000000000000000000800050003000000"], 0x58}, 0x1, 0x0, 0x0, 0x4004004}, 0x4004000) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r5, 0x84, 0x16, &(0x7f0000000300)={0x1, [0xfff]}, &(0x7f00000004c0)=0x6) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8, 0x0, 0x6}, 0x18) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$netlink(0x10, 0x3, 0x0) 305.759005ms ago: executing program 0 (id=895): r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x72, 0x101301) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r2 = socket$tipc(0x1e, 0x5, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10) r6 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r7 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r7, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) io_submit(0x0, 0x1, &(0x7f0000000180)=[0x0]) write$selinux_load(r6, &(0x7f0000000000)=ANY=[], 0x2000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r3}, 0x18) ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, &(0x7f0000000740)) request_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000140)='\\\\@[*#)\x00', 0xfffffffffffffffe) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r9}, 0x10) r10 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000780)={'team0\x00', 0x0}) sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=@newlink={0x124, 0x10, 0x44b, 0x70bd28, 0x0, {0x7a, 0x0, 0x0, r11, 0x80, 0x54880}, [@IFLA_AF_SPEC={0xf8, 0x1a, 0x0, 0x1, [@AF_INET6={0x4c, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @remote}, @IFLA_INET6_TOKEN={0x14, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}}, @IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x9}, @IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x81}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8, 0x10, 0x0, 0x0, 0x6}, {0x8, 0x19, 0x0, 0x0, 0xfff}, {0x8, 0xb}, {0x8, 0x19, 0x0, 0x0, 0x1}]}}, @AF_MPLS={0x4}, @AF_INET6={0x64, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}, @IFLA_INET6_TOKEN={0x14, 0x7, @dev={0xfe, 0x80, '\x00', 0x23}}, @IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x9}, @IFLA_INET6_TOKEN={0x14, 0x7, @private2}, @IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x4}]}, @AF_BRIDGE={0x4}, @AF_INET={0x10, 0x2, 0x0, 0x1, {0xc, 0x1, 0x0, 0x1, [{0x8, 0x5, 0x0, 0x0, 0x400}]}}, @AF_MPLS={0x4}]}, @IFLA_ADDRESS={0xa, 0x1, @link_local}]}, 0x124}}, 0x4000000) r12 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000508000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0000001e0a05010000000000000000070000070900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002"], 0xc0}}, 0x0) r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b5181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f0000000180)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000300)="b09fe82151d820d83c8715fd7713286dd06c7a4ff49cab99658d5c2ebb572b2605b90ade00e844aa3886", 0x2a}, {&(0x7f0000000340)="171a80254b54ccf1145b7aa177584288058fc4f2f9e8caadb2d0b5d0e76e744ab2459581b2716b72040cad86f2c54c2b0dd0ad749dbad160c20e60aa7700e32415b062defa6007175ff8c485d252aa389126ab9e11a950f762a23f270fd4a0b211148500497d", 0x66}, {&(0x7f00000003c0)="d2d3a9ec325e201a48a85eb2", 0xc}, {&(0x7f0000000400)="a532fa398bfaad7f5f4520d09f03db10cadf106b58f702af968cbbbd2fed91", 0x1f}, {&(0x7f00000004c0)="757aeb528d4ac128e9b31954afd2768e170826300a301a158abc56a5a7340edfc010d9a8333db7d64870fad8c13051ae7c70bc27931efebf614677a633e44acf0cbb471b25b2d76c128f96cb7b111eb086231dfccf6626d07e36b321febbce7eca9864a33c", 0x65}], 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="28d34dbf7f18f41aa6000000000000000000000007000000440c4751ac1e01ebd0f33c024e01800020000707ffe00000"], 0x28}, 0x4000000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r13}, 0x10) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200)) 190.947366ms ago: executing program 4 (id=896): r0 = creat(&(0x7f0000000240)='./bus\x00', 0xc2) bpf$MAP_CREATE(0x0, 0x0, 0x50) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x38, 0x2, 0x3, 0x201, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x5}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x28}}, @NFQA_CFG_CMD={0x8, 0x1, {0x3, 0x0, 0x1}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x9, 0x3}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4028000}, 0x40c0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x5}, 0x18) bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r1, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001d40)=""/71, 0x47}, 0x3}], 0x1, 0x40002020, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48) pipe(&(0x7f0000000080)) socket$packet(0x11, 0x3, 0x300) epoll_create1(0x0) syz_usbip_server_init(0x4) syz_usbip_server_init(0x4) syz_usbip_server_init(0x0) syz_usbip_server_init(0x4) syz_usbip_server_init(0x2) syz_usbip_server_init(0x2) syz_usbip_server_init(0x0) syz_usbip_server_init(0x0) syz_usbip_server_init(0x0) syz_io_uring_setup(0x3186, &(0x7f00000002c0)={0x0, 0x5eda, 0x8000, 0x2}, &(0x7f0000000040), &(0x7f0000000140)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpu.stat\x00', 0x275a, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)) r4 = socket$kcm(0x10, 0x2, 0x0) recvmsg(r4, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x90, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x18) write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33) 190.449366ms ago: executing program 3 (id=897): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 190.005737ms ago: executing program 3 (id=898): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000008531f20300000000000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0xfffffffffffffffc}, 0x18) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) io_uring_setup(0xaae, 0x0) read$rfkill(r7, &(0x7f0000000040), 0x8) mprotect(&(0x7f0000fef000/0xe000)=nil, 0xe000, 0x4) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r5, r4, 0x25, 0x8, @val=@netfilter={0x2, 0x1, 0x2ff, 0x1}}, 0x20) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r8, 0xffffffffffffffff, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r6, &(0x7f0000001240)=""/102389, 0x18ff5, 0x0) r10 = socket(0x8, 0x6, 0x6) sendmsg$TIPC_CMD_GET_MAX_PORTS(r10, &(0x7f0000000bc0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x1c, 0x0, 0x800, 0x70bd28, 0x25dfdbfc, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x2400c095) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000700)={r1, 0x20, &(0x7f0000000680)={&(0x7f0000000580)=""/128, 0x80, 0x0, &(0x7f0000000600)=""/100, 0x64}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x14, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000200000000000000fcffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000ff5f030006000000d95af0ffffffffff18110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70200000000000085000000861000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @lirc_mode2=0x10, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x6, 0x4, 0x3}, 0x10, r11, r1, 0x1, &(0x7f0000000a80), &(0x7f0000000140)=[{0x3, 0x5, 0x9, 0x2}], 0x10, 0x8, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000003e7b008500000083000000bf0900cfc85dbf000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000000b70000000000000095000000c31887cdda92775f26bc414983a37bb1dd85f3b68ada1923b27df609a24edd6ea139f8c7cd872dff78fcb252cb826c48e9d2e88a2ec97f2cc2c1178260fdac252e5a593696c2d7352e74c6b26c378409cd52c2223eed36b08114bbdffa7c0351c53a9d6450b818c04c1f60916095acacff5811485d0cf7f3a64dd60d689afddd36824af42877de069cecaedb3137ccf1ad269282affdb3c8eee41f5e2f0c7c79c18848c6e36d485de2312d1debee4735bf9f990ef34efcf77b6b106ce1c5a8ac553ac8c80e74dc8993bd5e616d50c5acb9520cee9f56315855cb"], &(0x7f0000000080)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x25, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000009000000000000000100000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000df368000ffffffffb7080000000000007b8af8ff00000000b7080000010000807b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000085000000760000008500000065000000d929ffffffffffff18240000", @ANYRES32=r2, @ANYBLOB="0000000006000000180000000010000000000000060000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095000000000000004a00c7dce88709abab5897704dd54eb35908fd2838e923a1cb8e1c41bc92f77d2d95ac36875d2c00895c7c6c81322cf14c0543248eb411cbd985023e5c0772b7fcc8be98b3f4d12fcc83e4a0689fbf6fd17daf98e27860550ba69f61bce9ff811838b2767edea9e82af9597e7fed5726386314a6efd8499a3addf959c90eb63e67a7b00bfb868a96bd3786"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r12}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r13 = socket(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) socket$nl_generic(0x10, 0x3, 0x10) 0s ago: executing program 1 (id=899): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x13) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161142, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)=0x7ffd) write$ppp(r1, &(0x7f0000000480)='3I', 0x2) kernel console output (not intermixed with test programs): 03772.028:1970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 64.718330][ T29] audit: type=1326 audit(1746603772.028:1971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 64.741597][ T29] audit: type=1326 audit(1746603772.028:1972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 64.765047][ T29] audit: type=1326 audit(1746603772.028:1973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 64.788483][ T29] audit: type=1326 audit(1746603772.028:1974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 64.811820][ T29] audit: type=1326 audit(1746603772.028:1975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4648 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 64.873109][ T4659] loop3: detected capacity change from 0 to 1024 [ 64.889881][ T4654] loop4: detected capacity change from 0 to 1024 [ 64.905704][ T4659] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 64.916667][ T4659] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 64.930162][ T4654] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 64.934538][ T4659] JBD2: no valid journal superblock found [ 64.941121][ T4654] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 64.946853][ T4659] EXT4-fs (loop3): Could not load journal inode [ 64.969192][ T4662] netlink: 'syz.0.383': attribute type 2 has an invalid length. [ 64.973932][ T4659] cgroup: No subsys list or none specified [ 64.983236][ T4654] JBD2: no valid journal superblock found [ 64.989075][ T4654] EXT4-fs (loop4): Could not load journal inode [ 65.019251][ T4665] netlink: 96 bytes leftover after parsing attributes in process `syz.3.384'. [ 65.038456][ T4668] loop0: detected capacity change from 0 to 164 [ 65.046459][ T4668] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 65.067199][ T4655] netlink: 'syz.4.380': attribute type 13 has an invalid length. [ 65.155661][ T4656] netlink: 28 bytes leftover after parsing attributes in process `syz.4.380'. [ 65.235401][ T4655] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.242719][ T4655] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.341113][ T4655] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 65.355893][ T4655] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 65.429052][ T4655] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.438061][ T4655] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.446999][ T4655] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.455994][ T4655] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.529623][ T4688] ip6gre1: entered allmulticast mode [ 65.617852][ T4698] loop0: detected capacity change from 0 to 1024 [ 65.624896][ T4698] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 65.635987][ T4698] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 65.679712][ T4702] FAULT_INJECTION: forcing a failure. [ 65.679712][ T4702] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 65.692925][ T4702] CPU: 1 UID: 0 PID: 4702 Comm: syz.5.397 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 65.692960][ T4702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 65.692974][ T4702] Call Trace: [ 65.692981][ T4702] [ 65.692990][ T4702] __dump_stack+0x1d/0x30 [ 65.693016][ T4702] dump_stack_lvl+0xe8/0x140 [ 65.693067][ T4702] dump_stack+0x15/0x1b [ 65.693087][ T4702] should_fail_ex+0x265/0x280 [ 65.693123][ T4702] should_fail+0xb/0x20 [ 65.693154][ T4702] should_fail_usercopy+0x1a/0x20 [ 65.693177][ T4702] _copy_from_user+0x1c/0xb0 [ 65.693251][ T4702] uhid_char_write+0xef/0x650 [ 65.693297][ T4702] ? __pfx_uhid_char_write+0x10/0x10 [ 65.693327][ T4702] vfs_write+0x266/0x8d0 [ 65.693355][ T4702] ? bpf_get_current_ancestor_cgroup_id+0xd5/0xf0 [ 65.693415][ T4702] ? __rcu_read_unlock+0x4f/0x70 [ 65.693435][ T4702] ? __fget_files+0x184/0x1c0 [ 65.693470][ T4702] ksys_write+0xda/0x1a0 [ 65.693494][ T4702] __x64_sys_write+0x40/0x50 [ 65.693530][ T4702] x64_sys_call+0x2cdd/0x2fb0 [ 65.693556][ T4702] do_syscall_64+0xd0/0x1a0 [ 65.693584][ T4702] ? clear_bhb_loop+0x25/0x80 [ 65.693610][ T4702] ? clear_bhb_loop+0x25/0x80 [ 65.693693][ T4702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.693822][ T4702] RIP: 0033:0x7fb57fb5e969 [ 65.693836][ T4702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.693857][ T4702] RSP: 002b:00007fb57e1c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 65.693879][ T4702] RAX: ffffffffffffffda RBX: 00007fb57fd85fa0 RCX: 00007fb57fb5e969 [ 65.693923][ T4702] RDX: 0000000000000004 RSI: 0000200000000080 RDI: 0000000000000005 [ 65.693934][ T4702] RBP: 00007fb57e1c7090 R08: 0000000000000000 R09: 0000000000000000 [ 65.693945][ T4702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.693955][ T4702] R13: 0000000000000000 R14: 00007fb57fd85fa0 R15: 00007ffd397c0528 [ 65.693973][ T4702] [ 65.706509][ T4698] JBD2: no valid journal superblock found [ 65.713583][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.720294][ T4698] EXT4-fs (loop0): Could not load journal inode [ 65.723474][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.723502][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.723597][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.939637][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.947118][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.954549][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.962064][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.969576][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.976989][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.984504][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.991956][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 65.999440][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.007034][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.015676][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.019774][ T4698] cgroup: No subsys list or none specified [ 66.023113][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.023136][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.044083][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.051541][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.058980][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.066386][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.073823][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.081266][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.088704][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.096137][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.103615][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.111048][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.118521][ T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 66.126658][ T23] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz0] on syz0 [ 66.195438][ T4718] loop0: detected capacity change from 0 to 764 [ 66.238681][ T4724] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4724 comm=syz.1.407 [ 66.239588][ T4718] rock: directory entry would overflow storage [ 66.257602][ T4718] rock: sig=0x4654, size=5, remaining=4 [ 66.258067][ T4717] loop5: detected capacity change from 0 to 527 [ 66.307307][ T4730] 9pnet_fd: Insufficient options for proto=fd [ 66.309104][ T4717] EXT4-fs (loop5): failed to parse options in superblock:  [ 66.326391][ T4717] EXT4-fs (loop5): Unsupported encryption level 4 [ 66.381106][ T4736] loop1: detected capacity change from 0 to 512 [ 66.396977][ T4736] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 66.406254][ T4736] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 66.425168][ T4736] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 66.428221][ T4739] loop5: detected capacity change from 0 to 512 [ 66.441089][ T4736] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 66.459979][ T4739] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 66.469132][ T4739] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 66.477453][ T4736] System zones: 0-2, 18-18, 34-35 [ 66.488822][ T4736] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.515830][ T4739] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 66.536948][ T4739] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 66.545367][ T4739] System zones: 0-2, 18-18, 34-35 [ 66.551267][ T4739] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.573616][ T4746] loop3: detected capacity change from 0 to 128 [ 66.581172][ T4746] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 66.606514][ T4746] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 66.619744][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.651098][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.767278][ T4765] FAULT_INJECTION: forcing a failure. [ 66.767278][ T4765] name failslab, interval 1, probability 0, space 0, times 0 [ 66.780032][ T4765] CPU: 0 UID: 0 PID: 4765 Comm: syz.5.423 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 66.780068][ T4765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 66.780153][ T4765] Call Trace: [ 66.780161][ T4765] [ 66.780170][ T4765] __dump_stack+0x1d/0x30 [ 66.780196][ T4765] dump_stack_lvl+0xe8/0x140 [ 66.780220][ T4765] dump_stack+0x15/0x1b [ 66.780241][ T4765] should_fail_ex+0x265/0x280 [ 66.780365][ T4765] should_failslab+0x8c/0xb0 [ 66.780394][ T4765] kmem_cache_alloc_node_noprof+0x57/0x320 [ 66.780429][ T4765] ? __alloc_skb+0x101/0x320 [ 66.780484][ T4765] __alloc_skb+0x101/0x320 [ 66.780521][ T4765] alloc_skb_with_frags+0x7d/0x470 [ 66.780560][ T4765] ? _raw_write_unlock_bh+0x1f/0x30 [ 66.780619][ T4765] ? ___neigh_create+0x10ad/0x1290 [ 66.780644][ T4765] sock_alloc_send_pskb+0x43a/0x4f0 [ 66.780672][ T4765] ? neigh_connected_output+0x253/0x2c0 [ 66.780697][ T4765] __ip6_append_data+0x18b2/0x23b0 [ 66.780756][ T4765] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 66.780785][ T4765] ? __rcu_read_unlock+0x4f/0x70 [ 66.780808][ T4765] ? __pfx_ip6_mtu+0x10/0x10 [ 66.780844][ T4765] ? ip6_mtu+0xf5/0x120 [ 66.780899][ T4765] ip6_make_skb+0x1da/0x4a0 [ 66.780928][ T4765] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 66.780958][ T4765] udpv6_sendmsg+0x135e/0x1570 [ 66.781053][ T4765] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 66.781092][ T4765] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 66.781208][ T4765] inet6_sendmsg+0xac/0xd0 [ 66.781247][ T4765] __sock_sendmsg+0x8b/0x180 [ 66.781290][ T4765] ____sys_sendmsg+0x345/0x4e0 [ 66.781318][ T4765] ___sys_sendmsg+0x17b/0x1d0 [ 66.781409][ T4765] __sys_sendmmsg+0x178/0x300 [ 66.781459][ T4765] __x64_sys_sendmmsg+0x57/0x70 [ 66.781518][ T4765] x64_sys_call+0x2f2f/0x2fb0 [ 66.781550][ T4765] do_syscall_64+0xd0/0x1a0 [ 66.781571][ T4765] ? clear_bhb_loop+0x25/0x80 [ 66.781592][ T4765] ? clear_bhb_loop+0x25/0x80 [ 66.781612][ T4765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.781710][ T4765] RIP: 0033:0x7fb57fb5e969 [ 66.781727][ T4765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.781776][ T4765] RSP: 002b:00007fb57e1c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 66.781797][ T4765] RAX: ffffffffffffffda RBX: 00007fb57fd85fa0 RCX: 00007fb57fb5e969 [ 66.781863][ T4765] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000003 [ 66.781936][ T4765] RBP: 00007fb57e1c7090 R08: 0000000000000000 R09: 0000000000000000 [ 66.781950][ T4765] R10: 0000000004001c00 R11: 0000000000000246 R12: 0000000000000001 [ 66.781961][ T4765] R13: 0000000000000000 R14: 00007fb57fd85fa0 R15: 00007ffd397c0528 [ 66.782014][ T4765] [ 67.068503][ T4771] tipc: Started in network mode [ 67.073412][ T4771] tipc: Node identity , cluster identity 4711 [ 67.079701][ T4771] tipc: Failed to obtain node identity [ 67.085173][ T4771] tipc: Enabling of bearer rejected, failed to enable media [ 67.098357][ T4771] netlink: 4 bytes leftover after parsing attributes in process `syz.3.424'. [ 67.104334][ T4771] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 67.104364][ T4771] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 67.104887][ T4771] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 67.104919][ T4771] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 67.239271][ T4781] loop3: detected capacity change from 0 to 128 [ 67.239680][ T4781] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 67.251641][ T4781] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 67.490778][ T4789] netlink: 4 bytes leftover after parsing attributes in process `syz.5.430'. [ 67.499739][ T4789] netlink: 4 bytes leftover after parsing attributes in process `syz.5.430'. [ 67.573123][ T4791] SELinux: Context system_u:object_r:hald_sonypic_exec_t:s0 is not valid (left unmapped). [ 67.630091][ T4789] netlink: 4 bytes leftover after parsing attributes in process `syz.5.430'. [ 67.646617][ T4789] netlink: 4 bytes leftover after parsing attributes in process `syz.5.430'. [ 67.685588][ T3990] IPVS: starting estimator thread 0... [ 67.787751][ T4799] IPVS: using max 2448 ests per chain, 122400 per kthread [ 67.886104][ T4808] loop0: detected capacity change from 0 to 512 [ 67.901229][ T4808] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 67.910392][ T4808] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 67.955672][ T4808] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 67.969052][ T4811] loop5: detected capacity change from 0 to 512 [ 67.976038][ T4811] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 67.985255][ T4811] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 67.997141][ T4808] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 68.005269][ T4808] System zones: 0-2, 18-18, 34-35 [ 68.012191][ T4808] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.048674][ T4811] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 68.067754][ T4811] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 68.107176][ T4811] System zones: 0-2, 18-18, 34-35 [ 68.123171][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.154105][ T4811] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.180167][ T4817] 0ªX¹¦À: renamed from caif0 [ 68.192955][ T4817] 0ªX¹¦À: entered allmulticast mode [ 68.198233][ T4817] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 68.336244][ T4825] loop1: detected capacity change from 0 to 1024 [ 68.345905][ T4825] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 68.357073][ T4825] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 68.371891][ T4822] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 68.382608][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.382861][ T4822] SELinux: failed to load policy [ 68.391644][ T4825] JBD2: no valid journal superblock found [ 68.402418][ T4825] EXT4-fs (loop1): Could not load journal inode [ 68.417864][ T4825] cgroup: No subsys list or none specified [ 68.527037][ T4843] FAULT_INJECTION: forcing a failure. [ 68.527037][ T4843] name failslab, interval 1, probability 0, space 0, times 0 [ 68.539865][ T4843] CPU: 0 UID: 0 PID: 4843 Comm: syz.5.451 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 68.539971][ T4843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 68.539985][ T4843] Call Trace: [ 68.539992][ T4843] [ 68.540001][ T4843] __dump_stack+0x1d/0x30 [ 68.540027][ T4843] dump_stack_lvl+0xe8/0x140 [ 68.540066][ T4843] dump_stack+0x15/0x1b [ 68.540086][ T4843] should_fail_ex+0x265/0x280 [ 68.540126][ T4843] should_failslab+0x8c/0xb0 [ 68.540213][ T4843] kmem_cache_alloc_noprof+0x50/0x310 [ 68.540254][ T4843] ? ioctx_alloc+0xf5/0x4e0 [ 68.540283][ T4843] ? __fget_files+0x184/0x1c0 [ 68.540358][ T4843] ioctx_alloc+0xf5/0x4e0 [ 68.540390][ T4843] __se_sys_io_setup+0x6b/0x1b0 [ 68.540419][ T4843] __x64_sys_io_setup+0x31/0x40 [ 68.540446][ T4843] x64_sys_call+0x2f0e/0x2fb0 [ 68.540468][ T4843] do_syscall_64+0xd0/0x1a0 [ 68.540513][ T4843] ? clear_bhb_loop+0x25/0x80 [ 68.540534][ T4843] ? clear_bhb_loop+0x25/0x80 [ 68.540561][ T4843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.540584][ T4843] RIP: 0033:0x7fb57fb5e969 [ 68.540598][ T4843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.540614][ T4843] RSP: 002b:00007fb57e1c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 68.540642][ T4843] RAX: ffffffffffffffda RBX: 00007fb57fd85fa0 RCX: 00007fb57fb5e969 [ 68.540705][ T4843] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000002004 [ 68.540720][ T4843] RBP: 00007fb57e1c7090 R08: 0000000000000000 R09: 0000000000000000 [ 68.540731][ T4843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.540742][ T4843] R13: 0000000000000000 R14: 00007fb57fd85fa0 R15: 00007ffd397c0528 [ 68.540760][ T4843] [ 68.868645][ T4859] program syz.1.456 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 68.945548][ T4863] sd 0:0:1:0: device reset [ 68.991154][ T4865] loop1: detected capacity change from 0 to 512 [ 69.090452][ T4865] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 69.106572][ T4865] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.264403][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 69.516088][ T4886] __nla_validate_parse: 8 callbacks suppressed [ 69.516109][ T4886] netlink: 64 bytes leftover after parsing attributes in process `syz.1.466'. [ 69.534398][ T4885] loop5: detected capacity change from 0 to 512 [ 69.547957][ T4885] ext3: Unknown parameter 'euid<00000000000000000000' [ 69.567520][ T29] kauditd_printk_skb: 281 callbacks suppressed [ 69.567537][ T29] audit: type=1400 audit(1746603776.978:2257): avc: denied { getopt } for pid=4877 comm="syz.5.460" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 69.600527][ T4885] loop5: detected capacity change from 0 to 764 [ 69.606935][ T29] audit: type=1326 audit(1746603776.998:2258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 69.630038][ T29] audit: type=1326 audit(1746603776.998:2259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 69.653036][ T29] audit: type=1326 audit(1746603776.998:2260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 69.664645][ T4888] loop0: detected capacity change from 0 to 512 [ 69.676120][ T29] audit: type=1326 audit(1746603776.998:2261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 69.705241][ T29] audit: type=1326 audit(1746603776.998:2262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 69.728385][ T29] audit: type=1326 audit(1746603776.998:2263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 69.731349][ T4888] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 69.751374][ T29] audit: type=1326 audit(1746603776.998:2264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 69.760597][ T4888] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 69.783343][ T29] audit: type=1326 audit(1746603776.998:2265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 69.814428][ T29] audit: type=1326 audit(1746603776.998:2266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 69.817240][ T4888] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 69.847218][ T4888] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 69.856278][ T4888] System zones: 0-2, 18-18, 34-35 [ 69.871146][ T4888] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.965839][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.065664][ T4921] loop3: detected capacity change from 0 to 1024 [ 70.073012][ T4922] loop1: detected capacity change from 0 to 512 [ 70.091248][ T4922] EXT4-fs: journaled quota format not specified [ 70.099206][ T4921] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.473: Failed to acquire dquot type 0 [ 70.112018][ T4921] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 70.128526][ T4921] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.473: corrupted inode contents [ 70.140685][ T4921] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #13: comm syz.3.473: mark_inode_dirty error [ 70.152507][ T4921] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.473: corrupted inode contents [ 70.165185][ T4921] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #13: comm syz.3.473: mark_inode_dirty error [ 70.177245][ T4921] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.473: corrupted inode contents [ 70.229913][ T4922] loop1: detected capacity change from 0 to 764 [ 70.246065][ T4921] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 70.290910][ T4921] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.473: corrupted inode contents [ 70.306424][ T4922] netlink: 4 bytes leftover after parsing attributes in process `syz.1.474'. [ 70.352693][ T4921] EXT4-fs error (device loop3): ext4_truncate:4255: inode #13: comm syz.3.473: mark_inode_dirty error [ 70.365098][ T4921] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 70.365649][ T4944] netlink: 24 bytes leftover after parsing attributes in process `syz.4.478'. [ 70.376456][ T4921] EXT4-fs (loop3): 1 truncate cleaned up [ 70.398182][ T4921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.422377][ T4921] ext4: Unknown parameter 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' [ 70.446861][ T4956] loop0: detected capacity change from 0 to 512 [ 70.454159][ T4956] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 70.468134][ T4956] EXT4-fs (loop0): orphan cleanup on readonly fs [ 70.475339][ T4956] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.477: bg 0: block 248: padding at end of block bitmap is not set [ 70.497770][ T4956] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.477: Failed to acquire dquot type 1 [ 70.514049][ T4962] netdevsim netdevsim5 netdevsim0: entered promiscuous mode [ 70.518443][ T4956] EXT4-fs (loop0): 1 truncate cleaned up [ 70.521463][ T4962] netdevsim netdevsim5 netdevsim0: entered allmulticast mode [ 70.535864][ T4956] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 70.640153][ T4978] loop5: detected capacity change from 0 to 512 [ 70.735213][ T4978] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 70.744421][ T4978] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 70.797770][ T4978] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 70.813893][ T4978] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 70.822201][ T4978] System zones: 0-2, 18-18, 34-35 [ 70.828069][ T4978] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.031612][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.168029][ T4956] syz.0.477 (4956) used greatest stack depth: 9632 bytes left [ 71.176638][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.212434][ T5023] loop5: detected capacity change from 0 to 1024 [ 71.313574][ T5023] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.357419][ T5023] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.380634][ T5023] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 71.398494][ T5023] EXT4-fs (loop5): Remounting filesystem read-only [ 71.418393][ T5038] loop4: detected capacity change from 0 to 512 [ 71.454625][ T5047] loop0: detected capacity change from 0 to 512 [ 71.457655][ T5038] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 71.463233][ T5044] FAULT_INJECTION: forcing a failure. [ 71.463233][ T5044] name failslab, interval 1, probability 0, space 0, times 0 [ 71.482411][ T5044] CPU: 0 UID: 0 PID: 5044 Comm: syz.1.492 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 71.482444][ T5044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 71.482527][ T5044] Call Trace: [ 71.482533][ T5044] [ 71.482610][ T5044] __dump_stack+0x1d/0x30 [ 71.482636][ T5044] dump_stack_lvl+0xe8/0x140 [ 71.482660][ T5044] dump_stack+0x15/0x1b [ 71.482681][ T5044] should_fail_ex+0x265/0x280 [ 71.482730][ T5044] should_failslab+0x8c/0xb0 [ 71.482765][ T5044] __kmalloc_noprof+0xa5/0x3e0 [ 71.482788][ T5044] ? hashtab_init+0x9b/0xe0 [ 71.482820][ T5044] hashtab_init+0x9b/0xe0 [ 71.482860][ T5044] symtab_init+0x2c/0x40 [ 71.482945][ T5044] policydb_read+0x516/0x1330 [ 71.482982][ T5044] security_load_policy+0xba/0x890 [ 71.483104][ T5044] ? rep_movs_alternative+0x4a/0x90 [ 71.483141][ T5044] sel_write_load+0x1d4/0x380 [ 71.483245][ T5044] ? __pfx_sel_write_load+0x10/0x10 [ 71.483275][ T5044] vfs_write+0x266/0x8d0 [ 71.483303][ T5044] ? __rcu_read_unlock+0x4f/0x70 [ 71.483327][ T5044] ? __fget_files+0x184/0x1c0 [ 71.483397][ T5044] ksys_write+0xda/0x1a0 [ 71.483426][ T5044] __x64_sys_write+0x40/0x50 [ 71.483449][ T5044] x64_sys_call+0x2cdd/0x2fb0 [ 71.483490][ T5044] do_syscall_64+0xd0/0x1a0 [ 71.483516][ T5044] ? clear_bhb_loop+0x25/0x80 [ 71.483544][ T5044] ? clear_bhb_loop+0x25/0x80 [ 71.483570][ T5044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.483597][ T5044] RIP: 0033:0x7f6761b7e969 [ 71.483615][ T5044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.483636][ T5044] RSP: 002b:00007f67601e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 71.483658][ T5044] RAX: ffffffffffffffda RBX: 00007f6761da5fa0 RCX: 00007f6761b7e969 [ 71.483674][ T5044] RDX: 0000000000003000 RSI: 0000200000000000 RDI: 0000000000000003 [ 71.483737][ T5044] RBP: 00007f67601e7090 R08: 0000000000000000 R09: 0000000000000000 [ 71.483748][ T5044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 71.483758][ T5044] R13: 0000000000000000 R14: 00007f6761da5fa0 R15: 00007ffd7258e8e8 [ 71.483779][ T5044] [ 71.483790][ T5044] SELinux: failed to load policy [ 71.518045][ T5047] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 71.649479][ T5055] loop1: detected capacity change from 0 to 512 [ 71.653836][ T5047] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 71.690842][ T5055] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 71.738278][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.743064][ T5055] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 71.763916][ T5047] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 71.779313][ T5047] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 71.787511][ T5047] System zones: 0-2, 18-18, 34-35 [ 71.794207][ T5047] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.801844][ T5055] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 71.828824][ T5055] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 71.839046][ T5055] System zones: 0-2, 18-18, 34-35 [ 71.844920][ T5055] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.864848][ T5069] program syz.5.497 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 71.878955][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.925157][ T5077] 9pnet_fd: Insufficient options for proto=fd [ 71.944450][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.974801][ T5083] loop4: detected capacity change from 0 to 1024 [ 71.984106][ T5083] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 71.986886][ T5089] loop1: detected capacity change from 0 to 512 [ 71.995237][ T5083] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 72.011646][ T5085] loop5: detected capacity change from 0 to 512 [ 72.013370][ T5089] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 72.030337][ T5083] JBD2: no valid journal superblock found [ 72.036165][ T5083] EXT4-fs (loop4): Could not load journal inode [ 72.050828][ T5089] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.075668][ T5085] EXT4-fs warning (device loop5): dx_probe:848: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 72.078737][ T5089] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.087351][ T5085] EXT4-fs warning (device loop5): dx_probe:851: Enable large directory feature to access it [ 72.108063][ T5085] EXT4-fs warning (device loop5): dx_probe:936: inode #2: comm syz.5.504: Corrupt directory, running e2fsck is recommended [ 72.111511][ T5099] netlink: 40 bytes leftover after parsing attributes in process `+}[@'. [ 72.122798][ T5085] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117 [ 72.142072][ T5089] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 72.147381][ T5085] EXT4-fs error (device loop5): ext4_iget_extra_inode:4693: inode #15: comm syz.5.504: corrupted in-inode xattr: invalid ea_ino [ 72.152128][ T5089] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98 [ 72.163008][ T5085] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.504: couldn't read orphan inode 15 (err -117) [ 72.200635][ T5085] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.300962][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.313584][ T5124] program syz.4.510 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 72.319944][ T5122] netlink: 12 bytes leftover after parsing attributes in process `syz.0.509'. [ 72.371096][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.396685][ T5143] netlink: 'syz.1.511': attribute type 2 has an invalid length. [ 72.425965][ T5149] loop5: detected capacity change from 0 to 512 [ 72.436797][ T5148] 9pnet_fd: Insufficient options for proto=fd [ 72.448260][ T5149] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 72.457366][ T5149] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 72.470823][ T5151] loop4: detected capacity change from 0 to 1024 [ 72.478256][ T5149] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 72.488204][ T5151] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 72.499166][ T5151] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 72.518464][ T5149] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 72.527209][ T5149] System zones: 0-2, 18-18, 34-35 [ 72.537652][ T5149] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.542263][ T5151] JBD2: no valid journal superblock found [ 72.555737][ T5151] EXT4-fs (loop4): Could not load journal inode [ 72.558104][ T5162] netlink: 40 bytes leftover after parsing attributes in process `+}[@'. [ 72.602750][ T5169] FAULT_INJECTION: forcing a failure. [ 72.602750][ T5169] name failslab, interval 1, probability 0, space 0, times 0 [ 72.615473][ T5169] CPU: 0 UID: 0 PID: 5169 Comm: syz.0.521 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 72.615505][ T5169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 72.615521][ T5169] Call Trace: [ 72.615527][ T5169] [ 72.615537][ T5169] __dump_stack+0x1d/0x30 [ 72.615637][ T5169] dump_stack_lvl+0xe8/0x140 [ 72.615659][ T5169] dump_stack+0x15/0x1b [ 72.615716][ T5169] should_fail_ex+0x265/0x280 [ 72.615788][ T5169] should_failslab+0x8c/0xb0 [ 72.615872][ T5169] kmem_cache_alloc_node_noprof+0x57/0x320 [ 72.615991][ T5169] ? __alloc_skb+0x101/0x320 [ 72.616101][ T5169] __alloc_skb+0x101/0x320 [ 72.616145][ T5169] netlink_alloc_large_skb+0xba/0xf0 [ 72.616175][ T5169] netlink_sendmsg+0x3cf/0x6b0 [ 72.616210][ T5169] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.616269][ T5169] __sock_sendmsg+0x142/0x180 [ 72.616295][ T5169] ____sys_sendmsg+0x31e/0x4e0 [ 72.616318][ T5169] ___sys_sendmsg+0x17b/0x1d0 [ 72.616351][ T5169] __x64_sys_sendmsg+0xd4/0x160 [ 72.616400][ T5169] x64_sys_call+0x2999/0x2fb0 [ 72.616421][ T5169] do_syscall_64+0xd0/0x1a0 [ 72.616443][ T5169] ? clear_bhb_loop+0x25/0x80 [ 72.616464][ T5169] ? clear_bhb_loop+0x25/0x80 [ 72.616556][ T5169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.616576][ T5169] RIP: 0033:0x7fc36200e969 [ 72.616591][ T5169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.616609][ T5169] RSP: 002b:00007fc360677038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.616632][ T5169] RAX: ffffffffffffffda RBX: 00007fc362235fa0 RCX: 00007fc36200e969 [ 72.616644][ T5169] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000006 [ 72.616656][ T5169] RBP: 00007fc360677090 R08: 0000000000000000 R09: 0000000000000000 [ 72.616668][ T5169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 72.616714][ T5169] R13: 0000000000000000 R14: 00007fc362235fa0 R15: 00007ffe770165f8 [ 72.616733][ T5169] [ 72.839301][ T5175] program syz.0.524 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 72.860402][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.896369][ T5184] loop5: detected capacity change from 0 to 512 [ 72.914007][ T5184] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities [ 72.926078][ T5186] loop0: detected capacity change from 0 to 164 [ 72.939590][ T5186] +}[@: attempt to access beyond end of device [ 72.939590][ T5186] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 73.014127][ T5189] infiniband syz0: set active [ 73.019045][ T5189] infiniband syz0: added veth0_to_bond [ 73.058684][ T5186] +}[@: attempt to access beyond end of device [ 73.058684][ T5186] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 73.134856][ T5191] loop1: detected capacity change from 0 to 512 [ 73.145789][ T5189] RDS/IB: syz0: added [ 73.151975][ T5189] smc: adding ib device syz0 with port count 1 [ 73.159391][ T5189] smc: ib device syz0 port 1 has pnetid [ 73.242172][ T5191] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 73.245219][ T5198] netlink: 40 bytes leftover after parsing attributes in process `+}[@'. [ 73.277484][ T5191] EXT4-fs (loop1): mount failed [ 73.299497][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.532843][ T5209] loop3: detected capacity change from 0 to 1024 [ 73.545722][ T5209] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 73.556654][ T5209] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 73.580568][ T5209] JBD2: no valid journal superblock found [ 73.586390][ T5209] EXT4-fs (loop3): Could not load journal inode [ 73.642083][ T5215] FAULT_INJECTION: forcing a failure. [ 73.642083][ T5215] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 73.655386][ T5215] CPU: 0 UID: 0 PID: 5215 Comm: syz.3.536 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 73.655420][ T5215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 73.655432][ T5215] Call Trace: [ 73.655438][ T5215] [ 73.655444][ T5215] __dump_stack+0x1d/0x30 [ 73.655464][ T5215] dump_stack_lvl+0xe8/0x140 [ 73.655486][ T5215] dump_stack+0x15/0x1b [ 73.655506][ T5215] should_fail_ex+0x265/0x280 [ 73.655551][ T5215] should_fail+0xb/0x20 [ 73.655631][ T5215] should_fail_usercopy+0x1a/0x20 [ 73.655651][ T5215] _copy_to_user+0x20/0xa0 [ 73.655678][ T5215] simple_read_from_buffer+0xb5/0x130 [ 73.655708][ T5215] proc_fail_nth_read+0x100/0x140 [ 73.655757][ T5215] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 73.655853][ T5215] vfs_read+0x19d/0x6f0 [ 73.655879][ T5215] ? __rcu_read_unlock+0x4f/0x70 [ 73.655963][ T5215] ? __fget_files+0x184/0x1c0 [ 73.655990][ T5215] ksys_read+0xda/0x1a0 [ 73.656020][ T5215] __x64_sys_read+0x40/0x50 [ 73.656049][ T5215] x64_sys_call+0x2d77/0x2fb0 [ 73.656111][ T5215] do_syscall_64+0xd0/0x1a0 [ 73.656133][ T5215] ? clear_bhb_loop+0x25/0x80 [ 73.656215][ T5215] ? clear_bhb_loop+0x25/0x80 [ 73.656240][ T5215] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.656266][ T5215] RIP: 0033:0x7f516820d37c [ 73.656284][ T5215] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 73.656306][ T5215] RSP: 002b:00007f5166877030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 73.656326][ T5215] RAX: ffffffffffffffda RBX: 00007f5168435fa0 RCX: 00007f516820d37c [ 73.656341][ T5215] RDX: 000000000000000f RSI: 00007f51668770a0 RDI: 0000000000000006 [ 73.656356][ T5215] RBP: 00007f5166877090 R08: 0000000000000000 R09: 0000000000000000 [ 73.656371][ T5215] R10: 0000000000000600 R11: 0000000000000246 R12: 0000000000000001 [ 73.656384][ T5215] R13: 0000000000000000 R14: 00007f5168435fa0 R15: 00007fffa2c4b578 [ 73.656407][ T5215] [ 73.966162][ T5217] loop3: detected capacity change from 0 to 512 [ 73.974387][ T5217] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 73.983572][ T5217] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 74.026799][ T5217] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 74.035441][ T5224] program syz.1.540 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 74.047838][ T5217] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 74.063104][ T5226] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 74.071627][ T5226] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 74.079442][ T5217] System zones: 0-2, 18-18, 34-35 [ 74.095458][ T5217] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.132451][ T5230] loop1: detected capacity change from 0 to 512 [ 74.155765][ T5230] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 74.361962][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.399934][ T5235] netlink: 40 bytes leftover after parsing attributes in process `+}[@'. [ 74.418966][ T5237] loop1: detected capacity change from 0 to 512 [ 74.478217][ T5237] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 74.487344][ T5237] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 74.543336][ T5240] loop3: detected capacity change from 0 to 1024 [ 74.551579][ T5240] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 74.562512][ T5240] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 74.572154][ T5237] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 74.582356][ T5237] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 74.591432][ T5240] JBD2: no valid journal superblock found [ 74.597249][ T5240] EXT4-fs (loop3): Could not load journal inode [ 74.604021][ T5237] System zones: 0-2, 18-18, 34-35 [ 74.610681][ T5237] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.646784][ T29] kauditd_printk_skb: 465 callbacks suppressed [ 74.646800][ T29] audit: type=1326 audit(1746603782.058:2727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516820e969 code=0x7ffc0000 [ 74.676520][ T29] audit: type=1326 audit(1746603782.058:2728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516820e969 code=0x7ffc0000 [ 74.706495][ T5246] loop0: detected capacity change from 0 to 1024 [ 74.713401][ T5246] EXT4-fs: Ignoring removed nobh option [ 74.719736][ T29] audit: type=1326 audit(1746603782.068:2729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f516820e969 code=0x7ffc0000 [ 74.743153][ T29] audit: type=1326 audit(1746603782.118:2730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516820e969 code=0x7ffc0000 [ 74.766831][ T29] audit: type=1326 audit(1746603782.118:2731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516820e969 code=0x7ffc0000 [ 74.790394][ T5248] netlink: 40 bytes leftover after parsing attributes in process `syz.4.550'. [ 74.792741][ T29] audit: type=1326 audit(1746603782.188:2732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f516820e969 code=0x7ffc0000 [ 74.822711][ T29] audit: type=1326 audit(1746603782.188:2733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516820e969 code=0x7ffc0000 [ 74.846124][ T29] audit: type=1326 audit(1746603782.188:2734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516820e969 code=0x7ffc0000 [ 74.869642][ T29] audit: type=1326 audit(1746603782.188:2735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f516820e969 code=0x7ffc0000 [ 74.892951][ T29] audit: type=1326 audit(1746603782.188:2736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.3.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516820e969 code=0x7ffc0000 [ 74.929124][ T5246] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.960662][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.990871][ T5254] macsec1: entered allmulticast mode [ 74.996849][ T5254] dummy0: entered allmulticast mode [ 75.009167][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.019636][ T5254] dummy0: left allmulticast mode [ 75.038155][ T5259] loop1: detected capacity change from 0 to 512 [ 75.045768][ T5259] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 75.093383][ T5264] loop5: detected capacity change from 0 to 128 [ 75.111847][ T5267] netlink: 40 bytes leftover after parsing attributes in process `+}[@'. [ 75.123978][ T5269] netlink: 'syz.3.555': attribute type 4 has an invalid length. [ 75.131759][ T5269] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.555'. [ 75.195973][ T5275] 9pnet_fd: Insufficient options for proto=fd [ 75.210548][ T5277] loop3: detected capacity change from 0 to 1024 [ 75.234594][ T5277] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 75.245681][ T5277] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 75.258835][ T5277] JBD2: no valid journal superblock found [ 75.264631][ T5277] EXT4-fs (loop3): Could not load journal inode [ 75.371934][ T5284] SELinux: Context system_u:object_r:etc_aliases_t:s0 is not valid (left unmapped). [ 75.536754][ T5292] batadv_slave_0: entered promiscuous mode [ 75.543559][ T5292] netlink: 4 bytes leftover after parsing attributes in process `syz.4.565'. [ 75.553899][ T5292] batadv_slave_0 (unregistering): left promiscuous mode [ 75.561231][ T5292] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 75.888388][ T5296] FAULT_INJECTION: forcing a failure. [ 75.888388][ T5296] name failslab, interval 1, probability 0, space 0, times 0 [ 75.889128][ T5297] netlink: 40 bytes leftover after parsing attributes in process `+}[@'. [ 75.901146][ T5296] CPU: 1 UID: 0 PID: 5296 Comm: syz.1.566 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 75.901181][ T5296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 75.901198][ T5296] Call Trace: [ 75.901206][ T5296] [ 75.901218][ T5296] __dump_stack+0x1d/0x30 [ 75.901247][ T5296] dump_stack_lvl+0xe8/0x140 [ 75.901305][ T5296] dump_stack+0x15/0x1b [ 75.901326][ T5296] should_fail_ex+0x265/0x280 [ 75.901368][ T5296] should_failslab+0x8c/0xb0 [ 75.901406][ T5296] kmem_cache_alloc_noprof+0x50/0x310 [ 75.901480][ T5296] ? security_inode_alloc+0x37/0x100 [ 75.901517][ T5296] security_inode_alloc+0x37/0x100 [ 75.901544][ T5296] inode_init_always_gfp+0x4b7/0x500 [ 75.901578][ T5296] ? __pfx_proc_alloc_inode+0x10/0x10 [ 75.901658][ T5296] alloc_inode+0x58/0x170 [ 75.901689][ T5296] new_inode+0x1d/0xe0 [ 75.901765][ T5296] proc_get_inode+0x21/0x370 [ 75.901810][ T5296] proc_lookup_de+0x19e/0x220 [ 75.901847][ T5296] proc_tgid_net_lookup+0x43/0xd0 [ 75.901890][ T5296] ? __pfx_proc_tgid_net_lookup+0x10/0x10 [ 75.901928][ T5296] path_openat+0xcf0/0x2170 [ 75.901969][ T5296] do_filp_open+0x109/0x230 [ 75.902034][ T5296] ? __pfx_kfree_link+0x10/0x10 [ 75.902061][ T5296] do_sys_openat2+0xa6/0x110 [ 75.902099][ T5296] __x64_sys_openat+0xf2/0x120 [ 75.902124][ T5296] x64_sys_call+0x1af/0x2fb0 [ 75.902152][ T5296] do_syscall_64+0xd0/0x1a0 [ 75.902180][ T5296] ? clear_bhb_loop+0x25/0x80 [ 75.902207][ T5296] ? clear_bhb_loop+0x25/0x80 [ 75.902316][ T5296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.902343][ T5296] RIP: 0033:0x7f6761b7d2d0 [ 75.902363][ T5296] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 75.902386][ T5296] RSP: 002b:00007f67601e6f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 75.902441][ T5296] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6761b7d2d0 [ 75.902457][ T5296] RDX: 0000000000000002 RSI: 00007f67601e6fa0 RDI: 00000000ffffff9c [ 75.902472][ T5296] RBP: 00007f67601e6fa0 R08: 0000000000000000 R09: 0000000000000000 [ 75.902488][ T5296] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 75.902510][ T5296] R13: 0000000000000000 R14: 00007f6761da5fa0 R15: 00007ffd7258e8e8 [ 75.902534][ T5296] [ 75.979261][ T5298] SELinux: Context : is not valid (left unmapped). [ 76.180650][ T5302] FAULT_INJECTION: forcing a failure. [ 76.180650][ T5302] name failslab, interval 1, probability 0, space 0, times 0 [ 76.191095][ T5303] loop5: detected capacity change from 0 to 2048 [ 76.193390][ T5302] CPU: 1 UID: 0 PID: 5302 Comm: syz.0.568 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 76.193423][ T5302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 76.193440][ T5302] Call Trace: [ 76.193449][ T5302] [ 76.193459][ T5302] __dump_stack+0x1d/0x30 [ 76.193488][ T5302] dump_stack_lvl+0xe8/0x140 [ 76.193587][ T5302] dump_stack+0x15/0x1b [ 76.193609][ T5302] should_fail_ex+0x265/0x280 [ 76.193714][ T5302] should_failslab+0x8c/0xb0 [ 76.193753][ T5302] __kmalloc_node_track_caller_noprof+0xa4/0x410 [ 76.193781][ T5302] ? sidtab_sid2str_get+0xa0/0x130 [ 76.193820][ T5302] kmemdup_noprof+0x2b/0x70 [ 76.193844][ T5302] sidtab_sid2str_get+0xa0/0x130 [ 76.194026][ T5302] security_sid_to_context_core+0x1eb/0x2e0 [ 76.194064][ T5302] security_sid_to_context+0x27/0x40 [ 76.194099][ T5302] selinux_lsmprop_to_secctx+0x67/0xf0 [ 76.194182][ T5302] security_lsmprop_to_secctx+0x43/0x80 [ 76.194211][ T5302] audit_log_task_context+0x77/0x190 [ 76.194252][ T5302] audit_log_task+0xf4/0x250 [ 76.194360][ T5302] audit_seccomp+0x61/0x100 [ 76.194436][ T5302] ? __seccomp_filter+0x68c/0x10d0 [ 76.194462][ T5302] __seccomp_filter+0x69d/0x10d0 [ 76.194489][ T5302] ? update_load_avg+0x1da/0x820 [ 76.194669][ T5302] ? __list_add_valid_or_report+0x38/0xe0 [ 76.194702][ T5302] ? _raw_spin_unlock+0x26/0x50 [ 76.194736][ T5302] ? finish_task_switch+0xad/0x2b0 [ 76.194767][ T5302] __secure_computing+0x82/0x150 [ 76.194840][ T5302] syscall_trace_enter+0xcf/0x1e0 [ 76.194871][ T5302] do_syscall_64+0xaa/0x1a0 [ 76.194901][ T5302] ? clear_bhb_loop+0x25/0x80 [ 76.194929][ T5302] ? clear_bhb_loop+0x25/0x80 [ 76.195027][ T5302] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.195054][ T5302] RIP: 0033:0x7fc36200d37c [ 76.195073][ T5302] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 76.195096][ T5302] RSP: 002b:00007fc360677030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 76.195148][ T5302] RAX: ffffffffffffffda RBX: 00007fc362235fa0 RCX: 00007fc36200d37c [ 76.195164][ T5302] RDX: 000000000000000f RSI: 00007fc3606770a0 RDI: 0000000000000005 [ 76.195179][ T5302] RBP: 00007fc360677090 R08: 0000000000000000 R09: 0000000000000000 [ 76.195195][ T5302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.195259][ T5302] R13: 0000000000000000 R14: 00007fc362235fa0 R15: 00007ffe770165f8 [ 76.195284][ T5302] [ 76.278750][ T5307] loop1: detected capacity change from 0 to 1024 [ 76.291710][ T5308] 9pnet_fd: Insufficient options for proto=fd [ 76.295446][ T5307] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 76.313061][ T5303] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.314601][ T5307] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 76.493484][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.503857][ T5307] JBD2: no valid journal superblock found [ 76.509632][ T5307] EXT4-fs (loop1): Could not load journal inode [ 76.594639][ T5320] syz.5.572: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 76.609353][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.5.572 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 76.609400][ T5320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 76.609413][ T5320] Call Trace: [ 76.609419][ T5320] [ 76.609486][ T5320] __dump_stack+0x1d/0x30 [ 76.609564][ T5320] dump_stack_lvl+0xe8/0x140 [ 76.609659][ T5320] dump_stack+0x15/0x1b [ 76.609679][ T5320] warn_alloc+0x12b/0x1a0 [ 76.609741][ T5320] ? update_curr+0x27f/0x320 [ 76.609847][ T5320] ? enqueue_task_fair+0x86b/0x990 [ 76.609874][ T5320] __vmalloc_node_range_noprof+0x9c/0xdf0 [ 76.609898][ T5320] ? probe_sched_wakeup+0x85/0xa0 [ 76.610003][ T5320] ? ttwu_do_activate+0x1cf/0x210 [ 76.610035][ T5320] ? __rcu_read_unlock+0x4f/0x70 [ 76.610058][ T5320] ? avc_has_perm_noaudit+0x1b1/0x200 [ 76.610101][ T5320] ? should_fail_ex+0x30/0x280 [ 76.610202][ T5320] ? xskq_create+0x36/0xe0 [ 76.610279][ T5320] ? should_failslab+0x8c/0xb0 [ 76.610313][ T5320] vmalloc_user_noprof+0x59/0x70 [ 76.610343][ T5320] ? xskq_create+0x80/0xe0 [ 76.610380][ T5320] xskq_create+0x80/0xe0 [ 76.610412][ T5320] xsk_init_queue+0x95/0xf0 [ 76.610446][ T5320] xsk_setsockopt+0x35c/0x510 [ 76.610486][ T5320] ? __pfx_xsk_setsockopt+0x10/0x10 [ 76.610517][ T5320] __sys_setsockopt+0x181/0x200 [ 76.610565][ T5320] __x64_sys_setsockopt+0x64/0x80 [ 76.610607][ T5320] x64_sys_call+0x2bd5/0x2fb0 [ 76.610629][ T5320] do_syscall_64+0xd0/0x1a0 [ 76.610674][ T5320] ? clear_bhb_loop+0x25/0x80 [ 76.610755][ T5320] ? clear_bhb_loop+0x25/0x80 [ 76.610775][ T5320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.610801][ T5320] RIP: 0033:0x7fb57fb5e969 [ 76.610820][ T5320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.610843][ T5320] RSP: 002b:00007fb57e1c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 76.610866][ T5320] RAX: ffffffffffffffda RBX: 00007fb57fd85fa0 RCX: 00007fb57fb5e969 [ 76.610927][ T5320] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000a [ 76.610943][ T5320] RBP: 00007fb57fbe0ab1 R08: 0000000000000004 R09: 0000000000000000 [ 76.610959][ T5320] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.610974][ T5320] R13: 0000000000000000 R14: 00007fb57fd85fa0 R15: 00007ffd397c0528 [ 76.611050][ T5320] [ 76.611127][ T5320] Mem-Info: [ 76.668144][ T5326] netlink: 20 bytes leftover after parsing attributes in process `syz.4.578'. [ 76.673208][ T5320] active_anon:3532 inactive_anon:0 isolated_anon:0 [ 76.673208][ T5320] active_file:19192 inactive_file:2073 isolated_file:0 [ 76.673208][ T5320] unevictable:0 dirty:434 writeback:0 [ 76.673208][ T5320] slab_reclaimable:3095 slab_unreclaimable:33732 [ 76.673208][ T5320] mapped:29124 shmem:312 pagetables:870 [ 76.673208][ T5320] sec_pagetables:0 bounce:0 [ 76.673208][ T5320] kernel_misc_reclaimable:0 [ 76.673208][ T5320] free:1878128 free_pcp:3497 free_cma:0 [ 76.683820][ T5329] netlink: 20 bytes leftover after parsing attributes in process `+}[@'. [ 76.688475][ T5320] Node 0 active_anon:14128kB inactive_anon:0kB active_file:76768kB inactive_file:8292kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:116496kB dirty:1736kB writeback:0kB shmem:1248kB writeback_tmp:0kB kernel_stack:3472kB pagetables:3480kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 76.702962][ T5322] loop1: detected capacity change from 0 to 512 [ 76.703241][ T5320] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 76.768050][ T5328] loop5: detected capacity change from 0 to 512 [ 76.771234][ T5320] lowmem_reserve[]: [ 76.787126][ T5332] loop0: detected capacity change from 0 to 512 [ 76.795383][ T5320] 0 2884 [ 76.904914][ T5332] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 76.912221][ T5320] 7863 [ 76.943436][ T5322] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 76.947286][ T5320] 7863 [ 76.947303][ T5320] Node 0 DMA32 free:2949936kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953568kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB [ 77.031210][ T5328] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.044908][ T5320] lowmem_reserve[]: 0 0 4978 4978 [ 77.062615][ T5320] Node 0 Normal free:4543084kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:14940kB inactive_anon:0kB active_file:76768kB inactive_file:8292kB unevictable:0kB writepending:1736kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:8972kB local_pcp:3092kB free_cma:0kB [ 77.092894][ T5320] lowmem_reserve[]: 0 0 0 0 [ 77.097795][ T5320] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 77.110583][ T5320] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 1*16kB (M) 4*32kB (M) 2*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949936kB [ 77.113197][ T5328] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.126674][ T5320] Node 0 Normal: 458*4kB (ME) 706*8kB (UME) 563*16kB (ME) 525*32kB (UME) 279*64kB (UME) 77*128kB (UM) 58*256kB (UM) 37*512kB (UME) 22*1024kB (UME) 20*2048kB (UM) 1072*4096kB (UM) = 4549192kB [ 77.156081][ T5320] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 77.165450][ T5320] 21722 total pagecache pages [ 77.170189][ T5320] 0 pages in swap cache [ 77.174447][ T5320] Free swap = 124996kB [ 77.178651][ T5320] Total swap = 124996kB [ 77.182862][ T5320] 2097051 pages RAM [ 77.186684][ T5320] 0 pages HighMem/MovableOnly [ 77.191404][ T5320] 80258 pages reserved [ 77.198466][ T5337] loop4: detected capacity change from 0 to 512 [ 77.207047][ T5337] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 77.216280][ T5337] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 77.239208][ T5332] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.253256][ T5337] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 77.257761][ T5332] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.262644][ T5337] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 77.296726][ T5320] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 581 [ 77.306692][ T5337] System zones: 0-2, 18-18, 34-35 [ 77.312449][ T5337] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.393465][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.493535][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.543870][ T5350] netlink: 4 bytes leftover after parsing attributes in process `syz.1.584'. [ 77.738419][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.770373][ T5359] netlink: 16 bytes leftover after parsing attributes in process `syz.0.586'. [ 78.010235][ T5376] loop4: detected capacity change from 0 to 512 [ 78.356751][ T5386] loop1: detected capacity change from 0 to 512 [ 78.386455][ T5386] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 78.497215][ T5388] lo: entered allmulticast mode [ 78.569841][ T5390] FAULT_INJECTION: forcing a failure. [ 78.569841][ T5390] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 78.583302][ T5390] CPU: 0 UID: 0 PID: 5390 Comm: syz.4.597 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 78.583329][ T5390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 78.583376][ T5390] Call Trace: [ 78.583383][ T5390] [ 78.583390][ T5390] __dump_stack+0x1d/0x30 [ 78.583417][ T5390] dump_stack_lvl+0xe8/0x140 [ 78.583442][ T5390] dump_stack+0x15/0x1b [ 78.583540][ T5390] should_fail_ex+0x265/0x280 [ 78.583571][ T5390] should_fail_alloc_page+0xf2/0x100 [ 78.583652][ T5390] __alloc_frozen_pages_noprof+0xff/0x360 [ 78.583731][ T5390] alloc_pages_mpol+0xb3/0x250 [ 78.583752][ T5390] vma_alloc_folio_noprof+0x1aa/0x300 [ 78.583775][ T5390] do_wp_page+0x673/0x23e0 [ 78.583868][ T5390] ? __rcu_read_lock+0x37/0x50 [ 78.583896][ T5390] handle_mm_fault+0x6dc/0x2ae0 [ 78.583925][ T5390] ? mas_walk+0xf2/0x120 [ 78.583948][ T5390] do_user_addr_fault+0x636/0x1090 [ 78.584054][ T5390] ? fpregs_assert_state_consistent+0x84/0xa0 [ 78.584108][ T5390] exc_page_fault+0x54/0xc0 [ 78.584153][ T5390] asm_exc_page_fault+0x26/0x30 [ 78.584178][ T5390] RIP: 0033:0x7f934d0e0cc3 [ 78.584195][ T5390] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c [ 78.584212][ T5390] RSP: 002b:00007f934b8864a0 EFLAGS: 00010202 [ 78.584299][ T5390] RAX: 0000000000003005 RBX: 00007f934b886540 RCX: 00007f9343467000 [ 78.584311][ T5390] RDX: 00007f934b8866e0 RSI: 0000000000000003 RDI: 00007f934b8865e0 [ 78.584322][ T5390] RBP: 000000000000006a R08: 0000000000000007 R09: 000000000000003c [ 78.584333][ T5390] R10: 0000000000000050 R11: 00007f934b886540 R12: 0000000000000001 [ 78.584365][ T5390] R13: 00007f934d2bbfc0 R14: 0000000000000008 R15: 00007f934b8865e0 [ 78.584384][ T5390] [ 78.584395][ T5390] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 78.775144][ T5390] loop4: detected capacity change from 0 to 512 [ 78.783489][ T5390] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 not in group (block 4294967295)! [ 78.794480][ T5390] EXT4-fs (loop4): group descriptors corrupted! [ 79.053012][ T5403] 9pnet_fd: Insufficient options for proto=fd [ 79.064556][ T5404] netlink: 4 bytes leftover after parsing attributes in process `syz.0.599'. [ 79.137230][ T9] IPVS: starting estimator thread 0... [ 79.227830][ T5408] IPVS: using max 2448 ests per chain, 122400 per kthread [ 79.353031][ T5427] program syz.5.610 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 79.523398][ T5439] loop4: detected capacity change from 0 to 1024 [ 79.531422][ T5439] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 79.542524][ T5439] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 79.555576][ T5439] JBD2: no valid journal superblock found [ 79.561503][ T5439] EXT4-fs (loop4): Could not load journal inode [ 79.572118][ T5439] cgroup: No subsys list or none specified [ 79.780981][ T3383] IPVS: starting estimator thread 0... [ 79.867669][ T5449] IPVS: using max 2448 ests per chain, 122400 per kthread [ 79.927028][ T29] kauditd_printk_skb: 482 callbacks suppressed [ 79.927046][ T29] audit: type=1326 audit(1746603787.338:3218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.5.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57fb5e969 code=0x7ffc0000 [ 79.988067][ T29] audit: type=1326 audit(1746603787.368:3219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.5.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fb57fb5e969 code=0x7ffc0000 [ 80.011559][ T29] audit: type=1326 audit(1746603787.368:3220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.5.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57fb5e969 code=0x7ffc0000 [ 80.082712][ T5458] netlink: 'syz.4.621': attribute type 21 has an invalid length. [ 80.098433][ T29] audit: type=1326 audit(1746603787.508:3221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5454 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57fb5e969 code=0x7ffc0000 [ 80.121884][ T29] audit: type=1326 audit(1746603787.508:3222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5454 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb57fb5e969 code=0x7ffc0000 [ 80.145352][ T29] audit: type=1326 audit(1746603787.508:3223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5454 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57fb5e969 code=0x7ffc0000 [ 80.168733][ T29] audit: type=1326 audit(1746603787.508:3224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5454 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb57fb5e969 code=0x7ffc0000 [ 80.192114][ T29] audit: type=1326 audit(1746603787.508:3225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5454 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57fb5e969 code=0x7ffc0000 [ 80.217644][ T5458] netlink: 'syz.4.621': attribute type 6 has an invalid length. [ 80.225324][ T5458] __nla_validate_parse: 17 callbacks suppressed [ 80.225347][ T5458] netlink: 132 bytes leftover after parsing attributes in process `syz.4.621'. [ 80.248517][ T29] audit: type=1326 audit(1746603787.518:3226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5454 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb57fb5e969 code=0x7ffc0000 [ 80.272000][ T29] audit: type=1326 audit(1746603787.518:3227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5454 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57fb5e969 code=0x7ffc0000 [ 80.314371][ T5462] program syz.1.622 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 80.335660][ T5464] batadv_slave_0: entered promiscuous mode [ 80.352339][ T5464] netlink: 4 bytes leftover after parsing attributes in process `syz.0.623'. [ 80.363936][ T5464] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 80.379656][ T5464] batadv_slave_0 (unregistering): left promiscuous mode [ 80.436748][ T5464] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 80.543646][ T5475] loop1: detected capacity change from 0 to 512 [ 80.553833][ T5477] netlink: 24 bytes leftover after parsing attributes in process `+}[@'. [ 80.554427][ T5475] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 80.571446][ T5475] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 80.599589][ T5480] netlink: 88 bytes leftover after parsing attributes in process `syz.3.629'. [ 80.608605][ T5480] netlink: 88 bytes leftover after parsing attributes in process `syz.3.629'. [ 80.618631][ T5475] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 80.639018][ T5475] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 80.647147][ T5475] System zones: 0-2, 18-18, 34-35 [ 80.658196][ T5475] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.682341][ T5483] loop5: detected capacity change from 0 to 2048 [ 80.738345][ T5483] loop5: p1 < > p4 [ 80.743029][ T5483] loop5: p4 size 8388608 extends beyond EOD, truncated [ 80.754349][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.768607][ T5483] netlink: 24 bytes leftover after parsing attributes in process `+}[@'. [ 80.816990][ T5490] xt_CT: You must specify a L4 protocol and not use inversions on it [ 80.860820][ T5494] loop5: detected capacity change from 0 to 1024 [ 80.869807][ T5494] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 80.880789][ T5494] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 80.893564][ T5494] JBD2: no valid journal superblock found [ 80.899499][ T5494] EXT4-fs (loop5): Could not load journal inode [ 80.941134][ T5494] cgroup: No subsys list or none specified [ 81.106197][ T5503] netlink: 24 bytes leftover after parsing attributes in process `+}[@'. [ 81.147843][ T5505] batadv_slave_0: entered promiscuous mode [ 81.154624][ T5505] netlink: 4 bytes leftover after parsing attributes in process `syz.5.640'. [ 81.180785][ T5505] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 81.210409][ T5505] batadv_slave_0 (unregistering): left promiscuous mode [ 81.228240][ T5505] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 81.358789][ T5512] netlink: 4 bytes leftover after parsing attributes in process `syz.4.643'. [ 81.524703][ T5517] loop3: detected capacity change from 0 to 512 [ 81.549684][ T5517] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 81.568395][ T5517] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.637: invalid indirect mapped block 2683928664 (level 1) [ 81.593360][ T5517] EXT4-fs (loop3): Remounting filesystem read-only [ 81.600370][ T5517] EXT4-fs (loop3): 1 truncate cleaned up [ 81.606476][ T5517] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.706637][ T5525] FAULT_INJECTION: forcing a failure. [ 81.706637][ T5525] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 81.720117][ T5525] CPU: 1 UID: 0 PID: 5525 Comm: syz.1.646 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 81.720204][ T5525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 81.720217][ T5525] Call Trace: [ 81.720224][ T5525] [ 81.720231][ T5525] __dump_stack+0x1d/0x30 [ 81.720259][ T5525] dump_stack_lvl+0xe8/0x140 [ 81.720306][ T5525] dump_stack+0x15/0x1b [ 81.720325][ T5525] should_fail_ex+0x265/0x280 [ 81.720364][ T5525] should_fail_alloc_page+0xf2/0x100 [ 81.720404][ T5525] __alloc_frozen_pages_noprof+0xff/0x360 [ 81.720514][ T5525] alloc_pages_mpol+0xb3/0x250 [ 81.720543][ T5525] vma_alloc_folio_noprof+0x1aa/0x300 [ 81.720571][ T5525] do_wp_page+0x673/0x23e0 [ 81.720638][ T5525] ? __rcu_read_lock+0x37/0x50 [ 81.720667][ T5525] handle_mm_fault+0x6dc/0x2ae0 [ 81.720702][ T5525] ? __rcu_read_unlock+0x4f/0x70 [ 81.720739][ T5525] do_user_addr_fault+0x3fe/0x1090 [ 81.720828][ T5525] exc_page_fault+0x54/0xc0 [ 81.720869][ T5525] asm_exc_page_fault+0x26/0x30 [ 81.720891][ T5525] RIP: 0010:__put_user_4+0xd/0x20 [ 81.720913][ T5525] Code: 66 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 [ 81.721011][ T5525] RSP: 0018:ffffc9001152fd28 EFLAGS: 00050206 [ 81.721090][ T5525] RAX: 00000000fffffff2 RBX: 0000000000000000 RCX: 0000200000006000 [ 81.721103][ T5525] RDX: ffff88813620b180 RSI: 00000000fffffff2 RDI: 0000000000000000 [ 81.721114][ T5525] RBP: ffffc9001152fed0 R08: 00018881043d4507 R09: 0000000000000000 [ 81.721125][ T5525] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 81.721138][ T5525] R13: 0000000000001800 R14: 0000000000000000 R15: 00000000fffffff2 [ 81.721169][ T5525] __se_sys_move_pages+0xa1c/0x1330 [ 81.721271][ T5525] ? get_pid_task+0x96/0xd0 [ 81.721291][ T5525] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 81.721320][ T5525] ? __fget_files+0x184/0x1c0 [ 81.721412][ T5525] ? fput+0x8f/0xc0 [ 81.721430][ T5525] ? ksys_write+0x16e/0x1a0 [ 81.721458][ T5525] __x64_sys_move_pages+0x78/0x90 [ 81.721522][ T5525] x64_sys_call+0x2eab/0x2fb0 [ 81.721548][ T5525] do_syscall_64+0xd0/0x1a0 [ 81.721575][ T5525] ? clear_bhb_loop+0x25/0x80 [ 81.721599][ T5525] ? clear_bhb_loop+0x25/0x80 [ 81.721690][ T5525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.721712][ T5525] RIP: 0033:0x7f6761b7e969 [ 81.721730][ T5525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.721752][ T5525] RSP: 002b:00007f67601e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 81.721774][ T5525] RAX: ffffffffffffffda RBX: 00007f6761da5fa0 RCX: 00007f6761b7e969 [ 81.721840][ T5525] RDX: 0000200000000040 RSI: 0000000000002064 RDI: 0000000000000000 [ 81.721851][ T5525] RBP: 00007f67601e7090 R08: 0000200000000000 R09: 0000000000000000 [ 81.721864][ T5525] R10: 0000200000001180 R11: 0000000000000246 R12: 0000000000000001 [ 81.721879][ T5525] R13: 0000000000000000 R14: 00007f6761da5fa0 R15: 00007ffd7258e8e8 [ 81.721901][ T5525] [ 82.047501][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.089898][ T5532] loop3: detected capacity change from 0 to 1024 [ 82.107699][ T5532] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 82.118897][ T5532] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 82.130896][ T5532] JBD2: no valid journal superblock found [ 82.136670][ T5532] EXT4-fs (loop3): Could not load journal inode [ 82.148868][ T5532] cgroup: No subsys list or none specified [ 82.196158][ T5540] FAULT_INJECTION: forcing a failure. [ 82.196158][ T5540] name failslab, interval 1, probability 0, space 0, times 0 [ 82.208933][ T5540] CPU: 1 UID: 0 PID: 5540 Comm: syz.1.653 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 82.209012][ T5540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 82.209027][ T5540] Call Trace: [ 82.209033][ T5540] [ 82.209041][ T5540] __dump_stack+0x1d/0x30 [ 82.209137][ T5540] dump_stack_lvl+0xe8/0x140 [ 82.209161][ T5540] dump_stack+0x15/0x1b [ 82.209242][ T5540] should_fail_ex+0x265/0x280 [ 82.209280][ T5540] should_failslab+0x8c/0xb0 [ 82.209314][ T5540] kmem_cache_alloc_noprof+0x50/0x310 [ 82.209346][ T5540] ? audit_log_start+0x365/0x6c0 [ 82.209443][ T5540] audit_log_start+0x365/0x6c0 [ 82.209483][ T5540] audit_seccomp+0x48/0x100 [ 82.209510][ T5540] ? __seccomp_filter+0x68c/0x10d0 [ 82.209603][ T5540] __seccomp_filter+0x69d/0x10d0 [ 82.209641][ T5540] __secure_computing+0x82/0x150 [ 82.209665][ T5540] syscall_trace_enter+0xcf/0x1e0 [ 82.209768][ T5540] do_syscall_64+0xaa/0x1a0 [ 82.209829][ T5540] ? clear_bhb_loop+0x25/0x80 [ 82.209852][ T5540] ? clear_bhb_loop+0x25/0x80 [ 82.209877][ T5540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.209903][ T5540] RIP: 0033:0x7f6761b7d37c [ 82.209921][ T5540] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 82.209970][ T5540] RSP: 002b:00007f67601e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 82.209991][ T5540] RAX: ffffffffffffffda RBX: 00007f6761da5fa0 RCX: 00007f6761b7d37c [ 82.210005][ T5540] RDX: 000000000000000f RSI: 00007f67601e70a0 RDI: 0000000000000007 [ 82.210019][ T5540] RBP: 00007f67601e7090 R08: 0000000000000000 R09: 0000000000000000 [ 82.210033][ T5540] R10: 0000200000001100 R11: 0000000000000246 R12: 0000000000000001 [ 82.210046][ T5540] R13: 0000000000000000 R14: 00007f6761da5fa0 R15: 00007ffd7258e8e8 [ 82.210138][ T5540] [ 82.442805][ T5541] netlink: 9412 bytes leftover after parsing attributes in process `+}[@'. [ 82.454023][ T5548] loop5: detected capacity change from 0 to 256 [ 82.565532][ T5559] 9pnet_fd: Insufficient options for proto=fd [ 82.599628][ T5563] loop0: detected capacity change from 0 to 1024 [ 82.606580][ T5563] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 82.617523][ T5563] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 82.618949][ T5565] netlink: 'syz.4.657': attribute type 13 has an invalid length. [ 82.637371][ T5563] JBD2: no valid journal superblock found [ 82.643195][ T5563] EXT4-fs (loop0): Could not load journal inode [ 82.656083][ T5563] cgroup: No subsys list or none specified [ 82.799295][ T5592] futex_wake_op: syz.3.669 tries to shift op by 32; fix this program [ 82.822843][ T5592] team0 (unregistering): Port device team_slave_0 removed [ 82.833092][ T5592] team0 (unregistering): Port device team_slave_1 removed [ 82.875369][ T5598] loop3: detected capacity change from 0 to 512 [ 82.918307][ T5598] EXT4-fs (loop3): unsupported inode size: 65535 [ 82.924706][ T5598] EXT4-fs (loop3): blocksize: 1024 [ 83.018574][ T5606] 9pnet: Could not find request transport: 0xffffffffffffffff [ 83.039171][ T5602] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 83.076192][ T5610] loop0: detected capacity change from 0 to 1024 [ 83.085827][ T5610] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 83.096927][ T5610] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 83.111091][ T5610] JBD2: no valid journal superblock found [ 83.116911][ T5610] EXT4-fs (loop0): Could not load journal inode [ 83.127011][ T5610] cgroup: No subsys list or none specified [ 83.382248][ T5653] bridge0: entered promiscuous mode [ 83.389060][ T5653] vlan2: entered promiscuous mode [ 83.412671][ T5658] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65280 sclass=netlink_xfrm_socket pid=5658 comm=syz.1.692 [ 83.534651][ T5676] loop1: detected capacity change from 0 to 2048 [ 83.583030][ T5676] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.704131][ T5693] loop4: detected capacity change from 0 to 1024 [ 83.732479][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.752404][ T5693] EXT4-fs: Ignoring removed mblk_io_submit option [ 83.755216][ T5695] program syz.0.706 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 83.771044][ T5693] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 83.783723][ T5693] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #11: comm syz.4.704: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 83.809684][ T5693] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.704: couldn't read orphan inode 11 (err -117) [ 83.848131][ T5693] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.892178][ T5693] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.704: Invalid block bitmap block 0 in block_group 0 [ 83.926881][ T5693] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.704: Failed to acquire dquot type 0 [ 83.952070][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.963191][ T3891] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:31: Failed to release dquot type 0 [ 83.984237][ T5710] SELinux: Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped). [ 84.100937][ T5729] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 84.130016][ T5731] loop4: detected capacity change from 0 to 2048 [ 84.155783][ T5733] loop3: detected capacity change from 0 to 1024 [ 84.172138][ T5737] 8021q: VLANs not supported on vxcan1 [ 84.209796][ T5731] loop4: p1 < > p4 [ 84.223490][ T5731] loop4: p4 size 8388608 extends beyond EOD, truncated [ 84.239148][ T5733] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.278618][ T5733] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.360489][ T5750] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.720: bg 0: block 393: padding at end of block bitmap is not set [ 84.396563][ T5750] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 4 with error 117 [ 84.409158][ T5750] EXT4-fs (loop3): This should not happen!! Data will be lost [ 84.409158][ T5750] [ 84.469506][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.490141][ T5764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 84.509124][ T5766] FAULT_INJECTION: forcing a failure. [ 84.509124][ T5766] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.522262][ T5766] CPU: 1 UID: 0 PID: 5766 Comm: syz.4.732 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 84.522343][ T5766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 84.522436][ T5766] Call Trace: [ 84.522444][ T5766] [ 84.522453][ T5766] __dump_stack+0x1d/0x30 [ 84.522479][ T5766] dump_stack_lvl+0xe8/0x140 [ 84.522502][ T5766] dump_stack+0x15/0x1b [ 84.522560][ T5766] should_fail_ex+0x265/0x280 [ 84.522597][ T5766] should_fail+0xb/0x20 [ 84.522633][ T5766] should_fail_usercopy+0x1a/0x20 [ 84.522766][ T5766] _copy_to_user+0x20/0xa0 [ 84.522794][ T5766] simple_read_from_buffer+0xb5/0x130 [ 84.522824][ T5766] proc_fail_nth_read+0x100/0x140 [ 84.522855][ T5766] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 84.522948][ T5766] vfs_read+0x19d/0x6f0 [ 84.522970][ T5766] ? __rcu_read_unlock+0x4f/0x70 [ 84.523051][ T5766] ? __fget_files+0x184/0x1c0 [ 84.523085][ T5766] ksys_read+0xda/0x1a0 [ 84.523117][ T5766] __x64_sys_read+0x40/0x50 [ 84.523227][ T5766] x64_sys_call+0x2d77/0x2fb0 [ 84.523253][ T5766] do_syscall_64+0xd0/0x1a0 [ 84.523280][ T5766] ? clear_bhb_loop+0x25/0x80 [ 84.523306][ T5766] ? clear_bhb_loop+0x25/0x80 [ 84.523334][ T5766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.523380][ T5766] RIP: 0033:0x7f934d21d37c [ 84.523395][ T5766] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 84.523487][ T5766] RSP: 002b:00007f934b887030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 84.523507][ T5766] RAX: ffffffffffffffda RBX: 00007f934d445fa0 RCX: 00007f934d21d37c [ 84.523577][ T5766] RDX: 000000000000000f RSI: 00007f934b8870a0 RDI: 0000000000000007 [ 84.523588][ T5766] RBP: 00007f934b887090 R08: 0000000000000000 R09: 0000000000000000 [ 84.523602][ T5766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.523613][ T5766] R13: 0000000000000000 R14: 00007f934d445fa0 R15: 00007ffc67418958 [ 84.523636][ T5766] [ 84.536412][ T5768] loop3: detected capacity change from 0 to 164 [ 84.542443][ T5764] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 84.640592][ T5768] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.731' sets config #1 [ 84.760783][ T5772] loop4: detected capacity change from 0 to 512 [ 85.057795][ T29] kauditd_printk_skb: 562 callbacks suppressed [ 85.057814][ T29] audit: type=1400 audit(1746603792.458:3785): avc: denied { read } for pid=5795 comm="syz.0.738" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 85.240004][ T29] audit: type=1400 audit(1746603792.658:3786): avc: denied { ioctl } for pid=5800 comm="syz.4.739" path="socket:[11156]" dev="sockfs" ino=11156 ioctlcmd=0x891a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 85.277873][ T29] audit: type=1400 audit(1746603792.688:3787): avc: denied { listen } for pid=5802 comm="syz.4.740" lport=40825 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 85.300863][ T29] audit: type=1400 audit(1746603792.688:3788): avc: denied { accept } for pid=5802 comm="syz.4.740" lport=40825 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 85.355182][ T5803] loop4: detected capacity change from 0 to 2048 [ 85.414639][ T5813] loop1: detected capacity change from 0 to 512 [ 85.432821][ T5803] EXT4-fs (loop4): failed to initialize system zone (-117) [ 85.440833][ T5813] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 33619980: comm syz.1.743: invalid block [ 85.454094][ T29] audit: type=1400 audit(1746603792.828:3790): avc: denied { nlmsg_read } for pid=5812 comm="syz.1.743" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 85.474709][ T29] audit: type=1400 audit(1746603792.828:3791): avc: denied { write } for pid=5812 comm="syz.1.743" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 85.496553][ T5803] EXT4-fs (loop4): mount failed [ 85.499505][ T29] audit: type=1326 audit(1746603792.828:3789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5814 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36200e969 code=0x7ffc0000 [ 85.503555][ T5813] EXT4-fs (loop1): Remounting filesystem read-only [ 85.524752][ T29] audit: type=1326 audit(1746603792.908:3792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5814 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc36200e969 code=0x7ffc0000 [ 85.554622][ T29] audit: type=1326 audit(1746603792.908:3793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5814 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36200e969 code=0x7ffc0000 [ 85.556103][ T5813] EXT4-fs (loop1): 1 truncate cleaned up [ 85.577963][ T29] audit: type=1326 audit(1746603792.908:3794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5814 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36200e969 code=0x7ffc0000 [ 85.609097][ T5818] __nla_validate_parse: 34 callbacks suppressed [ 85.609111][ T5818] netlink: 68 bytes leftover after parsing attributes in process `syz.0.744'. [ 85.663982][ T5822] FAULT_INJECTION: forcing a failure. [ 85.663982][ T5822] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 85.677242][ T5822] CPU: 1 UID: 0 PID: 5822 Comm: syz.4.745 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 85.677348][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 85.677363][ T5822] Call Trace: [ 85.677369][ T5822] [ 85.677376][ T5822] __dump_stack+0x1d/0x30 [ 85.677396][ T5822] dump_stack_lvl+0xe8/0x140 [ 85.677414][ T5822] dump_stack+0x15/0x1b [ 85.677429][ T5822] should_fail_ex+0x265/0x280 [ 85.677524][ T5822] should_fail+0xb/0x20 [ 85.677563][ T5822] should_fail_usercopy+0x1a/0x20 [ 85.677585][ T5822] _copy_from_user+0x1c/0xb0 [ 85.677609][ T5822] restore_altstack+0x4b/0x2d0 [ 85.677634][ T5822] ? __set_task_blocked+0x1dc/0x2a0 [ 85.677708][ T5822] __ia32_sys_rt_sigreturn+0xdc/0x350 [ 85.677816][ T5822] ? save_fpregs_to_fpstate+0x100/0x160 [ 85.677843][ T5822] ? _raw_spin_unlock+0x26/0x50 [ 85.677871][ T5822] ? finish_task_switch+0xad/0x2b0 [ 85.677895][ T5822] ? __secure_computing+0x82/0x150 [ 85.677918][ T5822] x64_sys_call+0x2e8a/0x2fb0 [ 85.678003][ T5822] do_syscall_64+0xd0/0x1a0 [ 85.678024][ T5822] ? clear_bhb_loop+0x25/0x80 [ 85.678046][ T5822] ? clear_bhb_loop+0x25/0x80 [ 85.678067][ T5822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.678157][ T5822] RIP: 0033:0x7f934d1bab39 [ 85.678172][ T5822] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 85.678190][ T5822] RSP: 002b:00007f934b886a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f [ 85.678208][ T5822] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f934d1bab39 [ 85.678221][ T5822] RDX: 00007f934b886a80 RSI: 00007f934b886bb0 RDI: 0000000000000021 [ 85.678300][ T5822] RBP: 00007f934b887090 R08: 0000000000000000 R09: 00007f934b886df6 [ 85.678312][ T5822] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000d [ 85.678323][ T5822] R13: 0000000000000000 R14: 00007f934d445fa0 R15: 00007ffc67418958 [ 85.678375][ T5822] [ 85.878016][ T5813] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.910326][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.925065][ T5826] netlink: 116 bytes leftover after parsing attributes in process `syz.4.747'. [ 85.942510][ T5826] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1545 sclass=netlink_route_socket pid=5826 comm=syz.4.747 [ 86.340580][ T5851] loop5: detected capacity change from 0 to 128 [ 86.354910][ T5845] netlink: 4 bytes leftover after parsing attributes in process `syz.4.754'. [ 86.354931][ T5845] netlink: 4 bytes leftover after parsing attributes in process `syz.4.754'. [ 86.355003][ T5845] netlink: 4 bytes leftover after parsing attributes in process `syz.4.754'. [ 86.386881][ T23] hid-generic FFFC:0003:0000.0004: unknown main item tag 0x7 [ 86.386973][ T23] hid-generic FFFC:0003:0000.0004: item fetching failed at offset 5/6 [ 86.387166][ T23] hid-generic FFFC:0003:0000.0004: probe with driver hid-generic failed with error -22 [ 86.409470][ T5851] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 86.416887][ T5851] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.417027][ T5845] netlink: 4 bytes leftover after parsing attributes in process `syz.4.754'. [ 86.417106][ T5845] netlink: 4 bytes leftover after parsing attributes in process `syz.4.754'. [ 86.417150][ T5845] netlink: 4 bytes leftover after parsing attributes in process `syz.4.754'. [ 86.433218][ T5851] netlink: 96 bytes leftover after parsing attributes in process `syz.5.755'. [ 86.484831][ T5845] netlink: 4 bytes leftover after parsing attributes in process `syz.4.754'. [ 86.516430][ T4063] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 86.552732][ T5863] loop5: detected capacity change from 0 to 1024 [ 86.553614][ T5863] EXT4-fs: Ignoring removed nobh option [ 86.553650][ T5863] EXT4-fs: Ignoring removed bh option [ 86.572490][ T5863] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.722425][ T5863] FAULT_INJECTION: forcing a failure. [ 86.722425][ T5863] name failslab, interval 1, probability 0, space 0, times 0 [ 86.735218][ T5863] CPU: 0 UID: 0 PID: 5863 Comm: syz.5.757 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 86.735252][ T5863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 86.735268][ T5863] Call Trace: [ 86.735275][ T5863] [ 86.735283][ T5863] __dump_stack+0x1d/0x30 [ 86.735320][ T5863] dump_stack_lvl+0xe8/0x140 [ 86.735475][ T5863] dump_stack+0x15/0x1b [ 86.735492][ T5863] should_fail_ex+0x265/0x280 [ 86.735574][ T5863] should_failslab+0x8c/0xb0 [ 86.735651][ T5863] kmem_cache_alloc_lru_noprof+0x55/0x310 [ 86.735694][ T5863] ? ext4_alloc_inode+0x38/0x310 [ 86.735812][ T5863] ? __pfx_ext4_alloc_inode+0x10/0x10 [ 86.735849][ T5863] ext4_alloc_inode+0x38/0x310 [ 86.735886][ T5863] ? __pfx_ext4_alloc_inode+0x10/0x10 [ 86.735939][ T5863] alloc_inode+0x3d/0x170 [ 86.735962][ T5863] iget_locked+0xf4/0x5c0 [ 86.735998][ T5863] __ext4_iget+0x152/0x1fe0 [ 86.736063][ T5863] ? d_alloc_parallel+0xb9a/0xc40 [ 86.736090][ T5863] ext4_lookup+0x161/0x390 [ 86.736117][ T5863] __lookup_slow+0x190/0x250 [ 86.736137][ T5863] lookup_slow+0x3c/0x60 [ 86.736154][ T5863] walk_component+0x1ec/0x220 [ 86.736240][ T5863] path_lookupat+0xfe/0x2a0 [ 86.736306][ T5863] filename_lookup+0x147/0x340 [ 86.736359][ T5863] filename_setxattr+0x56/0x400 [ 86.736479][ T5863] path_setxattrat+0x2c9/0x310 [ 86.736537][ T5863] __x64_sys_lsetxattr+0x71/0x90 [ 86.736571][ T5863] x64_sys_call+0x1e36/0x2fb0 [ 86.736684][ T5863] do_syscall_64+0xd0/0x1a0 [ 86.736776][ T5863] ? clear_bhb_loop+0x25/0x80 [ 86.736798][ T5863] ? clear_bhb_loop+0x25/0x80 [ 86.736824][ T5863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.736877][ T5863] RIP: 0033:0x7fb57fb5e969 [ 86.736891][ T5863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.736908][ T5863] RSP: 002b:00007fb57e1c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 86.736926][ T5863] RAX: ffffffffffffffda RBX: 00007fb57fd85fa0 RCX: 00007fb57fb5e969 [ 86.736938][ T5863] RDX: 00002000000003c0 RSI: 0000200000000140 RDI: 0000200000000000 [ 86.736984][ T5863] RBP: 00007fb57e1c7090 R08: 0000000000000002 R09: 0000000000000000 [ 86.737050][ T5863] R10: 000000000000007c R11: 0000000000000246 R12: 0000000000000002 [ 86.737061][ T5863] R13: 0000000000000000 R14: 00007fb57fd85fa0 R15: 00007ffd397c0528 [ 86.737080][ T5863] [ 87.005995][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.111279][ T5885] program syz.1.765 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 87.180387][ T5894] loop3: detected capacity change from 0 to 2048 [ 87.219782][ T5894] loop3: p1 < > p4 [ 87.224187][ T5894] loop3: p4 size 8388608 extends beyond EOD, truncated [ 87.230513][ T5902] loop5: detected capacity change from 0 to 512 [ 87.248451][ T5906] FAULT_INJECTION: forcing a failure. [ 87.248451][ T5906] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 87.261754][ T5906] CPU: 1 UID: 0 PID: 5906 Comm: syz.0.776 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 87.261791][ T5906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 87.261806][ T5906] Call Trace: [ 87.261814][ T5906] [ 87.261823][ T5906] __dump_stack+0x1d/0x30 [ 87.261849][ T5906] dump_stack_lvl+0xe8/0x140 [ 87.261871][ T5906] dump_stack+0x15/0x1b [ 87.261937][ T5906] should_fail_ex+0x265/0x280 [ 87.261978][ T5906] should_fail+0xb/0x20 [ 87.262014][ T5906] should_fail_usercopy+0x1a/0x20 [ 87.262036][ T5906] _copy_to_user+0x20/0xa0 [ 87.262120][ T5906] __se_sys_move_pages+0xf74/0x1330 [ 87.262164][ T5906] ? get_pid_task+0x96/0xd0 [ 87.262203][ T5906] ? ksys_write+0x16e/0x1a0 [ 87.262283][ T5906] __x64_sys_move_pages+0x78/0x90 [ 87.262324][ T5906] x64_sys_call+0x2eab/0x2fb0 [ 87.262350][ T5906] do_syscall_64+0xd0/0x1a0 [ 87.262409][ T5906] ? clear_bhb_loop+0x25/0x80 [ 87.262436][ T5906] ? clear_bhb_loop+0x25/0x80 [ 87.262529][ T5906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.262555][ T5906] RIP: 0033:0x7fc36200e969 [ 87.262573][ T5906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.262596][ T5906] RSP: 002b:00007fc360677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 87.262619][ T5906] RAX: ffffffffffffffda RBX: 00007fc362235fa0 RCX: 00007fc36200e969 [ 87.262634][ T5906] RDX: 0000200000000080 RSI: 0000000000001efe RDI: 0000000000000000 [ 87.262647][ T5906] RBP: 00007fc360677090 R08: 0000200000000040 R09: 0000000000000000 [ 87.262692][ T5906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.262707][ T5906] R13: 0000000000000000 R14: 00007fc362235fa0 R15: 00007ffe770165f8 [ 87.262731][ T5906] [ 87.266799][ T5902] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.347346][ T5918] program syz.1.779 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 87.352261][ T5902] ext4 filesystem being mounted at /111/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 87.484584][ T5912] team0 (unregistering): Port device team_slave_0 removed [ 87.495773][ T5912] team0 (unregistering): Port device team_slave_1 removed [ 87.495906][ T5902] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.774: corrupted inode contents [ 87.531393][ T23] syz!: Port: 1 Link DOWN [ 87.544468][ T5902] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #2: comm syz.5.774: mark_inode_dirty error [ 87.556485][ T5902] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.774: corrupted inode contents [ 87.571638][ T5902] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #2: comm syz.5.774: mark_inode_dirty error [ 87.607280][ T5902] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.774: corrupted inode contents [ 87.622405][ T5902] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #2: comm syz.5.774: mark_inode_dirty error [ 87.634872][ T5902] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.774: corrupted inode contents [ 87.715537][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.041194][ T5956] program syz.0.790 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 88.306363][ T5977] loop3: detected capacity change from 0 to 2048 [ 88.334235][ T5981] netlink: 'syz.0.799': attribute type 11 has an invalid length. [ 88.344029][ T5977] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.381680][ T5981] sctp: [Deprecated]: syz.0.799 (pid 5981) Use of int in maxseg socket option. [ 88.381680][ T5981] Use struct sctp_assoc_value instead [ 88.391751][ T5977] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 88.404729][ T5977] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 88.413840][ T5977] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 88.422737][ T5977] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 88.569592][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.584326][ T5990] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.608864][ T5993] program syz.3.802 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 88.623410][ T5990] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.717041][ T5998] loop3: detected capacity change from 0 to 512 [ 88.775298][ T5998] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 88.783851][ T5998] EXT4-fs (loop3): inodes count not valid: 63 vs 32 [ 88.876408][ T6004] IPVS: set_ctl: invalid protocol: 58 10.1.1.1:20002 [ 88.907196][ T6004] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 88.944266][ T6004] syz.5.807 (6004) used greatest stack depth: 8832 bytes left [ 88.952415][ T6012] loop1: detected capacity change from 0 to 256 [ 88.962439][ T6018] program syz.3.813 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 88.983500][ T6022] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 88.991010][ T6022] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 89.005496][ T6025] batadv_slave_0: entered promiscuous mode [ 89.106160][ T6041] loop5: detected capacity change from 0 to 128 [ 89.151979][ T6041] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 89.160162][ T6041] FAT-fs (loop5): Filesystem has been set read-only [ 89.167080][ T6041] syz.5.823: attempt to access beyond end of device [ 89.167080][ T6041] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 89.181401][ T6041] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 89.189308][ T6041] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 89.197667][ T6041] syz.5.823: attempt to access beyond end of device [ 89.197667][ T6041] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 89.197723][ T6041] syz.5.823: attempt to access beyond end of device [ 89.197723][ T6041] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 89.197760][ T6041] syz.5.823: attempt to access beyond end of device [ 89.197760][ T6041] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 89.197874][ T6041] syz.5.823: attempt to access beyond end of device [ 89.197874][ T6041] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 89.264181][ T6039] syz.5.823: attempt to access beyond end of device [ 89.264181][ T6039] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 89.279641][ T6039] syz.5.823: attempt to access beyond end of device [ 89.279641][ T6039] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 89.295541][ T6039] syz.5.823: attempt to access beyond end of device [ 89.295541][ T6039] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 89.320726][ T6041] syz.5.823: attempt to access beyond end of device [ 89.320726][ T6041] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 89.335780][ T6041] syz.5.823: attempt to access beyond end of device [ 89.335780][ T6041] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 89.454482][ T6050] loop1: detected capacity change from 0 to 512 [ 89.461337][ T6050] EXT4-fs: Ignoring removed mblk_io_submit option [ 89.489471][ T6050] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.502260][ T6050] ext4 filesystem being mounted at /174/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.533134][ T6055] netlink: 'syz.5.826': attribute type 5 has an invalid length. [ 89.542150][ T6055] netlink: 'syz.5.826': attribute type 5 has an invalid length. [ 89.570267][ T6057] program syz.5.827 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 89.603251][ T6059] loop5: detected capacity change from 0 to 512 [ 89.610695][ T6059] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 89.631188][ T6059] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.828: invalid block [ 89.644578][ T6059] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.828: invalid indirect mapped block 4294967295 (level 1) [ 89.661457][ T6059] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.828: invalid indirect mapped block 4294967295 (level 1) [ 89.675855][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.675892][ T6059] EXT4-fs (loop5): 2 truncates cleaned up [ 89.691525][ T6059] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.705286][ T6059] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.801149][ T6075] loop5: detected capacity change from 0 to 4096 [ 89.807951][ T6075] EXT4-fs: Ignoring removed orlov option [ 89.808068][ T6075] EXT4-fs: Ignoring removed nomblk_io_submit option [ 89.821635][ T6076] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 89.821812][ T6075] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.831366][ T6076] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 89.850477][ T6024] batadv_slave_0: left promiscuous mode [ 89.863493][ T6075] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 89.919128][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.035417][ T6094] loop5: detected capacity change from 0 to 764 [ 90.091066][ T29] kauditd_printk_skb: 2950 callbacks suppressed [ 90.091085][ T29] audit: type=1326 audit(1746603797.498:6745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6078 comm="syz.1.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 90.091140][ T29] audit: type=1326 audit(1746603797.508:6746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6078 comm="syz.1.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 90.091171][ T29] audit: type=1326 audit(1746603797.508:6747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6078 comm="syz.1.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6761b7d2d0 code=0x7ffc0000 [ 90.097824][ T29] audit: type=1326 audit(1746603797.508:6748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6078 comm="syz.1.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 90.097893][ T29] audit: type=1326 audit(1746603797.508:6749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6078 comm="syz.1.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 90.097923][ T29] audit: type=1326 audit(1746603797.508:6750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6078 comm="syz.1.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 90.100096][ T29] audit: type=1326 audit(1746603797.518:6751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6078 comm="syz.1.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=313 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 90.100168][ T29] audit: type=1326 audit(1746603797.518:6752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6078 comm="syz.1.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 90.100196][ T29] audit: type=1326 audit(1746603797.518:6753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6078 comm="syz.1.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 90.159849][ T6097] xt_time: unknown flags 0xc [ 90.434061][ T29] audit: type=1326 audit(1746603797.848:6754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6078 comm="syz.1.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6761b7e969 code=0x7ffc0000 [ 90.770986][ T6129] __nla_validate_parse: 45 callbacks suppressed [ 90.771016][ T6129] netlink: 12 bytes leftover after parsing attributes in process `syz.1.850'. [ 90.976991][ T6138] FAULT_INJECTION: forcing a failure. [ 90.976991][ T6138] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 90.977027][ T6138] CPU: 1 UID: 0 PID: 6138 Comm: syz.3.852 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 90.977105][ T6138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 90.977122][ T6138] Call Trace: [ 90.977129][ T6138] [ 90.977138][ T6138] __dump_stack+0x1d/0x30 [ 90.977164][ T6138] dump_stack_lvl+0xe8/0x140 [ 90.977189][ T6138] dump_stack+0x15/0x1b [ 90.977211][ T6138] should_fail_ex+0x265/0x280 [ 90.977280][ T6138] should_fail+0xb/0x20 [ 90.977362][ T6138] should_fail_usercopy+0x1a/0x20 [ 90.977387][ T6138] _copy_from_user+0x1c/0xb0 [ 90.977419][ T6138] ___sys_sendmsg+0xc1/0x1d0 [ 90.977522][ T6138] __x64_sys_sendmsg+0xd4/0x160 [ 90.977551][ T6138] x64_sys_call+0x2999/0x2fb0 [ 90.977577][ T6138] do_syscall_64+0xd0/0x1a0 [ 90.977660][ T6138] ? clear_bhb_loop+0x25/0x80 [ 90.977681][ T6138] ? clear_bhb_loop+0x25/0x80 [ 90.977706][ T6138] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.977733][ T6138] RIP: 0033:0x7f516820e969 [ 90.977751][ T6138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.977824][ T6138] RSP: 002b:00007f5166877038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 90.977842][ T6138] RAX: ffffffffffffffda RBX: 00007f5168435fa0 RCX: 00007f516820e969 [ 90.977857][ T6138] RDX: 0000000020004004 RSI: 00002000000000c0 RDI: 0000000000000003 [ 90.977873][ T6138] RBP: 00007f5166877090 R08: 0000000000000000 R09: 0000000000000000 [ 90.977887][ T6138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 90.978026][ T6138] R13: 0000000000000000 R14: 00007f5168435fa0 R15: 00007fffa2c4b578 [ 90.978045][ T6138] [ 91.083096][ T6142] dvmrp0: entered allmulticast mode [ 91.224096][ T6144] loop3: detected capacity change from 0 to 1024 [ 91.246620][ T6144] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.854: Failed to acquire dquot type 0 [ 91.247139][ T6144] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 91.282681][ T6144] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.854: corrupted inode contents [ 91.294726][ T6144] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #13: comm syz.3.854: mark_inode_dirty error [ 91.306338][ T6144] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.854: corrupted inode contents [ 91.318918][ T6144] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #13: comm syz.3.854: mark_inode_dirty error [ 91.330823][ T6144] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.854: corrupted inode contents [ 91.343705][ T6144] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 91.359327][ T6144] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.854: corrupted inode contents [ 91.371559][ T6144] EXT4-fs error (device loop3): ext4_truncate:4255: inode #13: comm syz.3.854: mark_inode_dirty error [ 91.383433][ T6144] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 91.393306][ T6144] EXT4-fs (loop3): 1 truncate cleaned up [ 91.400652][ T6144] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.401600][ T6147] netlink: 24 bytes leftover after parsing attributes in process `+}[@'. [ 91.439961][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.461627][ T6153] netlink: 40 bytes leftover after parsing attributes in process `syz.3.858'. [ 91.470585][ T6153] netlink: 276 bytes leftover after parsing attributes in process `syz.3.858'. [ 91.481331][ T6153] netlink: 32 bytes leftover after parsing attributes in process `syz.3.858'. [ 91.483240][ T6155] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 91.502773][ T6153] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=6153 comm=syz.3.858 [ 91.533745][ T6153] netlink: 72 bytes leftover after parsing attributes in process `syz.3.858'. [ 91.547037][ T6161] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.562538][ T6163] loop5: detected capacity change from 0 to 512 [ 91.570045][ T6163] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 91.571612][ T6165] xt_hashlimit: max too large, truncated to 1048576 [ 91.589182][ T6163] EXT4-fs (loop5): 1 truncate cleaned up [ 91.590806][ T6165] No such timeout policy "syz1" [ 91.601875][ T6161] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.602477][ T6163] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 91.633183][ T6165] loop1: detected capacity change from 0 to 1024 [ 91.640195][ T6165] EXT4-fs: Ignoring removed nobh option [ 91.645845][ T6165] EXT4-fs: Ignoring removed bh option [ 91.663084][ T6161] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.667165][ T6165] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.701420][ T6165] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 91.723599][ T6161] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.785436][ T6161] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.799214][ T6161] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.813348][ T6161] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.826849][ T6161] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.924580][ T6181] netlink: 4 bytes leftover after parsing attributes in process `syz.0.866'. [ 92.104098][ T6186] FAULT_INJECTION: forcing a failure. [ 92.104098][ T6186] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 92.117215][ T6186] CPU: 0 UID: 0 PID: 6186 Comm: syz.3.867 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 92.117261][ T6186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 92.117277][ T6186] Call Trace: [ 92.117285][ T6186] [ 92.117372][ T6186] __dump_stack+0x1d/0x30 [ 92.117393][ T6186] dump_stack_lvl+0xe8/0x140 [ 92.117418][ T6186] dump_stack+0x15/0x1b [ 92.117438][ T6186] should_fail_ex+0x265/0x280 [ 92.117497][ T6186] should_fail+0xb/0x20 [ 92.117524][ T6186] should_fail_usercopy+0x1a/0x20 [ 92.117608][ T6186] _copy_from_iter+0xcf/0xdd0 [ 92.117631][ T6186] ? __rcu_read_unlock+0x4f/0x70 [ 92.117652][ T6186] ? avc_has_perm_noaudit+0x1b1/0x200 [ 92.117690][ T6186] ? skb_set_owner_w+0x16a/0x1c0 [ 92.117714][ T6186] ? sock_alloc_send_pskb+0x456/0x4f0 [ 92.117877][ T6186] skb_copy_datagram_from_iter+0xb1/0x490 [ 92.117903][ T6186] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 92.117988][ T6186] ? skb_put+0xa9/0xf0 [ 92.118019][ T6186] unix_dgram_sendmsg+0x446/0xec0 [ 92.118050][ T6186] ? selinux_socket_sendmsg+0x175/0x1b0 [ 92.118131][ T6186] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 92.118158][ T6186] __sock_sendmsg+0x142/0x180 [ 92.118237][ T6186] ____sys_sendmsg+0x31e/0x4e0 [ 92.118260][ T6186] ___sys_sendmsg+0x17b/0x1d0 [ 92.118302][ T6186] __x64_sys_sendmsg+0xd4/0x160 [ 92.118395][ T6186] x64_sys_call+0x2999/0x2fb0 [ 92.118420][ T6186] do_syscall_64+0xd0/0x1a0 [ 92.118438][ T6186] ? clear_bhb_loop+0x25/0x80 [ 92.118507][ T6186] ? clear_bhb_loop+0x25/0x80 [ 92.118526][ T6186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.118544][ T6186] RIP: 0033:0x7f516820e969 [ 92.118558][ T6186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.118573][ T6186] RSP: 002b:00007f5166877038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 92.118589][ T6186] RAX: ffffffffffffffda RBX: 00007f5168435fa0 RCX: 00007f516820e969 [ 92.118663][ T6186] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004 [ 92.118673][ T6186] RBP: 00007f5166877090 R08: 0000000000000000 R09: 0000000000000000 [ 92.118683][ T6186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.118693][ T6186] R13: 0000000000000000 R14: 00007f5168435fa0 R15: 00007fffa2c4b578 [ 92.118711][ T6186] [ 92.362257][ T4063] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.390361][ T6190] loop5: detected capacity change from 0 to 2048 [ 92.416904][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.439213][ T6195] program syz.1.871 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 92.457416][ T6197] FAULT_INJECTION: forcing a failure. [ 92.457416][ T6197] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 92.470724][ T6197] CPU: 0 UID: 0 PID: 6197 Comm: syz.3.873 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 92.470810][ T6197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 92.470826][ T6197] Call Trace: [ 92.470833][ T6197] [ 92.470839][ T6197] __dump_stack+0x1d/0x30 [ 92.470860][ T6197] dump_stack_lvl+0xe8/0x140 [ 92.470883][ T6197] dump_stack+0x15/0x1b [ 92.470903][ T6197] should_fail_ex+0x265/0x280 [ 92.471195][ T6197] should_fail+0xb/0x20 [ 92.471285][ T6197] should_fail_usercopy+0x1a/0x20 [ 92.471308][ T6197] _copy_to_user+0x20/0xa0 [ 92.471372][ T6197] simple_read_from_buffer+0xb5/0x130 [ 92.471397][ T6197] proc_fail_nth_read+0x100/0x140 [ 92.471494][ T6197] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 92.471525][ T6197] vfs_read+0x19d/0x6f0 [ 92.471556][ T6197] ? __cond_resched+0x4e/0x90 [ 92.471674][ T6197] ksys_read+0xda/0x1a0 [ 92.471783][ T6197] __x64_sys_read+0x40/0x50 [ 92.471812][ T6197] x64_sys_call+0x2d77/0x2fb0 [ 92.471831][ T6197] do_syscall_64+0xd0/0x1a0 [ 92.471901][ T6197] ? clear_bhb_loop+0x25/0x80 [ 92.471929][ T6197] ? clear_bhb_loop+0x25/0x80 [ 92.472014][ T6197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.472038][ T6197] RIP: 0033:0x7f516820d37c [ 92.472053][ T6197] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 92.472070][ T6197] RSP: 002b:00007f5166877030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 92.472088][ T6197] RAX: ffffffffffffffda RBX: 00007f5168435fa0 RCX: 00007f516820d37c [ 92.472143][ T6197] RDX: 000000000000000f RSI: 00007f51668770a0 RDI: 0000000000000003 [ 92.472157][ T6197] RBP: 00007f5166877090 R08: 0000000000000000 R09: 0000000000000000 [ 92.472171][ T6197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 92.472185][ T6197] R13: 0000000000000000 R14: 00007f5168435fa0 R15: 00007fffa2c4b578 [ 92.472208][ T6197] [ 92.751147][ T6210] loop1: detected capacity change from 0 to 1024 [ 92.762147][ T6210] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 92.773166][ T6210] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 92.793690][ T6210] JBD2: no valid journal superblock found [ 92.799499][ T6210] EXT4-fs (loop1): Could not load journal inode [ 92.829773][ T6218] SELinux: ebitmap: truncated map [ 92.840211][ T6210] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 92.858000][ T6218] SELinux: failed to load policy [ 92.908786][ T6229] netlink: 8 bytes leftover after parsing attributes in process `+}[@'. [ 92.921927][ T6231] ip6gre1: entered allmulticast mode [ 93.017721][ T6238] netlink: 4 bytes leftover after parsing attributes in process `syz.5.891'. [ 93.054652][ T6244] loop4: detected capacity change from 0 to 2048 [ 93.061506][ T6244] EXT4-fs: Ignoring removed i_version option [ 93.068200][ T6244] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 93.078058][ T6244] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 93.102153][ T6250] SELinux: failed to load policy [ 93.109333][ T6247] netlink: 16 bytes leftover after parsing attributes in process `syz.3.894'. [ 93.121282][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.145554][ T6260] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13) [ 93.152236][ T6260] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 93.159832][ T6260] vhci_hcd vhci_hcd.0: Device attached [ 93.168642][ T6260] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(15) [ 93.175326][ T6260] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 93.182851][ T6260] vhci_hcd vhci_hcd.0: Device attached [ 93.193532][ T6260] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 93.202725][ T6260] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(19) [ 93.209391][ T6260] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 93.216893][ T6260] vhci_hcd vhci_hcd.0: Device attached [ 93.230786][ T6260] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(21) [ 93.237449][ T6260] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 93.245182][ T6260] vhci_hcd vhci_hcd.0: Device attached [ 93.252132][ T6260] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(23) [ 93.258757][ T6260] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 93.266372][ T6260] vhci_hcd vhci_hcd.0: Device attached [ 93.276305][ T6260] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 93.286190][ T6260] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 93.295078][ T6260] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 93.337633][ T3383] vhci_hcd: vhci_device speed not set [ 93.361412][ T6269] vhci_hcd: connection closed [ 93.361684][ T565] vhci_hcd: stop threads [ 93.370777][ T565] vhci_hcd: release socket [ 93.375328][ T565] vhci_hcd: disconnect device [ 93.381165][ T6274] vhci_hcd: connection closed [ 93.381265][ T6272] vhci_hcd: connection closed [ 93.386121][ T6267] vhci_hcd: connection closed [ 93.391461][ T6261] vhci_hcd: connection closed [ 93.391663][ T565] vhci_hcd: stop threads [ 93.405269][ T565] vhci_hcd: release socket [ 93.409794][ T565] vhci_hcd: disconnect device [ 93.414642][ T3383] usb 9-1: new full-speed USB device number 2 using vhci_hcd [ 93.414687][ T565] vhci_hcd: stop threads [ 93.414707][ T565] vhci_hcd: release socket [ 93.414720][ T565] vhci_hcd: disconnect device [ 93.414786][ T3383] ================================================================== [ 93.414826][ T3383] BUG: KCSAN: data-race in data_push_tail / vsnprintf [ 93.414878][ T3383] [ 93.414887][ T3383] write to 0xffffffff88e20b70 of 25 bytes by task 565 on cpu 0: [ 93.414904][ T3383] vsnprintf+0x2ce/0x890 [ 93.414930][ T3383] vscnprintf+0x41/0x90 [ 93.414972][ T565] vhci_hcd: stop threads [ 93.414961][ T3383] printk_sprint+0x30/0x2d0 [ 93.414983][ T565] vhci_hcd: release socket [ 93.415001][ T3383] vprintk_store+0x599/0x860 [ 93.415032][ T3383] vprintk_emit+0x178/0x650 [ 93.415061][ T565] vhci_hcd: disconnect device [ 93.415060][ T3383] vprintk_default+0x26/0x30 [ 93.415084][ T3383] vprintk+0x1d/0x30 [ 93.415115][ T3383] _printk+0x79/0xa0 [ 93.415144][ T3383] vhci_shutdown_connection+0xc1/0x1f0 [ 93.415164][ T3383] event_handler+0x187/0x340 [ 93.415193][ T3383] process_scheduled_works+0x4cb/0x9d0 [ 93.415229][ T3383] worker_thread+0x582/0x770 [ 93.415258][ T3383] kthread+0x486/0x510 [ 93.415281][ T3383] ret_from_fork+0x4b/0x60 [ 93.415301][ T565] vhci_hcd: stop threads [ 93.415312][ T565] vhci_hcd: release socket [ 93.415304][ T3383] ret_from_fork_asm+0x1a/0x30 [ 93.415327][ T565] vhci_hcd: disconnect device [ 93.415333][ T3383] [ 93.415343][ T3383] read to 0xffffffff88e20b80 of 8 bytes by task 3383 on cpu 1: [ 93.415364][ T3383] data_push_tail+0xfd/0x420 [ 93.415401][ T3383] data_alloc+0xbf/0x2b0 [ 93.415426][ T3383] prb_reserve+0x808/0xaf0 [ 93.415452][ T3383] vprintk_store+0x56d/0x860 [ 93.415480][ T3383] vprintk_emit+0x178/0x650 [ 93.415495][ T3383] dev_vprintk_emit+0x242/0x2a0 [ 93.415514][ T3383] dev_printk_emit+0x84/0xb0 [ 93.415532][ T3383] __dev_printk+0xf3/0x110 [ 93.415554][ T3383] _dev_info+0x9b/0xd0 [ 93.415571][ T3383] hub_port_init+0x3e9/0x1680 [ 93.415589][ T3383] hub_event+0x1965/0x2940 [ 93.415604][ T3383] process_scheduled_works+0x4cb/0x9d0 [ 93.415629][ T3383] worker_thread+0x582/0x770 [ 93.415655][ T3383] kthread+0x486/0x510 [ 93.415670][ T3383] ret_from_fork+0x4b/0x60 [ 93.415685][ T3383] ret_from_fork_asm+0x1a/0x30 [ 93.415704][ T3383] [ 93.415708][ T3383] value changed: 0x00000000ffffe4a5 -> 0x7364736461657268 [ 93.415719][ T3383] [ 93.415724][ T3383] Reported by Kernel Concurrency Sanitizer on: [ 93.415736][ T3383] CPU: 1 UID: 0 PID: 3383 Comm: kworker/1:5 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) [ 93.415760][ T3383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 93.415774][ T3383] Workqueue: usb_hub_wq hub_event [ 93.415793][ T3383] ================================================================== [ 93.696367][ T3383] usb 9-1: enqueue for inactive port 0 [ 93.701913][ T3383] usb 9-1: enqueue for inactive port 0 [ 93.707495][ T3383] usb 9-1: enqueue for inactive port 0 [ 93.787630][ T3383] vhci_hcd: vhci_device speed not set