last executing test programs: 3.203131819s ago: executing program 0 (id=5638): bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b700000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r4}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8000000000000}, 0x18) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0xf9d3) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0) 1.494670201s ago: executing program 0 (id=5657): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_GET(r2, &(0x7f0000000340)={&(0x7f00000001c0), 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x48, 0x1, 0x8, 0x3, 0x0, 0x0, {0x2, 0x0, 0xa}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x19}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4004000) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r4) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r6}, 0x10) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0, 0x2044}, 0x60) ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x110e22fff6) r7 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r7, &(0x7f0000001240)=""/102400, 0x200000, 0x0) 1.257723084s ago: executing program 0 (id=5665): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) 1.054620647s ago: executing program 0 (id=5668): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f000000a2c0), 0x0, 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x10400, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x38, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}, @in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10) r3 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x25, &(0x7f00000001c0)={r4, @in={{0x2, 0x0, @empty}}}, 0x90) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f0000000600)={r4, @in={{0x2, 0x4e22, @rand_addr=0x64010101}}}, 0x84) sendto$inet6(r0, 0x0, 0x0, 0x44000, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2600000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="fcffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) syz_read_part_table(0x105c, &(0x7f0000001080)="$eJzsz71Rw0AQBeCnQ0gioBUSOqAHEopBKZUQ0Ae9uAaPPeuR/NeB7eD7gpt7N+9mZ8N9tWxr8V+pLsmwHHPLW6bkJW0tffRTltynxlQyX77XuD91fp6/h7RNxjV9vXe7quuY1+TpePvtz29dPv9utSYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLJDAAAA//+4SRWs") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000e40)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r7}, 0x18) syz_clone3(&(0x7f0000000580)={0x800, &(0x7f0000000180)=0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280), {0x33}, &(0x7f0000000400)=""/117, 0x75, &(0x7f0000000500)=""/79, &(0x7f00000002c0)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0], 0x6}, 0x58) process_mrelease(r8, 0x0) getsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4) 953.487698ms ago: executing program 4 (id=5669): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x43, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) quotactl$Q_GETNEXTQUOTA(0x0, &(0x7f0000003040)=@filename='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0/file0\x00', 0x0, 0x0) 951.988658ms ago: executing program 3 (id=5670): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x9}, 0x18) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) 915.088529ms ago: executing program 4 (id=5671): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x6f9e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x1, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x8002, 0x0, 0x0, 0x7, 0x0, 0x1, 0xfffd, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x78}}, 0x20000080) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0) bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0), 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='limits\x00') lseek(r2, 0x1, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r4, 0x400, 0x0) rename(&(0x7f0000000140)='./file1\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 887.476769ms ago: executing program 3 (id=5673): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x178}, 0x18) r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="18090000000000000000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000540), &(0x7f0000000580)=r3}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x1}) io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) 857.775749ms ago: executing program 4 (id=5675): io_setup(0x2, &(0x7f0000002380)=0x0) io_submit(r0, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a00, 0xc00}]) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r4}, 0x10) r5 = dup(r2) ioctl$PTP_EXTTS_REQUEST2(r5, 0x43403d05, 0x0) write$cgroup_freezer_state(r1, &(0x7f0000000080)='FROZEN\x00', 0x7) timer_create(0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, 0x0) timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x5, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000040000000083000000bf09000000000000550901000000000095d000554400000000000000bf91400000000000b7020000000000008500000085000000b70000000000000095000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$netlink(0x10, 0x3, 0xc) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000048000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000210c0009800800014000000005600000000c0a010300000000000000000700fffe0900020073797a31000000000900010073797a300000000034000380300000802c000180250001002130404c6bfef3a31e2587ebd76200eb3ea056f39e3ab8a93c358099bf8cf3007d00000014000000110001"], 0xf0}}, 0x0) 777.79163ms ago: executing program 1 (id=5676): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f000000a2c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x10400, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, 0x0, &(0x7f0000000180)) r3 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x25, &(0x7f00000001c0)={r4, @in={{0x2, 0x0, @empty}}}, 0x90) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f0000000600)={r4, @in={{0x2, 0x4e22, @rand_addr=0x64010101}}}, 0x84) sendto$inet6(r0, 0x0, 0x0, 0x44000, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2600000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="fcffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) syz_read_part_table(0x105c, &(0x7f0000001080)="$eJzsz71Rw0AQBeCnQ0gioBUSOqAHEopBKZUQ0Ae9uAaPPeuR/NeB7eD7gpt7N+9mZ8N9tWxr8V+pLsmwHHPLW6bkJW0tffRTltynxlQyX77XuD91fp6/h7RNxjV9vXe7quuY1+TpePvtz29dPv9utSYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLJDAAAA//+4SRWs") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000e40)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r7}, 0x18) syz_clone3(&(0x7f0000000580)={0x800, &(0x7f0000000180)=0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280), {0x33}, &(0x7f0000000400)=""/117, 0x75, &(0x7f0000000500)=""/79, &(0x7f00000002c0)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0], 0x6}, 0x58) process_mrelease(r8, 0x0) getsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4) 747.562131ms ago: executing program 0 (id=5678): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) 720.196271ms ago: executing program 3 (id=5679): r0 = socket$kcm(0x29, 0x2, 0x0) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x6, 0x2ab, &(0x7f0000000a80)="$eJzs3b1rLFUUAPAzyX6pxW5hJYIDWlg9Xl5rs0HyILiVsoVa6MP3Hkh2ERII+IFrKlsbS/8CQbDzn7CxsBdsBTtTBEZmZya7ibObTHATP36/Jjd3zrn3zOQmYYs9+/6L04PHaTw9+eyX6PWS2BrGME6TGMRWVL6IC4ZfBQDwb3aaZfF7VmiSl0REb3NlAQAb1Pj///cbLwkA2LC33n7njd3RaO/NNO3Fw+mXx+P8lX3+tbi++zQ+jEk8ifvRj7OI7Fwxfphl2ayV5gbxynR2PM4zp+/9WK6/+1vEPH8n+jGYT13M3x/t7aSFpfxZXsez5f7DPP9B9OP5mv33R3sPavJj3IlXX16q/17046cP4qOYxON5EYv8z3fS9PXs6z8+fTcvL89PZsfj7jxuIdu+5R8NAAAAAAAAAAAAAAAAAAAAAAD/YffK3jndmPfvyafK/jvbZ/k37Ugrg4v9eYr8pFroUn+gWRbfVP117qdpmpWBi/xWvNCK1t3cNQAAAAAAAAAAAAAAAAAAAPyzHH38ycGjyeTJ4d8yqLoBVG/rv+k6w6WZl6ImZhDnM93FllvltmtWju0qJolYW0a+YqPi21fvvmLwzKqsb79r+uh6V8e0b1Bhw0F1ug4eJfXPsBvVTK86JD8sx3Timnt1Vl3KGh2/Tu2lfuN77zw3H8zWxESyrrDXfi2eXDmTXL6Lzvyp1qa3y0Hxu1B3Nhqd57/+rUh06wAAAAAAAAAAAAAAAAAAgI1avOm35uLJiqSf94sP+Y/BhqsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNux+Pz/BoNZmXyN4E4cHt3xLQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/8GcAAAD//wrtYeE=") bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x50) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000300)={'syztnl2\x00', 0x0}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)=@o_path={&(0x7f0000000000)='./file0\x00', 0x0, 0x4008, r0}, 0x18) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f00000000c0)={r0, r1}) 704.375681ms ago: executing program 4 (id=5680): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000048000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000210c0009800800014000000005600000000c0a010300000000000000000700fffe0900020073797a31000000000900010073797a300000000034000380300000802c000180250001002130404c6bfef3a31e2587ebd76200"], 0xf0}}, 0x0) 653.057142ms ago: executing program 4 (id=5682): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000003000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000df20feef00"], 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r2, 0xffffffffffffffff}, &(0x7f0000001840), &(0x7f00000017c0)='%pi6 \x00'}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000002000018110000", @ANYRES32=r3, @ANYBLOB="000000000000dc69b735acd8911d9060fb70a5ef080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000480)='mm_page_free\x00', r4}, 0x10) r5 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r5, 0x2007ffc) perf_event_open(0x0, 0x0, 0x100000000000, 0xffffffffffffffff, 0x0) sendfile(r5, r5, 0x0, 0x800000009) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local}) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r8}, 0x10) close(r6) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x0, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=") open(&(0x7f0000000300)='.\x02\x00', 0x14927e, 0x44) sched_setaffinity(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) 583.815863ms ago: executing program 2 (id=5683): r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) faccessat(r0, &(0x7f00000005c0)='./file0\x00', 0x100) 549.558943ms ago: executing program 3 (id=5684): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000073000000850000002a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r1}, 0x3d) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e21, 0x1f0268bc, @empty, 0x6}}, 0x0, 0x0, 0x3fc, 0x1, 0x32, 0xb}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xb, &(0x7f00000005c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='kfree\x00', r2, 0x0, 0x800000000000004}, 0x18) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x290, 0x0, 0x2b8, 0xb0000010, 0x2, 0x5c8f0200, 0x388, 0x3a8, 0x3a8, 0x388, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [], 'vlan1\x00', 'veth0_to_team\x00'}, 0x0, 0xa8, 0xf0, 0x700}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x4, 0x8a}, 0x9c) bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8668}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x4, &(0x7f0000000280)=ANY=[@ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = socket(0x2, 0x80805, 0x0) r7 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={0x0}, &(0x7f0000000000)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r6, 0x84, 0x19, &(0x7f0000000100)={r8, 0xb2}, 0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000002c0)={r8, 0xf}, &(0x7f0000000300)=0x8) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 516.739624ms ago: executing program 0 (id=5685): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)={0x38, r2, 0x1, 0x0, 0x2, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x24000010) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0) 506.603134ms ago: executing program 2 (id=5686): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101a00, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) fgetxattr(r0, &(0x7f00000002c0)=@known='security.selinux\x00', 0x0, 0x0) 468.642984ms ago: executing program 1 (id=5687): bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1b, 0x0, 0x0, 0x7f, 0x18309, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0, @value, @void, @value}, 0x50) r0 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x10) read$nci(r0, &(0x7f0000000100)=""/83, 0x53) io_setup(0x3, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) r2 = socket$kcm(0x10, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, 0x0, &(0x7f0000000380)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = io_uring_setup(0x6280, &(0x7f0000000580)={0x0, 0x90000000, 0x1000, 0x0, 0x1d2}) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000002700)=""/4096, 0x1000}], &(0x7f0000000200), 0x1}, 0x20) socket$nl_netfilter(0x10, 0x3, 0xc) socket$igmp6(0xa, 0x3, 0x2) r4 = socket$packet(0x11, 0x2, 0x300) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000003c0)={r1, @in={{0x2, 0x4e23, @private=0xa010100}}, 0x100, 0x9}, &(0x7f0000000240)=0x90) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'}) syz_emit_ethernet(0x82, &(0x7f0000000040)={@link_local, @dev, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x2b, 0x0, @private1, @private2, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8, {0x0, 0x0, 0x0, 0x80}}]}]}}}}}}}, 0x0) sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)}, 0x0) 361.329896ms ago: executing program 2 (id=5688): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f000000a2c0), 0x0, 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x10400, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x38, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}, @in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10) r3 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x25, &(0x7f00000001c0)={r4, @in={{0x2, 0x0, @empty}}}, 0x90) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f0000000600)={r4, @in={{0x2, 0x4e22, @rand_addr=0x64010101}}}, 0x84) sendto$inet6(r0, 0x0, 0x0, 0x44000, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2600000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="fcffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) syz_read_part_table(0x105c, &(0x7f0000001080)="$eJzsz71Rw0AQBeCnQ0gioBUSOqAHEopBKZUQ0Ae9uAaPPeuR/NeB7eD7gpt7N+9mZ8N9tWxr8V+pLsmwHHPLW6bkJW0tffRTltynxlQyX77XuD91fp6/h7RNxjV9vXe7quuY1+TpePvtz29dPv9utSYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLJDAAAA//+4SRWs") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000e40)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r7}, 0x18) syz_clone3(&(0x7f0000000580)={0x800, &(0x7f0000000180)=0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280), {0x33}, &(0x7f0000000400)=""/117, 0x75, &(0x7f0000000500)=""/79, &(0x7f00000002c0)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0], 0x6}, 0x58) process_mrelease(r8, 0x0) getsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4) 268.363897ms ago: executing program 3 (id=5689): r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="0400000000008000080000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) faccessat(r0, &(0x7f00000005c0)='./file0\x00', 0x100) 260.662807ms ago: executing program 1 (id=5690): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2d, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x82, 0x8000) ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000740)=0x1000400) 231.016708ms ago: executing program 1 (id=5691): creat(&(0x7f00000000c0)='./file0\x00', 0x198) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r1 = dup(r0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 184.495028ms ago: executing program 2 (id=5692): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) recvmsg(r0, &(0x7f0000000a00)={0x0, 0x0, 0x0}, 0x40000000) 136.185299ms ago: executing program 1 (id=5693): creat(&(0x7f00000000c0)='./file0\x00', 0x198) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, 0x0, 0x15) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 79.634479ms ago: executing program 2 (id=5694): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x6f9e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x1, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x8002, 0x0, 0x0, 0x7, 0x0, 0x1, 0xfffd, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x78}}, 0x20000080) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0) bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0), 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='limits\x00') lseek(r2, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r4, 0x400, 0x0) rename(&(0x7f0000000140)='./file1\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 78.027149ms ago: executing program 4 (id=5695): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYRES32=0x0, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) 47.87986ms ago: executing program 2 (id=5696): r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) faccessat(r0, &(0x7f00000005c0)='./file0\x00', 0x100) 25.3036ms ago: executing program 3 (id=5697): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f000000a2c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x10400, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, 0x0, &(0x7f0000000180)) r3 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x25, &(0x7f00000001c0)={r4, @in={{0x2, 0x0, @empty}}}, 0x90) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f0000000600)={r4, @in={{0x2, 0x4e22, @rand_addr=0x64010101}}}, 0x84) sendto$inet6(r0, 0x0, 0x0, 0x44000, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2600000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="fcffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) syz_read_part_table(0x105c, &(0x7f0000001080)="$eJzsz71Rw0AQBeCnQ0gioBUSOqAHEopBKZUQ0Ae9uAaPPeuR/NeB7eD7gpt7N+9mZ8N9tWxr8V+pLsmwHHPLW6bkJW0tffRTltynxlQyX77XuD91fp6/h7RNxjV9vXe7quuY1+TpePvtz29dPv9utSYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLJDAAAA//+4SRWs") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000e40)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r7}, 0x18) syz_clone3(&(0x7f0000000580)={0x800, &(0x7f0000000180)=0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280), {0x33}, &(0x7f0000000400)=""/117, 0x75, &(0x7f0000000500)=""/79, &(0x7f00000002c0)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0], 0x6}, 0x58) process_mrelease(r8, 0x0) getsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4) 0s ago: executing program 1 (id=5698): bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYRES32], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000700)='cq_free\x00', 0xffffffffffffffff, 0x0, 0xff}, 0x18) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) syz_emit_ethernet(0x39, &(0x7f0000000280)={@link_local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @val={@void, {0x8100, 0x0, 0x0, 0x2}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x27, 0x0, 0xe000, 0x2, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x13, 0x0, @opaque="a6f2138fa8a40683adbb15"}}}}}, 0x0) syz_emit_ethernet(0xbe, &(0x7f00000001c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "9e188a80c32aa9b86ed6ce56992732d9f7fc6cda762c07530a038941764a92bb", "074336477e9205df5f47f7da965c25c746ba7f8ca07841d3da17308a6df3f54855ecedd6d8664fa125e3972a48e81039", "a562ff321beb3f036b9fd27aeff89c8e79a57a3873e0b4e6553e2c44", {"4cf02a016458a5f67aa497153eddc6a1", "9a3f9661ac468177dc130be49bdd8eb5"}}}}}}}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) kernel console output (not intermixed with test programs): omm syz.4.4700: couldn't read orphan inode 15 (err -117) [ 247.880100][T15671] bond0: (slave dummy0): Releasing backup interface [ 247.888594][T15671] dummy0: left promiscuous mode [ 247.962903][T15673] lo speed is unknown, defaulting to 1000 [ 247.982380][T15672] loop3: detected capacity change from 0 to 8192 [ 248.005025][T15682] siw: device registration error -23 [ 248.027285][T15685] loop1: detected capacity change from 0 to 512 [ 248.034374][T15685] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 248.047072][T15672] loop3: p1 p2 p3 p4 [ 248.051176][T15672] loop3: p1 size 108922248 extends beyond EOD, truncated [ 248.060990][T15672] loop3: p2 start 861536256 is beyond EOD, truncated [ 248.068017][T15672] loop3: p3 start 851968 is beyond EOD, truncated [ 248.074577][T15672] loop3: p4 size 65536 extends beyond EOD, truncated [ 248.101861][T15685] EXT4-fs (loop1): 1 truncate cleaned up [ 248.328933][T15705] loop1: detected capacity change from 0 to 512 [ 248.340558][T15705] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 248.358877][T15705] EXT4-fs (loop1): 1 truncate cleaned up [ 248.368131][T15708] netlink: 'syz.2.4716': attribute type 10 has an invalid length. [ 248.379290][T15708] dummy0: entered promiscuous mode [ 248.385476][T15708] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 248.552721][T15719] loop1: detected capacity change from 0 to 1024 [ 248.559924][T15719] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 248.570942][T15719] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 248.577687][T15720] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 248.582118][T15719] JBD2: no valid journal superblock found [ 248.596119][T15719] EXT4-fs (loop1): Could not load journal inode [ 248.609185][T15719] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 248.726354][T15726] 9pnet_fd: Insufficient options for proto=fd [ 248.837418][T15736] loop3: detected capacity change from 0 to 256 [ 248.854601][T15738] siw: device registration error -23 [ 248.897490][T15722] netlink: 'syz.0.4721': attribute type 10 has an invalid length. [ 248.953701][T15748] 9pnet_fd: Insufficient options for proto=fd [ 249.018793][T15752] loop3: detected capacity change from 0 to 1024 [ 249.043944][T15750] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 249.059606][T15752] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 249.070561][T15752] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 249.115571][T15752] JBD2: no valid journal superblock found [ 249.121445][T15752] EXT4-fs (loop3): Could not load journal inode [ 249.161137][T15752] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 249.173639][T15760] 9pnet_fd: Insufficient options for proto=fd [ 249.243028][T15768] siw: device registration error -23 [ 249.271506][T15776] loop3: detected capacity change from 0 to 256 [ 249.350455][T15786] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4743'. [ 249.352736][T15785] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 249.393010][T15788] loop3: detected capacity change from 0 to 512 [ 249.402174][T15788] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.4748: casefold flag without casefold feature [ 249.415071][T15788] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.4748: couldn't read orphan inode 15 (err -117) [ 249.496517][T15792] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4749'. [ 249.505824][T15791] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4749'. [ 249.515375][T15792] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4749'. [ 249.623791][T15800] loop3: detected capacity change from 0 to 512 [ 249.631161][T15800] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 249.642515][T15800] EXT4-fs (loop3): 1 truncate cleaned up [ 249.862041][T15816] bond0: (slave dummy0): Releasing backup interface [ 249.870576][T15816] dummy0: left promiscuous mode [ 250.053530][T15827] loop3: detected capacity change from 0 to 764 [ 250.060929][T15827] rock: directory entry would overflow storage [ 250.067164][T15827] rock: sig=0x4654, size=5, remaining=4 [ 250.107451][T15819] netlink: 'syz.2.4761': attribute type 10 has an invalid length. [ 250.196615][T15832] loop4: detected capacity change from 0 to 256 [ 250.243769][T15850] 9pnet_fd: Insufficient options for proto=fd [ 250.311488][T15858] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4776'. [ 250.321148][T15852] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4776'. [ 250.356399][T15860] netlink: 'syz.4.4779': attribute type 3 has an invalid length. [ 250.387614][T15862] loop4: detected capacity change from 0 to 1024 [ 250.394908][T15862] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 250.405994][T15862] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 250.417534][T15862] JBD2: no valid journal superblock found [ 250.423504][T15862] EXT4-fs (loop4): Could not load journal inode [ 250.509449][T15868] loop4: detected capacity change from 0 to 256 [ 250.798002][T15896] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 250.882505][T15898] loop4: detected capacity change from 0 to 256 [ 251.015976][T15913] loop1: detected capacity change from 0 to 512 [ 251.024493][T15913] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 251.077261][T15913] EXT4-fs (loop1): orphan cleanup on readonly fs [ 251.085187][T15913] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.4800: Failed to acquire dquot type 1 [ 251.100620][T15913] EXT4-fs (loop1): 1 truncate cleaned up [ 251.201394][T15917] loop4: detected capacity change from 0 to 512 [ 251.254295][T15917] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.4803: casefold flag without casefold feature [ 251.330531][T15917] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4803: couldn't read orphan inode 15 (err -117) [ 251.413473][T15910] loop3: detected capacity change from 0 to 8192 [ 251.517195][T15910] loop3: p1 p2 p3 p4 [ 251.521747][T15910] loop3: p1 size 108922248 extends beyond EOD, truncated [ 251.555683][T15910] loop3: p2 start 861536256 is beyond EOD, truncated [ 251.562472][T15910] loop3: p3 start 851968 is beyond EOD, truncated [ 251.568997][T15910] loop3: p4 size 65536 extends beyond EOD, truncated [ 251.991903][T15939] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 252.004909][ T29] kauditd_printk_skb: 237 callbacks suppressed [ 252.004924][ T29] audit: type=1326 audit(1746194102.000:10977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15936 comm="syz.3.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30d69e969 code=0x7ffc0000 [ 252.035376][ T29] audit: type=1326 audit(1746194102.040:10978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15936 comm="syz.3.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff30d69e969 code=0x7ffc0000 [ 252.059055][ T29] audit: type=1326 audit(1746194102.040:10979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15936 comm="syz.3.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30d69e969 code=0x7ffc0000 [ 252.082778][ T29] audit: type=1326 audit(1746194102.040:10980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15936 comm="syz.3.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30d69e969 code=0x7ffc0000 [ 252.131101][ T29] audit: type=1326 audit(1746194102.040:10981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15936 comm="syz.3.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff30d69e969 code=0x7ffc0000 [ 252.154965][ T29] audit: type=1326 audit(1746194102.040:10982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15936 comm="syz.3.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30d69e969 code=0x7ffc0000 [ 252.178647][ T29] audit: type=1326 audit(1746194102.040:10983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15936 comm="syz.3.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff30d69e969 code=0x7ffc0000 [ 252.202278][ T29] audit: type=1326 audit(1746194102.040:10984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15936 comm="syz.3.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30d69e969 code=0x7ffc0000 [ 252.225989][ T29] audit: type=1326 audit(1746194102.040:10985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15936 comm="syz.3.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff30d69e969 code=0x7ffc0000 [ 252.249664][ T29] audit: type=1326 audit(1746194102.120:10986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15936 comm="syz.3.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff30d69e969 code=0x7ffc0000 [ 252.295580][T15937] loop3: detected capacity change from 0 to 256 [ 252.327665][T15945] loop4: detected capacity change from 0 to 512 [ 252.359240][T15945] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 252.389331][T15951] __nla_validate_parse: 11 callbacks suppressed [ 252.389352][T15951] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4816'. [ 252.405392][T15949] netlink: 'syz.0.4814': attribute type 3 has an invalid length. [ 252.485092][T15945] EXT4-fs (loop4): 1 truncate cleaned up [ 252.500965][T15956] siw: device registration error -23 [ 252.798655][T15968] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 252.994431][T15972] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4825'. [ 254.212065][T15997] siw: device registration error -23 [ 254.228248][T16000] netlink: 'syz.0.4836': attribute type 10 has an invalid length. [ 254.248506][T16000] bridge0: port 1(dummy0) entered disabled state [ 254.265423][T16000] dummy0: left allmulticast mode [ 254.270924][T16000] dummy0: left promiscuous mode [ 254.276359][T16000] bridge0: port 1(dummy0) entered disabled state [ 254.294526][T16000] dummy0: entered promiscuous mode [ 254.300993][T16000] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 254.343529][T16011] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4839'. [ 254.353398][T16011] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4839'. [ 254.367856][T16006] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4839'. [ 254.472048][T16029] netlink: 'syz.0.4849': attribute type 3 has an invalid length. [ 254.541603][T16034] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 254.705669][T16047] bond0: (slave dummy0): Releasing backup interface [ 254.741521][T16047] dummy0: left promiscuous mode [ 254.767917][T16055] loop1: detected capacity change from 0 to 512 [ 254.791424][T16054] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4857'. [ 254.792422][T16055] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.4859: casefold flag without casefold feature [ 254.800869][T16049] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4857'. [ 254.820224][T16055] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4859: couldn't read orphan inode 15 (err -117) [ 254.837793][T16049] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4857'. [ 254.897113][T16062] loop1: detected capacity change from 0 to 512 [ 254.909435][T16062] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.4862: casefold flag without casefold feature [ 254.926411][T16062] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4862: couldn't read orphan inode 15 (err -117) [ 254.997267][T16071] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 255.038008][T16073] 9pnet_fd: Insufficient options for proto=fd [ 255.118425][T16082] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4870'. [ 255.128065][T16077] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4870'. [ 255.383754][T16107] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 255.531378][T16112] netlink: 'syz.1.4881': attribute type 3 has an invalid length. [ 255.558118][T16114] loop1: detected capacity change from 0 to 512 [ 255.565519][T16114] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 255.576698][T16114] EXT4-fs (loop1): 1 truncate cleaned up [ 255.720859][T16120] loop1: detected capacity change from 0 to 512 [ 255.729186][T16120] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.4884: casefold flag without casefold feature [ 255.742453][T16120] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4884: couldn't read orphan inode 15 (err -117) [ 255.844221][T16130] netlink: 'syz.4.4888': attribute type 10 has an invalid length. [ 255.852524][T16127] loop1: detected capacity change from 0 to 256 [ 255.856362][T16130] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 255.886433][T16132] loop1: detected capacity change from 0 to 512 [ 255.893519][T16132] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 255.912128][T16135] 9pnet_fd: Insufficient options for proto=fd [ 255.919376][T16132] EXT4-fs (loop1): 1 truncate cleaned up [ 255.944124][T16137] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 256.000465][T16142] netlink: 'syz.3.4893': attribute type 3 has an invalid length. [ 256.146312][T16148] loop4: detected capacity change from 0 to 8192 [ 256.153152][T16156] loop1: detected capacity change from 0 to 256 [ 256.175437][T16148] loop4: p1 p2 p3 p4 [ 256.179543][T16148] loop4: p1 size 108922248 extends beyond EOD, truncated [ 256.181670][T16162] 9pnet_fd: Insufficient options for proto=fd [ 256.201806][T16148] loop4: p2 start 861536256 is beyond EOD, truncated [ 256.208767][T16148] loop4: p3 start 851968 is beyond EOD, truncated [ 256.215560][T16148] loop4: p4 size 65536 extends beyond EOD, truncated [ 256.241904][T16164] netlink: 'syz.3.4903': attribute type 10 has an invalid length. [ 256.254580][T16164] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 256.316787][T16178] loop4: detected capacity change from 0 to 512 [ 256.324895][T16178] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 256.338272][T16178] EXT4-fs (loop4): 1 truncate cleaned up [ 256.344832][T16178] EXT4-fs mount: 38 callbacks suppressed [ 256.344906][T16178] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.522738][T16200] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 256.558197][T12266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.560898][T16204] 9pnet_fd: Insufficient options for proto=fd [ 256.656508][T16216] loop1: detected capacity change from 0 to 512 [ 256.667969][T16217] netlink: 'syz.3.4925': attribute type 10 has an invalid length. [ 256.687535][T16216] EXT4-fs (loop1): too many log groups per flexible block group [ 256.695390][T16221] loop4: detected capacity change from 0 to 1024 [ 256.701926][T16216] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 256.711663][T16221] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 256.722808][T16221] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 256.736239][T16216] EXT4-fs (loop1): mount failed [ 256.742296][T16221] JBD2: no valid journal superblock found [ 256.748352][T16221] EXT4-fs (loop4): Could not load journal inode [ 256.782304][T16227] loop4: detected capacity change from 0 to 512 [ 256.791983][T16227] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 256.816874][T16227] EXT4-fs (loop4): 1 truncate cleaned up [ 256.824762][T16227] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.846382][T16235] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 257.003107][T16253] loop3: detected capacity change from 0 to 512 [ 257.004651][T12266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.042004][T16253] EXT4-fs (loop3): too many log groups per flexible block group [ 257.049946][T16253] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 257.057019][T16253] EXT4-fs (loop3): mount failed [ 257.098943][T16265] loop1: detected capacity change from 0 to 512 [ 257.102194][T16262] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 257.118324][T16265] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.4947: casefold flag without casefold feature [ 257.134718][T16265] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4947: couldn't read orphan inode 15 (err -117) [ 257.148196][T16265] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 257.214283][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.259749][T16285] loop1: detected capacity change from 0 to 512 [ 257.268053][T16285] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 257.281058][T16285] EXT4-fs (loop1): 1 truncate cleaned up [ 257.288343][T16285] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 257.370189][T16290] netlink: 'syz.3.4956': attribute type 3 has an invalid length. [ 257.399610][T16283] __nla_validate_parse: 20 callbacks suppressed [ 257.399632][T16283] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4955'. [ 257.422831][T16295] loop3: detected capacity change from 0 to 1024 [ 257.432391][T16295] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 257.443501][T16295] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 257.459164][T16293] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4955'. [ 257.470597][T16295] JBD2: no valid journal superblock found [ 257.476531][T16295] EXT4-fs (loop3): Could not load journal inode [ 257.529300][T16303] loop4: detected capacity change from 0 to 764 [ 257.537032][T16303] rock: directory entry would overflow storage [ 257.543349][T16303] rock: sig=0x4654, size=5, remaining=4 [ 257.551092][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.582110][T16307] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 257.604215][T16309] syz_tun: entered allmulticast mode [ 257.611754][T16309] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 257.628627][T16308] syz_tun: left allmulticast mode [ 257.791195][T16324] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4969'. [ 257.800565][T16322] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4969'. [ 257.812124][T16324] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4969'. [ 257.902281][T16334] loop1: detected capacity change from 0 to 1024 [ 257.909709][T16334] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 257.920740][T16334] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 257.931505][T16334] JBD2: no valid journal superblock found [ 257.937432][T16334] EXT4-fs (loop1): Could not load journal inode [ 257.967542][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 257.967560][ T29] audit: type=1400 audit(1746194107.970:11033): avc: denied { setattr } for pid=16335 comm="syz.1.4975" name="HIDP" dev="sockfs" ino=48225 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 258.017954][T16338] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 258.050665][ T29] audit: type=1326 audit(1746194108.050:11034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16339 comm="syz.1.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 258.074345][ T29] audit: type=1326 audit(1746194108.050:11035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16339 comm="syz.1.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 258.149079][ T29] audit: type=1326 audit(1746194108.110:11036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16339 comm="syz.1.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 258.173226][ T29] audit: type=1326 audit(1746194108.110:11037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16339 comm="syz.1.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 258.196982][ T29] audit: type=1326 audit(1746194108.110:11038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16339 comm="syz.1.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 258.220717][ T29] audit: type=1326 audit(1746194108.110:11039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16339 comm="syz.1.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 258.244466][ T29] audit: type=1326 audit(1746194108.110:11040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16339 comm="syz.1.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 258.268102][ T29] audit: type=1326 audit(1746194108.110:11041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16339 comm="syz.1.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 258.291960][ T29] audit: type=1326 audit(1746194108.110:11042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16339 comm="syz.1.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 258.399065][T16348] loop1: detected capacity change from 0 to 512 [ 258.408163][T16348] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.4981: casefold flag without casefold feature [ 258.422923][T16348] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4981: couldn't read orphan inode 15 (err -117) [ 258.437385][T16353] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4980'. [ 258.437816][T16348] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.451366][T16346] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4980'. [ 258.468526][T16353] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4980'. [ 258.485396][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.509156][T16357] loop4: detected capacity change from 0 to 1024 [ 258.530524][T16357] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 258.541542][T16357] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 258.559020][T16357] JBD2: no valid journal superblock found [ 258.564830][T16357] EXT4-fs (loop4): Could not load journal inode [ 258.592880][T16363] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 258.711870][T16383] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4988'. [ 258.817550][T16390] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4995'. [ 258.854272][T16393] netlink: 'syz.2.4997': attribute type 3 has an invalid length. [ 258.877973][T16397] loop1: detected capacity change from 0 to 1024 [ 258.886608][T16397] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 258.897694][T16397] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 258.910647][T16397] JBD2: no valid journal superblock found [ 258.916534][T16397] EXT4-fs (loop1): Could not load journal inode [ 258.977987][T16407] netlink: 'syz.1.5004': attribute type 3 has an invalid length. [ 259.136756][T16432] loop1: detected capacity change from 0 to 512 [ 259.144871][T16432] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.5016: casefold flag without casefold feature [ 259.159979][T16432] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.5016: couldn't read orphan inode 15 (err -117) [ 259.173154][T16432] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.192284][T16437] netlink: 'syz.2.5018': attribute type 10 has an invalid length. [ 259.216203][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.227132][T16437] dummy0: entered promiscuous mode [ 259.233067][T16437] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 259.259340][T16445] bridge: RTM_NEWNEIGH with invalid ether address [ 259.498391][T16471] loop1: detected capacity change from 0 to 512 [ 259.507851][T16471] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 259.519616][T16471] EXT4-fs (loop1): 1 truncate cleaned up [ 259.525871][T16471] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 259.603226][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.672347][T16487] loop4: detected capacity change from 0 to 1024 [ 259.679491][T16487] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 259.690697][T16487] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 259.701919][T16487] JBD2: no valid journal superblock found [ 259.707896][T16487] EXT4-fs (loop4): Could not load journal inode [ 260.362674][T16511] net_ratelimit: 4 callbacks suppressed [ 260.362690][T16511] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 260.454952][T16515] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 260.696471][T16527] 9pnet_fd: Insufficient options for proto=fd [ 260.757263][T16535] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 260.773063][T16539] loop1: detected capacity change from 0 to 512 [ 260.784374][T16539] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 260.795255][T16531] siw: device registration error -23 [ 260.796157][T16539] EXT4-fs (loop1): 1 truncate cleaned up [ 260.807125][T16539] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 260.941675][T16549] netlink: 'syz.4.5069': attribute type 10 has an invalid length. [ 261.002259][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.143973][T16567] siw: device registration error -23 [ 261.188261][T16571] 9pnet_fd: Insufficient options for proto=fd [ 261.248038][T16577] loop1: detected capacity change from 0 to 512 [ 261.255155][T16577] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 261.266601][T16577] EXT4-fs (loop1): 1 truncate cleaned up [ 261.272805][T16577] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 261.425467][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.517662][T16595] netlink: 'syz.1.5088': attribute type 3 has an invalid length. [ 261.524658][T16582] netlink: 'syz.0.5083': attribute type 10 has an invalid length. [ 261.583220][T16600] 9pnet_fd: Insufficient options for proto=fd [ 261.738222][T16624] 9pnet_fd: Insufficient options for proto=fd [ 261.958519][T16622] netlink: 'syz.0.5100': attribute type 10 has an invalid length. [ 262.094114][T16674] loop4: detected capacity change from 0 to 256 [ 262.175080][T16679] bond0: (slave dummy0): Releasing backup interface [ 262.193747][T16679] dummy0: left promiscuous mode [ 262.318762][T16688] 9pnet_fd: Insufficient options for proto=fd [ 262.407917][T16681] netlink: 'syz.4.5128': attribute type 10 has an invalid length. [ 262.424420][T16697] bridge: RTM_NEWNEIGH with invalid ether address [ 262.589366][T16716] 9pnet_fd: Insufficient options for proto=fd [ 262.618853][T16718] loop4: detected capacity change from 0 to 512 [ 262.640120][T16718] EXT4-fs (loop4): too many log groups per flexible block group [ 262.648542][T16718] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 262.657029][T16718] EXT4-fs (loop4): mount failed [ 262.803147][T16727] bridge: RTM_NEWNEIGH with invalid ether address [ 262.894585][T16723] netlink: 'syz.4.5146': attribute type 10 has an invalid length. [ 262.932128][T16731] loop1: detected capacity change from 0 to 256 [ 262.978121][T16743] 9pnet_fd: Insufficient options for proto=fd [ 262.988667][T16745] loop4: detected capacity change from 0 to 512 [ 263.032289][T16745] EXT4-fs (loop4): too many log groups per flexible block group [ 263.040224][T16745] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 263.047675][T16745] EXT4-fs (loop4): mount failed [ 263.063417][T16757] bridge: RTM_NEWNEIGH with invalid ether address [ 263.174876][ T29] kauditd_printk_skb: 333 callbacks suppressed [ 263.174892][ T29] audit: type=1326 audit(1746194113.170:11376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16768 comm="syz.1.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 263.182076][T16774] loop1: detected capacity change from 0 to 256 [ 263.213849][ T29] audit: type=1326 audit(1746194113.170:11377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16768 comm="syz.1.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 263.237480][ T29] audit: type=1326 audit(1746194113.180:11378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16768 comm="syz.1.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 263.261287][ T29] audit: type=1326 audit(1746194113.180:11379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16768 comm="syz.1.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 263.285039][ T29] audit: type=1326 audit(1746194113.180:11380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16768 comm="syz.1.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 263.308712][ T29] audit: type=1326 audit(1746194113.180:11381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16768 comm="syz.1.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 263.332387][ T29] audit: type=1326 audit(1746194113.180:11382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16768 comm="syz.1.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 263.356155][ T29] audit: type=1326 audit(1746194113.180:11383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16768 comm="syz.1.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 263.379881][ T29] audit: type=1326 audit(1746194113.180:11384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16768 comm="syz.1.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 263.403941][ T29] audit: type=1326 audit(1746194113.180:11385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16768 comm="syz.1.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 263.448529][T16763] netlink: 'syz.0.5163': attribute type 10 has an invalid length. [ 263.482598][T16781] loop1: detected capacity change from 0 to 764 [ 263.491472][T16781] rock: directory entry would overflow storage [ 263.497747][T16781] rock: sig=0x4654, size=5, remaining=4 [ 263.706162][T16805] loop3: detected capacity change from 0 to 256 [ 263.713321][T16809] __nla_validate_parse: 18 callbacks suppressed [ 263.713337][T16809] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5180'. [ 263.768832][T16813] loop3: detected capacity change from 0 to 512 [ 263.777212][T16813] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.5184: casefold flag without casefold feature [ 263.792227][T16813] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5184: couldn't read orphan inode 15 (err -117) [ 263.804646][T16813] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 263.828658][T12505] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 263.989807][T16817] netlink: 'syz.3.5185': attribute type 10 has an invalid length. [ 263.990967][T16824] loop4: detected capacity change from 0 to 1024 [ 264.004971][T16824] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 264.016333][T16824] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 264.027208][T16824] JBD2: no valid journal superblock found [ 264.033070][T16824] EXT4-fs (loop4): Could not load journal inode [ 264.137097][T16839] netlink: 'syz.3.5195': attribute type 3 has an invalid length. [ 264.236324][T16851] loop3: detected capacity change from 0 to 1024 [ 264.243403][T16851] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 264.254400][T16851] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 264.267874][T16851] JBD2: no valid journal superblock found [ 264.273698][T16851] EXT4-fs (loop3): Could not load journal inode [ 264.308991][T16852] bond0: (slave dummy0): Releasing backup interface [ 264.493306][T16880] netlink: 'syz.3.5213': attribute type 10 has an invalid length. [ 264.524199][T16882] bridge: RTM_NEWNEIGH with invalid ether address [ 264.562730][T16884] siw: device registration error -23 [ 264.638670][T16891] netlink: 'syz.3.5218': attribute type 3 has an invalid length. [ 264.743049][T16894] loop4: detected capacity change from 0 to 8192 [ 264.795644][T16894] loop4: p1 p2 p3 p4 [ 264.799887][T16894] loop4: p1 size 108922248 extends beyond EOD, truncated [ 264.807669][T16894] loop4: p2 start 861536256 is beyond EOD, truncated [ 264.814424][T16894] loop4: p3 start 851968 is beyond EOD, truncated [ 264.821036][T16894] loop4: p4 size 65536 extends beyond EOD, truncated [ 264.864680][T16907] bridge: RTM_NEWNEIGH with invalid ether address [ 264.904515][T16913] netlink: 'syz.0.5228': attribute type 10 has an invalid length. [ 264.915451][T16913] dummy0: entered promiscuous mode [ 264.921268][T16913] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 265.288495][T16932] siw: device registration error -23 [ 265.312547][T16934] bond0: (slave dummy0): Releasing backup interface [ 265.320474][T16936] loop1: detected capacity change from 0 to 1024 [ 265.330078][T16936] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 265.331657][T16934] dummy0: left promiscuous mode [ 265.341310][T16936] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 265.359023][T16936] JBD2: no valid journal superblock found [ 265.364953][T16936] EXT4-fs (loop1): Could not load journal inode [ 265.449447][T16943] bridge: RTM_NEWNEIGH with invalid ether address [ 265.479307][T16945] loop1: detected capacity change from 0 to 512 [ 265.490038][T16945] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.5242: casefold flag without casefold feature [ 265.502947][T16945] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.5242: couldn't read orphan inode 15 (err -117) [ 265.519218][T16945] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 265.537639][T16948] netlink: 'syz.0.5243': attribute type 3 has an invalid length. [ 265.549111][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.783965][T16967] bridge: RTM_NEWNEIGH with invalid ether address [ 265.953626][T16974] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 265.995818][T16976] loop3: detected capacity change from 0 to 512 [ 266.003646][T16976] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.5256: casefold flag without casefold feature [ 266.019233][T16976] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5256: couldn't read orphan inode 15 (err -117) [ 266.031877][T16976] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 266.059920][T12505] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.128011][T16985] loop4: detected capacity change from 0 to 1024 [ 266.135051][T16985] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 266.146225][T16985] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 266.157674][T16985] JBD2: no valid journal superblock found [ 266.163479][T16985] EXT4-fs (loop4): Could not load journal inode [ 266.268370][T17000] loop4: detected capacity change from 0 to 512 [ 266.278703][T17000] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.5267: casefold flag without casefold feature [ 266.291706][T17000] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5267: couldn't read orphan inode 15 (err -117) [ 266.306579][T17000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 266.334202][T12266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.343327][T17008] loop3: detected capacity change from 0 to 1024 [ 266.352366][T17008] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 266.363436][T17008] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 266.376232][T17008] JBD2: no valid journal superblock found [ 266.382047][T17008] EXT4-fs (loop3): Could not load journal inode [ 266.493543][T17026] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5277'. [ 266.541754][T17030] FAULT_INJECTION: forcing a failure. [ 266.541754][T17030] name failslab, interval 1, probability 0, space 0, times 0 [ 266.554532][T17030] CPU: 1 UID: 0 PID: 17030 Comm: syz.1.5282 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 266.554564][T17030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 266.554576][T17030] Call Trace: [ 266.554583][T17030] [ 266.554591][T17030] __dump_stack+0x1d/0x30 [ 266.554612][T17030] dump_stack_lvl+0xe8/0x140 [ 266.554708][T17030] dump_stack+0x15/0x1b [ 266.554764][T17030] should_fail_ex+0x265/0x280 [ 266.554845][T17030] should_failslab+0x8c/0xb0 [ 266.554957][T17030] kmem_cache_alloc_node_noprof+0x57/0x320 [ 266.554998][T17030] ? __alloc_skb+0x101/0x320 [ 266.555089][T17030] __alloc_skb+0x101/0x320 [ 266.555195][T17030] netlink_alloc_large_skb+0xba/0xf0 [ 266.555278][T17030] netlink_sendmsg+0x3cf/0x6b0 [ 266.555316][T17030] ? __pfx_netlink_sendmsg+0x10/0x10 [ 266.555349][T17030] __sock_sendmsg+0x142/0x180 [ 266.555376][T17030] ____sys_sendmsg+0x31e/0x4e0 [ 266.555457][T17030] ___sys_sendmsg+0x17b/0x1d0 [ 266.555491][T17030] __x64_sys_sendmsg+0xd4/0x160 [ 266.555517][T17030] x64_sys_call+0x2999/0x2fb0 [ 266.555552][T17030] do_syscall_64+0xd0/0x1a0 [ 266.555579][T17030] ? clear_bhb_loop+0x25/0x80 [ 266.555629][T17030] ? clear_bhb_loop+0x25/0x80 [ 266.555650][T17030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.555669][T17030] RIP: 0033:0x7f457573e969 [ 266.555688][T17030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 266.555711][T17030] RSP: 002b:00007f4573da7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 266.555769][T17030] RAX: ffffffffffffffda RBX: 00007f4575965fa0 RCX: 00007f457573e969 [ 266.555781][T17030] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000009 [ 266.555795][T17030] RBP: 00007f4573da7090 R08: 0000000000000000 R09: 0000000000000000 [ 266.555810][T17030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 266.555866][T17030] R13: 0000000000000000 R14: 00007f4575965fa0 R15: 00007ffe7a608d78 [ 266.555886][T17030] [ 266.558140][T17020] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5277'. [ 266.775189][T17026] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5277'. [ 266.842834][T17045] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5289'. [ 266.864710][T17047] SELinux: Context system_u:object_r:kmsg_device_t:s0 is not valid (left unmapped). [ 266.887394][T17050] 9pnet_fd: Insufficient options for proto=fd [ 266.952676][T17056] loop1: detected capacity change from 0 to 512 [ 266.972933][T17056] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 267.007330][T17056] EXT4-fs (loop1): 1 truncate cleaned up [ 267.033512][T17056] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 267.040848][T17065] loop4: detected capacity change from 0 to 1024 [ 267.056662][T17065] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 267.067704][T17065] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 267.084896][T17065] JBD2: no valid journal superblock found [ 267.091032][T17065] EXT4-fs (loop4): Could not load journal inode [ 267.166171][T17079] 9pnet_fd: Insufficient options for proto=fd [ 267.180321][T17076] FAULT_INJECTION: forcing a failure. [ 267.180321][T17076] name failslab, interval 1, probability 0, space 0, times 0 [ 267.193227][T17076] CPU: 0 UID: 0 PID: 17076 Comm: syz.3.5301 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 267.193264][T17076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 267.193280][T17076] Call Trace: [ 267.193288][T17076] [ 267.193298][T17076] __dump_stack+0x1d/0x30 [ 267.193404][T17076] dump_stack_lvl+0xe8/0x140 [ 267.193432][T17076] dump_stack+0x15/0x1b [ 267.193528][T17076] should_fail_ex+0x265/0x280 [ 267.193563][T17076] should_failslab+0x8c/0xb0 [ 267.193594][T17076] __kvmalloc_node_noprof+0x126/0x4d0 [ 267.193616][T17076] ? xt_alloc_table_info+0x3b/0x80 [ 267.193688][T17076] ? should_fail_ex+0xdb/0x280 [ 267.193721][T17076] xt_alloc_table_info+0x3b/0x80 [ 267.193749][T17076] do_ipt_set_ctl+0x59c/0x820 [ 267.193865][T17076] ? _raw_spin_unlock_bh+0x36/0x40 [ 267.193894][T17076] ? tcp_release_cb+0xf1/0x370 [ 267.193998][T17076] nf_setsockopt+0x196/0x1b0 [ 267.194054][T17076] ip_setsockopt+0x102/0x110 [ 267.194086][T17076] tcp_setsockopt+0x95/0xb0 [ 267.194172][T17076] sock_common_setsockopt+0x66/0x80 [ 267.194205][T17076] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 267.194240][T17076] smc_setsockopt+0x180/0x750 [ 267.194303][T17076] ? __pfx_smc_setsockopt+0x10/0x10 [ 267.194333][T17076] __sys_setsockopt+0x181/0x200 [ 267.194443][T17076] __x64_sys_setsockopt+0x64/0x80 [ 267.194474][T17076] x64_sys_call+0x2bd5/0x2fb0 [ 267.194563][T17076] do_syscall_64+0xd0/0x1a0 [ 267.194593][T17076] ? clear_bhb_loop+0x25/0x80 [ 267.194613][T17076] ? clear_bhb_loop+0x25/0x80 [ 267.194640][T17076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.194723][T17076] RIP: 0033:0x7ff30d69e969 [ 267.194742][T17076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 267.194762][T17076] RSP: 002b:00007ff30bd07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 267.194855][T17076] RAX: ffffffffffffffda RBX: 00007ff30d8c5fa0 RCX: 00007ff30d69e969 [ 267.194871][T17076] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 267.194886][T17076] RBP: 00007ff30bd07090 R08: 0000000000000550 R09: 0000000000000000 [ 267.194900][T17076] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 267.194915][T17076] R13: 0000000000000000 R14: 00007ff30d8c5fa0 R15: 00007ffd2d67ea08 [ 267.194939][T17076] [ 267.490144][T17091] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 267.520885][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.546637][T17098] loop1: detected capacity change from 0 to 1024 [ 267.554472][T17098] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 267.565621][T17098] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 267.600101][T17098] JBD2: no valid journal superblock found [ 267.605996][T17098] EXT4-fs (loop1): Could not load journal inode [ 267.613932][T17108] 9pnet_fd: Insufficient options for proto=fd [ 267.695803][T17115] netlink: 'syz.3.5319': attribute type 3 has an invalid length. [ 267.725513][T17106] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5315'. [ 267.750007][T17126] 9pnet: Could not find request transport: f [ 267.783188][T17134] FAULT_INJECTION: forcing a failure. [ 267.783188][T17134] name failslab, interval 1, probability 0, space 0, times 0 [ 267.795943][T17134] CPU: 1 UID: 0 PID: 17134 Comm: syz.0.5327 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 267.796042][T17134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 267.796058][T17134] Call Trace: [ 267.796066][T17134] [ 267.796075][T17134] __dump_stack+0x1d/0x30 [ 267.796097][T17134] dump_stack_lvl+0xe8/0x140 [ 267.796116][T17134] dump_stack+0x15/0x1b [ 267.796190][T17134] should_fail_ex+0x265/0x280 [ 267.796297][T17134] should_failslab+0x8c/0xb0 [ 267.796335][T17134] kmem_cache_alloc_node_noprof+0x57/0x320 [ 267.796380][T17134] ? __alloc_skb+0x101/0x320 [ 267.796419][T17134] __alloc_skb+0x101/0x320 [ 267.796471][T17134] netlink_alloc_large_skb+0xba/0xf0 [ 267.796568][T17134] netlink_sendmsg+0x3cf/0x6b0 [ 267.796612][T17134] ? __pfx_netlink_sendmsg+0x10/0x10 [ 267.796645][T17134] __sock_sendmsg+0x142/0x180 [ 267.796730][T17134] ____sys_sendmsg+0x31e/0x4e0 [ 267.796801][T17134] ___sys_sendmsg+0x17b/0x1d0 [ 267.796844][T17134] __x64_sys_sendmsg+0xd4/0x160 [ 267.796874][T17134] x64_sys_call+0x2999/0x2fb0 [ 267.796902][T17134] do_syscall_64+0xd0/0x1a0 [ 267.796994][T17134] ? clear_bhb_loop+0x25/0x80 [ 267.797021][T17134] ? clear_bhb_loop+0x25/0x80 [ 267.797050][T17134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.797086][T17134] RIP: 0033:0x7fae8917e969 [ 267.797105][T17134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 267.797128][T17134] RSP: 002b:00007fae877e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 267.797166][T17134] RAX: ffffffffffffffda RBX: 00007fae893a5fa0 RCX: 00007fae8917e969 [ 267.797181][T17134] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000005 [ 267.797218][T17134] RBP: 00007fae877e7090 R08: 0000000000000000 R09: 0000000000000000 [ 267.797233][T17134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 267.797324][T17134] R13: 0000000000000000 R14: 00007fae893a5fa0 R15: 00007ffd56076a68 [ 267.797352][T17134] [ 268.061263][T17150] loop4: detected capacity change from 0 to 1024 [ 268.076114][T17150] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 268.087180][T17150] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 268.104485][T17150] JBD2: no valid journal superblock found [ 268.110396][T17150] EXT4-fs (loop4): Could not load journal inode [ 268.125665][T17152] netlink: 'syz.0.5334': attribute type 3 has an invalid length. [ 268.201275][ T29] kauditd_printk_skb: 255 callbacks suppressed [ 268.201292][ T29] audit: type=1326 audit(1746194118.200:11641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17153 comm="syz.1.5335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 268.234821][T17154] loop1: detected capacity change from 0 to 256 [ 268.242701][ T29] audit: type=1326 audit(1746194118.220:11642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17153 comm="syz.1.5335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 268.266467][ T29] audit: type=1326 audit(1746194118.220:11643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17153 comm="syz.1.5335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 268.290097][ T29] audit: type=1326 audit(1746194118.220:11644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17153 comm="syz.1.5335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 268.314020][ T29] audit: type=1326 audit(1746194118.220:11645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17153 comm="syz.1.5335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 268.337693][ T29] audit: type=1326 audit(1746194118.220:11646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17153 comm="syz.1.5335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 268.361301][ T29] audit: type=1326 audit(1746194118.220:11647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17153 comm="syz.1.5335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 268.384933][ T29] audit: type=1326 audit(1746194118.220:11648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17153 comm="syz.1.5335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 268.408606][ T29] audit: type=1326 audit(1746194118.220:11649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17153 comm="syz.1.5335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 268.408675][T17171] loop4: detected capacity change from 0 to 512 [ 268.432206][ T29] audit: type=1326 audit(1746194118.220:11650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17153 comm="syz.1.5335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457573e969 code=0x7ffc0000 [ 268.465553][T17171] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 268.476579][T17171] EXT4-fs (loop4): orphan cleanup on readonly fs [ 268.483574][T17171] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.5340: Failed to acquire dquot type 1 [ 268.496958][T17171] EXT4-fs (loop4): 1 truncate cleaned up [ 268.503579][T17171] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 268.654574][T17185] loop3: detected capacity change from 0 to 1024 [ 268.662961][T17185] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 268.674149][T17185] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 268.692413][T17185] JBD2: no valid journal superblock found [ 268.698351][T17185] EXT4-fs (loop3): Could not load journal inode [ 268.719651][T17191] 9pnet_fd: Insufficient options for proto=fd [ 268.810807][T17202] loop3: detected capacity change from 0 to 256 [ 269.061301][T12266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 269.124231][T17228] 9pnet_fd: Insufficient options for proto=fd [ 269.130659][T17223] loop4: detected capacity change from 0 to 1024 [ 269.137641][T17223] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 269.153769][T17223] xt_TCPMSS: Only works on TCP SYN packets [ 269.208102][T17237] loop4: detected capacity change from 0 to 764 [ 269.226257][T17237] rock: directory entry would overflow storage [ 269.232469][T17237] rock: sig=0x4654, size=5, remaining=4 [ 269.256344][T17242] loop3: detected capacity change from 0 to 512 [ 269.257750][T17239] 9pnet: Could not find request transport: f [ 269.277502][T17242] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 269.315196][T17242] EXT4-fs (loop3): 1 truncate cleaned up [ 269.327596][T17242] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 269.364898][T17250] 9pnet: Could not find request transport: fd0x0000000000000004 [ 269.481507][T17258] siw: device registration error -23 [ 269.501645][T12505] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 269.533341][T17269] loop3: detected capacity change from 0 to 512 [ 269.540234][T17269] EXT4-fs: Ignoring removed nobh option [ 269.546157][T17269] ext4: Unknown parameter 'appraise' [ 269.703115][T17280] 9pnet: Could not find request transport: fd0x0000000000000004 [ 269.790294][T17288] loop3: detected capacity change from 0 to 512 [ 269.813762][T17288] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 269.840390][T17288] EXT4-fs (loop3): 1 truncate cleaned up [ 269.846692][T17288] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 269.851723][T17291] loop1: detected capacity change from 0 to 512 [ 269.898939][T17291] EXT4-fs (loop1): too many log groups per flexible block group [ 269.906840][T17291] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 269.924582][T17291] EXT4-fs (loop1): mount failed [ 269.988193][T17313] loop1: detected capacity change from 0 to 512 [ 270.010633][T17313] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 270.030124][T12505] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.055848][T17313] EXT4-fs (loop1): 1 truncate cleaned up [ 270.070686][T17313] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 270.075836][T17324] siw: device registration error -23 [ 270.143441][T17333] loop4: detected capacity change from 0 to 512 [ 270.170138][T17333] EXT4-fs (loop4): too many log groups per flexible block group [ 270.178025][T17333] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 270.187680][T17333] EXT4-fs (loop4): mount failed [ 270.198852][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.243096][T17348] loop1: detected capacity change from 0 to 512 [ 270.252144][T17348] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.5417: casefold flag without casefold feature [ 270.265503][T17348] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.5417: couldn't read orphan inode 15 (err -117) [ 270.266085][T17351] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5414'. [ 270.281139][T17348] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 270.291229][T17352] loop4: detected capacity change from 0 to 512 [ 270.306219][T17352] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 270.317353][T17352] EXT4-fs (loop4): 1 truncate cleaned up [ 270.323485][T17352] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 270.336577][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.379541][T17358] sch_tbf: burst 3092 is lower than device lo mtu (65550) ! [ 270.387688][T17357] sch_tbf: burst 3092 is lower than device lo mtu (65550) ! [ 270.452205][T17358] loop1: detected capacity change from 0 to 1024 [ 270.459325][T17358] devtmpfs: Unknown parameter 'orlov' [ 270.485862][T12266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.488527][T17363] 9pnet_fd: Insufficient options for proto=fd [ 270.528012][T17367] siw: device registration error -23 [ 270.535987][T17370] netlink: 'syz.4.5424': attribute type 3 has an invalid length. [ 270.572208][T17374] FAULT_INJECTION: forcing a failure. [ 270.572208][T17374] name failslab, interval 1, probability 0, space 0, times 0 [ 270.584953][T17374] CPU: 0 UID: 0 PID: 17374 Comm: syz.4.5426 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 270.584987][T17374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 270.585000][T17374] Call Trace: [ 270.585007][T17374] [ 270.585017][T17374] __dump_stack+0x1d/0x30 [ 270.585059][T17374] dump_stack_lvl+0xe8/0x140 [ 270.585091][T17374] dump_stack+0x15/0x1b [ 270.585112][T17374] should_fail_ex+0x265/0x280 [ 270.585201][T17374] should_failslab+0x8c/0xb0 [ 270.585241][T17374] kmem_cache_alloc_noprof+0x50/0x310 [ 270.585321][T17374] ? io_submit_one+0xba/0x11b0 [ 270.585347][T17374] io_submit_one+0xba/0x11b0 [ 270.585389][T17374] __se_sys_io_submit+0xfb/0x280 [ 270.585448][T17374] __x64_sys_io_submit+0x43/0x50 [ 270.585469][T17374] x64_sys_call+0xfc4/0x2fb0 [ 270.585488][T17374] do_syscall_64+0xd0/0x1a0 [ 270.585515][T17374] ? clear_bhb_loop+0x25/0x80 [ 270.585540][T17374] ? clear_bhb_loop+0x25/0x80 [ 270.585560][T17374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.585578][T17374] RIP: 0033:0x7f6a072ae969 [ 270.585592][T17374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.585660][T17374] RSP: 002b:00007f6a05917038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 270.585677][T17374] RAX: ffffffffffffffda RBX: 00007f6a074d5fa0 RCX: 00007f6a072ae969 [ 270.585687][T17374] RDX: 00002000000001c0 RSI: 0000000000000001 RDI: 00007f6a0800e000 [ 270.585698][T17374] RBP: 00007f6a05917090 R08: 0000000000000000 R09: 0000000000000000 [ 270.585709][T17374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 270.585786][T17374] R13: 0000000000000000 R14: 00007f6a074d5fa0 R15: 00007fffd5d4c4e8 [ 270.585804][T17374] [ 270.818950][T17376] loop1: detected capacity change from 0 to 256 [ 270.899076][T17384] FAULT_INJECTION: forcing a failure. [ 270.899076][T17384] name failslab, interval 1, probability 0, space 0, times 0 [ 270.911876][T17384] CPU: 1 UID: 0 PID: 17384 Comm: syz.2.5431 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 270.911912][T17384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 270.911927][T17384] Call Trace: [ 270.911932][T17384] [ 270.912002][T17384] __dump_stack+0x1d/0x30 [ 270.912094][T17384] dump_stack_lvl+0xe8/0x140 [ 270.912115][T17384] dump_stack+0x15/0x1b [ 270.912135][T17384] should_fail_ex+0x265/0x280 [ 270.912226][T17384] should_failslab+0x8c/0xb0 [ 270.912328][T17384] __kmalloc_cache_node_noprof+0x54/0x320 [ 270.912355][T17384] ? __get_vm_area_node+0x106/0x1c0 [ 270.912387][T17384] __get_vm_area_node+0x106/0x1c0 [ 270.912482][T17384] __vmalloc_node_range_noprof+0x26a/0xdf0 [ 270.912513][T17384] ? bpf_prog_alloc_no_stats+0x47/0x390 [ 270.912566][T17384] ? avc_has_perm_noaudit+0x1b1/0x200 [ 270.912612][T17384] ? selinux_capable+0x1f9/0x270 [ 270.912642][T17384] ? bpf_prog_alloc_no_stats+0x47/0x390 [ 270.912676][T17384] __vmalloc_noprof+0x5f/0x70 [ 270.912738][T17384] ? bpf_prog_alloc_no_stats+0x47/0x390 [ 270.912811][T17384] bpf_prog_alloc_no_stats+0x47/0x390 [ 270.912846][T17384] ? bpf_prog_alloc+0x2a/0x150 [ 270.912878][T17384] bpf_prog_alloc+0x3c/0x150 [ 270.912914][T17384] bpf_prog_load+0x514/0x1070 [ 270.912968][T17384] ? security_bpf+0x2b/0x90 [ 270.913001][T17384] __sys_bpf+0x51d/0x790 [ 270.913047][T17384] __x64_sys_bpf+0x41/0x50 [ 270.913124][T17384] x64_sys_call+0x2478/0x2fb0 [ 270.913208][T17384] do_syscall_64+0xd0/0x1a0 [ 270.913237][T17384] ? clear_bhb_loop+0x25/0x80 [ 270.913264][T17384] ? clear_bhb_loop+0x25/0x80 [ 270.913292][T17384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.913332][T17384] RIP: 0033:0x7f69a47ae969 [ 270.913351][T17384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.913375][T17384] RSP: 002b:00007f69a2e17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 270.913397][T17384] RAX: ffffffffffffffda RBX: 00007f69a49d5fa0 RCX: 00007f69a47ae969 [ 270.913409][T17384] RDX: 0000000000000090 RSI: 0000200000000380 RDI: 0000000000000005 [ 270.913425][T17384] RBP: 00007f69a2e17090 R08: 0000000000000000 R09: 0000000000000000 [ 270.913467][T17384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 270.913483][T17384] R13: 0000000000000001 R14: 00007f69a49d5fa0 R15: 00007fff2cde3728 [ 270.913509][T17384] [ 270.913519][T17384] syz.2.5431: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null) [ 271.037223][T17388] loop4: detected capacity change from 0 to 2048 [ 271.039780][T17384] ,cpuset=/,mems_allowed=0 [ 271.046740][T17388] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 271.048564][T17384] CPU: 1 UID: 0 PID: 17384 Comm: syz.2.5431 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 271.048603][T17384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 271.048620][T17384] Call Trace: [ 271.048630][T17384] [ 271.048642][T17384] __dump_stack+0x1d/0x30 [ 271.048671][T17384] dump_stack_lvl+0xe8/0x140 [ 271.048717][T17384] dump_stack+0x15/0x1b [ 271.048738][T17384] warn_alloc+0x12b/0x1a0 [ 271.048766][T17384] ? __get_vm_area_node+0x106/0x1c0 [ 271.048802][T17384] __vmalloc_node_range_noprof+0x28e/0xdf0 [ 271.048916][T17384] ? avc_has_perm_noaudit+0x1b1/0x200 [ 271.048972][T17384] ? selinux_capable+0x1f9/0x270 [ 271.049000][T17384] ? bpf_prog_alloc_no_stats+0x47/0x390 [ 271.049054][T17384] __vmalloc_noprof+0x5f/0x70 [ 271.049103][T17384] ? bpf_prog_alloc_no_stats+0x47/0x390 [ 271.049140][T17384] bpf_prog_alloc_no_stats+0x47/0x390 [ 271.049176][T17384] ? bpf_prog_alloc+0x2a/0x150 [ 271.049211][T17384] bpf_prog_alloc+0x3c/0x150 [ 271.049306][T17384] bpf_prog_load+0x514/0x1070 [ 271.049358][T17384] ? security_bpf+0x2b/0x90 [ 271.049391][T17384] __sys_bpf+0x51d/0x790 [ 271.049471][T17384] __x64_sys_bpf+0x41/0x50 [ 271.049543][T17384] x64_sys_call+0x2478/0x2fb0 [ 271.049648][T17384] do_syscall_64+0xd0/0x1a0 [ 271.049677][T17384] ? clear_bhb_loop+0x25/0x80 [ 271.049705][T17384] ? clear_bhb_loop+0x25/0x80 [ 271.049733][T17384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.049829][T17384] RIP: 0033:0x7f69a47ae969 [ 271.049848][T17384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.049872][T17384] RSP: 002b:00007f69a2e17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 271.049896][T17384] RAX: ffffffffffffffda RBX: 00007f69a49d5fa0 RCX: 00007f69a47ae969 [ 271.049912][T17384] RDX: 0000000000000090 RSI: 0000200000000380 RDI: 0000000000000005 [ 271.049935][T17384] RBP: 00007f69a2e17090 R08: 0000000000000000 R09: 0000000000000000 [ 271.049961][T17384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 271.049977][T17384] R13: 0000000000000001 R14: 00007f69a49d5fa0 R15: 00007fff2cde3728 [ 271.050004][T17384] [ 271.050013][T17384] Mem-Info: [ 271.264640][T17395] netlink: 'syz.0.5433': attribute type 10 has an invalid length. [ 271.266554][T17384] active_anon:10961 inactive_anon:3 isolated_anon:0 [ 271.266554][T17384] active_file:16524 inactive_file:2477 isolated_file:0 [ 271.266554][T17384] unevictable:0 dirty:331 writeback:0 [ 271.266554][T17384] slab_reclaimable:3135 slab_unreclaimable:40737 [ 271.266554][T17384] mapped:28456 shmem:270 pagetables:1561 [ 271.266554][T17384] sec_pagetables:0 bounce:0 [ 271.266554][T17384] kernel_misc_reclaimable:0 [ 271.266554][T17384] free:1849816 free_pcp:4728 free_cma:0 [ 271.277243][T17395] dummy0: entered promiscuous mode [ 271.277548][T17384] Node 0 active_anon:43844kB inactive_anon:12kB active_file:66096kB inactive_file:9908kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:113824kB dirty:1324kB writeback:0kB shmem:1080kB writeback_tmp:0kB kernel_stack:3424kB pagetables:6244kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 271.289593][T17395] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 271.291607][T17384] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 271.332470][T17399] netlink: 'syz.4.5437': attribute type 3 has an invalid length. [ 271.333783][T17384] lowmem_reserve[]: 0 2884 7863 7863 [ 271.543906][T17384] Node 0 DMA32 free:2949936kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953568kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB [ 271.572477][T17384] lowmem_reserve[]: 0 0 4978 4978 [ 271.577581][T17384] Node 0 Normal free:4433736kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:43844kB inactive_anon:12kB active_file:66096kB inactive_file:9908kB unevictable:0kB writepending:1324kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:15196kB local_pcp:12868kB free_cma:0kB [ 271.608051][T17384] lowmem_reserve[]: 0 0 0 0 [ 271.612717][T17384] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 271.625514][T17384] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 1*16kB (M) 4*32kB (M) 2*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949936kB [ 271.641716][T17384] Node 0 Normal: 718*4kB (ME) 603*8kB (UME) 303*16kB (ME) 349*32kB (UME) 292*64kB (UME) 425*128kB (UME) 413*256kB (UME) 274*512kB (UME) 171*1024kB (UM) 74*2048kB (UME) 919*4096kB (UM) = 4433696kB [ 271.661328][T17384] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 271.670731][T17384] 19265 total pagecache pages [ 271.675432][T17384] 19 pages in swap cache [ 271.679726][T17384] Free swap = 124456kB [ 271.683891][T17384] Total swap = 124996kB [ 271.688068][T17384] 2097051 pages RAM [ 271.691918][T17384] 0 pages HighMem/MovableOnly [ 271.696634][T17384] 80258 pages reserved [ 271.868102][T17419] FAULT_INJECTION: forcing a failure. [ 271.868102][T17419] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 271.881377][T17419] CPU: 1 UID: 0 PID: 17419 Comm: syz.2.5444 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 271.881411][T17419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 271.881426][T17419] Call Trace: [ 271.881433][T17419] [ 271.881442][T17419] __dump_stack+0x1d/0x30 [ 271.881569][T17419] dump_stack_lvl+0xe8/0x140 [ 271.881593][T17419] dump_stack+0x15/0x1b [ 271.881612][T17419] should_fail_ex+0x265/0x280 [ 271.881721][T17419] should_fail+0xb/0x20 [ 271.881754][T17419] should_fail_usercopy+0x1a/0x20 [ 271.881776][T17419] _copy_from_user+0x1c/0xb0 [ 271.881801][T17419] __sys_bind+0x106/0x2a0 [ 271.881841][T17419] __x64_sys_bind+0x3f/0x50 [ 271.881895][T17419] x64_sys_call+0x2086/0x2fb0 [ 271.881920][T17419] do_syscall_64+0xd0/0x1a0 [ 271.881945][T17419] ? clear_bhb_loop+0x25/0x80 [ 271.882038][T17419] ? clear_bhb_loop+0x25/0x80 [ 271.882131][T17419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.882152][T17419] RIP: 0033:0x7f69a47ae969 [ 271.882166][T17419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.882183][T17419] RSP: 002b:00007f69a2e17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 271.882221][T17419] RAX: ffffffffffffffda RBX: 00007f69a49d5fa0 RCX: 00007f69a47ae969 [ 271.882233][T17419] RDX: 0000000000000006 RSI: 0000200000000000 RDI: 0000000000000007 [ 271.882245][T17419] RBP: 00007f69a2e17090 R08: 0000000000000000 R09: 0000000000000000 [ 271.882334][T17419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 271.882405][T17419] R13: 0000000000000000 R14: 00007f69a49d5fa0 R15: 00007fff2cde3728 [ 271.882427][T17419] [ 272.067813][T17407] loop4: detected capacity change from 0 to 8192 [ 272.121437][T17427] siw: device registration error -23 [ 272.411843][T17453] 9pnet_fd: Insufficient options for proto=fd [ 272.447526][T17454] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5455'. [ 272.528172][T17459] 9pnet_fd: Insufficient options for proto=fd [ 272.561611][T17462] loop4: detected capacity change from 0 to 512 [ 272.576035][T17464] FAULT_INJECTION: forcing a failure. [ 272.576035][T17464] name failslab, interval 1, probability 0, space 0, times 0 [ 272.577957][T17462] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 272.588705][T17464] CPU: 0 UID: 0 PID: 17464 Comm: syz.2.5461 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 272.588827][T17464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 272.588845][T17464] Call Trace: [ 272.588854][T17464] [ 272.588866][T17464] __dump_stack+0x1d/0x30 [ 272.588895][T17464] dump_stack_lvl+0xe8/0x140 [ 272.588936][T17464] dump_stack+0x15/0x1b [ 272.588958][T17464] should_fail_ex+0x265/0x280 [ 272.589078][T17464] should_failslab+0x8c/0xb0 [ 272.589164][T17464] kmem_cache_alloc_node_noprof+0x57/0x320 [ 272.589210][T17464] ? __alloc_skb+0x101/0x320 [ 272.589278][T17464] __alloc_skb+0x101/0x320 [ 272.589353][T17464] ? audit_log_start+0x365/0x6c0 [ 272.589393][T17464] audit_log_start+0x380/0x6c0 [ 272.589436][T17464] audit_seccomp+0x48/0x100 [ 272.589490][T17464] ? __seccomp_filter+0x68c/0x10d0 [ 272.589518][T17464] __seccomp_filter+0x69d/0x10d0 [ 272.589558][T17464] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 272.589593][T17464] ? vfs_write+0x75e/0x8d0 [ 272.589677][T17464] ? __rcu_read_unlock+0x4f/0x70 [ 272.589705][T17464] ? __fget_files+0x184/0x1c0 [ 272.589801][T17464] __secure_computing+0x82/0x150 [ 272.589860][T17464] syscall_trace_enter+0xcf/0x1e0 [ 272.589891][T17464] do_syscall_64+0xaa/0x1a0 [ 272.589920][T17464] ? clear_bhb_loop+0x25/0x80 [ 272.589947][T17464] ? clear_bhb_loop+0x25/0x80 [ 272.589976][T17464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.590067][T17464] RIP: 0033:0x7f69a47ae969 [ 272.590088][T17464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.590112][T17464] RSP: 002b:00007f69a2e17038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 272.590215][T17464] RAX: ffffffffffffffda RBX: 00007f69a49d5fa0 RCX: 00007f69a47ae969 [ 272.590232][T17464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff [ 272.590249][T17464] RBP: 00007f69a2e17090 R08: 0000000000000000 R09: 0000000000000000 [ 272.590267][T17464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 272.590293][T17464] R13: 0000000000000000 R14: 00007f69a49d5fa0 R15: 00007fff2cde3728 [ 272.590319][T17464] [ 272.827231][T17462] EXT4-fs (loop4): 1 truncate cleaned up [ 272.833428][T17462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 272.987386][T17477] loop1: detected capacity change from 0 to 1024 [ 272.997247][T17477] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 273.038329][T12266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.064791][T17485] 9pnet_fd: Insufficient options for proto=fd [ 273.097193][T10794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.173300][T17499] loop3: detected capacity change from 0 to 512 [ 273.188901][T17499] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 273.202250][T17499] EXT4-fs (loop3): 1 truncate cleaned up [ 273.217260][T17500] loop1: detected capacity change from 0 to 8192 [ 273.217917][T17499] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 273.276175][T17500] loop1: p1 p2 p3 p4 [ 273.280456][T17500] loop1: p1 size 108922248 extends beyond EOD, truncated [ 273.291250][T17500] loop1: p2 start 861536256 is beyond EOD, truncated [ 273.298071][T17500] loop1: p3 start 851968 is beyond EOD, truncated [ 273.304537][T17500] loop1: p4 size 65536 extends beyond EOD, truncated [ 273.393815][T17510] siw: device registration error -23 [ 273.423460][T12505] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.450672][T17513] loop1: detected capacity change from 0 to 512 [ 273.460882][T17513] EXT4-fs: Ignoring removed orlov option [ 273.461628][T17513] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 273.476506][T17513] EXT4-fs (loop1): group descriptors corrupted! [ 273.504305][T17517] loop4: detected capacity change from 0 to 256 [ 273.557933][T17521] netlink: 14 bytes leftover after parsing attributes in process `syz.4.5483'. [ 273.604505][T17525] FAULT_INJECTION: forcing a failure. [ 273.604505][T17525] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 273.617699][T17525] CPU: 1 UID: 0 PID: 17525 Comm: syz.4.5485 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 273.617731][T17525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 273.617744][T17525] Call Trace: [ 273.617751][T17525] [ 273.617759][T17525] __dump_stack+0x1d/0x30 [ 273.617850][T17525] dump_stack_lvl+0xe8/0x140 [ 273.617949][T17525] dump_stack+0x15/0x1b [ 273.617967][T17525] should_fail_ex+0x265/0x280 [ 273.618004][T17525] should_fail+0xb/0x20 [ 273.618035][T17525] should_fail_usercopy+0x1a/0x20 [ 273.618120][T17525] _copy_to_user+0x20/0xa0 [ 273.618147][T17525] simple_read_from_buffer+0xb5/0x130 [ 273.618177][T17525] proc_fail_nth_read+0x100/0x140 [ 273.618264][T17525] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 273.618295][T17525] vfs_read+0x19d/0x6f0 [ 273.618335][T17525] ? __rcu_read_unlock+0x4f/0x70 [ 273.618361][T17525] ? __fget_files+0x184/0x1c0 [ 273.618390][T17525] ? __sys_setsockopt+0x18e/0x200 [ 273.618432][T17525] ksys_read+0xda/0x1a0 [ 273.618461][T17525] __x64_sys_read+0x40/0x50 [ 273.618490][T17525] x64_sys_call+0x2d77/0x2fb0 [ 273.618517][T17525] do_syscall_64+0xd0/0x1a0 [ 273.618543][T17525] ? clear_bhb_loop+0x25/0x80 [ 273.618577][T17525] ? clear_bhb_loop+0x25/0x80 [ 273.618654][T17525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.618675][T17525] RIP: 0033:0x7f6a072ad37c [ 273.618693][T17525] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 273.618714][T17525] RSP: 002b:00007f6a05917030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 273.618773][T17525] RAX: ffffffffffffffda RBX: 00007f6a074d5fa0 RCX: 00007f6a072ad37c [ 273.618790][T17525] RDX: 000000000000000f RSI: 00007f6a059170a0 RDI: 0000000000000004 [ 273.618806][T17525] RBP: 00007f6a05917090 R08: 0000000000000000 R09: 0000000000000000 [ 273.618821][T17525] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 273.618836][T17525] R13: 0000000000000000 R14: 00007f6a074d5fa0 R15: 00007fffd5d4c4e8 [ 273.618934][T17525] [ 273.708544][T17529] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5484'. [ 273.869714][T17534] 9pnet_fd: Insufficient options for proto=fd [ 273.983433][T17553] loop3: detected capacity change from 0 to 512 [ 273.990905][T17553] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 274.007812][T17553] EXT4-fs (loop3): 1 truncate cleaned up [ 274.014061][T17553] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.033487][ T29] kauditd_printk_skb: 380 callbacks suppressed [ 274.033504][ T29] audit: type=1326 audit(1746194124.030:12027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17550 comm="syz.2.5496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69a47ae969 code=0x7ffc0000 [ 274.036667][T17555] SELinux: syz.4.5498 (17555) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 274.039911][ T29] audit: type=1326 audit(1746194124.030:12028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17550 comm="syz.2.5496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69a47ae969 code=0x7ffc0000 [ 274.100844][ T29] audit: type=1326 audit(1746194124.030:12029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17550 comm="syz.2.5496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69a47ae969 code=0x7ffc0000 [ 274.124735][ T29] audit: type=1326 audit(1746194124.030:12030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17550 comm="syz.2.5496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69a47ae969 code=0x7ffc0000 [ 274.148446][ T29] audit: type=1326 audit(1746194124.030:12031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17550 comm="syz.2.5496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69a47ae969 code=0x7ffc0000 [ 274.172140][ T29] audit: type=1326 audit(1746194124.030:12032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17550 comm="syz.2.5496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69a47ae969 code=0x7ffc0000 [ 274.195971][ T29] audit: type=1326 audit(1746194124.030:12033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17550 comm="syz.2.5496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69a47ae969 code=0x7ffc0000 [ 274.219834][ T29] audit: type=1326 audit(1746194124.030:12034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17550 comm="syz.2.5496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69a47ae969 code=0x7ffc0000 [ 274.243584][ T29] audit: type=1326 audit(1746194124.030:12035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17550 comm="syz.2.5496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69a47ae969 code=0x7ffc0000 [ 274.267295][ T29] audit: type=1326 audit(1746194124.030:12036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17550 comm="syz.2.5496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69a47ae969 code=0x7ffc0000 [ 274.381087][T12505] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.392410][T17570] program syz.4.5499 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 274.663205][T17617] bond0: (slave dummy0): Releasing backup interface [ 274.832771][T17635] loop3: detected capacity change from 0 to 4096 [ 274.847862][T17635] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.879750][T17635] block device autoloading is deprecated and will be removed. [ 274.888192][T17635] syz.3.5509: attempt to access beyond end of device [ 274.888192][T17635] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 274.899956][T17647] netlink: 'syz.2.5510': attribute type 3 has an invalid length. [ 274.960650][T12505] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.011540][T17665] netlink: 'syz.2.5514': attribute type 10 has an invalid length. [ 275.026482][T17665] dummy0: entered promiscuous mode [ 275.036370][T17665] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 275.054890][T17671] netlink: 'syz.3.5515': attribute type 10 has an invalid length. [ 275.069013][T17671] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 275.218915][T17705] FAULT_INJECTION: forcing a failure. [ 275.218915][T17705] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 275.232119][T17705] CPU: 1 UID: 0 PID: 17705 Comm: syz.3.5519 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 275.232153][T17705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 275.232170][T17705] Call Trace: [ 275.232179][T17705] [ 275.232189][T17705] __dump_stack+0x1d/0x30 [ 275.232255][T17705] dump_stack_lvl+0xe8/0x140 [ 275.232281][T17705] dump_stack+0x15/0x1b [ 275.232305][T17705] should_fail_ex+0x265/0x280 [ 275.232348][T17705] should_fail+0xb/0x20 [ 275.232385][T17705] should_fail_usercopy+0x1a/0x20 [ 275.232409][T17705] _copy_from_user+0x1c/0xb0 [ 275.232470][T17705] ___sys_sendmsg+0xc1/0x1d0 [ 275.232515][T17705] __x64_sys_sendmsg+0xd4/0x160 [ 275.232593][T17705] x64_sys_call+0x2999/0x2fb0 [ 275.232650][T17705] do_syscall_64+0xd0/0x1a0 [ 275.232678][T17705] ? clear_bhb_loop+0x25/0x80 [ 275.232806][T17705] ? clear_bhb_loop+0x25/0x80 [ 275.232836][T17705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.232863][T17705] RIP: 0033:0x7ff30d69e969 [ 275.232881][T17705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.232921][T17705] RSP: 002b:00007ff30bd07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 275.232939][T17705] RAX: ffffffffffffffda RBX: 00007ff30d8c5fa0 RCX: 00007ff30d69e969 [ 275.232951][T17705] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003 [ 275.232967][T17705] RBP: 00007ff30bd07090 R08: 0000000000000000 R09: 0000000000000000 [ 275.232983][T17705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 275.232999][T17705] R13: 0000000000000000 R14: 00007ff30d8c5fa0 R15: 00007ffd2d67ea08 [ 275.233025][T17705] [ 275.233201][T17701] 9pnet: Could not find request transport: fd0x0000000000000007 [ 275.475012][T17726] loop0: detected capacity change from 0 to 512 [ 275.487658][T17726] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 275.514695][T17726] EXT4-fs (loop0): 1 truncate cleaned up [ 275.528683][T17726] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 275.531227][T17745] 9pnet_fd: Insufficient options for proto=fd [ 275.563173][T17726] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.628804][T17751] netlink: 'syz.4.5528': attribute type 10 has an invalid length. [ 275.639732][T17751] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 275.726729][T17763] FAULT_INJECTION: forcing a failure. [ 275.726729][T17763] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 275.739891][T17763] CPU: 1 UID: 0 PID: 17763 Comm: syz.3.5532 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 275.739922][T17763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 275.740007][T17763] Call Trace: [ 275.740014][T17763] [ 275.740022][T17763] __dump_stack+0x1d/0x30 [ 275.740044][T17763] dump_stack_lvl+0xe8/0x140 [ 275.740065][T17763] dump_stack+0x15/0x1b [ 275.740082][T17763] should_fail_ex+0x265/0x280 [ 275.740147][T17763] should_fail+0xb/0x20 [ 275.740179][T17763] should_fail_usercopy+0x1a/0x20 [ 275.740197][T17763] _copy_to_user+0x20/0xa0 [ 275.740217][T17763] simple_read_from_buffer+0xb5/0x130 [ 275.740262][T17763] proc_fail_nth_read+0x100/0x140 [ 275.740290][T17763] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 275.740388][T17763] vfs_read+0x19d/0x6f0 [ 275.740410][T17763] ? __fget_files+0x184/0x1c0 [ 275.740486][T17763] ? __rcu_read_unlock+0x4f/0x70 [ 275.740508][T17763] ? __fget_files+0x184/0x1c0 [ 275.740591][T17763] ksys_read+0xda/0x1a0 [ 275.740628][T17763] __x64_sys_read+0x40/0x50 [ 275.740653][T17763] x64_sys_call+0x2d77/0x2fb0 [ 275.740675][T17763] do_syscall_64+0xd0/0x1a0 [ 275.740697][T17763] ? clear_bhb_loop+0x25/0x80 [ 275.740751][T17763] ? clear_bhb_loop+0x25/0x80 [ 275.740775][T17763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.740795][T17763] RIP: 0033:0x7ff30d69d37c [ 275.740811][T17763] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 275.740829][T17763] RSP: 002b:00007ff30bd07030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 275.740903][T17763] RAX: ffffffffffffffda RBX: 00007ff30d8c5fa0 RCX: 00007ff30d69d37c [ 275.740915][T17763] RDX: 000000000000000f RSI: 00007ff30bd070a0 RDI: 0000000000000007 [ 275.740927][T17763] RBP: 00007ff30bd07090 R08: 0000000000000000 R09: 0000000000000000 [ 275.740939][T17763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 275.740951][T17763] R13: 0000000000000000 R14: 00007ff30d8c5fa0 R15: 00007ffd2d67ea08 [ 275.740972][T17763] [ 275.955751][T17764] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5530'. [ 275.994480][T17768] loop4: detected capacity change from 0 to 512 [ 276.009217][T17768] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.5534: casefold flag without casefold feature [ 276.022270][T17768] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5534: couldn't read orphan inode 15 (err -117) [ 276.033260][T17775] 9pnet_fd: Insufficient options for proto=fd [ 276.035392][T17768] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.053329][T17772] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 276.084826][T12266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.098689][T17780] netlink: 'syz.2.5540': attribute type 10 has an invalid length. [ 276.106785][T17780] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5540'. [ 276.126338][T17777] loop3: detected capacity change from 0 to 736 [ 276.156498][T17786] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5542'. [ 276.165989][T17786] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5542'. [ 276.179000][T17788] FAULT_INJECTION: forcing a failure. [ 276.179000][T17788] name failslab, interval 1, probability 0, space 0, times 0 [ 276.191752][T17788] CPU: 1 UID: 0 PID: 17788 Comm: syz.3.5543 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 276.191787][T17788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 276.191804][T17788] Call Trace: [ 276.191810][T17788] [ 276.191817][T17788] __dump_stack+0x1d/0x30 [ 276.191891][T17788] dump_stack_lvl+0xe8/0x140 [ 276.191924][T17788] dump_stack+0x15/0x1b [ 276.191945][T17788] should_fail_ex+0x265/0x280 [ 276.191982][T17788] should_failslab+0x8c/0xb0 [ 276.192030][T17788] kmem_cache_alloc_node_noprof+0x57/0x320 [ 276.192126][T17788] ? __alloc_skb+0x101/0x320 [ 276.192154][T17788] __alloc_skb+0x101/0x320 [ 276.192179][T17788] ? audit_log_start+0x365/0x6c0 [ 276.192221][T17788] audit_log_start+0x380/0x6c0 [ 276.192251][T17788] audit_seccomp+0x48/0x100 [ 276.192272][T17788] ? __seccomp_filter+0x68c/0x10d0 [ 276.192291][T17788] __seccomp_filter+0x69d/0x10d0 [ 276.192389][T17788] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 276.192488][T17788] ? vfs_write+0x75e/0x8d0 [ 276.192557][T17788] ? __rcu_read_unlock+0x4f/0x70 [ 276.192584][T17788] ? __fget_files+0x184/0x1c0 [ 276.192655][T17788] __secure_computing+0x82/0x150 [ 276.192696][T17788] syscall_trace_enter+0xcf/0x1e0 [ 276.192727][T17788] do_syscall_64+0xaa/0x1a0 [ 276.192754][T17788] ? clear_bhb_loop+0x25/0x80 [ 276.192775][T17788] ? clear_bhb_loop+0x25/0x80 [ 276.192795][T17788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.192841][T17788] RIP: 0033:0x7ff30d69e969 [ 276.192873][T17788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 276.192889][T17788] RSP: 002b:00007ff30bd07038 EFLAGS: 00000246 ORIG_RAX: 000000000000007e [ 276.192905][T17788] RAX: ffffffffffffffda RBX: 00007ff30d8c5fa0 RCX: 00007ff30d69e969 [ 276.192916][T17788] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000200000000080 [ 276.192926][T17788] RBP: 00007ff30bd07090 R08: 0000000000000000 R09: 0000000000000000 [ 276.192936][T17788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 276.192981][T17788] R13: 0000000000000000 R14: 00007ff30d8c5fa0 R15: 00007ffd2d67ea08 [ 276.193008][T17788] [ 276.716027][T17801] 9pnet_fd: Insufficient options for proto=fd [ 276.927892][T17805] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 277.014950][T17811] FAULT_INJECTION: forcing a failure. [ 277.014950][T17811] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 277.028144][T17811] CPU: 0 UID: 0 PID: 17811 Comm: syz.2.5553 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 277.028214][T17811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 277.028227][T17811] Call Trace: [ 277.028237][T17811] [ 277.028247][T17811] __dump_stack+0x1d/0x30 [ 277.028272][T17811] dump_stack_lvl+0xe8/0x140 [ 277.028309][T17811] dump_stack+0x15/0x1b [ 277.028326][T17811] should_fail_ex+0x265/0x280 [ 277.028359][T17809] loop3: detected capacity change from 0 to 512 [ 277.028367][T17811] should_fail+0xb/0x20 [ 277.028436][T17811] should_fail_usercopy+0x1a/0x20 [ 277.028465][T17811] _copy_to_user+0x20/0xa0 [ 277.028632][T17811] simple_read_from_buffer+0xb5/0x130 [ 277.028667][T17811] proc_fail_nth_read+0x100/0x140 [ 277.028778][T17811] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 277.028812][T17811] vfs_read+0x19d/0x6f0 [ 277.028845][T17811] ? __rcu_read_unlock+0x4f/0x70 [ 277.028875][T17811] ? __fget_files+0x184/0x1c0 [ 277.028972][T17811] ksys_read+0xda/0x1a0 [ 277.029008][T17811] __x64_sys_read+0x40/0x50 [ 277.029044][T17811] x64_sys_call+0x2d77/0x2fb0 [ 277.029074][T17811] do_syscall_64+0xd0/0x1a0 [ 277.029173][T17811] ? clear_bhb_loop+0x25/0x80 [ 277.029204][T17811] ? clear_bhb_loop+0x25/0x80 [ 277.029234][T17811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.029264][T17811] RIP: 0033:0x7f69a47ad37c [ 277.029336][T17811] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 277.029362][T17811] RSP: 002b:00007f69a2e17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 277.029397][T17811] RAX: ffffffffffffffda RBX: 00007f69a49d5fa0 RCX: 00007f69a47ad37c [ 277.029497][T17811] RDX: 000000000000000f RSI: 00007f69a2e170a0 RDI: 0000000000000007 [ 277.029514][T17811] RBP: 00007f69a2e17090 R08: 0000000000000000 R09: 0000000000000000 [ 277.029532][T17811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 277.029549][T17811] R13: 0000000000000000 R14: 00007f69a49d5fa0 R15: 00007fff2cde3728 [ 277.029578][T17811] [ 277.112083][T17812] loop1: detected capacity change from 0 to 8192 [ 277.118523][T17809] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 277.260996][T17809] EXT4-fs (loop3): 1 truncate cleaned up [ 277.269220][T17809] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.275935][T17812] loop1: p1 p2 p3 p4 [ 277.287967][T17812] loop1: p1 size 108922248 extends beyond EOD, truncated [ 277.297070][T17812] loop1: p2 start 861536256 is beyond EOD, truncated [ 277.303843][T17812] loop1: p3 start 851968 is beyond EOD, truncated [ 277.310417][T17812] loop1: p4 size 65536 extends beyond EOD, truncated [ 277.318118][T12505] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.338694][T17824] capability: warning: `syz.3.5556' uses 32-bit capabilities (legacy support in use) [ 277.443460][T17832] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5557'. [ 277.849425][T17834] 9pnet_fd: Insufficient options for proto=fd [ 277.961366][T17838] 9pnet_fd: Insufficient options for proto=fd [ 278.034622][T17842] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 278.168410][T17854] siw: device registration error -23 [ 278.210524][T17860] FAULT_INJECTION: forcing a failure. [ 278.210524][T17860] name failslab, interval 1, probability 0, space 0, times 0 [ 278.223287][T17860] CPU: 1 UID: 0 PID: 17860 Comm: syz.2.5568 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 278.223317][T17860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 278.223332][T17860] Call Trace: [ 278.223340][T17860] [ 278.223350][T17860] __dump_stack+0x1d/0x30 [ 278.223376][T17860] dump_stack_lvl+0xe8/0x140 [ 278.223410][T17860] dump_stack+0x15/0x1b [ 278.223431][T17860] should_fail_ex+0x265/0x280 [ 278.223466][T17860] should_failslab+0x8c/0xb0 [ 278.223494][T17860] kmem_cache_alloc_node_noprof+0x57/0x320 [ 278.223591][T17860] ? __alloc_skb+0x101/0x320 [ 278.223630][T17860] __alloc_skb+0x101/0x320 [ 278.223680][T17860] netlink_alloc_large_skb+0xba/0xf0 [ 278.223717][T17860] netlink_sendmsg+0x3cf/0x6b0 [ 278.223792][T17860] ? __pfx_netlink_sendmsg+0x10/0x10 [ 278.223877][T17860] __sock_sendmsg+0x142/0x180 [ 278.223986][T17860] ____sys_sendmsg+0x31e/0x4e0 [ 278.224050][T17860] ___sys_sendmsg+0x17b/0x1d0 [ 278.224089][T17860] __x64_sys_sendmsg+0xd4/0x160 [ 278.224120][T17860] x64_sys_call+0x2999/0x2fb0 [ 278.224147][T17860] do_syscall_64+0xd0/0x1a0 [ 278.224215][T17860] ? clear_bhb_loop+0x25/0x80 [ 278.224293][T17860] ? clear_bhb_loop+0x25/0x80 [ 278.224318][T17860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.224395][T17860] RIP: 0033:0x7f69a47ae969 [ 278.224410][T17860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.224428][T17860] RSP: 002b:00007f69a2e17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 278.224445][T17860] RAX: ffffffffffffffda RBX: 00007f69a49d5fa0 RCX: 00007f69a47ae969 [ 278.224495][T17860] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 000000000000000a [ 278.224510][T17860] RBP: 00007f69a2e17090 R08: 0000000000000000 R09: 0000000000000000 [ 278.224525][T17860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 278.224540][T17860] R13: 0000000000000000 R14: 00007f69a49d5fa0 R15: 00007fff2cde3728 [ 278.224561][T17860] [ 278.429895][T17864] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5566'. [ 278.792670][T17871] loop0: detected capacity change from 0 to 256 [ 278.917091][T17873] 9pnet_fd: Insufficient options for proto=fd [ 279.099125][ T29] kauditd_printk_skb: 306 callbacks suppressed [ 279.099143][ T29] audit: type=1326 audit(1746194129.100:12341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17874 comm="syz.0.5572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8917e969 code=0x7ffc0000 [ 279.248357][ T29] audit: type=1326 audit(1746194129.130:12342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17874 comm="syz.0.5572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8917e969 code=0x7ffc0000 [ 279.475391][T17878] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 279.673041][T17891] loop0: detected capacity change from 0 to 764 [ 279.680898][T17891] rock: directory entry would overflow storage [ 279.687370][T17891] rock: sig=0x4654, size=5, remaining=4 [ 279.800651][T17899] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5580'. [ 280.486300][T17903] 9pnet_fd: Insufficient options for proto=fd [ 280.634072][T17910] bond0: (slave dummy0): Releasing backup interface [ 280.761816][T17915] netlink: 'syz.0.5587': attribute type 3 has an invalid length. [ 280.962935][T17930] loop0: detected capacity change from 0 to 512 [ 280.973284][T17930] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.5593: casefold flag without casefold feature [ 280.988884][T17930] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.5593: couldn't read orphan inode 15 (err -117) [ 281.001399][T17930] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.045986][T11225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.101653][T17936] loop3: detected capacity change from 0 to 512 [ 281.110398][T17936] EXT4-fs (loop3): fragment/cluster size (262144) != block size (2048) [ 281.412945][T17938] lo speed is unknown, defaulting to 1000 [ 281.486734][T17938] chnl_net:caif_netlink_parms(): no params data found [ 281.546173][ T67] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.555197][T17953] 9pnet_fd: Insufficient options for proto=fd [ 281.599106][ T67] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.610944][T17938] bridge0: port 1(bridge_slave_0) entered blocking state [ 281.618280][T17938] bridge0: port 1(bridge_slave_0) entered disabled state [ 281.650218][T17938] bridge_slave_0: entered allmulticast mode [ 281.662029][T17959] loop3: detected capacity change from 0 to 512 [ 281.678466][T17938] bridge_slave_0: entered promiscuous mode [ 281.694480][T17938] bridge0: port 2(bridge_slave_1) entered blocking state [ 281.701874][T17938] bridge0: port 2(bridge_slave_1) entered disabled state [ 281.723824][T17959] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.5599: casefold flag without casefold feature [ 281.745876][ T29] audit: type=1326 audit(1746194131.740:12343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17962 comm="syz.0.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8917e969 code=0x7ffc0000 [ 281.769614][ T29] audit: type=1326 audit(1746194131.740:12344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17962 comm="syz.0.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8917e969 code=0x7ffc0000 [ 281.793270][ T29] audit: type=1326 audit(1746194131.740:12345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17962 comm="syz.0.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fae8917e969 code=0x7ffc0000 [ 281.816910][ T29] audit: type=1326 audit(1746194131.740:12346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17962 comm="syz.0.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8917e969 code=0x7ffc0000 [ 281.817379][T17938] bridge_slave_1: entered allmulticast mode [ 281.840525][ T29] audit: type=1326 audit(1746194131.740:12347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17962 comm="syz.0.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8917e969 code=0x7ffc0000 [ 281.847150][T17938] bridge_slave_1: entered promiscuous mode [ 281.870113][ T29] audit: type=1326 audit(1746194131.740:12348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17962 comm="syz.0.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fae8917e969 code=0x7ffc0000 [ 281.899784][ T29] audit: type=1326 audit(1746194131.740:12349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17962 comm="syz.0.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8917e969 code=0x7ffc0000 [ 281.923553][ T29] audit: type=1326 audit(1746194131.740:12350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17962 comm="syz.0.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8917e969 code=0x7ffc0000 [ 281.952541][ T67] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.962977][T17959] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5599: couldn't read orphan inode 15 (err -117) [ 281.977606][T17959] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.001829][T17938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 282.015785][T17938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 282.035608][T17966] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 282.060957][ T67] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 282.062979][T12505] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.101460][T17938] team0: Port device team_slave_0 added [ 282.109389][T17938] team0: Port device team_slave_1 added [ 282.126852][T17970] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 282.178961][T17938] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 282.186038][T17938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 282.212100][T17938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 282.235382][T17938] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 282.242512][T17938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 282.268575][T17938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 282.289459][T17973] bond0: (slave dummy0): Releasing backup interface [ 282.297885][T17973] dummy0: left promiscuous mode [ 282.369568][T17983] openvswitch: netlink: Message has 6 unknown bytes. [ 282.488264][ T67] bond0 (unregistering): Released all slaves [ 282.500351][T17975] netlink: 'syz.3.5606': attribute type 3 has an invalid length. [ 282.559296][T17938] hsr_slave_0: entered promiscuous mode [ 282.570986][T17938] hsr_slave_1: entered promiscuous mode [ 282.582941][T17938] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 282.600653][T17938] Cannot create hsr debugfs directory [ 282.621700][ T67] hsr_slave_0: left promiscuous mode [ 282.638665][ T67] hsr_slave_1: left promiscuous mode [ 282.654282][ T67] veth1_macvtap: left promiscuous mode [ 282.662431][ T67] veth0_macvtap: left promiscuous mode [ 282.673136][ T67] veth1_vlan: left promiscuous mode [ 282.682881][ T67] veth0_vlan: left promiscuous mode [ 282.990611][T17997] FAULT_INJECTION: forcing a failure. [ 282.990611][T17997] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 283.003973][T17997] CPU: 1 UID: 0 PID: 17997 Comm: syz.2.5613 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 283.004006][T17997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 283.004021][T17997] Call Trace: [ 283.004029][T17997] [ 283.004040][T17997] __dump_stack+0x1d/0x30 [ 283.004065][T17997] dump_stack_lvl+0xe8/0x140 [ 283.004112][T17997] dump_stack+0x15/0x1b [ 283.004127][T17997] should_fail_ex+0x265/0x280 [ 283.004159][T17997] should_fail+0xb/0x20 [ 283.004251][T17997] should_fail_usercopy+0x1a/0x20 [ 283.004272][T17997] _copy_to_user+0x20/0xa0 [ 283.004298][T17997] simple_read_from_buffer+0xb5/0x130 [ 283.004329][T17997] proc_fail_nth_read+0x100/0x140 [ 283.004360][T17997] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 283.004417][T17997] vfs_read+0x19d/0x6f0 [ 283.004445][T17997] ? __rcu_read_unlock+0x4f/0x70 [ 283.004469][T17997] ? __rcu_read_unlock+0x4f/0x70 [ 283.004495][T17997] ? __fget_files+0x184/0x1c0 [ 283.004542][T17997] ksys_read+0xda/0x1a0 [ 283.004575][T17997] __x64_sys_read+0x40/0x50 [ 283.004598][T17997] x64_sys_call+0x2d77/0x2fb0 [ 283.004645][T17997] do_syscall_64+0xd0/0x1a0 [ 283.004673][T17997] ? clear_bhb_loop+0x25/0x80 [ 283.004701][T17997] ? clear_bhb_loop+0x25/0x80 [ 283.004729][T17997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.004807][T17997] RIP: 0033:0x7f69a47ad37c [ 283.004826][T17997] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 283.004846][T17997] RSP: 002b:00007f69a2e17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 283.004864][T17997] RAX: ffffffffffffffda RBX: 00007f69a49d5fa0 RCX: 00007f69a47ad37c [ 283.004876][T17997] RDX: 000000000000000f RSI: 00007f69a2e170a0 RDI: 0000000000000004 [ 283.004887][T17997] RBP: 00007f69a2e17090 R08: 0000000000000000 R09: 0000000000000000 [ 283.004938][T17997] R10: 0000000000000140 R11: 0000000000000246 R12: 0000000000000001 [ 283.004954][T17997] R13: 0000000000000000 R14: 00007f69a49d5fa0 R15: 00007fff2cde3728 [ 283.004974][T17997] [ 283.333814][T18006] netlink: 'syz.0.5618': attribute type 3 has an invalid length. [ 283.516322][T18017] loop4: detected capacity change from 0 to 512 [ 283.536850][T18017] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.5622: casefold flag without casefold feature [ 283.592125][T18017] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5622: couldn't read orphan inode 15 (err -117) [ 283.607845][T18017] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.646984][T12266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.773447][T17938] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 283.808263][T18032] bond0: (slave dummy0): Releasing backup interface [ 283.826283][T18032] dummy0: left promiscuous mode [ 283.852524][T18041] loop3: detected capacity change from 0 to 512 [ 283.870211][T18041] EXT4-fs (loop3): too many log groups per flexible block group [ 283.878119][T18041] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 283.887624][T18041] EXT4-fs (loop3): mount failed [ 283.889864][T17938] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 283.928146][T17938] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 283.939283][T17938] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 284.022454][T17938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 284.033384][T18050] loop3: detected capacity change from 0 to 8192 [ 284.046800][T17938] 8021q: adding VLAN 0 to HW filter on device team0 [ 284.056970][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 284.064131][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 284.076815][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 284.084006][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 284.094859][T18050] loop3: p1 p2 p3 p4 [ 284.109346][T18050] loop3: p1 size 108922248 extends beyond EOD, truncated [ 284.118145][T18050] loop3: p2 start 861536256 is beyond EOD, truncated [ 284.124954][T18050] loop3: p3 start 851968 is beyond EOD, truncated [ 284.131558][T18050] loop3: p4 size 65536 extends beyond EOD, truncated [ 284.161107][T18056] FAULT_INJECTION: forcing a failure. [ 284.161107][T18056] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 284.174439][T18056] CPU: 0 UID: 0 PID: 18056 Comm: syz.0.5636 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 284.174496][T18056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 284.174512][T18056] Call Trace: [ 284.174520][T18056] [ 284.174531][T18056] __dump_stack+0x1d/0x30 [ 284.174568][T18056] dump_stack_lvl+0xe8/0x140 [ 284.174592][T18056] dump_stack+0x15/0x1b [ 284.174613][T18056] should_fail_ex+0x265/0x280 [ 284.174703][T18056] should_fail+0xb/0x20 [ 284.174804][T18056] should_fail_usercopy+0x1a/0x20 [ 284.174826][T18056] _copy_to_user+0x20/0xa0 [ 284.174898][T18056] simple_read_from_buffer+0xb5/0x130 [ 284.174929][T18056] proc_fail_nth_read+0x100/0x140 [ 284.174963][T18056] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 284.174993][T18056] vfs_read+0x19d/0x6f0 [ 284.175087][T18056] ? __rcu_read_unlock+0x4f/0x70 [ 284.175171][T18056] ? __fget_files+0x184/0x1c0 [ 284.175199][T18056] ? ldsem_up_read+0x8a/0xd0 [ 284.175240][T18056] ksys_read+0xda/0x1a0 [ 284.175271][T18056] __x64_sys_read+0x40/0x50 [ 284.175388][T18056] x64_sys_call+0x2d77/0x2fb0 [ 284.175443][T18056] do_syscall_64+0xd0/0x1a0 [ 284.175470][T18056] ? clear_bhb_loop+0x25/0x80 [ 284.175497][T18056] ? clear_bhb_loop+0x25/0x80 [ 284.175522][T18056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.175576][T18056] RIP: 0033:0x7fae8917d37c [ 284.175591][T18056] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 284.175713][T18056] RSP: 002b:00007fae877c6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 284.175743][T18056] RAX: ffffffffffffffda RBX: 00007fae893a6080 RCX: 00007fae8917d37c [ 284.175778][T18056] RDX: 000000000000000f RSI: 00007fae877c60a0 RDI: 0000000000000007 [ 284.175794][T18056] RBP: 00007fae877c6090 R08: 0000000000000000 R09: 0000000000000000 [ 284.175810][T18056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 284.175825][T18056] R13: 0000000000000000 R14: 00007fae893a6080 R15: 00007ffd56076a68 [ 284.175861][T18056] [ 284.184232][T17938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 284.385151][ T29] kauditd_printk_skb: 64 callbacks suppressed [ 284.385172][ T29] audit: type=1400 audit(1746194134.380:12415): avc: denied { write } for pid=18063 comm="syz.3.5639" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 284.436637][ T29] audit: type=1326 audit(1746194134.440:12416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18063 comm="syz.3.5639" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff30d69e969 code=0x0 [ 284.469636][T17938] veth0_vlan: entered promiscuous mode [ 284.486425][T17938] veth1_vlan: entered promiscuous mode [ 284.499458][T18064] loop3: detected capacity change from 0 to 1024 [ 284.517553][T17938] veth0_macvtap: entered promiscuous mode [ 284.527748][T17938] veth1_macvtap: entered promiscuous mode [ 284.536421][T18064] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 284.557605][T18064] EXT4-fs (loop3): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 284.564153][ T29] audit: type=1326 audit(1746194134.560:12417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18080 comm="syz.4.5640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a072ae969 code=0x7ffc0000 [ 284.573186][T17938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 284.600535][T17938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 284.618805][T17938] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.627696][T17938] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.636639][T17938] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.645461][T17938] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.654214][ T29] audit: type=1326 audit(1746194134.620:12418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18080 comm="syz.4.5640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6a072ae969 code=0x7ffc0000 [ 284.677954][ T29] audit: type=1326 audit(1746194134.620:12419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18080 comm="syz.4.5640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a072ae969 code=0x7ffc0000 [ 284.701803][ T29] audit: type=1326 audit(1746194134.620:12420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18080 comm="syz.4.5640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a072ae969 code=0x7ffc0000 [ 284.725659][ T29] audit: type=1326 audit(1746194134.620:12421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18080 comm="syz.4.5640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6a072ae969 code=0x7ffc0000 [ 284.749314][ T29] audit: type=1326 audit(1746194134.620:12422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18080 comm="syz.4.5640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a072ae969 code=0x7ffc0000 [ 284.773027][ T29] audit: type=1326 audit(1746194134.620:12423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18080 comm="syz.4.5640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6a072ae969 code=0x7ffc0000 [ 284.796716][ T29] audit: type=1326 audit(1746194134.620:12424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18080 comm="syz.4.5640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a072ae969 code=0x7ffc0000 [ 285.108586][T18097] loop3: detected capacity change from 0 to 512 [ 285.128855][T18097] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 285.177822][T18097] EXT4-fs (loop3): 1 truncate cleaned up [ 285.217182][T18062] syz.0.5638 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 285.228257][T18062] CPU: 1 UID: 0 PID: 18062 Comm: syz.0.5638 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 285.228306][T18062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 285.228319][T18062] Call Trace: [ 285.228326][T18062] [ 285.228335][T18062] __dump_stack+0x1d/0x30 [ 285.228361][T18062] dump_stack_lvl+0xe8/0x140 [ 285.228444][T18062] dump_stack+0x15/0x1b [ 285.228517][T18062] dump_header+0x81/0x220 [ 285.228558][T18062] oom_kill_process+0x334/0x3f0 [ 285.228591][T18062] out_of_memory+0x979/0xb80 [ 285.228677][T18062] ? css_next_descendant_pre+0x138/0x160 [ 285.228857][T18062] mem_cgroup_out_of_memory+0x13d/0x190 [ 285.228900][T18062] try_charge_memcg+0x5e2/0x870 [ 285.228930][T18062] charge_memcg+0x51/0xc0 [ 285.228954][T18062] mem_cgroup_swapin_charge_folio+0xcc/0x150 [ 285.229004][T18062] __read_swap_cache_async+0x1df/0x350 [ 285.229061][T18062] swap_cluster_readahead+0x277/0x3e0 [ 285.229124][T18062] swapin_readahead+0xde/0x6f0 [ 285.229155][T18062] ? __filemap_get_folio+0x49f/0x650 [ 285.229193][T18062] ? swap_cache_get_folio+0x77/0x200 [ 285.229224][T18062] do_swap_page+0x301/0x2460 [ 285.229321][T18062] ? cgroup_rstat_updated+0xa3/0x510 [ 285.229351][T18062] ? __pfx_default_wake_function+0x10/0x10 [ 285.229385][T18062] handle_mm_fault+0xb60/0x2ae0 [ 285.229494][T18062] ? mas_walk+0xf2/0x120 [ 285.229528][T18062] do_user_addr_fault+0x636/0x1090 [ 285.229569][T18062] ? switch_fpu_return+0xe/0x20 [ 285.229647][T18062] ? fpregs_assert_state_consistent+0x84/0xa0 [ 285.229676][T18062] exc_page_fault+0x54/0xc0 [ 285.229724][T18062] asm_exc_page_fault+0x26/0x30 [ 285.229749][T18062] RIP: 0033:0x7fae890553ac [ 285.229767][T18062] Code: 66 0f 1f 44 00 00 69 3d 06 03 e8 00 e8 03 00 00 48 8d 1d 07 0c 35 00 e8 22 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 e0 00 00 [ 285.229839][T18062] RSP: 002b:00007ffd56076bd0 EFLAGS: 00010202 [ 285.229854][T18062] RAX: 0000000000000000 RBX: 00007fae893a5fa0 RCX: 0000000000000000 [ 285.229866][T18062] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555562677808 [ 285.229880][T18062] RBP: 00007fae893a7ba0 R08: 0000000000000000 R09: 7fffffffffffffff [ 285.229906][T18062] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000459ee [ 285.229918][T18062] R13: 00007ffd56076cc0 R14: ffffffffffffffff R15: 00007ffd56076ce0 [ 285.229939][T18062] [ 285.229947][T18062] memory: usage 307200kB, limit 307200kB, failcnt 1829 [ 285.261930][T18101] loop4: detected capacity change from 0 to 8192 [ 285.263436][T18062] memory+swap: usage 308424kB, limit 9007199254740988kB, failcnt 0 [ 285.484632][T18062] kmem: usage 307064kB, limit 9007199254740988kB, failcnt 0 [ 285.491984][T18062] Memory cgroup stats for /syz0: [ 285.492263][T18062] cache 110592 [ 285.500779][T18062] rss 0 [ 285.503617][T18062] shmem 0 [ 285.506599][T18062] mapped_file 110592 [ 285.508850][T18101] loop4: p1 p2 p3 p4 [ 285.510491][T18062] dirty 0 [ 285.510501][T18062] writeback 8192 [ 285.510511][T18062] workingset_refault_anon 140 [ 285.514732][T18101] loop4: p1 size 108922248 extends beyond EOD, [ 285.517466][T18062] workingset_refault_file 754 [ 285.520979][T18101] truncated [ 285.521875][T18101] loop4: p2 start 861536256 is beyond EOD, [ 285.525744][T18062] swap 1253376 [ 285.531946][T18101] truncated [ 285.531954][T18101] loop4: p3 start 851968 is beyond EOD, truncated [ 285.531974][T18101] loop4: p4 size 65536 extends beyond EOD, truncated [ 285.565744][T18062] swapcached 28672 [ 285.569692][T18062] pgpgin 312237 [ 285.573187][T18062] pgpgout 312203 [ 285.576885][T18062] pgfault 349868 [ 285.580449][T18062] pgmajfault 113 [ 285.584088][T18062] inactive_anon 28672 [ 285.588203][T18062] active_anon 0 [ 285.591689][T18062] inactive_file 110592 [ 285.595870][T18062] active_file 0 [ 285.599388][T18062] unevictable 0 [ 285.602920][T18062] hierarchical_memory_limit 314572800 [ 285.608363][T18062] hierarchical_memsw_limit 9223372036854771712 [ 285.614761][T18062] total_cache 110592 [ 285.618904][T18062] total_rss 0 [ 285.622228][T18062] total_shmem 0 [ 285.625729][T18062] total_mapped_file 110592 [ 285.630192][T18062] total_dirty 0 [ 285.633675][T18062] total_writeback 8192 [ 285.637830][T18062] total_workingset_refault_anon 140 [ 285.643058][T18062] total_workingset_refault_file 754 [ 285.648319][T18062] total_swap 1253376 [ 285.652222][T18062] total_swapcached 28672 [ 285.656583][T18062] total_pgpgin 312237 [ 285.660577][T18062] total_pgpgout 312203 [ 285.664645][T18062] total_pgfault 349868 [ 285.668855][T18062] total_pgmajfault 113 [ 285.672936][T18062] total_inactive_anon 28672 [ 285.677811][T18062] total_active_anon 0 [ 285.681925][T18062] total_inactive_file 110592 [ 285.686645][T18062] total_active_file 0 [ 285.690734][T18062] total_unevictable 0 [ 285.694751][T18062] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.5638,pid=18062,uid=0 [ 285.709589][T18062] Memory cgroup out of memory: Killed process 18062 (syz.0.5638) total-vm:93880kB, anon-rss:936kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 285.740746][T18109] bridge_slave_0: left allmulticast mode [ 285.746698][T18109] bridge_slave_0: left promiscuous mode [ 285.752427][T18109] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.762423][T18109] bridge_slave_1: left allmulticast mode [ 285.768514][T18109] bridge_slave_1: left promiscuous mode [ 285.774529][T18109] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.805439][T18109] bond0: (slave bond_slave_0): Releasing backup interface [ 285.821867][T18109] bond0: (slave bond_slave_1): Releasing backup interface [ 285.841164][T18109] team0: Port device team_slave_0 removed [ 285.861117][T18109] team0: Port device team_slave_1 removed [ 285.882043][T18109] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 285.889753][T18109] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 285.909681][T18109] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 285.917258][T18109] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 285.954054][T18118] netlink: 'syz.4.5653': attribute type 3 has an invalid length. [ 285.956798][T18065] syz.0.5638 (18065) used greatest stack depth: 8728 bytes left [ 286.250491][T18145] loop0: detected capacity change from 0 to 512 [ 286.298870][T18150] loop1: detected capacity change from 0 to 512 [ 286.301267][T18142] bond0: (slave dummy0): Releasing backup interface [ 286.312703][T18145] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.5665: casefold flag without casefold feature [ 286.328626][T18145] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.5665: couldn't read orphan inode 15 (err -117) [ 286.353700][T18145] EXT4-fs mount: 2 callbacks suppressed [ 286.353718][T18145] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.373777][T18150] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 286.400323][T18150] EXT4-fs (loop1): 1 truncate cleaned up [ 286.409424][T18150] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 286.431012][T11225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.624280][T18157] loop0: detected capacity change from 0 to 8192 [ 286.661460][T18157] loop0: p1 p2 p3 p4 [ 286.665807][T18157] loop0: p1 size 108922248 extends beyond EOD, truncated [ 286.683847][T18157] loop0: p2 start 861536256 is beyond EOD, truncated [ 286.690670][T18157] loop0: p3 start 851968 is beyond EOD, truncated [ 286.697289][T18157] loop0: p4 size 65536 extends beyond EOD, truncated [ 286.714483][T17938] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.790726][T18183] loop3: detected capacity change from 0 to 256 [ 286.793074][T18181] loop0: detected capacity change from 0 to 512 [ 286.834577][T18181] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.5678: casefold flag without casefold feature [ 286.847371][T18176] loop1: detected capacity change from 0 to 8192 [ 286.848562][T18181] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.5678: couldn't read orphan inode 15 (err -117) [ 286.869531][T18181] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.876465][T18189] loop4: detected capacity change from 0 to 512 [ 286.895363][T18189] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 286.905885][T18176] loop1: p1 p2 p3 p4 [ 286.909950][T18176] loop1: p1 size 108922248 extends beyond EOD, truncated [ 286.917998][T18176] loop1: p2 start 861536256 is beyond EOD, truncated [ 286.924754][T18176] loop1: p3 start 851968 is beyond EOD, truncated [ 286.931269][T18176] loop1: p4 size 65536 extends beyond EOD, truncated [ 286.937647][T18189] EXT4-fs (loop4): 1 truncate cleaned up [ 286.944118][T18189] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.967409][T11225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.226892][T18225] loop3: detected capacity change from 0 to 512 [ 287.291251][T18225] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.5689: casefold flag without casefold feature [ 287.313229][T18245] 9pnet_fd: Insufficient options for proto=fd [ 287.323091][T18225] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5689: couldn't read orphan inode 15 (err -117) [ 287.379269][T18225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 287.447643][T12266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.459143][T12505] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.495155][ C0] ================================================================== [ 287.503285][ C0] BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick [ 287.510599][ C0] [ 287.512933][ C0] read-write to 0xffff8881002028b8 of 8 bytes by interrupt on cpu 1: [ 287.521025][ C0] wq_worker_tick+0x60/0x230 [ 287.525637][ C0] sched_tick+0x11a/0x270 [ 287.530016][ C0] update_process_times+0x15f/0x190 [ 287.535265][ C0] tick_nohz_handler+0x249/0x2d0 [ 287.540233][ C0] __hrtimer_run_queues+0x20c/0x5a0 [ 287.545465][ C0] hrtimer_interrupt+0x21a/0x460 [ 287.550412][ C0] __sysvec_apic_timer_interrupt+0x5c/0x1d0 [ 287.556356][ C0] sysvec_apic_timer_interrupt+0x6f/0x80 [ 287.562007][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 287.568000][ C0] wait_for_common+0x1af/0x1e0 [ 287.572781][ C0] io_ring_exit_work+0x2ab/0x560 [ 287.577733][ C0] process_scheduled_works+0x4cb/0x9d0 [ 287.583215][ C0] worker_thread+0x582/0x770 [ 287.587828][ C0] kthread+0x486/0x510 [ 287.591917][ C0] ret_from_fork+0x4b/0x60 [ 287.596369][ C0] ret_from_fork_asm+0x1a/0x30 [ 287.601154][ C0] [ 287.603502][ C0] read-write to 0xffff8881002028b8 of 8 bytes by interrupt on cpu 0: [ 287.611607][ C0] wq_worker_tick+0x60/0x230 [ 287.616239][ C0] sched_tick+0x11a/0x270 [ 287.620587][ C0] update_process_times+0x15f/0x190 [ 287.625807][ C0] tick_nohz_handler+0x249/0x2d0 [ 287.630756][ C0] __hrtimer_run_queues+0x20c/0x5a0 [ 287.635961][ C0] hrtimer_interrupt+0x21a/0x460 [ 287.640907][ C0] __sysvec_apic_timer_interrupt+0x5c/0x1d0 [ 287.646815][ C0] sysvec_apic_timer_interrupt+0x6f/0x80 [ 287.652469][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 287.658473][ C0] __sanitizer_cov_trace_pc+0x37/0x70 [ 287.663881][ C0] bpf_probe_read_user_str+0x4a/0x70 [ 287.669189][ C0] bpf_prog_cd4766ec6edc55ef+0x3b/0x3d [ 287.674737][ C0] bpf_trace_run2+0x104/0x1c0 [ 287.679447][ C0] __traceiter_kfree+0x2b/0x50 [ 287.684232][ C0] kfree+0x26f/0x310 [ 287.688149][ C0] io_alloc_cache_free+0xc0/0xe0 [ 287.693101][ C0] io_futex_cache_free+0x23/0x30 [ 287.698061][ C0] io_free_alloc_caches+0x70/0x80 [ 287.703181][ C0] io_ring_ctx_free+0x78/0x360 [ 287.708252][ C0] io_ring_exit_work+0x529/0x560 [ 287.713200][ C0] process_scheduled_works+0x4cb/0x9d0 [ 287.718681][ C0] worker_thread+0x582/0x770 [ 287.723293][ C0] kthread+0x486/0x510 [ 287.727371][ C0] ret_from_fork+0x4b/0x60 [ 287.731816][ C0] ret_from_fork_asm+0x1a/0x30 [ 287.736588][ C0] [ 287.738909][ C0] value changed: 0x000000000003a980 -> 0x000000000003d090 [ 287.746024][ C0] [ 287.748344][ C0] Reported by Kernel Concurrency Sanitizer on: [ 287.754498][ C0] CPU: 0 UID: 0 PID: 18217 Comm: kworker/u8:26 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(voluntary) [ 287.767269][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 287.777369][ C0] Workqueue: iou_exit io_ring_exit_work [ 287.782945][ C0] ================================================================== [ 287.874736][T18278] loop4: detected capacity change from 0 to 512 [ 287.904137][T18278] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.5695: casefold flag without casefold feature [ 287.920069][T18278] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5695: couldn't read orphan inode 15 (err -117) [ 287.932668][T18278] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 287.934513][T18276] loop3: detected capacity change from 0 to 8192 [ 287.962133][T12266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.985670][T18276] loop3: p1 p2 p3 p4 [ 287.989794][T18276] loop3: p1 size 108922248 extends beyond EOD, truncated [ 287.997992][T18276] loop3: p2 start 861536256 is beyond EOD, truncated [ 288.004687][T18276] loop3: p3 start 851968 is beyond EOD, truncated [ 288.011162][T18276] loop3: p4 size 65536 extends beyond EOD, truncated