last executing test programs:
32.970840657s ago: executing program 2 (id=300):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x5, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000f200000000000000001860000000000003000000000000000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c00000000080104000000000000000007000007140004800800054000000009080001000000fa2e050003002f00000006000240080500000600024008050000090001"], 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x4840)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000025940000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000030c0002400000000000000010140001800c000100636f756e7465720004", @ANYBLOB="d7"], 0x118}}, 0x0)
32.490802955s ago: executing program 2 (id=304):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x120a800, &(0x7f00000000c0)={[{@dax_never}, {@data_err_abort}, {@max_batch_time={'max_batch_time', 0x3d, 0x7fff}}, {@errors_continue}, {@usrjquota}, {@usrjquota}]}, 0xfd, 0x57c, &(0x7f00000001c0)="$eJzs3V9rW+UfAPDvSZv9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUjnpSZe1Sfpn6RKXzwfO9jw5J3meJ8/5njzPOUlPAAPrePpPLuLliPgqiRhtWjcc2crja9utPL45nS5JrK5+/HsS5za8VpL9P5JlXoqIn7+IOJXbXG51aXmuWC6XFrL8eG3+2nh1afn0lfnibGm2dHVyaursm1OT77z9Vtfa+vrFP7/96P77Z788sfLNjw+P3E3ifBzO1qXt6kIRt5ozx4t/Z6l8nN+w4UQXCusnSa8rwK4MZXGej/QYMBpDWdQDL77PI2IVGFDJxvj/p0cVAZ6zxjigMbfv0jz4P+PRe2sToM3tH147NxIH6nOjQyvJUzOjdL471oXy0zJ++u3e3XSJzuchDm6RB9iRW7cj4szw8ObjX5Id/3bvTP3kcWcbyxi0zx/opfvp+Ce5FbEp/nPr459oMf4ZaRG7u7F1/OcedqGYttLx37stx7/rh66xoSz3v/qYL59cvlIunYmI/0fEycjvT/OdruecXXmw2m5d8/gvXdLyG2PBrB4Ph/c//ZyZYq34LG1u9uh2xCstx7/Jev8nLfo/fT8uNjL5zmUcK917td26rdu/t1Z/iHitZf8/uaKVdL4+OV7fH8Ybe8Vmf9w59ku78nvd/rT/D3Vu/1jSfL22uvMyvj/wV6ndut3u//uST+rpfdljN4q12sJExL7kw+GRjY9PPnluI9/YPm3/yROt47/T/p9Ovj7dZvvvHL3TdtN+6P+ZHfX/zhMPPvjsu3blb6//36inTmaPbOf4t90KPst7BwAAAAAAAP0mFxGHI8kV1tO5XKGw9v2Oo3EoV65Ua6cuVxavzkT9t7Jjkc81rnSPNn0fYiL7PmwjP7khPxURRyLi66GD9XxhulKe6XXjAQAAAAAAAAAAAAAAAAAAoE+MtPn9f+rXoV7XDthz9Rsb7O91LYBe2PKW/9240xPQl7aMf+CFtfP4d2YAXhQ+/2FwiX8YXOIfBtd24z8/uscVAZ47n/8wuMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNXFCxfSZXXl8c3pND9zfWlxrnL99EypOleYX5wuTFcWrhVmK5XZcqkwXZnf6vXKlcq1iclYvDFeK1Vr49Wl5UvzlcWrtUtX5ouzpUulvD82DAAAAAAAAAAAAAAAAAAAAJtUl5bniuVyaUGibeJc9EU19rKBa3b19OF+aYVEVxM9PjABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJN/AwAA//+DNDNT")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x22)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085", @ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0) (fail_nth: 5)
32.14397831s ago: executing program 2 (id=310):
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x90, r0, 0x10, 0x70bd28, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x100}, {0xc, 0x90, 0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc, 0x8f, 0x8}, {0xc, 0x90, 0x6}}]}, 0x90}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000140)={0x0, 0x9}, 0x8)
setsockopt(r1, 0x84, 0x82, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', 0x8)
sendto$inet6(r1, &(0x7f0000000040)="ee", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x101, @loopback, 0x8000005}, 0x1c)
32.143666971s ago: executing program 2 (id=311):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
semtimedop(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x40000000000}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32=r2], 0x48)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='westwood\x00', 0x9)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000000)=[@mss, @timestamp, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}], 0x5)
sendto$inet(r4, &(0x7f0000000400)="001d71d52a3879c9c7649475728f8a25a071a59c20", 0x15, 0x4044000, 0x0, 0x0)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x200000000000001f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r5}, 0x10)
setitimer(0x2, 0x0, 0x0)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
31.891999094s ago: executing program 2 (id=315):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000084000000060a010400000000000000000100000008000b40000000005c0004802c000180090001007866726d000000001c0002800800024000000001050003000000000008000140000000092c00018008000100636d7000200002800c00038005000100"], 0xf8}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000059c0)='./bus\x00', 0x0, &(0x7f0000000a40)={[{@min_batch_time={'min_batch_time', 0x3d, 0x200}}]}, 0x1, 0x439, &(0x7f0000001240)="$eJzs28tvG8UfAPDvrp3219cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3G8exncY4ccGfj7TtzO5EM1/PTjyzkw1gaI1l/yQRuyPi14gYbWRXFxhr/Hdr+crMn8tXZpKo1d74I6mXu7l8ZaYoWvzcriJTjkg/SeJgm3oXLl0+N12tzl3M8xOL59+dWLh0+Zmz56fPzJ2ZuzB18uTxY5PPnZh6ti9xZnHdPPDB/KH9r7x17bWZU9fe/vHrpIi/JY4+Get28fFarc/VDdaepnRSHmBD2JBSY5jGSH38j0YpVjpvNF7+eKCNAzZVrVar3df58lIN+A9LYtAtAAaj+KLP1r/FsUVTj7vCjRcaC6As7lv50bhSjjQvM9Kyvu2nsYg4tfTXF9kRm/McAgBglW+z+c/T7eZ/aTQ/F/p/vodSiYh7ImJvRJyIiH0RcW9Evez9EfHAButv3SRZO/9Jr/cU2B3K5n/P53tbq+d/xewvKqU8t6ce/0hy+mx17mj+mRyJke1ZfrJLHd+99Mtnna41z/+yI6u/mAvm7bhe3t6nYNu48VHEgXK7+JPbOwFJROyPiAM91nH2ya8Odbq2fvxd9GGfqfZlxBON/l+KlvgLSff9yYn/RXXu6ERxV6z1089XX+9U/z+Kvw+y/t/Z9v4v4t9TSZr3axc2XsfV3z7tuKbp5f6fnV6c3pa8uerc+9OLixcnI7Ylr9bzlebzUy3lplbKZ/EfOdx+/O+NlU/iYERkN/GDEfFQRDyct/2RiHg0Ig53if+HFx97p/f4N1cW/2zX/o+W/l9JbIvWM+0TpXPff7Oq0spG4s/6/3g9dSQ/k/X/enHdSbt6u5sBAADg3yeNiN2RpOO302k6Pt74G/59sTOtzi8sPnV6/r0Ls413BCoxkhZPukabnodO5sv6Ij/Vkj+WPzf+vLSjnh+fma/ODjp4GHK7Ooz/zO+lQbcO2HTe14LhZfzD8DL+YXgZ/zC82oz/HYNoB7D12n3/fziAdgBbr2X82/aDIWL9D8OrbL0PQ8v3PwylhR2x/kvyEhJrEpHeFc2Q6DGRRkS3MoP+zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAffwcAAP//KvHjlA==")
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
unshare(0x2c020400)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xf6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7, 0x9})
mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0)
31.696956627s ago: executing program 2 (id=316):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'lo\x00'})
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f00000003c0)={0x0, @nl=@proc={0x10, 0x0, 0x25dfdbfe, 0x400000}, @qipcrtr={0x2a, 0x3, 0x2}, @generic={0x1a, "04ae0e2d0feb727e19f334be4cd6"}, 0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)='lo\x00', 0x2, 0xb6, 0xef0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb261a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4d8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c952197b0a508c0e16fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d6"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0xb)
r2 = gettid()
tkill(r2, 0x12)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x28, r3, 0x10ada85e65c25359, 0x0, 0x8000000, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x72}}}}}, 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
r6 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r7 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)=<r8=>0x0)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000940)='./file0\x00', 0x444, &(0x7f0000000580)=ANY=[@ANYRESOCT=r8, @ANYRESDEC, @ANYRES16=r5, @ANYRESDEC=r6], 0xfe, 0x66f, &(0x7f0000002fc0)="$eJzs3Utv29gZxvGHsnyJCwRFWwyCIBOfSTqAg6aKJE88MNJFWYqSOZVEgaQLezVIJ/YgiJxpkxRovJl60wvQfoHuZjOLfogCXXfdL9BlgUG7a9GNCpKiJOseW3GmM/+fkeiIfMnz8hK9oSUdCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyHIqxWLJUt1r7u2byZxK4DemzE/Xtqw7aePOzH4lK/6jtTVdSydd+05/9lvxX7d0I312Q2vxw5pOvvHWNx98O5/Llp+S0HnoVVf4/OXJk4ft9uGz8/XWsc6z3GsxkolycyxVc5te6HsNu+YaL/TNzvZ28d5uNTRVr+6GB2HkNowTuLnID8ymc8eUdna2jFs48PeatYpdd7OJ73+/XCxumw9Wu4f/3geF0Nn16nWvWUti4tlxzGrvDHHthjFHj9uHW7OSjINK8wSVZwWVi+VyqVQul7bv79x/v1jMj0woDtFIRP+k/fIcfFymBb1yAxeXi+v/3y2prjU1tad9mbE/jioK5KsxYX5XVv/fvedO7Xew/mdV/lp/9nUl9f9m+uzmpPo/IRcjkywwbo41Yfr5fp7rpU70RA/VVluHeraY9W4MtP/TSS0w68X91KS85CmUL08N2arJlelOMdrRtrZV1IfaVVWhjKryVJerUAcKFclVIzkmgVzZiuQrkNGmHN2RUUk72tGWjFwVdCBfe2qqpops/bvT6RzpcbLft6bkqCyoNE9QvncOjgZNqv8//TRd4tXqP756eufOHDHAG9fpXv9PtjRu4sbrywgAAAAAACyalfz23Ureu39bUkdVr+4W33RaAAAAAABggZJ3/m/ED8tx621ZE67/O5efGwAAAAAAWAwr+Y6dJWk9+VC/1f8m1IwPAeQuK0UAAAAAAHBByfv/N1ekTjK02oasea//AQAAAADA/4vfDoyxn8/G2O1kY/7lJIWtVevP/1xVsGydtva/ax3b8Rz7uBszMjxgVL1u5ZUO1JuM17siKXnmuDes7vjA3UEwrXRgX+mLo1lj/VvBUAIrS9mvL8YkcPVkIIHtfPeZfq930ph3uv0+OskpmZP2sl716m7B8esPSrLtq7nI3Y9+8fTxL6Wgt51Hj9uHhY8+aT9KcjmNJ50ex3l8eiad3KxcXiTjLSTfuRi3xVdUzbr8XbOxbiX9FrPtX5J9nBvsaL7t/7VupTG31tPH9ZPsCMj6VbdRKiSHrL/1yegQVj+L0vCWjzsQE7JYS7K4ncbc3rydPmT5pUdh7XtLUrkwegyCwSzKg1nM3hfWv0b2xYws4nNhK87iL/GKJmSx9WpZjBwRAHhTjvpVKBnEfHSM/eG6e55XudnV/Ydne3nxx076hcMlKd99byL9EuKkuqL4FX0zDVtJR3HPXx/zil7s1pU1TXhFL16gusV9/al/D6Ru2t05+V4W/+10Og9KSb9/GKqqn8ULfDax37BeXop34b0Xxz9LBsCPfXz48eHTcnlru/hesXi/rOVkM7oP1B4AwBiz77FzNmKtX896tfu93lX1o3+8m7bO1N1v9T5SUNBH+kRtPdLd7BYCG+P7XR/4GMLd0avWOPaKNBxb0t2JV3VJLR2ILfdil5Utcvb/C/3Yrdd9GAAAuFS3ZtTh4fo/7tr9bnbdvXl97HV3Vkd3k1o+fIfgSTW3dMl7AgCArw83+MJaj35jBYHX+rC0s1Oyo13XBL7zYxN4lZprvGbkBs6u3ay5phX4ke/4ddMKtOpV3NCEe62WH0Sm6gem5YfefnLnd9O99XvoNuxm5Dlhq+7aoWscvxnZTmQqXuiY1t6P6l646wbJwmHLdbyq59iR5zdN6F+R4xaMCV13INCruM3Iq3pxs2lagdewgwPzE7++13BNxQ2dwGtFfrrCrC+vWfWDRrLagjrTbnQIAMDXxvOXJ08ettuHz6Y0TpU2ss+jTQleGbfCN7yJAABgCFUaAAAAAAAAAAAAAAAAAAAAAIAvv3m+/ze1kX0pMJuyrDHBUm/Kz6/OtWZL/Smf/+1CGZ6jkRue0h1ptzN78b+mjfy4mCtxY0VSO9v9gzGnC92KjbmClTbyi9+HV6RxZ8Jra/zg6Ox5OBITzxw7a7V3LPIX/+cwrvH08wmzZp9Rq2f34cq0DTzbyEt6tnKBQ3D5r0UALtf/AgAA///rIkS/")
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20200010}, 0xc, &(0x7f0000000300)={&(0x7f0000000500)={0x154, r3, 0x200, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x100, 0x6b}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x8000}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0xf000}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x1}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x3e}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xfc, 0xbe, "2742017ca147356ec4f341942a805d8d12c570e862a7918b334eb7e036294283b009d549645349f7db3739bcfcecd864bdeec33f14f36ec40eae62a8feb1fcaaae9430b9f92cc4e9863234195c2350e8317b6cf73c3adbf1524405b979c3e854f1268dc42ebc2698d50939faa674971f8b09265f62d4cdbd270e87ff5b8fe51cfbca43037ba97cb9e546f88dc91cf6839f8924df36545610bc8da62739ef5f2845ae0a2da127046dc572181c1b404fce687cd83a5689427f721f007461f3c711380c1d16f7e9ab9d0693e2710988d69386dedf5010f5fea85258d15c32cfb4b7a2c6c49b62fbbc42c7198ae299d793bba7b056ffffb6cf11"}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x37d}]}, 0x154}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x3, 0x0)
r9 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00'], 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000440)=@generic={0x0, r10}, 0x18)
ptrace$getregs(0xc, r9, 0x280, &(0x7f0000001400)=""/173)
31.688880937s ago: executing program 32 (id=316):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'lo\x00'})
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f00000003c0)={0x0, @nl=@proc={0x10, 0x0, 0x25dfdbfe, 0x400000}, @qipcrtr={0x2a, 0x3, 0x2}, @generic={0x1a, "04ae0e2d0feb727e19f334be4cd6"}, 0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)='lo\x00', 0x2, 0xb6, 0xef0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb261a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4d8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c952197b0a508c0e16fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d6"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0xb)
r2 = gettid()
tkill(r2, 0x12)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x28, r3, 0x10ada85e65c25359, 0x0, 0x8000000, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x72}}}}}, 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
r6 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r7 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)=<r8=>0x0)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000940)='./file0\x00', 0x444, &(0x7f0000000580)=ANY=[@ANYRESOCT=r8, @ANYRESDEC, @ANYRES16=r5, @ANYRESDEC=r6], 0xfe, 0x66f, &(0x7f0000002fc0)="$eJzs3Utv29gZxvGHsnyJCwRFWwyCIBOfSTqAg6aKJE88MNJFWYqSOZVEgaQLezVIJ/YgiJxpkxRovJl60wvQfoHuZjOLfogCXXfdL9BlgUG7a9GNCpKiJOseW3GmM/+fkeiIfMnz8hK9oSUdCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyHIqxWLJUt1r7u2byZxK4DemzE/Xtqw7aePOzH4lK/6jtTVdSydd+05/9lvxX7d0I312Q2vxw5pOvvHWNx98O5/Llp+S0HnoVVf4/OXJk4ft9uGz8/XWsc6z3GsxkolycyxVc5te6HsNu+YaL/TNzvZ28d5uNTRVr+6GB2HkNowTuLnID8ymc8eUdna2jFs48PeatYpdd7OJ73+/XCxumw9Wu4f/3geF0Nn16nWvWUti4tlxzGrvDHHthjFHj9uHW7OSjINK8wSVZwWVi+VyqVQul7bv79x/v1jMj0woDtFIRP+k/fIcfFymBb1yAxeXi+v/3y2prjU1tad9mbE/jioK5KsxYX5XVv/fvedO7Xew/mdV/lp/9nUl9f9m+uzmpPo/IRcjkywwbo41Yfr5fp7rpU70RA/VVluHeraY9W4MtP/TSS0w68X91KS85CmUL08N2arJlelOMdrRtrZV1IfaVVWhjKryVJerUAcKFclVIzkmgVzZiuQrkNGmHN2RUUk72tGWjFwVdCBfe2qqpops/bvT6RzpcbLft6bkqCyoNE9QvncOjgZNqv8//TRd4tXqP756eufOHDHAG9fpXv9PtjRu4sbrywgAAAAAACyalfz23Ureu39bUkdVr+4W33RaAAAAAABggZJ3/m/ED8tx621ZE67/O5efGwAAAAAAWAwr+Y6dJWk9+VC/1f8m1IwPAeQuK0UAAAAAAHBByfv/N1ekTjK02oasea//AQAAAADA/4vfDoyxn8/G2O1kY/7lJIWtVevP/1xVsGydtva/ax3b8Rz7uBszMjxgVL1u5ZUO1JuM17siKXnmuDes7vjA3UEwrXRgX+mLo1lj/VvBUAIrS9mvL8YkcPVkIIHtfPeZfq930ph3uv0+OskpmZP2sl716m7B8esPSrLtq7nI3Y9+8fTxL6Wgt51Hj9uHhY8+aT9KcjmNJ50ex3l8eiad3KxcXiTjLSTfuRi3xVdUzbr8XbOxbiX9FrPtX5J9nBvsaL7t/7VupTG31tPH9ZPsCMj6VbdRKiSHrL/1yegQVj+L0vCWjzsQE7JYS7K4ncbc3rydPmT5pUdh7XtLUrkwegyCwSzKg1nM3hfWv0b2xYws4nNhK87iL/GKJmSx9WpZjBwRAHhTjvpVKBnEfHSM/eG6e55XudnV/Ydne3nxx076hcMlKd99byL9EuKkuqL4FX0zDVtJR3HPXx/zil7s1pU1TXhFL16gusV9/al/D6Ru2t05+V4W/+10Og9KSb9/GKqqn8ULfDax37BeXop34b0Xxz9LBsCPfXz48eHTcnlru/hesXi/rOVkM7oP1B4AwBiz77FzNmKtX896tfu93lX1o3+8m7bO1N1v9T5SUNBH+kRtPdLd7BYCG+P7XR/4GMLd0avWOPaKNBxb0t2JV3VJLR2ILfdil5Utcvb/C/3Yrdd9GAAAuFS3ZtTh4fo/7tr9bnbdvXl97HV3Vkd3k1o+fIfgSTW3dMl7AgCArw83+MJaj35jBYHX+rC0s1Oyo13XBL7zYxN4lZprvGbkBs6u3ay5phX4ke/4ddMKtOpV3NCEe62WH0Sm6gem5YfefnLnd9O99XvoNuxm5Dlhq+7aoWscvxnZTmQqXuiY1t6P6l646wbJwmHLdbyq59iR5zdN6F+R4xaMCV13INCruM3Iq3pxs2lagdewgwPzE7++13BNxQ2dwGtFfrrCrC+vWfWDRrLagjrTbnQIAMDXxvOXJ08ettuHz6Y0TpU2ss+jTQleGbfCN7yJAABgCFUaAAAAAAAAAAAAAAAAAAAAAIAvv3m+/ze1kX0pMJuyrDHBUm/Kz6/OtWZL/Smf/+1CGZ6jkRue0h1ptzN78b+mjfy4mCtxY0VSO9v9gzGnC92KjbmClTbyi9+HV6RxZ8Jra/zg6Ox5OBITzxw7a7V3LPIX/+cwrvH08wmzZp9Rq2f34cq0DTzbyEt6tnKBQ3D5r0UALtf/AgAA///rIkS/")
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20200010}, 0xc, &(0x7f0000000300)={&(0x7f0000000500)={0x154, r3, 0x200, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x100, 0x6b}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x8000}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0xf000}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x1}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x3e}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xfc, 0xbe, "2742017ca147356ec4f341942a805d8d12c570e862a7918b334eb7e036294283b009d549645349f7db3739bcfcecd864bdeec33f14f36ec40eae62a8feb1fcaaae9430b9f92cc4e9863234195c2350e8317b6cf73c3adbf1524405b979c3e854f1268dc42ebc2698d50939faa674971f8b09265f62d4cdbd270e87ff5b8fe51cfbca43037ba97cb9e546f88dc91cf6839f8924df36545610bc8da62739ef5f2845ae0a2da127046dc572181c1b404fce687cd83a5689427f721f007461f3c711380c1d16f7e9ab9d0693e2710988d69386dedf5010f5fea85258d15c32cfb4b7a2c6c49b62fbbc42c7198ae299d793bba7b056ffffb6cf11"}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x37d}]}, 0x154}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x3, 0x0)
r9 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00'], 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000440)=@generic={0x0, r10}, 0x18)
ptrace$getregs(0xc, r9, 0x280, &(0x7f0000001400)=""/173)
2.116405906s ago: executing program 5 (id=849):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000040000000000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0, 0x0, 0x1}, 0x18)
r1 = epoll_create(0x1)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000002640), 0x80800, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000002680)={0x2}) (fail_nth: 1)
1.90615045s ago: executing program 5 (id=852):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bond0\x00', <r4=>0x0})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_xfrm(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)=@updsa={0x144, 0x10, 0x1, 0x0, 0x200019, {{@in6=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32}, {@in6=@private1, 0x0, 0x32}, @in=@multicast2, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @offload={0xc, 0x1c, {r4, 0x4}}]}, 0x144}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==") (async)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
1.042436613s ago: executing program 4 (id=865):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x2c, r1, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}]}, 0x2c}}, 0x4000000)
1.031296944s ago: executing program 4 (id=867):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000380)={'sit0\x00', &(0x7f0000000300)={'sit0\x00', <r0=>0x0, 0x8000, 0x7, 0xa, 0x3ff, {{0x12, 0x4, 0x1, 0x0, 0x48, 0x64, 0x0, 0x80, 0x29, 0x0, @broadcast, @private=0xa010100, {[@timestamp_prespec={0x44, 0x24, 0x9b, 0x3, 0x6, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x42}, {@remote, 0x200000}, {@private=0xa010102, 0x81}, {@dev={0xac, 0x14, 0x14, 0x2b}}]}, @timestamp={0x44, 0xc, 0x7, 0x0, 0x8, [0x7, 0x8]}, @noop]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x6c, 0x7f, 0x7ffc0002}]})
getrlimit(0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f00000001c0)={[{@usrquota}, {@usrjquota, 0x22}, {@data_ordered}, {@noload}, {@grpid}, {@grpjquota, 0x22}, {@init_itable}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))
908.125185ms ago: executing program 5 (id=869):
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000140)='.\x00', 0x40000022)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYRES8=r1], 0x69)
close(0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
897.371666ms ago: executing program 4 (id=871):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYBLOB="01000000000000000000020000001400020062756e64300000000000000000000000090001"], 0x40}}, 0x0)
861.201116ms ago: executing program 1 (id=872):
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000400), 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES64=r0, @ANYRES32, @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f00000004c0)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0))
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafb", 0x240}], 0x1)
860.632306ms ago: executing program 5 (id=873):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1008002, &(0x7f0000000080)=ANY=[], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x200, &(0x7f0000000140)=<r0=>0x0)
io_submit(r0, 0x0, &(0x7f0000000540))
834.243376ms ago: executing program 4 (id=874):
mknod$loop(0x0, 0x100000000000600d, 0x1)
779.675447ms ago: executing program 4 (id=875):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), 0xffffffffffffffff)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0x68f}, 0x18)
ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000000)=0xc92b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r3, &(0x7f0000002980)={&(0x7f0000000180)={0x2, 0x0, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000001800)='_', 0x1}], 0x1}, 0x4000000)
setsockopt$sock_attach_bpf(r3, 0x84, 0x1e, &(0x7f0000000000), 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x0, @remote}})
ioctl$sock_inet_SIOCSIFADDR(r4, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @private=0xfffffffe}})
779.052888ms ago: executing program 4 (id=876):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80), 0x111, 0x6}}, 0x20)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000380)=[{0x6}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
close_range(r3, 0xffffffffffffffff, 0x0)
778.581347ms ago: executing program 1 (id=877):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1008002, &(0x7f0000000080)=ANY=[], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x200, &(0x7f0000000140)=<r1=>0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x4030}])
718.304889ms ago: executing program 5 (id=878):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x2c, r1, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}]}, 0x2c}}, 0x4000000)
705.985929ms ago: executing program 5 (id=879):
socket$xdp(0x2c, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)
599.75796ms ago: executing program 1 (id=880):
r0 = socket(0x40000000015, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2714, &(0x7f0000000580)=""/102393, 0x0)
504.859722ms ago: executing program 1 (id=891):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYBLOB="01000000000000000000020000001400020062756e64300000000000000000000000090001"], 0x40}}, 0x0)
488.556432ms ago: executing program 1 (id=882):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x1c)
r1 = dup(r0)
name_to_handle_at(r1, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=@FILEID_BTRFS_WITH_PARENT_ROOT={0x28, 0x4e, {0x7, 0x8, 0x3, 0x0, 0x8, 0x7}}, &(0x7f0000000140), 0x600)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0xd, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="580100001000010000000000fbdbdf25ff0100000000000000000000000000010000000000000000000000000000000100000000000000000000a00000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000320000007f000001000000000000000000000000be870000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400af0000000000000048000200656362286369706865725f6e756c6c2900000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000200017"], 0x158}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYRESHEX=r2], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000b60000009505651c3dffce6b98a168fe51c72fa709c6aca4bd71f70f1515bd6201dd34f25c0bd48a7f6f6d2b80cc3c1e025450be94ee21b335ab27a136d01657e2228978d6c0488bbb51a534f0008152ee250bfb850536d7c40830f3a7c09fba640cdcb27844b697475a9e5a80fb33670c34817c94fb7252fde7fa7e08e631103fa787831554cc97284028f3ca7c4c98155ef5d93db7131ad68adfd44faca197b07c9f2e8b7f50cbc98cb8021a83a6"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x1b, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
syz_read_part_table(0x60f, &(0x7f0000000740)="$eJzs3D9olHcYB/DvJXlzJoLp4ORS49BJKIqjGaokV8VCOC2F4GD/IdJMEQInPUzRoc2gmEE6dpHCddA4qRmcFIXORRwsQgaXgl2kdsiVu3ubnLSWlkZK8fMZ7nnveHi+7wO/9Xfhf20gRfnUrnbL2x/9ZX97bON5Ie+3JqcOtdvt9rGkkuMpMl5sW04ylBenZleS4b45V74ZXfnq53eL1sOjz946cWdxYH1mNW8k2drfnJE/e5XqP9uUV+HqxN2xc+fnahc6X2rN1bUPkmtPJ+s3jywuLR8uDn7S+f1scq/s7x2MkZxOI2fyWT4c+ttRX2w8Vvrzfz8cpx7Umqtftx7vWdtRG7xxcv/znSsXb+9N5jsR0+ke9g3D/2LpPuv7Nya6+fPjl2aWmgd2X99+eV/j1v36k8Ff2j1lZLE5uQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvBpXOx/n52oXGhOnHtSaq1/+8P17155O1m8eWVxaPjx88FHZd6+sQ2U9nUbOpEgym9l8mrk/jh59SeRMpT9/4u7YufX8X0eTx3vWdtRaN07ufz61cvH23m5XJdOdMrBZW78sv7k6P35pZql5YPf17Zf3NW7drz8Z7PXNVvNxd90k1c1/DQAAAAAAAAAAAAAAAAAAAF5zk1OHdk6/Uz+WVHJ8S5KfPu/esm9XR75L9+Z9z66yPqom25Jc2dL7L4DWw6PPhk/cWfyxvBS/kGoWkmz9tkjy5nrO2Rdji43J/Jd+CwAA//87I43h")
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r8 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
preadv2(r8, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r10, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="240000000f14010027bd7000fcdbdf25110045"], 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)
488.079612ms ago: executing program 3 (id=883):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000380)={'sit0\x00', &(0x7f0000000300)={'sit0\x00', <r0=>0x0, 0x8000, 0x7, 0xa, 0x3ff, {{0x12, 0x4, 0x1, 0x0, 0x48, 0x64, 0x0, 0x80, 0x29, 0x0, @broadcast, @private=0xa010100, {[@timestamp_prespec={0x44, 0x24, 0x9b, 0x3, 0x6, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x42}, {@remote, 0x200000}, {@private=0xa010102, 0x81}, {@dev={0xac, 0x14, 0x14, 0x2b}}]}, @timestamp={0x44, 0xc, 0x7, 0x0, 0x8, [0x7, 0x8]}, @noop]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x6c, 0x7f, 0x7ffc0002}]})
getrlimit(0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f00000001c0)={[{@usrquota}, {@usrjquota, 0x22}, {@data_ordered}, {@noload}, {@grpid}, {@grpjquota, 0x22}, {@init_itable}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))
390.534644ms ago: executing program 3 (id=884):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000380)={'sit0\x00', &(0x7f0000000300)={'sit0\x00', <r0=>0x0, 0x8000, 0x7, 0xa, 0x3ff, {{0x12, 0x4, 0x1, 0x0, 0x48, 0x64, 0x0, 0x80, 0x29, 0x0, @broadcast, @private=0xa010100, {[@timestamp_prespec={0x44, 0x24, 0x9b, 0x3, 0x6, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x42}, {@remote, 0x200000}, {@private=0xa010102, 0x81}, {@dev={0xac, 0x14, 0x14, 0x2b}}]}, @timestamp={0x44, 0xc, 0x7, 0x0, 0x8, [0x7, 0x8]}, @noop]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x6c, 0x7f, 0x7ffc0002}]})
getrlimit(0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f00000001c0)={[{@usrquota}, {@usrjquota, 0x22}, {@data_ordered}, {@noload}, {@grpid}, {@grpjquota, 0x22}, {@init_itable}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))
367.776174ms ago: executing program 0 (id=885):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYRES8], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000001600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='fsi_master_gpio_cmd_rel_addr\x00', r1, 0x0, 0x4000000000000}, 0x18)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x101c088, &(0x7f0000000c00)=ANY=[@ANYBLOB="757466383d302c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c756e695f786c6174653d312c756e695f786c6174653d302c726f6469722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d302c757466383d312c73686f72746e616d653d77696e39352c726f6469722c6e66733d6e6f7374616c655f726f2c726f6469722c757466383d312c73686f72746e616d653d77696e6e742c636865636b3d72656c617865642c00c63b831754d4eeec4cf38c28cf1e3409b9950bbab09abe8d407d1c7c935e034461a37ac3113829124efad15a202673b20ad011cb0f0cedb0cef9f6ec5e2634db26ef8581fd506844d0133ac021c0172b4b36a109949512e8dc6a8c7d603e3ef3cd57451eaee1b0e4804b9ea88fcad7afb59594dcfeaf8d34935fa0e54a36c57d964429e7ec869287810e5d97759017ace0c3f5"], 0x6, 0x2c3, &(0x7f0000000900)="$eJzs3T+LHGUcB/Df7M3OrlrsFlYiOKCFVciltdlDEhCvMmyhFnqYC8jtItzBgX9wTWVrY2HhKxAEX4iN70CwFeyMEHhkZmeyu5dlcxuyJyafT5MnzzzfeX7Ps8PdXHHPffzq9OROGXfvffV79PtZdEYxivtZDKMTrW9ixei7AAD+z+6nFH+luW1yWUT0d1cWALBDl/v+ny+av1xJWQDADt1+/4N3Dw4Pb75Xlv24Nf32fFz9ZF/9O79+cDc+jUkcx/UYxIOI+kWhG/XbQtW8lVKa5WVlGG9MZ+fjKjn96Nfm/gd/RtT5/RjEsO56+LZR5985vLlfzi3lZ1UdLzbzj6r8jRjEyw/DK/kba/IxLuLN15fqvxaD+O2T+CwmcacuYpH/er8s307f//3lh1V5VT6bnY979biFtHfFHw0AAAAAAAAAAAAAAAAAAAAAAM+wa83ZOb2oz++puprzd/YeVP/pRtkarp7PM89n7Y2WzwdKKc1S/Nier3O9LMvUDFzk83glXz5YEAAAAAAAAAAAAAAAAAAAAJ5fZ59/cXI0mRyfPpVGexpAHhH/3I540vuMlnpei82De82cR5NJp2mujsmXe2KvHZNFbCyjWsST7kYeW639hUdqbho//bzt7P3Hj+mun+tpNtqn6+QoW7+HvWh7+s1G/VBELMYUccm5ios9aTC/T9rqIyjWXhpsvfbipbox2zAmsk2FvfXHfOeanuziKop6V9fGu01jKX7h2bjU8xz9efzRrxWZ0zoAAAAAAAAAAAAAAAAAAGCnFr/9u+bivY3RTurtrCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuFKLv/+/RWPWhI9Pz/LHDC7i9Ow/XiIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPgX8DAAD//x0KWZ8=")
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a00000004000000f100000005"], 0x48)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read(r5, &(0x7f0000000040)=""/148, 0xffffff96)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000001580)=[@sack_perm, @window={0x3, 0x0, 0x2}, @mss={0x2, 0x4}], 0x3)
ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @empty}, {0x0, @local}, 0x3c, {0x2, 0x0, @private}, 'lo\x00'})
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000280)=@generic={&(0x7f00000004c0)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r3}, 0x18)
lsetxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0\x00', &(0x7f0000000380), &(0x7f00000014c0)={0x0, 0xfb, 0x86, 0x1, 0x8, "91c7b13ff6f47f6fe637e24bc72ce967", "d677f46e8e6bc64f777da77e22c65a573357893581b1aa86734882601cd7b380822bb5652fa5212d74250a236390dd16d7679d9e876375219cdd2298525c2ef75902a47ca5d7224f670c85396923f2e395a773a6eaafc88a1a2276315d8136629b285d57064facbc2b10620beff4bc22be"}, 0x86, 0x3)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYRESOCT=r2], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x10, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xb7, &(0x7f000000cf3d)=""/183, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r8)
sendmsg$NL80211_CMD_START_AP(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000019c0)={0x28, r9, 0xacf5e67dd0b583a1, 0x70bd29, 0x0, {{0x5}, {@val={0x7}, @val={0xc}}}}, 0x28}}, 0x0)
close(r7)
socket$inet_udp(0x2, 0x2, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x3, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0xfffff801, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r11}, &(0x7f00000002c0), &(0x7f0000000440)=r7}, 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000700)=ANY=[@ANYRES32=r11, @ANYRES32=r10, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r11}, &(0x7f0000000000), &(0x7f0000000080)=r7}, 0x20)
r12 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r12, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, 0x1403, 0x800, 0x70bd28, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'wg2\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000080}, 0x40)
360.774814ms ago: executing program 1 (id=886):
syz_read_part_table(0x633, &(0x7f0000000000)="$eJzs0z+IHGUYB+DfzN7M7MWEC5JCVMwV1ilME4sjCfiHYHFB0cJGLCwEsQhYWMjukYBWiiCIhbEJKBYGQa0iWsidlRqrYCXhsBdEm8DIfrN7dwFtvGBIeB6Onfne75v3fW/n3XBHa4dLtRtZeeiz2aqfTJLpUtLM49e7caZJ3/f9EFhNnv306ceeearL+wcXT69Oym07JGzmyU+8UG5Gu1X6lUeuZmk50+l9n/+8Ndrp4UqdHE1O7m2r7I4z+vDSr9XNvf6jN3OgXA/95y+FO8bltc2V83XfpVl7uZ0P3KPVtOxtz2Z1UlUlON7z0PFvkkxvSf3RYiCrKteefGP74asnZuXqLsnWyvzQotRvpYmN+ar8jqqdcZ7sHG0yenWRf/gFbewWPDX7+LI6eEu6Z7/K/F041367VN7MtY+OXK+qumzVqTN5t/mr7zfmQ3KjHydHV3OgLnPT3e7mAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu8pSknbP+vhy8sA79anUVfLTEMrysLeRZJTkh2p++L1u3/Uvr22unL9wbjndPGnTNmnXf7946NiPW03WL5b2Diez7br8lT7Gz5XT7b4b4LYa3n+Tt19f+7MZQgczvO3c+8t3y4tzf7TjyZHXynKajBfhL/akqk6Wac7i8ZlhQO+5uaahAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC72+NPnFk9e7ruklTVOEl9+NJm2ZmWz74f5f6vn//kle9Pj7deSta7r5LcyJkqL/Z78pzthuuVOl0eTI4tzVZttt9KPv5gdj/aOVvN0vaT//Pf5F/8HQAA//+xAmhm")
lseek(0xffffffffffffffff, 0x3, 0x0)
syz_read_part_table(0x104b, &(0x7f0000000000)="$eJzsz8EJwkAQBdCfbBI0B7ECu7IVz3vQZmzEslZUEm1ARHjv9Hf/MDDhp/pknyFlfT2Nm4xpJbm1JPM62yVT1x7FYZymJKddci6vpv9Yu33HYQm1pdb0l7J8zDlev3weAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyFewAAAP//iskKaQ==")
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
close(r2)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
mount$9p_fd(0x0, &(0x7f00000006c0)='./bus\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000140))
syz_io_uring_setup(0x822, &(0x7f0000001080)={0x0, 0xbdbb, 0x800, 0x2, 0xa7}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @typedef={0x3}, @ptr={0x0, 0x0, 0x0, 0x2, 0x4}, @volatile={0x0, 0x0, 0x0, 0xa, 0x2}]}, {0x0, [0x0, 0x0, 0x61, 0x61]}}, 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
pwritev(r4, &(0x7f0000000480)=[{0x0}], 0x1, 0x1000000, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000740), 0x8202, 0x0)
ioctl$NS_GET_PARENT(r2, 0xb702, 0x0)
mmap$binder(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x11, r5, 0x8000000000000000)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0xa}}, 0x20)
ioctl$BTRFS_IOC_GET_FEATURES(0xffffffffffffffff, 0x80189439, &(0x7f0000000000))
getdents(0xffffffffffffffff, 0x0, 0x40)
268.849246ms ago: executing program 3 (id=887):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, 0x0, &(0x7f0000000380))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
ioctl$sock_inet_tcp_SIOCOUTQ(r3, 0x5411, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000300)={@empty, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@void, {0x8100, 0x1, 0x1, 0x8}}, {@canfd={0xd, {{0x3, 0x0, 0x1}, 0x25, 0x4, 0x0, 0x0, "43198d909989134a01d1b7515d31d8e589167997370b4399b1326158481d20564af8a58d9d914d480da36a443a81f52736d58d0280be75ccbcece6e45783dc1c"}}}}, &(0x7f00000003c0)={0x0, 0x2, [0xff8, 0xb1b, 0xb86, 0x134]})
io_setup(0x5, &(0x7f0000000600))
setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000200)=0x1, 0x4)
r4 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000280)={0x0, "50e1ff295cce310330f653165565481756b219dc31d2a34e747c21acec60e2cbe6d3bc22d25d1a49d8b66a81a766473d7523a4022dff6b585d8b6a82e43a4386", 0x22}, 0x48, 0xfffffffffffffff9)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000400)={<r5=>0x0}, &(0x7f0000000440)=0xc)
syz_open_procfs$namespace(r5, &(0x7f0000000480)='ns/pid_for_children\x00')
add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r4)
sendto$inet6(r0, &(0x7f00000000c0)="3f0f72e72aebc49262de22ae60a522dd9645c8d0c11bdc8a27dd7063f396a77a7f4c9248b8f6d2a3e2b868421c3aa2c3d0605d097893ba265a0cd547c48855a87468b0796dcbf5f2a082e76589e1a6a2b16083", 0x53, 0x20000045, &(0x7f0000000000)={0xa, 0x2, 0x1000, @empty, 0x9}, 0x1c)
190.175807ms ago: executing program 0 (id=888):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1, &(0x7f0000000040)={[{@usrquota}]}, 0x3, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r0 = open(0x0, 0x0, 0xa0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc2001}]})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000ff0f0000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kmem_cache_free\x00', r2, 0x0, 0x8}, 0x18)
fchmodat(0xffffffffffffffff, &(0x7f0000000180)='./file1/file0\x00', 0x20)
kexec_load(0xf5, 0x1, &(0x7f0000000b80)=[{&(0x7f0000000300)="33c7", 0x2, 0x0, 0x401000}], 0x0)
150.679848ms ago: executing program 0 (id=889):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0x7, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB='O\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010300000000030000001c0000001800018014000200626f6e643000"/38], 0x2c}}, 0x40087)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000001880)={'team0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000001940)={'tunl0\x00', &(0x7f00000018c0)={'syztnl2\x00', <r4=>0x0, 0x80, 0x20, 0xfff, 0x100, {{0xe, 0x4, 0x0, 0x9, 0x38, 0x64, 0x0, 0x6, 0x4, 0x0, @empty, @remote, {[@ssrr={0x89, 0x1f, 0x79, [@remote, @broadcast, @broadcast, @remote, @remote, @loopback, @private=0xa010102]}, @ra={0x94, 0x4, 0x1}]}}}}})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000001a40)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001a00)={&(0x7f0000001980)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="000426bd5000fddbdf25190000002600010000000000", @ANYRES32=0x0, @ANYBLOB="080003000300000048000180140002006c6f000000000000000000000000000008000300030000000800030000000000080003000100000008000100", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB="0800030000000000"], 0x70}, 0x1, 0x0, 0x0, 0x10008855}, 0x8000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001a80)={0x12, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000010f80000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb723000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @cgroup_sock_addr=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd, @void, @value}, 0x94)
fcntl$dupfd(r5, 0x406, r5)
sendmsg(r1, &(0x7f0000001b80)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x2, 0x4}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000080)="52129382539cc8af91740a4e3ce0bdc70ae4d457e31508ce6b2ebc9e098e2a114eb5d016014c78", 0x27}, {&(0x7f0000000180)="b752", 0x2}, {&(0x7f0000001800)="7124441e2e695fd409c42e324275f493557fdac90c2c9558ab4e1f6bbc4e3062663d7a05adcdd23a4f9a2d4649d56b782afc411114d6576daf635abd8d9a986b6c35f536a3a2374888b0aba8366f5437cb6728d17496187256fbb0a4d1d48d34a57fb8662bdaf66655c36e5d1e31dcf03a48", 0x72}, {&(0x7f00000001c0)="53fc99c79c46c257b1fb02b552", 0xd}, {&(0x7f0000000600)="dbcd98880a3320993bc33ecba4cc1401354763550855f30415f42f4deaf3624eed5893c39172c34c5e94de941032a3a38112dfa882783063bf23d56a195bc9be6bd88af8aa463ea848d3cceef68a2646d60c9d9247c337d306c73d7e49dd9db4a3cdf16967369e62c3295c484c1aab9629d7082ab6cfdf08f0344bda14ab6e5fc883be65184ce90fa9512e0c336fe2590736fe276954bf4b85f9db2b53d1aac85c895bb42691fa6f94544efd15d1bd0d260fdfb7fd0547a974402bc0ec8c80273064d87289d02ceba9bc06979c7d919f972474b246c4eb2434bb323cc105ac472675e1788472c7b096d9e9cd0481dc4e5f9728f7c7e9aec97ae29267e48d4d", 0xff}, {&(0x7f00000004c0)="e747a1147f01e06582f284a5f55021d222483df627ed747383d0f66cb7638b40bf77bd9e79bc4bfd98ce0613a1bb1d4e7a812b9f197e", 0x36}, {&(0x7f0000000700)="7e136fd457447de122b8e549b553b9a4f2cb2019017d54c9a1c32d11040a19370257ac5f4b72e1087561ad4bd1d39692c97a4146f17ddc7dee9a8158b3a5eb69fcbb594b72450f13a7218c53647968cdd58b35adfc1d8b63ec0c10645294f1c58abdf7dc9b2d607ed6e81284e5da9d212e3de753fd652538ec2930e03750511b59e2e928a0222ede4be6baa44f389e527a75bda38274a9ee317541233bdd1c2e2bdcbbacfaff6c2e39e078076018c710b1178a11d9dd7f203098", 0xba}, {&(0x7f0000000500)}], 0x8, &(0x7f0000001f40)=ANY=[@ANYBLOB="f800000000000000fb010000ff0100004ba25ea219994bd1b703bb499887695ad2f3e52d9741ab3eebf8c7e04d7cfe96ba2861704d4a80a217876d3e7bb183a33ef089bd4a5b550703444b7c2854dd457d697a3dfab1556ff7baac1ff5ce16ddd4d5e3c64dc748e4dbce6bad9593d53610cb54b160c503e37cbddd8f334a11a00e615dcdb747847f7a2e5efccc8524b7951f52f012874fd3e73155f319d4a8840e324ab9ac2660dfbc15e33db2a7caf2c59a20e58aad181c6b0bdb9bf7cb568e9f23c893a460ad9a67738e7f52772b58941ac6c2948384796625e41d6b06320e067e5f51cc8d0b28619bbe14b331fd93988d9fc48cba5a00004800000000800000010000000500000047c2925fc35230f754f8041754b90152e4c76cb7a7c45fb3f91c291dd189c6ce701cce4a4bd6a0e36e35795be1bdfc1ba197df000000000070000000000000000e01000000000100771b2def120627334da79863bc9e13d97b6a289e53382deebdec9092e16a5f3c24e692e87b1d603348f39cb0fd41c7f15e1acbfdd03ac14b19da4785cf39d5534df4af4410fd5e5ed2e98f5e99ad81c493ccae7adc3384010293e903b641000040000000000000000901000001000000419e074a57716d9e4a473b434ec3c65d623768752fb094af405372e5f2b9203fe196ac51cc19d3484528207c00000000d8000000000000000600000001000000618bd27a216e2b3cfd5159059cd3e03af76a1f1a17e2b1e5be5296e65877594113afd47caa11859e2a7b22304ad6bfb8929a265d78a2caaf148689d93d21a53a83974c389e6cbcf04617d929b6bfac917b77f743b13f0a287104cbbf29e1745a4deb35fc1a9e4023296325fe8b027eec86e38f0f0a5c05f4ff665a94b2c70cdd38fa9ca0785b22882b397e66e231b6cfc64587c6453402146931ea31aee64885aa22c45200f89412e5ff3612a128d34c376b0e75551f925b7d01755957ced94a3024038355000000273f25874b73202b0291160caa3931a3160ac286cbc00ca72346b8bd03bb9f743c84162b7457a686ee34c3bd0f45d8b4be8b86ea1820f2cc1180b38bd1388b5a90ecb5e37b785165d08fd7469d0eacc9962a010c06746f9c909c32b746e62e0be6cd8b0f213949260b462b5dafeefc67bd731d65dc2b67fe61003f75bf7eff0ed32bb2c48a7e75a2030c97349166677e3d95a558e184c29bdf2b9a181cc7a8c056a5ac7d56d3"], 0x2c8}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r6}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r7, &(0x7f00000007c0)={0x8, {"dc5d3b0169633d3eba3eabbc09167be55101d4af4b22a373236464d2dbfaa84399b77bd438a54364a7ebc5bdaab4f9decb7c044318cd59a0af8279bcab35dd7daf7a0ceb381df2c32eff45b13e2c8f40e1895355bf6f165200cb1ca41a155730ee2e9f83183f9fafe029d0401b0770618254a8b2dc87b630072b1e2de160d1afed51b74c14b71ec1b226a324482d14ad586b1a4ce80e458fe45244c01eddeddf3564af838d6d5324f8a77023d6eb7aa14397a0e1413ea1c3dfdf063a35b709e627f36fe403ee3117365be5017682f53595f28543062c740a94a794312f5cebc315044b8ea000a5d0f27812ab0ce149d11e6f6f7620c5f3e250bf67d13a1ca39dbb7b8b5a31e3d7ba7ebe5849a7a09b61fc9f2cfc54b89e9cd0105bca49483ce55e0187ce2ad692a18219d881057c838587b915337169ee054655f26a04df913a658fccbf4def6aad750ca4796b74d322c67e9d4ee6a530a22dcc35db850b424d6ec9f62495b9f9fd2b000feadd57d26dbd505798c208d91eb0aab0fd97537631b8bf81ce0e2241c4272be4ff69b390e4485d574146b76d1fdbf7fc5334906805534cdae1e47240af7761a18fc8bd0a694be47529da98bc0f98eb7db3fc4a74cbb6e486f4de90fbf2452e72c2e1dca44543ad9ad094b8bc861eef1e814662d0b350339e3a510d459c6f83aabd5fd3dcb38224056d761e7df9b482b9905f1e2135c1929be328ecdb69c007a3efd548502c83106f6df1ab1178fac499eda92ad4373155227ec2df150c919d322ecb3ea37e659285f18a3e2f79b59900ca438df3a1381380a12d3ad7678e0a8d3bdfb40651389b4ac8c66138d442d70eafdc2df8b080028006b124e4ebe0d9883ef100f1934e42794146382c1d628fd2ebe5859b6c243824903d056d800975675bb1913142adbc039a9c68c2f146a0e8903447313f5e5549905f397a9b1f21a93b80c4d04a8ea7a29a50fbc5407a9305bba420edf898ea678d6879489c39692c99bb6dacf61f5f97637b94c1031d635b5423b38b9196fafaaf87b2796eadc21466af5a10281e6a808748969d29efb444c99a4cb2111732a792dbca4376a125a68f7cdac065cc6173dc21caafba48c742d9a7df2f771ff2f5725b22c247d4e0c6106f9f5f6929b69929ab37e9a9b326ce618bb702b883b12026f1300f21f2c7440cac8c5f1210a78aa067211d2827f5dcc7578252c2ccc3f67bab9d1bb6939b21b550788ef550acfed4bf50c0b4fb3ca4d2872ee64f95d611a317d9daaf373a10d868680b2226396c95fa2b0ab4d6fce06c3b42cb97d17a7b5089061537fdeb1a53040869f7befca330358fdba86754fc2e46c2113e1484cb37534af8f0408a7ee313778dab49f08229964298f847ea66c4ec319f64b6a12da585bc59e82e0263c507b397d3efee3b4066f4d25566aa1549f6185f6375f84b65fa8945148b90430c86a5b6fdf58d5c812b98d9dc621fd9a3d9f1a577495356516d1cbcf5e8bb8923b54b247225b9c3892b18a9e137f3620c734052af9dc8f1ea36f0d4592d5ee32e35676a84dc891f97456f2ac3a4ab58a42bcdc221a4ac8bb28d428add2fcbe5b110a8afd5d23b31e827bd16167b2d88cae024afc04a722ac0b4d45c52512e6b6f102aac4be21bc89ce246539048370553665b0a4336a6db99d0d19399be6437bf21419304331b4342b2c1db580f0c9bf681fdb8e9fa3e025454197bbc82ef93ee2f385660818ec5127080675a8013766469afe3b1e36e81bf2f04c3a26eaf4517551e734d21ba3bc90e48aea0891792970c39f3f528397e9b7ae190f1760fe5960dc763ee0a17939c60bfcac0a8914be82c749e4fe85d1ac5fa733413468fb8941085e8c4d6e0b6d1e62e20da58440facd640ddbb6c1f694b3ca48757a34c5a11668368711a1d4f3a81d31ac30d71277d7ae77882b6841cfa6289e6cce84a3ad57eeb328f831888ac7d3cfcd3a472a48d903f20cec8c8ae8d0bea04ebf7413ef7693f8ed876e49bd5f89d7e1078208ff62712e330fc0341b9ccf26845578d44b1e0c66d1bebc14742baedfabb8e9a2c8f42730360c72997efe0ce786ff330c2eb6e0ff20896f813c2a515ce76f826c11a1c1588eb369231ddeb4a2f9f9591ecdecc74d20aeb50047beb3ab89a9e4e1b805a20b645c79d0bc5d0247fab8ba46a97a07630b1f1cb69b42b568af746733d2c581f057873d64fe6e659b00b4a26745f5fba1fe7406a86b007936c7cfdac53a4c5b0ea9f6604863c8e3f174eddbb09175f6e13cda9a860cf400ef9ed02b895502ac6e6de6a658249c3c6e8a653517eae2231e56e0f120547923c6549ebc1ed14c623637ce3d96af5c93a32e58e2d9659d8b5b145888b52d9a5b5cb3cdf594eb137bcef2ba068cfd2c6ccf7ab6e5b4ec55e9197bfb91c9b8729f7b50cf0b0326f7ea3e712c77674d48545ca2a86744c3c38f149d69cf811beacf7e5f49c7bfba20f1dcf3d7bc0b9c796016820a46495d244c9606a06fe2e14233eda78d69ae4523ad7b708b0c7ead44d7fd376fed60e3cc2ee25e9600adfbe87ac7c8fb8269aec9459602af0f420becda6120ce7d9626c65ae7f860639e8bf664eb4301ec18add0e436c0356c12ab6b4ca35da2b43c4a8c239fd0b59a2ce94843cdfa1667053165053633b062844dbb0d00070fde74fa3178eb5f1f5fd02e2088d8690379f39ab22c080cdcb29d700bac74fabd8a356fe99afe83a5d99aa5024e9158a299eda6c99b6701e64f1d68e7e2c0c6e88396bb535a02d0948f0a250a6e090041c96d9c9acd6134d44d516fd1010c39e572b86b05bb1326a2a4f23f11181186f9c2a01dc7b58c0129f4b851ca9b1e3dc35db7364e29ef646211796b1651511e041345abce427fa5d6e48b8fb078c8432061a4cc518a8f2a2caf709a5c1473a62112a6650afc64eec12f8f9c08cff1b6fbf7a1209fc8661f62303b7c5d49c1d0b32a9f37e81ed9ab6193816d40995ed49c10b9f5752e04d57535a3d16f06c65d32846c31ec9787ec4a965679eb804e86b45d007f38d8104550770dc6f313bc846e43a14a8c21d0628c744e3e83cb998d1b7acfe996541a8c03852dadf9326444c582b481cae844e4f3fe3d638903b38f24633b63adbad841ac6c4c1169d781a0e271e8a967b1c7e986fcb3a66168e86e3559a44fcfa92452260491da9397659af60453f4cd4be2d15439445ec2b4366a79d3283da912d9d499df1242bd174edc235848caa21d2c997aff0e95c7e5cc0803c90fab84e7be7b37909d0e2f3bc9974e3388acb6800baba183ecc8eea8c71c0d65d669e41f99ceae523b7a6b772f3b8ebba1d2127ccc3ddb7ddcb4ec73cbdc26fc87c3848e258a0b5484d3a13e40ec4e4a65dd92f09e9fe1e3e2f8b96c4e363aa3683860dee62dfcf8823ee4a3593a092e0bd9c4cedacf44a272faa164447b01f46a7795642a40c61b0034a37f0e9b792428a0ddcd144fe8263088eaac8016f8f1cd30b55ac90a8f10d785b7570dd9e639a4a068d3fe98a420b9f72e79de817f676c2a224300d749571ad43f49d1fbe838f4566bc7b5f104c384ad87189213152b644d9fcbdf98bafeee569d640ce9045779f1d90024c023a7480a358dee276fba139c14b4fdb12885240903d0e61dc161659a68f62c92b899007e0f2b65bf0a069e9e57c9b6ae50a3b30dd1003fb0eead73ae2f6010b3b356b4060579a4f29935e1f00c01d12e5f44e8e3163d81dfef7ca8560604240c7e96e4454c6971614df306c768121abb3f628e3f1d2d026f58d1087334c5bdb74d7c949b0ee66a4531ba4e9b922aee3d0f802ed034734507a5913c52966f1f8bd4577840de0253aabc23299dced2a299859c07af9fb0f9c29b6533b9d84d471390d59ab315f5ddb226f6b8dd7889295f0fb1f7bd1adafe4cc520a1e84bf2a59d5b9795aeafc8d6fd66a8228aba8653b98622617ddfeb5d6795c9bd2f35d4a0c386e862675a50e3314c3fbb17aca151c13c7fc8b1d1b72ed0a958537b5ddc9e74bddc2b9571ec3f2b7775b125338d4852a75a63941564c65bb36dfb6bea4aab1ae7a4f285c2177aa98406eb2cc10934aa92d5a9612d4455c84ad200841d289b5c2d5deab0d8e2459598ef183d3dc47f6bad0b9513710600cfa4d69fcd5763cdcc4f2c2b7cd7d4491fd52f4aec82ce846c0988f6f0123e21e900d39c61085e68c9badc350b44004f6c042d64b0d0cbf91ad0592b198f1eeea1e52200bc8e6d62848d6884b10bdde72466039da488be6b340c23148f666f2fe6e032c07dac43586df182aca9116f4600313fa8375c76337ba86bdc391dae6450218f58f047ced64befc6bb5c2a60024669630a6279fedf2fe45e7e19ce582ad96ae0d023eb9b39f5f1e666e73bb038ae38157275be5eb3e7cbc8b05adf53e817646bdc2cfce98e5d162bf7faaca787db8717ab8b27b9e35609c5fb9fe9def07f010df8b43cf5c96851eadfdeff0b7bc5826e7e15490ae9c3d14166ee81bef007070e7981235a673804ad89943ee6b51ac63364f7870e121e6ff23a0c7d179527cd58dd7a4ca37247c2bd9efc79b720bb1ee2d39862e98cb81e93cf5b48d5d02ee8ac737ab504c867a1c49e678300803c94fbe978dea918a1e71b9791ee1e4d30056e86c26a4675a8b090be2365c0b451a13ece52a89a7057fe2052e11c6666eb916d823ea66bf217c320acba3b714910734b2d27c2fa586bd7f7664b0d1422adabad2ce2afc10270057f11940fac1a51d023ce48bd04ea39b7f99381b239fd0ddeea0dce7863ec1f8f61775013b6414ecf86e686a340a3148f87a9d7d60a1f2da53436d16fc88d6a4e7c3d55e0dd004cbecc15a5558eb705d82aacb1862ddc251dd5d9cbf1d78f97900ce6e8dab0ea678cb823bd1e7bbd1e927841af08f5427878c19f4f322228f9b36287fc13e7c1293ea875ae73815e052d6c2ebc40df8f7b9d1f76e0b10e35aa160944983d8e6b790df0d9b13f3460657336d81f7d83c0350324b930ec9c7557ce12887f76372e126f504b0980fea27f31a780c05187b9b5353dafc6b101543b24332b96e15bc26b19062e52fa9f86d260ee3a3bc92a133e328407bb85357ee5c45cb87228f44888b14941b5911b050e9319fe88033f830a8490917a9c0572ebbc5492b4e1083a2e3d77215a34abef947b5b9a950e780662de18873e55899c92db3ad3d437e8407890afa6b0c04ef861b8bc85fbbe1bb67b3d9ef001409f84b8ec4f01d861cecc143a805b981ab5cf5b605057b63cb2c84ec358e510a69cd8c33a8a62fe4680d0c980145cc709157832bfaef261cb0466c237376ca2944ce9affffd4b1dc7cc9511da0b34bffb9ac216fb8cf7c6572d95627787720d1ba67c6512fcdb16f6329e9668681c404efebad559f81f05971b5efb6b4cca97ad0346753cc0a40a877242d8a808c602b03dc962cee38e646cb18abb079c70d357c30738a70f55cd3c5956a83a1bfcd6649dd765f16bfe968066345df7380bbc0c16b3b5af513d6458c791343952f33a051c5d711c1f35af1b47f3db9bbfb5c7c636b3a2b52805d606479879be0b404a28ade5649a3185e0f85a85fc15cd824671c2befdd0da509597c87d869f0bd7ad163ad93ca28fc0c4025eccaafe385ec3fc06c54ebcd7b07b6c7e0197c5b9ef886159a1585ae45248f865be760db6f5bc8f868fc6aefd04e34ecb51159e4cdcc2214b42b1ca9caec13ba3e1b2e7a3c736977b226213d265c2873195122a9b448088c8b50edd549be41c38ab176807b75e7267f86e4", 0x1000}}, 0x1006)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmmsg$unix(r9, &(0x7f00000bd000), 0x492492492492846, 0x0)
connect$unix(r8, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000de7a8af8ff00000000bfa2000000000000f8ffffffb703000000000000b70400000000000085000000c30000009500000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0xffba, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000001bc0)={0xb, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r11}, 0x10)
r12 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x213b, 0x80, 0x1, 0x151}, &(0x7f0000000300)=<r13=>0x0, &(0x7f0000000340)=<r14=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r13, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r13, r14, &(0x7f0000000200)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x42, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, {0x2}})
io_uring_enter(r12, 0x47bc, 0x0, 0x0, 0x0, 0xfffffe64)
110.716778ms ago: executing program 3 (id=890):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
close(r2)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unshare(0x20000400)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={r7, 0xe8, 0x0}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x1b, 0xc, &(0x7f0000000480)=ANY=[@ANYRESOCT=r1, @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095", @ANYRES16=r8, @ANYRESHEX=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r1], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x2c, r1, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}]}, 0x2c}}, 0x4000000)
109.788928ms ago: executing program 3 (id=892):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d00000085"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c00000000080104000000000000000007000007140004800800054000000009080001000000fa2e050003002f00000006000240080500000600024008050000090001"], 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x4840)
90.214739ms ago: executing program 3 (id=893):
socket(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)
syz_open_procfs(0x0, &(0x7f0000000180)='net/tcp\x00')
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
bpf$PROG_LOAD(0x5, &(0x7f0000002f40)={0x11, 0x6, &(0x7f0000000b80)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce935b0f327cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b7"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xc54c295c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='fib_table_lookup\x00', 0xffffffffffffffff, 0x0, 0xa}, 0x18)
r1 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x400, 0x3, 0x8002ae}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x109880})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socket$phonet(0x23, 0x2, 0x1)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xf}, 0x9}, 0x1c)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000140)})
close_range(r4, 0xffffffffffffffff, 0x0)
61.151939ms ago: executing program 0 (id=894):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYBLOB="01000000000000000000020000001400020062756e64300000000000000000000000090001"], 0x40}}, 0x0)
27.39419ms ago: executing program 0 (id=895):
r0 = socket$inet6(0x10, 0x2, 0x6)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x16}]}, 0x10)
sendto$inet6(r0, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a0008000ac000", 0x19, 0x0, 0x0, 0x0)
0s ago: executing program 0 (id=896):
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000400), 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES64=r0, @ANYRES32, @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f00000004c0)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0))
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafb", 0x240}], 0x1)
kernel console output (not intermixed with test programs):
54.152390][ T4529] RSP: 002b:00007fd298297038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 54.152412][ T4529] RAX: ffffffffffffffda RBX: 00007fd299e55fa0 RCX: 00007fd299c2e169
[ 54.152426][ T4529] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[ 54.152440][ T4529] RBP: 00007fd298297090 R08: 0000200000000680 R09: 0000000000000000
[ 54.152454][ T4529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 54.152468][ T4529] R13: 0000000000000000 R14: 00007fd299e55fa0 R15: 00007fff01a995e8
[ 54.152494][ T4529] </TASK>
[ 54.587257][ T4535] loop3: detected capacity change from 0 to 512
[ 54.605312][ T4535] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 54.625853][ T4533] loop5: p2 < > p3 < p5 > p4
[ 54.630582][ T4533] loop5: partition table partially beyond EOD, truncated
[ 54.632470][ T4543] FAULT_INJECTION: forcing a failure.
[ 54.632470][ T4543] name failslab, interval 1, probability 0, space 0, times 0
[ 54.650329][ T4543] CPU: 1 UID: 0 PID: 4543 Comm: syz.4.369 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 54.650382][ T4543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 54.650393][ T4543] Call Trace:
[ 54.650399][ T4543] <TASK>
[ 54.650406][ T4543] dump_stack_lvl+0xf6/0x150
[ 54.650429][ T4543] dump_stack+0x15/0x1a
[ 54.650462][ T4543] should_fail_ex+0x261/0x270
[ 54.650489][ T4543] should_failslab+0x8f/0xb0
[ 54.650510][ T4543] kmem_cache_alloc_node_noprof+0x5c/0x340
[ 54.650541][ T4543] ? __alloc_skb+0x10d/0x320
[ 54.650562][ T4543] __alloc_skb+0x10d/0x320
[ 54.650602][ T4543] netlink_ack+0xf1/0x4f0
[ 54.650626][ T4543] netlink_rcv_skb+0x19f/0x230
[ 54.650647][ T4543] ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 54.650699][ T4543] nfnetlink_rcv+0x187/0x1610
[ 54.650727][ T4543] ? __kfree_skb+0x102/0x150
[ 54.650753][ T4543] ? nlmon_xmit+0x51/0x60
[ 54.650778][ T4543] ? __kfree_skb+0x102/0x150
[ 54.650800][ T4543] ? consume_skb+0x49/0x160
[ 54.650873][ T4543] ? nlmon_xmit+0x51/0x60
[ 54.650899][ T4543] ? dev_hard_start_xmit+0x3d1/0x400
[ 54.650929][ T4543] ? __dev_queue_xmit+0xb76/0x20b0
[ 54.651033][ T4543] ? should_fail_ex+0xd7/0x270
[ 54.651070][ T4543] ? ref_tracker_free+0x3b8/0x420
[ 54.651106][ T4543] ? __netlink_deliver_tap+0x4c6/0x4f0
[ 54.651167][ T4543] netlink_unicast+0x605/0x6c0
[ 54.651199][ T4543] netlink_sendmsg+0x609/0x720
[ 54.651227][ T4543] ? __pfx_netlink_sendmsg+0x10/0x10
[ 54.651337][ T4543] __sock_sendmsg+0x140/0x180
[ 54.651367][ T4543] ____sys_sendmsg+0x350/0x4e0
[ 54.651449][ T4543] __sys_sendmsg+0x1a0/0x240
[ 54.651563][ T4543] __x64_sys_sendmsg+0x46/0x50
[ 54.651584][ T4543] x64_sys_call+0x26f3/0x2e10
[ 54.651637][ T4543] do_syscall_64+0xc9/0x1a0
[ 54.651659][ T4543] ? clear_bhb_loop+0x25/0x80
[ 54.651678][ T4543] ? clear_bhb_loop+0x25/0x80
[ 54.651697][ T4543] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 54.651754][ T4543] RIP: 0033:0x7fe61a8fe169
[ 54.651767][ T4543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 54.651782][ T4543] RSP: 002b:00007fe618f67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 54.651798][ T4543] RAX: ffffffffffffffda RBX: 00007fe61ab25fa0 RCX: 00007fe61a8fe169
[ 54.651808][ T4543] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000003
[ 54.651819][ T4543] RBP: 00007fe618f67090 R08: 0000000000000000 R09: 0000000000000000
[ 54.651829][ T4543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 54.651900][ T4543] R13: 0000000000000000 R14: 00007fe61ab25fa0 R15: 00007ffce38a6008
[ 54.651918][ T4543] </TASK>
[ 54.926021][ T4533] loop5: p2 start 4278190080 is beyond EOD, truncated
[ 54.926682][ T4546] hub 1-0:1.0: USB hub found
[ 54.937585][ T4546] hub 1-0:1.0: 8 ports detected
[ 54.938527][ T4533] loop5: p4 size 8192 extends beyond EOD, truncated
[ 54.971694][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 54.987500][ T4533] loop5: p5 size 8192 extends beyond EOD, truncated
[ 55.043843][ T4552] netlink: 36 bytes leftover after parsing attributes in process `syz.3.371'.
[ 55.061494][ T4552] netlink: 36 bytes leftover after parsing attributes in process `syz.3.371'.
[ 55.134542][ T4527] loop5: p2 < > p3 < p5 > p4
[ 55.139346][ T4527] loop5: partition table partially beyond EOD, truncated
[ 55.166844][ T4527] loop5: p2 start 4278190080 is beyond EOD, truncated
[ 55.187144][ T4527] loop5: p4 size 8192 extends beyond EOD, truncated
[ 55.201713][ T4527] loop5: p5 size 8192 extends beyond EOD, truncated
[ 55.419671][ T4546] pim6reg: entered allmulticast mode
[ 55.431686][ T4583] loop5: detected capacity change from 0 to 128
[ 55.628479][ T4590] loop5: detected capacity change from 0 to 512
[ 55.637028][ T4590] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 55.674807][ T4359] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 56.131868][ T29] kauditd_printk_skb: 201 callbacks suppressed
[ 56.131882][ T29] audit: type=1400 audit(1745202974.966:4364): avc: denied { tracepoint } for pid=4604 comm="syz.3.386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[ 56.165915][ T4605] netlink: 12 bytes leftover after parsing attributes in process `syz.3.386'.
[ 56.175780][ T29] audit: type=1400 audit(1745202974.996:4365): avc: denied { read } for pid=4604 comm="syz.3.386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[ 56.195089][ T29] audit: type=1400 audit(1745202974.996:4366): avc: denied { setopt } for pid=4604 comm="syz.3.386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 56.215179][ T29] audit: type=1400 audit(1745202975.006:4367): avc: denied { nlmsg_read } for pid=4604 comm="syz.3.386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 56.240140][ T4605] loop3: detected capacity change from 0 to 512
[ 56.256199][ T4605] EXT4-fs error (device loop3): ext4_orphan_get:1416: comm syz.3.386: bad orphan inode 134217728
[ 56.273784][ T4605] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 56.286697][ T4605] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 56.302074][ T29] audit: type=1400 audit(1745202975.136:4368): avc: denied { append } for pid=4604 comm="syz.3.386" path="/88/bus/cpu.stat" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 56.333030][ T4605] EXT4-fs (loop3): shut down requested (1)
[ 56.338986][ T29] audit: type=1400 audit(1745202975.166:4369): avc: denied { map } for pid=4604 comm="syz.3.386" path="/88/bus/cpu.stat" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 56.361617][ T29] audit: type=1400 audit(1745202975.166:4370): avc: denied { ioctl } for pid=4604 comm="syz.3.386" path="/88/bus/cpu.stat" dev="loop3" ino=18 ioctlcmd=0x587d scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 56.387980][ T4603] loop5: detected capacity change from 0 to 1024
[ 56.394780][ T4603] ext4: Unknown parameter 'audit'
[ 56.423817][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 56.448731][ T29] audit: type=1326 audit(1745202975.286:4371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4613 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 56.472159][ T29] audit: type=1326 audit(1745202975.286:4372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4613 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 56.495597][ T29] audit: type=1326 audit(1745202975.286:4373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4613 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 56.524176][ T4616] erspan0: entered promiscuous mode
[ 56.530641][ T4616] batadv0: entered promiscuous mode
[ 56.536961][ T4616] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[ 56.544978][ T4616] Cannot create hsr debugfs directory
[ 56.563574][ T4620] FAULT_INJECTION: forcing a failure.
[ 56.563574][ T4620] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 56.576875][ T4620] CPU: 1 UID: 0 PID: 4620 Comm: syz.4.391 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 56.577064][ T4620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 56.577079][ T4620] Call Trace:
[ 56.577087][ T4620] <TASK>
[ 56.577097][ T4620] dump_stack_lvl+0xf6/0x150
[ 56.577139][ T4620] dump_stack+0x15/0x1a
[ 56.577212][ T4620] should_fail_ex+0x261/0x270
[ 56.577241][ T4620] should_fail+0xb/0x10
[ 56.577264][ T4620] should_fail_usercopy+0x1a/0x20
[ 56.577369][ T4620] _copy_from_user+0x1c/0xa0
[ 56.577399][ T4620] copy_msghdr_from_user+0x54/0x2b0
[ 56.577426][ T4620] ? __fget_files+0x186/0x1c0
[ 56.577448][ T4620] __sys_sendmsg+0x141/0x240
[ 56.577532][ T4620] __x64_sys_sendmsg+0x46/0x50
[ 56.577615][ T4620] x64_sys_call+0x26f3/0x2e10
[ 56.577640][ T4620] do_syscall_64+0xc9/0x1a0
[ 56.577664][ T4620] ? clear_bhb_loop+0x25/0x80
[ 56.577683][ T4620] ? clear_bhb_loop+0x25/0x80
[ 56.577704][ T4620] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 56.577777][ T4620] RIP: 0033:0x7fe61a8fe169
[ 56.577794][ T4620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 56.577813][ T4620] RSP: 002b:00007fe618f67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 56.577834][ T4620] RAX: ffffffffffffffda RBX: 00007fe61ab25fa0 RCX: 00007fe61a8fe169
[ 56.577847][ T4620] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000003
[ 56.577859][ T4620] RBP: 00007fe618f67090 R08: 0000000000000000 R09: 0000000000000000
[ 56.577871][ T4620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 56.577956][ T4620] R13: 0000000000000000 R14: 00007fe61ab25fa0 R15: 00007ffce38a6008
[ 56.577978][ T4620] </TASK>
[ 56.770115][ T4626] loop4: detected capacity change from 0 to 512
[ 56.798451][ T4626] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 56.838534][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 56.887470][ T4638] netlink: 'syz.3.398': attribute type 21 has an invalid length.
[ 56.900115][ T4638] loop3: detected capacity change from 0 to 512
[ 56.907720][ T4638] ext4: Unknown parameter 'fowner<18446744073709551615'
[ 56.925763][ T4640] netlink: 12 bytes leftover after parsing attributes in process `syz.1.397'.
[ 56.959556][ T4642] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=4642 comm=syz.0.399
[ 56.981341][ T4647] team0 (unregistering): Port device team_slave_0 removed
[ 57.000398][ T4647] team0 (unregistering): Port device team_slave_1 removed
[ 57.024005][ T4653] loop1: detected capacity change from 0 to 1024
[ 57.031074][ T4653] devtmpfs: Unknown parameter 'orlov'
[ 57.191725][ T4677] netlink: 'syz.5.411': attribute type 21 has an invalid length.
[ 57.232726][ T4680] loop1: detected capacity change from 0 to 1024
[ 57.239525][ T4677] loop5: detected capacity change from 0 to 512
[ 57.239876][ T4677] ext4: Unknown parameter 'fowner<18446744073709551615'
[ 57.268568][ T4680] EXT4-fs: test_dummy_encryption option not supported
[ 57.301003][ T4684] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[ 57.314626][ T4684] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 57.348236][ T4690] loop5: detected capacity change from 0 to 1024
[ 57.366483][ T4690] EXT4-fs: Ignoring removed oldalloc option
[ 57.370612][ T4693] RDS: rds_bind could not find a transport for ::ffff:172.20.20.53, load rds_tcp or rds_rdma?
[ 57.377563][ T4690] EXT4-fs: Ignoring removed orlov option
[ 57.391716][ T4690] EXT4-fs (loop5): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[ 57.413751][ T4695] team0 (unregistering): Port device team_slave_0 removed
[ 57.422496][ T4690] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 57.438245][ T4690] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[ 57.449684][ T4695] team0 (unregistering): Port device team_slave_1 removed
[ 57.626447][ T4359] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 57.675662][ T4711] loop5: detected capacity change from 0 to 128
[ 57.697057][ T4711] bio_check_eod: 3 callbacks suppressed
[ 57.697071][ T4711] syz.5.424: attempt to access beyond end of device
[ 57.697071][ T4711] loop5: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 57.722091][ T4711] syz.5.424: attempt to access beyond end of device
[ 57.722091][ T4711] loop5: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 57.736615][ T4711] syz.5.424: attempt to access beyond end of device
[ 57.736615][ T4711] loop5: rw=2049, sector=177, nr_sectors = 1 limit=128
[ 57.751129][ T4713] netlink: 12 bytes leftover after parsing attributes in process `syz.1.423'.
[ 57.810790][ T4715] loop4: detected capacity change from 0 to 1024
[ 57.818555][ T4715] ext4: Bad value for 'debug_want_extra_isize'
[ 58.008655][ T4723] netlink: 20 bytes leftover after parsing attributes in process `syz.1.427'.
[ 58.041534][ T4723] loop1: detected capacity change from 0 to 2048
[ 58.087025][ T4723] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 58.112972][ T4723] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 58.350670][ T4738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 58.359327][ T4738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 58.368840][ T4738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 58.377522][ T4738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 58.386218][ T4738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 58.394763][ T4738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 58.405845][ T4738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 58.414418][ T4738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 58.739814][ T4744] loop4: detected capacity change from 0 to 128
[ 58.750377][ T4744] syz.4.435: attempt to access beyond end of device
[ 58.750377][ T4744] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 58.764059][ T4744] syz.4.435: attempt to access beyond end of device
[ 58.764059][ T4744] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 58.791340][ T4746] loop1: detected capacity change from 0 to 512
[ 58.798974][ T4746] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 58.805869][ T4746] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.436: bg 0: block 248: padding at end of block bitmap is not set
[ 58.820687][ T4746] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.436: Failed to acquire dquot type 1
[ 58.832733][ T4746] EXT4-fs (loop1): 1 truncate cleaned up
[ 58.839172][ T4746] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 58.851948][ T4746] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 58.934827][ T4754] netlink: 12 bytes leftover after parsing attributes in process `syz.4.437'.
[ 59.293989][ T4771] loop4: detected capacity change from 0 to 2048
[ 59.316382][ T4771] EXT4-fs error (device loop4): __ext4_fill_super:5502: inode #2: comm syz.4.444: iget: bad extended attribute block 281474976710655
[ 59.330623][ T4771] EXT4-fs (loop4): get root inode failed
[ 59.336347][ T4771] EXT4-fs (loop4): mount failed
[ 59.524649][ T4779] netlink: 12 bytes leftover after parsing attributes in process `syz.4.446'.
[ 59.571936][ T4781] FAULT_INJECTION: forcing a failure.
[ 59.571936][ T4781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 59.585072][ T4781] CPU: 0 UID: 0 PID: 4781 Comm: syz.4.447 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 59.585102][ T4781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 59.585116][ T4781] Call Trace:
[ 59.585123][ T4781] <TASK>
[ 59.585131][ T4781] dump_stack_lvl+0xf6/0x150
[ 59.585262][ T4781] dump_stack+0x15/0x1a
[ 59.585282][ T4781] should_fail_ex+0x261/0x270
[ 59.585308][ T4781] should_fail+0xb/0x10
[ 59.585326][ T4781] should_fail_usercopy+0x1a/0x20
[ 59.585349][ T4781] strncpy_from_user+0x25/0x230
[ 59.585417][ T4781] ? copy_from_kernel_nofault_allowed+0x75/0xa0
[ 59.585446][ T4781] ? rt2800_loft_iq_calibration+0x8700/0x9b70
[ 59.585498][ T4781] strncpy_from_user_nofault+0x66/0xe0
[ 59.585532][ T4781] bpf_probe_read_user_str+0x2a/0x70
[ 59.585609][ T4781] bpf_prog_6fb7ada547f278f2+0x3e/0x40
[ 59.585625][ T4781] bpf_trace_run2+0x106/0x1d0
[ 59.585650][ T4781] ? p9_client_create+0x311/0xbb0
[ 59.585721][ T4781] ? p9_client_create+0x311/0xbb0
[ 59.585754][ T4781] ? p9_client_create+0x311/0xbb0
[ 59.585782][ T4781] __traceiter_kfree+0x2b/0x50
[ 59.585808][ T4781] kfree+0x273/0x320
[ 59.585842][ T4781] ? strcmp+0x21/0x50
[ 59.585877][ T4781] p9_client_create+0x311/0xbb0
[ 59.585925][ T4781] v9fs_session_init+0xfb/0xdb0
[ 59.585952][ T4781] ? obj_cgroup_charge+0xc6/0x170
[ 59.586013][ T4781] ? should_fail_ex+0xd7/0x270
[ 59.586035][ T4781] ? should_failslab+0x8f/0xb0
[ 59.586058][ T4781] ? __kmalloc_cache_noprof+0x18d/0x320
[ 59.586158][ T4781] ? v9fs_mount+0x56/0x580
[ 59.586192][ T4781] v9fs_mount+0x6c/0x580
[ 59.586275][ T4781] ? __pfx_v9fs_mount+0x10/0x10
[ 59.586300][ T4781] legacy_get_tree+0x77/0xd0
[ 59.586333][ T4781] vfs_get_tree+0x56/0x1e0
[ 59.586414][ T4781] do_new_mount+0x246/0x6b0
[ 59.586440][ T4781] path_mount+0x49b/0xb30
[ 59.586544][ T4781] __se_sys_mount+0x28f/0x2e0
[ 59.586566][ T4781] __x64_sys_mount+0x67/0x80
[ 59.586589][ T4781] x64_sys_call+0xd11/0x2e10
[ 59.586615][ T4781] do_syscall_64+0xc9/0x1a0
[ 59.586655][ T4781] ? clear_bhb_loop+0x25/0x80
[ 59.586680][ T4781] ? clear_bhb_loop+0x25/0x80
[ 59.586766][ T4781] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 59.586785][ T4781] RIP: 0033:0x7fe61a8fe169
[ 59.586802][ T4781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 59.586822][ T4781] RSP: 002b:00007fe618f67038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 59.586843][ T4781] RAX: ffffffffffffffda RBX: 00007fe61ab25fa0 RCX: 00007fe61a8fe169
[ 59.586926][ T4781] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[ 59.586941][ T4781] RBP: 00007fe618f67090 R08: 0000200000000a80 R09: 0000000000000000
[ 59.586954][ T4781] R10: 000000000000080a R11: 0000000000000246 R12: 0000000000000002
[ 59.586968][ T4781] R13: 0000000000000000 R14: 00007fe61ab25fa0 R15: 00007ffce38a6008
[ 59.586992][ T4781] </TASK>
[ 59.587045][ T4781] 9pnet_fd: Insufficient options for proto=fd
[ 59.884121][ T4746] syz.1.436 (4746) used greatest stack depth: 9328 bytes left
[ 59.924805][ T4788] syzkaller0: entered allmulticast mode
[ 59.930681][ T4788] syzkaller0: entered promiscuous mode
[ 59.956634][ T4788] syzkaller0 (unregistering): left promiscuous mode
[ 59.963309][ T4788] syzkaller0 (unregistering): left allmulticast mode
[ 59.994026][ T4799] loop3: detected capacity change from 0 to 512
[ 59.995039][ T4800] netlink: 12 bytes leftover after parsing attributes in process `syz.5.453'.
[ 60.001189][ T4799] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 60.033531][ T4799] EXT4-fs (loop3): 1 truncate cleaned up
[ 60.041903][ T4799] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 60.223935][ T4829] loop1: detected capacity change from 0 to 128
[ 60.237450][ T4829] syz.1.464: attempt to access beyond end of device
[ 60.237450][ T4829] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 60.252040][ T4829] syz.1.464: attempt to access beyond end of device
[ 60.252040][ T4829] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 60.266289][ T4829] syz.1.464: attempt to access beyond end of device
[ 60.266289][ T4829] loop1: rw=2049, sector=177, nr_sectors = 1 limit=128
[ 60.480352][ T4846] loop1: detected capacity change from 0 to 128
[ 60.493310][ T4846] syz.1.471: attempt to access beyond end of device
[ 60.493310][ T4846] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 60.506954][ T4846] syz.1.471: attempt to access beyond end of device
[ 60.506954][ T4846] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 60.536179][ T4848] vlan2: entered allmulticast mode
[ 60.584247][ T4849] netlink: 'syz.4.472': attribute type 10 has an invalid length.
[ 60.592562][ T4849] netlink: 'syz.4.472': attribute type 10 has an invalid length.
[ 60.600364][ T4849] netlink: 2 bytes leftover after parsing attributes in process `syz.4.472'.
[ 60.773071][ T4865] loop4: detected capacity change from 0 to 2048
[ 60.815221][ T4865] loop4: p1 < > p4
[ 60.819863][ T4865] loop4: p4 size 8388608 extends beyond EOD, truncated
[ 60.911175][ T4879] loop4: detected capacity change from 0 to 512
[ 60.919775][ T4879] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[ 60.927896][ T4879] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[ 60.936741][ T4879] EXT4-fs (loop4): 1 truncate cleaned up
[ 60.944632][ T4879] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 60.998817][ T4882] netlink: 100 bytes leftover after parsing attributes in process `syz.3.483'.
[ 61.039177][ T4888] loop4: detected capacity change from 0 to 512
[ 61.060999][ T4892] netlink: 12 bytes leftover after parsing attributes in process `syz.0.486'.
[ 61.116221][ T4896] team0 (unregistering): Port device team_slave_0 removed
[ 61.129337][ T4896] team0 (unregistering): Port device team_slave_1 removed
[ 61.232776][ T4908] loop4: detected capacity change from 0 to 512
[ 61.245463][ T29] kauditd_printk_skb: 636 callbacks suppressed
[ 61.245480][ T29] audit: type=1326 audit(1745202980.066:5008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4907 comm="syz.4.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 61.275039][ T29] audit: type=1326 audit(1745202980.066:5009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4907 comm="syz.4.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 61.298473][ T29] audit: type=1326 audit(1745202980.066:5010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4907 comm="syz.4.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 61.321804][ T29] audit: type=1326 audit(1745202980.066:5011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4907 comm="syz.4.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 61.345174][ T29] audit: type=1326 audit(1745202980.066:5012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4907 comm="syz.4.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 61.368712][ T29] audit: type=1326 audit(1745202980.066:5013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4907 comm="syz.4.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 61.393729][ T29] audit: type=1326 audit(1745202980.066:5014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4907 comm="syz.4.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 61.408856][ T4908] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[ 61.417081][ T29] audit: type=1326 audit(1745202980.066:5015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4907 comm="syz.4.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe61a8fe1a3 code=0x7ffc0000
[ 61.417110][ T29] audit: type=1326 audit(1745202980.066:5016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4907 comm="syz.4.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe61a8fcc1f code=0x7ffc0000
[ 61.426200][ T4908] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[ 61.448269][ T29] audit: type=1326 audit(1745202980.066:5017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4907 comm="syz.4.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe61a8fe1f7 code=0x7ffc0000
[ 61.473393][ T4908] EXT4-fs (loop4): 1 truncate cleaned up
[ 61.536674][ T4908] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 61.591318][ T4940] FAULT_INJECTION: forcing a failure.
[ 61.591318][ T4940] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 61.604659][ T4940] CPU: 1 UID: 0 PID: 4940 Comm: syz.1.499 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 61.604697][ T4940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 61.604713][ T4940] Call Trace:
[ 61.604721][ T4940] <TASK>
[ 61.604731][ T4940] dump_stack_lvl+0xf6/0x150
[ 61.604758][ T4940] dump_stack+0x15/0x1a
[ 61.604778][ T4940] should_fail_ex+0x261/0x270
[ 61.604808][ T4940] should_fail_alloc_page+0xfd/0x110
[ 61.604875][ T4940] __alloc_frozen_pages_noprof+0x11d/0x360
[ 61.604903][ T4940] alloc_pages_mpol+0xb6/0x260
[ 61.604941][ T4940] vma_alloc_folio_noprof+0x19c/0x300
[ 61.604982][ T4940] handle_mm_fault+0xdda/0x2e80
[ 61.605090][ T4940] ? mt_find+0x735/0x8a0
[ 61.605117][ T4940] ? __rcu_read_lock+0x36/0x50
[ 61.605137][ T4940] ? __pte_offset_map_lock+0x1d3/0x290
[ 61.605235][ T4940] __get_user_pages+0xf4e/0x2340
[ 61.605328][ T4940] __gup_longterm_locked+0x2ec/0xfb0
[ 61.605373][ T4940] ? ___pte_offset_map+0xc8/0x140
[ 61.605415][ T4940] gup_fast_fallback+0x1561/0x1f70
[ 61.605522][ T4940] ? ___kmalloc_large_node+0xc3/0x130
[ 61.605571][ T4940] pin_user_pages_fast+0x64/0xa0
[ 61.605620][ T4940] io_pin_pages+0xb4/0x170
[ 61.605655][ T4940] io_sqe_buffer_register+0x18b/0x12a0
[ 61.605676][ T4940] ? __memcg_slab_post_alloc_hook+0x473/0x5a0
[ 61.605774][ T4940] ? __kvmalloc_node_noprof+0x39b/0x520
[ 61.605809][ T4940] ? io_sqe_buffers_register+0xcf/0x550
[ 61.605879][ T4940] io_sqe_buffers_register+0x2bd/0x550
[ 61.605928][ T4940] __se_sys_io_uring_register+0xb04/0x1f50
[ 61.605990][ T4940] ? kstrtouint_from_user+0xbf/0x100
[ 61.606011][ T4940] ? __rcu_read_unlock+0x4e/0x70
[ 61.606115][ T4940] ? 0xffffffff81000000
[ 61.606130][ T4940] ? __rcu_read_unlock+0x4e/0x70
[ 61.606171][ T4940] ? get_pid_task+0x94/0xd0
[ 61.606195][ T4940] ? proc_fail_nth_write+0x12d/0x160
[ 61.606311][ T4940] ? __pfx_proc_fail_nth_write+0x10/0x10
[ 61.606355][ T4940] ? vfs_write+0x669/0x950
[ 61.606377][ T4940] ? putname+0xe1/0x100
[ 61.606406][ T4940] ? __fget_files+0x186/0x1c0
[ 61.606429][ T4940] ? fput+0x99/0xd0
[ 61.606522][ T4940] ? ksys_write+0x180/0x1b0
[ 61.606555][ T4940] __x64_sys_io_uring_register+0x55/0x70
[ 61.606597][ T4940] x64_sys_call+0xb9d/0x2e10
[ 61.606642][ T4940] do_syscall_64+0xc9/0x1a0
[ 61.606745][ T4940] ? clear_bhb_loop+0x25/0x80
[ 61.606784][ T4940] ? clear_bhb_loop+0x25/0x80
[ 61.606926][ T4940] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 61.606947][ T4940] RIP: 0033:0x7f967d5ce169
[ 61.606962][ T4940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 61.607076][ T4940] RSP: 002b:00007f967bc37038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[ 61.607099][ T4940] RAX: ffffffffffffffda RBX: 00007f967d7f5fa0 RCX: 00007f967d5ce169
[ 61.607113][ T4940] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 0000000000000003
[ 61.607126][ T4940] RBP: 00007f967bc37090 R08: 0000000000000000 R09: 0000000000000000
[ 61.607140][ T4940] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000001
[ 61.607154][ T4940] R13: 0000000000000000 R14: 00007f967d7f5fa0 R15: 00007ffd00102d08
[ 61.607243][ T4940] </TASK>
[ 61.946504][ T4945] netlink: 'syz.4.497': attribute type 3 has an invalid length.
[ 61.959190][ T4945] netlink: 4 bytes leftover after parsing attributes in process `syz.4.497'.
[ 61.969023][ T4945] netlink: 4 bytes leftover after parsing attributes in process `syz.4.497'.
[ 61.972368][ T4947] netlink: 12 bytes leftover after parsing attributes in process `syz.1.501'.
[ 62.020603][ T4958] loop4: detected capacity change from 0 to 1024
[ 62.029664][ T4958] EXT4-fs: Ignoring removed i_version option
[ 62.037831][ T4958] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 62.056928][ T4958] FAULT_INJECTION: forcing a failure.
[ 62.056928][ T4958] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 62.070234][ T4958] CPU: 0 UID: 0 PID: 4958 Comm: syz.4.502 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 62.070268][ T4958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 62.070284][ T4958] Call Trace:
[ 62.070291][ T4958] <TASK>
[ 62.070301][ T4958] dump_stack_lvl+0xf6/0x150
[ 62.070392][ T4958] dump_stack+0x15/0x1a
[ 62.070412][ T4958] should_fail_ex+0x261/0x270
[ 62.070442][ T4958] should_fail_alloc_page+0xfd/0x110
[ 62.070470][ T4958] __alloc_frozen_pages_noprof+0x11d/0x360
[ 62.070501][ T4958] alloc_pages_mpol+0xb6/0x260
[ 62.070552][ T4958] vma_alloc_folio_noprof+0x19c/0x300
[ 62.070594][ T4958] handle_mm_fault+0xdda/0x2e80
[ 62.070641][ T4958] exc_page_fault+0x296/0x6a0
[ 62.070669][ T4958] asm_exc_page_fault+0x26/0x30
[ 62.070765][ T4958] RIP: 0010:rep_stos_alternative+0x40/0x80
[ 62.070799][ T4958] Code: c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[ 62.070816][ T4958] RSP: 0018:ffffc90002f7b9b8 EFLAGS: 00050206
[ 62.070830][ T4958] RAX: 0000000000000000 RBX: 000020000005d200 RCX: 0000000000050200
[ 62.070867][ T4958] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 000020000000d000
[ 62.070881][ T4958] RBP: 0000200000001200 R08: ffffffff81e4d54e R09: 0000000000000000
[ 62.070894][ T4958] R10: 0001ffffffffffff R11: ffff888102e96300 R12: 000000000005c000
[ 62.070908][ T4958] R13: 000000007ffff000 R14: ffffc90002f7bda8 R15: 0000000000000000
[ 62.070979][ T4958] ? iov_iter_zero+0xee/0xca0
[ 62.071009][ T4958] iov_iter_zero+0x111/0xca0
[ 62.071039][ T4958] ? iomap_iter+0x475/0x770
[ 62.071111][ T4958] __iomap_dio_rw+0xc4c/0x12a0
[ 62.071172][ T4958] iomap_dio_rw+0x40/0x90
[ 62.071260][ T4958] ext4_file_read_iter+0x214/0x290
[ 62.071321][ T4958] do_iter_readv_writev+0x40d/0x4b0
[ 62.071353][ T4958] vfs_readv+0x1e1/0x660
[ 62.071381][ T4958] ? proc_fail_nth_write+0x12d/0x160
[ 62.071506][ T4958] __se_sys_preadv2+0x103/0x1d0
[ 62.071531][ T4958] __x64_sys_preadv2+0x78/0x90
[ 62.071553][ T4958] x64_sys_call+0x27f7/0x2e10
[ 62.071654][ T4958] do_syscall_64+0xc9/0x1a0
[ 62.071685][ T4958] ? clear_bhb_loop+0x25/0x80
[ 62.071770][ T4958] ? clear_bhb_loop+0x25/0x80
[ 62.071796][ T4958] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 62.071817][ T4958] RIP: 0033:0x7fe61a8fe169
[ 62.071840][ T4958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 62.071861][ T4958] RSP: 002b:00007fe618f67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147
[ 62.071880][ T4958] RAX: ffffffffffffffda RBX: 00007fe61ab25fa0 RCX: 00007fe61a8fe169
[ 62.071894][ T4958] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000005
[ 62.071908][ T4958] RBP: 00007fe618f67090 R08: 0000000000000000 R09: 0000000000000000
[ 62.071978][ T4958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 62.071990][ T4958] R13: 0000000000000000 R14: 00007fe61ab25fa0 R15: 00007ffce38a6008
[ 62.072014][ T4958] </TASK>
[ 62.410714][ T4966] loop5: detected capacity change from 0 to 1024
[ 62.417567][ T4966] EXT4-fs: Ignoring removed oldalloc option
[ 62.429743][ T4966] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[ 62.447043][ T4970] loop1: detected capacity change from 0 to 512
[ 62.455711][ T4970] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[ 62.466484][ T4970] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[ 62.492319][ T4978] loop3: detected capacity change from 0 to 512
[ 62.500142][ T4970] EXT4-fs (loop1): 1 truncate cleaned up
[ 62.526070][ T4970] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 62.539543][ T4983] FAULT_INJECTION: forcing a failure.
[ 62.539543][ T4983] name failslab, interval 1, probability 0, space 0, times 0
[ 62.552241][ T4983] CPU: 1 UID: 0 PID: 4983 Comm: syz.5.509 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 62.552326][ T4983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 62.552338][ T4983] Call Trace:
[ 62.552344][ T4983] <TASK>
[ 62.552352][ T4983] dump_stack_lvl+0xf6/0x150
[ 62.552376][ T4983] dump_stack+0x15/0x1a
[ 62.552392][ T4983] should_fail_ex+0x261/0x270
[ 62.552423][ T4983] should_failslab+0x8f/0xb0
[ 62.552530][ T4983] __kmalloc_cache_node_noprof+0x58/0x340
[ 62.552568][ T4983] ? __get_vm_area_node+0xfb/0x1c0
[ 62.552656][ T4983] ? cgroup_rstat_updated+0xa4/0x590
[ 62.552692][ T4983] __get_vm_area_node+0xfb/0x1c0
[ 62.552746][ T4983] __vmalloc_node_range_noprof+0x285/0xe80
[ 62.552788][ T4983] ? copy_process+0x39e/0x1f60
[ 62.552857][ T4983] ? refill_obj_stock+0x15d/0x230
[ 62.552892][ T4983] ? mod_objcg_state+0x3f6/0x530
[ 62.552929][ T4983] ? __memcg_slab_post_alloc_hook+0x473/0x5a0
[ 62.552963][ T4983] ? copy_process+0x39e/0x1f60
[ 62.552987][ T4983] __vmalloc_node_noprof+0x65/0x80
[ 62.553024][ T4983] ? copy_process+0x39e/0x1f60
[ 62.553051][ T4983] dup_task_struct+0x46d/0x6e0
[ 62.553075][ T4983] copy_process+0x39e/0x1f60
[ 62.553106][ T4983] ? __pfx_io_wq_worker+0x10/0x10
[ 62.553145][ T4983] create_io_thread+0xab/0xe0
[ 62.553171][ T4983] ? __pfx_io_wq_worker+0x10/0x10
[ 62.553202][ T4983] create_io_worker+0xdd/0x380
[ 62.553301][ T4983] io_wq_enqueue+0x32a/0x410
[ 62.553327][ T4983] ? __pfx_io_wq_work_match_item+0x10/0x10
[ 62.553358][ T4983] io_queue_iowq+0x248/0x380
[ 62.553385][ T4983] io_queue_async+0x42c/0x460
[ 62.553416][ T4983] ? io_submit_sqes+0x9e8/0x1050
[ 62.553468][ T4983] io_submit_sqes+0x9f2/0x1050
[ 62.553555][ T4983] __se_sys_io_uring_enter+0x1e8/0x1b70
[ 62.553577][ T4983] ? 0xffffffff81000000
[ 62.553591][ T4983] ? get_pid_task+0x94/0xd0
[ 62.553613][ T4983] ? proc_fail_nth_write+0x12d/0x160
[ 62.553692][ T4983] ? __pfx_proc_fail_nth_write+0x10/0x10
[ 62.553785][ T4983] ? vfs_write+0x669/0x950
[ 62.553880][ T4983] ? putname+0xe1/0x100
[ 62.553908][ T4983] ? __fget_files+0x186/0x1c0
[ 62.553936][ T4983] ? fput+0x99/0xd0
[ 62.553967][ T4983] ? ksys_write+0x180/0x1b0
[ 62.554031][ T4983] __x64_sys_io_uring_enter+0x78/0x90
[ 62.554057][ T4983] x64_sys_call+0x26cb/0x2e10
[ 62.554078][ T4983] do_syscall_64+0xc9/0x1a0
[ 62.554122][ T4983] ? clear_bhb_loop+0x25/0x80
[ 62.554143][ T4983] ? clear_bhb_loop+0x25/0x80
[ 62.554174][ T4983] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 62.554194][ T4983] RIP: 0033:0x7fa6ac6be169
[ 62.554209][ T4983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 62.554226][ T4983] RSP: 002b:00007fa6aad27038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 62.554245][ T4983] RAX: ffffffffffffffda RBX: 00007fa6ac8e5fa0 RCX: 00007fa6ac6be169
[ 62.554257][ T4983] RDX: 0000000000000000 RSI: 0000000000003516 RDI: 0000000000000003
[ 62.554268][ T4983] RBP: 00007fa6aad27090 R08: 0000000000000000 R09: 00000000fffffdcf
[ 62.554327][ T4983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 62.554338][ T4983] R13: 0000000000000000 R14: 00007fa6ac8e5fa0 R15: 00007ffc5ed2d508
[ 62.554428][ T4983] </TASK>
[ 62.554461][ T4983] syz.5.509: vmalloc error: size 16384, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[ 62.889009][ T4983] CPU: 1 UID: 0 PID: 4983 Comm: syz.5.509 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 62.889084][ T4983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 62.889094][ T4983] Call Trace:
[ 62.889101][ T4983] <TASK>
[ 62.889108][ T4983] dump_stack_lvl+0xf6/0x150
[ 62.889130][ T4983] dump_stack+0x15/0x1a
[ 62.889144][ T4983] warn_alloc+0x145/0x1b0
[ 62.889178][ T4983] __vmalloc_node_range_noprof+0x2aa/0xe80
[ 62.889221][ T4983] ? refill_obj_stock+0x15d/0x230
[ 62.889267][ T4983] ? mod_objcg_state+0x3f6/0x530
[ 62.889296][ T4983] ? __memcg_slab_post_alloc_hook+0x473/0x5a0
[ 62.889466][ T4983] ? copy_process+0x39e/0x1f60
[ 62.889486][ T4983] __vmalloc_node_noprof+0x65/0x80
[ 62.889576][ T4983] ? copy_process+0x39e/0x1f60
[ 62.889604][ T4983] dup_task_struct+0x46d/0x6e0
[ 62.889633][ T4983] copy_process+0x39e/0x1f60
[ 62.889704][ T4983] ? __pfx_io_wq_worker+0x10/0x10
[ 62.889730][ T4983] create_io_thread+0xab/0xe0
[ 62.889755][ T4983] ? __pfx_io_wq_worker+0x10/0x10
[ 62.889781][ T4983] create_io_worker+0xdd/0x380
[ 62.889860][ T4983] io_wq_enqueue+0x32a/0x410
[ 62.889891][ T4983] ? __pfx_io_wq_work_match_item+0x10/0x10
[ 62.889914][ T4983] io_queue_iowq+0x248/0x380
[ 62.889933][ T4983] io_queue_async+0x42c/0x460
[ 62.889973][ T4983] ? io_submit_sqes+0x9e8/0x1050
[ 62.890034][ T4983] io_submit_sqes+0x9f2/0x1050
[ 62.890063][ T4983] __se_sys_io_uring_enter+0x1e8/0x1b70
[ 62.890131][ T4983] ? 0xffffffff81000000
[ 62.890143][ T4983] ? get_pid_task+0x94/0xd0
[ 62.890229][ T4983] ? proc_fail_nth_write+0x12d/0x160
[ 62.890267][ T4983] ? __pfx_proc_fail_nth_write+0x10/0x10
[ 62.890357][ T4983] ? vfs_write+0x669/0x950
[ 62.890372][ T4983] ? putname+0xe1/0x100
[ 62.890391][ T4983] ? __fget_files+0x186/0x1c0
[ 62.890411][ T4983] ? fput+0x99/0xd0
[ 62.890483][ T4983] ? ksys_write+0x180/0x1b0
[ 62.890500][ T4983] __x64_sys_io_uring_enter+0x78/0x90
[ 62.890561][ T4983] x64_sys_call+0x26cb/0x2e10
[ 62.890580][ T4983] do_syscall_64+0xc9/0x1a0
[ 62.890602][ T4983] ? clear_bhb_loop+0x25/0x80
[ 62.890622][ T4983] ? clear_bhb_loop+0x25/0x80
[ 62.890693][ T4983] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 62.890716][ T4983] RIP: 0033:0x7fa6ac6be169
[ 62.890735][ T4983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 62.890751][ T4983] RSP: 002b:00007fa6aad27038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 62.890818][ T4983] RAX: ffffffffffffffda RBX: 00007fa6ac8e5fa0 RCX: 00007fa6ac6be169
[ 62.890829][ T4983] RDX: 0000000000000000 RSI: 0000000000003516 RDI: 0000000000000003
[ 62.890839][ T4983] RBP: 00007fa6aad27090 R08: 0000000000000000 R09: 00000000fffffdcf
[ 62.890849][ T4983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 62.890859][ T4983] R13: 0000000000000000 R14: 00007fa6ac8e5fa0 R15: 00007ffc5ed2d508
[ 62.890919][ T4983] </TASK>
[ 62.890924][ T4983] Mem-Info:
[ 63.182654][ T4983] active_anon:4237 inactive_anon:1 isolated_anon:0
[ 63.182654][ T4983] active_file:5016 inactive_file:2075 isolated_file:0
[ 63.182654][ T4983] unevictable:0 dirty:55 writeback:0
[ 63.182654][ T4983] slab_reclaimable:2838 slab_unreclaimable:14200
[ 63.182654][ T4983] mapped:28532 shmem:515 pagetables:1305
[ 63.182654][ T4983] sec_pagetables:0 bounce:0
[ 63.182654][ T4983] kernel_misc_reclaimable:0
[ 63.182654][ T4983] free:1905309 free_pcp:6742 free_cma:0
[ 63.227239][ T4983] Node 0 active_anon:16948kB inactive_anon:4kB active_file:20064kB inactive_file:8300kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:114128kB dirty:220kB writeback:0kB shmem:2060kB writeback_tmp:0kB kernel_stack:3008kB pagetables:5220kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 63.256091][ T4983] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 63.282983][ T4983] lowmem_reserve[]: 0 2882 7860 7860
[ 63.288336][ T4983] Node 0 DMA32 free:2947780kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951308kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[ 63.316610][ T4983] lowmem_reserve[]: 0 0 4978 4978
[ 63.321757][ T4983] Node 0 Normal free:4658096kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB active_anon:16948kB inactive_anon:4kB active_file:20064kB inactive_file:8300kB unevictable:0kB writepending:220kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:23440kB local_pcp:2424kB free_cma:0kB
[ 63.351768][ T4983] lowmem_reserve[]: 0 0 0 0
[ 63.356412][ T4983] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 63.369206][ T4983] Node 0 DMA32: 5*4kB (M) 2*8kB (M) 2*16kB (M) 4*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947780kB
[ 63.385295][ T4983] Node 0 Normal: 42*4kB (ME) 6*8kB (ME) 2*16kB (M) 11*32kB (UME) 29*64kB (UE) 45*128kB (UME) 36*256kB (UME) 18*512kB (UME) 23*1024kB (UME) 16*2048kB (UME) 1117*4096kB (UM) = 4658200kB
[ 63.403682][ T4983] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 63.412990][ T4983] 7612 total pagecache pages
[ 63.417589][ T4983] 6 pages in swap cache
[ 63.421786][ T4983] Free swap = 124972kB
[ 63.425966][ T4983] Total swap = 124996kB
[ 63.430124][ T4983] 2097051 pages RAM
[ 63.433922][ T4983] 0 pages HighMem/MovableOnly
[ 63.438613][ T4983] 80823 pages reserved
[ 63.478047][ T4987] netlink: 12 bytes leftover after parsing attributes in process `syz.4.512'.
[ 63.530660][ T4997] FAULT_INJECTION: forcing a failure.
[ 63.530660][ T4997] name failslab, interval 1, probability 0, space 0, times 0
[ 63.543384][ T4997] CPU: 1 UID: 0 PID: 4997 Comm: syz.1.510 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 63.543484][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 63.543499][ T4997] Call Trace:
[ 63.543507][ T4997] <TASK>
[ 63.543516][ T4997] dump_stack_lvl+0xf6/0x150
[ 63.543544][ T4997] dump_stack+0x15/0x1a
[ 63.543560][ T4997] should_fail_ex+0x261/0x270
[ 63.543589][ T4997] should_failslab+0x8f/0xb0
[ 63.543737][ T4997] __kmalloc_node_track_caller_noprof+0xaa/0x410
[ 63.543781][ T4997] ? sidtab_sid2str_get+0xb8/0x140
[ 63.543801][ T4997] ? skb_put+0xba/0x100
[ 63.543823][ T4997] kmemdup_noprof+0x2b/0x70
[ 63.543903][ T4997] sidtab_sid2str_get+0xb8/0x140
[ 63.543978][ T4997] security_sid_to_context_core+0x1eb/0x2f0
[ 63.544057][ T4997] security_sid_to_context+0x27/0x30
[ 63.544122][ T4997] avc_audit_post_callback+0x9f/0x540
[ 63.544148][ T4997] ? __pfx_avc_audit_post_callback+0x10/0x10
[ 63.544173][ T4997] common_lsm_audit+0x1c6/0x230
[ 63.544241][ T4997] ? __pfx_avc_audit_post_callback+0x10/0x10
[ 63.544269][ T4997] slow_avc_audit+0xff/0x140
[ 63.544323][ T4997] avc_has_perm+0x124/0x150
[ 63.544350][ T4997] selinux_socket_sendmsg+0x18a/0x1c0
[ 63.544418][ T4997] security_socket_sendmsg+0x47/0x80
[ 63.544454][ T4997] __sock_sendmsg+0x2d/0x180
[ 63.544539][ T4997] ____sys_sendmsg+0x350/0x4e0
[ 63.544568][ T4997] __sys_sendmsg+0x1a0/0x240
[ 63.544611][ T4997] __x64_sys_sendmsg+0x46/0x50
[ 63.544634][ T4997] x64_sys_call+0x26f3/0x2e10
[ 63.544673][ T4997] do_syscall_64+0xc9/0x1a0
[ 63.544702][ T4997] ? clear_bhb_loop+0x25/0x80
[ 63.544791][ T4997] ? clear_bhb_loop+0x25/0x80
[ 63.544869][ T4997] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 63.544889][ T4997] RIP: 0033:0x7f967d5ce169
[ 63.544904][ T4997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 63.544922][ T4997] RSP: 002b:00007f967bc37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 63.544940][ T4997] RAX: ffffffffffffffda RBX: 00007f967d7f5fa0 RCX: 00007f967d5ce169
[ 63.544952][ T4997] RDX: 0000000000000000 RSI: 0000200000001600 RDI: 0000000000000005
[ 63.544963][ T4997] RBP: 00007f967bc37090 R08: 0000000000000000 R09: 0000000000000000
[ 63.544975][ T4997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 63.545086][ T4997] R13: 0000000000000000 R14: 00007f967d7f5fa0 R15: 00007ffd00102d08
[ 63.545107][ T4997] </TASK>
[ 63.791867][ T5001] netlink: 12 bytes leftover after parsing attributes in process `syz.4.515'.
[ 63.854049][ T5011] loop1: detected capacity change from 0 to 512
[ 63.864117][ T5011] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[ 63.872357][ T5011] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[ 63.882209][ T5011] EXT4-fs (loop1): 1 truncate cleaned up
[ 63.896417][ T5011] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 63.911818][ T5016] tipc: Started in network mode
[ 63.916770][ T5016] tipc: Node identity ac14140f, cluster identity 4711
[ 63.924483][ T5016] tipc: New replicast peer: 255.255.255.255
[ 63.930736][ T5016] tipc: Enabled bearer <udp:syz2>, priority 10
[ 63.943848][ T5009] netlink: 12 bytes leftover after parsing attributes in process `syz.5.519'.
[ 63.952791][ T5009] tipc: Disabling bearer <udp:syz2>
[ 63.965465][ T5018] netlink: 'syz.4.523': attribute type 21 has an invalid length.
[ 63.976923][ T5018] loop4: detected capacity change from 0 to 512
[ 63.983712][ T5018] ext4: Unknown parameter 'fowner<18446744073709551615'
[ 63.997035][ T5020] loop1: detected capacity change from 0 to 512
[ 64.031051][ T5026] netlink: 'syz.4.525': attribute type 21 has an invalid length.
[ 64.045131][ T5026] loop4: detected capacity change from 0 to 512
[ 64.052096][ T5026] ext4: Unknown parameter 'fowner<18446744073709551615'
[ 64.074828][ T5022] loop5: detected capacity change from 0 to 512
[ 64.081965][ T5022] journal_path: Non-blockdev passed as './bus'
[ 64.088267][ T5022] EXT4-fs: error: could not find journal device path
[ 64.118149][ T5030] FAULT_INJECTION: forcing a failure.
[ 64.118149][ T5030] name failslab, interval 1, probability 0, space 0, times 0
[ 64.130853][ T5030] CPU: 0 UID: 0 PID: 5030 Comm: syz.1.526 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 64.130959][ T5030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 64.130974][ T5030] Call Trace:
[ 64.130982][ T5030] <TASK>
[ 64.130992][ T5030] dump_stack_lvl+0xf6/0x150
[ 64.131022][ T5030] dump_stack+0x15/0x1a
[ 64.131042][ T5030] should_fail_ex+0x261/0x270
[ 64.131072][ T5030] should_failslab+0x8f/0xb0
[ 64.131129][ T5030] kmem_cache_alloc_node_noprof+0x5c/0x340
[ 64.131165][ T5030] ? __alloc_skb+0x10d/0x320
[ 64.131191][ T5030] __alloc_skb+0x10d/0x320
[ 64.131217][ T5030] __pskb_copy_fclone+0x6a/0x870
[ 64.131248][ T5030] ? __pskb_copy_fclone+0x7e6/0x870
[ 64.131359][ T5030] tipc_clone_to_loopback+0xa6/0x2d0
[ 64.131424][ T5030] tipc_mcast_xmit+0xcd6/0xcf0
[ 64.131495][ T5030] ? tipc_msg_build+0x316/0x870
[ 64.131583][ T5030] tipc_send_group_bcast+0x620/0x700
[ 64.131625][ T5030] ? __pfx_woken_wake_function+0x10/0x10
[ 64.131655][ T5030] __tipc_sendmsg+0x1a0/0x1c90
[ 64.131685][ T5030] ? selinux_socket_sendmsg+0x18a/0x1c0
[ 64.131766][ T5030] ? _raw_spin_unlock_bh+0x36/0x40
[ 64.131797][ T5030] ? lock_sock_nested+0x114/0x140
[ 64.131838][ T5030] ? __pfx_tipc_sendmsg+0x10/0x10
[ 64.131870][ T5030] tipc_sendmsg+0x3e/0x60
[ 64.131930][ T5030] __sock_sendmsg+0x140/0x180
[ 64.131964][ T5030] ____sys_sendmsg+0x350/0x4e0
[ 64.132030][ T5030] __sys_sendmsg+0x1a0/0x240
[ 64.132073][ T5030] __x64_sys_sendmsg+0x46/0x50
[ 64.132102][ T5030] x64_sys_call+0x26f3/0x2e10
[ 64.132173][ T5030] do_syscall_64+0xc9/0x1a0
[ 64.132202][ T5030] ? clear_bhb_loop+0x25/0x80
[ 64.132229][ T5030] ? clear_bhb_loop+0x25/0x80
[ 64.132312][ T5030] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 64.132338][ T5030] RIP: 0033:0x7f967d5ce169
[ 64.132384][ T5030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 64.132402][ T5030] RSP: 002b:00007f967bc37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 64.132421][ T5030] RAX: ffffffffffffffda RBX: 00007f967d7f5fa0 RCX: 00007f967d5ce169
[ 64.132436][ T5030] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[ 64.132450][ T5030] RBP: 00007f967bc37090 R08: 0000000000000000 R09: 0000000000000000
[ 64.132465][ T5030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 64.132534][ T5030] R13: 0000000000000000 R14: 00007f967d7f5fa0 R15: 00007ffd00102d08
[ 64.132557][ T5030] </TASK>
[ 64.136676][ T5032] netlink: 12 bytes leftover after parsing attributes in process `syz.4.527'.
[ 64.163767][ T5035] loop5: detected capacity change from 0 to 128
[ 64.532749][ T5050] loop1: detected capacity change from 0 to 512
[ 64.587978][ T5050] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[ 64.601994][ T5050] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[ 64.612680][ T5050] EXT4-fs (loop1): 1 truncate cleaned up
[ 64.641469][ T5050] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 64.764621][ T5059] ALSA: seq fatal error: cannot create timer (-19)
[ 64.849081][ T5063] loop3: detected capacity change from 0 to 512
[ 64.976954][ T5068] FAULT_INJECTION: forcing a failure.
[ 64.976954][ T5068] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 64.990165][ T5068] CPU: 0 UID: 0 PID: 5068 Comm: syz.1.538 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 64.990272][ T5068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 64.990289][ T5068] Call Trace:
[ 64.990296][ T5068] <TASK>
[ 64.990303][ T5068] dump_stack_lvl+0xf6/0x150
[ 64.990330][ T5068] dump_stack+0x15/0x1a
[ 64.990344][ T5068] should_fail_ex+0x261/0x270
[ 64.990366][ T5068] should_fail+0xb/0x10
[ 64.990435][ T5068] should_fail_usercopy+0x1a/0x20
[ 64.990457][ T5068] _copy_from_user+0x1c/0xa0
[ 64.990482][ T5068] kvmemdup_bpfptr_noprof+0x82/0x110
[ 64.990548][ T5068] map_update_elem+0x37e/0x470
[ 64.990641][ T5068] __sys_bpf+0x6ef/0x800
[ 64.990673][ T5068] __x64_sys_bpf+0x43/0x50
[ 64.990695][ T5068] x64_sys_call+0x23da/0x2e10
[ 64.990715][ T5068] do_syscall_64+0xc9/0x1a0
[ 64.990843][ T5068] ? clear_bhb_loop+0x25/0x80
[ 64.990905][ T5068] ? clear_bhb_loop+0x25/0x80
[ 64.990932][ T5068] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 64.990954][ T5068] RIP: 0033:0x7f967d5ce169
[ 64.990972][ T5068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 64.990993][ T5068] RSP: 002b:00007f967bc37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 64.991009][ T5068] RAX: ffffffffffffffda RBX: 00007f967d7f5fa0 RCX: 00007f967d5ce169
[ 64.991076][ T5068] RDX: 0000000000000020 RSI: 0000200000000340 RDI: 0000000000000002
[ 64.991086][ T5068] RBP: 00007f967bc37090 R08: 0000000000000000 R09: 0000000000000000
[ 64.991096][ T5068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 64.991105][ T5068] R13: 0000000000000000 R14: 00007f967d7f5fa0 R15: 00007ffd00102d08
[ 64.991123][ T5068] </TASK>
[ 65.279894][ T5077] FAULT_INJECTION: forcing a failure.
[ 65.279894][ T5077] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 65.293159][ T5077] CPU: 1 UID: 0 PID: 5077 Comm: syz.0.542 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 65.293237][ T5077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 65.293248][ T5077] Call Trace:
[ 65.293254][ T5077] <TASK>
[ 65.293261][ T5077] dump_stack_lvl+0xf6/0x150
[ 65.293284][ T5077] dump_stack+0x15/0x1a
[ 65.293299][ T5077] should_fail_ex+0x261/0x270
[ 65.293327][ T5077] should_fail+0xb/0x10
[ 65.293391][ T5077] should_fail_usercopy+0x1a/0x20
[ 65.293414][ T5077] _copy_from_user+0x1c/0xa0
[ 65.293517][ T5077] move_addr_to_kernel+0x8c/0x130
[ 65.293590][ T5077] __sys_connect+0x6c/0x1b0
[ 65.293616][ T5077] __x64_sys_connect+0x41/0x50
[ 65.293633][ T5077] x64_sys_call+0x2030/0x2e10
[ 65.293656][ T5077] do_syscall_64+0xc9/0x1a0
[ 65.293687][ T5077] ? clear_bhb_loop+0x25/0x80
[ 65.293715][ T5077] ? clear_bhb_loop+0x25/0x80
[ 65.293740][ T5077] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 65.293763][ T5077] RIP: 0033:0x7f1471f2e169
[ 65.293789][ T5077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 65.293855][ T5077] RSP: 002b:00007f1470597038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 65.293872][ T5077] RAX: ffffffffffffffda RBX: 00007f1472155fa0 RCX: 00007f1471f2e169
[ 65.293884][ T5077] RDX: 000000000000001e RSI: 0000200000000340 RDI: 0000000000000003
[ 65.293898][ T5077] RBP: 00007f1470597090 R08: 0000000000000000 R09: 0000000000000000
[ 65.293912][ T5077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 65.293925][ T5077] R13: 0000000000000000 R14: 00007f1472155fa0 R15: 00007fff56a7d288
[ 65.293949][ T5077] </TASK>
[ 65.498065][ T5084] netlink: 'syz.5.545': attribute type 21 has an invalid length.
[ 65.584299][ T5093] team0 (unregistering): left promiscuous mode
[ 65.590586][ T5093] team_slave_0: left promiscuous mode
[ 65.594643][ T5091] loop5: detected capacity change from 0 to 8192
[ 65.596093][ T5093] team_slave_1: left promiscuous mode
[ 65.603698][ T5091] vfat: Unknown parameter '&�#�0��!�T�.yՄ����������*����#�'
[ 65.635297][ T5093] team0 (unregistering): Port device team_slave_0 removed
[ 65.661561][ T5093] team0 (unregistering): Port device team_slave_1 removed
[ 65.763069][ T5100] __nla_validate_parse: 1 callbacks suppressed
[ 65.763084][ T5100] netlink: 12 bytes leftover after parsing attributes in process `syz.5.550'.
[ 65.815539][ T5104] FAULT_INJECTION: forcing a failure.
[ 65.815539][ T5104] name failslab, interval 1, probability 0, space 0, times 0
[ 65.816653][ T5106] loop5: detected capacity change from 0 to 128
[ 65.828286][ T5104] CPU: 0 UID: 0 PID: 5104 Comm: syz.0.552 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 65.828320][ T5104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 65.828335][ T5104] Call Trace:
[ 65.828343][ T5104] <TASK>
[ 65.828352][ T5104] dump_stack_lvl+0xf6/0x150
[ 65.828385][ T5104] dump_stack+0x15/0x1a
[ 65.828408][ T5104] should_fail_ex+0x261/0x270
[ 65.828463][ T5104] should_failslab+0x8f/0xb0
[ 65.828598][ T5104] kmem_cache_alloc_bulk_noprof+0x60/0x4a0
[ 65.828719][ T5104] bpf_test_run_xdp_live+0xd00/0x1050
[ 65.828779][ T5104] ? synchronize_rcu_expedited+0x6d5/0x790
[ 65.828832][ T5104] ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 65.828861][ T5104] ? bpf_test_run_xdp_live+0x2b3/0x1050
[ 65.828962][ T5104] bpf_prog_test_run_xdp+0x526/0x8e0
[ 65.829032][ T5104] ? __rcu_read_unlock+0x4e/0x70
[ 65.829068][ T5104] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 65.829096][ T5104] bpf_prog_test_run+0x20e/0x3a0
[ 65.829138][ T5104] __sys_bpf+0x440/0x800
[ 65.829207][ T5104] __x64_sys_bpf+0x43/0x50
[ 65.829239][ T5104] x64_sys_call+0x23da/0x2e10
[ 65.829267][ T5104] do_syscall_64+0xc9/0x1a0
[ 65.829336][ T5104] ? clear_bhb_loop+0x25/0x80
[ 65.829363][ T5104] ? clear_bhb_loop+0x25/0x80
[ 65.829391][ T5104] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 65.829417][ T5104] RIP: 0033:0x7f1471f2e169
[ 65.829436][ T5104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 65.829469][ T5104] RSP: 002b:00007f1470597038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 65.829493][ T5104] RAX: ffffffffffffffda RBX: 00007f1472155fa0 RCX: 00007f1471f2e169
[ 65.829508][ T5104] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 65.829523][ T5104] RBP: 00007f1470597090 R08: 0000000000000000 R09: 0000000000000000
[ 65.829538][ T5104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 65.829619][ T5104] R13: 0000000000000000 R14: 00007f1472155fa0 R15: 00007fff56a7d288
[ 65.829645][ T5104] </TASK>
[ 66.045239][ T5106] bio_check_eod: 1 callbacks suppressed
[ 66.045252][ T5106] syz.5.553: attempt to access beyond end of device
[ 66.045252][ T5106] loop5: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 66.065749][ T5106] syz.5.553: attempt to access beyond end of device
[ 66.065749][ T5106] loop5: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 66.079740][ T5106] syz.5.553: attempt to access beyond end of device
[ 66.079740][ T5106] loop5: rw=2049, sector=177, nr_sectors = 1 limit=128
[ 66.176339][ T5115] netlink: 'syz.3.557': attribute type 21 has an invalid length.
[ 66.221261][ T5120] loop3: detected capacity change from 0 to 1024
[ 66.236621][ T5120] EXT4-fs: Ignoring removed nobh option
[ 66.242344][ T5120] EXT4-fs: Ignoring removed bh option
[ 66.258487][ T5120] ext4: Unknown parameter 'obj_role'
[ 66.296720][ T29] kauditd_printk_skb: 447 callbacks suppressed
[ 66.296737][ T29] audit: type=1326 audit(1745202985.126:5463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5119 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 66.326313][ T29] audit: type=1326 audit(1745202985.126:5464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5119 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 66.349730][ T29] audit: type=1326 audit(1745202985.126:5465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5119 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 66.373223][ T29] audit: type=1326 audit(1745202985.126:5466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5119 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 66.396641][ T29] audit: type=1326 audit(1745202985.126:5467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5119 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 66.420018][ T29] audit: type=1326 audit(1745202985.126:5469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5119 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 66.443429][ T29] audit: type=1326 audit(1745202985.126:5468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5119 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 66.458711][ T5125] syzkaller0: entered promiscuous mode
[ 66.466893][ T29] audit: type=1326 audit(1745202985.126:5470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5119 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 66.472362][ T5125] syzkaller0: entered allmulticast mode
[ 66.495648][ T29] audit: type=1326 audit(1745202985.126:5471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5119 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 66.495733][ T29] audit: type=1326 audit(1745202985.126:5472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5119 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd299c2e169 code=0x7ffc0000
[ 66.585012][ T5118] loop5: detected capacity change from 0 to 1024
[ 66.602723][ T5118] ext4: Unknown parameter 'audit'
[ 66.612862][ T5130] netlink: 'syz.1.561': attribute type 2 has an invalid length.
[ 66.665345][ T5135] tipc: Started in network mode
[ 66.670281][ T5135] tipc: Node identity ac14140f, cluster identity 4711
[ 66.677354][ T5135] tipc: New replicast peer: 255.255.255.255
[ 66.683424][ T5135] tipc: Enabled bearer <udp:s>, priority 10
[ 66.689403][ T5130] netlink: 132 bytes leftover after parsing attributes in process `syz.1.561'.
[ 66.871756][ T5149] loop4: detected capacity change from 0 to 128
[ 66.883587][ T5149] syz.4.568: attempt to access beyond end of device
[ 66.883587][ T5149] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 66.897108][ T5149] syz.4.568: attempt to access beyond end of device
[ 66.897108][ T5149] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 66.910767][ T5149] syz.4.568: attempt to access beyond end of device
[ 66.910767][ T5149] loop4: rw=2049, sector=177, nr_sectors = 1 limit=128
[ 66.992410][ T5157] loop3: detected capacity change from 0 to 512
[ 67.001811][ T5157] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[ 67.010027][ T5157] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[ 67.018787][ T5157] EXT4-fs (loop3): 1 truncate cleaned up
[ 67.027847][ T5157] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 67.046287][ T5161] loop4: detected capacity change from 0 to 164
[ 67.149031][ T5173] netlink: 12 bytes leftover after parsing attributes in process `syz.3.574'.
[ 67.173301][ T5175] loop4: detected capacity change from 0 to 128
[ 67.251455][ T5179] FAULT_INJECTION: forcing a failure.
[ 67.251455][ T5179] name failslab, interval 1, probability 0, space 0, times 0
[ 67.264256][ T5179] CPU: 0 UID: 0 PID: 5179 Comm: syz.3.580 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 67.264280][ T5179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 67.264292][ T5179] Call Trace:
[ 67.264297][ T5179] <TASK>
[ 67.264304][ T5179] dump_stack_lvl+0xf6/0x150
[ 67.264326][ T5179] dump_stack+0x15/0x1a
[ 67.264349][ T5179] should_fail_ex+0x261/0x270
[ 67.264372][ T5179] should_failslab+0x8f/0xb0
[ 67.264414][ T5179] __kmalloc_node_track_caller_noprof+0xaa/0x410
[ 67.264442][ T5179] ? sidtab_sid2str_get+0xb8/0x140
[ 67.264459][ T5179] ? skb_put+0xba/0x100
[ 67.264478][ T5179] kmemdup_noprof+0x2b/0x70
[ 67.264556][ T5179] sidtab_sid2str_get+0xb8/0x140
[ 67.264574][ T5179] security_sid_to_context_core+0x1eb/0x2f0
[ 67.264608][ T5179] security_sid_to_context+0x27/0x30
[ 67.264709][ T5179] avc_audit_post_callback+0x9f/0x540
[ 67.264742][ T5179] ? __pfx_avc_audit_post_callback+0x10/0x10
[ 67.264850][ T5179] common_lsm_audit+0x1c6/0x230
[ 67.264888][ T5179] ? __pfx_avc_audit_post_callback+0x10/0x10
[ 67.264921][ T5179] slow_avc_audit+0xff/0x140
[ 67.264997][ T5179] avc_has_perm+0x124/0x150
[ 67.265039][ T5179] sel_write_load+0xec/0x3c0
[ 67.265061][ T5179] ? __pfx_sel_write_load+0x10/0x10
[ 67.265093][ T5179] vfs_write+0x295/0x950
[ 67.265121][ T5179] ? putname+0xe1/0x100
[ 67.265171][ T5179] ? __fget_files+0x186/0x1c0
[ 67.265220][ T5179] ksys_write+0xeb/0x1b0
[ 67.265239][ T5179] __x64_sys_write+0x42/0x50
[ 67.265258][ T5179] x64_sys_call+0x2a45/0x2e10
[ 67.265282][ T5179] do_syscall_64+0xc9/0x1a0
[ 67.265312][ T5179] ? clear_bhb_loop+0x25/0x80
[ 67.265356][ T5179] ? clear_bhb_loop+0x25/0x80
[ 67.265382][ T5179] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 67.265403][ T5179] RIP: 0033:0x7fd299c2e169
[ 67.265467][ T5179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 67.265492][ T5179] RSP: 002b:00007fd298297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 67.265509][ T5179] RAX: ffffffffffffffda RBX: 00007fd299e55fa0 RCX: 00007fd299c2e169
[ 67.265519][ T5179] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[ 67.265530][ T5179] RBP: 00007fd298297090 R08: 0000000000000000 R09: 0000000000000000
[ 67.265540][ T5179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 67.265596][ T5179] R13: 0000000000000000 R14: 00007fd299e55fa0 R15: 00007fff01a995e8
[ 67.265615][ T5179] </TASK>
[ 67.512989][ T5179] SELinux: failed to load policy
[ 67.581587][ T5181] loop4: detected capacity change from 0 to 8192
[ 67.600594][ T5187] loop5: detected capacity change from 0 to 512
[ 67.637099][ T5187] EXT4-fs mount: 25 callbacks suppressed
[ 67.637117][ T5187] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 67.659172][ T5193] loop3: detected capacity change from 0 to 164
[ 67.665946][ T5191] loop1: detected capacity change from 0 to 512
[ 67.713649][ T5191] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[ 67.728651][ T4359] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 67.728985][ T5191] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[ 67.748178][ T5191] EXT4-fs (loop1): 1 truncate cleaned up
[ 67.754165][ T5191] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 67.784722][ T3391] tipc: Node number set to 2886997007
[ 67.803322][ T5191] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 67.835726][ T5210] loop5: detected capacity change from 0 to 128
[ 67.846256][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 67.871875][ T5214] loop1: detected capacity change from 0 to 128
[ 68.056272][ T5226] loop5: detected capacity change from 0 to 164
[ 68.136815][ T5231] loop5: detected capacity change from 0 to 512
[ 68.146589][ T5231] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 68.180298][ T4359] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 68.473958][ T5240] loop4: detected capacity change from 0 to 512
[ 68.482637][ T5240] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[ 68.490851][ T5240] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[ 68.499745][ T5240] EXT4-fs (loop4): 1 truncate cleaned up
[ 68.505863][ T5240] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 68.520796][ T5240] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 68.538918][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 68.649273][ T5247] loop4: detected capacity change from 0 to 128
[ 68.677522][ T5249] loop4: detected capacity change from 0 to 512
[ 68.684492][ T5249] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 68.706633][ T5249] EXT4-fs (loop4): 1 truncate cleaned up
[ 68.713073][ T5249] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 68.744040][ T5252] loop3: detected capacity change from 0 to 128
[ 68.882352][ T5261] FAULT_INJECTION: forcing a failure.
[ 68.882352][ T5261] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 68.895874][ T5261] CPU: 1 UID: 0 PID: 5261 Comm: syz.3.612 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 68.895969][ T5261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 68.896049][ T5261] Call Trace:
[ 68.896056][ T5261] <TASK>
[ 68.896065][ T5261] dump_stack_lvl+0xf6/0x150
[ 68.896089][ T5261] dump_stack+0x15/0x1a
[ 68.896107][ T5261] should_fail_ex+0x261/0x270
[ 68.896137][ T5261] should_fail_alloc_page+0xfd/0x110
[ 68.896161][ T5261] __alloc_frozen_pages_noprof+0x11d/0x360
[ 68.896218][ T5261] alloc_pages_mpol+0xb6/0x260
[ 68.896382][ T5261] alloc_migration_target_by_mpol+0x123/0x240
[ 68.896413][ T5261] migrate_pages_batch+0x324/0x1930
[ 68.896440][ T5261] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 68.896464][ T5261] ? kcsan_setup_watchpoint+0x404/0x410
[ 68.896515][ T5261] migrate_pages+0xf08/0x1850
[ 68.896543][ T5261] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 68.896640][ T5261] __se_sys_mbind+0xdf4/0xfe0
[ 68.896689][ T5261] ? vfs_write+0x669/0x950
[ 68.896716][ T5261] __x64_sys_mbind+0x78/0x90
[ 68.896762][ T5261] x64_sys_call+0x13be/0x2e10
[ 68.896789][ T5261] do_syscall_64+0xc9/0x1a0
[ 68.896818][ T5261] ? clear_bhb_loop+0x25/0x80
[ 68.896903][ T5261] ? clear_bhb_loop+0x25/0x80
[ 68.896930][ T5261] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.896956][ T5261] RIP: 0033:0x7fd299c2e169
[ 68.896974][ T5261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 68.897100][ T5261] RSP: 002b:00007fd298297038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[ 68.897117][ T5261] RAX: ffffffffffffffda RBX: 00007fd299e55fa0 RCX: 00007fd299c2e169
[ 68.897129][ T5261] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 0000200000000000
[ 68.897140][ T5261] RBP: 00007fd298297090 R08: 0000000000000000 R09: 0000000000000002
[ 68.897153][ T5261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 68.897167][ T5261] R13: 0000000000000000 R14: 00007fd299e55fa0 R15: 00007fff01a995e8
[ 68.897193][ T5261] </TASK>
[ 69.143629][ T5268] loop5: detected capacity change from 0 to 512
[ 69.163036][ T5268] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 69.184619][ T5268] EXT4-fs (loop5): 1 truncate cleaned up
[ 69.199393][ T5268] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 69.287017][ T5279] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 69.299954][ T5278] tipc: Resetting bearer <eth:syzkaller0>
[ 69.323659][ T5278] tipc: Disabling bearer <eth:syzkaller0>
[ 69.334290][ T5282] loop3: detected capacity change from 0 to 512
[ 69.342455][ T5282] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 69.372765][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 69.405186][ T5287] loop3: detected capacity change from 0 to 128
[ 69.523276][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 69.610200][ T5302] FAULT_INJECTION: forcing a failure.
[ 69.610200][ T5302] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 69.623326][ T5302] CPU: 0 UID: 0 PID: 5302 Comm: syz.4.628 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 69.623359][ T5302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 69.623372][ T5302] Call Trace:
[ 69.623378][ T5302] <TASK>
[ 69.623385][ T5302] dump_stack_lvl+0xf6/0x150
[ 69.623408][ T5302] dump_stack+0x15/0x1a
[ 69.623428][ T5302] should_fail_ex+0x261/0x270
[ 69.623519][ T5302] should_fail+0xb/0x10
[ 69.623543][ T5302] should_fail_usercopy+0x1a/0x20
[ 69.623642][ T5302] _copy_from_iter+0xd8/0xd10
[ 69.623666][ T5302] ? kmalloc_reserve+0x16e/0x190
[ 69.623684][ T5302] ? __build_skb_around+0x199/0x1f0
[ 69.623702][ T5302] ? __alloc_skb+0x227/0x320
[ 69.623718][ T5302] ? __virt_addr_valid+0x1ed/0x250
[ 69.623744][ T5302] ? __check_object_size+0x367/0x510
[ 69.623779][ T5302] netlink_sendmsg+0x492/0x720
[ 69.623803][ T5302] ? __pfx_netlink_sendmsg+0x10/0x10
[ 69.623822][ T5302] __sock_sendmsg+0x140/0x180
[ 69.623923][ T5302] ____sys_sendmsg+0x350/0x4e0
[ 69.623960][ T5302] __sys_sendmsg+0x1a0/0x240
[ 69.624004][ T5302] __x64_sys_sendmsg+0x46/0x50
[ 69.624026][ T5302] x64_sys_call+0x26f3/0x2e10
[ 69.624053][ T5302] do_syscall_64+0xc9/0x1a0
[ 69.624082][ T5302] ? clear_bhb_loop+0x25/0x80
[ 69.624153][ T5302] ? clear_bhb_loop+0x25/0x80
[ 69.624172][ T5302] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.624191][ T5302] RIP: 0033:0x7fe61a8fe169
[ 69.624207][ T5302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 69.624229][ T5302] RSP: 002b:00007fe618f67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 69.624251][ T5302] RAX: ffffffffffffffda RBX: 00007fe61ab25fa0 RCX: 00007fe61a8fe169
[ 69.624314][ T5302] RDX: 0000000000000000 RSI: 0000200000001ac0 RDI: 0000000000000004
[ 69.624329][ T5302] RBP: 00007fe618f67090 R08: 0000000000000000 R09: 0000000000000000
[ 69.624342][ T5302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 69.624357][ T5302] R13: 0000000000000000 R14: 00007fe61ab25fa0 R15: 00007ffce38a6008
[ 69.624381][ T5302] </TASK>
[ 69.843727][ T5303] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 69.882004][ T5306] loop4: detected capacity change from 0 to 128
[ 69.898010][ T5306] syz.4.629: attempt to access beyond end of device
[ 69.898010][ T5306] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 69.911598][ T5306] syz.4.629: attempt to access beyond end of device
[ 69.911598][ T5306] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 69.925227][ T5306] syz.4.629: attempt to access beyond end of device
[ 69.925227][ T5306] loop4: rw=2049, sector=177, nr_sectors = 1 limit=128
[ 69.941592][ T5303] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 69.987768][ T5303] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 70.000260][ T4359] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 70.040779][ T5303] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 70.064072][ T5313] FAULT_INJECTION: forcing a failure.
[ 70.064072][ T5313] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 70.077455][ T5313] CPU: 1 UID: 0 PID: 5313 Comm: syz.4.631 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 70.077513][ T5313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 70.077528][ T5313] Call Trace:
[ 70.077535][ T5313] <TASK>
[ 70.077545][ T5313] dump_stack_lvl+0xf6/0x150
[ 70.077574][ T5313] dump_stack+0x15/0x1a
[ 70.077594][ T5313] should_fail_ex+0x261/0x270
[ 70.077688][ T5313] should_fail_alloc_page+0xfd/0x110
[ 70.077715][ T5313] __alloc_frozen_pages_noprof+0x11d/0x360
[ 70.077742][ T5313] alloc_pages_mpol+0xb6/0x260
[ 70.077795][ T5313] vma_alloc_folio_noprof+0x19c/0x300
[ 70.077826][ T5313] handle_mm_fault+0xdda/0x2e80
[ 70.077850][ T5313] ? __rcu_read_lock+0x36/0x50
[ 70.077958][ T5313] ? __pte_offset_map_lock+0x1d3/0x290
[ 70.078028][ T5313] __get_user_pages+0xf4e/0x2340
[ 70.078130][ T5313] __gup_longterm_locked+0x943/0xfb0
[ 70.078168][ T5313] ? selinux_ptrace_access_check+0x106/0x120
[ 70.078273][ T5313] ? down_read+0x173/0x4c0
[ 70.078314][ T5313] ? __ptrace_may_access+0x2cb/0x350
[ 70.078335][ T5313] pin_user_pages_remote+0x81/0xc0
[ 70.078473][ T5313] process_vm_rw+0x477/0x840
[ 70.078584][ T5313] ? kstrtouint+0x7b/0xc0
[ 70.078635][ T5313] ? ksys_write+0x180/0x1b0
[ 70.078735][ T5313] __x64_sys_process_vm_writev+0x7a/0x90
[ 70.078774][ T5313] x64_sys_call+0xaf3/0x2e10
[ 70.078830][ T5313] do_syscall_64+0xc9/0x1a0
[ 70.078860][ T5313] ? clear_bhb_loop+0x25/0x80
[ 70.078884][ T5313] ? clear_bhb_loop+0x25/0x80
[ 70.078910][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.078936][ T5313] RIP: 0033:0x7fe61a8fe169
[ 70.078978][ T5313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 70.078999][ T5313] RSP: 002b:00007fe618f67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[ 70.079020][ T5313] RAX: ffffffffffffffda RBX: 00007fe61ab25fa0 RCX: 00007fe61a8fe169
[ 70.079031][ T5313] RDX: 0000000000000001 RSI: 0000200000001c80 RDI: 0000000000000171
[ 70.079042][ T5313] RBP: 00007fe618f67090 R08: 0000000000000001 R09: 0000000000000000
[ 70.079053][ T5313] R10: 0000200000001d80 R11: 0000000000000246 R12: 0000000000000001
[ 70.079112][ T5313] R13: 0000000000000000 R14: 00007fe61ab25fa0 R15: 00007ffce38a6008
[ 70.079135][ T5313] </TASK>
[ 70.091538][ T5316] loop5: detected capacity change from 0 to 512
[ 70.132844][ T5319] loop1: detected capacity change from 0 to 512
[ 70.159794][ T5316] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 70.191207][ T5319] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[ 70.216498][ T5324] syzkaller0: entered allmulticast mode
[ 70.280777][ T5319] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[ 70.312163][ T5325] syzkaller0: entered promiscuous mode
[ 70.327528][ T5319] EXT4-fs (loop1): 1 truncate cleaned up
[ 70.372433][ T4359] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 70.373867][ T5319] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 70.382583][ T5324] syzkaller0 (unregistering): left promiscuous mode
[ 70.400589][ T5324] syzkaller0 (unregistering): left allmulticast mode
[ 70.409808][ T5319] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 70.439066][ T5330] loop5: detected capacity change from 0 to 164
[ 70.452169][ T5303] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 70.464085][ T5303] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 70.472948][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 70.476083][ T5303] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 70.493643][ T5303] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 70.535963][ T5335] loop1: detected capacity change from 0 to 164
[ 70.558822][ T5337] loop5: detected capacity change from 0 to 512
[ 70.561719][ T5338] hub 9-0:1.0: USB hub found
[ 70.570601][ T5338] hub 9-0:1.0: 8 ports detected
[ 70.589239][ T5337] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 70.619516][ T5337] EXT4-fs (loop5): 1 truncate cleaned up
[ 70.625639][ T5337] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 70.662462][ T5351] netlink: 12 bytes leftover after parsing attributes in process `syz.1.644'.
[ 70.679018][ T5352] netlink: 20 bytes leftover after parsing attributes in process `syz.0.645'.
[ 70.862944][ T5365] loop3: detected capacity change from 0 to 512
[ 70.882240][ T5365] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[ 70.891310][ T5365] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[ 70.901595][ T5365] EXT4-fs (loop3): 1 truncate cleaned up
[ 70.908134][ T5365] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 70.927350][ T5365] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 70.947552][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 71.055367][ T5374] loop4: detected capacity change from 0 to 2048
[ 71.063069][ T5374] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[ 71.147857][ T5382] loop4: detected capacity change from 0 to 512
[ 71.155865][ T5382] EXT4-fs: Ignoring removed i_version option
[ 71.162276][ T5382] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 71.184229][ T5382] EXT4-fs (loop4): 1 truncate cleaned up
[ 71.190864][ T5382] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 71.255229][ T5387] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 71.264606][ T5387] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 71.366537][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 71.420199][ T5393] netlink: 12 bytes leftover after parsing attributes in process `syz.4.657'.
[ 71.433575][ T4359] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 71.483694][ T5395] loop5: detected capacity change from 0 to 164
[ 71.504284][ T29] kauditd_printk_skb: 810 callbacks suppressed
[ 71.504341][ T29] audit: type=1400 audit(1745202990.336:6281): avc: denied { write } for pid=5396 comm="syz.4.659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 71.551956][ T29] audit: type=1400 audit(1745202990.366:6282): avc: denied { read } for pid=5396 comm="syz.4.659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 71.571313][ T29] audit: type=1326 audit(1745202990.386:6283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5398 comm="syz.5.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ac6be169 code=0x7ffc0000
[ 71.594743][ T29] audit: type=1326 audit(1745202990.386:6284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5398 comm="syz.5.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ac6be169 code=0x7ffc0000
[ 71.618134][ T29] audit: type=1326 audit(1745202990.386:6285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5398 comm="syz.5.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6ac6be169 code=0x7ffc0000
[ 71.641606][ T29] audit: type=1326 audit(1745202990.386:6286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5398 comm="syz.5.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ac6be169 code=0x7ffc0000
[ 71.665043][ T29] audit: type=1326 audit(1745202990.386:6287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5398 comm="syz.5.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ac6be169 code=0x7ffc0000
[ 71.688494][ T29] audit: type=1326 audit(1745202990.386:6288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5398 comm="syz.5.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6ac6be169 code=0x7ffc0000
[ 71.692276][ T5403] loop1: detected capacity change from 0 to 512
[ 71.711810][ T29] audit: type=1326 audit(1745202990.386:6289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5398 comm="syz.5.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ac6be169 code=0x7ffc0000
[ 71.711849][ T29] audit: type=1326 audit(1745202990.386:6290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5398 comm="syz.5.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6ac6be169 code=0x7ffc0000
[ 71.767165][ T5403] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[ 71.775225][ T5403] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[ 71.783869][ T5403] EXT4-fs (loop1): 1 truncate cleaned up
[ 71.785433][ T5397] loop4: detected capacity change from 0 to 1024
[ 71.790260][ T5403] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 71.810627][ T5397] ext4: Unknown parameter 'audit'
[ 71.842112][ T5403] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 71.858904][ T5410] netlink: 'syz.5.664': attribute type 21 has an invalid length.
[ 71.870548][ T5410] loop5: detected capacity change from 0 to 512
[ 71.878228][ T5410] ext4: Unknown parameter 'fowner<18446744073709551615'
[ 71.913459][ T5412] loop5: detected capacity change from 0 to 128
[ 71.932716][ T5412] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 71.945491][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 71.947997][ T5412] ext4 filesystem being mounted at /56/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 72.060597][ T4359] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 72.091578][ T5419] loop5: detected capacity change from 0 to 512
[ 72.099664][ T5419] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 72.123681][ T5419] EXT4-fs (loop5): 1 truncate cleaned up
[ 72.140441][ T5419] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 72.341188][ T5426] netlink: 12 bytes leftover after parsing attributes in process `syz.4.669'.
[ 72.369859][ T5428] loop4: detected capacity change from 0 to 164
[ 72.507792][ T5442] netlink: 'syz.4.675': attribute type 21 has an invalid length.
[ 72.520607][ T5442] loop4: detected capacity change from 0 to 512
[ 72.527908][ T5442] ext4: Unknown parameter 'fowner<18446744073709551615'
[ 72.560874][ T5444] loop4: detected capacity change from 0 to 512
[ 72.571204][ T5444] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[ 72.579637][ T5444] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[ 72.589615][ T5444] EXT4-fs (loop4): 1 truncate cleaned up
[ 72.597429][ T5444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 72.611888][ T5444] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 72.630994][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 72.668610][ T5447] tipc: Started in network mode
[ 72.673619][ T5447] tipc: Node identity f6c46a6e7ed9, cluster identity 4711
[ 72.680992][ T5447] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 72.689414][ T5446] tipc: Resetting bearer <eth:syzkaller0>
[ 72.703605][ T5446] tipc: Disabling bearer <eth:syzkaller0>
[ 72.734087][ T5456] netlink: 12 bytes leftover after parsing attributes in process `syz.0.680'.
[ 72.762827][ T5459] loop4: detected capacity change from 0 to 164
[ 72.791788][ T5462] FAULT_INJECTION: forcing a failure.
[ 72.791788][ T5462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 72.804962][ T5462] CPU: 1 UID: 0 PID: 5462 Comm: syz.4.683 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 72.805006][ T5462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 72.805019][ T5462] Call Trace:
[ 72.805025][ T5462] <TASK>
[ 72.805032][ T5462] dump_stack_lvl+0xf6/0x150
[ 72.805055][ T5462] dump_stack+0x15/0x1a
[ 72.805073][ T5462] should_fail_ex+0x261/0x270
[ 72.805097][ T5462] should_fail+0xb/0x10
[ 72.805200][ T5462] should_fail_usercopy+0x1a/0x20
[ 72.805224][ T5462] _copy_from_user+0x1c/0xa0
[ 72.805256][ T5462] copy_msghdr_from_user+0x54/0x2b0
[ 72.805315][ T5462] ? __fget_files+0x186/0x1c0
[ 72.805338][ T5462] __sys_sendmsg+0x141/0x240
[ 72.805380][ T5462] __x64_sys_sendmsg+0x46/0x50
[ 72.805450][ T5462] x64_sys_call+0x26f3/0x2e10
[ 72.805476][ T5462] do_syscall_64+0xc9/0x1a0
[ 72.805508][ T5462] ? clear_bhb_loop+0x25/0x80
[ 72.805580][ T5462] ? clear_bhb_loop+0x25/0x80
[ 72.805609][ T5462] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 72.805636][ T5462] RIP: 0033:0x7fe61a8fe169
[ 72.805662][ T5462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 72.805684][ T5462] RSP: 002b:00007fe618f67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 72.805771][ T5462] RAX: ffffffffffffffda RBX: 00007fe61ab25fa0 RCX: 00007fe61a8fe169
[ 72.805782][ T5462] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000006
[ 72.805794][ T5462] RBP: 00007fe618f67090 R08: 0000000000000000 R09: 0000000000000000
[ 72.805808][ T5462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 72.805865][ T5462] R13: 0000000000000000 R14: 00007fe61ab25fa0 R15: 00007ffce38a6008
[ 72.805891][ T5462] </TASK>
[ 73.035988][ T5472] netlink: 'syz.0.686': attribute type 21 has an invalid length.
[ 73.046938][ T4359] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 73.222327][ T5492] bond1: entered promiscuous mode
[ 73.227593][ T5492] bond1: entered allmulticast mode
[ 73.245245][ T5492] 8021q: adding VLAN 0 to HW filter on device bond1
[ 73.246659][ T5500] program syz.3.699 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 73.284931][ T5504] loop4: detected capacity change from 0 to 512
[ 73.292737][ T5504] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 73.294638][ T5500] openvswitch: netlink: Message has 6 unknown bytes.
[ 73.310777][ T5492] bond1 (unregistering): Released all slaves
[ 73.341404][ T5504] EXT4-fs (loop4): 1 truncate cleaned up
[ 73.350443][ T5504] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 73.584225][ T5524] loop3: detected capacity change from 0 to 1024
[ 73.592048][ T5524] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (47942!=20869)
[ 73.601969][ T5524] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 73.613062][ T5524] EXT4-fs (loop3): invalid journal inode
[ 73.618930][ T5524] EXT4-fs (loop3): can't get journal size
[ 73.625665][ T5524] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 73.639566][ T5524] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1296 sclass=netlink_route_socket pid=5524 comm=syz.3.709
[ 73.676488][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 73.718695][ T5545] loop3: detected capacity change from 0 to 512
[ 73.736444][ T5545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 73.749367][ T5545] ext4 filesystem being mounted at /139/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 73.762647][ T5545] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #4: comm syz.3.715: corrupted inode contents
[ 73.774743][ T5545] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #4: comm syz.3.715: mark_inode_dirty error
[ 73.786534][ T5545] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #4: comm syz.3.715: corrupted inode contents
[ 73.798557][ T5545] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #4: comm syz.3.715: mark_inode_dirty error
[ 73.810094][ T5545] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.715: Failed to acquire dquot type 1
[ 73.832665][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 74.212811][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 74.558939][ T5565] netlink: 'syz.0.723': attribute type 21 has an invalid length.
[ 74.576756][ T5569] loop5: detected capacity change from 0 to 512
[ 74.585195][ T5569] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 74.840213][ T4359] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 74.940998][ T5579] loop4: detected capacity change from 0 to 512
[ 74.993237][ T5579] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 75.062608][ T5579] EXT4-fs (loop4): 1 truncate cleaned up
[ 75.069619][ T5579] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 75.388443][ T5604] loop3: detected capacity change from 0 to 512
[ 75.416930][ T5604] EXT4-fs (loop3): too many log groups per flexible block group
[ 75.424688][ T5604] EXT4-fs (loop3): failed to initialize mballoc (-12)
[ 75.431631][ T5604] EXT4-fs (loop3): mount failed
[ 75.891206][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 75.926496][ T5622] FAULT_INJECTION: forcing a failure.
[ 75.926496][ T5622] name failslab, interval 1, probability 0, space 0, times 0
[ 75.928160][ T5623] netlink: 'syz.4.744': attribute type 33 has an invalid length.
[ 75.939231][ T5622] CPU: 1 UID: 0 PID: 5622 Comm: syz.5.745 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 75.939332][ T5622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 75.939348][ T5622] Call Trace:
[ 75.939356][ T5622] <TASK>
[ 75.939367][ T5622] dump_stack_lvl+0xf6/0x150
[ 75.939400][ T5622] dump_stack+0x15/0x1a
[ 75.939456][ T5622] should_fail_ex+0x261/0x270
[ 75.939489][ T5622] should_failslab+0x8f/0xb0
[ 75.939517][ T5622] __kmalloc_noprof+0xad/0x410
[ 75.939552][ T5622] ? genl_family_rcv_msg_attrs_parse+0x75/0x1a0
[ 75.939590][ T5622] ? nlmon_xmit+0x51/0x60
[ 75.939755][ T5622] genl_family_rcv_msg_attrs_parse+0x75/0x1a0
[ 75.939793][ T5622] ? radix_tree_lookup+0xfc/0x150
[ 75.939833][ T5622] genl_rcv_msg+0x486/0x6f0
[ 75.939868][ T5622] ? __pfx_devlink_nl_notify_filter_set_doit+0x10/0x10
[ 75.939917][ T5622] ? __dev_queue_xmit+0xb76/0x20b0
[ 75.940022][ T5622] ? should_fail_ex+0xd7/0x270
[ 75.940046][ T5622] ? ref_tracker_free+0x3b8/0x420
[ 75.940070][ T5622] netlink_rcv_skb+0x12f/0x230
[ 75.940097][ T5622] ? __pfx_genl_rcv_msg+0x10/0x10
[ 75.940164][ T5622] genl_rcv+0x28/0x40
[ 75.940194][ T5622] netlink_unicast+0x605/0x6c0
[ 75.940239][ T5622] netlink_sendmsg+0x609/0x720
[ 75.940273][ T5622] ? __pfx_netlink_sendmsg+0x10/0x10
[ 75.940299][ T5622] __sock_sendmsg+0x140/0x180
[ 75.940373][ T5622] ____sys_sendmsg+0x350/0x4e0
[ 75.940476][ T5622] __sys_sendmsg+0x1a0/0x240
[ 75.940532][ T5622] __x64_sys_sendmsg+0x46/0x50
[ 75.940562][ T5622] x64_sys_call+0x26f3/0x2e10
[ 75.940670][ T5622] do_syscall_64+0xc9/0x1a0
[ 75.940707][ T5622] ? clear_bhb_loop+0x25/0x80
[ 75.940748][ T5622] ? clear_bhb_loop+0x25/0x80
[ 75.940836][ T5622] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 75.940864][ T5622] RIP: 0033:0x7fa6ac6be169
[ 75.940883][ T5622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 75.940905][ T5622] RSP: 002b:00007fa6aad27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 75.940928][ T5622] RAX: ffffffffffffffda RBX: 00007fa6ac8e5fa0 RCX: 00007fa6ac6be169
[ 75.941018][ T5622] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004
[ 75.941033][ T5622] RBP: 00007fa6aad27090 R08: 0000000000000000 R09: 0000000000000000
[ 75.941056][ T5622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 75.941070][ T5622] R13: 0000000000000000 R14: 00007fa6ac8e5fa0 R15: 00007ffc5ed2d508
[ 75.941135][ T5622] </TASK>
[ 76.088835][ T5635] netlink: 'syz.5.749': attribute type 21 has an invalid length.
[ 76.091048][ T5623] netlink: 152 bytes leftover after parsing attributes in process `syz.4.744'.
[ 76.157917][ T5623] netlink: 4 bytes leftover after parsing attributes in process `syz.4.744'.
[ 76.177114][ T5638] loop5: detected capacity change from 0 to 512
[ 76.228814][ T5638] ext4: Unknown parameter 'fowner<18446744073709551615'
[ 76.269577][ T5641] loop5: detected capacity change from 0 to 512
[ 76.289187][ T5644] netlink: 16 bytes leftover after parsing attributes in process `syz.1.752'.
[ 76.299144][ T5641] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 76.337563][ T4359] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 76.352786][ T5648] loop1: detected capacity change from 0 to 512
[ 76.362114][ T5648] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 76.396257][ T5648] EXT4-fs (loop1): 1 truncate cleaned up
[ 76.404722][ T5648] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 76.437510][ T5659] loop3: detected capacity change from 0 to 128
[ 76.465780][ T5663] netlink: 'syz.0.761': attribute type 21 has an invalid length.
[ 76.558500][ T5674] loop3: detected capacity change from 0 to 128
[ 76.581836][ T5674] netlink: 'syz.3.766': attribute type 10 has an invalid length.
[ 76.583236][ T29] kauditd_printk_skb: 492 callbacks suppressed
[ 76.583252][ T29] audit: type=1400 audit(1745202995.366:6780): avc: denied { write } for pid=5668 comm="syz.0.764" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 76.618639][ T29] audit: type=1400 audit(1745202995.366:6781): avc: denied { open } for pid=5668 comm="syz.0.764" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 76.641790][ T29] audit: type=1400 audit(1745202995.366:6782): avc: denied { ioctl } for pid=5668 comm="syz.0.764" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 76.666454][ T29] audit: type=1400 audit(1745202995.416:6783): avc: denied { read append } for pid=5671 comm="syz.3.766" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 76.749708][ T29] audit: type=1326 audit(1745202995.586:6784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 76.775092][ T5680] FAULT_INJECTION: forcing a failure.
[ 76.775092][ T5680] name failslab, interval 1, probability 0, space 0, times 0
[ 76.787791][ T5680] CPU: 1 UID: 0 PID: 5680 Comm: syz.4.767 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 76.787821][ T5680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 76.787886][ T5680] Call Trace:
[ 76.787893][ T5680] <TASK>
[ 76.787902][ T5680] dump_stack_lvl+0xf6/0x150
[ 76.787926][ T5680] dump_stack+0x15/0x1a
[ 76.787941][ T5680] should_fail_ex+0x261/0x270
[ 76.787963][ T5680] should_failslab+0x8f/0xb0
[ 76.787996][ T5680] __kmalloc_cache_noprof+0x55/0x320
[ 76.788028][ T5680] ? audit_log_d_path+0x8e/0x150
[ 76.788057][ T5680] audit_log_d_path+0x8e/0x150
[ 76.788128][ T5680] audit_log_d_path_exe+0x42/0x70
[ 76.788201][ T5680] audit_log_task+0x1f1/0x250
[ 76.788229][ T5680] ? kstrtouint+0x7b/0xc0
[ 76.788256][ T5680] audit_seccomp+0x62/0x100
[ 76.788283][ T5680] __seccomp_filter+0x694/0x10e0
[ 76.788310][ T5680] ? vfs_write+0x669/0x950
[ 76.788330][ T5680] ? putname+0xe1/0x100
[ 76.788384][ T5680] __secure_computing+0x7e/0x150
[ 76.788408][ T5680] syscall_trace_enter+0xcf/0x1f0
[ 76.788455][ T5680] ? fpregs_assert_state_consistent+0x83/0xa0
[ 76.788493][ T5680] do_syscall_64+0xaa/0x1a0
[ 76.788522][ T5680] ? clear_bhb_loop+0x25/0x80
[ 76.788543][ T5680] ? clear_bhb_loop+0x25/0x80
[ 76.788562][ T5680] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.788629][ T5680] RIP: 0033:0x7fe61a8fe169
[ 76.788646][ T5680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 76.788667][ T5680] RSP: 002b:00007fe618f67038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b8
[ 76.788783][ T5680] RAX: ffffffffffffffda RBX: 00007fe61ab25fa0 RCX: 00007fe61a8fe169
[ 76.788797][ T5680] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[ 76.788810][ T5680] RBP: 00007fe618f67090 R08: 0000000000000000 R09: 0000000000000000
[ 76.788823][ T5680] R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001
[ 76.788837][ T5680] R13: 0000000000000000 R14: 00007fe61ab25fa0 R15: 00007ffce38a6008
[ 76.788861][ T5680] </TASK>
[ 76.790218][ T29] audit: type=1326 audit(1745202995.606:6785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 77.020151][ T29] audit: type=1326 audit(1745202995.606:6786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 77.043492][ T29] audit: type=1326 audit(1745202995.606:6787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 77.066862][ T29] audit: type=1326 audit(1745202995.606:6788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 77.090335][ T29] audit: type=1326 audit(1745202995.606:6789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61a8fe169 code=0x7ffc0000
[ 77.231732][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 77.244032][ T5690] loop5: detected capacity change from 0 to 128
[ 77.279433][ T5690] syz.5.771: attempt to access beyond end of device
[ 77.279433][ T5690] loop5: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 77.303064][ T5690] syz.5.771: attempt to access beyond end of device
[ 77.303064][ T5690] loop5: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 77.318288][ T5690] syz.5.771: attempt to access beyond end of device
[ 77.318288][ T5690] loop5: rw=2049, sector=177, nr_sectors = 1 limit=128
[ 77.416089][ T5704] netlink: 'syz.1.777': attribute type 21 has an invalid length.
[ 77.438148][ T5704] loop1: detected capacity change from 0 to 512
[ 77.449630][ T5704] ext4: Unknown parameter 'fowner<18446744073709551615'
[ 77.513748][ T5713] loop5: detected capacity change from 0 to 512
[ 77.524390][ T5715] netlink: 12 bytes leftover after parsing attributes in process `syz.0.782'.
[ 77.534320][ T5713] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[ 77.543108][ T5713] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[ 77.566981][ T5713] EXT4-fs (loop5): 1 truncate cleaned up
[ 77.573037][ T5713] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 77.592303][ T5713] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 77.614910][ T4359] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 77.651933][ T5731] loop1: detected capacity change from 0 to 128
[ 77.727654][ T5737] bridge0: entered promiscuous mode
[ 77.734751][ T5737] bridge0: port 3(macsec1) entered blocking state
[ 77.741236][ T5737] bridge0: port 3(macsec1) entered disabled state
[ 77.744626][ T5743] netlink: 12 bytes leftover after parsing attributes in process `syz.0.794'.
[ 77.754805][ T5737] macsec1: entered allmulticast mode
[ 77.762061][ T5737] bridge0: entered allmulticast mode
[ 77.768177][ T5741] netlink: 16 bytes leftover after parsing attributes in process `syz.4.793'.
[ 77.777559][ T5737] macsec1: left allmulticast mode
[ 77.782715][ T5737] bridge0: left allmulticast mode
[ 77.823743][ T5737] bridge0: left promiscuous mode
[ 77.829727][ T5753] FAULT_INJECTION: forcing a failure.
[ 77.829727][ T5753] name failslab, interval 1, probability 0, space 0, times 0
[ 77.842446][ T5753] CPU: 1 UID: 0 PID: 5753 Comm: syz.0.797 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 77.842472][ T5753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 77.842515][ T5753] Call Trace:
[ 77.842522][ T5753] <TASK>
[ 77.842530][ T5753] dump_stack_lvl+0xf6/0x150
[ 77.842558][ T5753] dump_stack+0x15/0x1a
[ 77.842573][ T5753] should_fail_ex+0x261/0x270
[ 77.842618][ T5753] should_failslab+0x8f/0xb0
[ 77.842645][ T5753] __kmalloc_cache_noprof+0x55/0x320
[ 77.842680][ T5753] ? p9_client_create+0x5a/0xbb0
[ 77.842711][ T5753] p9_client_create+0x5a/0xbb0
[ 77.842751][ T5753] ? should_failslab+0x8f/0xb0
[ 77.842778][ T5753] ? __kmalloc_node_track_caller_noprof+0x1ed/0x410
[ 77.842881][ T5753] ? v9fs_session_init+0x7b/0xdb0
[ 77.842908][ T5753] v9fs_session_init+0xfb/0xdb0
[ 77.842934][ T5753] ? obj_cgroup_charge+0xc6/0x170
[ 77.842985][ T5753] ? should_fail_ex+0xd7/0x270
[ 77.843015][ T5753] ? should_failslab+0x8f/0xb0
[ 77.843041][ T5753] ? __kmalloc_cache_noprof+0x18d/0x320
[ 77.843118][ T5753] ? v9fs_mount+0x56/0x580
[ 77.843144][ T5753] v9fs_mount+0x6c/0x580
[ 77.843178][ T5753] ? __pfx_v9fs_mount+0x10/0x10
[ 77.843202][ T5753] legacy_get_tree+0x77/0xd0
[ 77.843231][ T5753] vfs_get_tree+0x56/0x1e0
[ 77.843321][ T5753] do_new_mount+0x246/0x6b0
[ 77.843340][ T5753] path_mount+0x49b/0xb30
[ 77.843372][ T5753] __se_sys_mount+0x28f/0x2e0
[ 77.843450][ T5753] __x64_sys_mount+0x67/0x80
[ 77.843474][ T5753] x64_sys_call+0xd11/0x2e10
[ 77.843499][ T5753] do_syscall_64+0xc9/0x1a0
[ 77.843547][ T5753] ? clear_bhb_loop+0x25/0x80
[ 77.843566][ T5753] ? clear_bhb_loop+0x25/0x80
[ 77.843584][ T5753] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.843668][ T5753] RIP: 0033:0x7f1471f2e169
[ 77.843681][ T5753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 77.843696][ T5753] RSP: 002b:00007f1470597038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 77.843712][ T5753] RAX: ffffffffffffffda RBX: 00007f1472155fa0 RCX: 00007f1471f2e169
[ 77.843771][ T5753] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[ 77.843781][ T5753] RBP: 00007f1470597090 R08: 0000200000000240 R09: 0000000000000000
[ 77.843791][ T5753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 77.843801][ T5753] R13: 0000000000000000 R14: 00007f1472155fa0 R15: 00007fff56a7d288
[ 77.843820][ T5753] </TASK>
[ 78.092689][ T5757] syzkaller0: entered promiscuous mode
[ 78.098243][ T5757] syzkaller0: entered allmulticast mode
[ 78.143467][ T5769] loop1: detected capacity change from 0 to 128
[ 78.321921][ T5795] loop4: detected capacity change from 0 to 512
[ 78.362083][ T5795] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.804: Failed to acquire dquot type 1
[ 78.380295][ T5798] loop3: detected capacity change from 0 to 1024
[ 78.411303][ T5795] EXT4-fs (loop4): 1 truncate cleaned up
[ 78.427158][ T5795] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 78.440062][ T5798] ext4: Unknown parameter 'euid'
[ 78.513597][ T5795] ext4 filesystem being mounted at /177/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 78.580347][ T5826] loop1: detected capacity change from 0 to 512
[ 78.608949][ T5826] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 78.624790][ T5826] EXT4-fs error (device loop1): ext4_orphan_get:1416: comm wޣ���: bad orphan inode 13
[ 78.631663][ T5834] loop5: detected capacity change from 0 to 128
[ 78.641923][ T5826] ext4_test_bit(bit=12, block=18) = 1
[ 78.647530][ T5826] is_bad_inode(inode)=0
[ 78.651765][ T5826] NEXT_ORPHAN(inode)=2130706432
[ 78.656695][ T5826] max_ino=32
[ 78.659905][ T5826] i_nlink=1
[ 78.663593][ T5826] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 78.668689][ T5838] loop3: detected capacity change from 0 to 512
[ 78.678597][ T5826] FAULT_INJECTION: forcing a failure.
[ 78.678597][ T5826] name failslab, interval 1, probability 0, space 0, times 0
[ 78.684127][ T5838] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 78.694986][ T5826] CPU: 1 UID: 0 PID: 5826 Comm: wޣ��� Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 78.695027][ T5826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 78.695120][ T5826] Call Trace:
[ 78.695128][ T5826] <TASK>
[ 78.695139][ T5826] dump_stack_lvl+0xf6/0x150
[ 78.695204][ T5826] dump_stack+0x15/0x1a
[ 78.695225][ T5826] should_fail_ex+0x261/0x270
[ 78.695255][ T5826] should_failslab+0x8f/0xb0
[ 78.695283][ T5826] kmem_cache_alloc_noprof+0x59/0x340
[ 78.695390][ T5826] ? security_file_alloc+0x32/0x100
[ 78.695432][ T5826] security_file_alloc+0x32/0x100
[ 78.695493][ T5826] init_file+0x5e/0x1e0
[ 78.695525][ T5826] alloc_empty_file+0x8e/0x200
[ 78.695558][ T5826] path_openat+0x6f/0x2000
[ 78.695598][ T5826] ? selinux_file_open+0x356/0x3c0
[ 78.695693][ T5826] ? __rcu_read_unlock+0x4e/0x70
[ 78.695737][ T5826] ? mntput_no_expire+0x73/0x3e0
[ 78.695778][ T5826] do_filp_open+0x115/0x240
[ 78.695830][ T5826] do_open_execat+0xd5/0x280
[ 78.695902][ T5826] open_exec+0x3d/0x60
[ 78.695936][ T5826] bm_register_write+0x878/0xb70
[ 78.695964][ T5826] ? __pfx_bm_register_write+0x10/0x10
[ 78.696005][ T5826] vfs_write+0x295/0x950
[ 78.696026][ T5826] ? putname+0xe1/0x100
[ 78.696054][ T5826] ? __fget_files+0x186/0x1c0
[ 78.696128][ T5826] ksys_write+0xeb/0x1b0
[ 78.696228][ T5826] __x64_sys_write+0x42/0x50
[ 78.696251][ T5826] x64_sys_call+0x2a45/0x2e10
[ 78.696278][ T5826] do_syscall_64+0xc9/0x1a0
[ 78.696308][ T5826] ? clear_bhb_loop+0x25/0x80
[ 78.696361][ T5826] ? clear_bhb_loop+0x25/0x80
[ 78.696389][ T5826] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 78.696470][ T5826] RIP: 0033:0x7f967d5ce169
[ 78.696490][ T5826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 78.696513][ T5826] RSP: 002b:00007f967bc37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 78.696537][ T5826] RAX: ffffffffffffffda RBX: 00007f967d7f5fa0 RCX: 00007f967d5ce169
[ 78.696554][ T5826] RDX: 0000000000000032 RSI: 0000200000000440 RDI: 0000000000000005
[ 78.696569][ T5826] RBP: 00007f967bc37090 R08: 0000000000000000 R09: 0000000000000000
[ 78.696585][ T5826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 78.696600][ T5826] R13: 0000000000000000 R14: 00007f967d7f5fa0 R15: 00007ffd00102d08
[ 78.696630][ T5826] </TASK>
[ 78.696647][ T5826] binfmt_misc: register: failed to install interpreter file ./file2
[ 78.952713][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 78.971311][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 78.983041][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 79.006182][ T5844] loop1: detected capacity change from 0 to 128
[ 79.039021][ T5844] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[ 79.051732][ T5844] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 79.075419][ T5851] FAULT_INJECTION: forcing a failure.
[ 79.075419][ T5851] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 79.088740][ T5851] CPU: 0 UID: 0 PID: 5851 Comm: syz.4.834 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 79.088791][ T5851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 79.088806][ T5851] Call Trace:
[ 79.088813][ T5851] <TASK>
[ 79.088822][ T5851] dump_stack_lvl+0xf6/0x150
[ 79.088849][ T5851] dump_stack+0x15/0x1a
[ 79.088864][ T5851] should_fail_ex+0x261/0x270
[ 79.088887][ T5851] should_fail+0xb/0x10
[ 79.088957][ T5851] should_fail_usercopy+0x1a/0x20
[ 79.088980][ T5851] _copy_from_iter+0xd8/0xd10
[ 79.089085][ T5851] ? kmalloc_reserve+0x16e/0x190
[ 79.089107][ T5851] ? __build_skb_around+0x199/0x1f0
[ 79.089130][ T5851] ? __alloc_skb+0x227/0x320
[ 79.089145][ T5851] ? __virt_addr_valid+0x1ed/0x250
[ 79.089162][ T5851] ? __check_object_size+0x367/0x510
[ 79.089260][ T5851] netlink_sendmsg+0x492/0x720
[ 79.089299][ T5851] ? __pfx_netlink_sendmsg+0x10/0x10
[ 79.089324][ T5851] __sock_sendmsg+0x140/0x180
[ 79.089358][ T5851] __sys_sendto+0x1aa/0x230
[ 79.089394][ T5851] __x64_sys_sendto+0x78/0x90
[ 79.089453][ T5851] x64_sys_call+0x2bcb/0x2e10
[ 79.089478][ T5851] do_syscall_64+0xc9/0x1a0
[ 79.089503][ T5851] ? clear_bhb_loop+0x25/0x80
[ 79.089522][ T5851] ? clear_bhb_loop+0x25/0x80
[ 79.089636][ T5851] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 79.089659][ T5851] RIP: 0033:0x7fe61a8ffffc
[ 79.089674][ T5851] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[ 79.089691][ T5851] RSP: 002b:00007fe618f44ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 79.089711][ T5851] RAX: ffffffffffffffda RBX: 00007fe618f44fc0 RCX: 00007fe61a8ffffc
[ 79.089724][ T5851] RDX: 0000000000000020 RSI: 00007fe618f45010 RDI: 000000000000000a
[ 79.089737][ T5851] RBP: 0000000000000000 R08: 00007fe618f44f14 R09: 000000000000000c
[ 79.089803][ T5851] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000000a
[ 79.089817][ T5851] R13: 00007fe618f44f68 R14: 00007fe618f45010 R15: 0000000000000000
[ 79.089893][ T5851] </TASK>
[ 79.332792][ T3311] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 79.364655][ T5859] tmpfs: Bad value for 'mpol'
[ 79.368112][ T5865] loop4: detected capacity change from 0 to 512
[ 79.389860][ T5869] loop5: detected capacity change from 0 to 164
[ 79.429300][ T5880] loop3: detected capacity change from 0 to 128
[ 79.435355][ T5865] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 79.476180][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 79.522935][ T5888] FAULT_INJECTION: forcing a failure.
[ 79.522935][ T5888] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 79.536204][ T5888] CPU: 1 UID: 0 PID: 5888 Comm: syz.5.849 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 79.536230][ T5888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 79.536241][ T5888] Call Trace:
[ 79.536247][ T5888] <TASK>
[ 79.536255][ T5888] dump_stack_lvl+0xf6/0x150
[ 79.536278][ T5888] dump_stack+0x15/0x1a
[ 79.536293][ T5888] should_fail_ex+0x261/0x270
[ 79.536372][ T5888] should_fail+0xb/0x10
[ 79.536402][ T5888] should_fail_usercopy+0x1a/0x20
[ 79.536426][ T5888] _copy_from_user+0x1c/0xa0
[ 79.536471][ T5888] __x64_sys_epoll_ctl+0x93/0xf0
[ 79.536499][ T5888] x64_sys_call+0x2789/0x2e10
[ 79.536569][ T5888] do_syscall_64+0xc9/0x1a0
[ 79.536595][ T5888] ? clear_bhb_loop+0x25/0x80
[ 79.536621][ T5888] ? clear_bhb_loop+0x25/0x80
[ 79.536646][ T5888] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 79.536671][ T5888] RIP: 0033:0x7fa6ac6be169
[ 79.536715][ T5888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 79.536731][ T5888] RSP: 002b:00007fa6aad27038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[ 79.536751][ T5888] RAX: ffffffffffffffda RBX: 00007fa6ac8e5fa0 RCX: 00007fa6ac6be169
[ 79.536762][ T5888] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000005
[ 79.536772][ T5888] RBP: 00007fa6aad27090 R08: 0000000000000000 R09: 0000000000000000
[ 79.536782][ T5888] R10: 0000200000002680 R11: 0000000000000246 R12: 0000000000000001
[ 79.536793][ T5888] R13: 0000000000000000 R14: 00007fa6ac8e5fa0 R15: 00007ffc5ed2d508
[ 79.536857][ T5888] </TASK>
[ 79.750286][ T5896] loop5: detected capacity change from 0 to 538
[ 79.842193][ T5910] tmpfs: Bad value for 'mpol'
[ 79.886041][ T5916] FAULT_INJECTION: forcing a failure.
[ 79.886041][ T5916] name failslab, interval 1, probability 0, space 0, times 0
[ 79.898863][ T5916] CPU: 1 UID: 0 PID: 5916 Comm: syz.0.855 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 79.898896][ T5916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 79.898909][ T5916] Call Trace:
[ 79.898915][ T5916] <TASK>
[ 79.898924][ T5916] dump_stack_lvl+0xf6/0x150
[ 79.898948][ T5916] dump_stack+0x15/0x1a
[ 79.898968][ T5916] should_fail_ex+0x261/0x270
[ 79.899053][ T5916] should_failslab+0x8f/0xb0
[ 79.899081][ T5916] __kmalloc_node_track_caller_noprof+0xaa/0x410
[ 79.899124][ T5916] ? sidtab_sid2str_get+0xb8/0x140
[ 79.899148][ T5916] ? skb_put+0xba/0x100
[ 79.899174][ T5916] kmemdup_noprof+0x2b/0x70
[ 79.899211][ T5916] sidtab_sid2str_get+0xb8/0x140
[ 79.899267][ T5916] security_sid_to_context_core+0x1eb/0x2f0
[ 79.899450][ T5916] security_sid_to_context+0x27/0x30
[ 79.899491][ T5916] avc_audit_post_callback+0x9f/0x540
[ 79.899549][ T5916] ? __pfx_avc_audit_post_callback+0x10/0x10
[ 79.899573][ T5916] common_lsm_audit+0x1c6/0x230
[ 79.899618][ T5916] ? __pfx_avc_audit_post_callback+0x10/0x10
[ 79.899653][ T5916] slow_avc_audit+0xff/0x140
[ 79.899686][ T5916] avc_has_perm+0x124/0x150
[ 79.899767][ T5916] selinux_kernel_load_from_file+0x24a/0x290
[ 79.899801][ T5916] selinux_kernel_read_file+0x8f/0xa0
[ 79.899829][ T5916] security_kernel_read_file+0x48/0x90
[ 79.899855][ T5916] kernel_read_file+0x1f2/0x4f0
[ 79.899926][ T5916] ? __fget_files+0x186/0x1c0
[ 79.899957][ T5916] __se_sys_finit_module+0x2c0/0x450
[ 79.900078][ T5916] __x64_sys_finit_module+0x3e/0x50
[ 79.900116][ T5916] x64_sys_call+0x1d8a/0x2e10
[ 79.900144][ T5916] do_syscall_64+0xc9/0x1a0
[ 79.900174][ T5916] ? clear_bhb_loop+0x25/0x80
[ 79.900200][ T5916] ? clear_bhb_loop+0x25/0x80
[ 79.900242][ T5916] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 79.900268][ T5916] RIP: 0033:0x7f1471f2e169
[ 79.900286][ T5916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 79.900385][ T5916] RSP: 002b:00007f1470597038 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[ 79.900409][ T5916] RAX: ffffffffffffffda RBX: 00007f1472155fa0 RCX: 00007f1471f2e169
[ 79.900424][ T5916] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 79.900438][ T5916] RBP: 00007f1470597090 R08: 0000000000000000 R09: 0000000000000000
[ 79.900453][ T5916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 79.900533][ T5916] R13: 0000000000000000 R14: 00007f1472155fa0 R15: 00007fff56a7d288
[ 79.900559][ T5916] </TASK>
[ 80.157090][ T5919] loop4: detected capacity change from 0 to 164
[ 80.203656][ T5924] loop3: detected capacity change from 0 to 512
[ 80.213394][ T5924] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 80.230305][ T5927] loop4: detected capacity change from 0 to 128
[ 80.267044][ T5927] syz.4.857: attempt to access beyond end of device
[ 80.267044][ T5927] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 80.282854][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 80.298385][ T5927] syz.4.857: attempt to access beyond end of device
[ 80.298385][ T5927] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 80.312693][ T5927] syz.4.857: attempt to access beyond end of device
[ 80.312693][ T5927] loop4: rw=2049, sector=177, nr_sectors = 1 limit=128
[ 80.332324][ T5931] loop3: detected capacity change from 0 to 128
[ 80.483004][ T5938] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 80.498930][ T5938] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 80.510308][ T5938] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 80.521265][ T5938] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 80.549751][ T5938] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 80.558409][ T5938] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 80.572449][ T5938] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 80.605645][ T5938] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 80.626979][ T5946] loop4: detected capacity change from 0 to 512
[ 80.636757][ T5947] netlink: 12 bytes leftover after parsing attributes in process `syz.1.866'.
[ 80.648137][ T5946] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[ 80.665692][ T5946] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[ 80.674385][ T5946] EXT4-fs (loop4): 1 truncate cleaned up
[ 80.680516][ T5946] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 80.702456][ T5946] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 80.712861][ T5898] syz.5.852 (5898) used greatest stack depth: 7288 bytes left
[ 80.736093][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 80.761022][ T5957] tipc: Started in network mode
[ 80.766010][ T5957] tipc: Node identity 66c39090e4b4, cluster identity 4711
[ 80.773326][ T5957] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 80.779991][ T5961] loop5: detected capacity change from 0 to 128
[ 80.787782][ T5956] tipc: Disabling bearer <eth:syzkaller0>
[ 80.862608][ T5969] loop1: detected capacity change from 0 to 128
[ 80.875713][ T5969] syz.1.877: attempt to access beyond end of device
[ 80.875713][ T5969] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[ 80.889473][ T5969] syz.1.877: attempt to access beyond end of device
[ 80.889473][ T5969] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[ 80.903073][ T5969] syz.1.877: attempt to access beyond end of device
[ 80.903073][ T5969] loop1: rw=2049, sector=177, nr_sectors = 1 limit=128
[ 81.157975][ T5985] loop3: detected capacity change from 0 to 512
[ 81.164287][ T5984] loop1: detected capacity change from 0 to 2048
[ 81.167956][ T5985] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[ 81.178860][ T5985] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[ 81.188016][ T5985] EXT4-fs (loop3): 1 truncate cleaned up
[ 81.194092][ T5985] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 81.211658][ T5985] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 81.216717][ T5984] loop1: p1 < > p4
[ 81.224724][ T5984] loop1: p4 size 8388608 extends beyond EOD, truncated
[ 81.242103][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 81.281859][ T5990] loop3: detected capacity change from 0 to 512
[ 81.291066][ T5990] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[ 81.299771][ T5990] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[ 81.318446][ T5990] EXT4-fs (loop3): 1 truncate cleaned up
[ 81.333553][ T5990] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 81.366530][ T5999] netlink: '+}[@': attribute type 3 has an invalid length.
[ 81.373990][ T5998] loop1: detected capacity change from 0 to 2048
[ 81.426273][ T5998] loop1: p2 < > p3 < p5 > p4
[ 81.430996][ T5998] loop1: partition table partially beyond EOD, truncated
[ 81.438503][ T5998] loop1: p2 start 4278190080 is beyond EOD, truncated
[ 81.446223][ T5998] loop1: p4 size 8192 extends beyond EOD, truncated
[ 81.453303][ T5998] loop1: p5 size 8192 extends beyond EOD, truncated
[ 81.631781][ T6018] ==================================================================
[ 81.639921][ T6018] BUG: KCSAN: data-race in __d_instantiate / step_into
[ 81.646630][ T6026] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 81.646809][ T6018]
[ 81.646818][ T6018] write to 0xffff888123e1f4b0 of 8 bytes by task 6024 on cpu 0:
[ 81.654635][ T29] kauditd_printk_skb: 296 callbacks suppressed
[ 81.654654][ T29] audit: type=1400 audit(1745203000.466:7082): avc: denied { connect } for pid=6017 comm="syz.3.893" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 81.655713][ T6018] __d_instantiate+0x1fe/0x3c0
[ 81.694532][ T6018] d_instantiate+0x59/0x80
[ 81.698950][ T6018] shmem_mknod+0x153/0x180
[ 81.703374][ T6018] shmem_mkdir+0x33/0x70
[ 81.707631][ T6018] vfs_mkdir+0x214/0x350
[ 81.711888][ T6018] do_mkdirat+0x13c/0x2e0
[ 81.716235][ T6018] __x64_sys_mkdirat+0x4e/0x60
[ 81.721009][ T6018] x64_sys_call+0x2ce3/0x2e10
[ 81.725716][ T6018] do_syscall_64+0xc9/0x1a0
[ 81.730245][ T6018] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.736139][ T6018]
[ 81.738457][ T6018] read to 0xffff888123e1f4b0 of 8 bytes by task 6018 on cpu 1:
[ 81.746010][ T6018] step_into+0x11c/0x860
[ 81.750257][ T6018] path_openat+0x141f/0x2000
[ 81.754853][ T6018] do_filp_open+0x115/0x240
[ 81.759377][ T6018] io_openat2+0x284/0x3a0
[ 81.763715][ T6018] io_openat+0x1a/0x30
[ 81.767776][ T6018] io_issue_sqe+0x1a9/0xaf0
[ 81.772278][ T6018] io_submit_sqes+0x67f/0x1050
[ 81.777042][ T6018] __se_sys_io_uring_enter+0x1e8/0x1b70
[ 81.782590][ T6018] __x64_sys_io_uring_enter+0x78/0x90
[ 81.787981][ T6018] x64_sys_call+0x26cb/0x2e10
[ 81.792670][ T6018] do_syscall_64+0xc9/0x1a0
[ 81.797187][ T6018] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.803089][ T6018]
[ 81.805407][ T6018] value changed: 0x0000000000000000 -> 0xffff888118870650
[ 81.812508][ T6018]
[ 81.814823][ T6018] Reported by Kernel Concurrency Sanitizer on:
[ 81.820977][ T6018] CPU: 1 UID: 0 PID: 6018 Comm: syz.3.893 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(voluntary)
[ 81.833661][ T6018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 81.843716][ T6018] ==================================================================
[ 81.865193][ T6025] tipc: Disabling bearer <eth:syzkaller0>
[ 82.835830][ T29] audit: type=1400 audit(1745203001.676:7083): avc: denied { egress } for pid=22 comm="ksoftirqd/1" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[ 82.859477][ T29] audit: type=1400 audit(1745203001.676:7084): avc: denied { sendto } for pid=22 comm="ksoftirqd/1" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1