last executing test programs: 2.674813369s ago: executing program 2 (id=142): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000080)={0x1, 0x2}, 0x8) close(r0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) syz_usb_connect(0x0, 0x57, 0x0, 0x0) 1.676269498s ago: executing program 0 (id=210): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000002c0), 0x64, 0x50a, &(0x7f0000000940)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000)) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) syz_mount_image$iso9660(&(0x7f0000000680), &(0x7f0000000000)='./bus\x00', 0x2c12, &(0x7f0000001180)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX=0x0], 0x4, 0xa16, &(0x7f00000015c0)="$eJzs3c1vHOUZAPBn1nZiDEoCpJRGgCehCQZcZ22XpBYH6njXzlLbi2xHIuqBUOJUUdzSklYCVIkgoZ6KWqlVD+0N9dRekLiUS8WtvbWnHipV/Auop3ByNbNre23vem1jex34/azdnY9n3veZj53Xuzu7b3BvWT6+bmx5Ob/tcvzKnw8gYw6xS6VPP/jw/ez27p04El3xXPLXiN6ISCO6I+LRiJ6J0lx1pk1BtyKuRcQnEUlEHI3a47Zci+TX8cDa+CeR/DGrt6Uj2y2Zdpb5Suv08QcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIdRMlEqFoeTI1GZvfJyWhORbjJRmqsmsby8ec7KMjUf571+v/Rx23ojkuwWvb0rXX0/enJt9iMRkZ6Jx2pjj+UdkkdvvH3/Iyeef7i7sLJ8q2y+kKPbL/b2W2/fenVpafGN1iHL79TWYW9yO2SmyrOV+WplZnyqnFbmq+nYhQvF85cn59PJynR5/ur8QnkmnZgrjy9U59KBiafT4bGx0bQ8dLV6ZXaqNDRdXpl48VsjxeKF9MWhl8rjc/PV2fMvDs1PXK5MT1dmp/KYbHYWczE7EL9XWUgXyuMzaXrj5tLi6IacujZu7CxouN2aZEEj7YJGiiMjw8MjI8Pv1nvPXp1w4bmx5y4Wi93FDWJTxD4dtBwu97XezXt8BofdK9Ta/4jpqMRsXImXI236NxGlmItqzLSYX1dr/5OPz54vb1lvY/tfb+W7G2afyu7OxBP10d4W7X+LXPbh7736GX/D9NvxVrwdt+LVWIqlWIw3Di6jQ/E3FeWYjUrMRzUqMRPj+ZS0PiWNsbgQF6IYr8Tl6I/5SGMyKjEd5ZiPqzEfC/H5wkx+dM1FOcZjIaoxF2kMxEQ8HWkMx1iMxWikUY6huBrVuBKzMRWlGM9LuRE38+0+ukWOq0HD2wka2SJoY2OeHes7a//LX9b/BNm2vT+Jwy4t19v/I+1DByYOIiEAAABgz33jH3Hs5EN//29EEo/n78tPVqbLL3Q6LQAAAGAP5ZfrPZY99GRDj0eSvf4vNg9+4GBzAwAAAPZGkn/HLomIvuivDa18E6rFmwAAAADAvSb//P+JSPrXJnj9DwAAAF8y7X9jv21EMrjy87/p9drj9XpEbSzpm6xMl4cmqtPPD8e5/FcG8m8abCqtKyLpyb9+8EycrkWd7qs99q2VmNXZm0UNDz0/HM/EmfqKDDyZPTw50CRypBb5VC3yqcbIrlgXOZpFAsCX3Zkt2uPttv/PxGAtYvBU3uR3n2rSBhe1rABwWKz2sfP5Sgc3m9v/esQTrdr/b2/x+j+LeChu9NcuKRiK1+L1WIrrMRj1Kw76m5W60htB7TKEwS3fDTia9NUvWfjXxUIMbno/oHd1XbNc+ho6ehls9o5Az1p4X7KSw2htStdeb30A6IwzW7bD22v/B9u8/u9zSSEAHCqrPdjvYOCdnQQvvnG70+sIAKynlQYAAAAAAAAAAAAAAAAAAAAAAAAAAIC9t60f8P/nuYilpcWIXXQWsOuB3p1kuPVAIQ4o544PdEVEp2p/IXa8VLaPv0Clf7lvx4sfj8Owm+6FgQ6fmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgQSURXs+mFiKMRUYyI8wef1f650+kE9kq6u8WSu3E33oxje50OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBXXf33/wtRe7y/Nim6CxFnI+JaRHy/0znupbudTqBjfpTfN/z+fyGiJ5aT6K7t9kh6Jkpz1Zls9ydHs/mffvDh+9mtfdmbe1XICshqWNe5RL2Ghik965d6MF+qr7R4+9bPXv9JWrqUH5iXFianSzNTc99dC3wk+ajWBUJjNwgr+f7i7N9+0zD5SL3yj7I1bW5jvZN5vaXN9X692dIt6t2Gm0uLI1lNC+WXF37+45tvNsx6KE5HPDkQMbC+ph9mtxY1nd64PddLPkt+mRyL38e1fP9nWyNZTrJddDxf//tu3FxaHHrt9aXrqzm9sy6nE9EfEdcjerefU39+PmkqP+oKPVmtxTwouzvZprwtNZQ43GK7PpgfMn07Woe09Trk2mz3ekajTTP67U8fjnM73tPn2tTYVPJZ8p/kcvw73mvo/6OQ7f+z0fTZ2aSIPLLhSGmct+7pVahF5ms+0jjjlY1ltnxWsg9+FT+I76zu/0LD+b++rw7mfNRQY/PnRcTOnxd/Or6pRVmTt0gnN7RI9bNPq2XqeZ6sRbXI82vxbET3qR2dUZ5tc0bZr+f/H5KB+F/c0f8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+CURXc2mFyLORsSJiDiejacRyxtj7uyivkJfsps098xucr73JC1XNLkbd+PNOHbQGQEAAAAAAACwPy6VPv3gw/ezW/55fFd8s1Cfk0Z0R8SJ5Hc9E6W56kybgnoirq18pN+7sxyuZXcPrI1/ko092mahzl4+AAD3tP8HAAD//1M1dP0=") bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0) 856.866114ms ago: executing program 4 (id=226): r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f00000007c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100030010651fbe347b2c2b00000c00018008000100", @ANYRES16=r0], 0x20}}, 0x0) 812.678685ms ago: executing program 4 (id=227): r0 = socket$kcm(0x10, 0x2, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0) 763.727516ms ago: executing program 4 (id=230): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r3, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0x6, 0x14, 'syz0\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0x890}, 0x800) 755.302066ms ago: executing program 1 (id=231): syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000c40)='./file0\x00', 0x808080, &(0x7f0000000c80)={[{@discard}, {@bh}, {@noblock_validity}]}, 0x2a, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==") r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(r2, r2, 0x0) quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000202, r2, 0x0) 726.868527ms ago: executing program 0 (id=232): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) msync(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x5, 0xc, 0xfffffffffffffffd, 0x3, 0xffffffffffffffff}) ioctl$SG_BLKTRACETEARDOWN(r1, 0x1276, 0x0) 714.263167ms ago: executing program 4 (id=234): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="02000000040000000700000002"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) alarm(0x1ff) 659.970008ms ago: executing program 4 (id=236): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) shutdown(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0xf24d, 0x4) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x2, 0x0) 514.164941ms ago: executing program 0 (id=239): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r0, 0x0, 0x3}, 0x18) pipe(&(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x2, &(0x7f0000002400)=0x0) io_submit(r3, 0x1, &(0x7f0000000040)=[&(0x7f00000010c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x2}]) fcntl$setpipe(r1, 0x407, 0x401) 501.171371ms ago: executing program 1 (id=240): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000001c0)=@keyring={'key_or_keyring:', r1}) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000280)=@chain={'key_or_keyring:', r2}) 456.049442ms ago: executing program 4 (id=242): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40001) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"}) r1 = syz_open_pts(r0, 0x8182) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x17) 428.401253ms ago: executing program 1 (id=243): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10) sendto$inet6(r1, 0x0, 0x2, 0x0, 0x0, 0x0) 406.160623ms ago: executing program 1 (id=245): perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x141488c, &(0x7f0000000040)={[{@orlov}, {@discard}]}, 0x1, 0x776, &(0x7f0000001180)="$eJzs3c1rHOUfAPDvbJKmTfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBLSJ4EVQ8CHrp2Zd68+rLVf8LD2KpmhYrHiQym9l02+ymSZrsVvfzgck+z8xsnue78/I8u/MwE0DPGk3/5CIOR8T7ScRwNj+JiIF6qj/i5Np6t1aWD8TKcjGJ1dVXf0vq69xcWS5G03tSB7PMoxHx3TsRR3Iby60uLs0UyuXSfJYfr81eGK8uLh09P1uYLk2X5o5PTE4eO/HMieO7F+sfPy4duvbBS09+efKvtx+5+t73SZyMQ9my5jh2y2iMZp/JQPoR3uHF3S6sy5JuV4AdSQ/NvrWjPA7HcPTVUwDAf9mbEbEKAPSYRPsPAD2m8TvAzZXlYmPq7i8SnXX9hYjYvxb/rWxaW9KfXbPbX78OOnQzuePKSBIRI7tQ/mhEfPr165+nU+zRdUiAVt66HBFnR0Y3nv+TDWMWtuupTZbty15H75rv/Aed803a/3m2Vf8vt97/iRb9n8EWx+5O3PP4P7ALhWwi7f89vza27a7+3/qgtZG+LPe/ep9vIDl3vlxKz23/j4ixGBhM8xOblDF24+8b7ZY19/9+//CNz9Ly09fba+R+6R+88z1ThVrhfmJudv1yxGP9reJP1rd/0qb/e3qLZbz83LuftFuWxp/G25g2xh/Z6KS9sXol4omW2//2iLZk0/GJ4/XdYbyxU7Tw1U8fD7Urv3n7p1NafuO7QCek239o8/hHkubxmtXtl/HDleFv2y27d/yt9/99yWv1dKMfcalQq81PROxLXtk4/9jt9zbyjfXT+Mceb338b7b/p98Jz24x/v5rv36x8/j3Vhr/1La2//YTV2/N9LUrf2vbf7KeGsvmbOX8t9UK3s9nBwAAAAAAAAAAAAAAAAAAAAAAAABblYuIQ5Hk8uvpXC6fX3uG98MxlCtXqrUj5yoLc1NRf1b2SAzkGre6HG66H+pEdj/8Rv7YXfmnI+KhiPho8EDSuI/iVJdjBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICGg22e/5/6ebDbtQMA9sz+blcAAOg47T8A9B7tPwD0Hu0/APQe7T8A9B7tPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHvs9KlT6bT658pyMc1PXVxcmKlcPDpVqs7kZxeK+WJl/kJ+ulKZLpfyxcrsvf5fuVK5MBlzC5fGa6Vqbby6uHRmtrIwVztzfrYwXTpTGuhIVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwPdXFpZlCuVyal9hBYvXBqEb3E33Z7vSg1KejieTBqMYuJ7p8YgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4l/gnAAD//xdTIa8=") sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0) 384.131433ms ago: executing program 0 (id=246): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4005, &(0x7f0000000c00)=0xb, 0x6, 0x2) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000c00)=0xc, 0x6, 0x2) 342.396764ms ago: executing program 0 (id=248): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a3000"], 0xd8}}, 0x0) 305.650955ms ago: executing program 3 (id=249): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005bc0)=ANY=[@ANYBLOB="4800000010000b042dbd70080000000000000000", @ANYRES32=0x0, @ANYBLOB="f224000000000000280012800b0001006d61637365630000180002800c0004000200000100c28000050003"], 0x48}}, 0x0) 289.146985ms ago: executing program 0 (id=250): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000100)={0x18}) 199.843197ms ago: executing program 2 (id=251): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r0, &(0x7f0000000780)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x4, @loopback, 0x3}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x3404c8d4) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xfa, 0x1, [0x2]}, 0xa) 193.252587ms ago: executing program 1 (id=252): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28012, r2, 0x0) 174.576937ms ago: executing program 3 (id=253): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18) r2 = socket$rds(0x15, 0x5, 0x0) bind$rds(r2, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r2, &(0x7f0000000540)={&(0x7f0000000300)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0x10}}], 0x30, 0x8010}, 0x0) 147.187568ms ago: executing program 2 (id=254): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) listen(r0, 0x0) r1 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x801}, 0x4000045) ppoll(&(0x7f0000000600)=[{r1, 0x200}], 0x1, &(0x7f0000000580), 0x0, 0x0) 141.984028ms ago: executing program 3 (id=255): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x20040, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x1}}, './file0\x00'}) 119.924878ms ago: executing program 2 (id=256): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r2, 0xffffffffffffffff, 0x0) 95.369499ms ago: executing program 3 (id=257): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x80100, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000080)={{0x1, 0x1, 0x18}, './file0\x00'}) 78.548569ms ago: executing program 2 (id=258): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xf7}, 0x18) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x400448e7, 0x0) close(r2) 76.588779ms ago: executing program 1 (id=259): r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r0, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) 48.8561ms ago: executing program 3 (id=260): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) msgget(0x3, 0x710) r0 = msgget(0x2, 0x624) msgctl$IPC_RMID(r0, 0x0) msgget(0x1, 0x240) msgctl$IPC_RMID(0x0, 0x0) 10.32937ms ago: executing program 2 (id=261): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0) mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb:\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00 [ 40.855824][ T3289] loop0: partition table partially beyond EOD, truncated [ 40.865770][ T3289] loop0: p1 start 16777224 is beyond EOD, truncated [ 40.872613][ T3289] loop0: p2 size 515840 extends beyond EOD, truncated [ 40.881976][ T3289] loop0: p4 start 16777216 is beyond EOD, truncated [ 40.931049][ T3695] loop0: p1 p2 p4 < > [ 40.935291][ T3695] loop0: partition table partially beyond EOD, truncated [ 40.951182][ T3695] loop0: p1 start 16777224 is beyond EOD, truncated [ 40.957921][ T3695] loop0: p2 size 515840 extends beyond EOD, truncated [ 41.005698][ T3695] loop0: p4 start 16777216 is beyond EOD, truncated [ 41.061154][ T3748] program syz.4.93 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 41.101374][ T3751] SELinux: failed to load policy [ 41.115288][ T3753] loop4: detected capacity change from 0 to 512 [ 41.131428][ T3753] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 41.144611][ T3753] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 41.208914][ T3753] EXT4-fs (loop4): 1 truncate cleaned up [ 41.232511][ T3753] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 41.247209][ T3763] netlink: 'syz.1.99': attribute type 1 has an invalid length. [ 41.270228][ T3753] EXT4-fs error (device loop4): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.4.96: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 41.299494][ T3753] EXT4-fs (loop4): Remounting filesystem read-only [ 41.382557][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.459084][ T3777] macvlan1: entered promiscuous mode [ 41.470095][ T3777] ipvlan0: entered promiscuous mode [ 41.476056][ T3777] ipvlan0: left promiscuous mode [ 41.483617][ T3777] macvlan1: left promiscuous mode [ 41.592157][ T3777] syz.3.106 (3777) used greatest stack depth: 10720 bytes left [ 41.759007][ T3823] netlink: 'syz.4.122': attribute type 21 has an invalid length. [ 41.766962][ T3823] netlink: 'syz.4.122': attribute type 1 has an invalid length. [ 41.920025][ T3844] loop0: detected capacity change from 0 to 512 [ 41.952691][ T3844] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.966962][ T3844] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 41.979539][ T3844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.985988][ T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4 [ 41.996625][ T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2 [ 42.005091][ T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x3 [ 42.019249][ T23] hid-generic 0000:3000000:0000.0001: hidraw0: HID v0.00 Device [sy] on syz0 [ 42.193666][ T3882] 9pnet: p9_errstr2errno: server reported unknown error @c$ [ 42.420236][ T3922] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 42.420236][ T3922] program syz.3.165 not setting count and/or reply_len properly [ 42.470384][ T3926] netlink: 'syz.3.167': attribute type 3 has an invalid length. [ 42.527692][ T3930] vhci_hcd: invalid port number 96 [ 42.532842][ T3930] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 42.574655][ T3936] veth1_to_bridge: entered promiscuous mode [ 42.581154][ T3936] veth1_to_bridge: left promiscuous mode [ 42.687634][ T3955] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 42.843688][ T3981] loop1: detected capacity change from 0 to 512 [ 42.880440][ T3981] ======================================================= [ 42.880440][ T3981] WARNING: The mand mount option has been deprecated and [ 42.880440][ T3981] and is ignored by this kernel. Remove the mand [ 42.880440][ T3981] option from the mount to silence this warning. [ 42.880440][ T3981] ======================================================= [ 42.929556][ T3981] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.961204][ T3981] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 42.971868][ T3983] SELinux: failed to load policy [ 42.994556][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.126807][ T4016] loop0: detected capacity change from 0 to 512 [ 43.146985][ T4016] EXT4-fs (loop0): orphan cleanup on readonly fs [ 43.198888][ T4016] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.210: bg 0: block 248: padding at end of block bitmap is not set [ 43.246098][ T4016] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.210: Failed to acquire dquot type 1 [ 43.272200][ T4027] loop3: detected capacity change from 0 to 1024 [ 43.296607][ T4016] EXT4-fs (loop0): 1 truncate cleaned up [ 43.307313][ T29] kauditd_printk_skb: 338 callbacks suppressed [ 43.307331][ T29] audit: type=1326 audit(2000000001.070:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4031 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9942d7eec9 code=0x7ffc0000 [ 43.337863][ T4027] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 43.339542][ T4016] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 43.365213][ T29] audit: type=1326 audit(2000000001.070:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4031 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9942d7eec9 code=0x7ffc0000 [ 43.388536][ T29] audit: type=1326 audit(2000000001.081:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4031 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9942d7eec9 code=0x7ffc0000 [ 43.411998][ T29] audit: type=1326 audit(2000000001.081:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4031 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9942d7eec9 code=0x7ffc0000 [ 43.435373][ T29] audit: type=1326 audit(2000000001.081:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4031 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9942d7eec9 code=0x7ffc0000 [ 43.458768][ T29] audit: type=1326 audit(2000000001.081:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4031 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9942d7eec9 code=0x7ffc0000 [ 43.471348][ T4027] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.215: Allocating blocks 449-513 which overlap fs metadata [ 43.482080][ T29] audit: type=1326 audit(2000000001.081:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4031 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9942d7eec9 code=0x7ffc0000 [ 43.519297][ T29] audit: type=1326 audit(2000000001.081:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4031 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9942d7eec9 code=0x7ffc0000 [ 43.542669][ T29] audit: type=1326 audit(2000000001.081:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4031 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9942d7eec9 code=0x7ffc0000 [ 43.552534][ T4026] EXT4-fs (loop3): pa ffff8881072ea070: logic 48, phys. 177, len 21 [ 43.574077][ T4026] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 43.604017][ T4041] Invalid ELF header magic: != ELF [ 43.624602][ T29] audit: type=1326 audit(2000000001.144:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4031 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9942d7eec9 code=0x7ffc0000 [ 43.654452][ T4043] pimreg: entered allmulticast mode [ 43.669754][ T4016] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 43.679999][ T4027] syz.3.215 (4027) used greatest stack depth: 10592 bytes left [ 43.696315][ T4043] pimreg: left allmulticast mode [ 43.713658][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.750738][ T4016] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 43.781444][ T4048] sd 0:0:1:0: device reset [ 43.824931][ T4016] ext4 filesystem being remounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 43.948619][ T4016] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.210: Failed to acquire dquot type 1 [ 43.976640][ T4058] openvswitch: netlink: Message has 6 unknown bytes. [ 44.040121][ T4016] syz.0.210 (4016) used greatest stack depth: 9280 bytes left [ 44.048002][ T4064] loop1: detected capacity change from 0 to 512 [ 44.065530][ T4066] loop3: detected capacity change from 0 to 128 [ 44.073937][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.084785][ T4064] EXT4-fs: Ignoring removed bh option [ 44.094326][ T4064] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 44.103626][ T4064] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 44.144565][ T4064] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 44.159227][ T4064] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 44.169010][ T4064] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.275325][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.414912][ T4094] loop1: detected capacity change from 0 to 2048 [ 44.437543][ T4094] EXT4-fs: Ignoring removed orlov option [ 44.455862][ T4094] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.471545][ T4094] __nla_validate_parse: 11 callbacks suppressed [ 44.471616][ T4094] netlink: 4 bytes leftover after parsing attributes in process `syz.1.245'. [ 44.506988][ T4094] netlink: 4 bytes leftover after parsing attributes in process `syz.1.245'. [ 44.509850][ T10] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 44.546738][ T10] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 44.586982][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.784712][ T4122] ================================================================== [ 44.792860][ T4122] BUG: KCSAN: data-race in selinux_inode_permission / selinux_inode_permission [ 44.801860][ T4122] [ 44.804197][ T4122] write to 0xffff888119dac820 of 4 bytes by task 4129 on cpu 0: [ 44.811849][ T4122] selinux_inode_permission+0x3ac/0x740 [ 44.817498][ T4122] security_inode_permission+0x6d/0xb0 [ 44.823007][ T4122] inode_permission+0x106/0x310 [ 44.827907][ T4122] link_path_walk+0x162/0x900 [ 44.832635][ T4122] path_openat+0x1de/0x2170 [ 44.837169][ T4122] do_filp_open+0x109/0x230 [ 44.841696][ T4122] io_openat2+0x272/0x390 [ 44.846065][ T4122] io_openat+0x1b/0x30 [ 44.850175][ T4122] __io_issue_sqe+0xfb/0x2e0 [ 44.854799][ T4122] io_issue_sqe+0x53/0x970 [ 44.859241][ T4122] io_wq_submit_work+0x3f7/0x5f0 [ 44.864218][ T4122] io_worker_handle_work+0x44e/0x9b0 [ 44.869541][ T4122] io_wq_worker+0x22e/0x870 [ 44.874072][ T4122] ret_from_fork+0x11f/0x1b0 [ 44.878682][ T4122] ret_from_fork_asm+0x1a/0x30 [ 44.883477][ T4122] [ 44.885819][ T4122] read to 0xffff888119dac820 of 4 bytes by task 4122 on cpu 1: [ 44.893471][ T4122] selinux_inode_permission+0x334/0x740 [ 44.896220][ T4128] loop2: detected capacity change from 0 to 1024 [ 44.899057][ T4122] security_inode_permission+0x6d/0xb0 [ 44.910873][ T4122] inode_permission+0x106/0x310 [ 44.915760][ T4122] link_path_walk+0x162/0x900 [ 44.920474][ T4122] path_openat+0x1de/0x2170 [ 44.924983][ T4122] do_filp_open+0x109/0x230 [ 44.929492][ T4122] io_openat2+0x272/0x390 [ 44.933862][ T4122] io_openat+0x1b/0x30 [ 44.937958][ T4122] __io_issue_sqe+0xfb/0x2e0 [ 44.942558][ T4122] io_issue_sqe+0x53/0x970 [ 44.946985][ T4122] io_submit_sqes+0x675/0x1060 [ 44.951760][ T4122] __se_sys_io_uring_enter+0x1c1/0x1b70 [ 44.957324][ T4122] __x64_sys_io_uring_enter+0x78/0x90 [ 44.962710][ T4122] x64_sys_call+0x2de1/0x2ff0 [ 44.967398][ T4122] do_syscall_64+0xd2/0x200 [ 44.971927][ T4122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 44.977829][ T4122] [ 44.980159][ T4122] value changed: 0x00000003 -> 0x00000000 [ 44.985880][ T4122] [ 44.988208][ T4122] Reported by Kernel Concurrency Sanitizer on: [ 44.994395][ T4122] CPU: 1 UID: 0 PID: 4122 Comm: syz.1.259 Not tainted syzkaller #0 PREEMPT(voluntary) [ 45.004127][ T4122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 45.014197][ T4122] ================================================================== [ 45.028440][ T4128] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 45.039364][ T4128] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 45.051288][ T4128] JBD2: no valid journal superblock found [ 45.057069][ T4128] EXT4-fs (loop2): Could not load journal inode [ 45.085878][ T4128] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22